Skip to content

Commit

Permalink
Refactor module
Browse files Browse the repository at this point in the history 
This rewrites large parts of the module. The main goal is to split
init.pp into several classes that each describe a part of the stack.
This is then composed in init.pp where additional chaining is applied.
While it doesn't add parameters to choose the composition, it does open
the path to it.

It also relies more on using puppet-foreman. This means $config_dir is
removed in favor of $foreman::plugin_config_dir. Additionally it uses
Foreman::rake as chaining rather than the internal Execs. Similarly it
now notifies the tasks instead of the Service.

All classes use explicit parameters in the local scope and have their
own specs.
  • Loading branch information
@ekohl
ekohl committed Aug 21, 2017
1 parent bf8cedf commit 938521c
Show file tree
Hide file tree
Showing 20 changed files with 749 additions and 373 deletions.
76 changes: 76 additions & 0 deletions manifests/application.pp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
# Install and configure the katello application itself
class katello::application (
Array[String] $package_names = $::katello::package_names,
Boolean $enable_ostree = $::katello::enable_ostree,
String $rubygem_katello_ostree = $::katello::rubygem_katello_ostree,
Optional[Enum['SSLv23', 'TLSv1', '']] $cdn_ssl_version = $::katello::cdn_ssl_version,
String $deployment_url = $::katello::deployment_url,
String $post_sync_token = $::katello::post_sync_token,
Stdlib::Httpsurl $candlepin_url = $::katello::candlepin_url,
String $oauth_key = $::katello::oauth_key,
String $oauth_secret = $::katello::oauth_secret,
Stdlib::Httpsurl $pulp_url = $::katello::pulp_url,
String $qpid_url = $::katello::qpid_url,
String $candlepin_event_queue = $::katello::candlepin_event_queue,
Optional[String] $proxy_host = $::katello::proxy_url,
Optional[Integer[0, 65535]] $proxy_port = $::katello::proxy_port,
Optional[String] $proxy_username = $::katello::proxy_username,
Optional[String] $proxy_password = $::katello::proxy_password,
) {
include ::certs
include ::certs::apache
include ::certs::foreman
include ::certs::pulp_client

$candlepin_ca_cert = $::certs::ca_cert
$pulp_ca_cert = $::certs::katello_server_ca_cert

foreman_config_entry { 'pulp_client_cert':
value => $::certs::pulp_client::client_cert,
ignore_missing => false,
require => [Class['certs::pulp_client'], Foreman::Rake['db:seed']],
}

foreman_config_entry { 'pulp_client_key':
value => $::certs::pulp_client::client_key,
ignore_missing => false,
require => [Class['certs::pulp_client'], Foreman::Rake['db:seed']],
}

# We used to override permissions here so this matches it back to the packaging
file { '/usr/share/foreman/bundler.d/katello.rb':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
}

include ::foreman
include ::foreman::plugin::tasks

Class['certs', 'certs::ca', 'certs::apache'] ~> Class['apache::service']

# Katello database seeding needs candlepin
package { $package_names:
ensure => installed,
} ->
file { "${::foreman::plugin_config_dir}/katello.yaml":
ensure => file,
owner => 'root',
group => $::foreman::group,
mode => '0640',
content => template('katello/katello.yaml.erb'),
notify => [Class['foreman::service', 'foreman::plugin::tasks'], Foreman::Rake['db:seed']],
}

if $enable_ostree {
package { $rubygem_katello_ostree:
ensure => installed,
notify => [Class['foreman::service', 'foreman::plugin::tasks'], Foreman::Rake['apipie:cache:index']],
}
}

foreman::config::passenger::fragment{ 'katello':
ssl_content => file('katello/katello-apache-ssl.conf'),
}
}
54 changes: 54 additions & 0 deletions manifests/candlepin.pp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
# Katello configuration for candlepin
class katello::candlepin (
Variant[Array[String], String] $user_groups = $::katello::user_groups,
String $oauth_key = $::katello::oauth_key,
String $oauth_secret = $::katello::oauth_secret,
String $deployment_url = $::katello::deployment_url,
String $db_host = $::katello::candlepin_db_host,
Optional[Integer[0, 65535]] $db_port = $::katello::candlepin_db_port,
String $db_name = $::katello::candlepin_db_name,
String $db_user = $::katello::candlepin_db_user,
String $db_password = $::katello::candlepin_db_password,
Boolean $db_ssl = $::katello::candlepin_db_ssl,
Boolean $db_ssl_verify = $::katello::candlepin_db_ssl_verify,
Boolean $manage_db = $::katello::candlepin_manage_db,
String $qpid_hostname = $::katello::qpid_hostname,
) {
include ::certs
include ::certs::qpid
include ::certs::candlepin
include ::katello::qpid_client

