openstack/fuel-main
Code Issues Proposed changes

[FUEL-777] remove puppet modules from fuelweb root

Browse Source
This commit is contained in:
Vladimir Kuklin 2013-07-11 18:07:43 +04:00 committed by default
parent cc8df9101b
commit 5b77db2d21
116 changed files with 7 additions and 7484 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config.mk
View File

@ -93,8 +93,8 @@ MIRROR_GEMS?=http://rubygems.org
REQUIRED_RPMS:=$(shell grep -v "^\\s*\#" $(SOURCE_DIR)/requirements-rpm.txt)
REQUIRED_EGGS:=$(shell grep -v "^\\s*\#" $(SOURCE_DIR)/requirements-eggs.txt)
REQUIRED_SRCS:=$(shell grep -v ^\\s*\# $(SOURCE_DIR)/requirements-src.txt)
REQ_RHEL_RPMS:=$(shell grep -v "^\\s*\#" $(SOURCE_DIR)/puppet/rpmcache/files/required-rpms.txt)
REQ_FUEL_RHEL_RPMS:=$(shell grep -v "^\\s*\#" $(SOURCE_DIR)/puppet/rpmcache/files/req-fuel-rhel.txt)
REQ_RHEL_RPMS:=$(shell grep -v "^\\s*\#" $(SOURCE_DIR)/fuel/deployment/puppet/rpmcache/files/required-rpms.txt)
REQ_FUEL_RHEL_RPMS:=$(shell grep -v "^\\s*\#" $(SOURCE_DIR)/fuel/deployment/puppet/rpmcache/files/req-fuel-rhel.txt)
# Which repositories to use for making local centos mirror.
# Possible values you can find out from mirror/centos/yum_repos.mk file.

2
fuel

@ -1 +1 @@
Subproject commit c7ae6d5610caa748d3a266bf29df7a1ba9cdc8c5
Subproject commit 06944a041255be6e67cbeb2df081a95f26a5a3dd

2
iso/bootstrap_admin_node.sh
View File

@ -1,3 +1,3 @@
#!/bin/bash
puppet apply --modulepath=/opt/nailgun_puppet /opt/nailgun_puppet/nailgun/examples/site.pp
puppet apply /etc/puppet/modules/nailgun/examples/site.pp

6
iso/ks.template
View File

@ -251,12 +251,12 @@ chmod 600 /root/.ssh/bootstrap.rsa
# Unpacking puppet manifests for master and slave
cp ${SOURCE}/puppet-slave.tgz ${repodir}/
mkdir -p /opt/nailgun_puppet
tar zxf ${SOURCE}/puppet-nailgun.tgz -C /opt/nailgun_puppet
#mkdir -p /opt/nailgun_puppet
#tar zxf ${SOURCE}/puppet-nailgun.tgz -C /opt/nailgun_puppet
tar zxf ${SOURCE}/puppet-slave.tgz -C /etc/puppet/modules
mkdir -p /etc/puppet/manifests/
cp /etc/puppet/modules/osnailyfacter/examples/site.pp /etc/puppet/manifests/site.pp
ln -s /etc/puppet/modules/mcollective /etc/puppet/modules/nailgun /etc/puppet/modules/osnailyfacter /etc/puppet/modules/stdlib /etc/puppet/modules/rabbitmq /etc/puppet/modules/puppetdb/ /etc/puppet/modules/postgresql/ /etc/puppet/modules/inifile/ /etc/puppet/modules/sysctl/ /opt/nailgun_puppet/
#ln -s /etc/puppet/modules/mcollective /etc/puppet/modules/nailgun /etc/puppet/modules/osnailyfacter /etc/puppet/modules/stdlib /etc/puppet/modules/rabbitmq /etc/puppet/modules/puppetdb/ /etc/puppet/modules/postgresql/ /etc/puppet/modules/inifile/ /etc/puppet/modules/sysctl/ /opt/nailgun_puppet/
# Prepare local repository specification
rm /etc/yum.repos.d/CentOS*.repo

7
iso/module.mk
View File

@ -61,7 +61,6 @@ $(BUILD_DIR)/iso/isoroot-files.done: \
$(ISOROOT)/bootstrap_admin_node.sh \
$(ISOROOT)/bootstrap_admin_node.conf \
$(ISOROOT)/version.yaml \
$(ISOROOT)/puppet-nailgun.tgz \
$(ISOROOT)/puppet-slave.tgz
$(ACTION.TOUCH)
@ -82,14 +81,8 @@ $(ISOROOT)/version.yaml:
echo "PRODUCT_VERSION: $(PRODUCT_VERSION)" >> $@
echo "FUEL_COMMIT_SHA: $(FUEL_COMMIT_SHA)" >> $@
$(ISOROOT)/puppet-nailgun.tgz: \
$(call find-files,$(SOURCE_DIR)/puppet) \
$(SOURCE_DIR)/bin/send2syslog.py
(cd $(SOURCE_DIR)/puppet && tar chzf $@ *)
$(ISOROOT)/puppet-slave.tgz: \
$(call find-files,$(SOURCE_DIR)/puppet/nailytest) \
$(call find-files,$(SOURCE_DIR)/fuel/deployment/puppet)
(cd $(SOURCE_DIR)/puppet && tar cf $(ISOROOT)/puppet-slave.tar nailytest)
(cd $(SOURCE_DIR)/fuel/deployment/puppet && tar rf $(ISOROOT)/puppet-slave.tar ./*)
gzip -c -9 $(ISOROOT)/puppet-slave.tar > $@ && \
rm $(ISOROOT)/puppet-slave.tar

8
puppet/cobbler/Modulefile
View File

@ -1,8 +0,0 @@
name 'cobbler'
version '0.0.1'
source 'https://github.com/Mirantis/recipes-library/cobbler'
author 'Mirantis Inc.'
license 'Apache License 2.0'
summary 'Mirantis Cobbler Module'
description 'Module to install cobbler provisioning system'
project_page 'https://github.com/Mirantis/recipes-library'

146
puppet/cobbler/examples/cobbler_system.py
View File

@ -1,146 +0,0 @@
#!/usr/bin/env python
import sys
import re
import shlex
import yaml
import argparse
import logging
import subprocess
import StringIO
console = logging.StreamHandler()
# formatter = logging.Formatter('%(asctime)s %(name)-12s %(levelname)-8s %(message)s')
formatter = logging.Formatter('%(message)s')
console.setFormatter(formatter)
logger = logging.getLogger()
logger.setLevel(logging.DEBUG)
logger.addHandler(console)
def system_command(command, expected_resultcodes=(0,)):
commands = [ i.strip() for i in re.split(ur'\|', command)]
process = []
process.append(subprocess.Popen(shlex.split(commands[0]),
stdin=None,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE))
for c in commands[1:]:
process[-1].wait()
process.append(subprocess.Popen(shlex.split(c),
stdin=process[-1].stdout,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE))
process[-1].wait()
serr = []
for p in process:
serr += [ err.strip() for err in p.stderr.readlines() ]
returncode = process[-1].returncode
if expected_resultcodes and not returncode in expected_resultcodes:
logger.error("""Command: '%s'\nreturned not expected \
value: %d\nstdout:\n%s\nstderr:\n%s""" % \
(command, returncode,
process[-1].stdout.read().rstrip('\n'),
'\n'.join(serr).rstrip('\n')))
sys.exit(1)
else:
logger.debug("Command '%s' returned %d" % (command, returncode))
return returncode
def is_system_exist(system_name):
command = """/usr/bin/cobbler system find \
--name=%s | grep \"^%s$\" """ % (system_name, system_name)
logger.debug("Running command: %s" % command)
code = system_command(command, expected_resultcodes=(0, 1))
return code == 0
def update_system(system_name, system_dict):
addedit = 'add'
if is_system_exist(system_name):
addedit = 'edit'
command = ["""/usr/bin/cobbler system %s --name='%s' --hostname='%s'""" % \
(addedit, system_name, system_dict['hostname'])]
ksmeta = system_dict.get('ksmeta', '')
for opt in system_dict:
if opt in ('interfaces', 'ksmeta', 'interfaces_extra'):
continue
command.append("""--%s='%s'""" % (opt, system_dict[opt]))
for int_name in system_dict.get('interfaces_extra',{}):
int_extra_dict = system_dict['interfaces_extra'][int_name]
for int_extra in int_extra_dict:
ksmeta = """%s interface_extra_%s_%s=%s""" % \
(ksmeta, int_name, int_extra, int_extra_dict[int_extra])
command.append("""--ksmeta='%s'""" % ksmeta)
command = " ".join(command)
logger.info("Running command: %s" % command)
return system_command(command) == 0
def update_system_interfaces(system_name, interfaces_dict):
addedit = 'add'
if is_system_exist(system_name):
addedit = 'edit'
code = set([0])
for interface_name in interfaces_dict:
logger.info("=== Defining interface ===: %s" % interface_name)
int_opts = interfaces_dict[interface_name]
command = ["""/usr/bin/cobbler system %s --name='%s' \
--interface='%s'""" % (addedit, system_name, interface_name)]
for opt in int_opts:
logger.debug("Interface option: %s = %s" % (opt, int_opts[opt]))
command.append("""--%s='%s'""" % (opt, int_opts[opt]))
command = " ".join(command)
logger.info("Running command: %s" % command)
code.union(set([system_command(command)]))
return len(code) == 0
def main():
parser = argparse.ArgumentParser()
parser.add_argument("-f", "--file", dest="file",
metavar="YAML_FILE", type=str,
help="nodes yaml file")
parser.add_argument("-l", "--level", dest="log_level", type=str,
help="log level, one of DEBUG, INFO, WARNING, ERROR",
choices=["DEBUG", "INFO", "WARNING", "ERROR"],
default="INFO", metavar="LEVEL")
params = parser.parse_args()
numeric_level = getattr(logging, params.log_level.upper())
logger.setLevel(numeric_level)
if params.file is None:
parser.error("Yaml file must be defined with -f option.")
with open(params.file, 'r') as file:
nodes = yaml.load(file.read())
for name in nodes:
logger.info("====== Defining node ======: %s" % name)
update_system(name, nodes[name])
update_system_interfaces(name, nodes[name]['interfaces'])
if __name__ == "__main__":
main()

156
puppet/cobbler/examples/nodes.yaml
View File

@ -1,156 +0,0 @@
fuel-01:
profile: "centos63-x86_64"
netboot-enabled: "1"
ksmeta: "puppet_auto_setup=1 \
puppet_master=fuel-pm.mirantis.com \
puppet_version=2.7.19 \
puppet_enable=0 \
mco_auto_setup=1 \
mco_pskey=un0aez2ei9eiGaequaey4loocohjuch4Ievu3shaeweeg5Uthi \
mco_stomphost=10.0.0.100 \
mco_stompport=61613 \
mco_stompuser=mcollective \
mco_stomppassword=AeN5mi5thahz2Aiveexo \
mco_enable=1"
hostname: "fuel-01"
name-servers: "10.0.0.100"
name-servers-search: "mirantis.com"
interfaces:
eth0:
mac: "52:54:00:e6:dc:c9"
static: "0"
eth1:
mac: "52:54:00:0a:39:ec"
static: "1"
ip-address: "10.0.0.101"
netmask: "255.255.255.0"
dns-name: "fuel-01.mirantis.com"
eth2:
mac: "52:54:00:ae:22:04"
static: "1"
interfaces_extra:
eth0:
peerdns: "no"
eth1:
peerdns: "no"
eth2:
promisc: "yes"
userctl: "yes"
peerdns: "no"
fuel-02:
profile: "centos63-x86_64"
netboot-enabled: "1"
ksmeta: "puppet_auto_setup=1 \
puppet_master=fuel-pm.mirantis.com \
puppet_version=2.7.19 \
puppet_enable=0 \
mco_auto_setup=1 \
mco_pskey=un0aez2ei9eiGaequaey4loocohjuch4Ievu3shaeweeg5Uthi \
mco_stomphost=10.0.0.100 \
mco_stompport=61613 \
mco_stompuser=mcollective \
mco_stomppassword=AeN5mi5thahz2Aiveexo \
mco_enable=1"
hostname: "fuel-02"
name-servers: "10.0.0.100"
name-servers-search: "mirantis.com"
interfaces:
eth0:
mac: "52:54:00:b4:a5:25"
static: "0"
eth1:
mac: "52:54:00:e4:46:5c"
static: "1"
ip-address: "10.0.0.102"
netmask: "255.255.255.0"
dns-name: "fuel-02.mirantis.com"
eth2:
mac: "52:54:00:28:f8:06"
static: "1"
interfaces_extra:
eth0:
peerdns: "no"
eth1:
peerdns: "no"
eth2:
promisc: "yes"
userctl: "yes"
peerdns: "no"
fuel-03:
profile: "centos63-x86_64"
netboot-enabled: "1"
ksmeta: "puppet_auto_setup=1 \
puppet_master=fuel-pm.mirantis.com \
puppet_version=2.7.19 \
puppet_enable=0 \
mco_auto_setup=1 \
mco_pskey=un0aez2ei9eiGaequaey4loocohjuch4Ievu3shaeweeg5Uthi \
mco_stomphost=10.0.0.100 \
mco_stompport=61613 \
mco_stompuser=mcollective \
mco_stomppassword=AeN5mi5thahz2Aiveexo \
mco_enable=1"
hostname: "fuel-03"
name-servers: "10.0.0.100"
name-servers-search: "mirantis.com"
interfaces:
eth0:
mac: "52:54:00:78:23:b7"
static: "0"
eth1:
mac: "52:54:00:09:04:40"
static: "1"
ip-address: "10.0.0.103"
netmask: "255.255.255.0"
dns-name: "fuel-03.mirantis.com"
eth2:
mac: "52:54:00:84:60:bf"
static: "1"
interfaces_extra:
eth0:
peerdns: "no"
eth1:
peerdns: "no"
eth2:
promisc: "yes"
userctl: "yes"
peerdns: "no"
fuel-04:
profile: "centos63-x86_64"
netboot-enabled: "1"
ksmeta: "puppet_auto_setup=1 \
puppet_master=fuel-pm.mirantis.com \
puppet_version=2.7.19 \
puppet_enable=0 \
mco_auto_setup=1 \
mco_pskey=un0aez2ei9eiGaequaey4loocohjuch4Ievu3shaeweeg5Uthi \
mco_stomphost=10.0.0.100 \
mco_stompport=61613 \
mco_stompuser=mcollective \
mco_stomppassword=AeN5mi5thahz2Aiveexo \
mco_enable=1"
hostname: "fuel-04"
name-servers: "10.0.0.100"
name-servers-search: "mirantis.com"
interfaces:
eth0:
mac: "52:54:00:27:49:44"
static: "0"
eth1:
mac: "52:54:00:68:ff:9b"
static: "1"
ip-address: "10.0.0.104"
netmask: "255.255.255.0"
dns-name: "fuel-04.mirantis.com"
eth2:
mac: "52:54:00:19:0d:56"
static: "1"
interfaces_extra:
eth0:
peerdns: "no"
eth1:
peerdns: "no"
eth2:
promisc: "yes"
userctl: "yes"
peerdns: "no"

97
puppet/cobbler/examples/server_site.pp
View File

@ -1,97 +0,0 @@
$server = '10.0.0.100'
$domain_name = 'mirantis.com'
$name_server = '10.0.0.100'
$next_server = '10.0.0.100'
$dhcp_start_address = '10.0.0.201'
$dhcp_end_address = '10.0.0.254'
$dhcp_netmask = '255.255.255.0'
$dhcp_gateway = '10.0.0.100'
$cobbler_user = 'cobbler'
$cobbler_password = 'cobbler'
$pxetimeout = '0'
$dhcp_interface = 'eth0'
stage {'openstack-custom-repo': before => Stage['main']}
case $::osfamily {
'Debian': {
class { 'apt':
stage => 'openstack-ci-repo'
}->
class { 'openstack::repo::apt':
key => '420851BC',
location => 'http://172.18.66.213/deb',
key_source => 'http://172.18.66.213/gpg.pub',
origin => '172.18.66.213',
stage => 'openstack-ci-repo'
}
}
'RedHat': {
class { 'openstack::repo::yum':
repo_name => 'openstack-epel-fuel',
location => 'http://download.mirantis.com/epel-fuel',
key_source => 'https://fedoraproject.org/static/0608B895.txt',
stage => 'openstack-custom-repo',
}
}
default: {
fail("Unsupported osfamily: ${osfamily} for os ${operatingsystem}")
}
}
node fuel-cobbler {
class { cobbler::server:
server => $server,
domain_name => $domain_name,
name_server => $name_server,
next_server => $next_server,
dhcp_start_address => $dhcp_start_address,
dhcp_end_address => $dhcp_end_address,
dhcp_netmask => $dhcp_netmask,
dhcp_gateway => $dhcp_gateway,
dhcp_interface => $dhcp_interface,
cobbler_user => $cobbler_user,
cobbler_password => $cobbler_password ,
pxetimeout => $pxetimeout,
}
Class[cobbler::server] ->
Class[cobbler::distro::centos63-x86_64]
# class { cobbler::distro::centos63-x86_64:
# http_iso => "http://10.100.0.1/iso/CentOS-6.3-x86_64-netinstall.iso",
# ks_url => "http://172.18.8.52/~hex/centos/6.3/os/x86_64",
# }
class { cobbler::distro::centos63-x86_64:
http_iso => "http://172.18.67.168/CentOS-6.3-x86_64-minimal.iso",
ks_url => "cobbler",
}
Class[cobbler::distro::centos63-x86_64] ->
Class[cobbler::profile::centos63-x86_64]
class { cobbler::profile::centos63-x86_64: }
# RHEL distribution
# class { cobbler::distro::rhel63-x86_64:
# http_iso => "http://address/of/rhel-server-6.3-x86_64-boot.iso",
# ks_url => "http://address/of/rhel/base/mirror/6.3/os/x86_64",
# }
#
# Class[cobbler::distro::rhel63-x86_64] ->
# Class[cobbler::profile::rhel63-x86_64]
#
# class { cobbler::profile::rhel63-x86_64: }
# IT IS NEEDED IN ORDER TO USE cobbler_system.py SCRIPT
# WHICH USES argparse PYTHON MODULE
package {"python-argparse": }
}

81
puppet/cobbler/examples/site.pp
View File

@ -1,81 +0,0 @@
node default {
notify { "test-notification-${hostname}": }
}
node /^(fuel-pm|fuel-cobbler).mirantis.com/ {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
exec { "enable_forwarding":
command => "echo 1 > /proc/sys/net/ipv4/ip_forward",
unless => "cat /proc/sys/net/ipv4/ip_forward | grep -q 1",
}
exec { "enable_nat_all":
command => "iptables -t nat -I POSTROUTING 1 -s 10.0.0.0/24 ! -d 10.0.0.0/24 -j MASQUERADE; \
/etc/init.d/iptables save",
unless => "iptables -t nat -S POSTROUTING | grep -q \"^-A POSTROUTING -s 10.0.0.0/24 ! -d 10.0.0.0/24 -j MASQUERADE\""
}
exec { "enable_nat_filter":
command => "iptables -t filter -I FORWARD 1 -j ACCEPT; \
/etc/init.d/iptables save",
unless => "iptables -t filter -S FORWARD | grep -q \"^-A FORWARD -j ACCEPT\""
}
class { cobbler::server:
server => '10.0.0.100',
domain_name => 'mirantis.com',
name_server => '10.0.0.100',
next_server => '10.0.0.100',
dhcp_start_address => '10.0.0.201',
dhcp_end_address => '10.0.0.254',
dhcp_netmask => '255.255.255.0',
dhcp_gateway => '10.0.0.100',
dhcp_interface => 'eth1',
cobbler_user => 'cobbler',
cobbler_password => 'cobbler',
pxetimeout => '0'
}
Class[cobbler::server] ->
Class[cobbler::distro::centos63-x86_64]
# class { cobbler::distro::centos63-x86_64:
# http_iso => "http://10.100.0.1/iso/CentOS-6.3-x86_64-netinstall.iso",
# ks_url => "http://172.18.8.52/~hex/centos/6.3/os/x86_64",
# }
class { cobbler::distro::centos63-x86_64:
http_iso => "http://10.0.0.1/iso/CentOS-6.3-x86_64-minimal.iso",
ks_url => "cobbler",
}
Class[cobbler::distro::centos63-x86_64] ->
Class[cobbler::profile::centos63-x86_64]
class { cobbler::profile::centos63-x86_64: }
# RHEL distribution
# class { cobbler::distro::rhel63-x86_64:
# http_iso => "http://address/of/rhel-server-6.3-x86_64-boot.iso",
# ks_url => "http://address/of/rhel/base/mirror/6.3/os/x86_64",
# }
#
# Class[cobbler::distro::rhel63-x86_64] ->
# Class[cobbler::profile::rhel63-x86_64]
#
# class { cobbler::profile::rhel63-x86_64: }
# IT IS NEEDED IN ORDER TO USE cobbler_system.py SCRIPT
# WHICH USES argparse PYTHON MODULE
package {"python-argparse": }
}

9
puppet/cobbler/lib/puppet/parser/functions/extension_basename.rb
View File

@ -1,9 +0,0 @@
module Puppet::Parser::Functions
newfunction(:extension_basename, :type => :rvalue) do |args|
if args[1] and /^(true|1)$/i.match(args[1])
File.basename(args[0]).split(/\./)[0..-2].join(".")
else
File.basename(args[0])
end
end
end

66
puppet/cobbler/lib/puppet/provider/cobbler_digest_user/default.rb
View File

@ -1,66 +0,0 @@
require 'puppet'
Puppet::Type.type(:cobbler_digest_user).provide(:default) do
defaultfor :operatingsystem => [:centos, :redhat, :debian, :ubuntu]
# def self.instances
# list_users.each do |user, userhash|
# new(:name => user)
# end
# end
def create
Puppet.info "cobbler_digest_user: updating user: #{@resource[:name]}"
rm_user
create_user
end
def destroy
Puppet.info "cobbler_digest_user: removing user: #{@resource[:name]}"
rm_user
end
def exists?
users = list_users
unless users[@resource[:name]]
Puppet.info "cobbler_digest_user: user #{@resource[:name]} does not exist"
return false
end
if hashline == users[@resource[:name]]
Puppet.info "cobbler_digest_user: user #{@resource[:name]} already exists"
return true
end
return false
end
private
def hashline
return `printf "#{@resource[:name]}:Cobbler:#{@resource[:password]}" | md5sum | awk '{print $1}'`.chomp
end
def list_users
users = {}
File.open("/etc/cobbler/users.digest", "r") do |file|
while line = file.gets
user, servicename, userhash = line.split(/:/)
users[user] = userhash.chomp
end
end
users
end
def rm_user
system("/usr/bin/htpasswd -D /etc/cobbler/users.digest #{@resource[:name]} 2>&1 || true")
end
def create_user
File.open("/etc/cobbler/users.digest", "a+") do |file|
file.write("#{@resource[:name]}:Cobbler:#{hashline}")
end
end
end

70
puppet/cobbler/lib/puppet/provider/cobbler_distro/default.rb
View File

@ -1,70 +0,0 @@
require 'puppet'
require 'open3'
Puppet::Type.type(:cobbler_distro).provide(:default) do
defaultfor :operatingsystem => [:centos, :redhat, :debian, :ubuntu]
def exists?
Puppet.info "cobbler_distro: checking if distro exists: #{@resource[:name]}"
if find_distro_full
Puppet.info "cobbler_distro: distro exists: #{@resource[:name]}"
return true
else
Puppet.info "cobbler_distro: distro does not exist: #{@resource[:name]}"
return false
end
end
def create
Puppet.info "cobbler_distro: updating distro: #{@resource[:name]}"
update_distro
end
def destroy
Puppet.info "cobbler_distro: removing distro: #{@resource[:name]}"
remove_distro
end
private
def ksmeta
if @resource[:ksmeta].size > 0
"--ksmeta=\"#{@resource[:ksmeta]}\""
else
""
end
end
def find_distro_full
distro, stderr = Open3.popen3("cobbler distro find --name=#{@resource[:name]} --kernel=#{@resource[:kernel]} --initrd=#{@resource[:initrd]} --arch=#{@resource[:arch]} --breed=#{@resource[:breed]} --os-version=#{@resource[:osversion]} #{ksmeta}")[1,2]
if err = stderr.gets
raise Puppet::Error, err
else
distro.read.chomp.size != 0
end
end
def find_distro_name
distro, stderr = Open3.popen3("cobbler distro find --name=#{@resource[:name]}")[1,2]
if err = stderr.gets
raise Puppet::Error, err
else
return distro.read.chomp.size != 0
end
end
def update_distro
subcommand = find_distro_name ? 'edit' : 'add'
stderr = Open3.popen3("cobbler distro #{subcommand} --name=#{@resource[:name]} --kernel=#{@resource[:kernel]} --initrd=#{@resource[:initrd]} --arch=#{@resource[:arch]} --breed=#{@resource[:breed]} --os-version=#{@resource[:osversion]} #{ksmeta}")[2]
if err = stderr.gets
raise Puppet::Error, err
end
end
def remove_distro
stderr = Open3.popen3("cobbler distro remove --name=#{@resource[:name]}")[2]
if err = stderr.gets
raise Puppet::Error, err
end
end
end

85
puppet/cobbler/lib/puppet/provider/cobbler_profile/default.rb
View File

@ -1,85 +0,0 @@
require 'puppet'
Puppet::Type.type(:cobbler_profile).provide(:default) do
defaultfor :operatingsystem => [:centos, :redhat, :debian, :ubuntu]
def exists?
Puppet.info "cobbler_profile: checking if profile exists: #{@resource[:name]}"
if find_profile_full
Puppet.info "cobbler_profile: profile exists: #{@resource[:name]}"
return true
else
Puppet.info "cobbler_profile: profile does not exist: #{@resource[:name]}"
return false
end
end
def create
Puppet.info "cobbler_profile: updating profile: #{@resource[:name]}"
update_profile
end
def destroy
Puppet.info "cobbler_profile: removing profile: #{@resource[:name]}"
remove_profile
end
private
def enable_menu
if @resource[:menu] == :true
"True"
else
"False"
end
end
def kickstart
if @resource[:kickstart].size > 0
"--kickstart=#{@resource[:kickstart]}"
else
""
end
end
def ksmeta
if @resource[:ksmeta].size > 0
"--ksmeta=\"#{@resource[:ksmeta]}\""
else
""
end
end
def find_profile_full
profile, stderr = Open3.popen3("cobbler profile find --name=#{@resource[:name]} --distro=#{@resource[:distro]} --enable-menu=#{enable_menu} --kopts=\"#{@resource[:kopts]}\" #{kickstart} #{ksmeta}")[1,2]
if err = stderr.gets
raise Pupppet::Error, err
else
profile.read.chomp.size != 0
end
end
def find_profile_name
profile, stderr = Open3.popen3("cobbler profile find --name=#{@resource[:name]}")[1,2]
if err = stderr.gets
raise Pupppet::Error, err
else
profile.read.chomp.size != 0
end
end
def update_profile
subcommand = find_profile_name ? 'edit' : 'add'
stderr = Open3.popen3("cobbler profile #{subcommand} --name=#{@resource[:name]} --distro=#{@resource[:distro]} --enable-menu=#{enable_menu} --kopts=\"#{@resource[:kopts]}\" #{kickstart} #{ksmeta}")[2]
if err = stderr.gets
raise Pupppet::Error, err
end
end
def remove_profile
stderr = Open3.popen3("cobbler profile remove --name=#{@resource[:name]}")[2]
if err = stderr.gets
raise Pupppet::Error, err
end
end
end

