diff options
39 files changed, 458 insertions, 140 deletions
@@ -6,12 +6,6 @@ files, under: site-puppet/files/master/fileserver.conf site-puppet/files/master/puppet.conf -those files in this module are just examples. - -Depends on Modules ------------------- -- bc - Usage ===== @@ -21,12 +15,24 @@ configuration of the master. Run puppet by cron: ------------------- -By default puppet runs as own daemon. However, you might want to run -puppet by cron. To do this, you have to include `puppet::cron` instead -of `puppet`. By default puppet will run twice an hour, spread amongst -the half an hour depending on the host's fqdn. You can tweak that setting -by setting $puppet_crontime +By default puppet runs as its own daemon. However, you might want to run puppet +by cron. To do this, you have to include `puppet::cron` instead of `puppet`. If +you include puppet::cron then by default puppet will run twice an hour, spread +amongst the half an hour depending on the host's fqdn. If you wish to change +that interval, you can tweak $puppet_crontime (NOTE: this variable only operates +on the minute cron field). + +Clientbucket cleanup: +--------------------- +The individual node client buckets aren't cleaned up automatically, unless you +specify $puppet_cleanup_clientbucket = 'X', where X is the number of days you +want to keep clientbucket files for. + +Use http compression +-------------------- + +To enable http compression on the clients, set $puppet_http_compression = true Puppetmaster Mode: ------------------ @@ -34,12 +40,23 @@ Puppetmaster Mode: If you want to run the puppetmaster in a non-webrick based mode, you can set $puppetmaster_mode either to: -* passenger, run puppetmaster as a passenger application -* cluster, run puppetmaster as a mongrel based cluster +* passenger, run puppetmaster as a passenger application, you will need the + passenger module to take advantage of this + +* cluster, run puppetmaster as a mongrel based cluster, you will need the + nginx and mongrel modules to take advantage of this + +In both cases you have to setup the appropriate frontends (apache vhost +configuration/nginx vhost configuration) on your own. -In both cases you have to setup the appropriate frontends -(apache vhost configuration/nginx vhost configuration) on -your own. +Munin +----- + +If you are using munin, and have the puppet munin module installed, you can set +the variable $use_munin = true to have graphs setup for you. The graphs that +will be setup track memory usage by the running puppetmasters; track the average +compile time of clients; and if you are using postgresql/mysql then a graph to +monitor resource counts. Reports cleanup: --------------- @@ -63,18 +80,49 @@ $puppetmaster_lastruncheck_cron by cron. Default: 40 10 * * * * false: to disable check for last run +You will need the cron module to take advantage of this functionality. + +Stored configs: +--------------- + +If you want to use storedconfigs on your puppetmaster, there are some +pre-requisite modules: mysql, rails. In your puppetmaster node definition you +will need to set $mysql_rootpw to the mysql root password, +$puppet_storeconfig_password to the puppet database password, and then set +$puppetmaster_storeconfigs = true to enable stored configs. + +Then you will need to either put in your node definition, or in +site-puppet/manifests/init.pp puppet::puppetmaster::hasdb to setup the database +with the right parameters. This will setup your storeconfigs database, adding to +the database the correct user, the correct grant permissions, and also setup +a munin graph, if you have $use_munin = true + +Currently, only mysql is supported. See manifests/puppetmaster/hasdb.pp for the +define variables you can set. + Example: -------- -in your site.pp, i.e. : - - $puppet_crontime = "0,12 * * * *" - include puppet::cron - - $puppetmaster_mode = 'passenger' - include puppet::puppetmaster - - $puppet_storeconfig_password="..." - include puppet::puppetmaster::storeconfigs +in your site.pp: + +node puppetmaster { + $mysql_rootpw = "foo" + $puppet_storeconfig_password = "bar" + $puppetmaster_storeconfigs = true + $use_munin = true + $puppetmaster_mode = 'passenger' + $puppet_crontime = "0,12 * * * *" + include site-puppet::master + include puppet::cron + include puppet::puppetmaster +... + +in your site-puppet/manifests/master.pp you could include something like: + +class site-puppet::master { + ... + puppet::puppetmaster::hasdb { "puppet": + dbname => 'puppetmaster', + dbuser => 'puppet' + } -...tbc... diff --git a/files/client/2.6/puppet.conf b/files/client/2.6/puppet.conf index 6c6a6cc..847f23c 100644 --- a/files/client/2.6/puppet.conf +++ b/files/client/2.6/puppet.conf @@ -6,18 +6,20 @@ ssldir=$vardir/ssl # Where 3rd party plugins and modules are installed - libdir = $vardir/lib - - templatedir=$vardir/templates + libdir = $vardir/lib + templatedir=$vardir/templates + modulepath=/etc/puppet/modules factpath = $libdir/facter [agent] report=true pluginsync = true - # different run-interval, default= 30min - # e.g. run puppetd every 4 hours = 14400 - # runinterval = 14400 + # Default environment + environment = production - logdest=/var/log/puppet/puppet.log + # Development environment + [development] + modulepath = /etc/puppet/development/modules + manifest = /etc/puppet/development/manifests/site.pp diff --git a/files/client/debian/puppet b/files/client/debian/puppet index 3e0ee04..59e4bde 100644 --- a/files/client/debian/puppet +++ b/files/client/debian/puppet @@ -1,7 +1,7 @@ # Defaults for puppet - sourced by /etc/init.d/puppet # Start puppet on boot? -START=yes +START=no # Startup options DAEMON_OPTS="-w 0" diff --git a/files/client/puppet.conf b/files/client/puppet.conf index 9ee333c..09b47b1 100644 --- a/files/client/puppet.conf +++ b/files/client/puppet.conf @@ -9,15 +9,17 @@ libdir = $vardir/lib templatedir=$vardir/templates - + modulepath=/etc/puppet/modules factpath = $libdir/facter [puppetd] report=true pluginsync=true - # different run-interval, default= 30min - # e.g. run puppetd every 4 hours = 14400 - # runinterval = 14400 + # Default environment + environment = production - logdest=/var/log/puppet/puppet.log + # Development environment + [development] + modulepath = /etc/puppet/development/modules + manifest = /etc/puppet/development/manifests/site.pp diff --git a/files/cron.d/puppetd b/files/cron.d/puppetd index 92af3e2..4db734a 100644 --- a/files/cron.d/puppetd +++ b/files/cron.d/puppetd @@ -1,5 +1,5 @@ # check if puppet is running -0 * * * * root /bin/ps ax | /bin/grep -v grep | /bin/grep -q puppetd || (sleep `echo $RANDOM/2000*60 | bc` && /etc/init.d/puppet restart) +0 * * * * root /bin/ps ax | /bin/grep -v grep | /bin/grep -q puppetd || (sleep $(( $(</dev/urandom od -N2 -t u2 -A n) >> 6 )) && /etc/init.d/puppet restart > /dev/null) # restart puppet once in a while and randomly delay the restart between 0 and 32 minutes -> splay puppetmaster hammering -0 22 * * */2 root sleep `echo $RANDOM/1000*60 | bc` && /etc/init.d/puppet restart > /dev/null +0 22 * * */2 root sleep $(( $( </dev/urandom od -N2 -t u2 -A none ) >> 5 )) && /etc/init.d/puppet restart > /dev/null diff --git a/files/cron.d/puppetd.CentOS b/files/cron.d/puppetd.CentOS index 9787231..30a14bb 100644 --- a/files/cron.d/puppetd.CentOS +++ b/files/cron.d/puppetd.CentOS @@ -1,5 +1,5 @@ # check if puppet is running -0 * * * * root /etc/init.d/puppet status > /dev/null || (sleep `echo $RANDOM/2000*60 | bc` && /etc/init.d/puppet restart) +0 * * * * root /etc/init.d/puppet status > /dev/null || (sleep $(( $(</dev/urandom od -N2 -t u2 -A n) >> 6 )) && /etc/init.d/puppet restart > /dev/null) # restart puppet once in a while and randomly delay the restart between 0 and 32 minutes -> splay puppetmaster hammering -0 22 * * */2 root sleep `echo $RANDOM/1000*60 | bc` && /etc/init.d/puppet restart > /dev/null +0 22 * * */2 root sleep $(( $(</dev/urandom od -N2 -t u2 -A n) >> 5 )) && /etc/init.d/puppet restart > /dev/null diff --git a/files/cron.d/puppetd.Gentoo b/files/cron.d/puppetd.Gentoo index 29655b9..2404d68 100644 --- a/files/cron.d/puppetd.Gentoo +++ b/files/cron.d/puppetd.Gentoo @@ -1,5 +1,5 @@ # check if puppet is running -# 0 * * * * root /bin/ps ax | /bin/grep -v grep | /bin/grep -q puppetd || ( sleep `echo $RANDOM/2000*60 | bc` && /etc/init.d/puppet restart ) +# 0 * * * * root /bin/ps ax | /bin/grep -v grep | /bin/grep -q puppetd || ( sleep $(( $(</dev/urandom od -N2 -t u2 -A n) >> 6 )) && /etc/init.d/puppet restart > /dev/null) # restart puppet once in a while and randomly delay the restart between 0 and 32 minutes -> splay puppetmaster hammering -# 0 22 * * */2 root sleep `echo $RANDOM/1000*60 | bc` && /etc/init.d/puppet restart > /dev/null +# 0 22 * * */2 root sleep $(( $(</dev/urandom od -N2 -t u2 -A n) >> 5 )) && /etc/init.d/puppet restart > /dev/null diff --git a/files/master/debian/puppetmaster