class { '::candlepin':
user_groups => $user_groups,
oauth_key => $oauth_key,
oauth_secret => $oauth_secret,
deployment_url => $deployment_url,
ca_key => $::certs::ca_key,
ca_cert => $::certs::ca_cert_stripped,
keystore_password => $::certs::candlepin::keystore_password,
truststore_password => $::certs::candlepin::keystore_password,
enable_basic_auth => false,
consumer_system_name_pattern => '.+',
adapter_module => 'org.candlepin.katello.KatelloModule',
amq_enable => true,
amqp_keystore_password => $::certs::candlepin::keystore_password,
amqp_truststore_password => $::certs::candlepin::keystore_password,
amqp_keystore => $::certs::candlepin::amqp_keystore,
amqp_truststore => $::certs::candlepin::amqp_truststore,
qpid_hostname => $qpid_hostname,
qpid_ssl_cert => $::certs::qpid::client_cert,
qpid_ssl_key => $::certs::qpid::client_key,
db_host => $db_host,
db_port => $db_port,
db_name => $db_name,
db_user => $db_user,
db_password => $db_password,
db_ssl => $db_ssl,
db_ssl_verify => $db_ssl_verify,
manage_db => $manage_db,
subscribe => Class['certs', 'certs::qpid', 'certs::candlepin'],
}

contain ::candlepin
}
48 changes: 0 additions & 48 deletions manifests/config.pp
View file

This file was deleted.

18 changes: 0 additions & 18 deletions manifests/config/pulp_client.pp
View file

This file was deleted.

108 changes: 9 additions & 99 deletions manifests/init.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,6 @@
# $post_sync_token:: The shared secret for pulp notifying katello about
# completed syncs
#
# $config_dir:: Location for Katello config files
#
# $cdn_ssl_version:: SSL version used to communicate with the CDN
#
# $num_pulp_workers:: Number of pulp workers to use
Expand Down Expand Up @@ -83,7 +81,6 @@
Integer[0, 1000] $qpid_wcache_page_size = $::katello::params::qpid_wcache_page_size,
Integer[1] $num_pulp_workers = $::katello::params::num_pulp_workers,
Optional[Integer] $max_tasks_per_pulp_worker = $::katello::params::max_tasks_per_pulp_worker,
Stdlib::Absolutepath $config_dir = $::katello::params::config_dir,
Optional[Stdlib::HTTPUrl] $proxy_url = $::katello::params::proxy_url,
Optional[Integer[0, 65535]] $proxy_port = $::katello::params::proxy_port,
Optional[String] $proxy_username = $::katello::params::proxy_username,
Expand All @@ -110,102 +107,15 @@
Boolean $candlepin_db_ssl_verify = $::katello::params::candlepin_db_ssl_verify,
Boolean $candlepin_manage_db = $::katello::params::candlepin_manage_db,
) inherits katello::params {
$candlepin_ca_cert = $::certs::ca_cert
$pulp_ca_cert = $::certs::katello_server_ca_cert