27
puppet/cobbler/lib/puppet/type/cobbler_digest_user.rb
View File

@ -1,27 +0,0 @@
require 'puppet'
Puppet::Type.newtype(:cobbler_digest_user) do
desc = "Type to manage cobbler digest users (/etc/cobbler/users.digest)"
ensurable do
defaultto(:present)
newvalue(:present) do
provider.create
end
newvalue(:absent) do
provider.destroy
end
end
newparam(:password) do
desc "User password"
newvalues(/^.{6,}$/)
end
newparam(:name, :namevar => true) do
desc "Name of user"
newvalues(/^\S+$/)
end
end

52
puppet/cobbler/lib/puppet/type/cobbler_distro.rb
View File

@ -1,52 +0,0 @@
require 'puppet'
Puppet::Type.newtype(:cobbler_distro) do
desc = "Type to manage cobbler distros"
ensurable do
defaultto(:present)
newvalue(:present) do
provider.create
end
newvalue(:absent) do
provider.destroy
end
end
newparam(:kernel) do
desc "Path to kernel"
newvalues(/^(\/[^\/]+)+$/)
end
newparam(:initrd) do
desc "Path to initrd"
newvalues(/^(\/[^\/]+)+$/)
end
newparam(:arch) do
desc "Architecture"
newvalues(/^(x86_64|i386)$/)
end
newparam(:ksmeta) do
desc "Kickstart metadata"
newvalues(/^((\S+=\S+) +)*(\S+=\S+)*$/)
end
newparam(:breed) do
desc "Breed"
newvalues(/^(redhat|ubuntu|debian|suse)$/)
end
newparam(:osversion) do
desc "OS Version"
newvalues(/^(rhel6|rhel5|precise|natty|squeeze|stable|other)$/)
end
newparam(:name, :namevar => true) do
desc "Name of distro"
newvalues(/^\S+$/)
end
end

47
puppet/cobbler/lib/puppet/type/cobbler_profile.rb
View File

@ -1,47 +0,0 @@
require 'puppet'
Puppet::Type.newtype(:cobbler_profile) do
desc = "Type to manage cobbler distros"
ensurable do
defaultto(:present)
newvalue(:present) do
provider.create
end
newvalue(:absent) do
provider.destroy
end
end
newparam(:distro) do
desc "Distro"
newvalues(/^\S+$/)
end
newparam(:kopts) do
desc "Kernel options"
newvalues(/^.*$/)
end
newparam(:ksmeta) do
desc "Kickstart metadata"
newvalues(/^((\S+=\S+) +)*(\S+=\S+)*$/)
end
newparam(:menu) do
desc "Include|Exclude this profile into boot menu"
newvalues(:true, :false)
end
newparam(:kickstart) do
desc "Path to kickstart file"
newvalues(/^(\/[^\/]+)*$/)
end
newparam(:name, :namevar => true) do
desc "Name of profile"
newvalues(/^\S+$/)
end
end

19
puppet/cobbler/manifests/checksum_bootpc.pp
View File

@ -1,19 +0,0 @@
class cobbler::checksum_bootpc () {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
case $operatingsystem {
/(?i)(centos|redhat)/ : {
exec { "checksum_fill_bootpc":
command => "iptables -t mangle -A POSTROUTING -p udp --dport 68 -j CHECKSUM --checksum-fill; /etc/init.d/iptables save",
unless => "iptables -t mangle -S POSTROUTING | grep -q \"^-A POSTROUTING -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill\""
}
}
/(?i)(debian|ubuntu)/ : {
exec { "checksum_fill_bootpc":
command => "iptables -t mangle -A POSTROUTING -p udp --dport 68 -j CHECKSUM --checksum-fill; iptables-save -c > /etc/iptables.rules",
unless => "iptables -t mangle -S POSTROUTING | grep -q \"^-A POSTROUTING -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill\""
}
}
}
}

89
puppet/cobbler/manifests/distro/centos63-x86_64.pp
View File

@ -1,89 +0,0 @@
#
# This class is intended to make cobbler distro centos63-x86_64. It will
# download and mount centos ISO image.
#
# [http_iso] This is the url from where to download centos 6.3 ISO image.
# This ISO image is needed to mount it and use its vmlinuz and initrd.img files.
# If it also contains RPM packages including ruby, wget and so on, then you
# can install system completely from this ISO image.
# [ks_url] This is the url of RPM repository from where to install system.
# This will be used as the url parameter in kickstart file. You can also
# use here the key word 'cobbler' in order to use mounted ISO image as main
# repository.
class cobbler::distro::centos63-x86_64(
$http_iso = "http://mirror.stanford.edu/yum/pub/centos/6.3/isos/x86_64/CentOS-6.3-x86_64-minimal.iso",
$ks_url = "http://mirror.stanford.edu/yum/pub/centos/6.3/os/x86_64"
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
$ks_mirror = '/var/www/cobbler/ks_mirror'
# CentOS-6.3-x86_64-minimal
$iso_name = extension_basename($http_iso, "true")
# CentOS-6.3-x86_64-minimal.iso
$iso_basename = extension_basename($http_iso)
# /var/www/cobbler/ks_mirror/CentOS-6.3-x86_64-minimal.iso
$iso = "${ks_mirror}/${iso_basename}"
# /var/www/cobbler/ks_mirror/CentOS-6.3-x86_64-minimal
$iso_mnt = "${ks_mirror}/${iso_name}"
# /var/www/cobbler/links/CentOS-6.3-x86_64-minimal
$iso_link = "/var/www/cobbler/links/$iso_name"
if $ks_url == "cobbler" {
$tree = "http://@@server@@/cblr/links/${iso_name}"
}
else {
$tree = $ks_url
}
file { $iso_mnt:
ensure => directory,
owner => root,
group => root,
mode => 0555,
}
if $http_iso =~ /^http:\/\/.+/ {
# HERE IS ASSUMED THAT wget PACKAGE INSTALLED AS WE NEED IT
# TO DOWNLOAD CENTOS ISO IMAGE
exec { "get ${http_iso}":
command => "wget -q -O- ${http_iso} > ${iso}",
onlyif => "test ! -s ${iso}",
}
}
elsif $http_iso =~ /^file:\/\/.+/ {
$http_iso_path = split($http_iso, 'file://')
exec { "get ${http_iso}":
command => "cp ${http_iso_path[1]} ${iso}",
onlyif => "test ! -s ${iso}",
}
}
mount { $iso_mnt:
device => $iso,
options => "loop",
fstype => "iso9660",
ensure => mounted,
require => [Exec["get ${http_iso}"], File[$iso_mnt]],
}
file { $iso_link:
ensure => link,
target => $iso_mnt,
}
cobbler_distro { "centos63-x86_64":
kernel => "${iso_mnt}/isolinux/vmlinuz",
initrd => "${iso_mnt}/isolinux/initrd.img",
arch => "x86_64",
breed => "redhat",
osversion => "rhel6",
ksmeta => "tree=${tree}",
require => Mount[$iso_mnt],
}
}

93
puppet/cobbler/manifests/distro/centos63_x86_64.pp
View File

@ -1,93 +0,0 @@
#
# This class is intended to make cobbler distro centos63_x86_64. It will
# download and mount centos ISO image.
#
# [http_iso] This is the url from where to download centos 6.3 ISO image.
# This ISO image is needed to mount it and use its vmlinuz and initrd.img files.
# If it also contains RPM packages including ruby, wget and so on, then you
# can install system completely from this ISO image.
# [ks_url] This is the url of RPM repository from where to install system.
# This will be used as the url parameter in kickstart file. You can also
# use here the key word 'cobbler' in order to use mounted ISO image as main
# repository.
class cobbler::distro::centos63_x86_64(
$http_iso = 'http://download.mirantis.com/epel-fuel-folsom-2.1/CentOS-6.3-x86_64-minimal.iso',
$ks_url = 'http://download.mirantis.com/epel-fuel-folsom-2.1'
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
case $::operatingsystem {
/(?i)(centos|redhat)/: {
$ks_mirror = '/var/www/cobbler/ks_mirror'
}
/(?i)(debian|ubuntu)/: {
$ks_mirror = '/usr/share/cobbler/webroot/cobbler/ks_mirror'
}
}
# CentOS-6.3-x86_64-minimal
$iso_name = extension_basename($http_iso, 'true')
# CentOS-6.3-x86_64-minimal.iso
$iso_basename = extension_basename($http_iso)
# /var/www/cobbler/ks_mirror/CentOS-6.3-x86_64-minimal.iso
$iso = "${ks_mirror}/${iso_basename}"
# /var/www/cobbler/ks_mirror/CentOS-6.3-x86_64-minimal
$iso_mnt = "${ks_mirror}/${iso_name}"
# /var/www/cobbler/links/CentOS-6.3-x86_64-minimal
$iso_link = "/var/www/cobbler/links/${iso_name}"
if $ks_url == 'cobbler' {
$tree = "http://@@server@@/cblr/links/${iso_name}"
}
else {
$tree = $ks_url
}
file { $iso_mnt:
ensure => directory,
}
if $http_iso =~ /^http:\/\/.+/ {
# HERE IS ASSUMED THAT wget PACKAGE INSTALLED AS WE NEED IT
# TO DOWNLOAD CENTOS ISO IMAGE
exec { "get ${http_iso}":
command => "wget -q -O- ${http_iso} > ${iso}",
timeout => 0,
onlyif => "test ! -s ${iso}",
}
}
elsif $http_iso =~ /^file:\/\/.+/ {
$http_iso_path = split($http_iso, 'file://')
exec { "get ${http_iso}":
command => "cp ${http_iso_path[1]} ${iso}",
onlyif => "test ! -s ${iso}",
}
}
mount { $iso_mnt:
ensure => mounted,
device => $iso,
options => 'loop',
fstype => 'iso9660',
require => [Exec["get ${http_iso}"], File[$iso_mnt]],
}
file { $iso_link:
ensure => link,
target => $iso_mnt,
}
cobbler_distro { 'centos63_x86_64':
kernel => "${iso_mnt}/isolinux/vmlinuz",
initrd => "${iso_mnt}/isolinux/initrd.img",
arch => 'x86_64',
breed => 'redhat',
osversion => 'rhel6',
ksmeta => "tree=${tree}",
require => Mount[$iso_mnt],
}
}

93
puppet/cobbler/manifests/distro/centos64_x86_64.pp
View File

@ -1,93 +0,0 @@
#
# This class is intended to make cobbler distro centos64_x86_64. It will
# download and mount centos ISO image.
#
# [http_iso] This is the url from where to download centos 6.4 ISO image.
# This ISO image is needed to mount it and use its vmlinuz and initrd.img files.
# If it also contains RPM packages including ruby, wget and so on, then you
# can install system completely from this ISO image.
# [ks_url] This is the url of RPM repository from where to install system.
# This will be used as the url parameter in kickstart file. You can also
# use here the key word 'cobbler' in order to use mounted ISO image as main
# repository.
class cobbler::distro::centos64_x86_64(
$http_iso = 'http://download.mirantis.com/epel-fuel-grizzly/isos/x86_64/CentOS-6.4-x86_64-minimal.iso',
$ks_url = 'http://download.mirantis.com/epel-fuel-grizzly'
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
case $::operatingsystem {
/(?i)(centos|redhat)/: {
$ks_mirror = '/var/www/cobbler/ks_mirror'
}
/(?i)(debian|ubuntu)/: {
$ks_mirror = '/usr/share/cobbler/webroot/cobbler/ks_mirror'
}
}
# CentOS-6.4-x86_64-minimal
$iso_name = extension_basename($http_iso, 'true')
# CentOS-6.4-x86_64-minimal.iso
$iso_basename = extension_basename($http_iso)
# /var/www/cobbler/ks_mirror/CentOS-6.4-x86_64-minimal.iso
$iso = "${ks_mirror}/${iso_basename}"
# /var/www/cobbler/ks_mirror/CentOS-6.4-x86_64-minimal
$iso_mnt = "${ks_mirror}/${iso_name}"
# /var/www/cobbler/links/CentOS-6.4-x86_64-minimal
$iso_link = "/var/www/cobbler/links/${iso_name}"
if $ks_url == 'cobbler' {
$tree = "http://@@server@@/cblr/links/${iso_name}"
}
else {
$tree = $ks_url
}
file { $iso_mnt:
ensure => directory,
}
if $http_iso =~ /^http:\/\/.+/ {
# HERE IS ASSUMED THAT wget PACKAGE INSTALLED AS WE NEED IT
# TO DOWNLOAD CENTOS ISO IMAGE
exec { "get ${http_iso}":
command => "wget -q -O- ${http_iso} > ${iso}",
timeout => 0,
onlyif => "test ! -s ${iso}",
}
}
elsif $http_iso =~ /^file:\/\/.+/ {
$http_iso_path = split($http_iso, 'file://')
exec { "get ${http_iso}":
command => "cp ${http_iso_path[1]} ${iso}",
onlyif => "test ! -s ${iso}",
}
}
mount { $iso_mnt:
ensure => mounted,
device => $iso,
options => 'loop',
fstype => 'iso9660',
require => [Exec["get ${http_iso}"], File[$iso_mnt]],
}
file { $iso_link:
ensure => link,
target => $iso_mnt,
}
cobbler_distro { 'centos64_x86_64':
kernel => "${iso_mnt}/isolinux/vmlinuz",
initrd => "${iso_mnt}/isolinux/initrd.img",
arch => 'x86_64',
breed => 'redhat',
osversion => 'rhel6',
ksmeta => "tree=${tree}",
require => Mount[$iso_mnt],
}
}

82
puppet/cobbler/manifests/distro/rhel63-x86_64.pp
View File

@ -1,82 +0,0 @@
#
# This class is intended to make cobbler distro rhel63-x86_64. It will
# download and mount rhel ISO image.
#
# [http_iso] This is the url from where to download rhel 6.3 ISO image.
# This ISO image is needed to mount it and use its vmlinuz and initrd.img files.
# If it also contains RPM packages including ruby, wget and so on, then you
# can install system completely from this ISO image.
# [ks_url] This is the url of RPM repository from where to install system.
# This will be used as the url parameter in kickstart file. You can also
# use here the key word 'cobbler' in order to use mounted ISO image as main
# repository.
class cobbler::distro::rhel63-x86_64(
$http_iso = "http://10.0.0.1/~hex/iso/rhel-server-6.3-x86_64-boot.iso",
$ks_url = "http://10.0.0.1/~hex/rhel/6.3/os/x86_64"
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
$ks_mirror = '/var/www/cobbler/ks_mirror'
# rhel-server-6.3-x86_64-boot
$iso_name = extension_basename($http_iso, "true")
# rhel-server-6.3-x86_64-boot.iso
$iso_basename = extension_basename($http_iso)
# /var/www/cobbler/ks_mirror/rhel-server-6.3-x86_64-boot.iso
$iso = "${ks_mirror}/${iso_basename}"
# /var/www/cobbler/ks_mirror/rhel-server-6.3-x86_64-boot
$iso_mnt = "${ks_mirror}/${iso_name}"
# /var/www/cobbler/links/rhel-server-6.3-x86_64-boot
$iso_link = "/var/www/cobbler/links/$iso_name"
if $ks_url == "cobbler" {
$tree = "http://@@server@@/cblr/links/${iso_name}"
}
else {
$tree = $ks_url
}
file { $iso_mnt:
ensure => directory,
owner => root,
group => root,
mode => 0555,
}
# HERE IS ASSUMED THAT wget PACKAGE INSTALLED AS WE NEED IT
# TO DOWNLOAD RHEL ISO IMAGE
exec { "wget ${http_iso}":
command => "wget -q -O- ${http_iso} > ${iso}",
onlyif => "test ! -s ${iso}",
timeout => 0,
}
mount { $iso_mnt:
device => $iso,
options => "loop",
fstype => "iso9660",
ensure => mounted,
require => [Exec["wget ${http_iso}"], File[$iso_mnt]],
}
file { $iso_link:
ensure => link,
target => $iso_mnt,
}
cobbler_distro { "rhel63-x86_64":
kernel => "${iso_mnt}/isolinux/vmlinuz",
initrd => "${iso_mnt}/isolinux/initrd.img",
arch => "x86_64",
breed => "redhat",
osversion => "rhel6",
ksmeta => "tree=${tree}",
require => Mount[$iso_mnt],
}
}

79
puppet/cobbler/manifests/distro/rhel63_x86_64.pp
View File

@ -1,79 +0,0 @@
#
# This class is intended to make cobbler distro rhel63_x86_64. It will
# download and mount rhel ISO image.
#
# [http_iso] This is the url from where to download rhel 6.3 ISO image.
# This ISO image is needed to mount it and use its vmlinuz and initrd.img files.
# If it also contains RPM packages including ruby, wget and so on, then you
# can install system completely from this ISO image.
# [ks_url] This is the url of RPM repository from where to install system.
# This will be used as the url parameter in kickstart file. You can also
# use here the key word 'cobbler' in order to use mounted ISO image as main
# repository.
class cobbler::distro::rhel63_x86_64(
$http_iso = "http://10.0.0.1/~hex/iso/rhel-server-6.3-x86_64-boot.iso",
$ks_url = "http://10.0.0.1/~hex/rhel/6.3/os/x86_64"
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
$ks_mirror = '/var/www/cobbler/ks_mirror'
# rhel-server-6.3-x86_64-boot
$iso_name = extension_basename($http_iso, "true")
# rhel-server-6.3-x86_64-boot.iso
$iso_basename = extension_basename($http_iso)
# /var/www/cobbler/ks_mirror/rhel-server-6.3-x86_64-boot.iso
$iso = "${ks_mirror}/${iso_basename}"
# /var/www/cobbler/ks_mirror/rhel-server-6.3-x86_64-boot
$iso_mnt = "${ks_mirror}/${iso_name}"
# /var/www/cobbler/links/rhel-server-6.3-x86_64-boot
$iso_link = "/var/www/cobbler/links/$iso_name"
if $ks_url == "cobbler" {
$tree = "http://@@server@@/cblr/links/${iso_name}"
}
else {
$tree = $ks_url
}
file { $iso_mnt:
ensure => directory,
}
# HERE IS ASSUMED THAT wget PACKAGE INSTALLED AS WE NEED IT
# TO DOWNLOAD RHEL ISO IMAGE
exec { "wget ${http_iso}":
command => "wget -q -O- ${http_iso} > ${iso}",
onlyif => "test ! -s ${iso}",
timeout => 0,
}
mount { $iso_mnt:
device => $iso,
options => "loop",
fstype => "iso9660",
ensure => mounted,
require => [Exec["wget ${http_iso}"], File[$iso_mnt]],
}
file { $iso_link:
ensure => link,
target => $iso_mnt,
}
cobbler_distro { "rhel63_x86_64":
kernel => "${iso_mnt}/isolinux/vmlinuz",
initrd => "${iso_mnt}/isolinux/initrd.img",
arch => "x86_64",
breed => "redhat",
osversion => "rhel6",
ksmeta => "tree=${tree}",
require => Mount[$iso_mnt],
}
}

82
puppet/cobbler/manifests/distro/ubuntu_1204_x86_64.pp
View File

@ -1,82 +0,0 @@
class cobbler::distro::ubuntu_1204_x86_64(
$http_iso = 'http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/mini.iso',
$ks_url = 'http://us.archive.ubuntu.com/ubuntu',
){
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
case $::operatingsystem {
/(?i)(centos|redhat)/: {
$ks_mirror = '/var/www/cobbler/ks_mirror'
}
/(?i)(debian|ubuntu)/: {
$ks_mirror = '/usr/share/cobbler/webroot/cobbler/ks_mirror'
}
}
# mini
$iso_name = extension_basename($http_iso, 'true')
# mini.iso
$iso_basename = extension_basename($http_iso)
# /var/www/cobbler/ks_mirror/ubuntu-12.04-x86_64-mini.iso
$iso = "${ks_mirror}/ubuntu-12.04-x86_64-${iso_basename}"
# /var/www/cobbler/ks_mirror/ubuntu-12.04-x86_64-mini
$iso_mnt = "${ks_mirror}/ubuntu-12.04-x86_64-${iso_name}"
# /var/www/cobbler/links/ubuntu-12.04-x86_64-mini
$iso_link = "/var/www/cobbler/links/${iso_name}"
if $ks_url == 'cobbler' {
$tree_host = "@@server@@"
$tree_url = "/cblr/links/${iso_name}"
}
else {
$tree_host = inline_template("<%= @ks_url.split('http://')[1].split('/')[0] %>")
$tree_url = inline_template("/<%= @ks_url.split('http://')[1].split('/')[1 .. -1].join('/') %>")
}
file { $iso_mnt:
ensure => directory,
}
if $http_iso =~ /^http:\/\/.+/ {
# HERE IS ASSUMED THAT wget PACKAGE INSTALLED AS WE NEED IT
# TO DOWNLOAD CENTOS ISO IMAGE
exec { "get ${http_iso}":
command => "wget -q -O- ${http_iso} > ${iso}",
timeout => 0,
onlyif => "test ! -s ${iso}",
}
}
elsif $http_iso =~ /^file:\/\/.+/ {
$http_iso_path = split($http_iso, 'file://')
exec { "get ${http_iso}":
command => "cp ${http_iso_path[1]} ${iso}",
onlyif => "test ! -s ${iso}",
}
}
mount { $iso_mnt:
ensure => mounted,
device => $iso,
options => 'loop',
fstype => 'iso9660',
require => [Exec["get ${http_iso}"], File[$iso_mnt]],
}
file { $iso_link:
ensure => link,
target => $iso_mnt,
}
cobbler_distro { "ubuntu_1204_x86_64":
kernel => "${iso_mnt}/linux",
initrd => "${iso_mnt}/initrd.gz",
arch => 'x86_64',
breed => 'ubuntu',
osversion => 'precise',
ksmeta => "tree_host=${tree_host} tree_url=${tree_url}",
require => Mount[$iso_mnt],
}
}

70
puppet/cobbler/manifests/init.pp
View File

@ -1,70 +0,0 @@
#
# This class is intended to serve as
# a way of deploying cobbler server.
#
# [server] IP address that will be used as address of cobbler server.
# It is needed to download kickstart files, call cobbler API and
# so on. Required.
#
# [domain_name] Domain name that will be used as default for
# installed nodes. Required.
# [name_server] DNS ip address to be used by installed nodes
# [next_server] IP address that will be used as PXE tftp server. Required.
#
# [dhcp_start_address] First address of dhcp range
# [dhcp_end_address] Last address of dhcp range
# [dhcp_netmask] Netmask of the network
# [dhcp_gateway] Gateway address for installed nodes
# [dhcp_interface] Interface where to bind dhcp and tftp services
#
# [cobbler_user] Cobbler web interface username
# [cobbler_password] Cobbler web interface password
#
# [pxetimeout] Pxelinux will wail this count of 1/10 seconds before
# use default pxe item. To disable it use 0. Required.
class cobbler(
$server = $ipaddress,
$domain_name = 'local',
$name_server = $ipaddress,
$next_server = $ipaddress,
$dhcp_start_address = '10.0.0.201',
$dhcp_end_address = '10.0.0.254',
$dhcp_netmask = '255.255.255.0',
$dhcp_gateway = $ipaddress,
$dhcp_interface = 'eth0',
$cobbler_user = 'cobbler',
$cobbler_password = 'cobbler',
$pxetimeout = '0'
){
anchor { "cobbler-begin": }
anchor { "cobbler-end": }
Anchor<| title == "cobbler-begin" |> ->
Class["::cobbler::packages"] ->
Class["::cobbler::selinux"] ->
Class["::cobbler::iptables"] ->
Class["::cobbler::snippets"] ->
Class["::cobbler::server"] ->
Anchor<| title == "cobbler-end" |>
class { ::cobbler::packages : }
class { ::cobbler::selinux : }
class { ::cobbler::iptables : }
class { ::cobbler::snippets : }
class { ::cobbler::server : }
cobbler_digest_user {$cobbler_user:
password => $cobbler_password,
require => Package[$cobbler::packages::cobbler_package],
notify => Service[$cobbler::server::cobbler_service],
}
}

70
puppet/cobbler/manifests/iptables.pp
View File

@ -1,70 +0,0 @@
class cobbler::iptables {
define access_to_cobbler_port($port, $protocol='tcp') {
$rule = "-p $protocol -m state --state NEW -m $protocol --dport $port -j ACCEPT"
case $operatingsystem {
/(?i)(centos|redhat)/: {
exec { "access_to_cobbler_${protocol}_port: $port":
command => "iptables -t filter -I INPUT 1 $rule; \
/etc/init.d/iptables save",
unless => "iptables -t filter -S INPUT | grep -q \"^-A INPUT $rule\"",
path => '/usr/bin:/bin:/usr/sbin:/sbin',
}
}
/(?i)(debian|ubuntu)/: {
exec { "access_to_cobbler_${protocol}_port: $port":
command => "iptables -t filter -I INPUT 1 $rule; \
iptables-save -c > /etc/iptables.rules",
unless => "iptables -t filter -S INPUT | grep -q \"^-A INPUT $rule\"",
path => '/usr/bin:/bin:/usr/sbin:/sbin',
}
}
}
}
case $operatingsystem {
/(?i)(debian|ubuntu)/:{
file { "/etc/network/if-post-down.d/iptablessave":
content => template("cobbler/ubuntu/iptablessave.erb"),
owner => root,
group => root,
mode => 0755,
}
file { "/etc/network/if-pre-up.d/iptablesload":
content => template("cobbler/ubuntu/iptablesload.erb"),
owner => root,
group => root,
mode => 0755,
}
}
}
# HERE IS IPTABLES RULES TO MAKE COBBLER AVAILABLE FROM OUTSIDE
# https://github.com/cobbler/cobbler/wiki/Using%20Cobbler%20Import
# SSH
access_to_cobbler_port { "ssh": port => '22' }
# DNS
access_to_cobbler_port { "dns_tcp": port => '53' }
access_to_cobbler_port { "dns_udp": port => '53', protocol => 'udp' }
# DHCP
access_to_cobbler_port { "dhcp_67": port => '67', protocol => 'udp' }
access_to_cobbler_port { "dhcp_68": port => '68', protocol => 'udp' }
# SQUID PROXY
access_to_cobbler_port { "http_3128": port => '3128',protocol => 'tcp' }
# PXE
access_to_cobbler_port { "pxe_4011": port => '4011',protocol => 'udp' }
# TFTP
access_to_cobbler_port { "tftp_tcp": port => '69' }
access_to_cobbler_port { "tftp_udp": port => '69', protocol => 'udp' }
# NTP
access_to_cobbler_port { "ntp_udp": port => '123', protocol => 'udp' }
# HTTP/HTTPS
access_to_cobbler_port { "http": port => '80' }
access_to_cobbler_port { "https": port => '443'}
# SYSLOG FOR COBBLER
access_to_cobbler_port { "syslog_tcp": port => '25150'}
# xmlrpc API
access_to_cobbler_port { "xmlrpc_api": port => '25151' }
}

