initial public release

.gitignore

@@ -0,0 +1,2 @@
+.kitchen/
+.kitchen.local.yml

.kitchen.yml

@@ -0,0 +1,36 @@
+---
+driver_plugin: vagrant
+driver_config:
+  require_chef_omnibus: "11.4.4"
+
+platforms:
+- name: ubuntu-12.04
+  driver_config:
+    box: opscode-ubuntu-12.04
+    box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_ubuntu-12.04_provisionerless.box
+    network:
+      private_network: "ip: '10.30.0.11'"
+  run_list: ["recipe[apt]"]
+  attributes:
+    corosync:
+      bindnetaddr: '10.30.0.11'
+- name: centos-6.4
+  driver_config:
+    box: opscode-centos-6.4
+    box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_centos-6.4_provisionerless.box
+    network:
+      private_network: "ip: '10.30.0.12'"
+  attributes:
+    corosync:
+      bindnetaddr: '10.30.0.12'
+
+suites:
+- name: default
+  run_list: ["recipe[corosync]"]
+  attributes: 
+    corosync:
+      members:
+      - '10.30.0.11'
+      - '10.30.0.12'
+  data_bags_path: 'test/integration/data_bags'
+  encrypted_data_bag_secret_key_path: 'test/integration/encrypted_data_bag_secret'

Berksfile

@@ -0,0 +1,6 @@
+site :opscode
+
+metadata
+
+cookbook 'apt', group: :integration
+cookbook 'yum', group: :integration

Berksfile.lock

@@ -0,0 +1,13 @@
+{
+  "sources": {
+    "corosync": {
+      "path": "."
+    },
+    "apt": {
+      "locked_version": "1.9.2"
+    },
+    "yum": {
+      "locked_version": "2.3.0"
+    }
+  }
+}

CHANGELOG.md

@@ -0,0 +1,7 @@
+# CHANGELOG for corosync
+
+This file is used to list changes made in each version of corosync.
+
+## 0.1.0:
+
+* Initial release of corosync

README.md

@@ -0,0 +1,33 @@
+# corosync Cookbook
+
+Installs corosync, and configures authkey-based communication with explicitly defined cluster members.
+
+Requires encrypted data bags.
+
+## Usage
+Create a 1024-bit authkey and get its base64 value so it can be placed in an encrypted data bag.
+
+From an existing authkey, e.g.: `openssl base64 < /etc/corosync/authkey | tr -d '\n'`
+
+Or generate your own: `openssl rand 128 -base64 | tr -d '\n'`
+
+It will be pulled from `data_bag_item('keys', 'corosync')['authkey']`.
+
+Add all the members to `default['corosync']['members']` and set each
+`node['corosync']['bindnetaddr']` to the IP to bind to.
+
+## Testing
+
+The tests depend on both defined nodes being up, since they test that both members have joined. To ensure both nodes are converged before verify, you can do all the steps in order:
+
+```bash
+for i in create setup converge verify; do kitchen $i all; done
+```
+
+Contributing
+------------
+The usual: fork, topic branch, test, pull req.
+
+Authors
+-------------------
+* [Joshua Yotty](https://github.com/jyotty)

files/default/etc-default

@@ -0,0 +1,2 @@
+# enable corosync init script
+START=yes

metadata.rb

@@ -0,0 +1,13 @@
+name             'corosync'
+maintainer       'Blue Box Group, Inc.'
+maintainer_email 'support@bluebox.net'
+license          'Apache 2.0'
+description      'Installs/Configures corosync'
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
+version          '0.1.0'
+
+supports 'ubuntu', '>= 12.04'
+
+%w{rhel centos scientific}.each do |os|
+  supports os, '>= 6.0'
+end

recipes/default.rb

@@ -0,0 +1,37 @@
+#
+# Cookbook Name:: cluster
+# Recipe:: default
+#
+# Copyright 2013, Blue Box Group, Inc.
+#
+
+package "corosync"
+
+corosync_keys = Chef::EncryptedDataBagItem.load("keys", "corosync")
+
+template "/etc/corosync/authkey" do
+  source "blank.erb"
+  owner 0
+  group 0
+  mode 00400
+  variables :file_content => Base64.decode64(corosync_keys['authkey'])
+end
+
+template "/etc/corosync/corosync.conf" do
+  source "corosync.conf.erb"
+end
+
+case node['platform']
+when 'ubuntu'
+  # thanks, I really wanted to edit a file to make the init script usable
+  cookbook_file '/etc/default/corosync' do
+    source 'etc-default'
+    owner 'root'
+    mode 00644
+  end
+end
+
+service "corosync" do
+  supports :status => true, :restart => true, :reload => true
+  action [:enable, :start]
+end

