From e8068c2757ac625b2fb55f1725f02618d7bc8705 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Mon, 29 Sep 2014 15:13:02 +0200 Subject: another deprecation --- global/overlay/etc/puppet/puppet.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'global/overlay') diff --git a/global/overlay/etc/puppet/puppet.conf b/global/overlay/etc/puppet/puppet.conf index a269892..88871f0 100644 --- a/global/overlay/etc/puppet/puppet.conf +++ b/global/overlay/etc/puppet/puppet.conf @@ -7,7 +7,7 @@ factpath=$vardir/lib/facter templatedir=$confdir/templates node_terminus = exec external_nodes = /etc/puppet/cosmos_enc.py -modulepath = /etc/puppet/modules:/etc/puppet/cosmos-modules:/usr/share/puppet/modules +basemodulepath = /etc/puppet/modules:/etc/puppet/cosmos-modules:/usr/share/puppet/modules [master] # These are needed when the puppetmaster is run by passenger -- cgit v1.1 From 4f300ca63268f73a63e01f5528ecdc5e6f46d67e Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Wed, 22 Oct 2014 14:28:05 +0200 Subject: simple kvm builder using cloud images --- global/overlay/etc/cosmos/apt/bootstrap-cosmos.sh | 42 +++++++ global/overlay/etc/cosmos/apt/cosmos_1.2-2_all.deb | Bin 0 -> 11724 bytes global/overlay/usr/local/sbin/cosmos_vm | 124 +++++++++++++++++++++ 3 files changed, 166 insertions(+) create mode 100755 global/overlay/etc/cosmos/apt/bootstrap-cosmos.sh create mode 100644 global/overlay/etc/cosmos/apt/cosmos_1.2-2_all.deb create mode 100755 global/overlay/usr/local/sbin/cosmos_vm (limited to 'global/overlay') diff --git a/global/overlay/etc/cosmos/apt/bootstrap-cosmos.sh b/global/overlay/etc/cosmos/apt/bootstrap-cosmos.sh new file mode 100755 index 0000000..28cbde0 --- /dev/null +++ b/global/overlay/etc/cosmos/apt/bootstrap-cosmos.sh @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cmd_hostname="$1" +if test -z "$cmd_hostname"; then + echo "Usage: $0 HOSTNAME REPO TAGPATTERN" + exit 1 +fi + +cmd_repo="$2" +if test -z "$cmd_repo"; then + echo "Usage $0 HOSTNAME REPO TAGPATTERN" + exit 2 +fi + +cmd_tags="$3" +if test -z "$cmd_tags"; then + echo "Usage $0 HOSTNAME REPO TAGPATTERN" + exit 3 +fi + +set -x + +apt-get -y install rsync git-core wget +dpkg -i cosmos_1.2-2_all.deb + +if ! test -d /var/cache/cosmos/repo; then + cosmos clone "$cmd_repo" +fi + +hostname $cmd_hostname + +perl -pi -e "s,#COSMOS_REPO_MODELS=.*,COSMOS_REPO_MODELS=\"\\\$COSMOS_REPO/global/:\\\$COSMOS_REPO/$cmd_hostname/\"," /etc/cosmos/cosmos.conf +perl -pi -e "s,#COSMOS_UPDATE_VERIFY_GIT_TAG_PATTERN=.*,COSMOS_UPDATE_VERIFY_GIT_TAG_PATTERN=\"${cmd_tags}*\"," /etc/cosmos/cosmos.conf + +env COSMOS_BASE=/var/cache/cosmos COSMOS_KEYS=/var/cache/cosmos/repo/global/overlay/etc/cosmos/keys /var/cache/cosmos/repo/global/post-tasks.d/015cosmos-trust + +(date; nohup cosmos -v update && nohup cosmos -v apply; date) 2>&1 | tee /var/log/cosmos.log + + +exit 0 diff --git a/global/overlay/etc/cosmos/apt/cosmos_1.2-2_all.deb b/global/overlay/etc/cosmos/apt/cosmos_1.2-2_all.deb new file mode 100644 index 0000000..9fe4434 Binary files /dev/null and b/global/overlay/etc/cosmos/apt/cosmos_1.2-2_all.deb differ diff --git a/global/overlay/usr/local/sbin/cosmos_vm b/global/overlay/usr/local/sbin/cosmos_vm new file mode 100755 index 0000000..bf27576 --- /dev/null +++ b/global/overlay/usr/local/sbin/cosmos_vm @@ -0,0 +1,124 @@ +#!