63
puppet/cobbler/manifests/nat.pp
View File

@ -1,63 +0,0 @@
# add nat tables for nodes range
class cobbler::nat(
$nat_range,
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
exec { 'enable_forwarding':
command => 'echo 1 > /proc/sys/net/ipv4/ip_forward',
unless => 'cat /proc/sys/net/ipv4/ip_forward | grep -q 1',
}
exec { 'save_ipv4_forward':
command => 'sed -i --follow-symlinks -e "/net\.ipv4\.ip_forward/d" \
/etc/sysctl.conf && echo "net.ipv4.ip_forward = 1" >> \
/etc/sysctl.conf',
unless => 'grep -q "^\s*net\.ipv4\.ip_forward = 1" /etc/sysctl.conf',
}
case $::operatingsystem {
/(?i)(centos|redhat)/: {
exec { 'enable_nat_all':
command => "iptables -t nat -I POSTROUTING 1 \
-s ${nat_range} ! -d ${nat_range} -j MASQUERADE; \
/etc/init.d/iptables save",
unless => "iptables -t nat -S POSTROUTING | grep -q \"^-A POSTROUTING \
-s ${nat_range} ! -d ${nat_range} -j MASQUERADE\""
}
exec { 'enable_nat_filter':
command => 'iptables -t filter -I FORWARD 1 -j ACCEPT; \
/etc/init.d/iptables save',
unless => 'iptables -t filter -S FORWARD | grep -q "^-A FORWARD \
-j ACCEPT"'
}
}
/(?i)(debian|ubuntu)/: {
# In order to save these rules and to make them raising on
# boot you supposed to
# define to resources File["/etc/network/if-post-down.d/iptablessave"]
# and File["/etc/network/if-pre-up.d/iptablesload"].
# Those two resources already
# defined in cobbler::iptables class, so if you use default init.pp file
# you already have those files defined
exec { 'enable_nat_all':
command => "iptables -t nat -I POSTROUTING 1 \
-s ${nat_range} ! -d ${nat_range} -j MASQUERADE; \
iptables-save -c > /etc/iptables.rules",
unless => "iptables -t nat -S POSTROUTING | grep -q \"^-A POSTROUTING \
-s ${nat_range} ! -d ${nat_range} -j MASQUERADE\""
}
exec { 'enable_nat_filter':
command => 'iptables -t filter -I FORWARD 1 -j ACCEPT; \
iptables-save -c > /etc/iptables.rules',
unless => 'iptables -t filter -S FORWARD | grep -q "^-A \
FORWARD -j ACCEPT"'
}
}
default: {}
}
}

58
puppet/cobbler/manifests/packages.pp
View File

@ -1,58 +0,0 @@
class cobbler::packages {
case $operatingsystem {
/(?i)(centos|redhat)/: {
$cobbler_package = "cobbler"
$cobbler_version = "2.2.3-2.el6"
$cobbler_web_package = "cobbler-web"
$cobbler_web_package_version = "2.2.3-2.el6"
$dnsmasq_package = "dnsmasq"
$cobbler_additional_packages = ["xinetd", "tftp-server", "syslinux", "wget", "python-ipaddr"]
$django_package = "Django"
$django_version = "1.3.4-1.el6"
}
/(?i)(debian|ubuntu)/: {
$cobbler_package = "cobbler"
$cobbler_version = "2.2.2-0ubuntu33.2"
$cobbler_web_package = "cobbler-web"
$cobbler_web_package_version = "2.2.2-0ubuntu33.2"
$dnsmasq_package = "dnsmasq"
$cobbler_additional_packages = ["tftpd-hpa", "syslinux", "wget", "python-ipaddr"]
$django_package = "python-django"
$django_version = "1.3.1-4ubuntu1"
}
}
define cobbler_safe_package(){
if ! defined(Package[$name]){
@package { $name : }
}
}
cobbler_safe_package { $cobbler_additional_packages : }
package { $django_package :
ensure => $django_version
}
package { $cobbler_package :
ensure => $cobbler_version,
require => [
Package[$dnsmasq_package],
Package[$cobbler_additional_packages],
Package[$django_package],
],
}
package { $cobbler_web_package :
ensure => $cobbler_web_package_version,
require => Package[$cobbler_package]
}
package { $dnsmasq_package:
ensure => installed
}
Package<||>
}

56
puppet/cobbler/manifests/profile/centos63-x86_64.pp
View File

@ -1,56 +0,0 @@
#
# This class is intended to make cobbler profile centos63-x86_64.
#
# [distro] The name of cobbler distro to bind profile to.
#
# [ks_repo] Repository definitions (array of hashes with name and url keys)
# where RPM packages are available which are not available in the main
# kickstart url.
#
# [ks_system_timezone] System timezone on installed system.
#
# [ks_encrypted_root_password] Hash of the root password on installed system.
class cobbler::profile::centos63-x86_64(
$distro = "centos63-x86_64",
$ks_repo = [
{
"name" => "Puppet",
"url" => "http://yum.puppetlabs.com/el/6/products/x86_64",
},
{
"name" => "Stanford",
"url" => "http://mirror.stanford.edu/yum/pub/centos/6.3/os/x86_64",
}],
$ks_system_timezone = "America/Los_Angeles",
# default password is 'r00tme'
$ks_encrypted_root_password = "\$6\$tCD3X7ji\$1urw6qEMDkVxOkD33b4TpQAjRiCeDZx0jmgMhDYhfB9KuGfqO9OcMaKyUxnGGWslEDQ4HxTw7vcAMP85NxQe61",
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
case $operatingsystem {
/(?i)(ubuntu|debian|centos|redhat)$/: {
$ks_dir = "/var/lib/cobbler/kickstarts"
}
}
file { "${ks_dir}/centos63-x86_64.ks":
content => template("cobbler/kickstart/centos.ks.erb"),
owner => root,
group => root,
mode => 0644,
} ->
cobbler_profile { "centos63-x86_64":
kickstart => "${ks_dir}/centos63-x86_64.ks",
kopts => $kopts,
distro => $distro,
ksmeta => "",
menu => true,
}
}

70
puppet/cobbler/manifests/profile/centos63_x86_64.pp
View File

@ -1,70 +0,0 @@
#
# This class is intended to make cobbler profile centos63_x86_64.
#
# [distro] The name of cobbler distro to bind profile to.
#
# [ks_repo] Repository definitions (array of hashes with name and url keys)
# where RPM packages are available which are not available in the main
# kickstart url.
#
# [ks_system_timezone] System timezone on installed system.
#
# [ks_encrypted_root_password] Hash of the root password on installed system.
class cobbler::profile::centos63_x86_64(
$distro = "centos63_x86_64",
$ks_repo = [
# {
# "name" => "Puppet",
# "url" => "http://yum.puppetlabs.com/el/6/products/x86_64",
# },
# {
# "name" => "PuppetDeps",
# "url" => "http://yum.puppetlabs.com/el/6/dependencies/x86_64",
# },
# {
# "name" => "Centos-archive-base",
# "url" => "http://archive.kernel.org/centos/6.3/os/x86_64",
# },
{
"name" => "Mirantis-CentOS-minimal",
"url" => "http://download.mirantis.com/centos-minimal",
},
{
"name" => "Mirantis-epel-fuel-install",
"url" => "http://download.mirantis.com/epel-fuel-folsom-2.1",
}
],
$ks_system_timezone = "America/Los_Angeles",
# default password is 'r00tme'
$ks_encrypted_root_password = "\$6\$tCD3X7ji\$1urw6qEMDkVxOkD33b4TpQAjRiCeDZx0jmgMhDYhfB9KuGfqO9OcMaKyUxnGGWslEDQ4HxTw7vcAMP85NxQe61",
$kopts = "",
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
case $operatingsystem {
/(?i)(ubuntu|debian|centos|redhat)$/: {
$ks_dir = "/var/lib/cobbler/kickstarts"
}
}
file { "${ks_dir}/centos63_x86_64.ks":
content => template("cobbler/kickstart/centos.ks.erb"),
owner => root,
group => root,
mode => 0644,
} ->
cobbler_profile { "centos63_x86_64":
kickstart => "${ks_dir}/centos63_x86_64.ks",
kopts => $kopts,
distro => $distro,
ksmeta => "",
menu => true,
}
}

70
puppet/cobbler/manifests/profile/centos64_x86_64.pp
View File

@ -1,70 +0,0 @@
#
# This class is intended to make cobbler profile centos64_x86_64.
#
# [distro] The name of cobbler distro to bind profile to.
#
# [ks_repo] Repository definitions (array of hashes with name and url keys)
# where RPM packages are available which are not available in the main
# kickstart url.
#
# [ks_system_timezone] System timezone on installed system.
#
# [ks_encrypted_root_password] Hash of the root password on installed system.
class cobbler::profile::centos64_x86_64(
$distro = "centos64_x86_64",
$ks_repo = [
# {
# "name" => "Puppet",
# "url" => "http://yum.puppetlabs.com/el/6/products/x86_64",
# },
# {
# "name" => "PuppetDeps",
# "url" => "http://yum.puppetlabs.com/el/6/dependencies/x86_64",
# },
# {
# "name" => "Centos-archive-base",
# "url" => "http://archive.kernel.org/centos/6.4/os/x86_64",
# },
{
"name" => "Mirantis-CentOS",
"url" => "http://download.mirantis.com/centos-6.4",
},
{
"name" => "Mirantis-epel-fuel-install",
"url" => "http://download.mirantis.com/epel-fuel-grizzly",
}
],
$ks_system_timezone = "America/Los_Angeles",
# default password is 'r00tme'
$ks_encrypted_root_password = "\$6\$tCD3X7ji\$1urw6qEMDkVxOkD33b4TpQAjRiCeDZx0jmgMhDYhfB9KuGfqO9OcMaKyUxnGGWslEDQ4HxTw7vcAMP85NxQe61",
$kopts = "",
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
case $operatingsystem {
/(?i)(ubuntu|debian|centos|redhat)$/: {
$ks_dir = "/var/lib/cobbler/kickstarts"
}
}
file { "${ks_dir}/centos64_x86_64.ks":
content => template("cobbler/kickstart/centos.ks.erb"),
owner => root,
group => root,
mode => 0644,
} ->
cobbler_profile { "centos64_x86_64":
kickstart => "${ks_dir}/centos64_x86_64.ks",
kopts => $kopts,
distro => $distro,
ksmeta => "",
menu => true,
}
}

52
puppet/cobbler/manifests/profile/rhel63-x86_64.pp
View File

@ -1,52 +0,0 @@
#
# This class is intended to make cobbler profile rhel63-x86_64.
#
# [distro] The name of cobbler distro to bind profile to.
#
# [ks_repo] Repository definitions (array of hashes with name and url keys)
# where RPM packages are available which are not available in the main
# kickstart url.
#
# [ks_system_timezone] System timezone on installed system.
#
# [ks_encrypted_root_password] Hash of the root password on installed system.
class cobbler::profile::rhel63-x86_64(
$distro = "rhel63-x86_64",
$ks_repo = [
{
"name" => "Puppet",
"url" => "http://yum.puppetlabs.com/el/6/products/x86_64",
}],
$ks_system_timezone = "America/Los_Angeles",
# default password is 'r00tme'
$ks_encrypted_root_password = "\$6\$tCD3X7ji\$1urw6qEMDkVxOkD33b4TpQAjRiCeDZx0jmgMhDYhfB9KuGfqO9OcMaKyUxnGGWslEDQ4HxTw7vcAMP85NxQe61",
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
case $operatingsystem {
/(?i)(ubuntu|debian|centos|redhat)$/: {
$ks_dir = "/var/lib/cobbler/kickstarts"
}
}
file { "${ks_dir}/rhel63-x86_64.ks":
content => template("cobbler/kickstart/rhel.ks.erb"),
owner => root,
group => root,
mode => 0644,
} ->
cobbler_profile { "rhel63-x86_64":
kickstart => "${ks_dir}/rhel63-x86_64.ks",
kopts => $kopts,
distro => $distro,
ksmeta => "",
menu => true,
}
}

57
puppet/cobbler/manifests/profile/rhel63_x86_64.pp
View File

@ -1,57 +0,0 @@
#
# This class is intended to make cobbler profile rhel63_x86_64.
#
# [distro] The name of cobbler distro to bind profile to.
#
# [ks_repo] Repository definitions (array of hashes with name and url keys)
# where RPM packages are available which are not available in the main
# kickstart url.
#
# [ks_system_timezone] System timezone on installed system.
#
# [ks_encrypted_root_password] Hash of the root password on installed system.
class cobbler::profile::rhel63_x86_64(
$distro = "rhel63_x86_64",
$ks_repo = [
{
"name" => "Puppet",
"url" => "http://yum.puppetlabs.com/el/6/products/x86_64",
},
{
"name" => "PuppetDeps",
"url" => "http://yum.puppetlabs.com/el/6/dependencies/x86_64",
}],
$ks_system_timezone = "America/Los_Angeles",
# default password is 'r00tme'
$ks_encrypted_root_password = "\$6\$tCD3X7ji\$1urw6qEMDkVxOkD33b4TpQAjRiCeDZx0jmgMhDYhfB9KuGfqO9OcMaKyUxnGGWslEDQ4HxTw7vcAMP85NxQe61",
$kopts = "",
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
case $operatingsystem {
/(?i)(ubuntu|debian|centos|redhat)$/: {
$ks_dir = "/var/lib/cobbler/kickstarts"
}
}
file { "${ks_dir}/rhel63_x86_64.ks":
content => template("cobbler/kickstart/rhel.ks.erb"),
owner => root,
group => root,
mode => 0644,
} ->
cobbler_profile { "rhel63_x86_64":
kickstart => "${ks_dir}/rhel63_x86_64.ks",
kopts => $kopts,
distro => $distro,
ksmeta => "",
menu => true,
}
}

51
puppet/cobbler/manifests/profile/ubuntu_1204_x86_64.pp
View File

@ -1,51 +0,0 @@
#
# This class is intended to make cobbler profile ubuntu_1204_x86_64.
#
# [distro] The name of cobbler distro to bind profile to.
#
# [ks_system_timezone] System timezone on installed system.
#
# [ks_encrypted_root_password] Hash of the root password on installed system.
class cobbler::profile::ubuntu_1204_x86_64(
$distro = "ubuntu_1204_x86_64",
$ks_repo = [
{
"name" => "Puppet",
"url" => "http://apt.puppetlabs.com/",
"key" => "http://apt.puppetlabs.com/pubkey.gpg",
"release" => "precise",
"repos" => "main dependencies",
},
],
$ks_system_timezone = "America/Los_Angeles",
# default password is 'r00tme'
$ks_encrypted_root_password = "\$6\$tCD3X7ji\$1urw6qEMDkVxOkD33b4TpQAjRiCeDZx0jmgMhDYhfB9KuGfqO9OcMaKyUxnGGWslEDQ4HxTw7vcAMP85NxQe61",
$kopts = "priority=critical locale=en_US netcfg/choose_interface=auto auto=true",
){
case $operatingsystem {
/(?i)(ubuntu|debian|centos|redhat)$/: {
$ks_dir = "/var/lib/cobbler/kickstarts"
}
}
file { "${ks_dir}/ubuntu_1204_x86_64.preseed":
content => template("cobbler/preseed/ubuntu-1204.preseed.erb"),
owner => root,
group => root,
mode => 0644,
} ->
cobbler_profile { "ubuntu_1204_x86_64":
kickstart => "${ks_dir}/ubuntu_1204_x86_64.preseed",
kopts => $kopts,
distro => $distro,
ksmeta => "",
menu => true,
}
}

17
puppet/cobbler/manifests/selinux.pp
View File

@ -1,17 +0,0 @@
class cobbler::selinux {
if ($::selinux==false) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
exec { "cobbler_disable_selinux":
command => "setenforce 0",
onlyif => "getenforce | grep -q Enforcing",
}
exec { "cobbler_disable_selinux_permanent":
command => "sed -ie \"s/^SELINUX=enforcing/SELINUX=disabled/g\" /etc/selinux/config",
onlyif => "grep -q \"^SELINUX=enforcing\" /etc/selinux/config"
}
}
}

148
puppet/cobbler/manifests/server.pp
View File

@ -1,148 +0,0 @@
class cobbler::server {
include cobbler::packages
Exec {
path => '/usr/bin:/bin:/usr/sbin:/sbin'
}
case $operatingsystem {
/(?i)(centos|redhat)/ : {
$cobbler_service = "cobblerd"
$cobbler_web_service = "httpd"
$dnsmasq_service = "dnsmasq"
service { "xinetd":
enable => true,
ensure => running,
hasrestart => true,
require => Package[$cobbler::packages::cobbler_additional_packages],
}
file { "/etc/xinetd.conf":
content => template("cobbler/xinetd.conf.erb"),
owner => root,
group => root,
mode => 0600,
require => Package[$cobbler::packages::cobbler_additional_packages],
notify => Service["xinetd"],
}
}
/(?i)(debian|ubuntu)/ : {
$cobbler_service = "cobbler"
$cobbler_web_service = "apache2"
$dnsmasq_service = "dnsmasq"
$apache_ssl_module = "ssl"
}
}
Service[$cobbler_service] -> Exec["cobbler_sync"] -> Service[$dnsmasq_service]
service { $cobbler_service:
enable => true,
ensure => running,
hasrestart => true,
require => Package[$cobbler::packages::cobbler_package],
}
service { $dnsmasq_service:
enable => true,
ensure => running,
hasrestart => true,
require => Package[$cobbler::packages::dnsmasq_package],
subscribe => Exec["cobbler_sync"],
}
if $apache_ssl_module {
file { '/etc/apache2/mods-enabled/ssl.load':
ensure => link,
target => '/etc/apache2/mods-available/ssl.load',
} -> file { '/etc/apache2/mods-enabled/ssl.conf':
ensure => link,
target => '/etc/apache2/mods-available/ssl.conf',
} -> file { '/etc/apache2/sites-enabled/default-ssl':
ensure => link,
target => '/etc/apache2/sites-available/default-ssl',
before => Service[$cobbler_web_service],
notify => Service[$cobbler_web_service],
}
}
service { $cobbler_web_service:
enable => true,
ensure => running,
hasrestart => true,
require => Package[$cobbler::packages::cobbler_web_package],
}
exec { "cobbler_sync":
command => "cobbler sync",
refreshonly => true,
require => [
Package[$cobbler::packages::cobbler_package],
Package[$cobbler::packages::dnsmasq_package],],
subscribe => Service[$cobbler_service],
notify => Service[$dnsmasq_service],
tries => 20,
try_sleep => 3,
}
file { "/etc/cobbler/modules.conf":
content => template("cobbler/modules.conf.erb"),
owner => root,
group => root,
mode => 0644,
require => [Package[$cobbler::packages::cobbler_package],],
notify => [Service[$cobbler_service], Exec["cobbler_sync"],],
}
file { "/etc/cobbler/settings":
content => template("cobbler/settings.erb"),
owner => root,
group => root,
mode => 0644,
require => Package[$cobbler::packages::cobbler_package],
notify => [Service[$cobbler_service], Exec["cobbler_sync"],],
}
file { "/etc/cobbler/dnsmasq.template":
content => template("cobbler/dnsmasq.template.erb"),
owner => root,
group => root,
mode => 0644,
require => [
Package[$cobbler::packages::cobbler_package],
Package[$cobbler::packages::dnsmasq_package],],
notify => [
Service[$cobbler_service],
Exec["cobbler_sync"],
Service[$dnsmasq_service],],
}
file { "/etc/cobbler/pxe/pxedefault.template":
content => template("cobbler/pxedefault.template.erb"),
owner => root,
group => root,
mode => 0644,
require => Package[$cobbler::packages::cobbler_package],
notify => [Service[$cobbler_service], Exec["cobbler_sync"],],
}
file { "/etc/cobbler/pxe/pxelocal.template":
content => template("cobbler/pxelocal.template.erb"),
owner => root,
group => root,
mode => 0644,
require => Package[$cobbler::packages::cobbler_package],
notify => [Service[$cobbler_service], Exec["cobbler_sync"],],
}
exec { "/var/lib/tftpboot/chain.c32":
command => "cp /usr/share/syslinux/chain.c32 /var/lib/tftpboot/chain.c32",
unless => "test -e /var/lib/tftpboot/chain.c32",
require => [
Package[$cobbler::packages::cobbler_additional_packages],
Package[$cobbler::packages::cobbler_package],]
}
}

301
puppet/cobbler/manifests/server_old.pp
View File

@ -1,301 +0,0 @@
#
# This class is intended to serve as
# a way of deploying cobbler server.
#
# [server] IP address that will be used as address of cobbler server.
# It is needed to download kickstart files, call cobbler API and
# so on. Required.
#
# [domain_name] Domain name that will be used as default for
# installed nodes. Required.
# [name_server] DNS ip address to be used by installed nodes
# [next_server] IP address that will be used as PXE tftp server. Required.
#
# [dhcp_start_address] First address of dhcp range
# [dhcp_end_address] Last address of dhcp range
# [dhcp_netmask] Netmask of the network
# [dhcp_gateway] Gateway address for installed nodes
# [dhcp_interface] Interface where to bind dhcp and tftp services
#
# [cobbler_user] Cobbler web interface username
# [cobbler_password] Cobbler web interface password
#
# [pxetimeout] Pxelinux will wail this count of 1/10 seconds before
# use default pxe item. To disable it use 0. Required.
class cobbler::server(
$server = $ipaddress,
$domain_name = 'example.com',
$name_server = $ipaddress,
$next_server = $ipaddress,
$dhcp_start_address = '10.0.0.201',
$dhcp_end_address = '10.0.0.254',
$dhcp_netmask = '255.255.255.0',
$dhcp_gateway = $ipaddress,
$dhcp_interface = 'eth0',
$cobbler_user = 'cobbler',
$cobbler_password = 'cobbler',
$pxetimeout = '0'
) {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
case $operatingsystem {
/(?i)(centos|redhat)/: {
$cobbler_package = "cobbler"
$cobbler_web_package = "cobbler-web"
$dnsmasq_package = "dnsmasq"
$cobbler_service = "cobblerd"
$cobbler_web_service = "httpd"
$cobbler_additional_packages = ["xinetd", "tftp-server", "syslinux", "wget"]
}
/(?i)(debian|ubuntu)/: {
$cobbler_package = "cobbler"
$cobbler_web_package = "cobbler-web"
$dnsmasq_package = "dnsmasq"
$cobbler_service = "cobbler"
$cobbler_web_service = "apache2"
$cobbler_additional_packages = []
}
}
define cobbler_safe_package(){
if ! defined(Package[$name]){
@package { $name : }
}
}
cobbler_safe_package { $cobbler_additional_packages : }
Package<||>
package { $cobbler_package :
ensure => installed,
require => [
Package[$dnsmasq_package],
Package[$cobbler_additional_packages],
],
}
package { $cobbler_web_package :
ensure => installed
}
package { $dnsmasq_package:
ensure => installed
}
file { "/etc/init.d/dnsmasq":
content => template("cobbler/dnsmasq.init.erb"),
owner => root,
group => root,
mode => 0755,
require => Package[$dnsmasq_package],
notify => Service["dnsmasq"],
}
define access_to_cobbler_port($port, $protocol='tcp') {
$rule = "-p $protocol -m state --state NEW -m $protocol --dport $port -j ACCEPT"
exec { "access_to_cobbler_${protocol}_port: $port":
command => "iptables -t filter -I INPUT 1 $rule; \
/etc/init.d/iptables save",
unless => "iptables -t filter -S INPUT | grep -q \"^-A INPUT $rule\""
}
}
# OPERATING SYSTEM SPECIFIC ACTIONS
case $operatingsystem {
/(?i)(centos|redhat)/:{
# HERE IS AN UGLY WORKAROUND TO MAKE COBBLER ABLE TO START
# THERE IS AN ALTERNATIVE WAY TO ACHIEVE MAKE COBBLER STARTED
# yum install policycoreutils-python
# grep cobblerd /var/log/audit/audit.log | audit2allow -M cobblerpolicy
# semodule -i cobblerpolicy.pp
exec { "cobbler_disable_selinux":
command => "setenforce 0",
onlyif => "getenforce | grep -q Enforcing"
}
exec { "cobbler_disable_selinux_permanent":
command => "sed -ie \"s/^SELINUX=enforcing/SELINUX=disabled/g\" /etc/selinux/config",
onlyif => "grep -q \"^SELINUX=enforcing\" /etc/selinux/config"
}
# HERE IS IPTABLES RULES TO MAKE COBBLER AVAILABLE FROM OUTSIDE
# https://github.com/cobbler/cobbler/wiki/Using%20Cobbler%20Import
# SSH
access_to_cobbler_port { "ssh": port => '22' }
# DNS
access_to_cobbler_port { "dns_tcp": port => '53' }
access_to_cobbler_port { "dns_udp": port => '53', protocol => 'udp' }
# DHCP
access_to_cobbler_port { "dncp_67": port => '67', protocol => 'udp' }
access_to_cobbler_port { "dncp_68": port => '68', protocol => 'udp' }
# TFTP
access_to_cobbler_port { "tftp_tcp": port => '69' }
access_to_cobbler_port { "tftp_udp": port => '69', protocol => 'udp' }
# NTP
access_to_cobbler_port { "ntp_udp": port => '123', protocol => 'udp' }
# HTTP/HTTPS
access_to_cobbler_port { "http": port => '80' }
access_to_cobbler_port { "https": port => '443'}
# SYSLOG FOR COBBLER
access_to_cobbler_port { "syslog_tcp": port => '25150'}
# xmlrpc API
access_to_cobbler_port { "xmlrpc_api": port => '25151' }
service { "xinetd":
enable => true,
ensure => running,
hasrestart => true,
require => Package[$cobbler_additional_packages],
}
file { "/etc/xinetd.conf":
content => template("cobbler/xinetd.conf.erb"),
owner => root,
group => root,
mode => 0600,
require => Package[$cobbler_additional_packages],
notify => Service["xinetd"],
}
}
}
Service[$cobbler_service] -> Exec["cobbler_sync"] -> Service["dnsmasq"]
service { $cobbler_service:
enable => true,
ensure => running,
hasrestart => true,
require => Package[$cobbler_package],
}
service { "dnsmasq":
enable => true,
ensure => running,
hasrestart => true,
require => Package[$dnsmasq_package],
subscribe => Exec["cobbler_sync"],
}
service { $cobbler_web_service:
enable => true,
ensure => running,
hasrestart => true,
require => Package[$cobbler_web_package],
}
exec {"cobbler_sync":
command => "cobbler sync",
refreshonly => true,
returns => [0, 155],
require => [
Package[$cobbler_package],
Package[$dnsmasq_package],
],
notify => Service["dnsmasq"],
subscribe => Service[$cobbler_service],
}
file { "/etc/cobbler/modules.conf":
content => template("cobbler/modules.conf.erb"),
owner => root,
group => root,
mode => 0644,
require => [
Package[$cobbler_package],
],
notify => [
Service[$cobbler_service],
Exec["cobbler_sync"],
],
}
file {"/etc/cobbler/settings":
content => template("cobbler/settings.erb"),
owner => root,
group => root,
mode => 0644,
require => Package[$cobbler_package],
notify => [
Service[$cobbler_service],
Exec["cobbler_sync"],
],
}
file {"/etc/cobbler/dnsmasq.template":
content => template("cobbler/dnsmasq.template.erb"),
owner => root,
group => root,
mode => 0644,
require => [
Package[$cobbler_package],
Package[$dnsmasq_package],
],
notify => [
Service[$cobbler_service],
Exec["cobbler_sync"],
Service["dnsmasq"],
],
}
cobbler_digest_user {"cobbler":
password => $cobbler_password,
require => Package[$cobbler_package],
notify => Service[$cobbler_service],
}
file {"/etc/cobbler/pxe/pxedefault.template":
content => template("cobbler/pxedefault.template.erb"),
owner => root,
group => root,
mode => 0644,
require => Package[$cobbler_package],
notify => [
Service[$cobbler_service],
Exec["cobbler_sync"],
],
}
file {"/etc/cobbler/pxe/pxelocal.template":
content => template("cobbler/pxelocal.template.erb"),
owner => root,
group => root,
mode => 0644,
require => Package[$cobbler_package],
notify => [
Service[$cobbler_service],
Exec["cobbler_sync"],
],
}
exec { "/var/lib/tftpboot/chain.c32":
command => "cp /usr/share/syslinux/chain.c32 /var/lib/tftpboot/chain.c32",
unless => "test -e /var/lib/tftpboot/chain.c32",
require => [
Package[$cobbler_additional_packages],
Package[$cobbler_package],
]
}
define cobbler_snippet(){
file {"/var/lib/cobbler/snippets/${name}":
content => template("cobbler/snippets/${name}.erb"),
owner => root,
group => root,
mode => 0644,
require => Package[$cobbler::server::cobbler_package],
}
}
}

