Project

General

Profile

« Previous | Next » 

Revision cad1cd0f

Added by Ewoud Kohl van Wijngaarden about 5 years ago

Convert documentation to yardoc

This allows easy generation of reference documentation
(rake strings:generate:reference).

View differences:

manifests/admin.pp
#
# == Class: pulp::admin
#
# Install and configure Pulp admin
#
# === Parameters:
#
# $version:: pulp admin package version, it's passed to ensure parameter of package resource
# can be set to specific version number, 'latest', 'present' etc.
# @param version
# Pulp admin package version, it's passed to ensure parameter of package
# resource can be set to specific version number, 'latest', 'present' etc.
#
# $host:: The pulp server hostname
# @param host
# The pulp server hostname
#
# $port:: The port providing the RESTful API
# @param port
# The port providing the RESTful API
#
# $api_prefix:: The REST API prefix.
# @param api_prefix
# The REST API prefix.
#
# $verify_ssl:: Set this to False to configure the client not to verify that the server's SSL cert is signed by
# a trusted authority
# @param verify_ssl
# Set this to False to configure the client not to verify that the server's
# SSL cert is signed by a trusted authority
#
# $ca_path:: This is a path to a file of concatenated trusted CA certificates, or to a directory of trusted
# CA certificates (with openssl-style hashed symlinks, one certificate per file).
# @param ca_path
# This is a path to a file of concatenated trusted CA certificates, or to a
# directory of trusted CA certificates (with openssl-style hashed symlinks,
# one certificate per file).
#
# $upload_chunk_size:: upload_chunk_size
# @param upload_chunk_size
# upload_chunk_size
#
# $role:: The client role.
# @param role
# The client role.
#
# $extensions_dir:: The location of admin client extensions.
# @param extensions_dir
# The location of admin client extensions.
#
# $id_cert_dir:: The location of the directory where the Pulp user ID certificate is stored.
# @param id_cert_dir
# The location of the directory where the Pulp user ID certificate is stored.
#
# $id_cert_filename:: The name of the file containing the PEM encoded client private key and X.509
# certificate. This file is downloaded and stored here during login.
# @param id_cert_filename
# The name of the file containing the PEM encoded client private key and
# X.509 certificate. This file is downloaded and stored here during login.
#
# $upload_working_dir:: Directory where status files for in progress uploads will be stored
# @param upload_working_dir
# Directory where status files for in progress uploads will be stored
#
# $log_filename:: The location of the admin client log file.
# @param log_filename
# The location of the admin client log file.
#
# $call_log_filename:: If present, the raw REST responses will be logged to the given file.
# @param call_log_filename
# If present, the raw REST responses will be logged to the given file.
#
# $poll_frequency_in_seconds:: Number of seconds between requests for any operation that repeatedly polls
# the server for data.
# @param poll_frequency_in_seconds
# Number of seconds between requests for any operation that repeatedly polls
# the server for data.
#
# $enable_color:: Set this to false to disable all color escape sequences
# @param enable_color
# Set this to false to disable all color escape sequences
#
# $wrap_to_terminal:: If wrap_to_terminal is true, any text wrapping will use the current width of
# the terminal. If false, the value in wrap_width is used.
# @param wrap_to_terminal
# If wrap_to_terminal is true, any text wrapping will use the current width
# of the terminal. If false, the value in wrap_width is used.
#
# $wrap_width:: The number of characters written before wrapping to the next line.
# @param wrap_width
# The number of characters written before wrapping to the next line.
#
# $enable_puppet:: Install puppet extension. Defaults to false.
# @param enable_puppet
# Install puppet extension. Defaults to false.
#
# $enable_deb:: Install deb extension. Defaults to false.
# @param enable_deb
# Install deb extension. Defaults to false.
#
# $enable_docker:: Install docker extension. Defaults to false.
# @param enable_docker
# Install docker extension. Defaults to false.
#
# $enable_nodes:: Install nodes extension. Defaults to false.
# @param enable_nodes
# Install nodes extension. Defaults to false.
#
# $enable_python:: Install python extension. Defaults to false.