/bin/bash + +set -- $(getopt h?H:D?s:B:M:C:R:i:g:n:I:G:N: "$@") + +src_image="" +size="1G" +dhcp="no" +hostname="default" +bridge="br0" +cpus="1" +mem="1024" +repo="git://code.mnt.se/mnt-cosmos.git" +tag="eduid-cosmos" +ip="" +gateway="" +netmask="" +resolver="" +ip6="" +gateway6="" +netmask6="64" + +while [ $# -gt 0 ]; do + case "$1" in + (-h) echo "Usage: $0 [-h] [-H hostname] [-M ] [-C <#cpus>] [-B ] [-D (dhcp)] [-i/-I ] [-n/-N ] [-g/-G ] [-R ] [-s ]"; exit 0;; + (-H) hostname="$2"; shift;; + (-s) src_image="$2"; shift;; + (-D) dhcp="yes" ;; + (-S) size="$2"; shift;; + (-B) bridge="$2"; shift;; + (-M) mem="$2"; shift;; + (-C) cpus="$2"; shift;; + (-R) resolver="$2"; shift;; + (-i) ip="$2"; shift;; + (-g) gateway="$2"; shift;; + (-n) netmask="$2"; shift;; + (-I) ip6="$2"; shift;; + (-G) gateway6="$2"; shift;; + (-N) netmask6="$2"; shift;; + (--) shift; break;; + (-*) echo "Unknown option $1\nUsage: $0 [-h] [-H hostname] [-M ] [-C <#cpus>] [-B ] [-D (dhcp)] [-i/-I ] [-n/-N ] [-g/-G ] [-R ] [-s ]"; exit 1;; + (*) break;; + esac + shift +done + +id=$(uuidgen) + +seed=${id}_seed.img +disk=${id}.img + +rm -f ${seed} +truncate --size 2M ${seed} +mkfs.vfat -n cidata ${seed} 2>/dev/null + +user_data=$(mktemp) +cat > ${user_data} < ${meta_data} <> ${meta_data} <> ${meta_data} <> ${meta_data} </dev/null +mcopy -i ${seed} ${meta_data} ::meta-data 2>/dev/null +mcopy -i ${seed} /etc/cosmos/apt/bootstrap-cosmos.sh /etc/cosmos/apt/cosmos_1.2-2_all.deb :: +mv ${seed} /var/lib/libvirt/images/ +virsh pool-refresh default + +virsh vol-clone --pool default ${src_image} ${disk} + +virt-install -r ${mem} -n ${hostname} --vcpus=${cpus} --autostart --memballoon virtio --network bridge=${bridge} --boot hd --disk vol=default/${disk},format=qcow2,bus=virtio --disk vol=default/${seed},bus=virtio + +rm -f ${user_data} +rm -f ${meta_data} -- cgit v1.1 From e6e25edc7e1d5732aaa3c956359681318d5f0946 Mon Sep 17 00:00:00 2001 From: Fredrik Thulin Date: Mon, 23 Feb 2015 15:58:29 +0100 Subject: Safer default repos, and show tag-name. --- global/overlay/etc/puppet/cosmos-modules.conf | 47 ++++++++++++++++++++------- 1 file changed, 35 insertions(+), 12 deletions(-) (limited to 'global/overlay') diff --git a/global/overlay/etc/puppet/cosmos-modules.conf b/global/overlay/etc/puppet/cosmos-modules.conf index af786c4..e1ef0e5 100644 --- a/global/overlay/etc/puppet/cosmos-modules.conf +++ b/global/overlay/etc/puppet/cosmos-modules.conf @@ -1,13 +1,36 @@ # -# name source (puppetlabs fq name or git url) upgrade (yes/no) -# -concat puppetlabs/concat no -stdlib puppetlabs/stdlib no -cosmos git://github.com/leifj/puppet-cosmos.git