b/files/master/debian/puppetmaster new file mode 100644 index 0000000..b0a9fe4 --- /dev/null +++ b/files/master/debian/puppetmaster @@ -0,0 +1,63 @@ +# Defaults for puppetmaster - sourced by /etc/init.d/puppetmaster + +# Start puppetmaster on boot? If you are using passenger, you should +# have this set to "no" +START=yes + +# Startup options +DAEMON_OPTS="" + +# What server type to run +# Options: +# webrick: default, cannot handle more than ~30 nodes +# mongrel: scales better than webrick because you can run +# multiple processes if you are getting +# connection-reset or End-of-file errors, switch to +# mongrel. Requires front-end web-proxy such as +# apache, nginx, or pound, more information: +# http://reductivelabs.com/trac/puppet/wiki/UsingMongrel +# passenger: no need to set this, be sure to set START=no above +SERVERTYPE=webrick + +# How many puppetmaster instances to start? Its pointless to set this +# higher than 1 if you are not using mongrel. +PUPPETMASTERS=1 + +# What port should the puppetmaster listen on (default: 8140). If +# PUPPETMASTERS is set to a number greater than 1, then the port for +# the first puppetmaster will be set to the port listed below, and +# further instances will be incremented by one +# +# NOTE: if you are using mongrel, then you will need to have a +# front-end web-proxy (such as apache, nginx, pound) that takes +# incoming requests on the port your clients are connecting to +# (default is: 8140), and then passes them off to the mongrel +# processes. In this case it is recommended to run your web-proxy on +# port 8140 and change the below number to something else, such as +# 18140. +PORT=8140 + +# Should puppetqd (the storeconfigs queuing broker) be started? +# This can take some load off of the puppetmaster by queuing the +# storeconfig updates to the database with puppetqd. You need +# to have the 'stompserver' package installed and running, and +# the following configured in your puppet.conf: +# +# [main] +# queue_type = stomp +# queue_source = stomp://localhost:61613 +# dbadapter = (sqlite3|mysql|postgresql) +# dbserver=localhost +# dbname=puppet +# dbuser=puppet +# dbpassword=xxxx +# dblocation = /var/lib/puppet/storeconfigs.sqlite <-- only if using sqlite +# [master] +# async_storeconfigs = true +# +# See: http://reductivelabs.com/trac/puppet/wiki/UsingStoredConfiguration +# +# Once you have the proper puppet.conf, and stompserver, you can enable +# the following: +PUPPETQD=no +PUPPETQD_OPTS="" diff --git a/files/munin/puppet_ b/files/munin/puppet_ new file mode 100644 index 0000000..ed488be --- /dev/null +++ b/files/munin/puppet_ @@ -0,0 +1,101 @@ +#!/usr/bin/env ruby + +# returns the mem usage of a given process +def plist(psname) + counter = 0 + %x{ps h -o rss,size,vsize,pcpu -u puppet}.each do |ps| + rss,size,vsize,cpu = ps.split + counter += 1 + puts "puppetmasterd_#{counter}.value #{rss}" + + end + return +end + +# reports how many clients compiled in the last 5 minutes +# repotrs how many unique clients compiled since the begining of the day +# report the average compilation time for all clients in the last 5 minutes. +def phaselog + logfile = ENV['puppet_logfile'] || '/var/log/daemon.log' + count,avg,day_count_unique,day_count = 0 ,0 ,0, 0 + t = Time.now + today = t.strftime("^%b ") + " ?" + t.day.to_s + hour = today + t.strftime(" %H:") + m = t.min.to_i + last5m = "" + 6.times do |i| + last5m += hour + last5m += "0" if (m-i) < 10 + last5m += (m-i).to_s + last5m += "|" unless i==5 + end + hosts = Array.new + regexp = ".* for (.*) in (.*) seconds" + + File.open(logfile).grep(/#{today}/).grep(/Compiled configuration|Compiled catalog/).each do |line| + case line + when /#{last5m}/ then + if line =~ /#{regexp}/ + avg += $2.to_f + count += 1 + unless hosts.include?($1) + hosts << $1 + end + end + when /#{regexp}/ then + day_count += 1 + unless hosts.include?