# @param enable_python
# Install python extension. Defaults to false.
#
# $enable_ostree:: Install ostree extension. Defaults to false.
# @param enable_ostree
# Install ostree extension. Defaults to false.
#
# $enable_rpm:: Install rpm extension. Defaults to true.
# @param enable_rpm
# Install rpm extension. Defaults to true.
#
# $enable_iso:: Install ISO extension. Defaults to true.
# @param enable_iso
# Install ISO extension. Defaults to true.
#
# $puppet_upload_working_dir:: Directory where status files for in progress uploads will be stored
# @param puppet_upload_working_dir
# Directory where status files for in progress uploads will be stored
#
# $puppet_upload_chunk_size:: Maximum amount of data (in bytes) sent for an upload in a single request
# @param puppet_upload_chunk_size
# Maximum amount of data (in bytes) sent for an upload in a single request
#
# $login_method:: The method to ensure root can use pulp-admin. Choose none to disable this behaviour.
# @param login_method
# The method to ensure root can use pulp-admin. Choose none to disable this
# behaviour.
#
# $username:: The username to login with
# @param username
# The username to login with
#
# $password:: The password to login with. If left undefined then no login will be performed.
# @param password
# The password to login with. If left undefined then no login will be
# performed.
#
class pulp::admin (
String $version = $pulp::admin::params::version,
manifests/admin/config.pp
# Pulp Admin Configuration
# @api private
class pulp::admin::config {
file { '/etc/pulp/admin/admin.conf':
ensure => 'file',
manifests/admin/install.pp
# Pulp Admin Install Packages
# @api private
class pulp::admin::install {
package { 'pulp-admin-client':
ensure => $pulp::admin::version,
manifests/admin/login.pp
# Ensure the user is logged in to execute commands
# @api private
class pulp::admin::login (
$login_method = $pulp::admin::login_method,
$username = $pulp::admin::username,
manifests/admin/params.pp
# Pulp Admin Params
# @api private
class pulp::admin::params {
$version = 'installed'
$host = $facts['fqdn']
manifests/apache.pp
# configure apache
# @api private
class pulp::apache {
include apache
include apache::mod::proxy
manifests/apache/fragment.pp
# provides the ability to specify fragments for the ssl
# virtual host defined for a Pulp server
# Provides the ability to specify fragments for the ssl virtual host defined
# for a Pulp server
#
# === Parameters:
# @param ssl_content
# Content of the ssl virtual host fragment
#
# $ssl_content:: content of the ssl virtual host fragment
#
# $order:: the order in which to load the concat fragments
# @param order
# The order in which to load the concat fragments
#
define pulp::apache::fragment(
String $ssl_content,
manifests/apache_plugin.pp
# Define a the Apache config for a plugin
# @api private
define pulp::apache_plugin ($confd = true, $vhosts80 = true) {
include apache
manifests/broker.pp
# Set up the broker
# @api private
class pulp::broker {
if $pulp::messaging_transport == 'qpid' {
$broker_service = 'qpidd'
manifests/child.pp
#
# == Class: pulp::child
#
# Install and configure Pulp node
#
class pulp::child (
manifests/child/apache.pp
# Define an Apache config for a Pulp node deployment
# @api private
class pulp::child::apache (
$servername = $facts['fqdn'],
$ssl_cert = $pulp::child::ssl_cert,
manifests/child/config.pp
# Pulp Node Configuration
# @api private
class pulp::child::config(
$node_certificate = $pulp::node_certificate,
$verify_ssl = $pulp::node_verify_ssl,
manifests/child/fragment.pp
# provides the ability to specify fragments for the ssl
# virtual host defined for a pulp node
# provides the ability to specify fragments for the ssl virtual host defined
# for a pulp node
#
# === Parameters:
# @param ssl_content
# Content of the ssl virtual host fragment
#
# $ssl_content:: content of the ssl virtual host fragment
# @param order
# The relative order compared to other fragments
define pulp::child::fragment(
$ssl_content = undef,
$order = 15,
manifests/child/install.pp
# Pulp Node Install Packages
# @api private
class pulp::child::install (
$packages = ['pulp-katello', 'pulp-nodes-child', 'katello-agent'],
) {
manifests/child/service.pp
# Pulp Node Service
# @api private
class pulp::child::service(
$service = 'goferd',
$ensure = 'running',
manifests/config.pp
# Pulp Master Configuration
# Private class
# @api private
class pulp::config {
file { '/var/lib/pulp/packages':
