From 93b03c0e8104d08d33b7228f4836b0a33604ac04 Mon Sep 17 00:00:00 2001 From: Alexey Khivin Date: Sat, 25 Jun 2016 18:26:07 +0300 Subject: [PATCH] [Puppet] Class for building puppet cluster Change-Id: Idd1ef2dabf6146d62c9e9bee1831127c3c967b7e --- .../Puppet/package/Classes/PuppetClient.yaml | 47 +++++++ .../Puppet/package/Classes/PuppetServer.yaml | 125 ++++++++++++++++++ .../Resources/InstallDependencies.template | 21 +++ .../scripts/server/install_dependencies.sh | 11 ++ .../Resources/scripts/server/puppet_client.pp | 11 ++ .../Resources/scripts/server/puppet_server.pp | 33 +++++ murano-apps/Puppet/package/manifest.yaml | 4 + 7 files changed, 252 insertions(+) create mode 100644 murano-apps/Puppet/package/Classes/PuppetClient.yaml create mode 100644 murano-apps/Puppet/package/Classes/PuppetServer.yaml create mode 100644 murano-apps/Puppet/package/Resources/InstallDependencies.template create mode 100644 murano-apps/Puppet/package/Resources/scripts/server/install_dependencies.sh create mode 100644 murano-apps/Puppet/package/Resources/scripts/server/puppet_client.pp create mode 100644 murano-apps/Puppet/package/Resources/scripts/server/puppet_server.pp diff --git a/murano-apps/Puppet/package/Classes/PuppetClient.yaml b/murano-apps/Puppet/package/Classes/PuppetClient.yaml new file mode 100644 index 0000000..c39050d --- /dev/null +++ b/murano-apps/Puppet/package/Classes/PuppetClient.yaml @@ -0,0 +1,47 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +Namespaces: + =: org.openstack.ci_cd_pipeline_murano_app.puppet + conf: io.murano.configuration + sys: io.murano.system + +Name: PuppetClient + +Properties: + instance: + Contract: $.class('org.openstack.ci_cd_pipeline_murano_app.puppet.PuppetInstance').notNull() + + role: + Contract: $.string().notNull() + +Methods: + + configure: + Body: + - $this.instance.setHieraValue( 'node_role', $this.role) + - $this.instance.applyManifest( + new(sys:Resources).string('scripts/server/puppet_client.pp')) + + # + # useful to be sure that certificate request was sent to a server + # + testRun: + Body: + + # non zero return until certificate is not signed + - $res: new(conf:Linux).runCommand( + agent => $this.instance.agent, + command => 'puppet agent --test', + ignoreErrors => true).stdout + + - Return: $res diff --git a/murano-apps/Puppet/package/Classes/PuppetServer.yaml b/murano-apps/Puppet/package/Classes/PuppetServer.yaml new file mode 100644 index 0000000..73ff2a7 --- /dev/null +++ b/murano-apps/Puppet/package/Classes/PuppetServer.yaml @@ -0,0 +1,125 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +Namespaces: + =: org.openstack.ci_cd_pipeline_murano_app.puppet + conf: io.murano.configuration + sys: io.murano.system + net: org.openstack.ci_cd_pipeline_murano_app.utils.net + puppet: org.openstack.ci_cd_pipeline_murano_app.puppet + +Name: PuppetServer + +Properties: + masterInstance: + Contract: $.class(puppet:PuppetInstance).notNull() + + clients: + Contract: + - $.class('org.openstack.ci_cd_pipeline_murano_app.puppet.PuppetClient') + Usage: Out + Default: [] + + manifest: + Contract: $.string().notNull() + + _hosts: + Contract: $.class(net:Hosts) + Usage: Out + + _log: + Contract: $.class('io.murano.system.Logger') + +Methods: + .init: + Body: + - $this.hosts: new(net:Hosts) + - $this._log: logger('org.openstack.ci_cd_pipeline_murano_app.puppet.PuppetServer') + + configure: + Body: + - $this._configureHosts() + + - $this._installPuppetModules() + + - $data: dict( 'environment:production:manifest' => $this.manifest) + - $this.masterInstance.putHieraData( $data) + + - $resources: new(sys:Resources) + - $this.masterInstance.applyManifest( + $resources.string('scripts/server/puppet_server.pp')) + + - $this.clients.pselect($.configure()) + + - $this.clients.pselect($.testRun()) + # sign obtained requests + - $this.clients.pselect($this.signClientCertificate($.role)) + + _configureHosts: + Body: + - $this._hosts: new(net:Hosts) + - $this._hosts.addHostByInstance($this.masterInstance, 'puppet') + - $this.clients.pselect($this._hosts.addHostByInstance($.instance, $.role)) + - $this._hosts.applyTo($this.masterInstance) + - $this.clients.pselect($this._hosts.applyTo($.instance)) + + addClient: + Arguments: + - client: + Contract: $.class(puppet:PuppetClient).notNull() + Body: + - $this.clients: $this.clients.append($client) + + + # + # Sign client's certificate request + # + signClientCertificate: + Arguments: + - name: + Contract: $.string() + Body: + # sign cerificate or check it signed erlier + # in case of redeploying + - $res: new(conf:Linux).runCommand( + $this.masterInstance.agent, + 'puppet cert sign {0} || puppet cert verify {0}'.format($name)).stdout + + - Return: $res + + # + # Install all modules on every instance + # + _installPuppetModules: + Body: + - $modules: + - 'puppetlabs-vcsrepo' + - 'theforeman-git' + - 'theforeman-puppet' + + - $this.clients.select($.instance).append($this.masterInstance).selectMany( + let(x => $) -> $modules.select( + {instance => $x, module => $})) + .select( $.instance.installPuppetModule($.module)) + + installDependencies: + Arguments: + - environment: + Contract: $.string().notNull() + - puppetfileLink: + Contract: $.string().notNull() + Body: + - $resources: new(sys:Resources) + - $template: $resources.yaml('InstallDependencies.template').bind(dict( + environment => $environment, + puppetfile => $puppetfileLink)) + - Return: $this.masterInstance.agent.call($template, $resources) diff --git a/murano-apps/Puppet/package/Resources/InstallDependencies.template b/murano-apps/Puppet/package/Resources/InstallDependencies.template new file mode 100644 index 0000000..3883966 --- /dev/null +++ b/murano-apps/Puppet/package/Resources/InstallDependencies.template @@ -0,0 +1,21 @@ +FormatVersion: 2.1.0 +Version: 1.0.0 +Name: CreateEnvironment + +Parameters: + environment: $environment + puppetfile: $puppetfile + +Body: + return createEnvironment('{0} "{1}"'.format(args.environment, args.puppetfile)).stdout + +Scripts: + createEnvironment: + Type: Application + Version: 1.0.0 + EntryPoint: 'server/install_dependencies.sh' + Files: [] + Options: + captureStdout: true + captureStderr: true + verifyExitcode: true diff --git a/murano-apps/Puppet/package/Resources/scripts/server/install_dependencies.sh b/murano-apps/Puppet/package/Resources/scripts/server/install_dependencies.sh new file mode 100644 index 0000000..cc27d9b --- /dev/null +++ b/murano-apps/Puppet/package/Resources/scripts/server/install_dependencies.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + + +ENV_NAME="$1" +PUPPETFILE_LINK="$2" +ENV_DIR="/etc/puppet/environments/${ENV_NAME}" + +cd ${ENV_DIR} +wget --quiet -c ${PUPPETFILE_LINK} -O Puppetfile + +librarian-puppet install diff --git a/murano-apps/Puppet/package/Resources/scripts/server/puppet_client.pp b/murano-apps/Puppet/package/Resources/scripts/server/puppet_client.pp new file mode 100644 index 0000000..9e17005 --- /dev/null +++ b/murano-apps/Puppet/package/Resources/scripts/server/puppet_client.pp @@ -0,0 +1,11 @@ +node default{ + package {'iptables-persistent': + ensure => 'installed' + } + class { '::puppet': + server => false, + runmode => 'cron', + puppetmaster => 'puppet', + client_certname => hiera('node_role') + } +} \ No newline at end of file diff --git a/murano-apps/Puppet/package/Resources/scripts/server/puppet_server.pp b/murano-apps/Puppet/package/Resources/scripts/server/puppet_server.pp new file mode 100644 index 0000000..3817435 --- /dev/null +++ b/murano-apps/Puppet/package/Resources/scripts/server/puppet_server.pp @@ -0,0 +1,33 @@ +node default{ + package { 'ntp': + ensure => 'installed', + } + + package {'iptables-persistent': + ensure => 'installed' + } + + class { '::puppet': + server => true, + server_foreman => false, + server_reports => 'store', + server_http => true, + server_http_port => 8130, # default: 8139 + server_http_allow => [], + server_external_nodes => '', + server_git_repo => true, + puppetmaster => 'puppet', + server_puppetserver_version => '2.4.99', + environment => 'production' + } + + puppet::server::env { 'production': + manifest => hiera('environment:production:manifest'), + config_version => '' + } + + package {'librarian-puppet': + ensure => 'installed', + provider => 'gem' + } +} \ No newline at end of file diff --git a/murano-apps/Puppet/package/manifest.yaml b/murano-apps/Puppet/package/manifest.yaml index 64355e5..ee1ffbe 100644 --- a/murano-apps/Puppet/package/manifest.yaml +++ b/murano-apps/Puppet/package/manifest.yaml @@ -11,6 +11,10 @@ Author: 'Mirantis, Inc' Tags: [Server, Puppet] Classes: org.openstack.ci_cd_pipeline_murano_app.puppet.PuppetInstance: PuppetInstance.yaml + org.openstack.ci_cd_pipeline_murano_app.puppet.PuppetServer: PuppetServer.yaml + org.openstack.ci_cd_pipeline_murano_app.puppet.PuppetClient: PuppetClient.yaml org.openstack.ci_cd_pipeline_murano_app.puppet.Hiera: Hiera.yaml org.openstack.ci_cd_pipeline_murano_app.puppet.YamlTool: YamlTool.yaml org.openstack.ci_cd_pipeline_murano_app.puppet.YamlFile: YamlFile.yaml +Require: + org.openstack.ci_cd_pipeline_murano_app.utils.CiCdUtils: