Revision d5b4a5f5
Added by Michael Moll about 8 years ago
README.md | ||
---|---|---|
To configure older versions of the Smart Proxy (1.5 to 1.10), use version 2.x
|
||
of this module.
|
||
|
||
### 1.11 compatibility notes
|
||
|
||
* If using the virsh DHCP/DNS provider, `libvirt_backend => "virsh"` must be set.
|
||
|
||
# Contributing
|
||
|
||
* Fork the project
|
manifests/config.pp | ||
---|---|---|
foreman_proxy::settings_file { ['dns_nsupdate', 'dns_nsupdate_gss']:
|
||
module => false,
|
||
}
|
||
if $::foreman_proxy::libvirt_backend == 'libvirt' {
|
||
foreman_proxy::settings_file { ['dns_libvirt', 'dhcp_libvirt']:
|
||
module => false,
|
||
}
|
||
}
|
||
foreman_proxy::settings_file { 'puppet':
|
||
enabled => $::foreman_proxy::puppetrun,
|
||
listen_on => $::foreman_proxy::puppetrun_listen_on,
|
manifests/init.pp | ||
---|---|---|
# $dns_forwarders:: DNS forwarders
|
||
# type:array
|
||
#
|
||
# $virsh_network:: Network for virsh DNS/DHCP provider
|
||
# $libvirt_backend:: Backend of libvirt DNS/DHCP provider (virsh or libvirt)
|
||
#
|
||
# $libvirt_connection:: Connection string of libvirt DNS/DHCP provider (e.g. "qemu:///system")
|
||
#
|
||
# $libvirt_network:: Network for libvirt DNS/DHCP provider
|
||
#
|
||
# $bmc:: Enable BMC feature
|
||
# type:boolean
|
||
... | ... | |
$dns_tsig_keytab = $foreman_proxy::params::dns_tsig_keytab,
|
||
$dns_tsig_principal = $foreman_proxy::params::dns_tsig_principal,
|
||
$dns_forwarders = $foreman_proxy::params::dns_forwarders,
|
||
$virsh_network = $foreman_proxy::params::virsh_network,
|
||
$libvirt_backend = $foreman_proxy::params::libvirt_backend,
|
||
$libvirt_network = $foreman_proxy::params::libvirt_network,
|
||
$libvirt_connection = $foreman_proxy::params::libvirt_connection,
|
||
$bmc = $foreman_proxy::params::bmc,
|
||
$bmc_listen_on = $foreman_proxy::params::bmc_listen_on,
|
||
$bmc_default_provider = $foreman_proxy::params::bmc_default_provider,
|
||
... | ... | |
validate_string($dns_interface, $dns_provider, $dns_reverse, $dns_server, $keyfile)
|
||
validate_array($dns_forwarders)
|
||
|
||
# Validate libvirt params
|
||
validate_re($libvirt_backend, '^(libvirt|virsh)$')
|
||
validate_string($libvirt_network, $libvirt_connection)
|
||
|
||
# Validate bmc params
|
||
validate_re($bmc_default_provider, '^(freeipmi|ipmitool|shell)$')
|
||
|
manifests/params.pp | ||
---|---|---|
|
||
$dns_forwarders = []
|
||
|
||
# virsh options
|
||
$virsh_network = 'default'
|
||
# libvirt options
|
||
$libvirt_backend = 'libvirt'
|
||
$libvirt_connection = 'qemu:///system'
|
||
$libvirt_network = 'default'
|
||
|
||
# BMC options
|
||
$bmc = false
|
spec/classes/foreman_proxy__config__spec.rb | ||
---|---|---|
end
|
||
|
||
it 'should create configuration files' do
|
||
[ "#{etc_dir}/foreman-proxy/settings.yml", "#{etc_dir}/foreman-proxy/settings.d/tftp.yml", "#{etc_dir}/foreman-proxy/settings.d/dns.yml",
|
||
"#{etc_dir}/foreman-proxy/settings.d/dns_nsupdate.yml", "#{etc_dir}/foreman-proxy/settings.d/dns_nsupdate_gss.yml",
|
||
"#{etc_dir}/foreman-proxy/settings.d/dhcp.yml", "#{etc_dir}/foreman-proxy/settings.d/dhcp_isc.yml",
|
||
"#{etc_dir}/foreman-proxy/settings.d/puppetca.yml", "#{etc_dir}/foreman-proxy/settings.d/puppet.yml",
|
||
"#{etc_dir}/foreman-proxy/settings.d/bmc.yml", "#{etc_dir}/foreman-proxy/settings.d/realm.yml",
|
||
"#{etc_dir}/foreman-proxy/settings.d/templates.yml", "#{etc_dir}/foreman-proxy/settings.d/logs.yml"].each do |cfile|
|
||
should contain_file(cfile).