($1) + hosts << $1 + day_count_unique += 1 + end + end + end + puts "avg_compile.value #{(avg / count).to_s[0..3]}" unless count == 0 + puts "last5m_count.value #{count}" + puts "last24h_unique_count.value #{day_count_unique}" +end + + +case ARGV[0] + when 'config' + case $0 + when /puppetmaster_memory/ + puts "graph_title puppetmaster memory usage" + puts "graph_vlabel memory" + # find out how many mongrel process we have - if any + File.open('/etc/default/puppetmaster') do |line| + @pm_process = line.grep(/PUPPETMASTERS/).to_s.split('=')[1].to_i + end + if @pm_process > 0 + @pm_process.times do |i| + puts "puppetmasterd_#{i+1}.label puppetmasterd #{i+1}" + end + else + puts "puppetmaster.label puppetmasterd" + end + when /puppet_clients/ + puts "graph_title puppet clients usage" + puts "graph_vlabel clients" + puts "known_clients.label Known Clients" + puts "avg_compile.label Average configuration compile" + puts "last5m_count.label Clients in the last 5 minutes" + puts "last24h_unique_count.label unique clients in the last 24 hours" + end + puts "graph_category puppet" + exit 0 + when 'autoconf' + case $0 + when /puppet_mem/,/puppet_clients/ + puts "yes" + else + puts "no" + exit 0 + end + else + plist("'ruby /usr/sbin/puppetmasterd'") if $0 =~ /puppet_mem$/ + if $0 =~ /puppet_clients$/ + puts "known_clients.value #{Dir.entries('/var/lib/puppet/yaml/facts/').size-2}" + phaselog + end +end + diff --git a/manifests/base.pp b/manifests/base.pp index 0a6e2f9..69a7568 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -1,8 +1,23 @@ class puppet::base { + if !$puppet_config { $puppet_config = '/etc/puppet/puppet.conf' } $puppet_majorversion = regsubst($puppetversion,'^(\d+\.\d+).*$','\1') + case $puppet_cleanup_clientbucket { + # if not set, don't do anything + '': {} + default: { + tidy { "/var/lib/puppet/clientbucket": + backup => false, + recurse => true, + rmdirs => true, + type => mtime, + age => "$puppet_cleanup_clientbucket"; + } + } + } + file { 'puppet_config': path => "$puppet_config", source => [ "puppet:///modules/site-puppet/client/${fqdn}/puppet.conf", @@ -13,11 +28,12 @@ class puppet::base { "puppet:///modules/puppet/client/puppet.conf.$operatingsystem", "puppet:///modules/puppet/client/puppet.conf" ], notify => Service[puppet], - # if puppetmasterd is deployed by apache2/passenger it needs to read puppet.conf - # therefore it must be readable by puppet + # if puppetmasterd is deployed by apache2/passenger it needs to read puppet.conf + # therefore it must be readable by puppet owner => puppet, group => 0, mode => 600; } - service{'puppet': + + service { 'puppet': ensure => running, enable => true, hasstatus => true, diff --git a/manifests/centos.pp b/manifests/centos.pp index 6fdde9e..61aa065 100644 --- a/manifests/centos.pp +++ b/manifests/centos.pp @@ -1,5 +1,6 @@ class puppet::centos inherits puppet::linux { - file{'/etc/sysconfig/puppet': + + file { '/etc/sysconfig/puppet': source => [ "puppet:///modules/site-puppet/sysconfig/${fqdn}/puppet", "puppet:///modules/site-puppet/sysconfig/${domain}/puppet", "puppet:///modules/site-puppet/sysconfig/puppet", diff --git a/manifests/cron.pp b/manifests/cron.pp index 8d41174..693a430 100644 --- a/manifests/cron.pp +++ b/manifests/cron.pp @@ -1,8 +1,9 @@ # manifests/cron.pp class puppet::cron inherits puppet { - case $kernel { + case $operatingsystem { linux: { include puppet::cron::linux } + debian: { include puppet::cron::debian } openbsd: { include puppet::cron::openbsd } default: { include puppet::cron::base } } diff --git a/manifests/cron/base.pp b/manifests/cron/base.pp index acef55e..7b40da6 100644 --- a/manifests/cron/base.pp +++ b/manifests/cron/base.pp @@ -1,32 +1,34 @@ # manifests/cron/base.pp - class puppet::cron::base inherits puppet::base { + + case $operatingsystem { + debian: { if $lsbdistcodename != 'lenny' { $stop_service = true } else { $stop_service = false } } + openbsd, ubuntu: { $stop_service = false } + default: { $stop_service = true } + } + Service['puppet']{ enable => false, } - case $operatingsystem { - debian,openbsd,ubuntu: { - #it's already disabled - } - default: { - $puppet_majorversion = regsubst($puppetversion,'^(\d+\.\d+).*$','\1') - if $puppet_majorversion == '2.6' { - Service['puppet']{ - ensure => stopped, - } - } else { - Service['puppet']{ - hasstatus => false, - pattern => 'puppetd', - } - # this works only on < 2.6 - exec{'stop_puppet': - command => 'kill `cat /var/run/puppet/puppetd.pid`', - onlyif => 'test -f /var/run/puppet/puppetd.pid', - require => Service['puppet'], - } + if $stop_service == true { + $puppet_majorversion = regsubst($puppetversion,'^(\d+\.\d+).