ensure => directory,
manifests/consumer.pp
#
# == Class: pulp::consumer
#
# Install and configure Pulp consumers
#
# === Parameters:
#
# $ca_path:: Path to use for the CA
# @param ca_path
# Path to use for the CA
#
# $version:: pulp admin package version, it's passed to ensure parameter of package resource
# can be set to specific version number, 'latest', 'present' etc.
# @param version
# pulp admin package version, it's passed to ensure parameter of package
# resource can be set to specific version number, 'latest', 'present' etc.
#
# $enable_puppet:: Install puppet extension. Only available on pulp 2.6 and higher
# @param enable_puppet
# Install puppet extension
#
# $enable_nodes:: Install nodes extension
# @param enable_nodes
# Install nodes extension
#
# $enable_rpm:: Install rpm extension
# @param enable_rpm
# Install rpm extension
#
# $host:: The pulp server hostname
# @param host
# The pulp server hostname
#
# $port:: The port providing the RESTful API
# @param port
# The port providing the RESTful API
#
# $api_prefix:: The REST API prefix.
# @param api_prefix
# The REST API prefix.
#
# $verify_ssl:: Set this to False to configure the client not to verify that the server's SSL cert is signed by
# a trusted authority
# @param verify_ssl
# Set this to False to configure the client not to verify that the server's
# SSL cert is signed by a trusted authority
#
# $rsa_server_pub:: The pulp server public key used for authentication.
# @param rsa_server_pub
# The pulp server public key used for authentication.
#
# $rsa_key:: The RSA private key used for authentication.
# @param rsa_key
# The RSA private key used for authentication.
#
# $rsa_pub:: The RSA public key used for authentication.
# @param rsa_pub
# The RSA public key used for authentication.
#
# $role:: The client role.
# @param role
# The client role.
#
# $extensions_dir:: The location of consumer client extensions.
# @param extensions_dir
# The location of consumer client extensions.
#
# $repo_file:: The location of the YUM repository file managed by pulp.
# @param repo_file
# The location of the YUM repository file managed by pulp.
#
# $mirror_list_dir:: The location of the directory containing YUM mirror list files that are managed by Pulp.
# @param mirror_list_dir
# The location of the directory containing YUM mirror list files that are
# managed by Pulp.
#
# $gpg_keys_dir:: The location of downloaded GPG keys stored by Pulp. The path to the
# keys stored here are referenced by Pulp's YUM repository file.
# @param gpg_keys_dir
# The location of downloaded GPG keys stored by Pulp. The path to the keys
# stored here are referenced by Pulp's YUM repository file.
#
# $cert_dir:: The location of downloaded X.509 certificates stored by Pulp. The path to
# the certificates stored here are referenced by Pulp's YUM repository file.
# @param cert_dir
# The location of downloaded X.509 certificates stored by Pulp. The path to
# the certificates stored here are referenced by Pulp's YUM repository file.
#
# $id_cert_dir:: The location of the directory where the Pulp consumer ID certificate is stored.
# @param id_cert_dir
# The location of the directory where the Pulp consumer ID certificate is stored.
