[katello-devel] Changes to katello-configure and puppet modules to support headpin
Ohad Levy
ohadlevy at redhat.com
Tue Nov 1 12:18:15 UTC 2011
----- Original Message -----
|
|
| ----- Original Message -----
| | Please take a look at the breakup-puppet branch. I would like to
| | push
| | this to master. It allows the user to optionally specify a
| | deployment.
| | So... the following command:
| |
| | katello-confgure
| |
| | gets you katello and
| |
| | katello-configure --deployment=headpin
| |
| | will configure katello for headpin only. No pulp config is called.
| |
| | While this lets a little bit of headpin bleed into master.. i think
| | this
| | is acceptable for the installer to avoid the
| | katello-headpin-configure
| | installer.
| |
| | The only other hack is that this branch explicitly disables
| | selinux.
| | This is currently required until we get candlepin and katello to
| | have
| | their own policies.
|
| Looks good, minor comments bellow marked with OL:
| in general, lots of whitespace :)
on second thought, can't we simply have
class headpin inherits katello {
override stuff
}
and on the installer front
echo "include $deployment" | puppet
|
| diff --git a/puppet/default-answer-file b/puppet/default-answer-file
| index 97c2c68..ea3155a 100644
| --- a/puppet/default-answer-file
| +++ b/puppet/default-answer-file
| @@ -12,3 +12,6 @@ db_user = katellouser
|
| # Katello database password.
| db_password = katellopw
| +
| +# Deployment Type
| +deployment = katello
| diff --git a/puppet/modules/katello/manifests/config.pp
| b/puppet/modules/katello/manifests/config.pp
| index 449e0c1..a216083 100644
| --- a/puppet/modules/katello/manifests/config.pp
| +++ b/puppet/modules/katello/manifests/config.pp
| @@ -1,5 +1,5 @@
| class katello::config {
| -
| +
| postgres::createuser { $katello::params::db_user:
| passwd => $katello::params::db_pass,
| logfile =>
| '/var/log/katello/katello-configure/create-postgresql-katello-user.log',
| @@ -15,6 +15,8 @@ class katello::config {
| template =>
| "katello/${katello::params::config_dir}/thin.yml.erb";
| "${katello::params::config_dir}/katello.yml":
| template =>
| "katello/${katello::params::config_dir}/katello.yml.erb";
| + "/etc/sysconfig/katello":
| + template => "katello/etc/sysconfig/katello.erb";
| "/etc/httpd/conf.d/katello.conf":
| template => "katello/etc/httpd/conf.d/katello.conf.erb",
| notify => Exec["reload-apache2"];
| @@ -25,6 +27,21 @@ class katello::config {
| mode => 644,
| recurse => true;
| }
| +
| + # disable SELinux
| + augeas {"temp_disable_selinux":
| + context => "/files/etc/sysconfig/selinux",
| + changes => ["set SELINUX permissive"],
| + notify => Exec["reload-apache2"]
| + }
| +
| + exec {"temp_setenforce":
| + command => "setenforce 0",
| + path => "/usr/sbin:/bin",
| + unless => "getenforce |egrep -iq 'disable|Permissive'",
| + }
| +
|
| OL: We already got that code in pulp, we should probably extract it
| from there into common?
|
| exec {"katello_db_migrate":
| cwd => $katello::params::katello_dir,
| @@ -45,14 +62,18 @@ class katello::config {
| command => "/usr/bin/env rake db:migrate >>
| ${katello::params::seed_log} 2>&1 && /usr/bin/env rake db:seed
| >> ${katello::params::seed_log} 2>&1 && touch
| /var/lib/katello/initdb_done",
| creates => "/var/lib/katello/initdb_done",
| before => Class["katello::service"],
| - require => [ Exec["katello_db_migrate"],
| Class["candlepin::service"], Class["pulp::service"] ],
| + require => $katello::params::deployment ? {
| + 'katello' => [ Exec["katello_db_migrate"],
| Class["candlepin::service"], Class["pulp::service"] ],
| + 'headpin' => [ Exec["katello_db_migrate"],
| Class["candlepin::service"] ],
| + default => [],
| OL: I usually perfer to use undef, not sure if it matters a lot as we
| don't inherit in this case.