*$','\1') + if $puppet_majorversion == '2.6' { + Service['puppet']{ + ensure => stopped, + } + } else { + Service['puppet']{ + hasstatus => false, + pattern => 'puppetd', + } + # this works only on < 2.6 + exec { 'stop_puppet': + command => 'kill `cat /var/run/puppet/puppetd.pid`', + onlyif => 'test -f /var/run/puppet/puppetd.pid', + require => Service['puppet'], } } } } + diff --git a/manifests/cron/debian.pp b/manifests/cron/debian.pp new file mode 100644 index 0000000..0b4bd61 --- /dev/null +++ b/manifests/cron/debian.pp @@ -0,0 +1,7 @@ +class puppet::cron::debian inherits puppet::cron::linux { + + File['/etc/cron.d/puppetd.cron']{ + path => '/etc/cron.d/puppetd', + } + +} diff --git a/manifests/cron/linux.pp b/manifests/cron/linux.pp index a5008bf..bab9564 100644 --- a/manifests/cron/linux.pp +++ b/manifests/cron/linux.pp @@ -1,5 +1,6 @@ # manifests/cron/linux.pp class puppet::cron::linux inherits puppet::linux { + include puppet::cron::base if !$puppet_config { $puppet_config = '/etc/puppet/puppet.conf' } if $puppet_http_compression { $puppet_http_compression_str = '--http_compression' } @@ -13,7 +14,7 @@ class puppet::cron::linux inherits puppet::linux { File['/etc/cron.d/puppetd.cron']{ source => undef, - content => "# run puppet\n$puppet_crontime root /usr/sbin/puppetd --onetime --no-daemonize --config=$puppet_config --color false $puppet_http_compression_str | grep -E '(^err:|^alert:|^emerg:|^crit:)'\n", + content => "#run puppet\n$puppet_crontime root output=\$(/usr/sbin/puppetd --onetime --no-daemonize --splay --config=/etc/puppet/puppet.conf --color false); ret=\$?; printf \"\\%s\" \"\$output\" | grep -E '(^err:|^alert:|^emerg:|^crit:)'; exit \$ret\n", before => Service['puppet'], } } diff --git a/manifests/cron/openbsd.pp b/manifests/cron/openbsd.pp index 4ee293f..084b022 100644 --- a/manifests/cron/openbsd.pp +++ b/manifests/cron/openbsd.pp @@ -1,4 +1,5 @@ class puppet::cron::openbsd inherits puppet::openbsd { + include puppet::cron::base if !$puppet_config { $puppet_config = '/etc/puppet/puppet.conf' } if $puppet_http_compression { $puppet_http_compression_str = '--http_compression' } diff --git a/manifests/debian.pp b/manifests/debian.pp index fba7beb..f0479ae 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -1,5 +1,6 @@ class puppet::debian inherits puppet::linux { - file{'/etc/default/puppet': + + file { '/etc/default/puppet': source => [ "puppet:///modules/site-puppet/client/debian/${fqdn}/puppet", "puppet:///modules/site-puppet/client/debian/${domain}/puppet", "puppet:///modules/site-puppet/client/debian/puppet", @@ -8,11 +9,27 @@ class puppet::debian inherits puppet::linux { owner => root, group => 0, mode => 0644; } - # there is really no status cmd for it + case $lsbdistcodename { + squeeze,sid: { + $real_puppet_hasstatus = true + } + default: { + $real_puppet_hasstatus = false + } + } + Service[puppet]{ - hasstatus => false, + hasstatus => $real_puppet_hasstatus, } - File['/etc/cron.d/puppetd.cron']{ - path => '/etc/cron.d/puppetd', + + if !$puppet_ensure_version { $puppet_ensure_version = 'installed' } + package{ 'puppet-common': + ensure => $puppet_ensure_version, } + + Package['puppet']{ + require => Package['puppet-common'] + } } + + diff --git a/manifests/gentoo.pp b/manifests/gentoo.pp index 1fed53d..da78226 100644 --- a/manifests/gentoo.pp +++ b/manifests/gentoo.pp @@ -1,4 +1,5 @@ class puppet::gentoo inherits puppet::linux { + Package[puppet]{ category => 'app-admin', } diff --git a/manifests/linux.pp b/manifests/linux.pp index a217f66..fcd3936 100644 --- a/manifests/linux.pp +++ b/manifests/linux.pp @@ -1,23 +1,22 @@ class puppet::linux inherits puppet::base { if !$puppet_ensure_version { $puppet_ensure_version = 'installed' } - package{ 'puppet': + package { 'puppet': ensure => $puppet_ensure_version, } if !$facter_ensure_version { $facter_ensure_version = 'installed' } - package{ 'facter': + package { 'facter': ensure => $facter_ensure_version, } - # package bc needed for cron job - include bc Service['puppet']{ require => Package[puppet], } - - file{'/etc/cron.d/puppetd.cron': - source => [ "puppet:///modules/puppet/cron.d/puppetd.${operatingsystem}", + + file { '/etc/cron.d/puppetd.cron': + source => [ "puppet:///modules/site-puppet/cron.d/puppetd", + "puppet:///modules/puppet/cron.d/puppetd.