templates/default/blank.erb

@@ -0,0 +1 @@
+<%= @file_content %>

templates/default/corosync.conf.erb

@@ -0,0 +1,43 @@
+# Please read the corosync.conf.5 manual page
+compatibility: none
+
+totem {
+  version: 2
+  nodeid: <%= node['hostname'] %>
+  secauth: on
+  threads: 4
+  interface {
+  <% node['corosync']['members'].each do |member| %>
+    member {
+      memberaddr: <%= member %>
+    }
+  <% end %>
+    ringnumber: 0
+    bindnetaddr: <%= node['corosync']['bindnetaddr'] %>
+    netmask: 255.255.255.0
+    mcastport: 5405
+    ttl: 1
+  }
+  token: 5000
+  token_retransmits_before_loss_const: 20
+  join: 1000
+  consensus: 10000
+  transport: udpu
+}
+
+logging {
+  fileline: off
+  to_stderr: no
+  to_logfile: no
+  to_syslog: yes
+  debug: off
+  timestamp: on
+  logger_subsys {
+    subsys: AMF
+    debug: off
+  }
+}
+
+amf {
+  mode: disabled
+}

test/integration/data_bags/keys/corosync.json

@@ -0,0 +1 @@
+{"name":"data_bag_item_keys_corosync","json_class":"Chef::DataBagItem","chef_type":"data_bag_item","data_bag":"keys","raw_data":{"id":"corosync","authkey":{"encrypted_data":"GNdIBzonGptV7WQEse11elsFZbaQTnREOYdNuVfv3bdIZW7EZiVDpyIvqn31\nwi9gVmi7ttJfVOa6RYqLSbuUKxn8PzVuLWkxTv37z+1ry83x1Zh/Ios+0y85\nfowwS24lLuPH0+aQ5sVmhLa6Liqt+WajV50SrY69PNUBnbbJ6Q3Tt8cBolIL\nXJEpcc4O9pI4C9b3egHA1tWrDw2W/BbnH4F9IktkjD1BTvYcTkG1fuDRIMDi\n7G7r2oIuuQplJBkl\n","iv":"vz6bXWZhLuyTrqNy2Zq78w==\n","version":1,"cipher":"aes-256-cbc"}}}

test/integration/default/bats/cluster.bats

@@ -0,0 +1,11 @@
+#!/usr/bin/env bats
+
+@test "correct authkey" {
+  run md5sum /etc/corosync/authkey
+  [ "${output%% *}" = "fd22d4014a6f0c260a788d225d6dc24d" ]
+}
+
+@test "both members joined cluster" {
+  corosync-objctl | grep members | grep '10\.30\.0\.11'
+  corosync-objctl | grep members | grep '10\.30\.0\.12'
+}

test/integration/encrypted_data_bag_secret

@@ -0,0 +1,11 @@
+ufSA2k7NLm58suG5W/n/voTb4/vX61Wzzn0kXChyRfSlPr2a42v7Ve/FVF8OPkSq
+o5vfGHjLmEjU0BG0dpfn1Y98s4ZErECBlypZDpAIoxakLRWaxYQey5EdBxON/IF9
+7bS7ZA/6VkXZeoy7JYLCTx2stlzJzcsK7yhjmKt5uHMYaxKSDD8N4TV6vEOlJzTx
+NBxNGzI2bq99Fa+Hs3P92sPBYd/Y7yCebF8O7w/8eAGVXnjCMOYlP2jDKNfV7GKn
+YMisyJTQxTPb21VUNEpcii6QxR0CwaKUViLq07cOlVtwwGOhrgOdGO8sN424wMng
+J5cOMRvQC2XilD8KootkDjCjR66JZSYBm5wBfZRUNGQOgyuefuf6kShOtKkWBl9u
+4m9pyYCKF+eYv7Eadsk5mHBKRqr92DXGc2K+tPtfdR8HHU4x5RGBl/JxdZgi8/yO
+y9fFTBT8sUDn38mOuszWJ3kH2lvJl0wpyXCJANjDmb5Bv8d1paaZGjH+HClR0vQg
+aZiU5WnEoPiOYPhNGQ5KHXvSEwP5tMSUlaWkny0sTf3rlubjgOW2ZbviDVLeA/6H
+VRqlQ0IXBv28W8BFcypzsCE5CBlhQSzoLOYGJ2W4govKs3UiBMCBk8zHv1J/rhB0
+KCE8/FkKxmG/3BRf7RGlunk+fNq3rFdLWTW4rF0zkFg=