Redesign classes to allow split deployments

manifests/application.pp

@@ -1,38 +1,41 @@
-# Install and configure the katello application itself
+# @summary Install and configure the katello application itself
+#
+# @param rest_client_timeout
+#   Timeout for Katello rest API
+#
+# @param cdn_ssl_version
+#  SSL version used to communicate with the CDN
+#
+# @param proxy_host
+#  URL of the proxy server
+#
+# @param proxy_port
+#  Port the proxy is running on
+#
+# @param proxy_username
+#  Proxy username for authentication
+#
+# @param proxy_password
+#  Proxy password for authentication
+#
 class katello::application (
-  Array[String] $package_names = $katello::package_names,
-  Boolean $enable_ostree = $katello::enable_ostree,
-  Boolean $enable_yum = $katello::enable_yum,
-  Boolean $enable_file = $katello::enable_file,
-  Boolean $enable_puppet = $katello::enable_puppet,
-  Boolean $enable_docker = $katello::enable_docker,
-  Boolean $enable_deb = $katello::enable_deb,
-
-  Optional[Enum['SSLv23', 'TLSv1', '']] $cdn_ssl_version = $katello::cdn_ssl_version,
-  Stdlib::Httpsurl $candlepin_url = $katello::candlepin_url,
-  String $candlepin_oauth_key = $katello::candlepin_oauth_key,
-  String $candlepin_oauth_secret = $katello::candlepin_oauth_secret,
-  Stdlib::Httpsurl $pulp_url = $katello::pulp_url,
-  Stdlib::Httpsurl $crane_url = $katello::crane_url,
-  String $qpid_url = $katello::qpid_url,
-  String $candlepin_event_queue = $katello::candlepin_event_queue,
-  Optional[String] $proxy_host = $katello::proxy_url,
-  Optional[Integer[0, 65535]] $proxy_port = $katello::proxy_port,
-  Optional[String] $proxy_username = $katello::proxy_username,
-  Optional[String] $proxy_password = $katello::proxy_password,
-  Integer[0] $rest_client_timeout = $katello::rest_client_timeout,
+  Integer[0] $rest_client_timeout = 3600,
+  Optional[Enum['SSLv23', 'TLSv1', '']] $cdn_ssl_version = undef,
+  Optional[Stdlib::Host] $proxy_host = undef,
+  Optional[Stdlib::Port] $proxy_port = undef,
+  Optional[String] $proxy_username = undef,
+  Optional[String] $proxy_password = undef,
 ) {
   include foreman
   include certs
   include certs::apache
   include certs::foreman
   include certs::pulp_client
   include certs::qpid
-  include katello::qpid_client
+  include katello::params
 
-  $candlepin_ca_cert = $certs::ca_cert
-  $pulp_ca_cert = $certs::katello_server_ca_cert
-  $crane_ca_cert = $certs::katello_server_ca_cert
+  include katello::qpid_client
+  User<|title == $foreman::user|>{groups +> 'qpidd'}
 
   foreman_config_entry { 'pulp_client_cert':
     value          => $certs::pulp_client::client_cert,
@@ -51,9 +54,27 @@
   Class['certs', 'certs::ca', 'certs::apache'] ~> Class['apache::service']
   Class['certs', 'certs::ca', 'certs::qpid'] ~> Class['foreman::plugin::tasks']
 
