[katello-devel] Changes to katello-configure and puppet modules to support headpin
Ohad Levy
ohadlevy at redhat.com
Tue Nov 1 12:13:25 UTC 2011
----- Original Message -----
| Please take a look at the breakup-puppet branch. I would like to push
| this to master. It allows the user to optionally specify a
| deployment.
| So... the following command:
|
| katello-confgure
|
| gets you katello and
|
| katello-configure --deployment=headpin
|
| will configure katello for headpin only. No pulp config is called.
|
| While this lets a little bit of headpin bleed into master.. i think
| this
| is acceptable for the installer to avoid the
| katello-headpin-configure
| installer.
|
| The only other hack is that this branch explicitly disables selinux.
| This is currently required until we get candlepin and katello to have
| their own policies.
Looks good, minor comments bellow marked with OL:
in general, lots of whitespace :)
diff --git a/puppet/default-answer-file b/puppet/default-answer-file
index 97c2c68..ea3155a 100644
--- a/puppet/default-answer-file
+++ b/puppet/default-answer-file
@@ -12,3 +12,6 @@ db_user = katellouser
# Katello database password.
db_password = katellopw
+
+# Deployment Type
+deployment = katello
diff --git a/puppet/modules/katello/manifests/config.pp b/puppet/modules/katello/manifests/config.pp
index 449e0c1..a216083 100644
--- a/puppet/modules/katello/manifests/config.pp
+++ b/puppet/modules/katello/manifests/config.pp
@@ -1,5 +1,5 @@
class katello::config {
-
+
postgres::createuser { $katello::params::db_user:
passwd => $katello::params::db_pass,
logfile => '/var/log/katello/katello-configure/create-postgresql-katello-user.log',
@@ -15,6 +15,8 @@ class katello::config {
template => "katello/${katello::params::config_dir}/thin.yml.erb";
"${katello::params::config_dir}/katello.yml":
template => "katello/${katello::params::config_dir}/katello.yml.erb";
+ "/etc/sysconfig/katello":
+ template => "katello/etc/sysconfig/katello.erb";
"/etc/httpd/conf.d/katello.conf":
template => "katello/etc/httpd/conf.d/katello.conf.erb",
notify => Exec["reload-apache2"];
@@ -25,6 +27,21 @@ class katello::config {
mode => 644,
recurse => true;
}
+
+ # disable SELinux
+ augeas {"temp_disable_selinux":
+ context => "/files/etc/sysconfig/selinux",
+ changes => ["set SELINUX permissive"],
+ notify => Exec["reload-apache2"]
+ }
+
+ exec {"temp_setenforce":
+ command => "setenforce 0",
+ path => "/usr/sbin:/bin",
+ unless => "getenforce |egrep -iq 'disable|Permissive'",
+ }
+
OL: We already got that code in pulp, we should probably extract it from there into common?
exec {"katello_db_migrate":
cwd => $katello::params::katello_dir,
@@ -45,14 +62,18 @@ class katello::config {
command => "/usr/bin/env rake db:migrate >> ${katello::params::seed_log} 2>&1 && /usr/bin/env rake db:seed >> ${katello::params::seed_log} 2>&1 && touch /var/lib/katello/initdb_done",
creates => "/var/lib/katello/initdb_done",
before => Class["katello::service"],
- require => [ Exec["katello_db_migrate"], Class["candlepin::service"], Class["pulp::service"] ],
+ require => $katello::params::deployment ? {
+ 'katello' => [ Exec["katello_db_migrate"], Class["candlepin::service"], Class["pulp::service"] ],
+ 'headpin' => [ Exec["katello_db_migrate"], Class["candlepin::service"] ],
+ default => [],
OL: I usually perfer to use undef, not sure if it matters a lot as we don't inherit in this case.
+ },
}
define config_file($source = "", $template = "") {
file {$name:
content => $template ? {
"" => undef,
- default => template($template)
+ default => template($template)
},
source => $source ? {
"" => undef,
@@ -60,8 +81,14 @@ class katello::config {
},
}
}
-
- Class["candlepin::config"] -> File["/etc/pulp/pulp.conf"]
- Class["candlepin::config"] -> File["/etc/pulp/repo_auth.conf"]
- Class["candlepin::config"] -> File["/etc/pki/content/pulp-global-repo.ca"]
+
+ # Headpin does not care about pulp
+ case $katello::params::deployment {
+ 'katello': {
+ Class["candlepin::config"] -> File["/etc/pulp/pulp.conf"]
+ Class["candlepin::config"] -> File["/etc/pulp/repo_auth.conf"]
+ Class["candlepin::config"] -> File["/etc/pki/content/pulp-global-repo.ca"]
+ }
+ default : {}
+ }
}
diff --git a/puppet/modules/katello/manifests/init.pp b/puppet/modules/katello/manifests/init.pp
index 1dbd10e..1d6e43a 100644
--- a/puppet/modules/katello/manifests/init.pp
+++ b/puppet/modules/katello/manifests/init.pp
@@ -1,7 +1,19 @@
class katello {
- include pulp
+
+ include katello::params
+ # Headpin does not care about pulp
+ case $katello::params::deployment {
+ 'katello': {
+ include pulp
+ }
+ 'headpin' : {
+ include apache2
+ }
+ default : {}
+ }
+
+ include apache2
OL: Why do we include apache twice? shouldnt it be enough to include a headpin class?
include candlepin
- include katello::params
include katello::config
include katello::service
}
diff --git a/puppet/modules/katello/manifests/install.pp b/puppet/modules/katello/manifests/install.pp
index 43894ea..13c7b50 100644
--- a/puppet/modules/katello/manifests/install.pp
+++ b/puppet/modules/katello/manifests/install.pp
@@ -1,10 +1,19 @@
class katello::install {
include katello
- include pulp::install
+
include candlepin::install
include postgres::install
include apache2::install
- include qpid::install
+
+ # Headpin does not care about pulp
+ case $katello::params::deployment {
+ 'katello': {
+ include pulp::install
+ include qpid::install
OL: While somehow it got there, imho, that should be part of pulp manifest, not katello
+ }
+ default : {}
+ }
+
$os_type = $operatingsystem ? {
"Fedora" => "fedora-${operatingsystemrelease}",
@@ -25,8 +34,16 @@ class katello::install {
}
package{["katello", "katello-cli"]:
- require => [Yumrepo["fedora-katello"],Class["pulp::install"],Class["candlepin::install"]],
- before => [Class["candlepin::config"], Class["pulp::config"] ], #avoid some funny post rpm scripts
+ require => $katello::params::deployment ? {
+ 'katello' => [Yumrepo["fedora-katello"],Class["pulp::install"],Class["candlepin::install"]],
+ 'headpin' => [Yumrepo["fedora-katello"],Class["candlepin::install"]],
+ default => []
+ },
+ before => $katello::params::deployment ? {
+ 'katello' => [Class["candlepin::config"], Class["pulp::config"] ], #avoid some funny post rpm scripts
+ 'headpin' => [Class["candlepin::config"]], #avoid some funny post rpm scripts
+ default => []
+ },
ensure => installed
}
Class["katello::install"] -> File["/var/log/katello"]
diff --git a/puppet/modules/katello/manifests/params.pp b/puppet/modules/katello/manifests/params.pp
index 44aa0b5..7e428ca 100644
--- a/puppet/modules/katello/manifests/params.pp
+++ b/puppet/modules/katello/manifests/params.pp
@@ -3,7 +3,8 @@ class katello::params {
$db_user = katello_config_value('db_user')
$db_name = katello_config_value('db_name')
$db_pass = katello_config_value('db_password')
-
+ $deployment = katello_config_value('deployment')
+
# system settings
$user = "katello"
$group = "katello"
diff --git a/puppet/modules/katello/manifests/service.pp b/puppet/modules/katello/manifests/service.pp
index 11acb38..46a29ec 100644
--- a/puppet/modules/katello/manifests/service.pp
+++ b/puppet/modules/katello/manifests/service.pp
@@ -1,7 +1,11 @@
class katello::service {
service {["katello", "katello-jobs"]:
ensure => running, enable => true, hasstatus => true, hasrestart => true,
- require => [Class["katello::config"],Class["candlepin::service"], Class["pulp::service"], Class["apache2::config"]],
+ require => $katello::params::deployment ? {
+ 'katello' => [Class["katello::config"],Class["candlepin::service"], Class["pulp::service"], Class["apache2::config"]],
+ 'headpin' => [Class["katello::config"],Class["candlepin::service"], Class["apache2::config"]],
+ default => []
+ },
notify => Exec["reload-apache2"];
}
diff --git a/puppet/modules/katello/templates/etc/httpd/conf.d/katello.conf.erb b/puppet/modules/katello/templates/etc/httpd/conf.d/katello.conf.erb
index 73deddc..2ea882c 100644
--- a/puppet/modules/katello/templates/etc/httpd/conf.d/katello.conf.erb
+++ b/puppet/modules/katello/templates/etc/httpd/conf.d/katello.conf.erb
@@ -18,25 +18,25 @@ NameVirtualHost *:443
<Proxy balancer://thinservers>
<%- (processorcount.to_i + 1).times do |i| -%>
- <%= "BalancerMember http://127.0.0.1:#{scope.lookupvar('katello::params::thin_start_port').to_i + i}/katello" %>
+ <%= "BalancerMember http://127.0.0.1:#{scope.lookupvar('katello::params::thin_start_port').to_i + i}/#{scope.lookupvar('katello::params::deployment')}" %>
<%- end -%>
</Proxy>
- Alias /katello/assets "/usr/share/katello/public/assets"
- Alias /katello/images "/usr/share/katello/public/images"
- Alias /katello/fonts "/usr/share/katello/public/fonts"
+ Alias /<%= scope.lookupvar("katello::params::deployment") %>/assets "/usr/share/katello/public/assets"
+ Alias /<%= scope.lookupvar("katello::params::deployment") %>/images "/usr/share/katello/public/images"
+ Alias /<%= scope.lookupvar("katello::params::deployment") %>/fonts "/usr/share/katello/public/fonts"
- ProxyPass /katello/assets !