66
puppet/cobbler/manifests/snippets.pp
View File

@ -1,66 +0,0 @@
class cobbler::snippets {
define cobbler_snippet(){
file {"/var/lib/cobbler/snippets/${name}":
content => template("cobbler/snippets/${name}.erb"),
owner => root,
group => root,
mode => 0644,
require => Package[$cobbler::packages::cobbler_package],
notify => Exec["cobbler_sync"]
}
}
cobbler_snippet {"send2syslog": }
cobbler_snippet {"target_logs_to_master": }
cobbler_snippet {"kickstart_ntp": }
cobbler_snippet {"ntp_to_masternode": }
cobbler_snippet {"dhclient_ignore_routers_opt": }
cobbler_snippet {"authorized_keys": }
cobbler_snippet {"pre_install_network_config": }
cobbler_snippet {"pre_install_partition": }
cobbler_snippet {"pre_install_partition_lvm": }
cobbler_snippet {"nailgun_repo": }
cobbler_snippet {"ssh_disable_gssapi": }
cobbler_snippet {"sshd_auth_pubkey_only": }
cobbler_snippet {"disable_pxe":}
cobbler_snippet {"post_part_compute":}
cobbler_snippet {"post_part_controller":}
cobbler_snippet {"post_part_storage":}
cobbler_snippet {"post_install_network_config_fuel":}
cobbler_snippet {"puppet_register_if_enabled_fuel":}
cobbler_snippet {"url_proxy":}
cobbler_snippet {"puppet_install_if_enabled":}
cobbler_snippet {"puppet_conf":}
cobbler_snippet {"puppet_register_if_enabled":}
cobbler_snippet {'ntp_register_if_enabled':}
cobbler_snippet {"mcollective_install_if_enabled":}
cobbler_snippet {"mcollective_conf":}
cobbler_snippet {"post_install_network_config":}
cobbler_snippet {"cinder_create_lvm_group":}
cobbler_snippet {"cinder_create_lvm_group__ubuntu":}
cobbler_snippet {"ubuntu_disable_pxe":}
cobbler_snippet {"ubuntu_packages":}
cobbler_snippet {"ubuntu_puppet_config":}
cobbler_snippet {"ubuntu_mcollective_config":}
cobbler_snippet {"ubuntu_network":}
case $operatingsystem {
/(?i)(debian|ubuntu)/: {
file { "/usr/bin/late_command.py" :
content => template("cobbler/scripts/late_command.py"),
owner => root,
group => root,
mode => 0644,
}
}
/(?i)(centos|redhat)/: {
file { "/usr/lib/python2.6/site-packages/cobbler/late_command.py" :
content => template("cobbler/scripts/late_command.py"),
owner => root,
group => root,
mode => 0644,
}
}
}
}

86
puppet/cobbler/templates/dnsmasq.init.erb
View File

@ -1,86 +0,0 @@
#!/bin/sh
#
# Startup script for the DNS caching server
#
# chkconfig: - 49 50
# description: This script starts your DNS caching server
# processname: dnsmasq
# pidfile: /var/run/dnsmasq.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "${NETWORKING}" = "no" ] && exit 0
dnsmasq=/usr/sbin/dnsmasq
[ -f $dnsmasq ] || exit 0
DOMAIN_SUFFIX=`dnsdomainname`
# if [ ! -z "${DOMAIN_SUFFIX}" ]; then
# OPTIONS="-s $DOMAIN_SUFFIX"
# fi
OPTIONS=""
RETVAL=0
# See how we were called.
case "$1" in
start)
if [ $UID -ne 0 ] ; then
echo "User has insufficient privilege."
exit 4
fi
echo -n "Starting dnsmasq: "
daemon $dnsmasq $OPTIONS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/dnsmasq
;;
stop)
if test "x`pidof dnsmasq`" != x; then
echo -n "Shutting down dnsmasq: "
killproc dnsmasq
fi
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/dnsmasq /var/run/dnsmasq.pid
;;
status)
status dnsmasq
RETVAL=$?
;;
reload)
echo -n "Reloading dnsmasq: "
killproc dnsmasq -HUP
RETVAL=$?
echo
;;
force-reload)
# new configuration takes effect only after restart
$0 stop
$0 start
RETVAL=$?
;;
restart)
$0 stop
$0 start
RETVAL=$?
;;
condrestart)
if test "x`/sbin/pidof dnsmasq`" != x; then
$0 stop
$0 start
RETVAL=$?
fi
;;
*)
echo "Usage: $0 {start|stop|restart|reload|condrestart|status}"
exit 2
esac
exit $RETVAL

31
puppet/cobbler/templates/dnsmasq.template.erb
View File

@ -1,31 +0,0 @@
# Cobbler generated configuration file for dnsmasq
# $date
#
read-ethers
log-dhcp
log-queries
log-facility=LOCAL0
addn-hosts = /var/lib/cobbler/cobbler_hosts
domain=<%= @domain_name %>
dhcp-lease-max=1000
server=/<%= @domain_name %>/
resolv-file=/etc/dnsmasq.upstream
dhcp-match=gpxe,175
interface=<%= @dhcp_interface %>
# This is one of the key options. dnsmasq tries to move out servername
# and PXE filename from special fields into DHCP options.
# Some old clients can't understand those DHCP options, so they
# will not be able to boot via PXE without this option enabled.
# For example gPXE will not work while iPXE works fine.
dhcp-no-override
dhcp-option=6,<%= @name_server %>
dhcp-range=internal,<%= @dhcp_start_address %>,<%= @dhcp_end_address %>,<%= @dhcp_netmask %>
dhcp-option=net:internal,option:router,<%= @dhcp_gateway %>
pxe-service=net:#gpxe,x86PC,"Install",pxelinux,<%= @next_server %>
dhcp-boot=net:internal,pxelinux.0,boothost,<%= @next_server %>
$insert_cobbler_system_definitions

217
puppet/cobbler/templates/kickstart/centos.ks.erb
View File

@ -1,217 +0,0 @@
# WHAT TO DO (install fresh system rather than upgrade)
install
# INSTALLATION SOURCE (centos repository)
url --url=$tree
# ALTERNATIVE REPOSITORIES
<% ks_repo.each do |repo| %>
repo --name=<%= repo['name'] %> --baseurl=<%= repo['url'] %>
<% end %>
# KEYBOARD AND LANGUAGE CUSTOMIZATION
lang en_US.UTF-8
keyboard us
# WHICH TIMEZONE TO USE ON INSTALLED SYSTEM
timezone --utc <%= ks_system_timezone %>
# REBOOT AFTER INSTALLATION
reboot
firewall --disable
# SET ROOT PASSWORD DEFAULT IS r00tme
rootpw --iscrypted <%= ks_encrypted_root_password %>
# AUTHENTICATION CUSTOMIZATION
authconfig --enableshadow --passalgo=sha512
# DISABLE SELINUX ON INSTALLED SYSTEM
selinux --disabled
# INSTALL IN TEXT MODE
text
# SKIP CONFIGURING X
skipx
# BOOTLOADER CUSTOMIZATION
# INSTALL BOOTLOADER INTO MASTER BOOT RECORD
# --location=mbr
# WHICH ORDER OF DRIVES TO USE DURING TRYING TO INSTALL BOOTLOADER
# --driveorder=sda,hda
# APPEND STRING TO KERNEL BOOT COMMAND
# --append=""
%include /tmp/bootloader.ks
# PARTITIONING
# CLEAN ANY INVALID PARTITION TABLE
zerombr
# REMOVE ALL PARTITIONS BEFORE CREATING NEW ONES
clearpart --all --initlabel
# AUTOMATICALLY CREATE / AND swap PARTITIONS
%include /tmp/partition.ks
# COBBLER EMBEDDED SNIPPET: 'network_config'
# CONFIGURES NETWORK INTERFACES DEPENDING ON
# COBBLER SYSTEM PARAMETERS
$SNIPPET('network_config')
# PREINSTALL SECTION
# HERE ARE COMMANDS THAT WILL BE LAUNCHED BEFORE
# INSTALLATION PROCESS ITSELF
%pre
# COBBLER EMBEDDED SNIPPET: 'log_ks_pre'
# CONFIGURES %pre LOGGING
$SNIPPET('log_ks_pre')
# DOWNLOADS send2syslog.py AND LAUNCHES IT
# IN ORDER TO MONITOR LOG FILES AND SEND
# LINES FROM THOSE FILES TO SYSLOG
$SNIPPET('send2syslog')
# SNIPPET: 'kickstart_ntp'
# SYNC LOCAL TIME VIA NTP
$SNIPPET('kickstart_ntp')
# COBBLER EMBEDDED SNIPPET: 'kickstart_start'
# LAUNCHES %pre TRIGGERS IF THOSE INSTALLED
$SNIPPET('kickstart_start')
# COBBLER EMBEDDED SNIPPET: 'pre_install_network_config'
# PRECONFIGURES NETWORK INTERFACES DEPENDING ON
# COBBLER SYSTEM PARAMETERS
# IN PARTICULAR IT WRITES KICKSTART NETWORK CONFIGURATION
# INTO /tmp/pre_install_network_config WHICH IS INCLUDED
# INTO KICKSTART BY 'network_config' SNIPPET
$SNIPPET('pre_install_network_config')
# COBBLER EMBEDDED SNIPPET: 'pre_install_partition'
# DETECTS HARD DRIVES AND SETS FIRST OF THEM
# AS INSTALLATION TARGET AND BOOTLOADER INSTALLATION TARGET
$SNIPPET('pre_install_partition_lvm')
# PACKAGES SECTION
# HERE ARE LIST OF PACKAGES THAT WILL BE INSTALLED
# FIXME --ignoremissing
%packages --nobase --ignoremissing
@Core
authconfig
bind-utils
cronie
crontabs
curl
gcc
make
mlocate
nailgun-agent
nailgun-mcagents
nailgun-net-check
ntp
openssh
openssh-clients
openssh-server
ruby-augeas
ruby-devel
system-config-firewall-base
wget
yum
# COBBLER EMBEDDED SNIPPET: 'puppet_install_if_enabled'
# LISTS puppet PACKAGE IF puppet_auto_setup VARIABLE IS SET TO 1
$SNIPPET('puppet_install_if_enabled')
# COBBLER EMBEDDED SNIPPET: 'mcollective_install_if_enabled'
# LISTS mcollective PACKAGE IF mco_auto_setup VARIABLE IS SET TO 1
$SNIPPET('mcollective_install_if_enabled')
# POSTINSTALL SECTION
# HERE ARE COMMANDS THAT WILL BE LAUNCHED JUST AFTER
# INSTALLATION ITSELF COMPLETED
%post
gem install httpclient --version 2.2.5 --source <%= gem_source %> --no-ri --no-rdoc
gem install json --version 1.6.1 --source <%= gem_source %> --no-ri --no-rdoc
gem install ohai --version 6.14.0 --source <%= gem_source %> --no-ri --no-rdoc
gem install rethtool --version 0.0.3 --source <%= gem_source %> --no-ri --no-rdoc
mkdir -p /etc/nailgun-agent/
cat > /etc/nailgun-agent/config.yaml << EOA
---
url: '<%= scope.lookupvar('nailgun::nailgun_api_url') %>'
EOA
# COBBLER EMBEDDED SNIPPET: 'log_ks_post'
# CONFIGURES %post LOGGING
$SNIPPET('log_ks_post')
# COBBLER EMBEDDED SNIPPET: 'post_install_kernel_options'
# CONFIGURES KERNEL PARAMETERS ON INSTALLED SYSTEM
$SNIPPET('post_install_kernel_options')
# COBBLER EMBEDDED SNIPPET: 'post_install_network_config'
# CONFIGURES NETWORK INTERFACES DEPENDING ON
# COBBLER SYSTEM PARAMETERS
$SNIPPET('post_install_network_config_fuel')
# COBBLER EMBEDDED SNIPPET: 'puppet_conf'
# CONFIGURES PUPPET AGENT
$SNIPPET('puppet_conf')
# COBBLER EMBEDDED SNIPPET: 'puppet_register_if_enabled'
# CREATES CERTIFICATE REQUEST AND SENDS IT TO PUPPET MASTER
$SNIPPET('puppet_register_if_enabled_fuel')
# COBBLER EMBEDDED SNIPPET: 'mcollective_conf'
# CONFIGURES MCOLLECTIVE AGENT
$SNIPPET('mcollective_conf')
# SNIPPET: 'ntp_to_masternode'
# CONFIGURES NTPD POOL TO MASTER NODE
$SNIPPET('ntp_to_masternode')
# Let's not to use separate snippet for just one line of code. Complexity eats my time.
echo 'flock -w 0 -o /var/lock/agent.lock -c "/opt/nailgun/bin/agent >> /var/log/nailgun-agent.log 2>&1"' >> /etc/rc.local
# It is for the internal nailgun using
echo target > /etc/nailgun_systemtype
# COBBLER EMBEDDED SNIPPET: 'authorized_keys'
# PUTS authorized_keys file into /root/.ssh/authorized_keys
$SNIPPET('authorized_keys')
# COBBLER EMBEDDED SNIPPET: 'nailgun_repo'
# REMOVES ALL *.repo FILES FROM /etc/yum.repos.d AND
# CREATES /etc/yum.repos.d/nailgun.repo FILE AND
# PUTS IN IT ALL THE REPOSITORIES DEFINED IN ks_repo VARIABLE
$SNIPPET('nailgun_repo')
# COBBLER EMBEDDED SNIPPET: 'ssh_disable_gssapi'
# REMOVES "GSSAPICleanupCredentials yes" AND "GSSAPIAuthentication yes" LINES
# FROM /etc/ssh/sshd_config
$SNIPPET('ssh_disable_gssapi')
# Let's not wait forewer when ssh'ing:
sed -i --follow-symlinks -e '/UseDNS/d' /etc/ssh/sshd_config
echo 'UseDNS no' >> /etc/ssh/sshd_config
# COBBLER EMBEDDED SNIPPET: 'sshd_auth_pubkey_only'
# DISABLE PASSWORD AUTH. ALLOW PUBKEY AUTH ONLY IN /etc/ssh/sshd_config
$SNIPPET('sshd_auth_pubkey_only')
# Copying default bash settings to the root directory
cp -f /etc/skel/.bash* /root/
# Rsyslogd should send all messages to master node
$SNIPPET('target_logs_to_master')
# Dhclient should ignore option 'routers' on all interfaces.
$SNIPPET('dhclient_ignore_routers_opt')
# COBBLER EMBEDDED SNIPPET: 'kickstart_done'
# DISABLES PXE BOOTING
$SNIPPET('kickstart_done')
%end

145
puppet/cobbler/templates/kickstart/centos_old.ks.erb
View File

@ -1,145 +0,0 @@
# WHAT TO DO (install fresh system rather than upgrade)
install
# INSTALLATION SOURCE (centos repository)
url --url=$tree
# ALTERNATIVE REPOSITORIES
<% ks_repo.each do |repo| %>
repo --name=<%= repo['name'] %> --baseurl=<%= repo['url'] %>
<% end %>
# KEYBOARD AND LANGUAGE CUSTOMIZATION
lang en_US.UTF-8
keyboard us
# WHICH TIMEZONE TO USE ON INSTALLED SYSTEM
timezone --utc <%= ks_system_timezone %>
# REBOOT AFTER INSTALLATION
reboot
network --onboot yes --device eth0 --bootproto=dhcp
firewall --disable
# SET ROOT PASSWORD DEFAULT IS r00tme
rootpw --iscrypted <%= ks_encrypted_root_password %>
# AUTHENTICATION CUSTOMIZATION
authconfig --enableshadow --passalgo=sha512
# DISABLE SELINUX ON INSTALLED SYSTEM
selinux --disabled
# INSTALL IN TEXT MODE
text
# SKIP CONFIGURING X
skipx
# BOOTLOADER CUSTOMIZATION
# INSTALL BOOTLOADER INTO MASTER BOOT RECORD
# --location=mbr
# WHICH ORDER OF DRIVES TO USE DURING TRYING TO INSTALL BOOTLOADER
# --driveorder=sda,hda
# APPEND STRING TO KERNEL BOOT COMMAND
# --append=""
bootloader --location=mbr --driveorder=sda,hda --append=" crashkernel=auto"
# PARTITIONING
# CLEAN ANY INVALID PARTITION TABLE
zerombr
# REMOVE ALL PARTITIONS BEFORE CREATING NEW ONES
clearpart --all --initlabel
# AUTOMATICALLY CREATE / /boot AND swap PARTITIONS
autopart
# COBBLER EMBEDDED SNIPPET: 'network_config'
# CONFIGURES NETWORK INTERFACES DEPENDING ON
# COBBLER SYSTEM PARAMETERS
$SNIPPET('network_config')
# PREINSTALL SECTION
# HERE ARE COMMANDS THAT WILL BE LAUNCHED BEFORE
# INSTALLATION PROCESS ITSELF
%pre
# COBBLER EMBEDDED SNIPPET: 'log_ks_pre'
# CONFIGURES %pre LOGGING
$SNIPPET('log_ks_pre')
# COBBLER EMBEDDED SNIPPET: 'kickstart_start'
# LAUNCHES %pre TRIGGERS IF THOSE INSTALLED
$SNIPPET('kickstart_start')
# COBBLER EMBEDDED SNIPPET: 'pre_install_network_config'
# PRECONFIGURES NETWORK INTERFACES DEPENDING ON
# COBBLER SYSTEM PARAMETERS
# IN PARTICULAR IT WRITES KICKSTART NETWORK CONFIGURATION
# INTO /tmp/pre_install_network_config WHICH IS INCLUDED
# INTO KICKSTART BY 'network_config' SNIPPET
$SNIPPET('pre_install_network_config')
# PACKAGES SECTION
# HERE ARE LIST OF PACKAGES THAT WILL BE INSTALLED
# FIXME --ignoremissing
%packages --nobase --ignoremissing
yum
openssh-server
openssh
openssh-clients
curl
wget
crontabs
cronie
ruby-augeas
authconfig
system-config-firewall-base
policycoreutils
selinux-policy-targeted
# COBBLER EMBEDDED SNIPPET: 'puppet_install_if_enabled'
# LISTS puppet PACKAGE IF puppet_auto_setup VARIABLE IS SET TO 1
$SNIPPET('puppet_install_if_enabled')
# COBBLER EMBEDDED SNIPPET: 'mcollective_install_if_enabled'
# LISTS mcollective PACKAGE IF mcollective_auto_setup VARIABLE IS SET TO 1
$SNIPPET('mcollective_install_if_enabled')
# POSTINSTALL SECTION
# HERE ARE COMMANDS THAT WILL BE LAUNCHED JUST AFTER
# INSTALLATION ITSELF COMPLETED
%post
# COBBLER EMBEDDED SNIPPET: 'log_ks_post'
# CONFIGURES %post LOGGING
$SNIPPET('log_ks_post')
# COBBLER EMBEDDED SNIPPET: 'post_install_kernel_options'
# CONFIGURES KERNEL PARAMETERS ON INSTALLED SYSTEM
$SNIPPET('post_install_kernel_options')
# COBBLER EMBEDDED SNIPPET: 'post_install_network_config'
# CONFIGURES NETWORK INTERFACES DEPENDING ON
# COBBLER SYSTEM PARAMETERS
$SNIPPET('post_install_network_config_fuel')
# COBBLER EMBEDDED SNIPPET: 'puppet_conf'
# CONFIGURES PUPPET AGENT
$SNIPPET('puppet_conf')
# COBBLER EMBEDDED SNIPPET: 'puppet_register_if_enabled'
# CREATES CERTIFICATE REQUEST AND SENDS IT TO PUPPET MASTER
$SNIPPET('puppet_register_if_enabled_fuel')
# COBBLER EMBEDDED SNIPPET: 'mcollective_conf'
# CONFIGURES MCOLLECTIVE AGENT
$SNIPPET('mcollective_conf')
# COBBLER EMBEDDED SNIPPET: 'kickstart_done'
# DISABLES PXE BOOTING
$SNIPPET('kickstart_done')
%end

146
puppet/cobbler/templates/kickstart/rhel.ks.erb
View File

@ -1,146 +0,0 @@
# WHAT TO DO (install fresh system rather than upgrade)
install
# INSTALLATION SOURCE (rhel repository)
url --url=$tree
# ALTERNATIVE REPOSITORIES
<% ks_repo.each do |repo| %>
repo --name=<%= repo['name'] %> --baseurl=<%= repo['url'] %>
<% end %>
# KEYBOARD AND LANGUAGE CUSTOMIZATION
lang en_US.UTF-8
keyboard us
# WHICH TIMEZONE TO USE ON INSTALLED SYSTEM
timezone --utc <%= ks_system_timezone %>
# REBOOT AFTER INSTALLATION
reboot
network --onboot yes --device eth0 --bootproto=dhcp
firewall --disable
# SET ROOT PASSWORD DEFAULT IS r00tme
rootpw --iscrypted <%= ks_encrypted_root_password %>
# AUTHENTICATION CUSTOMIZATION
authconfig --enableshadow --passalgo=sha512
# DISABLE SELINUX ON INSTALLED SYSTEM
selinux --disabled
# INSTALL IN TEXT MODE
text
# SKIP CONFIGURING X
skipx
# BOOTLOADER CUSTOMIZATION
# INSTALL BOOTLOADER INTO MASTER BOOT RECORD
# --location=mbr
# WHICH ORDER OF DRIVES TO USE DURING TRYING TO INSTALL BOOTLOADER
# --driveorder=sda,hda
# APPEND STRING TO KERNEL BOOT COMMAND
# --append=""
bootloader --location=mbr --driveorder=sda,hda --append=" crashkernel=auto"
# PARTITIONING
# CLEAN ANY INVALID PARTITION TABLE
zerombr
# REMOVE ALL PARTITIONS BEFORE CREATING NEW ONES
clearpart --all --initlabel
# AUTOMATICALLY CREATE / /boot AND swap PARTITIONS
autopart
# COBBLER EMBEDDED SNIPPET: 'network_config'
# CONFIGURES NETWORK INTERFACES DEPENDING ON
# COBBLER SYSTEM PARAMETERS
$SNIPPET('network_config')
# PREINSTALL SECTION
# HERE ARE COMMANDS THAT WILL BE LAUNCHED BEFORE
# INSTALLATION PROCESS ITSELF
%pre
# COBBLER EMBEDDED SNIPPET: 'log_ks_pre'
# CONFIGURES %pre LOGGING
$SNIPPET('log_ks_pre')
# COBBLER EMBEDDED SNIPPET: 'kickstart_start'
# LAUNCHES %pre TRIGGERS IF THOSE INSTALLED
$SNIPPET('kickstart_start')
# COBBLER EMBEDDED SNIPPET: 'pre_install_network_config'
# PRECONFIGURES NETWORK INTERFACES DEPENDING ON
# COBBLER SYSTEM PARAMETERS
# IN PARTICULAR IT WRITES KICKSTART NETWORK CONFIGURATION
# INTO /tmp/pre_install_network_config WHICH IS INCLUDED
# INTO KICKSTART BY 'network_config' SNIPPET
$SNIPPET('pre_install_network_config')
# PACKAGES SECTION
# HERE ARE LIST OF PACKAGES THAT WILL BE INSTALLED
# FIXME --ignoremissing
%packages --nobase --ignoremissing
@Core
yum
openssh-server
openssh
openssh-clients
curl
wget
crontabs
cronie
ruby-augeas
# COBBLER EMBEDDED SNIPPET: 'puppet_install_if_enabled'
# LISTS puppet PACKAGE IF puppet_auto_setup VARIABLE IS SET TO 1
$SNIPPET('puppet_install_if_enabled')
# COBBLER EMBEDDED SNIPPET: 'mcollective_install_if_enabled'
# LISTS mcollective PACKAGE IF mcollective_auto_setup VARIABLE IS SET TO 1
$SNIPPET('mcollective_install_if_enabled')
# POSTINSTALL SECTION
# HERE ARE COMMANDS THAT WILL BE LAUNCHED JUST AFTER
# INSTALLATION ITSELF COMPLETED
%post
# COBBLER EMBEDDED SNIPPET: 'log_ks_post'
# CONFIGURES %post LOGGING
$SNIPPET('log_ks_post')
# COBBLER EMBEDDED SNIPPET: 'post_install_kernel_options'
# CONFIGURES KERNEL PARAMETERS ON INSTALLED SYSTEM
$SNIPPET('post_install_kernel_options')
# COBBLER EMBEDDED SNIPPET: 'post_install_network_config'
# CONFIGURES NETWORK INTERFACES DEPENDING ON
# COBBLER SYSTEM PARAMETERS
$SNIPPET('post_install_network_config_fuel')
# COBBLER EMBEDDED SNIPPET: 'puppet_conf'
# CONFIGURES PUPPET AGENT
$SNIPPET('puppet_conf')
# COBBLER EMBEDDED SNIPPET: 'puppet_register_if_enabled'
# CREATES CERTIFICATE REQUEST AND SENDS IT TO PUPPET MASTER
$SNIPPET('puppet_register_if_enabled_fuel')
# COBBLER EMBEDDED SNIPPET: 'mcollective_conf'
# CONFIGURES MCOLLECTIVE AGENT
$SNIPPET('mcollective_conf')
# COBBLER EMBEDDED SNIPPET: 'redhat_register'
# REGISTER AT REDHAT WITH ACTIVATION KEY
$SNIPPET('redhat_register')
# REGISTER AT REDHAT WITH lOGIN/PASSWORD
$SNIPPET('rhn_certificate_based_register')
# COBBLER EMBEDDED SNIPPET: 'kickstart_done'
# DISABLES PXE BOOTING
$SNIPPET('kickstart_done')

86
puppet/cobbler/templates/modules.conf.erb
View File

@ -1,86 +0,0 @@
# cobbler module configuration file
# =================================
# authentication:
# what users can log into the WebUI and Read-Write XMLRPC?
# choices:
# authn_denyall -- no one (default)
# authn_configfile -- use /etc/cobbler/users.digest (for basic setups)
# authn_passthru -- ask Apache to handle it (used for kerberos)
# authn_ldap -- authenticate against LDAP
# authn_spacewalk -- ask Spacewalk/Satellite (experimental)
# authn_testing -- username/password is always testing/testing (debug)
# (user supplied) -- you may write your own module
# WARNING: this is a security setting, do not choose an option blindly.
# for more information:
# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
# https://fedorahosted.org/cobbler/wiki/CobblerWithKerberos
# https://fedorahosted.org/cobbler/wiki/CobblerWithLdap
[authentication]
module = authn_configfile
# authorization:
# once a user has been cleared by the WebUI/XMLRPC, what can they do?
# choices:
# authz_allowall -- full access for all authneticated users (default)
# authz_ownership -- use users.conf, but add object ownership semantics
# (user supplied) -- you may write your own module
# WARNING: this is a security setting, do not choose an option blindly.
# If you want to further restrict cobbler with ACLs for various groups,
# pick authz_ownership. authz_allowall does not support ACLs. configfile
# does but does not support object ownership which is useful as an additional
# layer of control.
# for more information:
# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
# https://fedorahosted.org/cobbler/wiki/CustomizableAuthorization
# https://fedorahosted.org/cobbler/wiki/AuthorizationWithOwnership
# https://fedorahosted.org/cobbler/wiki/AclFeature
[authorization]
module = authz_allowall
# dns:
# chooses the DNS management engine if manage_dns is enabled
# in /etc/cobbler/settings, which is off by default.
# choices:
# manage_bind -- default, uses BIND/named
# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below
# NOTE: more configuration is still required in /etc/cobbler
# for more information:
# https://fedorahosted.org/cobbler/wiki/ManageDns
[dns]
module = manage_dnsmasq
# dhcp:
# chooses the DHCP management engine if manage_dhcp is enabled
# in /etc/cobbler/settings, which is off by default.
# choices:
# manage_isc -- default, uses ISC dhcpd
# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above
# NOTE: more configuration is still required in /etc/cobbler
# for more information:
# https://fedorahosted.org/cobbler/wiki/ManageDhcp
[dhcp]
module = manage_dnsmasq
# tftpd:
# chooses the TFTP management engine if manage_tftp is enabled
# in /etc/cobbler/settings, which is ON by default.
#
# choices:
# manage_in_tftpd -- default, uses the system's tftp server
# manage_tftpd_py -- uses cobbler's tftp server
#
# for more information:
# https://fedorahosted.org/cobbler/wiki/ManageTftp
[tftpd]
module = manage_in_tftpd
#--------------------------------------------------

