From 982f8b6ce9c470366f967f3ad8fece2a673db59d Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 25 Jan 2016 12:07:11 +0100 Subject: [feat] Move bigcouch removals to own class We now include "site_config::remove::bigcouch" in class "site_couchdb::master", which sets up plain couchdb. --- .../site_config/manifests/remove/bigcouch.pp | 22 ++++++++++++++++++++++ .../modules/site_config/manifests/remove/files.pp | 18 ------------------ puppet/modules/site_couchdb/manifests/master.pp | 4 ++++ 3 files changed, 26 insertions(+), 18 deletions(-) create mode 100644 puppet/modules/site_config/manifests/remove/bigcouch.pp diff --git a/puppet/modules/site_config/manifests/remove/bigcouch.pp b/puppet/modules/site_config/manifests/remove/bigcouch.pp new file mode 100644 index 00000000..19d18eb0 --- /dev/null +++ b/puppet/modules/site_config/manifests/remove/bigcouch.pp @@ -0,0 +1,22 @@ +# remove bigcouch leftovers from previous installations +class site_config::remove::bigcouch { + + # Don't use check_mk logwatch to watch bigcouch logs anymore + # see https://leap.se/code/issues/7375 for more details + file { '/etc/check_mk/logwatch.d/bigcouch.cfg': + ensure => absent, + notify => [ + Exec['remove_bigcouch_logwatch_spoolfiles'], + Exec['remove_bigcouch_logwatch_stateline'] + ] + } + # remove leftover bigcouch logwatch spool files + exec { 'remove_bigcouch_logwatch_spoolfiles': + command => 'find /var/lib/check_mk/logwatch -name \'\\opt\\bigcouch\\var\\log\\bigcouch.log\' -exec rm {} \;', + refreshonly => true, + } + exec { 'remove_bigcouch_logwatch_stateline': + command => "sed -i '/bigcouch.log/d' /etc/check_mk/logwatch.state", + refreshonly => true, + } +} diff --git a/puppet/modules/site_config/manifests/remove/files.pp b/puppet/modules/site_config/manifests/remove/files.pp index 077381e1..4f7aa6e6 100644 --- a/puppet/modules/site_config/manifests/remove/files.pp +++ b/puppet/modules/site_config/manifests/remove/files.pp @@ -51,22 +51,4 @@ class site_config::remove::files { onlyif => "/bin/grep -qe 'leap_mx.log' /etc/check_mk/logwatch.state" } - # Don't use check_mk logwatch to watch bigcouch logs anymore - # see https://leap.se/code/issues/7375 for more details - file { '/etc/check_mk/logwatch.d/bigcouch.cfg': - ensure => absent, - notify => [ - Exec['remove_bigcouch_logwatch_spoolfiles'], - Exec['remove_bigcouch_logwatch_stateline'] - ] - } - # remove leftover bigcouch logwatch spool files - exec { 'remove_bigcouch_logwatch_spoolfiles': - command => 'find /var/lib/check_mk/logwatch -name \'\\opt\\bigcouch\\var\\log\\bigcouch.log\' -exec rm {} \;', - refreshonly => true, - } - exec { 'remove_bigcouch_logwatch_stateline': - command => "sed -i '/bigcouch.log/d' /etc/check_mk/logwatch.state", - refreshonly => true, - } } diff --git a/puppet/modules/site_couchdb/manifests/master.pp b/puppet/modules/site_couchdb/manifests/master.pp index 5dab6325..49d90f2f 100644 --- a/puppet/modules/site_couchdb/manifests/master.pp +++ b/puppet/modules/site_couchdb/manifests/master.pp @@ -8,4 +8,8 @@ class site_couchdb::master { } include site_check_mk::agent::couchdb::master + + # remove bigcouch leftovers from previous installations + include ::site_config::remove::bigcouch + } -- cgit v1.2.3 From 742e11902b88d1e135d131ebef7a7d8433f03dfe Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 25 Jan 2016 12:09:55 +0100 Subject: [bug] remove bigcouch compaction cronjob - Resolves: #7629 --- puppet/modules/site_config/manifests/remove/bigcouch.pp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/puppet/modules/site_config/manifests/remove/bigcouch.pp b/puppet/modules/site_config/manifests/remove/bigcouch.pp index 19d18eb0..0783fe9d 100644 --- a/puppet/modules/site_config/manifests/remove/bigcouch.pp +++ b/puppet/modules/site_config/manifests/remove/bigcouch.pp @@ -19,4 +19,8 @@ class site_config::remove::bigcouch { command => "sed -i '/bigcouch.log/d' /etc/check_mk/logwatch.state", refreshonly => true, } + + cron { 'compact_all_shards': + ensure => absent + } } -- cgit v1.2.3 From bb76a5a1c77bd23ba988f2591a093693619b23f9 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 25 Jan 2016 15:09:28 +0100 Subject: [bug] Fix unattended-upgrades on jessie - Resolves: #7842 --- .../site_apt/files/Debian/51unattended-upgrades-leap | 6 ++++++ puppet/modules/site_apt/manifests/unattended_upgrades.pp | 13 ++++++++++++- puppet/modules/site_apt/templates/50unattended-upgrades | 16 ---------------- 3 files changed, 18 insertions(+), 17 deletions(-) create mode 100644 puppet/modules/site_apt/files/Debian/51unattended-upgrades-leap delete mode 100644 puppet/modules/site_apt/templates/50unattended-upgrades diff --git a/puppet/modules/site_apt/files/Debian/51unattended-upgrades-leap b/puppet/modules/site_apt/files/Debian/51unattended-upgrades-leap new file mode 100644 index 00000000..bbaac6a2 --- /dev/null +++ b/puppet/modules/site_apt/files/Debian/51unattended-upgrades-leap @@ -0,0 +1,6 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "leap.se:stable"; +} + diff --git a/puppet/modules/site_apt/manifests/unattended_upgrades.pp b/puppet/modules/site_apt/manifests/unattended_upgrades.pp index 40111deb..42f1f4c6 100644 --- a/puppet/modules/site_apt/manifests/unattended_upgrades.pp +++ b/puppet/modules/site_apt/manifests/unattended_upgrades.pp @@ -1,9 +1,20 @@ +# configute unattended upgrades so packages from both Debian and LEAP +# repos get upgraded unattended class site_apt::unattended_upgrades { # override unattended-upgrades package resource to make sure # that it is upgraded on every deploy (#6245) + # configure upgrades for Debian class { 'apt::unattended_upgrades': - config_content => template('site_apt/50unattended-upgrades'), ensure_version => latest } + + # configure LEAP upgrades + apt::apt_conf { '51unattended-upgrades-leap': + source => [ + "puppet:///modules/site_apt/${::lsbdistid}/51unattended-upgrades-leap"], + require => Package['unattended-upgrades'], + refresh_apt => false, + } + } diff --git a/puppet/modules/site_apt/templates/50unattended-upgrades b/puppet/modules/site_apt/templates/50unattended-upgrades deleted file mode 100644 index 9ae3ab84..00000000 --- a/puppet/modules/site_apt/templates/50unattended-upgrades +++ /dev/null @@ -1,16 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Allowed-Origins { - "${distro_id}:oldstable"; - "${distro_id}:${distro_codename}-security"; - "${distro_id}:${distro_codename}-updates"; - "${distro_id} Backports:${distro_codename}-backports"; - "leap.se:stable"; -}; - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; -Unattended-Upgrade::MailOnlyOnError "true"; -- cgit v1.2.3 From 27a059ccb3b5210f7e539326c30f20d8530cde1d Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 25 Jan 2016 16:49:18 +0100 Subject: [feat] Whitelist facts to query from debug script - Resolves: #7823 --- bin/debug.sh | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/bin/debug.sh b/bin/debug.sh index 2363644c..d6f37542 100755 --- a/bin/debug.sh +++ b/bin/debug.sh @@ -2,20 +2,24 @@ # debug script to be run on remote servers # called from leap_cli with the 'leap debug' cmd -regexp='(leap|pixelated|stunnel|couch|soledad|haproxy)' +apps='(leap|pixelated|stunnel|couch|soledad|haproxy)' + +facts='(apt_running |^architecture |^augeasversion |^couchdb_.* |^debian_.* |^dhcp_enabled |^domain |^facterversion |^filesystems |^fqdn |^hardwaremodel |^hostname |^interface.* |^ipaddress.* |^is_pe |^is_virtual |^kernel.* |^lib |^lsb.* |^memory.* |^mtu_.* |^netmask.* |^network_.* |^operatingsystem |^os.* |^path |^physicalprocessorcount |^processor.* |^ps |^puppetversion |^root_home |^rsyslog_version |^rubysitedir |^rubyversion |^selinux |^ssh_version |^swapfree.* |^swapsize.* |^type |^virtual)' + # query facts and filter out private stuff -echo -e '\n\n' -facter | egrep -iv '(^ssh|^uniqueid)' +export FACTERLIB="/srv/leap/puppet/modules/apache/lib/facter:/srv/leap/puppet/modules/apt/lib/facter:/srv/leap/puppet/modules/concat/lib/facter:/srv/leap/puppet/modules/couchdb/lib/facter:/srv/leap/puppet/modules/rsyslog/lib/facter:/srv/leap/puppet/modules/site_config/lib/facter:/srv/leap/puppet/modules/sshd/lib/facter:/srv/leap/puppet/modules/stdlib/lib/facter" + +facter 2>/dev/null | egrep -i "$facts" # query installed versions echo -e '\n\n' -dpkg -l | egrep "$regexp" +dpkg -l | egrep "$apps" # query running procs echo -e '\n\n' -ps aux|egrep "$regexp" +ps aux|egrep "$apps" echo -e '\n\n' echo -e "Last deploy:\n" -- cgit v1.2.3