+  # Used in katello.yaml.erb
+  $enable_ostree = $katello::params::enable_ostree
+  $enable_yum = $katello::params::enable_yum
+  $enable_file = $katello::params::enable_file
+  $enable_puppet = $katello::params::enable_puppet
+  $enable_docker = $katello::params::enable_docker
+  $enable_deb = $katello::params::enable_deb
+  $pulp_url = $katello::params::pulp_url
+  $pulp_ca_cert = $certs::katello_server_ca_cert # TODO: certs::apache::...
+  $candlepin_url = $katello::params::candlepin_url
+  $candlepin_oauth_key = $katello::params::candlepin_oauth_key
+  $candlepin_oauth_secret = $katello::params::candlepin_oauth_secret
+  $candlepin_ca_cert = $certs::ca_cert
+  $qpid_url = "amqp:ssl:${katello::params::qpid_hostname}:5671"
+  $candlepin_event_queue = $katello::params::candlepin_event_queue
+  $crane_url = $katello::params::crane_url
+  $crane_ca_cert = $certs::katello_server_ca_cert
+
   # Katello database seeding needs candlepin
   Anchor <| title == 'katello::repo' or title ==  'katello::candlepin' |> ->
-  package { $package_names:
+  package { $katello::params::rubygem_katello:
     ensure => installed,
   } ->
   file { "${foreman::plugin_config_dir}/katello.yaml":

manifests/candlepin.pp

@@ -1,26 +1,41 @@
-# Katello configuration for candlepin
+# @summary Install and configure candlepin
+#
+# @param db_host
+#   The database host
+# @param db_port
+#   The database port
+# @param db_name
+#   The database name
+# @param db_user
+#   The database username
+# @param db_password
+#   The database password. A random password will be generated when
+#   unspecified.
+# @param db_ssl
+#   Whether to connect using SSL
+# @param db_ssl_verify
+#   Whether to verify the certificate of the database host
+# @param manage_db
+#   Whether to manage the database. Set this to false when using a remote database
 class katello::candlepin (
-  Variant[Array[String], String] $user_groups = $katello::user_groups,
-  String $oauth_key = $katello::candlepin_oauth_key,
-  String $oauth_secret = $katello::candlepin_oauth_secret,
-  String $db_host = $katello::candlepin_db_host,
-  Optional[Integer[0, 65535]] $db_port = $katello::candlepin_db_port,
-  String $db_name = $katello::candlepin_db_name,
-  String $db_user = $katello::candlepin_db_user,
-  String $db_password = $katello::candlepin_db_password,
-  Boolean $db_ssl = $katello::candlepin_db_ssl,
-  Boolean $db_ssl_verify = $katello::candlepin_db_ssl_verify,
-  Boolean $manage_db = $katello::candlepin_manage_db,
-  String $qpid_hostname = $katello::qpid_hostname,
+  Stdlib::Host $db_host = 'localhost',
+  Optional[Stdlib::Port] $db_port = undef,
+  String $db_name = 'candlepin',
+  String $db_user = 'candlepin',
+  Optional[String] $db_password = undef,
+  Boolean $db_ssl = false,
+  Boolean $db_ssl_verify = true,
+  Boolean $manage_db = true,
 ) {
   include certs
   include certs::candlepin
+  include katello::params
 
   Anchor <| title == 'katello::qpid::event_queue' |> ->
   class { 'candlepin':
-    user_groups                  => $user_groups,
-    oauth_key                    => $oauth_key,
-    oauth_secret                 => $oauth_secret,
+    user_groups                  => $certs::candlepin::group,
+    oauth_key                    => $katello::params::candlepin_oauth_key,
+    oauth_secret                 => $katello::params::candlepin_oauth_secret,
     ca_key                       => $certs::candlepin::ca_key,
     ca_cert                      => $certs::candlepin::ca_cert,
     keystore_file                => $certs::candlepin::keystore,
@@ -34,7 +49,7 @@
     amqp_truststore_password     => $certs::candlepin::keystore_password,
     amqp_keystore                => $certs::candlepin::amqp_keystore,
     amqp_truststore              => $certs::candlepin::amqp_truststore,
-    qpid_hostname                => $qpid_hostname,
+    qpid_hostname                => $katello::params::qpid_hostname,
     qpid_ssl_cert                => $certs::candlepin::client_cert,
     qpid_ssl_key                 => $certs::candlepin::client_key,
     db_host                      => $db_host,