| + },
| }
|
| define config_file($source = "", $template = "") {
| file {$name:
| content => $template ? {
| "" => undef,
| - default => template($template)
| + default => template($template)
| },
| source => $source ? {
| "" => undef,
| @@ -60,8 +81,14 @@ class katello::config {
| },
| }
| }
| -
| - Class["candlepin::config"] -> File["/etc/pulp/pulp.conf"]
| - Class["candlepin::config"] -> File["/etc/pulp/repo_auth.conf"]
| - Class["candlepin::config"] ->
| File["/etc/pki/content/pulp-global-repo.ca"]
| +
| + # Headpin does not care about pulp
| + case $katello::params::deployment {
| + 'katello': {
| + Class["candlepin::config"] -> File["/etc/pulp/pulp.conf"]
| + Class["candlepin::config"] ->
| File["/etc/pulp/repo_auth.conf"]
| + Class["candlepin::config"] ->
| File["/etc/pki/content/pulp-global-repo.ca"]
| + }
| + default : {}
| + }
| }
| diff --git a/puppet/modules/katello/manifests/init.pp
| b/puppet/modules/katello/manifests/init.pp
| index 1dbd10e..1d6e43a 100644
| --- a/puppet/modules/katello/manifests/init.pp
| +++ b/puppet/modules/katello/manifests/init.pp
| @@ -1,7 +1,19 @@
| class katello {
| - include pulp
| +
| + include katello::params
| + # Headpin does not care about pulp
| + case $katello::params::deployment {
| + 'katello': {
| + include pulp
| + }
| + 'headpin' : {
| + include apache2
| + }
| + default : {}
| + }
| +
| + include apache2
| OL: Why do we include apache twice? shouldnt it be enough to include
| a headpin class?
| include candlepin
| - include katello::params
| include katello::config
| include katello::service
| }
| diff --git a/puppet/modules/katello/manifests/install.pp
| b/puppet/modules/katello/manifests/install.pp
| index 43894ea..13c7b50 100644
| --- a/puppet/modules/katello/manifests/install.pp
| +++ b/puppet/modules/katello/manifests/install.pp
| @@ -1,10 +1,19 @@
| class katello::install {
| include katello
| - include pulp::install
| +
| include candlepin::install
| include postgres::install
| include apache2::install
| - include qpid::install
| +
| + # Headpin does not care about pulp
| + case $katello::params::deployment {
| + 'katello': {
| + include pulp::install
| + include qpid::install
| OL: While somehow it got there, imho, that should be part of pulp
| manifest, not katello
| + }
| + default : {}
| + }
| +
|
| $os_type = $operatingsystem ? {
| "Fedora" => "fedora-${operatingsystemrelease}",
| @@ -25,8 +34,16 @@ class katello::install {
| }
|
| package{["katello", "katello-cli"]:
| - require =>
| [Yumrepo["fedora-katello"],Class["pulp::install"],Class["candlepin::install"]],
| - before => [Class["candlepin::config"], Class["pulp::config"] ],
| #avoid some funny post rpm scripts
| + require => $katello::params::deployment ? {
| + 'katello' =>
| [Yumrepo["fedora-katello"],Class["pulp::install"],Class["candlepin::install"]],
| + 'headpin' =>
| [Yumrepo["fedora-katello"],Class["candlepin::install"]],
| + default => []
| + },
| + before => $katello::params::deployment ? {
| + 'katello' => [Class["candlepin::config"],
| Class["pulp::config"] ], #avoid some funny post rpm scripts
| + 'headpin' => [Class["candlepin::config"]], #avoid
| some funny post rpm scripts
| + default => []