184
puppet/cobbler/templates/preseed/ubuntu-1204.preseed.erb
View File

@ -1,184 +0,0 @@
d-i debian-installer/locale string en_US.UTF-8
d-i debian-installer/splash boolean false
d-i console-setup/ask_detect boolean false
d-i console-setup/layoutcode string us
d-i console-setup/variantcode string
# !!!! do not use netcfg/enable option because netcfg segfaults
# d-i netcfg/enable boolean false
d-i netcfg/choose_interface select auto
# by default we use dhcp but it is possible to set network
# configuration via kernel parameters
d-i netcfg/dhcp_timeout string 30
d-i netcfg/dhcp_failed note
d-i netcfg/dhcp_options select Configure network manually
# these lines must be added via system kopts
# d-i netcfg/get_hostname string nailgun
# d-i netcfg/get_domain string example.com
d-i hw-detect/load_firmware boolean true
d-i clock-setup/utc boolean true
d-i clock-setup/ntp boolean false
d-i time/zone string <%= @ks_system_timezone %>
d-i partman/early_command string debconf-set partman-auto/disk `list-devices disk | head -n1`
d-i partman-iscsi/mainmenu string finish
d-i partman-auto/method string lvm
d-i partman-md/device_remove_md boolean true
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-auto/choose_recipe select boot-lvm
d-i partman-auto/expert_recipe string \
boot-lvm :: \
256 400 1024 ext3 \
$primary{ } $bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext3 } \
mountpoint{ /boot } \
. \
500 500 -1 ext3 \
method{ lvm } \
$defaultignore{ } $primary{ } \
vg_name{ sysvol } \
. \
1024 10000 1000000000 ext4 \
$lvmok{ } \
in_vg{ sysvol } \
lv_name{ root } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
1024 500 300% linux-swap \
$lvmok{ } \
in_vg{ sysvol } \
lv_name{ swap } \
method{ swap } \
format{ } \
.
d-i partman/confirm_write_new_label boolean true
d-i partman-auto/confirm_nooverwrite boolean true
d-i partman/choose_partition select Finish partitioning and write changes to disk
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman/default_filesystem string ext4
d-i base-installer/kernel/image string linux-server
##########
# REPOS
##########
d-i mirror/protocol string http
d-i mirror/country string manual
d-i mirror/http/hostname string $tree_host
d-i mirror/http/directory string $tree_url
d-i mirror/http/proxy string $proxy
d-i mirror/suite string precise
# Suite to use for loading installer components (optional).
d-i mirror/udeb/suite string precise
# Components to use for loading installer components (optional).
d-i mirror/udeb/components multiselect main, restricted
d-i apt-setup/restricted boolean true
d-i apt-setup/universe boolean true
d-i apt-setup/use_mirror boolean true
<% i = 0 -%>
<% @ks_repo.each do |repo| -%>
<% break if i > 9 -%>
d-i apt-setup/local<%= i %>/repository string <%= repo['url'] %> <%= repo['release'] %> <%= repo['repos'] %>
d-i apt-setup/local<%= i %>/comment string <%= repo['name'] %>
<% if repo.has_key?('key') -%>
d-i apt-setup/local<%= i %>/key string <%= repo['key'] %>
<% end -%>
<% i += 1 -%>
<% end -%>
d-i debian-installer/allow_unauthenticated boolean true
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/modelcode string SKIP
##########
# USERS
##########
# Allow root login
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted password <%= @ks_encrypted_root_password %>
# Do not create plain user
d-i passwd/make-user boolean false
# d-i passwd/user-fullname string ubuntu
# d-i passwd/username string ubuntu
# d-i passwd/user-password password r00tme
# d-i passwd/user-password-again password r00tme
# d-i user-setup/allow-password-weak boolean true
# d-i user-setup/encrypt-home boolean false
# d-i passwd/user-uid string
# d-i passwd/user-default-groups string adm cdrom dialout lpadmin plugdev sambashare
############
# PACKAGES
############
tasksel tasksel/first multiselect standard
debconf debconf/frontend select Noninteractive
# d-i pkgsel/include string openssh-server debconf-utils
$SNIPPET('ubuntu_packages')
d-i pkgsel/language-packs multiselect en
d-i pkgsel/update-policy select none
d-i pkgsel/upgrade select none
d-i pkgsel/updatedb boolean true
##############
# BOOTLOADERS
##############
d-i grub-installer/skip boolean false
d-i lilo-installer/skip boolean false
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i finish-install/keep-consoles boolean false
d-i finish-install/reboot_in_progress note
d-i cdrom-detect/eject boolean true
d-i debian-installer/exit/halt boolean false
d-i debian-installer/exit/poweroff boolean false
################
# LATE COMMANDS
################
# TODO:
# add puppet and mcollective configuration
# add network configuration
d-i preseed/late_command string true && \
$SNIPPET('ubuntu_disable_pxe') && \
$SNIPPET('ubuntu_network') && \
$SNIPPET('cinder_create_lvm_group__ubuntu') && \
$SNIPPET('ubuntu_puppet_config') && \
$SNIPPET('ubuntu_mcollective_config') && \
echo -e "nf_conntrack_ipv4\nnf_conntrack_ipv6" >> /target/etc/modules && \
echo -e "net.nf_conntrack_max=1048576" >> /target/etc/sysctl.conf && \
true

15
puppet/cobbler/templates/pxedefault.template.erb
View File

@ -1,15 +0,0 @@
DEFAULT menu
PROMPT 0
MENU TITLE Boot menu
TIMEOUT <%= @pxetimeout %>
TOTALTIMEOUT 0
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end

12
puppet/cobbler/templates/pxelocal.template.erb
View File

@ -1,12 +0,0 @@
DEFAULT local
PROMPT 0
TIMEOUT 0
TOTALTIMEOUT 0
ONTIMEOUT local
LABEL local
# 0x80 works in VirtualBox -1 is the default one
# LOCALBOOT 0x80
# LOCALBOOT -1
COM32 chain.c32
APPEND hd0

78
puppet/cobbler/templates/scripts/late_command.py
View File

@ -1,78 +0,0 @@
#!/usr/bin/python
#
# Copyright (C) 2011 Mirantis Inc.
#
# Authors: Vladimir Kozhukalov <vkozhukalov@mirantis.com>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from base64 import b64encode
from cStringIO import StringIO
from gzip import GzipFile
import commands, os
TEMPLATE_FILE = (
"sh -c 'filename=${1}; shift; echo ${0} | base64 --decode | "
"gunzip > ${filename} && chmod %(mode)s ${filename}' "
"%(content64)s %(destfile)s"
)
TEMPLATE_COMMAND = (
"sh -c 'echo ${0} | base64 --decode | gunzip | sh -' %(content64)s"
)
def base64_gzip(content):
"""
This method returns content gzipped and then base64 encoded
so such line can be inserted into preseed file
"""
gzipped = StringIO()
gzip_file = GzipFile(fileobj=gzipped, mode="wb", compresslevel=9)
gzip_file.write(content)
gzip_file.close()
return b64encode(gzipped.getvalue())
def get_content(source, source_method):
if source_method == 'file':
try:
f = open(source, 'r')
content = f.read()
f.close()
except:
return ""
else:
return content
return source
def get_content64(source, source_method):
return base64_gzip(get_content(source, source_method)).strip()
def late_file(source, destfile, source_method='file', mode='0644'):
return TEMPLATE_FILE % {
'mode': mode,
'content64': get_content64(source, source_method),
'destfile': destfile,
}
def late_command(source, source_method='file'):
return TEMPLATE_COMMAND % {
'content64': get_content64(source, source_method)
}

384
puppet/cobbler/templates/settings.erb
View File

@ -1,384 +0,0 @@
---
# cobbler settings file
# restart cobblerd and run "cobbler sync" after making changes
# This config file is in YAML 1.0 format
# see http://yaml.org
# ==========================================================
# if 1, cobbler will allow insertions of system records that duplicate
# the --dns-name information of other system records. In general,
# this is undesirable and should be left 0.
allow_duplicate_hostnames: 0
# if 1, cobbler will allow insertions of system records that duplicate
# the ip address information of other system records. In general,
# this is undesirable and should be left 0.
allow_duplicate_ips: 0
# if 1, cobbler will allow insertions of system records that duplicate
# the mac address information of other system records. In general,
# this is undesirable.
allow_duplicate_macs: 0
# by default, installs are *not* set to send installation logs to the cobbler
# # # server. With 'anamon_enabled', kickstart templates may use the pre_anamon
# # # snippet to allow remote live monitoring of their installations from the
# # # cobbler server. Installation logs will be stored under
# # # /var/log/cobbler/anamon/. NOTE: This does allow an xmlrpc call to send logs
# # # to this directory, without authentication, so enable only if you are
# # # ok with this limitation.
anamon_enabled: 0
# Email out a report when cobbler finishes installing a system.
# enabled: set to 1 to turn this feature on
# sender: optional
# email: which addresses to email
# smtp_server: used to specify another server for an MTA
# subject: use the default subject unless overridden
build_reporting_enabled: 0
build_reporting_sender: ""
build_reporting_email: [ 'root@localhost' ]
build_reporting_smtp_server: "localhost"
build_reporting_subject: ""
# Cheetah-language kickstart templates can import Python modules.
# while this is a useful feature, it is not safe to allow them to
# import anything they want. This whitelists which modules can be
# imported through Cheetah. Users can expand this as needed but
# should never allow modules such as subprocess or those that
# allow access to the filesystem as Cheetah templates are evaluated
# by cobblerd as code.
cheetah_import_whitelist:
- "random"
- "re"
- "time"
- "orchestra"
# Default createrepo_flags to use for new repositories. If you have
# createrepo >= 0.4.10, consider "-c cache --update -C", which can
# dramatically improve your "cobbler reposync" time. "-s sha"
# enables working with Fedora repos from F11/F12 from EL-4 or
# EL-5 without python-hashlib installed (which is not available
# on EL-4)
createrepo_flags: "-c cache -s sha"
# if no kickstart is specified to profile add, use this template
default_kickstart: /var/lib/cobbler/kickstarts/ubuntu-server.preseed
# configure all installed systems to use these nameservers by default
# unless defined differently in the profile. For DHCP configurations
# you probably do /not/ want to supply this.
default_name_servers: []
# if using the authz_ownership module (see the Wiki), objects
# created without specifying an owner are assigned to this
# owner and/or group. Can be a comma seperated list.
default_ownership:
- "admin"
# cobbler has various sample kickstart templates stored
# in /var/lib/cobbler/kickstarts/. This controls
# what install (root) password is set up for those
# systems that reference this variable. The factory
# default is "cobbler" and cobbler check will warn if
# this is not changed.
default_password_crypted: ""
# for libvirt based installs in koan, if no virt bridge
# is specified, which bridge do we try? For EL 4/5 hosts
# this should be xenbr0, for all versions of Fedora, try
# "virbr0". This can be overriden on a per-profile
# basis or at the koan command line though this saves
# typing to just set it here to the most common option.
default_virt_bridge: virbr0
# use this as the default disk size for virt guests (GB)
default_virt_file_size: 5
# use this as the default memory size for virt guests (MB)
default_virt_ram: 512
# if koan is invoked without --virt-type and no virt-type
# is set on the profile/system, what virtualization type
# should be assumed? Values: xenpv, xenfv, qemu, vmware
# (NOTE: this does not change what virt_type is chosen by import)
default_virt_type: qemu
# controls whether cobbler will add each new profile entry to the default
# PXE boot menu. This can be over-ridden on a per-profile
# basis when adding/editing profiles with --enable-menu=0/1. Users
# should ordinarily leave this setting enabled unless they are concerned
# with accidental reinstalls from users who select an entry at the PXE
# boot menu. Adding a password to the boot menus templates
# may also be a good solution to prevent unwanted reinstallations
enable_menu: 1
# enable Func-integration? This makes sure each installed machine is set up
# to use func out of the box, which is a powerful way to script and control
# remote machines.
# Func lives at http://fedorahosted.org/func
# read more at https://fedorahosted.org/cobbler/wiki/FuncIntegration
# you will need to mirror Fedora/EPEL packages for this feature, so see
# https://fedorahosted.org/cobbler/wiki/ManageYumRepos if you want cobbler
# to help you with this
func_auto_setup: 0
func_master: overlord.example.org
# change this port if Apache is not running plaintext on port
# 80. Most people can leave this alone.
http_port: 80
# kernel options that should be present in every cobbler installation.
# kernel options can also be applied at the distro/profile/system
# level.
kernel_options:
ksdevice: bootif
lang: ' '
text: ~
locale: en_US
priority: critical
# s390 systems require additional kernel options in addition to the
# above defaults
kernel_options_s390x:
RUNKS: 1
ramdisk_size: 40000
root: /dev/ram0
ro: ~
ip: off
vnc: ~
# configuration options if using the authn_ldap module. See the
# the Wiki for details. This can be ignored if you are not using
# LDAP for WebUI/XMLRPC authentication.
ldap_server: "ldap.example.com"
ldap_base_dn: "DC=example,DC=com"
ldap_port: 389
ldap_tls: 1
ldap_anonymous_bind: 1
ldap_search_bind_dn: ''
ldap_search_passwd: ''
ldap_search_prefix: 'uid='
# cobbler has a feature that allows for integration with config management
# systems such as Puppet. The following parameters work in conjunction with
# --mgmt-classes and are described in furhter detail at:
# https://fedorahosted.org/cobbler/wiki/UsingCobblerWithConfigManagementSystem
mgmt_classes: []
mgmt_parameters:
from_cobbler: 1
# if enabled, this setting ensures that puppet is installed during
# machine provision, a client certificate is generated and a
# certificate signing request is made with the puppet master server
puppet_auto_setup: 0
# when puppet starts on a system after installation it needs to have
# its certificate signed by the puppet master server. Enabling the
# following feature will ensure that the puppet server signs the
# certificate after installation if the puppet master server is
# running on the same machine as cobbler. This requires
# puppet_auto_setup above to be enabled
sign_puppet_certs_automatically: 0
# location of the puppet signing utility puppetca
puppetca_path: "/usr/sbin/puppetca"
# when a puppet managed machine is reinstalled it is necessary to
# remove the puppet certificate from the puppet master server before a
# new certificate is signed (see above). Enabling the following
# feature will ensure that the certificate for the machine to be
# installed is removed from the puppet master server if the puppet
# master server is running on the same machine as cobbler. This
# requires puppet_auto_setup above to be enabled
remove_old_puppet_certs_automatically: 0
# set to 1 to enable Cobbler's DHCP management features.
# the choice of DHCP management engine is in /etc/cobbler/modules.conf
manage_dhcp: 1
# set to 1 to enable Cobbler's DNS management features.
# the choice of DNS mangement engine is in /etc/cobbler/modules.conf
manage_dns: 1
# set to 1 to enable Cobbler's TFTP management features.
# the choice of TFTP mangement engine is in /etc/cobbler/modules.conf
manage_tftpd: 1
# set to 1 to enable Cobbler's RSYNC management features.
manage_rsync: 0
# if using BIND (named) for DNS management in /etc/cobbler/modules.conf
# and manage_dns is enabled (above), this lists which zones are managed
# See the Wiki (https://fedorahosted.org/cobbler/wiki/ManageDns) for more info
manage_forward_zones: []
manage_reverse_zones: []
# if using cobbler with manage_dhcp, put the IP address
# of the cobbler server here so that PXE booting guests can find it
# if you do not set this correctly, this will be manifested in TFTP open timeouts.
next_server: <%= @next_server %>
# settings for power management features. optional.
# see https://fedorahosted.org/cobbler/wiki/PowerManagement to learn more
# choices:
# bullpap wti apc apc_snmp ether-wake ipmilan
# drac ipmitool ilo rsa lpar bladecenter virsh
power_management_default_type: 'ether_wake'
# the commands used by the power management module are sourced
# from what directory?
power_template_dir: "/etc/cobbler/power"
# if this setting is set to 1, cobbler systems that pxe boot
# will request at the end of their installation to toggle the
# --netboot-enabled record in the cobbler system record. This eliminates
# the potential for a PXE boot loop if the system is set to PXE
# first in it's BIOS order. Enable this if PXE is first in your BIOS
# boot order, otherwise leave this disabled. See the manpage
# for --netboot-enabled.
pxe_just_once: 1
# the templates used for PXE config generation are sourced
# from what directory?
pxe_template_dir: "/etc/cobbler/pxe"
# Path to where system consoles are
consoles: "/var/consoles"
# Are you using a Red Hat management platform in addition to Cobbler?
# Cobbler can help you register to it. Choose one of the following:
# "off" : I'm not using Red Hat Network, Satellite, or Spacewalk
# "hosted" : I'm using Red Hat Network
# "site" : I'm using Red Hat Satellite Server or Spacewalk
# You will also want to read: https://fedorahosted.org/cobbler/wiki/TipsForRhn
redhat_management_type: "off"
# if redhat_management_type is enabled, choose your server
# "management.example.org" : For Satellite or Spacewalk
# "xmlrpc.rhn.redhat.com" : For Red Hat Network
# This setting is also used by the code that supports using Spacewalk/Satellite users/passwords
# within Cobbler Web and Cobbler XMLRPC. Using RHN Hosted for this is not supported.
# This feature can be used even if redhat_management_type is off, you just have
# to have authn_spacewalk selected in modules.conf
redhat_management_server: "xmlrpc.rhn.redhat.com"
# specify the default Red Hat authorization key to use to register
# system. If left blank, no registration will be attempted. Similarly
# you can set the --redhat-management-key to blank on any system to
# keep it from trying to register.
redhat_management_key: ""
# if using authn_spacewalk in modules.conf to let cobbler authenticate
# against Satellite/Spacewalk's auth system, by default it will not allow per user
# access into Cobbler Web and Cobbler XMLRPC.
# in order to permit this, the following setting must be enabled HOWEVER
# doing so will permit all Spacewalk/Satellite users of certain types to edit all
# of cobbler's configuration.
# these roles are: config_admin and org_admin
# users should turn this on only if they want this behavior and
# do not have a cross-multi-org seperation concern. If you have
# a single org in your satellite, it's probably safe to turn this
# on and then you can use CobblerWeb alongside a Satellite install.
redhat_management_permissive: 0
# if set to 1, allows /usr/bin/cobbler-register (part of the koan package)
# to be used to remotely add new cobbler system records to cobbler.
# this effectively allows for registration of new hardware from system
# records.
register_new_installs: 0
# Flags to use for yum's reposync. If your version of yum reposync
# does not support -l, you may need to remove that option.
reposync_flags: "-l -m -d"
# when DHCP and DNS management are enabled, cobbler sync can automatically
# restart those services to apply changes. The exception for this is
# if using ISC for DHCP, then omapi eliminates the need for a restart.
# omapi, however, is experimental and not recommended for most configurations.
# If DHCP and DNS are going to be managed, but hosted on a box that
# is not on this server, disable restarts here and write some other
# script to ensure that the config files get copied/rsynced to the destination
# box. This can be done by modifying the restart services trigger.
# Note that if manage_dhcp and manage_dns are disabled, the respective
# parameter will have no effect. Most users should not need to change
# this.
restart_dns: 1
restart_dhcp: 1
# install triggers are scripts in /var/lib/cobbler/triggers/install
# that are triggered in kickstart pre and post sections. Any
# executable script in those directories is run. They can be used
# to send email or perform other actions. They are currently
# run as root so if you do not need this functionality you can
# disable it, though this will also disable "cobbler status" which
# uses a logging trigger to audit install progress.
run_install_triggers: 1
# enables a trigger which version controls all changes to /var/lib/cobbler
# when add, edit, or sync events are performed. This can be used
# to revert to previous database versions, generate RSS feeds, or for
# other auditing or backup purposes. "git" and "hg" are currently suported,
# but git is the recommend SCM for use with this feature.
scm_track_enabled: 0
scm_track_mode: "git"
# this is the address of the cobbler server -- as it is used
# by systems during the install process, it must be the address
# or hostname of the system as those systems can see the server.
# if you have a server that appears differently to different subnets
# (dual homed, etc), you need to read the --server-override section
# of the manpage for how that works.
server: <%= @server %>
# this is a directory of files that cobbler uses to make
# templating easier. See the Wiki for more information. Changing
# this directory should not be required.
snippetsdir: /var/lib/cobbler/snippets
# Normally if a kickstart is specified at a remote location, this
# URL will be passed directly to the kickstarting system, thus bypassing
# the usual snippet templating Cobbler does for local kickstart files. If
# this option is enabled, Cobbler will fetch the file contents internally
# and serve a templated version of the file to the client.
template_remote_kickstarts: 0
# cobbler uses pxe booting by default, enable this option if you want to
# use gpxe
use_gpxe: 0
# should new profiles for virtual machines default to auto booting with the physical host when the physical host reboots?
# this can be overridden on each profile or system object.
virt_auto_boot: 1
# cobbler's web directory. Don't change this setting -- see the
# Wiki on "relocating your cobbler install" if your /var partition
# is not large enough.
webdir: /var/www/cobbler
# cobbler's public XMLRPC listens on this port. Change this only
# if absolutely needed, as you'll have to start supplying a new
# port option to koan if it is not the default.
xmlrpc_port: 25151
# "cobbler repo add" commands set cobbler up with repository
# information that can be used during kickstart and is automatically
# set up in the cobbler kickstart templates. By default, these
# are only available at install time. To make these repositories
# usable on installed systems (since cobbler makes a very convient)
# mirror, set this to 1. Most users can safely set this to 1. Users
# who have a dual homed cobbler server, or are installing laptops that
# will not always have access to the cobbler server may wish to leave
# this as 0. In that case, the cobbler mirrored yum repos are still
# accessable at http://cobbler.example.org/cblr/repo_mirror and yum
# configuration can still be done manually. This is just a shortcut.
yum_post_install_mirror: 1
# the default yum priority for all the distros. This is only used
# if yum-priorities plugin is used. 1=maximum. Tweak with caution.
yum_distro_priority: 1
# Flags to use for yumdownloader. Not all versions may support
# --resolve.
yumdownloader_flags: "--resolve"

9
puppet/cobbler/templates/snippets/authorized_keys.erb
View File

@ -1,9 +0,0 @@
#set $authorized_keys = str(open("/etc/cobbler/authorized_keys", "r").read())
mkdir -p /root/.ssh
chown root:root /root/.ssh
chmod 700 /root/.ssh
cat > /root/.ssh/authorized_keys <<EOF
$authorized_keys
$auth_key
EOF
chown root:root /root/.ssh/authorized_keys

11
puppet/cobbler/templates/snippets/cinder_create_lvm_group.erb
View File

@ -1,11 +0,0 @@
#set $vgname = $getVar("cinder_vgname", "cinder-volumes")
#set $bds = $getVar("cinder_bd_for_vg", "")
#if $bds
#set $devs = ""
#for $bd in $bds.split(",")
dd if=/dev/zero bs=8192 count=1 of=$bd
echo ";" | sfdisk -f -q -L $bd && sfdisk -R $bd && sleep 1 && pvcreate ${bd}1
#set $devs += "%s1 " % $bd
#end for
vgcreate $vgname $devs
#end if

2
puppet/cobbler/templates/snippets/cinder_create_lvm_group__ubuntu.erb
View File

@ -1,2 +0,0 @@
#import late_command
in-target $late_command.late_command($SNIPPET('cinder_create_lvm_group'), source_method="content") \

13
puppet/cobbler/templates/snippets/dhclient_ignore_routers_opt.erb
View File

@ -1,13 +0,0 @@
# Force dhclient to ingnore 'routers' option on all interfaces.
mkdir -p /etc/dhcp
echo "supersede routers 0;" > /etc/dhcp/dhclient.conf
if (grep -q "^\s*DHCLIENTARGS" /etc/sysconfig/network); then
sed -i 's#^\s*DHCLIENTARGS.*#DHCLIENTARGS="-cf /etc/dhcp/dhclient.conf"#' /etc/sysconfig/network
else
echo 'DHCLIENTARGS="-cf /etc/dhcp/dhclient.conf"' >> /etc/sysconfig/network
fi
# Anaconda leave behind dhclient settings for particular interfaces which conflicts
# with our global settings we create in /etc/dhcp/dhclient.conf.
# The easy way to handle this is to delete Anaconda artifacts:
rm -f /etc/dhcp/dhclient-eth*.conf

1
puppet/cobbler/templates/snippets/disable_pxe.erb
View File

@ -1 +0,0 @@
wget "http://$http_server:$http_port/cblr/svc/op/nopxe/system/$system_name" -O /dev/null

1
puppet/cobbler/templates/snippets/kickstart_ntp.erb
View File

@ -1 +0,0 @@
ntpdate -t 4 -b $server

58
puppet/cobbler/templates/snippets/mcollective_conf.erb
View File

@ -1,58 +0,0 @@
#if $str($getVar('mco_auto_setup','')) == "1"
mkdir -p /etc/mcollective
cat <<EOCONF > /etc/mcollective/server.cfg
main_collective = mcollective
collectives = mcollective
libdir = /usr/libexec/mcollective
logfile = /var/log/mcollective.log
loglevel = debug
daemonize = 0
direct_addressing = 1
# Set huge value of ttl to avoid cases with unsyncronized time between nodes
# bash$ date -d '2033-5-18 3:33:20 UTC' +%s
# 2000000000
# It means that ttl equals 63 years and a half.
ttl = 2000000000
# Plugins
securityprovider = psk
plugin.psk = $mco_pskey
#if $str($getVar('mco_connector', 'stomp')) == "stomp"
connector = stomp
plugin.stomp.host = $mco_host
plugin.stomp.port = $mco_port
plugin.stomp.user = $mco_user
plugin.stomp.password = $mco_password
#else
connector = rabbitmq
plugin.rabbitmq.vhost = $mco_vhost
plugin.rabbitmq.pool.size = 1
plugin.rabbitmq.pool.1.host = $mco_host
plugin.rabbitmq.pool.1.port = $mco_port
plugin.rabbitmq.pool.1.user = $mco_user
plugin.rabbitmq.pool.1.password = $mco_password
#end if
# Facts
factsource = yaml
plugin.yaml = /etc/mcollective/facts.yaml
EOCONF
#end if
cat <<EOCONF >> /etc/supervisord.conf
[program:mcollective]
command=/usr/sbin/mcollectived --config=/etc/mcollective/server.cfg
autostart=true
EOCONF
#if $str($getVar('mco_enable', '')) == "1"
## turn on mcollective service after reboot
## /sbin/chkconfig mcollective on
## service mcollective restart
/sbin/chkconfig mcollective off
/sbin/chkconfig supervisord on
#end if