manifests/globals.pp

@@ -0,0 +1,41 @@
+# @summary Katello Default Params
+#
+# @param enable_ostree
+#   Enable ostree content plugin, this requires an ostree install
+#
+# @param enable_yum
+#   Enable rpm content plugin, including syncing of yum content
+#
+# @param enable_file
+#   Enable generic file content management
+#
+# @param enable_puppet
+#   Enable puppet content plugin
+#
+# @param enable_docker
+#   Enable docker content plugin
+#
+# @param enable_deb
+#   Enable debian content plugin
+#
+class katello::globals(
+  Boolean $enable_ostree = false,
+  Boolean $enable_yum = true,
+  Boolean $enable_file = true,
+  Boolean $enable_puppet = true,
+  Boolean $enable_docker = true,
+  Boolean $enable_deb = true,
+) {
+  if versioncmp($facts['operatingsystemmajrelease'], '8') >= 0 {
+    $rubygem_katello = 'rubygem-katello'
+  } else {
+    $rubygem_katello = 'tfm-rubygem-katello'
+  }
+
+  # OAUTH settings
+  $candlepin_oauth_key = 'katello'
+  $candlepin_oauth_secret = extlib::cache_data('foreman_cache_data', 'candlepin_oauth_secret', extlib::random_password(32))
+
+  $candlepin_qpid_exchange = 'event'
+  $candlepin_event_queue = 'katello_event_queue'
+}

manifests/init.pp

@@ -30,12 +30,6 @@
 #
 # === Advanced parameters:
 #
-# $user::               The Katello system user name
-#
-# $group::              The Katello system user group
-#
-# $user_groups::        Extra user groups the Katello user is a part of
-#
 # $candlepin_oauth_key:: The OAuth key for talking to the candlepin API
 #
 # $candlepin_oauth_secret:: The OAuth secret for talking to the candlepin API
@@ -50,8 +44,6 @@
 #
 # $qpid_hostname::      Hostname used to connect to qpidd.
 #
-# $package_names::      Packages that this module ensures are present instead of the default
-#
 # $candlepin_db_host::  Host with Candlepin DB
 #
 # $candlepin_db_port::  Port accepting connections to Candlepin DB
@@ -110,64 +102,117 @@
 # $pulp_manage_db::      Boolean to install and configure the mongodb.
 #
 class katello (
-  String $user = $katello::params::user,
-  String $group = $katello::params::group,
-  Variant[Array[String], String] $user_groups = $katello::params::user_groups,
+  Optional[String] $candlepin_oauth_key = undef,
+  Optional[String] $candlepin_oauth_secret = undef,
+
+  Integer[0] $rest_client_timeout = 3600,
+  Integer[0, 1000] $qpid_wcache_page_size = 4,
+  String $qpid_interface = 'lo',
+  Stdlib::Host $qpid_hostname = 'localhost',
+  Optional[Integer[1]] $num_pulp_workers = undef,
+  Integer[0] $pulp_worker_timeout = 60,
+  Optional[Stdlib::Host] $proxy_url = undef,
+  Optional[Stdlib::Port] $proxy_port = undef,
+  Optional[String] $proxy_username = undef,
+  Optional[String] $proxy_password = undef,
+  Optional[String] $pulp_max_speed = undef,
+  Optional[Enum['SSLv23', 'TLSv1']] $cdn_ssl_version = undef,
+
+  Boolean $enable_ostree = false,
+  Boolean $enable_yum = true,
+  Boolean $enable_file = true,
+  Boolean $enable_puppet = true,
+  Boolean $enable_docker = true,
+  Boolean $enable_deb = true,
+
+  Stdlib::Absolutepath $repo_export_dir = '/var/lib/pulp/katello-export',
+
+  String $candlepin_db_host = 'localhost',
+  Optional[Stdlib::Port] $candlepin_db_port = undef,
+  String $candlepin_db_name = 'candlepin',
+  String $candlepin_db_user = 'candlepin',
+  Optional[String] $candlepin_db_password = undef,
+  Boolean $candlepin_db_ssl = false,
+  Boolean $candlepin_db_ssl_verify = true,
+  Boolean $candlepin_manage_db = true,
 