${operatingsystem}", "puppet:///modules/puppet/cron.d/puppetd" ], owner => root, group => 0, mode => 0644, } diff --git a/manifests/openbsd.pp b/manifests/openbsd.pp index 1eeaba5..1df5a9e 100644 --- a/manifests/openbsd.pp +++ b/manifests/openbsd.pp @@ -1,7 +1,9 @@ class puppet::openbsd inherits puppet::base { + File['puppet_config']{ owner => '_puppet' } + Service['puppet']{ restart => '/bin/kill -HUP `/bin/cat /var/run/puppet/agent.pid`', stop => '/bin/kill `/bin/cat /var/run/puppet/agent.pid`', @@ -10,18 +12,21 @@ class puppet::openbsd inherits puppet::base { hasrestart => false, pattern => 'puppet agent', } - openbsd::rc_local{'puppetd': + + openbsd::rc_local { 'puppetd': binary => '/usr/local/bin/puppet agent', } - cron { 'puppetd_check': - command => '/bin/ps ax | /usr/bin/grep -v grep | /usr/bin/grep -q "puppet agent" || (sleep `echo $RANDOM/2000*60 | bc` && /usr/local/bin/puppet agent)', - user => root, - minute => 0, - } - cron { 'puppetd_restart': - command => 'sleep `echo $RANDOM/2000*60 | bc` && /bin/kill `/bin/cat /var/run/puppet/agent.pid`; /usr/local/bin/puppet agent', - minute => 0, - hour => 22, - monthday => '*/2', + + cron { + 'puppetd_check': + command => '/bin/ps ax | /usr/bin/grep -v grep | /usr/bin/grep -q "puppet agent" || (sleep $(( $(</dev/urandom od -N2 -t u2 -A n) >> 6 )) && /usr/local/bin/puppet agent)', + user => root, + minute => 0; + + 'puppetd_restart': + command => 'sleep $(( $(</dev/urandom od -N2 -t u2 -A n) >> 6 )) && /bin/kill `/bin/cat /var/run/puppet/agent.pid`; /usr/local/bin/puppet agent', + minute => 0, + hour => 22, + monthday => '*/2', } } diff --git a/manifests/puppetmaster.pp b/manifests/puppetmaster.pp index 41d8021..4d1960d 100644 --- a/manifests/puppetmaster.pp +++ b/manifests/puppetmaster.pp @@ -42,4 +42,8 @@ class puppet::puppetmaster inherits puppet { if $use_shorewall { include shorewall::rules::puppet::master } + + if $use_munin { + include puppet::puppetmaster::munin + } } diff --git a/manifests/puppetmaster/base.pp b/manifests/puppetmaster/base.pp index 6f9bdc7..6ac1e0c 100644 --- a/manifests/puppetmaster/base.pp +++ b/manifests/puppetmaster/base.pp @@ -1,4 +1,5 @@ class puppet::puppetmaster::base inherits puppet::base { + File[puppet_config]{ source => [ "puppet:///modules/site-puppet/master/puppet.conf", "puppet:///modules/puppet/master/puppet.conf" ], diff --git a/manifests/puppetmaster/centos.pp b/manifests/puppetmaster/centos.pp index 0daa69b..2673a4d 100644 --- a/manifests/puppetmaster/centos.pp +++ b/manifests/puppetmaster/centos.pp @@ -1,7 +1,7 @@ # manifests/puppetmaster/centos.pp - class puppet::puppetmaster::centos inherits puppet::puppetmaster::package { - file{'/etc/sysconfig/puppetmaster': + + file { '/etc/sysconfig/puppetmaster': source => [ "puppet:///modules/site-puppet/sysconfig/${fqdn}/puppetmaster", "puppet:///modules/site-puppet/sysconfig/${domain}/puppetmaster", "puppet:///modules/site-puppet/sysconfig/puppetmaster", diff --git a/manifests/puppetmaster/checklastrun.pp b/manifests/puppetmaster/checklastrun.pp index 72a97ce..93ed8b9 100644 --- a/manifests/puppetmaster/checklastrun.pp +++ b/manifests/puppetmaster/checklastrun.pp @@ -1,4 +1,5 @@ class puppet::puppetmaster::checklastrun { + $puppet_lastruncheck_ignorehosts_str = $puppet_lastruncheck_ignorehosts ? { '' => '', undef => '', @@ -11,13 +12,14 @@ class puppet::puppetmaster::checklastrun { default => "--timeout ${puppet_lastruncheck_timeout}" } - file{"/usr/local/sbin/puppetlast": - source => [ "puppet:///modules/puppet/master/lastruncheck" ], - owner => root, group => 0, mode => 0700; - } - file{'/etc/cron.d/puppetlast.cron': - content => "${puppetmaster_lastruncheck_cron} root /usr/local/sbin/puppetlast ${puppet_lastruncheck_timeout_str} ${puppet_lastruncheck_ignorehosts_str} ${$puppet_lastruncheck_additionaloptions}\n", - require => File["/usr/local/bin/puppetlast"], - owner => root, group => 0, mode => 0644, + file{ + '/usr/local/sbin/puppetlast': + source => [ "puppet:///modules/puppet/master/lastruncheck" ], + owner => root, group => 0, mode => 0700; + + '/etc/cron.d/puppetlast.cron': + content => "${puppetmaster_lastruncheck_cron} root /usr/local/sbin/puppetlast ${puppet_lastruncheck_timeout_str} ${puppet_lastruncheck_ignorehosts_str} ${$puppet_lastruncheck_additionaloptions}\n", + require => File["/usr/local/sbin/puppetlast"], + owner => root, group => 0, mode => 0644, } } diff --git a/manifests/puppetmaster/checklastrun/disable.pp b/manifests/puppetmaster/checklastrun/disable.pp index 3fc91d0..8fff212 100644 --- a/manifests/puppetmaster/checklastrun/disable.pp +++ b/manifests/puppetmaster/checklastrun/disable.pp @@ -1,8 +1,10 @@ class puppet::puppetmaster::checklastrun::disable inherits puppet::puppetmaster::checklastrun { + File['/usr/local/sbin/puppetlast']{ source => undef, ensure => absent, } + File['/etc/cron.d/puppetlast.cron']{ ensure => absent, } diff --git a/manifests/puppetmaster/cleanup_reports.pp b/manifests/puppetmaster/cleanup_reports.pp index 4d76ceb..664bd81 100644 --- a/manifests/puppetmaster/cleanup_reports.pp +++ b/manifests/puppetmaster/cleanup_reports.pp @@ -1,7 +1,8 @@ class puppet::puppetmaster::cleanup_reports { + # clean up reports older than $puppetmaster_cleanup_reports days - file{'/etc/cron.daily/puppet_reports_cleanup.sh': - content => "#!