| + },
| ensure => installed
| }
| Class["katello::install"] -> File["/var/log/katello"]
| diff --git a/puppet/modules/katello/manifests/params.pp
| b/puppet/modules/katello/manifests/params.pp
| index 44aa0b5..7e428ca 100644
| --- a/puppet/modules/katello/manifests/params.pp
| +++ b/puppet/modules/katello/manifests/params.pp
| @@ -3,7 +3,8 @@ class katello::params {
| $db_user = katello_config_value('db_user')
| $db_name = katello_config_value('db_name')
| $db_pass = katello_config_value('db_password')
| -
| + $deployment = katello_config_value('deployment')
| +
| # system settings
| $user = "katello"
| $group = "katello"
| diff --git a/puppet/modules/katello/manifests/service.pp
| b/puppet/modules/katello/manifests/service.pp
| index 11acb38..46a29ec 100644
| --- a/puppet/modules/katello/manifests/service.pp
| +++ b/puppet/modules/katello/manifests/service.pp
| @@ -1,7 +1,11 @@
| class katello::service {
| service {["katello", "katello-jobs"]:
| ensure => running, enable => true, hasstatus => true,
| hasrestart => true,
| - require =>
| [Class["katello::config"],Class["candlepin::service"],
| Class["pulp::service"], Class["apache2::config"]],
| + require => $katello::params::deployment ? {
| + 'katello' =>
| [Class["katello::config"],Class["candlepin::service"],
| Class["pulp::service"], Class["apache2::config"]],
| + 'headpin' =>
| [Class["katello::config"],Class["candlepin::service"],
| Class["apache2::config"]],
| + default => []
| + },
| notify => Exec["reload-apache2"];
| }
|
| diff --git
| a/puppet/modules/katello/templates/etc/httpd/conf.d/katello.conf.erb
| b/puppet/modules/katello/templates/etc/httpd/conf.d/katello.conf.erb
| index 73deddc..2ea882c 100644
| ---
| a/puppet/modules/katello/templates/etc/httpd/conf.d/katello.conf.erb
| +++
| b/puppet/modules/katello/templates/etc/httpd/conf.d/katello.conf.erb
| @@ -18,25 +18,25 @@ NameVirtualHost *:443
|
| <Proxy balancer://thinservers>
| <%- (processorcount.to_i + 1).times do |i| -%>
| - <%= "BalancerMember
| http://127.0.0.1:#{scope.lookupvar('katello::params::thin_start_port').to_i
| + i}/katello" %>
| + <%= "BalancerMember
| http://127.0.0.1:#{scope.lookupvar('katello::params::thin_start_port').to_i
| + i}/#{scope.lookupvar('katello::params::deployment')}" %>
| <%- end -%>
| </Proxy>
|
| - Alias /katello/assets "/usr/share/katello/public/assets"
| - Alias /katello/images "/usr/share/katello/public/images"
| - Alias /katello/fonts "/usr/share/katello/public/fonts"
| + Alias /<%= scope.lookupvar("katello::params::deployment")
| %>/assets "/usr/share/katello/public/assets"
| + Alias /<%= scope.lookupvar("katello::params::deployment")
| %>/images "/usr/share/katello/public/images"
| + Alias /<%= scope.lookupvar("katello::params::deployment") %>/fonts
| "/usr/share/katello/public/fonts"
|
| - ProxyPass /katello/assets !
| - ProxyPass /katello/images !
| - ProxyPass /katello/fonts !
| - ProxyPass /katello balancer://thinservers/
| + ProxyPass /<%= scope.lookupvar("katello::params::deployment")
| %>/assets !
| + ProxyPass /<%= scope.lookupvar("katello::params::deployment")
| %>/images !
| + ProxyPass /<%= scope.lookupvar("katello::params::deployment")
| %>/fonts !