|
||
[ 'settings.yml', 'settings.d/bmc.yml', 'settings.d/dns.yml',
|
||
'settings.d/dns_nsupdate.yml', 'settings.d/dns_nsupdate_gss.yml',
|
||
'settings.d/dns_libvirt.yml', 'settings.d/dhcp.yml', 'settings.d/dhcp_isc.yml',
|
||
'settings.d/dhcp_libvirt.yml', 'settings.d/logs.yml', 'settings.d/puppet.yml',
|
||
'settings.d/puppetca.yml', 'settings.d/realm.yml', 'settings.d/templates.yml',
|
||
'settings.d/tftp.yml' ].each do |cfile|
|
||
should contain_file("#{etc_dir}/foreman-proxy/#{cfile}").
|
||
with({
|
||
:owner => 'root',
|
||
:group => "#{proxy_user_name}",
|
||
... | ... | |
':daemon: true',
|
||
':bind_host: \'*\'',
|
||
':https_port: 8443',
|
||
':virsh_network: default',
|
||
':log_file: /var/log/foreman-proxy/proxy.log',
|
||
':log_level: ERROR',
|
||
':log_buffer: 2000',
|
||
... | ... | |
':dns_server: 127.0.0.1',
|
||
])
|
||
|
||
verify_exact_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/dhcp_libvirt.yml", [
|
||
'---',
|
||
':network: default',
|
||
':url: qemu:///system',
|
||
])
|
||
|
||
verify_exact_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/dns_libvirt.yml", [
|
||
'---',
|
||
':network: default',
|
||
':url: qemu:///system',
|
||
])
|
||
|
||
verify_exact_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/dns_nsupdate_gss.yml", [
|
||
'---',
|
||
':dns_server: 127.0.0.1',
|
||
... | ... | |
end
|
||
end
|
||
|
||
context 'when dns_provider => libvirt' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
dns_provider => "libvirt",
|
||
libvirt_network => "mynet",
|
||
libvirt_connection => "http://myvirt",
|
||
}'
|
||
end
|
||
|
||
it 'should set the provider correctly' do
|
||
verify_exact_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/dns.yml", [
|
||
'---',
|
||
':enabled: false',
|
||
':use_provider: dns_libvirt',
|
||
':dns_ttl: 86400',
|
||
])
|
||
|
||
verify_exact_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/dns_libvirt.yml", [
|
||
'---',
|
||
':network: mynet',
|
||
':url: http://myvirt',
|
||
])
|
||
end
|
||
end
|
||
|
||
context 'when dns_provider => nsupdate_gss' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
... | ... | |
end
|
||
end
|
||
|
||
context 'when dhcp_provider => libvirt' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
dhcp_provider => "libvirt",
|
||
libvirt_network => "mynet",
|
||
libvirt_connection => "http://myvirt",
|
||
}'
|
||
end
|
||
|
||
it 'should set the provider correctly' do
|
||
verify_exact_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/dhcp.yml", [
|
||
'---',
|
||
':enabled: false',
|
||
':use_provider: dhcp_libvirt',
|
||
':server: 127.0.0.1',
|
||
])
|
||
|
||
verify_exact_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/dhcp_libvirt.yml", [
|
||
'---',
|
||
':network: mynet',
|
||
':url: http://myvirt',
|
||
])
|
||
end
|
||
end
|
||
|
||
context 'when puppetrun_provider => puppetrun' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
... | ... | |
])
|
||
end
|
||
end
|
||
|
||
context 'when libvirt_backend => virsh' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
libvirt_backend => "virsh",
|
||
libvirt_network => "mynet",