Class['certs'] ~>
class { '::certs::apache': } ~>
class { '::katello::repo': } ~>
class { '::katello::install': } ~>
class { '::katello::config': } ~>
class { '::certs::qpid': } ~>
class { '::qpid':
ssl => true,
ssl_cert_db => $::certs::nss_db_dir,
ssl_cert_password_file => $::certs::qpid::nss_db_password_file,
ssl_cert_name => 'broker',
interface => 'lo',
wcache_page_size => $qpid_wcache_page_size,
} ~>
class { '::certs::candlepin': } ~>
class { '::candlepin':
user_groups => $katello::user_groups,
oauth_key => $katello::oauth_key,
oauth_secret => $katello::oauth_secret,
deployment_url => $katello::deployment_url,
ca_key => $certs::ca_key,
ca_cert => $certs::ca_cert_stripped,
keystore_password => $::certs::candlepin::keystore_password,
truststore_password => $::certs::candlepin::keystore_password,
enable_basic_auth => false,
consumer_system_name_pattern => '.+',
adapter_module => 'org.candlepin.katello.KatelloModule',
amq_enable => true,
amqp_keystore_password => $::certs::candlepin::keystore_password,
amqp_truststore_password => $::certs::candlepin::keystore_password,
amqp_keystore => $::certs::candlepin::amqp_keystore,
amqp_truststore => $::certs::candlepin::amqp_truststore,
qpid_ssl_cert => $::certs::qpid::client_cert,
qpid_ssl_key => $::certs::qpid::client_key,
db_host => $candlepin_db_host,
db_port => $candlepin_db_port,
db_name => $candlepin_db_name,
db_user => $candlepin_db_user,
db_password => $candlepin_db_password,
db_ssl => $candlepin_db_ssl,
db_ssl_verify => $candlepin_db_ssl_verify,
manage_db => $candlepin_manage_db,
} ~>
class { '::certs::qpid_client': } ~>
class { '::pulp':
oauth_enabled => true,
oauth_key => $katello::oauth_key,
oauth_secret => $katello::oauth_secret,
messaging_url => 'ssl://localhost:5671',
messaging_ca_cert => $::certs::ca_cert,
messaging_client_cert => $certs::qpid_client::messaging_client_cert,
messaging_transport => 'qpid',
messaging_auth_enabled => false,
broker_url => 'qpid://localhost:5671',
broker_use_ssl => true,
consumers_crl => $candlepin::crl_file,
proxy_url => $proxy_url,
proxy_port => $proxy_port,
proxy_username => $proxy_username,
proxy_password => $proxy_password,
yum_max_speed => $pulp_max_speed,
manage_broker => false,
manage_httpd => false,
manage_plugins_httpd => true,
manage_squid => true,
enable_rpm => true,
enable_puppet => true,
enable_docker => true,
enable_ostree => $enable_ostree,
num_workers => $num_pulp_workers,
max_tasks_per_child => $max_tasks_per_pulp_worker,
enable_parent_node => false,
repo_auth => true,
puppet_wsgi_processes => 1,
enable_katello => true,
} ~>
class { '::qpid::client':
ssl => true,
ssl_cert_name => 'broker',
ssl_cert_db => $certs::nss_db_dir,
ssl_cert_password_file => $certs::qpid::nss_db_password_file,
} ~>
class { '::katello::qpid':
client_cert => $certs::qpid::client_cert,
client_key => $certs::qpid::client_key,
}

class { '::certs::foreman': }

Exec['cpinit'] -> Exec['foreman-rake-db:seed']
Class['certs::candlepin'] ~> Service['tomcat']
Class['certs::qpid'] ~> Service['qpidd']
Class['certs::ca'] ~> Service['httpd']
include ::katello::repo
include ::katello::candlepin
include ::katello::qpid
include ::katello::qpid_client
include ::katello::pulp
Class['katello::repo'] -> Class['katello::pulp']
include ::katello::application
Class['katello::repo'] -> Class['katello::application']
Class['katello::candlepin'] -> Class['katello::application']

User<|title == apache|>{groups +> $user_groups}
}
13 changes: 0 additions & 13 deletions manifests/install.pp
View file

This file was deleted.

4 changes: 2 additions & 2 deletions manifests/params.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,6 @@
$user = 'foreman'
$group = 'foreman'
$user_groups = ['foreman']
$config_dir = '/etc/foreman/plugins'
$repo_export_dir = '/var/lib/pulp/katello-export'

# OAUTH settings
Expand All @@ -62,7 +61,8 @@
# database reinitialization flag
$reset_data = 'NONE'

$qpid_url = 'amqp:ssl:localhost:5671'
$qpid_hostname = 'localhost'
$qpid_url = "amqp:ssl:${qpid_hostname}:5671"
$candlepin_event_queue = 'katello_event_queue'
$candlepin_qpid_exchange = 'event'
$enable_ostree = false
Expand Down
Loading

0 comments on commit 938521c

Please sign in to comment.