| + ProxyPass /<%= scope.lookupvar("katello::params::deployment") %>
| balancer://thinservers/
|
| - ProxyPassReverse /katello balancer://thinservers/
| - ProxyPassReverse /katello/assets !
| - ProxyPassReverse /katello/images !
| - ProxyPassReverse /katello/fonts !
| + ProxyPassReverse /<%=
| scope.lookupvar("katello::params::deployment") %>
| balancer://thinservers/
| + ProxyPassReverse /<%=
| scope.lookupvar("katello::params::deployment") %>/assets !
| + ProxyPassReverse /<%=
| scope.lookupvar("katello::params::deployment") %>/images !
| + ProxyPassReverse /<%=
| scope.lookupvar("katello::params::deployment") %>/fonts !
|
| - <Location /katello>
| + <Location /<%= scope.lookupvar("katello::params::deployment") %>>
| RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"
| SSLVerifyClient optional
| SSLRenegBufferSize 262144
| @@ -48,5 +48,5 @@ NameVirtualHost *:80
| <VirtualHost *:80>
| RewriteEngine On
| RewriteCond %{HTTPS} off
| - RewriteRule /katello(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}
| + RewriteRule /<%= scope.lookupvar("katello::params::deployment")
| %>(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}
| </VirtualHost>
| diff --git
| a/puppet/modules/katello/templates/etc/katello/katello.yml.erb
| b/puppet/modules/katello/templates/etc/katello/katello.yml.erb
| index 7629596..5c91add 100644
| --- a/puppet/modules/katello/templates/etc/katello/katello.yml.erb
| +++ b/puppet/modules/katello/templates/etc/katello/katello.yml.erb
| @@ -15,7 +15,7 @@ common:
|
| warden: database
| use_cp: true
| - use_pulp: true
| + use_pulp: <%= scope.lookupvar("katello::params::deployment") ==
| 'katello' %>
| rest_client_timeout: 30
|
| #setup how often you want
| diff --git
| a/puppet/modules/katello/templates/etc/sysconfig/katello.erb
| b/puppet/modules/katello/templates/etc/sysconfig/katello.erb
| new file mode 100644
| index 0000000..02eb646
| --- /dev/null
| +++ b/puppet/modules/katello/templates/etc/sysconfig/katello.erb
| @@ -0,0 +1,32 @@
| +# the location where katello is installed
| +#KATELLO_HOME=/usr/share/katello
| +
| +# the location where katello has data
| +#KATELLO_DATA_DIR=/var/lib/katello
| +
| +# the prefix added as part of the base path for accessing
| +# the katello web application (e.g. http://0.0.0.0/katello)
| +KATELLO_PREFIX=/<%= scope.lookupvar("katello::params::deployment")
| %>
| +
| +# the port which katello web server is running at
| +# note that if the katello user is not root, it has to be a > 1024
| +#KATELLO_PORT=3000
| +
| +# the group which runs the web interface
| +#KATELLO_GROUP=katello
| +
| +# the user which runs the web interface
| +#KATELLO_USER=katello
| +
| +# the rails environment in which katello runs
| +# (please note the only supported setting is "production")
| +#KATELLO_ENV=production
| +
| +# rails logging level (debug, info, warn, error, and fatal)
| +#KATELLO_LOGGING=info
| +
| +# number of katello-job service background workers
| +#KATELLO_JOB_WORKERS=1
| +
| +# additional katello-job service options for delayed_jobs
| +#KATELLO_JOB_WORKERS=-m -p katello
|
| |
| | -- bk
| |
| | _______________________________________________
| | katello-devel mailing list
| | katello-devel at redhat.com
| | https://www.redhat.com/mailman/listinfo/katello-devel
| |
|
| _______________________________________________
| katello-devel mailing list
| katello-devel at redhat.com
| https://www.redhat.com/mailman/listinfo/katello-devel
|
More information about the katello-devel
mailing list