357
puppet/cobbler/templates/snippets/mcollective_conf_oldfuel.erb
View File

@ -1,357 +0,0 @@
#if $str($getVar('mco_auto_setup','')) == "1"
mkdir -p /etc/mcollective
cat <<EOCONF > /etc/mcollective/server.cfg
main_collective = mcollective
collectives = mcollective
libdir = /usr/libexec/mcollective
logfile = /var/log/mcollective.log
loglevel = info
daemonize = 0
direct_addressing = 1
# Plugins
securityprovider = psk
plugin.psk = $mco_pskey
connector = rabbitmq
plugin.rabbitmq.vhost = mcollective
plugin.rabbitmq.pool.size = 1
plugin.rabbitmq.pool.1.host = $mco_stomphost
plugin.rabbitmq.pool.1.port = $mco_stompport
plugin.rabbitmq.pool.1.user = $mco_stompuser
plugin.rabbitmq.pool.1.password = $mco_stomppassword
# Facts
factsource = yaml
plugin.yaml = /etc/mcollective/facts.yaml
EOCONF
cat <<EOCONF >> /etc/supervisord.conf
[program:mcollective]
command=/usr/sbin/mcollectived --config=/etc/mcollective/server.cfg
autostart=true
EOCONF
cat <<EOCONF > /usr/libexec/mcollective/mcollective/agent/puppetd.ddl
metadata :name => "puppetd",
:description => "Run puppet agent, get its status, and enable/disable it",
:author => "R.I.Pienaar",
:license => "Apache License 2.0",
:version => "1.8",
:url => "https://github.com/puppetlabs/mcollective-plugins",
:timeout => 240
action "last_run_summary", :description => "Get a summary of the last puppet run" do
display :always
output :time,
:description => "Time per resource type",
:display_as => "Times"
output :resources,
:description => "Overall resource counts",
:display_as => "Resources"
output :changes,
:description => "Number of changes",
:display_as => "Changes"
output :events,
:description => "Number of events",
:display_as => "Events"
output :version,
:description => "Puppet and Catalog versions",
:display_as => "Versions"
end
action "enable", :description => "Enable puppet agent" do
output :output,
:description => "String indicating status",
:display_as => "Status"
end
action "disable", :description => "Disable puppet agent" do
output :output,
:description => "String indicating status",
:display_as => "Status"
end
action "runonce", :description => "Invoke a single puppet run" do
#input :forcerun,
# :prompt => "Force puppet run",
# :description => "Should the puppet run happen immediately?",
# :type => :string,
# :validation => '^.+$',
# :optional => true,
# :maxlength => 5
output :output,
:description => "Output from puppet agent",
:display_as => "Output"
end
action "status", :description => "Get puppet agent's status" do
display :always
output :status,
:description => "The status of the puppet agent: disabled, running, idling or stopped",
:display_as => "Status"
output :enabled,
:description => "Whether puppet agent is enabled",
:display_as => "Enabled"
output :running,
:description => "Whether puppet agent is running",
:display_as => "Running"
output :idling,
:description => "Whether puppet agent is idling",
:display_as => "Idling"
output :stopped,
:description => "Whether puppet agent is stopped",
:display_as => "Stopped"
output :lastrun,
:description => "When puppet agent last ran",
:display_as => "Last Run"
output :output,
:description => "String displaying agent status",
:display_as => "Status"
end
EOCONF
cat <<EOCONF > /usr/libexec/mcollective/mcollective/agent/puppetd.rb
module MCollective
module Agent
# An agent to manage the Puppet Daemon
#
# Configuration Options:
# puppetd.splaytime - Number of seconds within which to splay; no splay
# by default
# puppetd.statefile - Where to find the state.yaml file; defaults to
# /var/lib/puppet/state/state.yaml
# puppetd.lockfile - Where to find the lock file; defaults to
# /var/lib/puppet/state/puppetdlock
# puppetd.puppetd - Where to find the puppet agent binary; defaults to
# /usr/bin/puppet agent
# puppetd.summary - Where to find the summary file written by Puppet
# 2.6.8 and newer; defaults to
# /var/lib/puppet/state/last_run_summary.yaml
# puppetd.pidfile - Where to find puppet agent's pid file; defaults to
# /var/run/puppet/agent.pid
class Puppetd<RPC::Agent
def startup_hook
@splaytime = @config.pluginconf["puppetd.splaytime"].to_i || 0
@lockfile = @config.pluginconf["puppetd.lockfile"] || "/var/lib/puppet/state/puppetdlock"
@statefile = @config.pluginconf["puppetd.statefile"] || "/var/lib/puppet/state/state.yaml"
@pidfile = @config.pluginconf["puppet.pidfile"] || "/var/run/puppet/agent.pid"
@puppetd = @config.pluginconf["puppetd.puppetd"] || "/usr/bin/puppet agent"
@last_summary = @config.pluginconf["puppet.summary"] || "/var/lib/puppet/state/last_run_summary.yaml"
end
action "last_run_summary" do
last_run_summary
set_status
end
action "enable" do
enable
end
action "disable" do
disable
end
action "runonce" do
runonce
end
action "status" do
set_status
end
private
def last_run_summary
# wrap into begin..rescue: fixes PRD-252
begin
summary = YAML.load_file(@last_summary)
rescue
summary = {}
end
# It should be empty hash, if 'resources' key is not defined, because otherwise merge will fail with TypeError
summary["resources"] ||= {}
# Astute relies on last_run, so we must set last_run
summary["time"] ||= {}
summary["time"]["last_run"] ||= 0
# if 'failed' is not provided, it means something is wrong. So default value is 1.
reply[:resources] = {"failed"=>1, "changed"=>0, "total"=>0, "restarted"=>0, "out_of_sync"=>0}.merge(summary["resources"])
["time", "events", "changes", "version"].each do |dat|
reply[dat.to_sym] = summary[dat]
end
end
def set_status
reply[:status] = puppet_daemon_status
reply[:running] = reply[:status] == 'running' ? 1 : 0
reply[:enabled] = reply[:status] == 'disabled' ? 0 : 1
reply[:idling] = reply[:status] == 'idling' ? 1 : 0
reply[:stopped] = reply[:status] == 'stopped' ? 1 : 0
reply[:lastrun] = 0
reply[:lastrun] = File.stat(@statefile).mtime.to_i if File.exists?(@statefile)
reply[:runtime] = Time.now.to_i - reply[:lastrun]
reply[:output] = "Currently #{reply[:status]}; last completed run #{reply[:runtime]} seconds ago"
end
def rm_file file
begin
File.unlink(file)
return true
rescue
return false
end
end
def puppet_daemon_status
err_msg = ""
alive = false
if File.exists?(@pidfile)
pid = File.read(@pidfile)
begin
::Process.kill(0, Integer(pid)) # check that pid is alive
alive = true
rescue
err_msg << "Pidfile is present but process not running. Trying to remove pidfile..."
err_msg << (rm_file(@pidfile) ? "ok. " : "failed. ")
end
end
locked = File.exists?(@lockfile)
disabled = locked && File::Stat.new(@lockfile).zero?
if locked && !disabled && !alive
err_msg << "Process not running but not empty lockfile is present. Trying to remove lockfile..."
err_msg << (rm_file(@lockfile) ? "ok." : "failed.")
end
reply[:err_msg] = err_msg if err_msg.any?
if disabled
'disabled'
elsif alive && locked
'running'
elsif alive && !locked
'idling'
elsif !alive
'stopped'
end
end
def runonce
set_status
case (reply[:status])
when 'disabled' then # can't run
reply.fail "Empty Lock file exists; puppet agent is disabled."
when 'running' then # can't run two simultaniously
reply.fail "Lock file and PID file exist; puppet agent is running."
when 'idling' then # signal daemon
pid = File.read(@pidfile)
if pid !~ /^\d+$/
reply.fail "PID file does not contain a PID; got #{pid.inspect}"
else
begin
::Process.kill(0, Integer(pid)) # check that pid is alive
# REVISIT: Should we add an extra round of security here, and
# ensure that the PID file is securely owned, or that the target
# process looks like Puppet? Otherwise a malicious user could
# theoretically signal arbitrary processes with this...
begin
::Process.kill("USR1", Integer(pid))
reply[:output] = "Signalled daemonized puppet agent to run (process #{Integer(pid)}); " + (reply[:output] || '')
rescue Exception => e
reply.fail "Failed to signal the puppet agent daemon (process #{pid}): #{e}"
end
rescue Errno::ESRCH => e
# PID is invalid, run puppet onetime as usual
runonce_background
end
end
when 'stopped' then # just run
runonce_background
else
reply.fail "Unknown puppet agent status: #{reply[:status]}"
end
end
def runonce_background
cmd = [@puppetd, "--onetime", "--logdest", 'syslog']
unless request[:forcerun]
if @splaytime && @splaytime > 0
cmd << "--splaylimit" << @splaytime << "--splay"
end
end
cmd = cmd.join(" ")
output = reply[:output] || ''
run(cmd, :stdout => :output, :chomp => true)
reply[:output] = "Called #{cmd}, " + output + (reply[:output] || '')
end
def enable
if File.exists?(@lockfile)
stat = File::Stat.new(@lockfile)
if stat.zero?
File.unlink(@lockfile)
reply[:output] = "Lock removed"
else
reply[:output] = "Currently running; can't remove lock"
end
else
reply.fail "Already enabled"
end
end
def disable
if File.exists?(@lockfile)
stat = File::Stat.new(@lockfile)
stat.zero? ? reply.fail("Already disabled") : reply.fail("Currently running; can't remove lock")
else
begin
File.open(@lockfile, "w") { |file| }
reply[:output] = "Lock created"
rescue Exception => e
reply.fail "Could not create lock: #{e}"
end
end
end
end
end
end
# vi:tabstop=2:expandtab:ai:filetype=ruby
EOCONF
# turn off ttl check in mcollective
find / -name message.rb | grep mcollective | xargs sed -i 's/msg_age = Time.now.utc.to_i - msgtime/msg_age = 0 #Time.now.utc.to_i - msgtime/g'
#end if
#if $str($getVar('mco_enable', '')) == "1"
## turn on mcollective service after reboot
## /sbin/chkconfig mcollective on
## service mcollective restart
/sbin/chkconfig mcollective off
/sbin/chkconfig supervisord on
#end if

4
puppet/cobbler/templates/snippets/mcollective_install_if_enabled.erb
View File

@ -1,4 +0,0 @@
#if $str($getVar('mco_auto_setup','')) == "1"
supervisor
mcollective
#end if

9
puppet/cobbler/templates/snippets/nailgun_repo.erb
View File

@ -1,9 +0,0 @@
rm /etc/yum.repos.d/*.repo
cat > /etc/yum.repos.d/nailgun.repo << EOF
<% @ks_repo.each do |repo| %>
[<%= repo['id'] %>]
name=<%= repo['name'] %>
baseurl=<%= repo['url'] %>
gpgcheck=0
<% end %>
EOF

11
puppet/cobbler/templates/snippets/ntp_register_if_enabled.erb
View File

@ -1,11 +0,0 @@
#if $str($getVar('ntp_enable', '')) == "1"
## run one-time synchronization and turn ntp service on after reboot
#if $breed == "redhat"
/etc/init.d/ntpdate start
/sbin/chkconfig ntpd on
#elif $breed == "debian" or $breed == "ubuntu"
## we read list of ntp servers from config and sync with them untill first success
awk '$1=="peer"||$1=="server"{ res=system("ntpdate " $2); if(res==0) exit; }' /etc/ntp.conf
/usr/sbin/update-rc.d ntp defaults
#end if
#end if

13
puppet/cobbler/templates/snippets/ntp_to_masternode.erb
View File

@ -1,13 +0,0 @@
# Disable panic about huge clock offset
sed -i '/^\s*tinker panic/ d' /etc/ntp.conf
sed -i '1 i tinker panic 0' /etc/ntp.conf
echo 0 > /var/lib/ntp/drift
chown ntp: /var/lib/ntp/drift
# Point installed ntpd to Master node
sed -i '/^\s*server/ d' /etc/ntp.conf
echo "server $server burst iburst" >> /etc/ntp.conf
sed -i 's/SYNC_HWCLOCK\s*=\s*no/SYNC_HWCLOCK=yes/' /etc/sysconfig/ntpdate
chkconfig ntpd on
chkconfig ntpdate on

341
puppet/cobbler/templates/snippets/post_install_network_config.erb
View File

@ -1,341 +0,0 @@
# Start post_install_network_config generated code
#if $getVar("system_name","") != ""
## this is being provisioned by system records, not profile records
## so we can do the more complex stuff
## get the list of interface names
#set ikeys = $interfaces.keys()
#set osversion = $getVar("os_version","")
#import re
#set $vlanpattern = $re.compile("[a-zA-Z0-9]+[\.:][0-9]+")
## Determine if we should use the MAC address to configure the interfaces first
## Only physical interfaces are required to have a MAC address
## Also determine the number of bonding devices we have, so we can set the
## max-bonds option in modprobe.conf accordingly. -- jcapel
#set $configbymac = True
#set $numbondingdevs = 0
#set $enableipv6 = False
## =============================================================================
#for $iname in $ikeys
## look at the interface hash data for the specific interface
#set $idata = $interfaces[$iname]
## do not configure by mac address if we don't have one AND it's not for bonding/vlans
## as opposed to a "real" physical interface
#if $idata.get("mac_address", "") == "" and not $vlanpattern.match($iname) and not $idata.get("interface_type", "").lower() in ("master","bond","bridge"):
## we have to globally turn off the config by mac feature as we can't
## use it now
#set $configbymac = False
#end if
## count the number of bonding devices we have.
#if $idata.get("interface_type", "").lower() in ("master","bond")
#set $numbondingdevs += 1
#end if
## enable IPv6 networking if we set an ipv6 address or turn on autoconfiguration
#if $idata.get("ipv6_address", "") != "" or $ipv6_autoconfiguration == True
#set $enableipv6 = True
#end if
#end for
## end looping through the interfaces to see which ones we need to configure.
## =============================================================================
#set $i = 0
## setup bonding if we have to
#if $numbondingdevs > 0
# we have bonded interfaces, so set max_bonds
if [ -f "/etc/modprobe.conf" ]; then
echo "options bonding max_bonds=$numbondingdevs" >> /etc/modprobe.conf
fi
#end if
## =============================================================================
## create a staging directory to build out our network scripts into
## make sure we preserve the loopback device
# create a working directory for interface scripts
mkdir /etc/sysconfig/network-scripts/cobbler
cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/cobbler/
## =============================================================================
## configure the gateway if set up (this is global, not a per-interface setting)
#if $gateway != ""
# set the gateway in the network configuration file
grep -v GATEWAY /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "GATEWAY=$gateway" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#end if
## =============================================================================
## Configure the system's primary hostname. This is also passed to anaconda, but
## anaconda doesn't seem to honour it in DHCP-setups.
#if $hostname != ""
# set the hostname in the network configuration file
grep -v HOSTNAME /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "HOSTNAME=$hostname" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
# Also set the hostname now, some applications require it
# (e.g.: if we're connecting to Puppet before a reboot).
/bin/hostname $hostname
#end if
#if $enableipv6 == True
grep -v NETWORKING_IPV6 /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "NETWORKING_IPV6=yes" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#if $ipv6_autoconfiguration != ""
grep -v IPV6_AUTOCONF /etc/sysconfig/network > /etc/sysconfig/network.cobbler
#if $ipv6_autoconfiguration == True
echo "IPV6_AUTOCONF=yes" >> /etc/sysconfig/network.cobbler
#else
echo "IPV6_AUTOCONF=no" >> /etc/sysconfig/network.cobbler
#end if
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#end if
#if $ipv6_default_device != ""
grep -v IPV6_DEFAULTDEV /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "IPV6_DEFAULTDEV=$ipv6_default_device" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#end if
#end if
## =============================================================================
## now create the config file for each interface
#for $iname in $ikeys
# Start configuration for $iname
## create lots of variables to use later
#set $idata = $interfaces[$iname]
#set $mac = $idata.get("mac_address", "").upper()
#set $mtu = $idata.get("mtu", "")
#set $static = $idata.get("static", "")
#set $ip = $idata.get("ip_address", "")
#set $netmask = $idata.get("netmask", "")
#set $static_routes = $idata.get("static_routes", "")
#set $iface_type = $idata.get("interface_type", "").lower()
#set $iface_master = $idata.get("interface_master", "")
#set $bonding_opts = $idata.get("bonding_opts", "")
#set $bridge_opts = $idata.get("bridge_opts", "").split(" ")
#set $ipv6_address = $idata.get("ipv6_address", "")
#set $ipv6_secondaries = $idata.get("ipv6_secondaries", "")
#set $ipv6_mtu = $idata.get("ipv6_mtu", "")
#set $ipv6_default_gateway = $idata.get("ipv6_default_gateway", "")
#set $ipv6_static_routes = $idata.get("ipv6_static_routes", "")
#set $devfile = "/etc/sysconfig/network-scripts/cobbler/ifcfg-" + $iname
#set $routesfile = "/etc/sysconfig/network-scripts/cobbler/route-" + $iname
#set $ipv6_routesfile = "/etc/sysconfig/network-scripts/cobbler/route6-" + $iname
## determine if this interface is for a VLAN
#if $vlanpattern.match($iname)
#set $is_vlan = "true"
#else
#set $is_vlan = "false"
#end if
## ===================================================================
## Things every interface get, no matter what
## ===================================================================
echo "DEVICE=$iname" > $devfile
#for $mgmt_param in $mgmt_parameters
#set $interface_extra_param_pattern = $re.compile("interface_extra_%s_.+" % $iname)
#if $interface_extra_param_pattern.match($mgmt_param)
#set $interface_extra = $re.split("interface_extra_%s_" % $iname, $mgmt_param)[1]
echo "$interface_extra.upper()=$mgmt_parameters.get($mgmt_param)" >> $devfile
#end if
#end for
echo "ONBOOT=yes" >> $devfile
#if $mac != "" and $iface_type not in ("master","bond","bridge")
## virtual interfaces don't get MACs
echo "HWADDR=$mac" >> $devfile
IFNAME=\$(ifconfig -a | grep -i '$mac' | cut -d ' ' -f 1)
## Rename this interface in modprobe.conf
## FIXME: if both interfaces startwith eth this is wrong
if [ -f "/etc/modprobe.conf" ] && [ \$IFNAME ]; then
grep \$IFNAME /etc/modprobe.conf | sed "s/\$IFNAME/$iname/" >> /etc/modprobe.conf.cobbler
grep -v \$IFNAME /etc/modprobe.conf >> /etc/modprobe.conf.new
rm -f /etc/modprobe.conf
mv /etc/modprobe.conf.new /etc/modprobe.conf
fi
#end if
## ===================================================================
## Actions based on interface_type
## ===================================================================
#if $iface_type in ("master","bond")
## if this is a bonded interface, configure it in modprobe.conf
#if $osversion == "rhel4"
if [ -f "/etc/modprobe.conf" ]; then
echo "install $iname /sbin/modprobe bonding -o $iname $bonding_opts" >> /etc/modprobe.conf.cobbler
fi
#else
## Add required entry to modprobe.conf
if [ -f "/etc/modprobe.conf" ]; then
echo "alias $iname bonding" >> /etc/modprobe.conf.cobbler
fi
#end if
#if $bonding_opts != ""
cat >> $devfile << EOF
BONDING_OPTS="$bonding_opts"
EOF
#end if
#elif $iface_type in ("slave","bond_slave") and $iface_master != ""
echo "TYPE=Ethernet" >> $devfile
echo "SLAVE=yes" >> $devfile
echo "MASTER=$iface_master" >> $devfile
echo "HOTPLUG=no" >> $devfile
#elif $iface_type == "bridge"
echo "TYPE=Bridge" >> $devfile
#for $bridge_opt in $bridge_opts
#if $bridge_opt.strip() != ""
echo "$bridge_opt" >> $devfile
#end if
#end for
#elif $iface_type == "bridge_slave" and $iface_master != ""
echo "TYPE=Ethernet" >> $devfile
echo "BRIDGE=$iface_master" >> $devfile
echo "HOTPLUG=no" >> $devfile
#else
echo "TYPE=Ethernet" >> $devfile
#end if
## ===================================================================
## Actions based on static/dynamic configuration
## ===================================================================
#if $static
#if $mac == "" and $iface_type == ""
# WARNING! Configuring interfaces by their names only
# is error-prone, and can cause issues if and when
# the kernel gives an interface a different name
# following a reboot/hardware changes.
#end if
#if $ip != "" and $iface_type not in ("slave","bond_slave","bridge_slave")
## Only configure static networking if an IP-address is configured
## and if the interface isn't slaved to another interface (bridging or bonding)
echo "BOOTPROTO=static" >> $devfile
echo "IPADDR=$ip" >> $devfile
#if $netmask == ""
## Default to 255.255.255.0?
#set $netmask = "255.255.255.0"
#end if
echo "NETMASK=$netmask" >> $devfile
#else
## Leave the interface unconfigured
## we don't have enough info for static configuration
echo "BOOTPROTO=none" >> $devfile
#end if
#if $enableipv6 == True and $ipv6_autoconfiguration == False
#if $ipv6_address != ""
echo "IPV6INIT=yes" >> $devfile
echo "IPV6ADDR=$ipv6_address" >> $devfile
#end if
#if $ipv6_secondaries != ""
#set ipv6_secondaries = ' '.join(ipv6_secondaries)
## The quotes around the ipv6 ip's need to be here
echo "IPV6ADDR_SECONDARIES=\"$ipv6_secondaries\"" >> $devfile
#end if
#if $ipv6_mtu != ""
echo "IPV6MTU=$ipv6_mtu" >> $devfile
#end if
#if $ipv6_default_gateway != ""
echo "IPV6_DEFAULTGW=$ipv6_default_gateway" >> $devfile
#end if
#end if
#else
## this is a DHCP interface, much less work to do
echo "BOOTPROTO=dhcp" >> $devfile
#end if
## ===================================================================
## VLAN configuration
## ===================================================================
#if $is_vlan == "true"
echo "VLAN=yes" >> $devfile
echo "ONPARENT=yes" >> $devfile
#end if
## ===================================================================
## Optional configuration stuff
## ===================================================================
#if $mtu != ""
echo "MTU=$mtu" >> $devfile
#end if
## ===================================================================
## Non-slave DNS configuration, when applicable
## ===================================================================
## If the interface is anything but a slave then add DNSn entry
#if $iface_type.lower() not in ("slave","bond_slave","bridge_slave")
#set $nct = 0
#for $nameserver in $name_servers
#set $nct = $nct + 1
echo "DNS$nct=$nameserver" >> $devfile
#end for
#end if
## ===================================================================
## Interface route configuration
## ===================================================================
#for $route in $static_routes
#set routepattern = $re.compile("[0-9/.]+:[0-9.]+")
#if $routepattern.match($route)
#set $routebits = $route.split(":")
#set [$network, $router] = $route.split(":")
echo "$network via $router" >> $routesfile
#else
# Warning: invalid route "$route"
#end if
#end for
#if $enableipv6 == True
#for $route in $ipv6_static_routes
#set routepattern = $re.compile("[0-9a-fA-F:/]+,[0-9a-fA-F:]+")
#if $routepattern.match($route)
#set $routebits = $route.split(",")
#set [$network, $router] = $route.split(",")
echo "$network via $router dev $iname" >> $ipv6_routesfile
#else
# Warning: invalid ipv6 route "$route"
#end if
#end for
#end if
## ===================================================================
## Done with this interface
## ===================================================================
#set $i = $i + 1
# End configuration for $iname
#end for
## =============================================================================
## Configure name server search path in /etc/resolv.conf
#set $num_ns = $len($name_servers)
#set $num_ns_search = $len($name_servers_search)
#if $num_ns_search > 0
sed -i -e "/^search /d" /etc/resolv.conf
echo -n "search " >>/etc/resolv.conf
#for $nameserversearch in $name_servers_search
echo -n "$nameserversearch " >>/etc/resolv.conf
#end for
echo "" >>/etc/resolv.conf
#else
sed -i -e "/^search /d" /etc/resolv.conf
sed -i -e "/^domain /d" /etc/resolv.conf
#end if
## =============================================================================
## Configure name servers in /etc/resolv.conf
#if $num_ns > 0
sed -i -e "/^nameserver /d" /etc/resolv.conf
#for $nameserver in $name_servers
echo "nameserver $nameserver" >>/etc/resolv.conf
#end for
#end if
## Disable all eth interfaces by default before overwriting
## the old files with the new ones in the working directory
## This stops unneccesary (and time consuming) DHCP queries
## during the network initialization
sed -i 's/ONBOOT=yes/ONBOOT=no/g' /etc/sysconfig/network-scripts/ifcfg-eth*
## Move all staged files to their final location
rm -f /etc/sysconfig/network-scripts/ifcfg-*
mv /etc/sysconfig/network-scripts/cobbler/* /etc/sysconfig/network-scripts/
rm -r /etc/sysconfig/network-scripts/cobbler
if [ -f "/etc/modprobe.conf" ]; then
cat /etc/modprobe.conf.cobbler >> /etc/modprobe.conf
rm -f /etc/modprobe.conf.cobbler
fi
#end if
# End post_install_network_config generated code

337
puppet/cobbler/templates/snippets/post_install_network_config_fuel.erb
View File