|
||
}'
|
||
end
|
||
|
||
it 'should generate correct settings.yml' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.yml", [
|
||
':virsh_network: mynet',
|
||
])
|
||
end
|
||
|
||
it "should not manage libvirt backend config files" do
|
||
should_not contain_file("#{etc_dir}/foreman-proxy/settings.d/dhcp_libvirt.yml")
|
||
should_not contain_file("#{etc_dir}/foreman-proxy/settings.d/dns_libvirt.yml")
|
||
end
|
||
end
|
||
end
|
||
end
|
||
end
|
templates/dhcp.yml.erb | ||
---|---|---|
# valid providers:
|
||
# - <%= "dhcp_" %>isc (ISC dhcp server)
|
||
# - <%= "dhcp_" %>native_ms (Microsoft native implementation)
|
||
# - <%= "dhcp_" %>virsh (simple implementation for libvirt)
|
||
# - <%= "dhcp_" %><% scope.lookupvar("foreman_proxy::libvirt_backend") %> (dnsmasq via libvirt)
|
||
:use_provider: dhcp_<%= scope.lookupvar("foreman_proxy::dhcp_provider") %>
|
||
:server: <%= scope.lookupvar("foreman_proxy::dhcp_server") %>
|
||
# subnets restricts the subnets queried to a subset, to reduce the query time.
|
templates/dhcp_libvirt.yml.erb | ||
---|---|---|
---
|
||
# Libvirt DHCP provider configuration
|
||
|
||
# Libvirt network. Only one network is supported.
|
||
:network: <%= scope.lookupvar('foreman_proxy::libvirt_network') %>
|
||
|
||
# Libvirt connection. Make sure proxy effective user have permission to connect.
|
||
:url: <%= scope.lookupvar('foreman_proxy::libvirt_connection') %>
|
templates/dns.yml.erb | ||
---|---|---|
# <%= "dns_" %>dnscmd (Microsoft Windows native implementation)
|
||
# <%= "dns_" %>nsupdate
|
||
# <%= "dns_" %>nsupdate_gss (for GSS-TSIG support)
|
||
# <%= "dns_" %>virsh (simple implementation for libvirt)
|
||
# <%= "dns_" %><% scope.lookupvar("foreman_proxy::libvirt_backend") %> (dnsmasq via libvirt)
|
||
:use_provider: dns_<%= scope.lookupvar("foreman_proxy::dns_provider") %>
|
||
# use this setting if you want to override default TTL setting (86400)
|
||
:dns_ttl: <%= scope.lookupvar("foreman_proxy::dns_ttl") %>
|
templates/dns_libvirt.yml.erb | ||
---|---|---|
---
|
||
# Libvirt DNS provider configuration
|
||
|
||
# Libvirt network. Only one network is supported.
|
||
:network: <%= scope.lookupvar('foreman_proxy::libvirt_network') %>
|
||
|
||
# Libvirt connection. Make sure proxy effective user have permission to connect.
|
||
:url: <%= scope.lookupvar('foreman_proxy::libvirt_connection') %>
|
templates/settings.yml.erb | ||
---|---|---|
<%= '#' unless ssl -%>:https_port: <%= scope.lookupvar("foreman_proxy::ssl_port") %>
|
||
<%= '#' unless http -%>:http_port: <%= scope.lookupvar("foreman_proxy::http_port") %>
|
||
|
||
<%- if scope.lookupvar('foreman_proxy::libvirt_backend') == 'virsh' -%>
|
||
# shared options for virsh DNS/DHCP provider
|
||
:virsh_network: <%= scope.lookupvar("foreman_proxy::virsh_network") %>
|
||
:virsh_network: <%= scope.lookupvar('foreman_proxy::libvirt_network') %>
|
||
<%- end -%>
|
||
|
||
# Log configuration
|
||
# Uncomment and modify if you want to change the location of the log file or use STDOUT or SYSLOG values
|
Also available in: Unified diff
support libvirt DNS/DHCP provider