yes -ufw attachmentgenie/ufw no -apt puppetlabs/apt no -vcsrepo puppetlabs/vcsrepo no -xinetd puppetlabs/xinetd no -#golang elithrar/golang yes -#python git://github.com/stankevich/puppet-python.git yes -hiera-gpg git://github.com/SUNET/hiera-gpg.git no +# name source (puppetlabs fq name or git url) upgrade (yes/no) tag-pattern +# +# NOTE that Git packages MUST be tagged with signatures by someone +# in the Cosmos trust list. That is why all the URLs point to forked +# versions in the SUNET github organization. +# +concat git://github.com/SUNET/puppetlabs-concat.git yes sunet-* +stdlib git://github.com/SUNET/puppetlabs-stdlib.git yes sunet-* +cosmos git://github.com/SUNET/puppet-cosmos.git yes sunet-* +ufw git://github.com/SUNET/puppet-module-ufw.git yes sunet_dev-* +apt git://github.com/SUNET/puppetlabs-apt.git yes sunet_dev-* +vcsrepo git://github.com/SUNET/puppetlabs-vcsrepo.git yes sunet-* +xinetd git://github.com/SUNET/puppetlabs-xinetd.git yes sunet-* +hiera-gpg git://github.com/SUNET/hiera-gpg.git yes sunet-* +# +# Alternate sources you might or might not want to use: +#concat puppetlabs/concat no +#stdlib puppetlabs/stdlib no +#ufw attachmentgenie/ufw no +#apt puppetlabs/apt no +#vcsrepo puppetlabs/vcsrepo no +#xinetd puppetlabs/xinetd no +#cosmos git://github.com/leifj/puppet-cosmos.git yes +#python git://github.com/SUNET/puppet-python.git yes sunet-* +#erlang git://github.com/SUNET/garethr-erlang.git yes sunet-* +#rabbitmq git://github.com/SUNET/puppetlabs-rabbitmq.git yes sunet_dev-* +#pound git://github.com/SUNET/puppet-pound.git yes sunet_dev-* +#augeas git://github.com/SUNET/puppet-augeas.git yes sunet-* +#bastion git://github.com/SUNET/puppet-bastion.git yes sunet-* +#postgresql git://github.com/SUNET/puppetlabs-postgresql.git yes sunet_dev-* +#munin git://github.com/SUNET/ssm-munin.git yes sunet-* +#nagios git://github.com/SUNET/puppet-nagios.git yes sunet-* +#staging git://github.com/SUNET/puppet-staging.git yes sunet-* +#apparmor git://github.com/SUNET/puppet-apparmor.git yes sunet-* +#docker git://github.com/SUNET/garethr-docker.git yes sunet_dev-* -- cgit v1.1 From 3d51588fcff271b76353bab59b93077eb7d06159 Mon Sep 17 00:00:00 2001 From: Fredrik Thulin Date: Mon, 23 Feb 2015 16:01:24 +0100 Subject: update yaml syntax to work on Ubuntu 14.04 --- global/overlay/etc/puppet/hiera.yaml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'global/overlay') diff --git a/global/overlay/etc/puppet/hiera.yaml b/global/overlay/etc/puppet/hiera.yaml index cd619bb..782fa7f 100644 --- a/global/overlay/etc/puppet/hiera.yaml +++ b/global/overlay/etc/puppet/hiera.yaml @@ -1,13 +1,15 @@ --- -:backends: - yaml - - gpg +:backends: + - yaml + - gpg :logger: console -:hierarchy: - %{env}/%{location}/%{calling_module} - - %{env}/%{calling_module} - - secrets.yaml - - common +:hierarchy: + - "%{env}/%{location}/%{calling_module}" + - "%{env}/%{calling_module}" + - secrets.yaml + - common :yaml: -- cgit v1.1 From d164fde704f65432943a4fa3f6d5a3f3298c262d