#
# $id_cert_filename:: The name of the file containing the PEM encoded consumer private key and X.509
# certificate. This file is downloaded and stored here during registration.
# @param id_cert_filename
# The name of the file containing the PEM encoded consumer private key and
# X.509 certificate. This file is downloaded and stored here during
# registration.
#
# $reboot_permit:: Permit reboots after package installs if requested.
# @param reboot_permit
# Permit reboots after package installs if requested.
#
# $reboot_delay:: The reboot delay (minutes).
# @param reboot_delay
# The reboot delay (minutes).
#
# $logging_filename:: The location of the consumer client log file.
# @param logging_filename
# The location of the consumer client log file.
#
# $logging_call_log_filename:: If present, the raw REST responses will be logged to the given file.
# @param logging_call_log_filename
# If present, the raw REST responses will be logged to the given file.
#
# $poll_frequency_in_seconds:: Number of seconds between requests for any operation that repeatedly polls
# the server for data.
# @param poll_frequency_in_seconds
# Number of seconds between requests for any operation that repeatedly polls
# the server for data.
#
# $enable_color:: Set this to false to disable all color escape sequences
# @param enable_color
# Set this to false to disable all color escape sequences
#
# $wrap_to_terminal:: If wrap_to_terminal is true, any text wrapping will use the current width of
# the terminal. If false, the value in wrap_width is used.
# @param wrap_to_terminal
# If wrap_to_terminal is true, any text wrapping will use the current width
# of the terminal. If false, the value in wrap_width is used.
#
# $wrap_width:: The number of characters written before wrapping to the next line.
# @param wrap_width
# The number of characters written before wrapping to the next line.
#
# $messaging_scheme:: The broker URL scheme. Either 'tcp' or 'ssl' can be used. The default is 'tcp'.
# @param messaging_scheme
# The broker URL scheme. Either 'tcp' or 'ssl' can be used. The default is 'tcp'.
#
# $messaging_host:: The broker host (default: host defined in [server]).
# @param messaging_host
# The broker host (default: host defined in [server]).
#
# $messaging_port:: The broker port number. The default is 5672.
# @param messaging_port
# The broker port number. The default is 5672.
#
# $messaging_transport:: The AMQP transport name. Valid options are 'qpid' or 'rabbitmq'. The default is 'qpid'.
# @param messaging_transport
# The AMQP transport name. Valid options are 'qpid' or 'rabbitmq'. The
# default is 'qpid'.
#
# $messaging_vhost:: The (optional) broker vhost. This is only valid when using 'rabbitmq' as the messaging_transport.
# @param messaging_vhost
# The (optional) broker vhost. This is only valid when using 'rabbitmq' as
# the messaging_transport.
#
# $messaging_version:: Determines the version of packages related to the 'messaging transport protocol'.
# @param messaging_version
# Determines the version of packages related to the 'messaging transport
# protocol'.
#
# $messaging_cacert:: The (optional) absolute path to a PEM encoded CA certificate to validate the identity of the
# broker.
# @param messaging_cacert
# The (optional) absolute path to a PEM encoded CA certificate to validate
# the identity of the broker.