- ProxyPass /katello/images !
- ProxyPass /katello/fonts !
- ProxyPass /katello balancer://thinservers/
+ ProxyPass /<%= scope.lookupvar("katello::params::deployment") %>/assets !
+ ProxyPass /<%= scope.lookupvar("katello::params::deployment") %>/images !
+ ProxyPass /<%= scope.lookupvar("katello::params::deployment") %>/fonts !
+ ProxyPass /<%= scope.lookupvar("katello::params::deployment") %> balancer://thinservers/
- ProxyPassReverse /katello balancer://thinservers/
- ProxyPassReverse /katello/assets !
- ProxyPassReverse /katello/images !
- ProxyPassReverse /katello/fonts !
+ ProxyPassReverse /<%= scope.lookupvar("katello::params::deployment") %> balancer://thinservers/
+ ProxyPassReverse /<%= scope.lookupvar("katello::params::deployment") %>/assets !
+ ProxyPassReverse /<%= scope.lookupvar("katello::params::deployment") %>/images !
+ ProxyPassReverse /<%= scope.lookupvar("katello::params::deployment") %>/fonts !
- <Location /katello>
+ <Location /<%= scope.lookupvar("katello::params::deployment") %>>
RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"
SSLVerifyClient optional
SSLRenegBufferSize 262144
@@ -48,5 +48,5 @@ NameVirtualHost *:80
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTPS} off
- RewriteRule /katello(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}
+ RewriteRule /<%= scope.lookupvar("katello::params::deployment") %>(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
diff --git a/puppet/modules/katello/templates/etc/katello/katello.yml.erb b/puppet/modules/katello/templates/etc/katello/katello.yml.erb
index 7629596..5c91add 100644
--- a/puppet/modules/katello/templates/etc/katello/katello.yml.erb
+++ b/puppet/modules/katello/templates/etc/katello/katello.yml.erb
@@ -15,7 +15,7 @@ common:
warden: database
use_cp: true
- use_pulp: true
+ use_pulp: <%= scope.lookupvar("katello::params::deployment") == 'katello' %>
rest_client_timeout: 30
#setup how often you want
diff --git a/puppet/modules/katello/templates/etc/sysconfig/katello.erb b/puppet/modules/katello/templates/etc/sysconfig/katello.erb
new file mode 100644
index 0000000..02eb646
--- /dev/null
+++ b/puppet/modules/katello/templates/etc/sysconfig/katello.erb
@@ -0,0 +1,32 @@
+# the location where katello is installed
+#KATELLO_HOME=/usr/share/katello
+
+# the location where katello has data
+#KATELLO_DATA_DIR=/var/lib/katello
+
+# the prefix added as part of the base path for accessing
+# the katello web application (e.g. http://0.0.0.0/katello)
+KATELLO_PREFIX=/<%= scope.lookupvar("katello::params::deployment") %>
+
+# the port which katello web server is running at
+# note that if the katello user is not root, it has to be a > 1024
+#KATELLO_PORT=3000
+
+# the group which runs the web interface
+#KATELLO_GROUP=katello
+
+# the user which runs the web interface
+#KATELLO_USER=katello
+
+# the rails environment in which katello runs
+# (please note the only supported setting is "production")
+#KATELLO_ENV=production
+
+# rails logging level (debug, info, warn, error, and fatal)
+#KATELLO_LOGGING=info
+
+# number of katello-job service background workers
+#KATELLO_JOB_WORKERS=1
+
+# additional katello-job service options for delayed_jobs
+#KATELLO_JOB_WORKERS=-m -p katello
|
| -- bk
|
| _______________________________________________
| katello-devel mailing list
| katello-devel at redhat.com
| https://www.redhat.com/mailman/listinfo/katello-devel
|
More information about the katello-devel
mailing list