@ -1,337 +0,0 @@
# Start post_install_network_config generated code
#if $getVar("system_name","") != ""
## this is being provisioned by system records, not profile records
## so we can do the more complex stuff
## get the list of interface names
#set ikeys = $interfaces.keys()
#set osversion = $getVar("os_version","")
#import re
#set $vlanpattern = $re.compile("[a-zA-Z0-9]+[\.:][0-9]+")
## Determine if we should use the MAC address to configure the interfaces first
## Only physical interfaces are required to have a MAC address
## Also determine the number of bonding devices we have, so we can set the
## max-bonds option in modprobe.conf accordingly. -- jcapel
#set $configbymac = True
#set $numbondingdevs = 0
#set $enableipv6 = False
## =============================================================================
#for $iname in $ikeys
## look at the interface hash data for the specific interface
#set $idata = $interfaces[$iname]
## do not configure by mac address if we don't have one AND it's not for bonding/vlans
## as opposed to a "real" physical interface
#if $idata.get("mac_address", "") == "" and not $vlanpattern.match($iname) and not $idata.get("interface_type", "").lower() in ("master","bond","bridge"):
## we have to globally turn off the config by mac feature as we can't
## use it now
#set $configbymac = False
#end if
## count the number of bonding devices we have.
#if $idata.get("interface_type", "").lower() in ("master","bond")
#set $numbondingdevs += 1
#end if
## enable IPv6 networking if we set an ipv6 address or turn on autoconfiguration
#if $idata.get("ipv6_address", "") != "" or $ipv6_autoconfiguration == True
#set $enableipv6 = True
#end if
#end for
## end looping through the interfaces to see which ones we need to configure.
## =============================================================================
#set $i = 0
## setup bonding if we have to
#if $numbondingdevs > 0
# we have bonded interfaces, so set max_bonds
if [ -f "/etc/modprobe.conf" ]; then
echo "options bonding max_bonds=$numbondingdevs" >> /etc/modprobe.conf
fi
#end if
## =============================================================================
## create a staging directory to build out our network scripts into
## make sure we preserve the loopback device
# create a working directory for interface scripts
mkdir /etc/sysconfig/network-scripts/cobbler
cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/cobbler/
## =============================================================================
## configure the gateway if set up (this is global, not a per-interface setting)
#if $gateway != ""
# set the gateway in the network configuration file
grep -v GATEWAY /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "GATEWAY=$gateway" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#end if
## =============================================================================
## Configure the system's primary hostname. This is also passed to anaconda, but
## anaconda doesn't seem to honour it in DHCP-setups.
#if $hostname != ""
# set the hostname in the network configuration file
grep -v HOSTNAME /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "HOSTNAME=$hostname" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
# Also set the hostname now, some applications require it
# (e.g.: if we're connecting to Puppet before a reboot).
/bin/hostname $hostname
#end if
#if $enableipv6 == True
grep -v NETWORKING_IPV6 /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "NETWORKING_IPV6=yes" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#if $ipv6_autoconfiguration != ""
grep -v IPV6_AUTOCONF /etc/sysconfig/network > /etc/sysconfig/network.cobbler
#if $ipv6_autoconfiguration == True
echo "IPV6_AUTOCONF=yes" >> /etc/sysconfig/network.cobbler
#else
echo "IPV6_AUTOCONF=no" >> /etc/sysconfig/network.cobbler
#end if
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#end if
#if $ipv6_default_device != ""
grep -v IPV6_DEFAULTDEV /etc/sysconfig/network > /etc/sysconfig/network.cobbler
echo "IPV6_DEFAULTDEV=$ipv6_default_device" >> /etc/sysconfig/network.cobbler
rm -f /etc/sysconfig/network
mv /etc/sysconfig/network.cobbler /etc/sysconfig/network
#end if
#end if
## =============================================================================
## now create the config file for each interface
#for $iname in $ikeys
# Start configuration for $iname
## create lots of variables to use later
#set $idata = $interfaces[$iname]
#set $mac = $idata.get("mac_address", "").upper()
#set $mtu = $idata.get("mtu", "")
#set $static = $idata.get("static", "")
#set $ip = $idata.get("ip_address", "")
#set $netmask = $idata.get("netmask", "")
#set $static_routes = $idata.get("static_routes", "")
#set $iface_type = $idata.get("interface_type", "").lower()
#set $iface_master = $idata.get("interface_master", "")
#set $bonding_opts = $idata.get("bonding_opts", "")
#set $bridge_opts = $idata.get("bridge_opts", "").split(" ")
#set $ipv6_address = $idata.get("ipv6_address", "")
#set $ipv6_secondaries = $idata.get("ipv6_secondaries", "")
#set $ipv6_mtu = $idata.get("ipv6_mtu", "")
#set $ipv6_default_gateway = $idata.get("ipv6_default_gateway", "")
#set $ipv6_static_routes = $idata.get("ipv6_static_routes", "")
#set $devfile = "/etc/sysconfig/network-scripts/cobbler/ifcfg-" + $iname
#set $routesfile = "/etc/sysconfig/network-scripts/cobbler/route-" + $iname
#set $ipv6_routesfile = "/etc/sysconfig/network-scripts/cobbler/route6-" + $iname
## determine if this interface is for a VLAN
#if $vlanpattern.match($iname)
#set $is_vlan = "true"
#else
#set $is_vlan = "false"
#end if
## ===================================================================
## Things every interface get, no matter what
## ===================================================================
echo "DEVICE=$iname" > $devfile
#set $interface_extra_param_pattern = $re.compile("interface_extra_%s_.+" % $iname)
#for $mgmt_param in $mgmt_parameters
#if $interface_extra_param_pattern.match($mgmt_param)
#set $interface_extra = $re.split("interface_extra_%s_" % $iname, $mgmt_param)[1]
echo "$interface_extra.upper()=$mgmt_parameters.get($mgmt_param)" >> $devfile
#end if
#end for
#if $mac != "" and $iface_type not in ("master","bond","bridge")
## virtual interfaces don't get MACs
echo "HWADDR=$mac" >> $devfile
IFNAME=\$(ifconfig -a | grep -i '$mac' | cut -d ' ' -f 1)
## Rename this interface in modprobe.conf
## FIXME: if both interfaces startwith eth this is wrong
if [ -f "/etc/modprobe.conf" ] && [ \$IFNAME ]; then
grep \$IFNAME /etc/modprobe.conf | sed "s/\$IFNAME/$iname/" >> /etc/modprobe.conf.cobbler
grep -v \$IFNAME /etc/modprobe.conf >> /etc/modprobe.conf.new
rm -f /etc/modprobe.conf
mv /etc/modprobe.conf.new /etc/modprobe.conf
fi
#end if
## ===================================================================
## Actions based on interface_type
## ===================================================================
#if $iface_type in ("master","bond")
## if this is a bonded interface, configure it in modprobe.conf
#if $osversion == "rhel4"
if [ -f "/etc/modprobe.conf" ]; then
echo "install $iname /sbin/modprobe bonding -o $iname $bonding_opts" >> /etc/modprobe.conf.cobbler
fi
#else
## Add required entry to modprobe.conf
if [ -f "/etc/modprobe.conf" ]; then
echo "alias $iname bonding" >> /etc/modprobe.conf.cobbler
fi
#end if
#if $bonding_opts != ""
cat >> $devfile << EOF
BONDING_OPTS="$bonding_opts"
EOF
#end if
#elif $iface_type in ("slave","bond_slave") and $iface_master != ""
echo "TYPE=Ethernet" >> $devfile
echo "SLAVE=yes" >> $devfile
echo "MASTER=$iface_master" >> $devfile
echo "HOTPLUG=no" >> $devfile
#elif $iface_type == "bridge"
echo "TYPE=Bridge" >> $devfile
#for $bridge_opt in $bridge_opts
#if $bridge_opt.strip() != ""
echo "$bridge_opt" >> $devfile
#end if
#end for
#elif $iface_type == "bridge_slave" and $iface_master != ""
echo "TYPE=Ethernet" >> $devfile
echo "BRIDGE=$iface_master" >> $devfile
echo "HOTPLUG=no" >> $devfile
#else
echo "TYPE=Ethernet" >> $devfile
#end if
## ===================================================================
## Actions based on static/dynamic configuration
## ===================================================================
#if $static
#if $mac == "" and $iface_type == ""
# WARNING! Configuring interfaces by their names only
# is error-prone, and can cause issues if and when
# the kernel gives an interface a different name
# following a reboot/hardware changes.
#end if
#if $ip != "" and $iface_type not in ("slave","bond_slave","bridge_slave")
## Only configure static networking if an IP-address is configured
## and if the interface isn't slaved to another interface (bridging or bonding)
echo "BOOTPROTO=static" >> $devfile
echo "IPADDR=$ip" >> $devfile
#if $netmask == ""
## Default to 255.255.255.0?
#set $netmask = "255.255.255.0"
#end if
echo "NETMASK=$netmask" >> $devfile
#else
## Leave the interface unconfigured
## we don't have enough info for static configuration
echo "BOOTPROTO=none" >> $devfile
#end if
#if $enableipv6 == True and $ipv6_autoconfiguration == False
#if $ipv6_address != ""
echo "IPV6INIT=yes" >> $devfile
echo "IPV6ADDR=$ipv6_address" >> $devfile
#end if
#if $ipv6_secondaries != ""
#set ipv6_secondaries = ' '.join(ipv6_secondaries)
## The quotes around the ipv6 ip's need to be here
echo "IPV6ADDR_SECONDARIES=\"$ipv6_secondaries\"" >> $devfile
#end if
#if $ipv6_mtu != ""
echo "IPV6MTU=$ipv6_mtu" >> $devfile
#end if
#if $ipv6_default_gateway != ""
echo "IPV6_DEFAULTGW=$ipv6_default_gateway" >> $devfile
#end if
#end if
#else
## this is a DHCP interface, much less work to do
echo "BOOTPROTO=dhcp" >> $devfile
#end if
## ===================================================================
## VLAN configuration
## ===================================================================
#if $is_vlan == "true"
echo "VLAN=yes" >> $devfile
echo "ONPARENT=yes" >> $devfile
#end if
## ===================================================================
## Optional configuration stuff
## ===================================================================
#if $mtu != ""
echo "MTU=$mtu" >> $devfile
#end if
## ===================================================================
## Non-slave DNS configuration, when applicable
## ===================================================================
## If the interface is anything but a slave then add DNSn entry
#if $iface_type.lower() not in ("slave","bond_slave","bridge_slave")
#set $nct = 0
#for $nameserver in $name_servers
#set $nct = $nct + 1
echo "DNS$nct=$nameserver" >> $devfile
#end for
#end if
## ===================================================================
## Interface route configuration
## ===================================================================
#for $route in $static_routes
#set routepattern = $re.compile("[0-9/.]+:[0-9.]+")
#if $routepattern.match($route)
#set $routebits = $route.split(":")
#set [$network, $router] = $route.split(":")
echo "$network via $router" >> $routesfile
#else
# Warning: invalid route "$route"
#end if
#end for
#if $enableipv6 == True
#for $route in $ipv6_static_routes
#set routepattern = $re.compile("[0-9a-fA-F:/]+,[0-9a-fA-F:]+")
#if $routepattern.match($route)
#set $routebits = $route.split(",")
#set [$network, $router] = $route.split(",")
echo "$network via $router dev $iname" >> $ipv6_routesfile
#else
# Warning: invalid ipv6 route "$route"
#end if
#end for
#end if
## ===================================================================
## Done with this interface
## ===================================================================
#set $i = $i + 1
# End configuration for $iname
#end for
## =============================================================================
## Configure name server search path in /etc/resolv.conf
#set $num_ns = $len($name_servers)
#set $num_ns_search = $len($name_servers_search)
#if $num_ns_search > 0
sed -i -e "/^search /d" /etc/resolv.conf
echo -n "search " >>/etc/resolv.conf
#for $nameserversearch in $name_servers_search
echo -n "$nameserversearch " >>/etc/resolv.conf
#end for
echo "" >>/etc/resolv.conf
#end if
## =============================================================================
## Configure name servers in /etc/resolv.conf
#if $num_ns > 0
sed -i -e "/^nameserver /d" /etc/resolv.conf
#for $nameserver in $name_servers
echo "nameserver $nameserver" >>/etc/resolv.conf
#end for
#end if
## Disable all eth interfaces by default before overwriting
## the old files with the new ones in the working directory
## This stops unneccesary (and time consuming) DHCP queries
## during the network initialization
sed -i 's/ONBOOT=yes/ONBOOT=no/g' /etc/sysconfig/network-scripts/ifcfg-eth*
## Move all staged files to their final location
rm -f /etc/sysconfig/network-scripts/ifcfg-*
mv /etc/sysconfig/network-scripts/cobbler/* /etc/sysconfig/network-scripts/
rm -r /etc/sysconfig/network-scripts/cobbler
if [ -f "/etc/modprobe.conf" ]; then
cat /etc/modprobe.conf.cobbler >> /etc/modprobe.conf
rm -f /etc/modprobe.conf.cobbler
fi
#end if
# End post_install_network_config generated code

9
puppet/cobbler/templates/snippets/post_part_compute.erb
View File

@ -1,9 +0,0 @@
/sbin/sfdisk -l;
dd if=/dev/zero of=/dev/sdb bs=512 count=1;
echo ";" | /sbin/sfdisk /dev/sdb;
sfdisk -R /dev/sdb;
sleep 10;
mkfs.ext4 /dev/sdb1;
sdb1_uuid=$(blkid -ovalue /dev/sdb1 | head -1);
echo "UUID=$sdb1_uuid /instances ext4 defaults,noatime,nodiratime 0 0" >> /etc/fstab;
mkdir /instances;

14
puppet/cobbler/templates/snippets/post_part_controller.erb
View File

@ -1,14 +0,0 @@
/sbin/sfdisk -l
dd if=/dev/zero of=/dev/sdb bs=512 count=1
echo "0 300000 83" | /sbin/sfdisk -uM /dev/sdb
echo "300008 40000 83" | /sbin/sfdisk -N2 -uM /dev/sdb
sfdisk -R /dev/sdb
sleep 10
mkfs.ext4 /dev/sdb1
mkfs.ext4 /dev/sdb2
sdb1_uuid=$(blkid -ovalue /dev/sdb1 | head -1)
echo "UUID=$sdb1_uuid /var/lib/postgresql ext4 defaults,noatime,nodiratime 0 0" >> /etc/fstab
mkdir /var/lib/mysql
sdb2_uuid=$(blkid -ovalue /dev/sdb2 | head -1)
echo "UUID=$sdb2_uuid /var/lib/rabbitmq ext4 defaults,noatime,nodiratime 0 0" >> /etc/fstab
mkdir /var/lib/rabbitmq

140
puppet/cobbler/templates/snippets/post_part_storage.erb
View File

@ -1,140 +0,0 @@
dd if=/dev/zero of=/dev/sdd bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdd
sdd_uuid_old=$(blkid -ovalue /dev/sdd | head -1)
sfdisk -R /dev/sdd
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdd1
sdd_uuid_new=$(blkid -ovalue /dev/sdd1 | head -1)
echo "UUID=$sdd_uuid /srv/node/sdd1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdd1
xfs_check /dev/sdd1
dd if=/dev/zero of=/dev/sde bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sde
sde_uuid_old=$(blkid -ovalue /dev/sde | head -1)
sfdisk -R /dev/sde
sleep 10
mkfs.xfs -i size=1024 -f /dev/sde1
sde_uuid_new=$(blkid -ovalue /dev/sde1 | head -1)
echo "UUID=$sde_uuid /srv/node/sde1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sde1
xfs_check /dev/sde1
dd if=/dev/zero of=/dev/sdf bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdf
sdf_uuid_old=$(blkid -ovalue /dev/sdf | head -1)
sfdisk -R /dev/sdf
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdf1
sdf_uuid_new=$(blkid -ovalue /dev/sdf1 | head -1)
echo "UUID=$sdf_uuid /srv/node/sdf1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdf1
xfs_check /dev/sdf1
dd if=/dev/zero of=/dev/sdg bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdg
sdg_uuid_old=$(blkid -ovalue /dev/sdg | head -1)
sfdisk -R /dev/sdg
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdg1
sdg_uuid_new=$(blkid -ovalue /dev/sdg1 | head -1)
echo "UUID=$sdg_uuid /srv/node/sdg1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdg1
xfs_check /dev/sdg1
dd if=/dev/zero of=/dev/sdh bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdh
sdh_uuid_old=$(blkid -ovalue /dev/sdh | head -1)
sfdisk -R /dev/sdh
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdh1
sdh_uuid_new=$(blkid -ovalue /dev/sdh1 | head -1)
echo "UUID=$sdh_uuid /srv/node/sdh1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdh1
xfs_check /dev/sdh1
dd if=/dev/zero of=/dev/sdi bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdi
sdi_uuid_old=$(blkid -ovalue /dev/sdi | head -1)
sfdisk -R /dev/sdi
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdi1
sdi_uuid_new=$(blkid -ovalue /dev/sdi1 | head -1)
echo "UUID=$sdi_uuid /srv/node/sdi1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdi1
xfs_check /dev/sdi1
dd if=/dev/zero of=/dev/sdj bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdj
sdj_uuid_old=$(blkid -ovalue /dev/sdj | head -1)
sfdisk -R /dev/sdj
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdj1
sdj_uuid_new=$(blkid -ovalue /dev/sdj1 | head -1)
echo "UUID=$sdj_uuid /srv/node/sdj1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdj1
xfs_check /dev/sdj1
dd if=/dev/zero of=/dev/sdk bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdk
sdk_uuid_old=$(blkid -ovalue /dev/sdk | head -1)
sfdisk -R /dev/sdk
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdk1
sdk_uuid_new=$(blkid -ovalue /dev/sdk1 | head -1)
echo "UUID=$sdk_uuid /srv/node/sdk1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdk1
xfs_check /dev/sdk1
dd if=/dev/zero of=/dev/sdl bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdl
sdl_uuid_old=$(blkid -ovalue /dev/sdl | head -1)
sfdisk -R /dev/sdl
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdl1
sdl_uuid_new=$(blkid -ovalue /dev/sdl1 | head -1)
echo "UUID=$sdl_uuid /srv/node/sdl1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdl1
xfs_check /dev/sdl1
dd if=/dev/zero of=/dev/sdm bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdm
sdm_uuid_old=$(blkid -ovalue /dev/sdm | head -1)
sfdisk -R /dev/sdm
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdm1
sdm_uuid_new=$(blkid -ovalue /dev/sdm1 | head -1)
echo "UUID=$sdm_uuid /srv/node/sdm1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdm1
xfs_check /dev/sdm1
dd if=/dev/zero of=/dev/sdn bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdn
sdn_uuid_old=$(blkid -ovalue /dev/sdn | head -1)
sfdisk -R /dev/sdn
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdn1
sdn_uuid_new=$(blkid -ovalue /dev/sdn1 | head -1)
echo "UUID=$sdn_uuid /srv/node/sdn1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdn1
xfs_check /dev/sdn1
dd if=/dev/zero of=/dev/sdo bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdo
sdo_uuid_old=$(blkid -ovalue /dev/sdo | head -1)
sfdisk -R /dev/sdo
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdo1
sdo_uuid_new=$(blkid -ovalue /dev/sdo1 | head -1)
echo "UUID=$sdo_uuid /srv/node/sdo1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdo1
xfs_check /dev/sdo1
dd if=/dev/zero of=/dev/sdp bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdp
sdp_uuid_old=$(blkid -ovalue /dev/sdp | head -1)
sfdisk -R /dev/sdp
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdp1
sdp_uuid_new=$(blkid -ovalue /dev/sdp1 | head -1)
echo "UUID=$sdp_uuid /srv/node/sdp1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdp1
xfs_check /dev/sdp1
dd if=/dev/zero of=/dev/sdq bs=512 count=1
echo ";" | /sbin/sfdisk /dev/sdq
sdq_uuid_old=$(blkid -ovalue /dev/sdq | head -1)
sfdisk -R /dev/sdq
sleep 10
mkfs.xfs -i size=1024 -f /dev/sdq1
sdq_uuid_new=$(blkid -ovalue /dev/sdq1 | head -1)
echo "UUID=$sdq_uuid /srv/node/sdq1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /srv/node/sdq1
xfs_check /dev/sdq1

102
puppet/cobbler/templates/snippets/pre_install_network_config.erb
View File

@ -1,102 +0,0 @@
#if $getVar("system_name","") != ""
# Start pre_install_network_config generated code
#set ikeys = $interfaces.keys()
#import re
#set $vlanpattern = $re.compile("[a-zA-Z0-9]+[\.:][0-9]+")
#set $routepattern = $re.compile("[0-9/.]+:[0-9.]+")
##
## Determine if we should use the MAC address to configure the interfaces first
## Only physical interfaces are required to have a MAC address
#set $configbymac = True
#for $iname in $ikeys
#set $idata = $interfaces[$iname]
#if $idata["mac_address"] == "" and not $vlanpattern.match($iname) and not $idata["interface_type"].lower() in ("master","bond","bridge")
#set $configbymac = False
#end if
#end for
#set $i = 0
#if $configbymac
## Output diagnostic message
# Start of code to match cobbler system interfaces to physical interfaces by their mac addresses
#end if
#for $iname in $ikeys
# Start $iname
#set $idata = $interfaces[$iname]
#set $mac = $idata["mac_address"]
#set $static = $idata["static"]
#set $ip = $idata["ip_address"]
#set $netmask = $idata["netmask"]
#set $iface_type = $idata["interface_type"]
#set $iface_master = $idata["interface_master"]
#set $static_routes = $idata["static_routes"]
#set $devfile = "/etc/sysconfig/network-scripts/ifcfg-" + $iname
#if $vlanpattern.match($iname)
## If this is a VLAN interface, skip it, anaconda doesn't know
## about VLANs.
#set $is_vlan = "true"
#else
#set $is_vlan = "false"
#end if
#if ($configbymac and $is_vlan == "false" and $iface_type.lower() not in ("slave","bond_slave","bridge_slave")) or $iface_type.lower() in ("master","bond","bridge")
## This is a physical interface, hand it to anaconda. Do not
## process slave interface here.
#if $iface_type.lower() in ("master","bond","bridge")
## Find a slave for this interface
#for $tiname in $ikeys
#set $tidata = $interfaces[$tiname]
#if $tidata["interface_type"].lower() in ("slave","bond_slave","bridge_slave") and $tidata["interface_master"].lower() == $iname
#set $mac = $tidata["mac_address"]
# Found a slave for this interface: $tiname ($mac)
#break
#end if
#end for
#end if
#if $static and $ip != ""
#if $netmask == ""
## Netmask not provided, default to /24.
#set $netmask = "255.255.255.0"
#end if
#set $netinfo = "--bootproto=static --ip=%s --netmask=%s" % ($ip, $netmask)
#if $gateway != ""
#set $netinfo = "%s --gateway=%s" % ($netinfo, $gateway)
#end if
#if $len($name_servers) > 0
#set $netinfo = "%s --nameserver=%s" % ($netinfo, $name_servers[0])
#end if
#else if not $static
#set $netinfo = "--bootproto=dhcp"
#else
## Skip this interface, it's set as static, but without
## networking info.
# Skipping (no configuration)...
#continue
#end if
#if $hostname != ""
#set $netinfo = "%s --hostname=%s" % ($netinfo, $hostname)
#end if
# Configuring $iname ($mac)
if ifconfig -a | grep -i $mac
then
IFNAME=\$(ifconfig -a | grep -i '$mac' | cut -d " " -f 1)
echo "network --noipv6 --device=\$IFNAME $netinfo" >> /tmp/pre_install_network_config
#for $route in $static_routes
#if $routepattern.match($route)
#set $routebits = $route.split(":")
#set [$network, $router] = $route.split(":")
ip route add $network via $router dev \$IFNAME
#else
# Warning: invalid route "$route"
#end if
#end for
fi
#else
#if $iface_type.lower() in ("slave","bond_slave","bridge_slave")
# Skipping (slave-interface)
#else
# Skipping (not a physical interface)...
#end if
#end if
#end for
# End pre_install_network_config generated code
#end if

18
puppet/cobbler/templates/snippets/pre_install_partition.erb
View File

@ -1,18 +0,0 @@
# hard drives
tgtdrive="undefined"
for drv in `ls -1 /sys/block | grep "sd\|hd\|vd\|cciss"`; do
if (grep -q 0 /sys/block/${drv}/removable); then
d=`echo ${drv} | sed -e 's/!/\//'`
tgtdrive="${d}"
break
fi
done
# bootloader
echo "bootloader --location=mbr --driveorder=${tgtdrive} --append=' biosdevname=0 crashkernel=auto'" > /tmp/bootloader.ks
# partition
/usr/sbin/parted -s /dev/${tgtdrive} mklabel gpt
echo "partition /boot --fstype=ext4 --ondisk=${tgtdrive} --size=300 --asprimary" > /tmp/partition.ks
echo "partition / --fstype=ext4 --ondisk=${tgtdrive} --size=1 --grow --asprimary" >> /tmp/partition.ks
echo "partition swap --recommended --ondisk=${tgtdrive}" >> /tmp/partition.ks

99
puppet/cobbler/templates/snippets/pre_install_partition_lvm.erb
View File

@ -1,99 +0,0 @@
echo > /tmp/partition.ks
#import json
#if $getVar("ks_spaces","{}") != "{}"
##
#set $j = $getVar("ks_spaces","[]")
#set $spaces = $json.loads($j)
#set $clearpart_drives = $set([])
#set $physical_volumes = []
#set $partitions = []
#set $volume_groups = {}
#set $logical_volumes = []
#set $pvnum = 0
##
#for $space in $spaces
#set $space_id = $space.get("id")
#set $space_type = $space.get("type")
#set $space_volumes = $space.get("volumes")
##
## Adding disk to clearpart list of drives
#if $space_type == "disk"
$clearpart_drives.add($space_id)
#end if
##
#for $volume in $space_volumes
#set $volume_id = $volume.get("id")
#set $volume_type = $volume.get("type")
##
## Parsing volume groups and physical volumes
#if $space_type == "disk" and $volume_type == "pv"
#set $volume_vg = $volume.get("vg")
#set $volume_size = $int($volume.get("size") or 0) / 1024 ** 2
#set $volume_name = "pv.%03d" % $pvnum
#if $volume_size > 0
$physical_volumes.append("partition %s --size=%s --ondisk=%s" % ($volume_name, $volume_size, $space_id))
#if not $volume_groups.get($volume_vg)
#set $volume_groups[$volume_vg] = [$volume_name]
#else
$volume_groups[$volume_vg].append($volume_name)
#end if
#set $pvnum += 1
#end if
#end if
##
## Parsing bare partitions
#if $space_type == "disk" and $volume_type == "partition"
#set $volume_mount = $volume.get("mount")
#set $volume_size = $int($volume.get("size") or 0) / 1024 ** 2
#if $volume_size > 0
$partitions.append("partition %s --size=%s --ondisk=%s" % ($volume_mount, $volume_size, $space_id))
#end if
#end if
##
## Writing bootloader to MBR
#if $space_type == "disk" and $volume_type == "mbr"
echo "bootloader --location=mbr --driveorder=\$(basename `readlink -f /dev/$space_id`) --append=' biosdevname=0 crashkernel=auto'" > /tmp/bootloader.ks
#end if
##
## Parsing logical volumes
#if $space_type == "vg" and $volume_type == "lv"
#set $volume_mount = $volume.get("mount")
#set $volume_size = $int($volume.get("size") or 0) / 1024 ** 2
#set $volume_name = $volume.get("name")
#if $volume_size > 0
$logical_volumes.append("logvol %s --vgname=%s --size=%s --name=%s" % ($volume_mount, $space_id, $volume_size, $volume_name))
#end if
#end if
##
#end for
#end for
##
## Cleaning disks
#if $clearpart_drives
#set $clearpart_drives_string = ','.join(list($clearpart_drives))
echo "clearpart --initlabel --all --drives=$clearpart_drives_string" >> /tmp/partition.ks
#end if
##
## Creating bare partitions
#for $partition in $partitions
echo "$partition" >> /tmp/partition.ks
#end for
##
## Creating physical volumes
#for $pv in $physical_volumes
echo "$pv" >> /tmp/partition.ks
#end for
##
## Creating volume groups
#for $volgroup in $volume_groups.keys()
#set $ks_pvs = " ".join($volume_groups.get($volgroup))
echo "volgroup $volgroup $ks_pvs" >> /tmp/partition.ks
#end for
##
## Creating logical volumes
#for $lv in $logical_volumes
echo "$lv" >> /tmp/partition.ks
#end for
##
##
#end if

35
puppet/cobbler/templates/snippets/puppet_conf.erb
View File

@ -1,35 +0,0 @@
#if $getVar('puppet_master','') != ''
mkdir -p /etc/puppet
cat <<EOCONF > /etc/puppet/puppet.conf
[main]
# The Puppet log directory.
# The default value is '\\$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '\\$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '\\$confdir/ssl'.
ssldir = \\$vardir/ssl
pluginsync = true
[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '\\$confdir/classes.txt'.
classfile = \\$vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '\\$confdir/localconfig'.
localconfig = \\$vardir/localconfig
server = $puppet_master
# How long the client should wait for the configuration to be retrieved before considering it a failure.
# It may help with 'execution expired' issue we've experienced.
configtimeout = 600
EOCONF
#end if

7
puppet/cobbler/templates/snippets/puppet_install_if_enabled.erb
View File

@ -1,7 +0,0 @@
#if $str($getVar('puppet_auto_setup','')) == "1"
#if $str($getVar('puppet_version', '')) != ""
puppet-$puppet_version
#else
puppet
#end if
#end if

14
puppet/cobbler/templates/snippets/puppet_register_if_enabled.erb
View File

@ -1,14 +0,0 @@
#if $str($getVar('puppet_auto_setup','')) == "1"
## generate puppet certificates and trigger a signing request, but
## don't wait for signing to complete
/usr/sbin/puppet agent --test --waitforcert 0
#end if
#if $str($getVar('puppet_enable', '')) == "1"
## turn puppet service on after reboot
#if $breed == "redhat"
/sbin/chkconfig puppet on
#elif $breed == "debian" or $breed == "ubuntu"
/usr/sbin/update-rc.d puppet defaults
sed -i -e "s/^START=no/START=yes/" /etc/default/puppet
#end if
#end if

4
puppet/cobbler/templates/snippets/puppet_register_if_enabled_fuel.erb
View File

@ -1,4 +0,0 @@
#if $str($getVar('puppet_enable', '')) == "1"
# turn puppet service on for reboot
/sbin/chkconfig puppet on
#end if

24
puppet/cobbler/templates/snippets/send2syslog.erb
View File

@ -1,24 +0,0 @@
#if $str($getVar('install_log_2_syslog','')) == "1"
wget -O /tmp/send2syslog.py "http://$server/cobbler/aux/send2syslog.py"
#if $getVar('hostname', '') != ''
#set $config_hostname = '"hostname": "%s",' % $hostname
#end if
echo '{$config_hostname
"watchlist": [
{"servers": [ {"host": "$server"} ],
"watchfiles": [
{"tag": "install/anaconda", "log_type": "anaconda",
"files": ["/tmp/anaconda.log",
"/mnt/sysimage/root/install.log"]},
{"tag": "install/ks-pre", "files": ["/tmp/ks-pre.log"]},
{"tag": "install/ks-post", "files": ["/mnt/sysimage/root/ks-post.log"]},
{"tag": "install/syslog", "log_type": "anaconda",
"files": ["/tmp/syslog"]},
{"tag": "install/storage", "log_type": "anaconda",
"files": ["/tmp/storage.log"]}
]
}
]
}' > /tmp/send2syslog.conf
python /tmp/send2syslog.py -c /tmp/send2syslog.conf
#end if