-  String $candlepin_oauth_key = $katello::params::candlepin_oauth_key,
-  String $candlepin_oauth_secret = $katello::params::candlepin_oauth_secret,
+  String $pulp_db_name = 'pulp_database',
+  String $pulp_db_seeds = 'localhost:27017',
+  Optional[String] $pulp_db_username = undef,
+  Optional[String] $pulp_db_password = undef,
+  Optional[String] $pulp_db_replica_set = undef,
+  Boolean $pulp_db_ssl = false,
+  Optional[Stdlib::Absolutepath] $pulp_db_ssl_keyfile = undef,
+  Optional[Stdlib::Absolutepath] $pulp_db_ssl_certfile = undef,
+  Boolean $pulp_db_verify_ssl = true,
+  Stdlib::Absolutepath $pulp_db_ca_path = '/etc/pki/tls/certs/ca-bundle.crt',
+  Boolean $pulp_db_unsafe_autoretry = false,
+  Optional[Enum['majority', 'all']] $pulp_db_write_concern = undef,
+  Boolean $pulp_manage_db = true,
+) {
 
-  Integer[0] $rest_client_timeout = $katello::params::rest_client_timeout,
-  Integer[0, 1000] $qpid_wcache_page_size = $katello::params::qpid_wcache_page_size,
-  String $qpid_interface = $katello::params::qpid_interface,
-  String $qpid_hostname = $katello::params::qpid_hostname,
-  Integer[1] $num_pulp_workers = $katello::params::num_pulp_workers,
-  Integer[0] $pulp_worker_timeout = $katello::params::pulp_worker_timeout,
-  Optional[Stdlib::HTTPUrl] $proxy_url = $katello::params::proxy_url,
-  Optional[Integer[0, 65535]] $proxy_port = $katello::params::proxy_port,
-  Optional[String] $proxy_username = $katello::params::proxy_username,
-  Optional[String] $proxy_password = $katello::params::proxy_password,
-  Optional[String] $pulp_max_speed = $katello::params::pulp_max_speed,
-  Optional[Enum['SSLv23', 'TLSv1']] $cdn_ssl_version = $katello::params::cdn_ssl_version,
+  package { 'katello':
+    ensure => installed,
+  }
 
-  Array[String] $package_names = $katello::params::package_names,
-  Boolean $enable_ostree = $katello::params::enable_ostree,
-  Boolean $enable_yum = $katello::params::enable_yum,
-  Boolean $enable_file = $katello::params::enable_file,
-  Boolean $enable_puppet = $katello::params::enable_puppet,
-  Boolean $enable_docker = $katello::params::enable_docker,
-  Boolean $enable_deb = $katello::params::enable_deb,
+  class { 'katello::globals':
+    enable_ostree => $enable_ostree,
+    enable_yum    => $enable_yum,
+    enable_file   => $enable_file,
+    enable_puppet => $enable_puppet,
+    enable_docker => $enable_docker,
+    enable_deb    => $enable_deb,
+  }
 
+  class { 'katello::params':
+    candlepin_oauth_key    => $candlepin_oauth_key,
+    candlepin_oauth_secret => $candlepin_oauth_secret,
+    qpid_hostname          => $qpid_hostname,
+  }
 
-  Stdlib::Absolutepath $repo_export_dir = $katello::params::repo_export_dir,
+  class { 'katello::candlepin':
+    db_host       => $candlepin_db_host,
+    db_port       => $candlepin_db_port,
+    db_name       => $candlepin_db_name,
+    db_user       => $candlepin_db_user,
+    db_password   => $candlepin_db_password,
+    db_ssl        => $candlepin_db_ssl,
+    db_ssl_verify => $candlepin_db_ssl_verify,
+    manage_db     => $candlepin_manage_db,
+  }
 