/bin/bash\nfind /var/log/puppet/reports/ -maxdepth 2 -type f -ctime +${puppetmaster_cleanup_reports} -exec rm {} \\;\n", + file { '/etc/cron.daily/puppet_reports_cleanup.sh': + content => "#!/bin/bash\nfind /var/lib/puppet/reports/ -maxdepth 2 -type f -ctime +${puppetmaster_cleanup_reports} -exec rm {} \\;\n", owner => root, group => 0, mode => 0700; } } diff --git a/manifests/puppetmaster/cleanup_reports/disable.pp b/manifests/puppetmaster/cleanup_reports/disable.pp index f195a3e..8636223 100644 --- a/manifests/puppetmaster/cleanup_reports/disable.pp +++ b/manifests/puppetmaster/cleanup_reports/disable.pp @@ -1,4 +1,5 @@ class puppet::puppetmaster::cleanup_reports::disable inherits puppet::puppetmaster::cleanup_reports { + File['/etc/cron.daily/puppet_reports_cleanup.sh']{ ensure => absent, } diff --git a/manifests/puppetmaster/cluster.pp b/manifests/puppetmaster/cluster.pp index 41298b3..8d635ab 100644 --- a/manifests/puppetmaster/cluster.pp +++ b/manifests/puppetmaster/cluster.pp @@ -1,3 +1,5 @@ class puppet::puppetmaster::cluster inherits puppet::puppetmaster { + include puppet::puppetmaster::cluster::base + } diff --git a/manifests/puppetmaster/cluster/base.pp b/manifests/puppetmaster/cluster/base.pp index 1aa1f8b..8c90153 100644 --- a/manifests/puppetmaster/cluster/base.pp +++ b/manifests/puppetmaster/cluster/base.pp @@ -1,6 +1,7 @@ class puppet::puppetmaster::cluster::base inherits puppet::puppetmaster::base { - include mongrel, nginx + include mongrel, nginx + File[puppet_config] { require +> [ Package[mongrel], Package[nginx], File[nginx_config] ], } diff --git a/manifests/puppetmaster/debian.pp b/manifests/puppetmaster/debian.pp index 14ea3cc..8cee0ea 100644 --- a/manifests/puppetmaster/debian.pp +++ b/manifests/puppetmaster/debian.pp @@ -1 +1,19 @@ -class puppet::puppetmaster::debian inherits puppet::puppetmaster::package { } +class puppet::puppetmaster::debian inherits puppet::puppetmaster::package { + + if $puppetmaster_mode != 'passenger' { + case $lsbdistcodename { + squeeze,sid: { + Service['puppetmaster'] { hasstatus => true, hasrestart => true } + } + } + } + + file { '/etc/default/puppetmaster': + source => [ "puppet:///modules/site-puppet/master/debian/${fqdn}/puppetmaster", + "puppet:///modules/site-puppet/master/debian/${domain}/puppetmaster", + "puppet:///modules/site-puppet/master/debian/puppetmaster", + "puppet:///modules/puppet/master/debian/puppetmaster" ], + notify => Service[puppetmaster], + owner => root, group => 0, mode => 0644; + } +} diff --git a/manifests/puppetmaster/hasdb.pp b/manifests/puppetmaster/hasdb.pp index 1ba1331..2aca0e6 100644 --- a/manifests/puppetmaster/hasdb.pp +++ b/manifests/puppetmaster/hasdb.pp @@ -1,4 +1,4 @@ -define puppet::puppetmaster::hasdb( +define puppet::puppetmaster::hasdb ( $dbtype = 'mysql', $dbname = 'puppet', $dbhost = 'localhost', @@ -6,8 +6,8 @@ define puppet::puppetmaster::hasdb( $dbhostfqdn = "${fqdn}", $dbuser = 'puppet', $dbpwd = $puppet_storeconfig_password, - $dbconnectinghost = 'locahost' -){ + $dbconnectinghost = 'locahost' ) +{ if !$puppet_storeconfig_password { fail("No \$puppet_storeconfig_password is set, please set it in your manifests or site.pp to add a password") } diff --git a/manifests/puppetmaster/hasdb/mysql.pp b/manifests/puppetmaster/hasdb/mysql.pp index 22e6434..1ed122a 100644 --- a/manifests/puppetmaster/hasdb/mysql.pp +++ b/manifests/puppetmaster/hasdb/mysql.pp @@ -1,31 +1,32 @@ # don't use this define use the general interface -define puppet::puppetmaster::hasdb::mysql( +define puppet::puppetmaster::hasdb::mysql ( $dbname = 'puppet', $dbhost = 'localhost', $dbhostfqdn = "${fqdn}", $dbuser = 'puppet', $dbpwd, - $dbconnectinghost = 'localhost' -){ - @@mysql_database{$dbname: + $dbconnectinghost = 'localhost' ) +{ + @@mysql_database { $dbname: tag => "mysql_${dbhostfqdn}", } - @@mysql_user{"${dbuser}@${dbconnectinghost}": + @@mysql_user { "${dbuser}@${dbconnectinghost}": password_hash => mysql_password("$dbpwd"), require => Mysql_database[$dbname], tag => "mysql_${dbhostfqdn}", } - - @@mysql_grant{"${dbuser}@${dbconnectinghost}/${dbname}": + @@mysql_grant { "${dbuser}@${dbconnectinghost}/${dbname}": privileges => all, require => Mysql_user["${dbuser}@${dbconnectinghost}"], tag => "mysql_${dbhostfqdn}", } - munin::plugin::deploy{'puppetresources': - source => "puppet/munin/puppetresources.mysql", - config => "env.mysqlopts --user=$dbuser --password=$dbpwd -h $dbhost\nenv.puppetdb $dbname", + if $use_munin { + munin::plugin::deploy { 'puppetresources': + source => "puppet/munin/puppetresources.mysql", + config => "env.mysqlopts --user=$dbuser --password=$dbpwd -h $dbhost\nenv.puppetdb $dbname", + } } } diff --git a/manifests/puppetmaster/linux.pp b/manifests/puppetmaster/linux.pp index 3d36f75..2670203 100644 --- a/manifests/puppetmaster/linux.pp +++ b/manifests/puppetmaster/linux.pp @@ -1,16 +1,16 @@ class puppet::puppetmaster::linux inherits puppet::linux { if $puppetmaster_mode == 'passenger' { - exec{'notify_passenger_puppetmaster': + exec { 'notify_passenger_puppetmaster': refreshonly => true, command => 'touch /etc/puppet/rack/tmp/restart.txt && sleep 1 && rm /etc/puppet/rack/tmp/restart.txt', - } + } } else { - service{'puppetmaster': - ensure => running, - enable => true, - require => [ Package[puppet] ], - } + service { 'puppetmaster': + ensure => running, + enable => true, + require => [ Package[puppet] ], + } } Service[puppet]{ require +> Service[puppetmaster], diff --git a/manifests/puppetmaster/munin.pp b/manifests/puppetmaster/munin.pp new file mode 100644 index 0000000..4500b74 --- /dev/null +++ b/manifests/puppetmaster/munin.pp @@ -0,0 +1,9 @@ +class puppet::puppetmaster::munin { + + munin::plugin::deploy { + [ 'puppetmaster_memory', 'puppet_clients' ]: + source => "puppet/munin/puppet_", + config => "user root" + } + +} diff --git a/manifests/puppetmaster/package.pp b/manifests/puppetmaster/package.pp index 4be146d..145792e 100644 --- a/manifests/puppetmaster/package.pp +++ b/manifests/puppetmaster/package.pp @@ -3,6 +3,7 @@ class puppet::puppetmaster::package inherits puppet::puppetmaster::linux { case $operatingsystem { centos: { include puppet::puppetmaster::package::centos } + debian: { include puppet::puppetmaster::package::debian } default: { include puppet::puppetmaster::package::base } } } diff --git a/manifests/puppetmaster/package/base.pp b/manifests/puppetmaster/package/base.pp index 94f2c79..363f827 100644 --- a/manifests/puppetmaster/package/base.pp +++ b/manifests/puppetmaster/package/base.pp @@ -1,5 +1,6 @@ class puppet::puppetmaster::package::base inherits puppet::puppetmaster::package { - package{'puppetmaster': + + package { 'puppetmaster': ensure => present, } diff --git a/manifests/puppetmaster/package/centos.pp b/manifests/puppetmaster/package/centos.pp index e3bb145..43361fd 100644 --- a/manifests/puppetmaster/package/centos.pp +++ b/manifests/puppetmaster/package/centos.pp @@ -1,4 +1,5 @@ class puppet::puppetmaster::package::centos inherits puppet::puppetmaster::package::base { + Package['puppetmaster']{ name => 'puppet-server', alias => 'puppetmaster', diff --git a/manifests/puppetmaster/package/debian.pp b/manifests/puppetmaster/package/debian.pp new file mode 100644 index 0000000..33d7d5e --- /dev/null +++ b/manifests/puppetmaster/package/debian.pp @@ -0,0 +1,6 @@ +class puppet::puppetmaster::package::debian inherits puppet::puppetmaster::package { + + Package['puppetmaster']{ + require => Package['puppetmaster-common'] + } +} diff --git a/manifests/puppetmaster/passenger.pp b/manifests/puppetmaster/passenger.pp index f7fa3ab..c4bc062 100644 --- a/manifests/puppetmaster/passenger.pp +++ b/manifests/puppetmaster/passenger.pp @@ -7,14 +7,14 @@ class puppet::puppetmaster::passenger inherits puppet::puppetmaster::base { # A reference configuration is available at : # http://github.com/reductivelabs/puppet/tree/master/ext/rack - file { ['/etc/puppet/rack', '/etc/puppet/rack/public', '/etc/puppet/rack/tmp']: - ensure => directory, - owner => root, group => 0, mode => 0755; - } + file { + ['/etc/puppet/rack', '/etc/puppet/rack/public', '/etc/puppet/rack/tmp']: + ensure => directory, + owner => root, group => 0, mode => 0755; - file {'/etc/puppet/rack/config.ru': - source => [ "puppet:///modules/site-puppet/master/config.ru", - "puppet:///modules/puppet/master/config.ru" ], - owner => puppet, group => 0, mode => 0644; + '/etc/puppet/rack/config.ru': + source => [ "puppet:///modules/site-puppet/master/config.ru", + "puppet:///modules/puppet/master/config.ru" ], + owner => puppet, group => 0, mode => 0644; } } |