#
# $messaging_clientcert:: The optional absolute path to PEM encoded key & certificate used to authenticate to the broker
# with. The id_cert_dir and id_cert_filename are used if this is not defined.
# @param messaging_clientcert
# The optional absolute path to PEM encoded key & certificate used to
# authenticate to the broker with. The id_cert_dir and id_cert_filename are
# used if this is not defined.
#
# $profile_minutes:: The interval in minutes for reporting the installed content profiles.
# @param profile_minutes
# The interval in minutes for reporting the installed content profiles.
#
# $package_profile_enabled:: Updates package profile information for a registered consumer on pulp server
# @param package_profile_enabled
# Updates package profile information for a registered consumer on pulp server
#
# $package_profile_verbose:: Set logging level
# @param package_profile_verbose
# Set logging level
#
class pulp::consumer (
String $version = $pulp::consumer::params::version,
manifests/consumer/config.pp
# Pulp Consumer Configuration
# @api private
class pulp::consumer::config {
file { '/etc/pulp/consumer/consumer.conf':
ensure => 'file',
manifests/consumer/install.pp
# Pulp Consumer Install Packages
# @api private
class pulp::consumer::install {
if $pulp::consumer::messaging_transport == 'qpid' {
ensure_packages(['python-gofer-qpid'], {
manifests/consumer/params.pp
# Pulp Consumer Params
# @api private
class pulp::consumer::params {
$version = 'installed'
$enable_puppet = false
manifests/consumer/service.pp
# Pulp Consumer Service Packages
# @api private
class pulp::consumer::service {
service { 'goferd':
ensure => running,
manifests/crane.pp
# == Class: pulp::crane
#
# Install and configure Crane
#
# === Parameters:
# @param debug
# Enable debug logging
#
# $debug:: Enable debug logging
# @param server_name
# The server name on the vhost
#
# $key:: Path to the SSL key for https
# @param key
# Path to the SSL key for https
#
# $cert:: Path to the SSL certificate for https
# @param cert
# Path to the SSL certificate for https
#
# $ca_cert:: Path to the SSL CA cert for https
# @param ca_cert
# Path to the SSL CA cert for https
#
# $ssl_chain:: Path to the SSL chain file for https
# @param ssl_chain
# Path to the SSL chain file for https
#
# $port:: Port for Crane to run on
# @param port
# Port for Crane to run on
#
# $data_dir:: Directory containing docker v1/v2 artifacts published by pulp
# @param data_dir
# Directory containing docker v1/v2 artifacts published by pulp
#
# $data_dir_polling_interval:: The number of seconds between checks for updates to metadata files in the data_dir
# @param data_dir_polling_interval
# The number of seconds between checks for updates to metadata files in the data_dir
#
# $ssl_protocol:: SSLProtocol configuration to use
# @param ssl_protocol
# SSLProtocol configuration to use
class pulp::crane (
Stdlib::Absolutepath $key,
Stdlib::Absolutepath $cert,
manifests/crane/apache.pp
# Sets up Apache for Crane
# @api private
class pulp::crane::apache {
include apache
manifests/crane/config.pp
# Configure Crane
# @api private
class pulp::crane::config {
file { '/etc/crane.conf':
ensure => 'file',
manifests/crane/install.pp
# Install Crane and dependencies
# @api private
class pulp::crane::install {
package{ ['python-crane']:
manifests/database.pp
# Set up the pulp database
# @api private
class pulp::database {
if $pulp::manage_db {
include mongodb::server
manifests/init.pp
# == Class: pulp
#
# Install and configure pulp
#
# === Parameters:
#
# $version:: pulp package version, it's passed to ensure parameter of package resource can be set to
# specific version number, 'latest', 'present' etc.
# @param version
# pulp package version, it's passed to ensure parameter of package resource
# can be set to specific version number, 'latest', 'present' etc.
#
# $crane_debug:: Whether to enable crane debug logging
# @param crane_debug
# Whether to enable crane debug logging
#
# $crane_port:: Port for Crane to run on
# @param crane_port
# Port for Crane to run on
#
# $crane_data_dir:: Directory containing docker v1/v2 artifacts published by pulp
# @param crane_data_dir
# Directory containing docker v1/v2 artifacts published by pulp
#
# $manage_repo:: Whether to manage the pulp repository
# @param manage_repo
# Whether to manage the pulp repository
#
# $oauth_key:: Key to enable OAuth style authentication
# @param oauth_key
# Key to enable OAuth style authentication
#
# $oauth_secret:: Shared secret that can be used for OAuth style authentication
# @param oauth_secret
# Shared secret that can be used for OAuth style authentication
#
# $oauth_enabled:: Controls whether OAuth authentication is enabled
# @param oauth_enabled
# Controls whether OAuth authentication is enabled
#
# $messaging_url:: the url used to contact the broker: <protocol>://<host>:<port>/<virtual-host>
# Supported <protocol> values are 'tcp' or 'ssl' depending on if SSL should be used or not.
# The <virtual-host> is optional, and is only applicable to RabbitMQ broker environments.
# @param messaging_url
# the url used to contact the broker:
# <protocol>://<host>:<port>/<virtual-host> Supported <protocol> values are
# 'tcp' or 'ssl' depending on if SSL should be used or not. The
# <virtual-host> is optional, and is only applicable to RabbitMQ broker
# environments.
#
# $messaging_transport:: The type of broker you are connecting to.
# @param messaging_transport
# The type of broker you are connecting to.
#
# $messaging_ca_cert:: Absolute path to PEM encoded CA certificate file, used by Pulp to validate the identity
# of the broker using SSL.
# @param messaging_ca_cert
# Absolute path to PEM encoded CA certificate file, used by Pulp to validate
# the identity of the broker using SSL.
#
# $messaging_client_cert:: Absolute path to PEM encoded file containing both the private key and certificate Pulp
# should present to the broker to be authenticated by the broker.
# @param messaging_client_cert
# Absolute path to PEM encoded file containing both the private key and
# certificate Pulp should present to the broker to be authenticated by the
# broker.
#
# $messaging_version:: Determines the version of packages related to the 'messaging transport protocol'.
# @param messaging_version
# Determines the version of packages related to the 'messaging transport protocol'.
#
# $broker_url:: A URL to a broker that Celery can use to queue tasks:
# qpid://<username>:<password>@<hostname>:<port>/
# @param broker_url
# A URL to a broker that Celery can use to queue tasks:
# qpid://<username>:<password>@<hostname>:<port>/
#
# $broker_use_ssl:: Whether to require SSL.
# @param broker_use_ssl
# Whether to require SSL.
#
# $tasks_login_method:: Select the SASL login method used to connect to the broker. This should be left unset
# except in special cases such as SSL client certificate authentication.
# @param tasks_login_method
# Select the SASL login method used to connect to the broker. This should be
# left unset except in special cases such as SSL client certificate
# authentication.
#
# $ca_cert:: Full path to the CA certificate that will be used to sign consumer and admin
# identification certificates; this must match the value of SSLCACertificateFile in
# Apache.
# @param ca_cert
# Full path to the CA certificate that will be used to sign consumer and
# admin identification certificates; this must match the value of
# SSLCACertificateFile in Apache.
#
# $ca_key:: Path to the private key for the above CA certificate
# @param ca_key
# Path to the private key for the above CA certificate
#
# $db_name:: Name of the database to use
# @param db_name
# Name of the database to use
#
# $db_seeds:: Comma-separated list of hostname:port of database replica seed hosts
# @param db_seeds
# Comma-separated list of hostname:port of database replica seed hosts
#
# $db_username:: The user name to use for authenticating to the MongoDB server
# @param db_username
# The user name to use for authenticating to the MongoDB server
#
# $db_password:: The password to use for authenticating to the MongoDB server
# @param db_password
# The password to use for authenticating to the MongoDB server
#
# $db_replica_set:: The name of replica set configured in MongoDB, if one is in use
# @param db_replica_set
# The name of replica set configured in MongoDB, if one is in use
#
# $db_ssl:: Whether to connect to the database server using SSL.