1
puppet/cobbler/templates/snippets/ssh_disable_gssapi.erb
View File

@ -1 +0,0 @@
sed -i -e "/^\s*GSSAPICleanupCredentials yes/d" -e "/^\s*GSSAPIAuthentication yes/d" /etc/ssh/sshd_config

4
puppet/cobbler/templates/snippets/sshd_auth_pubkey_only.erb
View File

@ -1,4 +0,0 @@
# Allow ssh auth PubKey only.
sed --follow-symlinks -i 's/^\s*PubkeyAuthentication\s+no/PubkeyAuthentication yes/' /etc/ssh/sshd_config
sed --follow-symlinks -i '/^\s*PasswordAuthentication/d' /etc/ssh/sshd_config
echo 'PasswordAuthentication no' >> /etc/ssh/sshd_config

7
puppet/cobbler/templates/snippets/target_logs_to_master.erb
View File

@ -1,7 +0,0 @@
#raw
cat >/etc/rsyslog.d/10-log2master.conf <<EOF
# Log all messages to master node
\$template LogToMaster, "<%%PRI%>1 %\$NOW%T%TIMESTAMP:8:\$%Z %HOSTNAME% %APP-NAME% %PROCID% %MSGID% -%msg%\n"
#end raw
*.* @$server;LogToMaster
EOF

1
puppet/cobbler/templates/snippets/ubuntu_disable_pxe.erb
View File

@ -1 +0,0 @@
wget "http://$http_server:$http_port/cblr/svc/op/nopxe/system/$system_name" -O /dev/null

362
puppet/cobbler/templates/snippets/ubuntu_mcollective_config.erb
View File

@ -1,362 +0,0 @@
#import late_command
#if $str($getVar('mco_auto_setup','')) == "1"
in-target mkdir -p /etc/mcollective && \
in-target $late_command.late_file("""
main_collective = mcollective
collectives = mcollective
libdir = /usr/share/mcollective/plugins
logfile = /var/log/mcollective.log
loglevel = info
daemonize = 0
direct_addressing = 1
# Plugins
securityprovider = psk
plugin.psk = %(mco_pskey)s
connector = rabbitmq
plugin.rabbitmq.vhost = mcollective
plugin.rabbitmq.pool.size = 1
plugin.rabbitmq.pool.1.host = %(mco_stomphost)s
plugin.rabbitmq.pool.1.port = %(mco_stompport)s
plugin.rabbitmq.pool.1.user = %(mco_stompuser)s
plugin.rabbitmq.pool.1.password = %(mco_stomppassword)s
# Facts
factsource = yaml
plugin.yaml = /etc/mcollective/facts.yaml
""" % {
"mco_pskey": $mco_pskey,
"mco_stomphost": $mco_stomphost,
"mco_stompport": $mco_stompport,
"mco_stompuser": $mco_stompuser,
"mco_stomppassword": $mco_stomppassword
}, "/etc/mcollective/server.cfg", source_method='content', mode="0600");\
in-target mkdir -p /usr/share/mcollective/plugins/mcollective/agent/ && \
in-target $late_command.late_file("""
metadata :name => "puppetd",
:description => "Run puppet agent, get its status, and enable/disable it",
:author => "R.I.Pienaar",
:license => "Apache License 2.0",
:version => "1.8",
:url => "https://github.com/puppetlabs/mcollective-plugins",
:timeout => 240
action "last_run_summary", :description => "Get a summary of the last puppet run" do
display :always
output :time,
:description => "Time per resource type",
:display_as => "Times"
output :resources,
:description => "Overall resource counts",
:display_as => "Resources"
output :changes,
:description => "Number of changes",
:display_as => "Changes"
output :events,
:description => "Number of events",
:display_as => "Events"
output :version,
:description => "Puppet and Catalog versions",
:display_as => "Versions"
end
action "enable", :description => "Enable puppet agent" do
output :output,
:description => "String indicating status",
:display_as => "Status"
end
action "disable", :description => "Disable puppet agent" do
output :output,
:description => "String indicating status",
:display_as => "Status"
end
action "runonce", :description => "Invoke a single puppet run" do
#input :forcerun,
# :prompt => "Force puppet run",
# :description => "Should the puppet run happen immediately?",
# :type => :string,
# :validation => '^.+$',
# :optional => true,
# :maxlength => 5
output :output,
:description => "Output from puppet agent",
:display_as => "Output"
end
action "status", :description => "Get puppet agent's status" do
display :always
output :status,
:description => "The status of the puppet agent: disabled, running, idling or stopped",
:display_as => "Status"
output :enabled,
:description => "Whether puppet agent is enabled",
:display_as => "Enabled"
output :running,
:description => "Whether puppet agent is running",
:display_as => "Running"
output :idling,
:description => "Whether puppet agent is idling",
:display_as => "Idling"
output :stopped,
:description => "Whether puppet agent is stopped",
:display_as => "Stopped"
output :lastrun,
:description => "When puppet agent last ran",
:display_as => "Last Run"
output :output,
:description => "String displaying agent status",
:display_as => "Status"
end
"""
, "/usr/share/mcollective/plugins/mcollective/agent/puppetd.ddl", source_method='content', mode="0600");\
in-target $late_command.late_file("""
[program:mcollective]
command=/usr/sbin/mcollectived --config=/etc/mcollective/server.cfg
autostart=true
"""
, "/etc/supervisor/conf.d/mcollective.conf", source_method='content', mode="0644");\
in-target $late_command.late_file("""
module MCollective
module Agent
# An agent to manage the Puppet Daemon
#
# Configuration Options:
# puppetd.splaytime - Number of seconds within which to splay; no splay
# by default
# puppetd.statefile - Where to find the state.yaml file; defaults to
# /var/lib/puppet/state/state.yaml
# puppetd.lockfile - Where to find the lock file; defaults to
# /var/lib/puppet/state/puppetdlock
# puppetd.puppetd - Where to find the puppet agent binary; defaults to
# /usr/bin/puppet agent
# puppetd.summary - Where to find the summary file written by Puppet
# 2.6.8 and newer; defaults to
# /var/lib/puppet/state/last_run_summary.yaml
# puppetd.pidfile - Where to find puppet agent's pid file; defaults to
# /var/run/puppet/agent.pid
class Puppetd<RPC::Agent
def startup_hook
@splaytime = @config.pluginconf["puppetd.splaytime"].to_i || 0
@lockfile = @config.pluginconf["puppetd.lockfile"] || "/var/lib/puppet/state/puppetdlock"
@statefile = @config.pluginconf["puppetd.statefile"] || "/var/lib/puppet/state/state.yaml"
@pidfile = @config.pluginconf["puppet.pidfile"] || "/var/run/puppet/agent.pid"
@puppetd = @config.pluginconf["puppetd.puppetd"] || "/usr/bin/puppet agent"
@last_summary = @config.pluginconf["puppet.summary"] || "/var/lib/puppet/state/last_run_summary.yaml"
end
action "last_run_summary" do
last_run_summary
set_status
end
action "enable" do
enable
end
action "disable" do
disable
end
action "runonce" do
runonce
end
action "status" do
set_status
end
private
def last_run_summary
# wrap into begin..rescue: fixes PRD-252
begin
summary = YAML.load_file(@last_summary)
rescue
summary = {}
end
# It should be empty hash, if 'resources' key is not defined, because otherwise merge will fail with TypeError
summary["resources"] ||= {}
# Astute relies on last_run, so we must set last_run
summary["time"] ||= {}
summary["time"]["last_run"] ||= 0
# if 'failed' is not provided, it means something is wrong. So default value is 1.
reply[:resources] = {"failed"=>1, "changed"=>0, "total"=>0, "restarted"=>0, "out_of_sync"=>0}.merge(summary["resources"])
["time", "events", "changes", "version"].each do |dat|
reply[dat.to_sym] = summary[dat]
end
end
def set_status
reply[:status] = puppet_daemon_status
reply[:running] = reply[:status] == 'running' ? 1 : 0
reply[:enabled] = reply[:status] == 'disabled' ? 0 : 1
reply[:idling] = reply[:status] == 'idling' ? 1 : 0
reply[:stopped] = reply[:status] == 'stopped' ? 1 : 0
reply[:lastrun] = 0
reply[:lastrun] = File.stat(@statefile).mtime.to_i if File.exists?(@statefile)
reply[:runtime] = Time.now.to_i - reply[:lastrun]
reply[:output] = "Currently #{reply[:status]}; last completed run #{reply[:runtime]} seconds ago"
end
def rm_file file
begin
File.unlink(file)
return true
rescue
return false
end
end
def puppet_daemon_status
err_msg = ""
alive = false
if File.exists?(@pidfile)
pid = File.read(@pidfile)
begin
::Process.kill(0, Integer(pid)) # check that pid is alive
alive = true
rescue
err_msg << "Pidfile is present but process not running. Trying to remove pidfile..."
err_msg << (rm_file(@pidfile) ? "ok. " : "failed. ")
end
end
locked = File.exists?(@lockfile)
disabled = locked && File::Stat.new(@lockfile).zero?
if locked && !disabled && !alive
err_msg << "Process not running but not empty lockfile is present. Trying to remove lockfile..."
err_msg << (rm_file(@lockfile) ? "ok." : "failed.")
end
reply[:err_msg] = err_msg if err_msg.any?
if disabled
'disabled'
elsif alive && locked
'running'
elsif alive && !locked
'idling'
elsif !alive
'stopped'
end
end
def runonce
set_status
case (reply[:status])
when 'disabled' then # can't run
reply.fail "Empty Lock file exists; puppet agent is disabled."
when 'running' then # can't run two simultaniously
reply.fail "Lock file and PID file exist; puppet agent is running."
when 'idling' then # signal daemon
pid = File.read(@pidfile)
if pid !~ /^\d+$/
reply.fail "PID file does not contain a PID; got #{pid.inspect}"
else
begin
::Process.kill(0, Integer(pid)) # check that pid is alive
# REVISIT: Should we add an extra round of security here, and
# ensure that the PID file is securely owned, or that the target
# process looks like Puppet? Otherwise a malicious user could
# theoretically signal arbitrary processes with this...
begin
::Process.kill("USR1", Integer(pid))
reply[:output] = "Signalled daemonized puppet agent to run (process #{Integer(pid)}); " + (reply[:output] || '')
rescue Exception => e
reply.fail "Failed to signal the puppet agent daemon (process #{pid}): #{e}"
end
rescue Errno::ESRCH => e
# PID is invalid, run puppet onetime as usual
runonce_background
end
end
when 'stopped' then # just run
runonce_background
else
reply.fail "Unknown puppet agent status: #{reply[:status]}"
end
end
def runonce_background
cmd = [@puppetd, "--onetime", "--logdest", 'syslog']
unless request[:forcerun]
if @splaytime && @splaytime > 0
cmd << "--splaylimit" << @splaytime << "--splay"
end
end
cmd = cmd.join(" ")
output = reply[:output] || ''
run(cmd, :stdout => :output, :chomp => true)
reply[:output] = "Called #{cmd}, " + output + (reply[:output] || '')
end
def enable
if File.exists?(@lockfile)
stat = File::Stat.new(@lockfile)
if stat.zero?
File.unlink(@lockfile)
reply[:output] = "Lock removed"
else
reply[:output] = "Currently running; can't remove lock"
end
else
reply.fail "Already enabled"
end
end
def disable
if File.exists?(@lockfile)
stat = File::Stat.new(@lockfile)
stat.zero? ? reply.fail("Already disabled") : reply.fail("Currently running; can't remove lock")
else
begin
File.open(@lockfile, "w") { |file| }
reply[:output] = "Lock created"
rescue Exception => e
reply.fail "Could not create lock: #{e}"
end
end
end
end
end
end
# vi:tabstop=2:expandtab:ai:filetype=ruby
"""
, "/usr/share/mcollective/plugins/mcollective/agent/puppetd.rb", source_method='content', mode="0600") ;\
in-target sed -i 's/msg_age = Time.now.utc.to_i - msgtime/msg_age = 0 #Time.now.utc.to_i - msgtime/g' /usr/lib/ruby/1.8/mcollective/message.rb; \
#end if
#if $str($getVar('mco_enable', '')) == "1"
in-target /usr/sbin/invoke-rc.d mcollective stop; \
in-target /usr/sbin/update-rc.d -f mcollective remove \
#else
true \
#end if

121
puppet/cobbler/templates/snippets/ubuntu_network.erb
View File

@ -1,121 +0,0 @@
#import ipaddr
#import late_command
#set $script = ""
##
##
#set ikeys = $interfaces.keys()
##################################
## configuring udev rules
##################################
#set $script += "### configuring udev rules ###\n"
#set $rules_file = "/etc/udev/rules.d/70-persistent-net.rules"
#set $script += "echo > %s\n" % $rules_file
#for $iname in $ikeys
#set $idata = $interfaces[$iname]
#set $imac = $idata.get("mac_address", "")
#if $imac == "":
#continue
#end if
#set $script += "MATCHADDR=%s INTERFACE=%s /lib/udev/write_net_rules\n" % ($imac.lower(), $iname)
#end for
#set $script += "\n"
#######################################
## configuring /etc/network/interfaces
#######################################
#set $script += "### configuring interfaces ###\n"
#set $dhclient_file = "/etc/dhcp/dhclient.conf"
#set $interfaces_file = "/etc/network/interfaces"
#set $script += "echo > %s\n" % $interfaces_file
#set $script += "echo auto lo >> %s\n" % $interfaces_file
#set $script += "echo iface lo inet loopback >> %s\n" % $interfaces_file
#set $script += "echo >> %s\n" % $interfaces_file
#for $iname in $ikeys
#set $idata = $interfaces[$iname]
#set $script += "echo auto %s >> %s\n" % ($iname, $interfaces_file)
#if $idata.get("static", "0") in ("1", True, "true")
#set $iip = $idata.get("ip_address", "")
#if $iip != ""
#set $script += "echo iface %s inet static >> %s\n" % ($iname, $interfaces_file)
#set $script += "echo address %s >> %s\n" % ($iip, $interfaces_file)
#set $inetmask = $idata.get("netmask", "")
#if $inetmask != ""
#set $script += "echo netmask %s >> %s\n" % ($inetmask, $interfaces_file)
#end if
#else
#set $script += "echo iface %s inet manual >> %s\n" % ($iname, $interfaces_file)
#set $script += "echo up ip l set %s up >> %s\n" % ($iname, $interfaces_file)
#set $script += "echo down ip l set %s down >> %s\n" % ($iname, $interfaces_file)
#end if
#set $nss = ""
#for $ns in $getVar("name_servers", [])
#set $nss += " %s" % $ns
#end for
#set $gateway = $getVar("gateway", "")
#if $gateway != ""
#if $iip !=""
#if $inetmask != ""
#set $network_address = ipaddr.IPv4Network("%s/%s" % ($iip, $inetmask))
#else
#set $network_address = ipaddr.IPv4Network("%s" % $iip)
#end if
#set $gateway_address = ipaddr.IPv4Address($gateway)
#if $gateway_address in $network_address
#set $script += "echo gateway %s >> %s\n" % ($gateway, $interfaces_file)
#end if
#end if
#end if
#else
#set $script += "echo iface %s inet dhcp >> %s\n" % ($iname, $interfaces_file)
#if $name_servers
#set $script += "echo >> %s\n" % $dhclient_file
#set $script += "echo interface \\\"%s\\\" {>> %s\n" % ($iname, $dhclient_file)
#set $script += "echo -n 'prepend domain-name-servers ' >> %s\n" % $dhclient_file
#for $nameserver in $name_servers
#set $script += "echo -n '%s ' >> %s\n" % ($nameserver, $dhclient_file)
#end for
#set $script += "echo '; ' >> %s\n" % $dhclient_file
#set $script += "echo 'request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-search, host-name, netbios-name-servers, netbios-scope, interface-mtu, rfc3442-classless-static-routes, ntp-servers;' >> %s\n" % $dhclient_file
#set $script += "echo '}'>> %s\n" % $dhclient_file
#end if
#end if
#set $script += "echo >> %s\n" % $interfaces_file
#end for
#set $script += "\n"
#######################################
## configuring /etc/hosts
#######################################
#set $script += "### configuring /etc/hosts ###\n"
#set $hosts_file = "/etc/hosts"
#set $script += "echo > %s\n" % $hosts_file
#set $script += "echo 127.0.0.1 localhost >> %s\n" % $hosts_file
#for $iname in $ikeys
#set $idata = $interfaces[$iname]
#if $idata.get("static", "0") in ("1", True, "true")
#set $iip = $idata.get("ip_address", "")
#if $iip != ""
#set $idnsname = $idata.get("dns_name", "")
#if $idnsname != ""
#set $script += "echo %s %s >> %s\n" % ($iip, $idnsname, $hosts_file)
#end if
#end if
#end if
#end for
#######################################
## configuring domain name
#######################################
#set $script += "### configuring /etc/hosts ###\n"
#set $resolvconf = "/etc/resolv.conf"
#set $resolvhead = "/etc/resolvconf/resolv.conf.d/head"
#set $num_ns_search = $len($name_servers_search)
#if $num_ns_search > 0
#set $domdom = $name_servers_search[0]
#set $script += "echo domain %s >> %s\n" % ($domdom,$resolvconf)
#set $script += "echo domain %s >> %s\n" % ($domdom,$resolvhead)
#end if
#if $name_servers
#for $nameserver in $name_servers
#set $script += "echo nameserver %s >> %s\n" % ($nameserver, $resolvconf)
#set $script += "echo nameserver %s >> %s\n" % ($nameserver, $resolvhead)
#end for
#end if
in-target $late_command.late_command($script, source_method="content") \

18
puppet/cobbler/templates/snippets/ubuntu_packages.erb
View File

@ -1,18 +0,0 @@
#set $pkgsel_packages = ["openssh-server", "debconf-utils", "ntp"]
#if $str($getVar('puppet_auto_setup','')) == "1"
#if $str($getVar('puppet_version', '')) != ""
#silent $pkgsel_packages.append("puppet=" + $puppet_version)
#silent $pkgsel_packages.append("puppet-common=" + $puppet_version)
#else
#silent $pkgsel_packages.append("puppet")
#end if
#end if
#if $str($getVar('mco_auto_setup','')) == "1"
#silent $pkgsel_packages.append("ruby-stomp")
#silent $pkgsel_packages.append("mcollective")
#silent $pkgsel_packages.append("supervisor")
#end if
d-i pkgsel/include string #echo " ".join($pkgsel_packages)

19
puppet/cobbler/templates/snippets/ubuntu_puppet_config.erb
View File

@ -1,19 +0,0 @@
#import late_command
#if $str($getVar('puppet_auto_setup','')) == "1"
in-target mkdir -p /etc/puppet && \
#if $getVar('puppet_master','') != ''
in-target $late_command.late_file("""[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
pluginsync = true
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
server = %(puppet_master)s
""" % {"puppet_master": $puppet_master},
"/etc/puppet/puppet.conf", source_method="content") \
#else
true \
#end if
#end if

6
puppet/cobbler/templates/snippets/url_proxy.erb
View File

@ -1,6 +0,0 @@
## add proxy to initial installation process if it defined in cobbler
#if $getVar("proxy","") != ""
url --proxy $proxy --url=$tree
#else
url --url=$tree
#end if

3
puppet/cobbler/templates/ubuntu/iptablesload.erb
View File

@ -1,3 +0,0 @@
#!/bin/sh
/sbin/iptables-restore < /etc/iptables.rules
exit 0

6
puppet/cobbler/templates/ubuntu/iptablessave.erb
View File

@ -1,6 +0,0 @@
#!/bin/sh
/sbin/iptables-save -c > /etc/iptables.rules
if [ -f /etc/iptables.downrules ]; then
/sbin/iptables-restore < /etc/iptables.downrules
fi
exit 0

19
puppet/cobbler/templates/xinetd.conf.erb
View File

@ -1,19 +0,0 @@
defaults
{
enabled = tftp
log_type = SYSLOG daemon info
log_on_failure = HOST
log_on_success = PID HOST DURATION EXIT
cps = 50 10
instances = 50
per_source = 10
v6only = no
groups = yes
umask = 002
}
includedir /etc/xinetd.d

10
puppet/nailytest/examples/puppet.conf
View File

@ -1,10 +0,0 @@
[main]
vardir = /var/lib/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
pluginsync = true
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
server = ubuntu1204

25
puppet/nailytest/examples/site.pp
View File

@ -1,25 +0,0 @@
#$public_interface = 'eth0' # Provided by Astute
$internal_interface = $management_interface # provided by Astute # 'eth0.102'
$private_interface = $fixed_interface # provided by Astute # 'eth0.103'
# It's provided by astute
#$fixed_network_range = '10.0.1.0/24'
#$floating_network_range = '10.0.204.128/28'
# It's provided by astute
#$controller_node_address = '10.0.0.2'
#$controller_node_public = '10.0.203.72'
$openstack_version = {
'keystone' => latest,
'glance' => latest,
'horizon' => latest,
'nova' => latest,
'novncproxy' => latest,
'cinder' => latest,
}
node default {
include nailytest
}

14
puppet/nailytest/manifests/init.pp
View File

@ -1,14 +0,0 @@
class nailytest {
case $role {
"controller" : {
include nailytest::test_controller
}
"compute" : {
include nailytest::test_compute
}
}
include nailytest::network_setup
}

6
puppet/nailytest/manifests/network_setup.pp
View File

@ -1,6 +0,0 @@
class nailytest::network_setup {
include puppet-network
create_resources(network_config,parsejson($network_data))
}

5
puppet/nailytest/manifests/test_compute.pp
View File

@ -1,5 +0,0 @@
class nailytest::test_compute {
file { "/tmp/compute-file":
content => "Hello world! $role is installed",
}
}

6
puppet/nailytest/manifests/test_controller.pp
View File

@ -1,6 +0,0 @@
class nailytest::test_controller {
file { "/tmp/controller-file":
content => "Hello world! $role is installed",
}
exec { "/bin/sleep 3": }
}

5
puppet/nailytest/manifests/test_rpuppet.pp
View File

@ -1,5 +0,0 @@
class nailytest::test_rpuppet ($rpuppet) {
file { "/tmp/test_rpuppet":
content => "Hello from RPuppet! rpuppet = $rpuppet is set!\n hashes=$hashes\n",
}
}

8
puppet/puppetmaster/Modulefile
View File

@ -1,8 +0,0 @@
name 'puppetmaster'
version '0.0.1'
source 'git@github.com:Mirantis/product.git'
author 'Mirantis Inc.'
license 'Apache License 2.0'
summary 'Mirantis Puppet Master Module'
description 'Module to install puppet master with nginx as frontend'
project_page 'http://mirantis.com'

9
puppet/puppetmaster/examples/site.pp
View File

@ -1,9 +0,0 @@
node default {
class { "puppetmaster" :
puppet_master_hostname => "product-centos.mirantis.com"
} ->
class { "puppetmaster::nginx-service": }
}

30
puppet/puppetmaster/manifests/init.pp
View File

@ -1,30 +0,0 @@
class puppetmaster (
$puppet_master_hostname,
$puppet_package_version = "2.7.19-1.el6",
) {
anchor { "puppetmaster-begin": }
anchor { "puppetmaster-end": }
Anchor<| title == "puppetmaster-begin" |> ->
Class["puppetmaster::selinux"] ->
Class["puppetmaster::iptables"] ->
Class["puppetmaster::master"] ->
Class["puppetmaster::nginx"] ->
Anchor<| title == "puppetmaster-end" |>
class { "puppetmaster::selinux": }
class { "puppetmaster::iptables": }
class { "puppetmaster::master":
puppet_master_hostname => $puppet_master_hostname,
puppet_master_ports => "18140 18141 18142 18143",
puppet_master_extra_opts => "--debug",
}
class { "puppetmaster::nginx":
puppet_master_hostname => $puppet_master_hostname,
}
}

16
puppet/puppetmaster/manifests/iptables.pp
View File

@ -1,16 +0,0 @@
class puppetmaster::iptables {
Exec {path => '/usr/bin:/bin:/usr/sbin:/sbin'}
define access_to_puppetmaster_port($port, $protocol='tcp') {
$rule = "-p $protocol -m state --state NEW -m $protocol --dport $port -j ACCEPT"
exec { "access_to_puppetmaster_${protocol}_port: $port":
command => "iptables -t filter -I INPUT 1 $rule; \
/etc/init.d/iptables save",
unless => "iptables -t filter -S INPUT | grep -q \"^-A INPUT $rule\""
}
}
access_to_puppetmaster_port { "puppetmaster_tcp": port => '8140' }
}

65
puppet/puppetmaster/manifests/master.pp
View File

@ -1,65 +0,0 @@
class puppetmaster::master (
$puppet_master_hostname,
$puppet_master_ports = "18140 18141 18142 18143",
$puppet_master_log = "syslog",
$puppet_master_extra_opts = "",
) inherits puppetmaster::params {
package { $puppetmaster::params::puppet_master_packages :
ensure => $puppet_master_version,
}
package { $puppetmaster::params::mongrel_packages :
ensure => present,
}
file { "/etc/sysconfig/puppetmaster":
content => template("puppetmaster/sysconfig_puppetmaster.erb"),
owner => 'root',
group => 'root',
mode => 0644,
require => Package["puppet-server"],
notify => Service["puppetmaster"],
}
if $puppet_master_log == "syslog" {
file { "/etc/rsyslog.d/40-puppet-master.conf":
content => "if \$programname == 'puppet-master' then /var/log/puppet/master.log",
owner => "root",
group => "root",
mode => 0644,
}->Service["rsyslog"]->Service["puppetmaster"]
}
file { "/etc/puppet/puppet.conf":
content => template("puppetmaster/puppet.conf.erb"),
owner => "puppet",
group => "puppet",
mode => 0600,
require => Package["puppet-server"],
notify => Service["puppetmaster"],
}
file { "/etc/puppet/puppetdb.conf":
content => template("puppetmaster/puppetdb.conf.erb"),
owner => "puppet",
group => "puppet",
mode => 0600,
require => Package["puppet-server"],
notify => Service["puppetmaster"],
}
package {"puppetdb-terminus": ensure => present }
service { "puppetmaster":
enable => true,
ensure => "running",
require => [
Package["puppet-server"],
Package["rubygem-mongrel"],
Package["puppetdb-terminus"],
],
}
}

9
puppet/puppetmaster/manifests/nginx-service.pp
View File

@ -1,9 +0,0 @@
class puppetmaster::nginx-service {
service { "nginx":
enable => true,
ensure => "running",
require => Package["nginx"],
}
}

32
puppet/puppetmaster/manifests/nginx.pp
View File

@ -1,32 +0,0 @@
class puppetmaster::nginx(
$puppet_master_hostname,
$crt = "auto",
$key = "auto",
$puppet_ca = "/var/lib/puppet/ssl/certs/ca.pem",
$puppet_crl = "/var/lib/puppet/ssl/crl.pem",
) {
if $crt == "auto" {
$puppet_master_crt = "/var/lib/puppet/ssl/certs/${puppet_master_hostname}.pem"
}
else{
$puppet_master_crt = $crt
}
if $key == "auto" {
$puppet_master_key = "/var/lib/puppet/ssl/private_keys/${puppet_master_hostname}.pem"
}
else{
$puppet_master_key = $key
}
file { "/etc/nginx/conf.d/puppet.conf":
content => template("puppetmaster/nginx_puppet.erb"),
owner => 'root',
group => 'root',
mode => 0644,
require => Package["nginx"],
notify => Service["nginx"],
}
}

Some files were not shown because too many files have changed in this diff Show More