From 276b77cdcc0d169b84e046afe8763e2c52ff76fb Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 5 Oct 2015 15:22:25 +0200 Subject: [feat] remove tapicero leftovers Soledad now creates user-dbs, which has been done by tapicero in the past. we need to remove any leftovers from tapicero. --- puppet/modules/site_config/manifests/default.pp | 7 +- puppet/modules/site_config/manifests/remove.pp | 5 ++ .../modules/site_config/manifests/remove/files.pp | 74 ++++++++++++++++++++ .../site_config/manifests/remove/tapicero.pp | 57 +++++++++++++++ .../modules/site_config/manifests/remove_files.pp | 81 ---------------------- 5 files changed, 141 insertions(+), 83 deletions(-) create mode 100644 puppet/modules/site_config/manifests/remove.pp create mode 100644 puppet/modules/site_config/manifests/remove/files.pp create mode 100644 puppet/modules/site_config/manifests/remove/tapicero.pp delete mode 100644 puppet/modules/site_config/manifests/remove_files.pp (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/default.pp b/puppet/modules/site_config/manifests/default.pp index e69e4b7b..6b10dc19 100644 --- a/puppet/modules/site_config/manifests/default.pp +++ b/puppet/modules/site_config/manifests/default.pp @@ -1,3 +1,4 @@ +# common things to set up on every node class site_config::default { tag 'leap_base' @@ -29,7 +30,7 @@ class site_config::default { # i.e. openstack/aws nodes, vagrant nodes # fix dhclient from changing resolver information - if $::dhcp_enabled == 'true' { + if $::dhcp_enabled == 'true' { include site_config::dhclient } @@ -58,7 +59,9 @@ class site_config::default { # set up core leap files and directories include site_config::files - include site_config::remove_files + + # remove leftovers from previous deploys + include site_config::remove if ! member($services, 'mx') { include site_postfix::satellite diff --git a/puppet/modules/site_config/manifests/remove.pp b/puppet/modules/site_config/manifests/remove.pp new file mode 100644 index 00000000..00502c0a --- /dev/null +++ b/puppet/modules/site_config/manifests/remove.pp @@ -0,0 +1,5 @@ +# remove leftovers from previous deploys +class site_config::remove { + include site_config::remove::files + include site_config::remove::tapicero +} diff --git a/puppet/modules/site_config/manifests/remove/files.pp b/puppet/modules/site_config/manifests/remove/files.pp new file mode 100644 index 00000000..feff7c05 --- /dev/null +++ b/puppet/modules/site_config/manifests/remove/files.pp @@ -0,0 +1,74 @@ +# +# Sometimes when we upgrade the platform, we need to ensure that files that +# the platform previously created will get removed. +# +# These file removals don't need to be kept forever: we only need to remove +# files that are present in the prior platform release. +# +# We can assume that the every node is upgraded from the previous platform +# release. +# + +class site_config::remove::files { + + # + # Platform 0.8 removals + # + + tidy { + '/etc/apache/sites-enabled/leap_webapp.conf': + notify => Service['apache']; + } + + + # + # Platform 0.7 removals + # + + tidy { + '/etc/rsyslog.d/99-tapicero.conf':; + '/etc/rsyslog.d/99-leap-mx.conf':; + '/etc/rsyslog.d/01-webapp.conf':; + '/etc/rsyslog.d/50-stunnel.conf':; + '/etc/logrotate.d/mx':; + '/etc/logrotate.d/stunnel':; + '/var/log/stunnel4/stunnel.log':; + 'leap_mx': + path => '/var/log/', + recurse => true, + matches => 'leap_mx*'; + '/srv/leap/webapp/public/provider.json':; + '/srv/leap/couchdb/designs/tmp_users': + recurse => true, + rmdirs => true; + '/etc/leap/soledad-server.conf':; + } + + # leax-mx logged to /var/log/leap_mx.log in the past + # we need to use a dumb exec here because file_line doesn't + # allow removing lines that match a regex in the current version + # of stdlib, see https://tickets.puppetlabs.com/browse/MODULES-1903 + exec { 'rm_old_leap_mx_log_destination': + command => "/bin/sed -i '/leap_mx.log/d' /etc/check_mk/logwatch.state", + onlyif => "/bin/grep -qe 'leap_mx.log' /etc/check_mk/logwatch.state" + } + + # Don't use check_mk logwatch to watch bigcouch logs anymore + # see https://leap.se/code/issues/7375 for more details + file { '/etc/check_mk/logwatch.d/bigcouch.cfg': + ensure => absent, + notify => [ + Exec['remove_bigcouch_logwatch_spoolfiles'], + Exec['remove_bigcouch_logwatch_stateline'] + ] + } + # remove leftover bigcouch logwatch spool files + exec { 'remove_bigcouch_logwatch_spoolfiles': + command => 'find /var/lib/check_mk/logwatch -name \'\\opt\\bigcouch\\var\\log\\bigcouch.log\' -exec rm {} \;', + refreshonly => true, + } + exec { 'remove_bigcouch_logwatch_stateline': + command => "sed -i '/bigcouch.log/d' /etc/check_mk/logwatch.state", + refreshonly => true, + } +} diff --git a/puppet/modules/site_config/manifests/remove/tapicero.pp b/puppet/modules/site_config/manifests/remove/tapicero.pp new file mode 100644 index 00000000..765f7428 --- /dev/null +++ b/puppet/modules/site_config/manifests/remove/tapicero.pp @@ -0,0 +1,57 @@ +# remove tapicero leftovers from previous deploys +class site_config::remove::tapicero { + + exec { 'kill_tapicero': + onlyif => '/usr/bin/test -s /var/run/tapicero.pid', + command => '/usr/bin/pkill --pidfile /var/run/tapicero.pid' + } + + user { 'tapicero': + ensure => absent; + } + + group { 'tapicero': + ensure => absent, + require => User['tapicero']; + } + + tidy { + '/srv/leap/tapicero': + recurse => true, + require => [ Exec['kill_tapicero'] ]; + '/var/lib/leap/tapicero': + require => [ Exec['kill_tapicero'] ]; + '/var/run/tapicero': + require => [ Exec['kill_tapicero'] ]; + '/etc/leap/tapicero.yaml': + require => [ Exec['kill_tapicero'] ]; + '/etc/init.d/tapicero': + require => [ Exec['kill_tapicero'] ]; + 'tapicero_logs': + path => '/var/log/leap', + recurse => true, + matches => 'tapicero*', + require => [ Exec['kill_tapicero'] ]; + '/etc/check_mk/logwatch.d/tapicero.cfg':; + 'checkmk_logwatch_spool': + path => '/var/lib/check_mk/logwatch', + recurse => true, + matches => '*tapicero.log', + require => [ Exec['kill_tapicero'] ]; + } + + # remove local nagios plugin checks via mrpe + augeas { + 'Tapicero_Procs': + incl => '/etc/check_mk/mrpe.cfg', + lens => 'Spacevars.lns', + changes => 'rm /files/etc/check_mk/mrpe.cfg/Tapicero_Procs', + require => File['/etc/check_mk/mrpe.cfg']; + 'Tapicero_Heartbeat': + incl => '/etc/check_mk/mrpe.cfg', + lens => 'Spacevars.lns', + changes => 'rm Tapicero_Heartbeat', + require => File['/etc/check_mk/mrpe.cfg']; + } + +} diff --git a/puppet/modules/site_config/manifests/remove_files.pp b/puppet/modules/site_config/manifests/remove_files.pp deleted file mode 100644 index 07487d6a..00000000 --- a/puppet/modules/site_config/manifests/remove_files.pp +++ /dev/null @@ -1,81 +0,0 @@ -# -# Sometimes when we upgrade the platform, we need to ensure that files that -# the platform previously created will get removed. -# -# These file removals don't need to be kept forever: we only need to remove -# files that are present in the prior platform release. -# -# We can assume that the every node is upgraded from the previous platform -# release. -# - -class site_config::remove_files { - - # - # Platform 0.8 removals - # - - tidy { - '/etc/apache/sites-enabled/leap_webapp.conf': - notify => Service['apache']; - } - - - # - # Platform 0.7 removals - # - - tidy { - '/etc/rsyslog.d/99-tapicero.conf':; - '/etc/rsyslog.d/99-leap-mx.conf':; - '/etc/rsyslog.d/01-webapp.conf':; - '/etc/rsyslog.d/50-stunnel.conf':; - '/etc/logrotate.d/mx':; - '/etc/logrotate.d/stunnel':; - '/var/log/stunnel4/stunnel.log':; - 'leap_mx': - path => '/var/log/', - recurse => true, - matches => 'leap_mx*'; - '/srv/leap/webapp/public/provider.json':; - '/srv/leap/couchdb/designs/tmp_users': - recurse => true, - rmdirs => true; - '/etc/leap/soledad-server.conf':; - } - - if member($::services, 'webapp') { - tidy { - '/etc/apache/sites-enabled/leap_webapp.conf': - notify => Service['apache']; - } - } - - # leax-mx logged to /var/log/leap_mx.log in the past - # we need to use a dumb exec here because file_line doesn't - # allow removing lines that match a regex in the current version - # of stdlib, see https://tickets.puppetlabs.com/browse/MODULES-1903 - exec { 'rm_old_leap_mx_log_destination': - command => "/bin/sed -i '/leap_mx.log/d' /etc/check_mk/logwatch.state", - onlyif => "/bin/grep -qe 'leap_mx.log' /etc/check_mk/logwatch.state" - } - - # Don't use check_mk logwatch to watch bigcouch logs anymore - # see https://leap.se/code/issues/7375 for more details - file { '/etc/check_mk/logwatch.d/bigcouch.cfg': - ensure => absent, - notify => [ - Exec['remove_bigcouch_logwatch_spoolfiles'], - Exec['remove_bigcouch_logwatch_stateline'] - ] - } - # remove leftover bigcouch logwatch spool files - exec { 'remove_bigcouch_logwatch_spoolfiles': - command => 'find /var/lib/check_mk/logwatch -name \'\\opt\\bigcouch\\var\\log\\bigcouch.log\' -exec rm {} \;', - refreshonly => true, - } - exec { 'remove_bigcouch_logwatch_stateline': - command => "sed -i '/bigcouch.log/d' /etc/check_mk/logwatch.state", - refreshonly => true, - } -} -- cgit v1.2.3