-  String $candlepin_db_host = $katello::params::candlepin_db_host,
-  Optional[Integer[0, 65535]] $candlepin_db_port = $katello::params::candlepin_db_port,
-  String $candlepin_db_name = $katello::params::candlepin_db_name,
-  String $candlepin_db_user = $katello::params::candlepin_db_user,
-  String $candlepin_db_password = $katello::params::candlepin_db_password,
-  Boolean $candlepin_db_ssl = $katello::params::candlepin_db_ssl,
-  Boolean $candlepin_db_ssl_verify = $katello::params::candlepin_db_ssl_verify,
-  Boolean $candlepin_manage_db = $katello::params::candlepin_manage_db,
+  class { 'katello::qpid':
+    interface        => $qpid_interface,
+    wcache_page_size => $qpid_wcache_page_size,
+  }
 
-  String $pulp_db_name = $katello::params::pulp_db_name,
-  String $pulp_db_seeds = $katello::params::pulp_db_seeds,
-  Optional[String] $pulp_db_username = $katello::params::pulp_db_username,
-  Optional[String] $pulp_db_password = $katello::params::pulp_db_password,
-  Optional[String] $pulp_db_replica_set = $katello::params::pulp_db_replica_set,
-  Boolean $pulp_db_ssl = $katello::params::pulp_db_ssl,
-  Optional[Stdlib::Absolutepath] $pulp_db_ssl_keyfile = $katello::params::pulp_db_ssl_keyfile,
-  Optional[Stdlib::Absolutepath] $pulp_db_ssl_certfile = $katello::params::pulp_db_ssl_certfile,
-  Boolean $pulp_db_verify_ssl = $katello::params::pulp_db_verify_ssl,
-  Stdlib::Absolutepath $pulp_db_ca_path = $katello::params::pulp_db_ca_path,
-  Boolean $pulp_db_unsafe_autoretry = $katello::params::pulp_db_unsafe_autoretry,
-  Optional[Enum['majority', 'all']] $pulp_db_write_concern = $katello::params::pulp_db_write_concern,
-  Boolean $pulp_manage_db = $katello::params::pulp_manage_db,
-) inherits katello::params {
+  class { 'katello::pulp':
+    yum_max_speed            => $pulp_max_speed,
+    num_workers              => $num_pulp_workers,
+    worker_timeout           => $pulp_worker_timeout,
+    mongodb_name             => $pulp_db_name,
+    mongodb_seeds            => $pulp_db_seeds,
+    mongodb_username         => $pulp_db_username,
+    mongodb_password         => $pulp_db_password,
+    mongodb_replica_set      => $pulp_db_replica_set,
+    mongodb_ssl              => $pulp_db_ssl,
+    mongodb_ssl_keyfile      => $pulp_db_ssl_keyfile,
+    mongodb_ssl_certfile     => $pulp_db_ssl_certfile,
+    mongodb_verify_ssl       => $pulp_db_verify_ssl,
+    mongodb_ca_path          => $pulp_db_ca_path,
+    mongodb_unsafe_autoretry => $pulp_db_unsafe_autoretry,
+    mongodb_write_concern    => $pulp_db_write_concern,
+    manage_mongodb           => $pulp_manage_db,
+    repo_export_dir          => $repo_export_dir,
+  }
 
-  include katello::candlepin
-  include katello::qpid
-  include katello::pulp
-  include katello::application
+  class { 'katello::application':
+    rest_client_timeout => $rest_client_timeout,
+    cdn_ssl_version     => $cdn_ssl_version,
+    proxy_host          => $proxy_url,
+    proxy_port          => $proxy_port,
+    proxy_username      => $proxy_username,
+    proxy_password      => $proxy_password,
+  }
 
 }