Mon Sep 17 00:00:00 2001 From: Fredrik Thulin Date: Mon, 23 Feb 2015 16:01:40 +0100 Subject: add 'local' source --- global/overlay/etc/puppet/hiera.yaml | 1 + 1 file changed, 1 insertion(+) (limited to 'global/overlay') diff --git a/global/overlay/etc/puppet/hiera.yaml b/global/overlay/etc/puppet/hiera.yaml index 782fa7f..3663305 100644 --- a/global/overlay/etc/puppet/hiera.yaml +++ b/global/overlay/etc/puppet/hiera.yaml @@ -8,6 +8,7 @@ :hierarchy: - "%{env}/%{location}/%{calling_module}" - "%{env}/%{calling_module}" + - local - secrets.yaml - common -- cgit v1.1 From e69b0f84f86ceb32e62dbef5492fc1aac20de919 Mon Sep 17 00:00:00 2001 From: Fredrik Thulin Date: Mon, 23 Feb 2015 16:02:43 +0100 Subject: init --- global/overlay/usr/local/bin/run-cosmos | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100755 global/overlay/usr/local/bin/run-cosmos (limited to 'global/overlay') diff --git a/global/overlay/usr/local/bin/run-cosmos b/global/overlay/usr/local/bin/run-cosmos new file mode 100755 index 0000000..a37d49f --- /dev/null +++ b/global/overlay/usr/local/bin/run-cosmos @@ -0,0 +1,22 @@ +#!/bin/sh +# +# Simplify running cosmos, with serialization if flock is available. +# + +set -e + +FLOCK=`which flock` + +if [ -x "$FLOCK" ]; then + ($FLOCK --exclusive --wait 60 9 || exit 1 + cosmos $* update + cosmos $* apply + )9>/var/lock/run-cosmos +else + cosmos $* update + cosmos $* apply +fi + +touch /var/run/last-cosmos-ok.stamp + +find /var/lib/puppet/reports/ -type f -mtime +10 | xargs rm -f -- cgit v1.1 From cd2b67ff5a8e308dc701319c189d3f8fa9b5370e Mon Sep 17 00:00:00 2001 From: Fredrik Thulin Date: Mon, 23 Feb 2015 16:03:55 +0100 Subject: use run-cosmos, for serialization --- global/overlay/etc/cron.d/cosmos | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'global/overlay') diff --git a/global/overlay/etc/cron.d/cosmos b/global/overlay/etc/cron.d/cosmos index 70af3a4..4eab8de 100644 --- a/global/overlay/etc/cron.d/cosmos +++ b/global/overlay/etc/cron.d/cosmos @@ -1,4 +1,4 @@ SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -*/15 * * * * root test -f /etc/no-automatic-cosmos || (cosmos update ; cosmos apply) +*/15 * * * * root test -f /etc/no-automatic-cosmos || /usr/local/bin/run-cosmos -- cgit v1.1 From bc70832f4c33a458f2e913af702823539b2da7a1 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Tue, 24 Feb 2015 11:12:06 +0100 Subject: logrotate for docker containers --- global/overlay/etc/logrotate.d/docker-containers | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 global/overlay/etc/logrotate.d/docker-containers (limited to 'global/overlay') diff --git a/global/overlay/etc/logrotate.d/docker-containers b/global/overlay/etc/logrotate.d/docker-containers new file mode 100644 index 0000000..e9c90b8 --- /dev/null +++ b/global/overlay/etc/logrotate.d/docker-containers @@ -0,0 +1,7 @@ +/var/lib/docker/containers/*/*.log { + rotate 7 + daily + compress + delaycompress + copytruncate +} -- cgit v1.1