# @param db_ssl
# Whether to connect to the database server using SSL.
#
# $db_ssl_keyfile:: A path to the private keyfile used to identify the local connection against mongod. If
# included with the certfile then only the ssl_certfile is needed.
# @param db_ssl_keyfile
# A path to the private keyfile used to identify the local connection
# against mongod. If included with the certfile then only the ssl_certfile
# is needed.
#
# $db_ssl_certfile:: The certificate file used to identify the local connection against mongod.
# @param db_ssl_certfile
# The certificate file used to identify the local connection against mongod.
#
# $db_verify_ssl:: Specifies whether a certificate is required from the other side of the connection, and
# whether it will be validated if provided. If it is true, then the ca_certs parameter
# must point to a file of CA certificates used to validate the connection.
# @param db_verify_ssl
# Specifies whether a certificate is required from the other side of the
# connection, and whether it will be validated if provided. If it is true,
# then the ca_certs parameter must point to a file of CA certificates used
# to validate the connection.
#
# $db_ca_path:: The ca_certs file contains a set of concatenated "certification authority" certificates,
# which are used to validate certificates passed from the other end of the connection.
# @param db_ca_path
# The ca_certs file contains a set of concatenated "certification authority"
# certificates, which are used to validate certificates passed from the
# other end of the connection.
#
# $db_unsafe_autoretry:: If true, retry commands to the database if there is a connection error.
# Warning: if set to true, this setting can result in duplicate records.
# @param db_unsafe_autoretry
# If true, retry commands to the database if there is a connection error.
# Warning: if set to true, this setting can result in duplicate records.
#
# $db_write_concern:: Write concern of 'majority' or 'all'. When 'all' is specified, 'w' is set to number of
# seeds specified. For version of MongoDB < 2.6, replica_set must also be specified.
# Please note that 'all' will cause Pulp to halt if any of the replica set members is not
# available. 'majority' is used by default
# @param db_write_concern
# Write concern of 'majority' or 'all'. When 'all' is specified, 'w' is set
# to number of seeds specified. For version of MongoDB < 2.6, replica_set
# must also be specified. Please note that 'all' will cause Pulp to halt if
# any of the replica set members is not available. 'majority' is used by
# default
#
# $server_name:: Hostname the admin client and consumers should use when accessing the server
# @param server_name
# Hostname the admin client and consumers should use when accessing the server
#
# $key_url:: Path within the URL to use for GPG keys
# @param key_url
# Path within the URL to use for GPG keys
#
# $ks_url:: Path within the URL to use for kickstart trees
# @param ks_url
# Path within the URL to use for kickstart trees
#
# $debugging_mode:: Whether to enable Pulp's debugging capabilities
# @param debugging_mode
# Whether to enable Pulp's debugging capabilities
#
# $log_level:: The desired logging level. Options are: CRITICAL, ERROR, WARNING, INFO, DEBUG, and
# NOTSET.
# @param log_level
# The desired logging level.
#
# $log_type:: The desired logging type: Options are: syslog, console
# @param log_type
# The desired logging type: Options are: syslog, console
#
# $server_working_directory:: Path to where pulp workers can create working directories needed to complete tasks
# @param server_working_directory
# Path to where pulp workers can create working directories needed to complete tasks
#
# $rsa_key:: The RSA private key used for authentication.
# @param rsa_key
# The RSA private key used for authentication.
#
# $rsa_pub:: The RSA public key used for authentication.
# @param rsa_pub
# The RSA public key used for authentication.
#
# $https_cert:: Apache public certificate for ssl
# @param https_cert
# Apache public certificate for ssl
#
# $https_key:: Apache private certificate for ssl
# @param https_key
# Apache private certificate for ssl
#
# $https_chain:: apache chain file for ssl
# @param https_chain
# apache chain file for ssl
#
# $ssl_username:: Value to use for SSLUsername directive in apache vhost. Defaults to SSL_CLIENT_S_DN_CN.
# Set an empty string or false to unset directive.
# @param ssl_username
# Value to use for SSLUsername directive in apache vhost. Defaults to
# SSL_CLIENT_S_DN_CN. Set an empty string or false to unset directive.
#
# $consumers_crl:: Certificate revocation list for consumers which are no valid (have had their client
# certs revoked)
# @param consumers_crl
# Certificate revocation list for consumers which are no valid (have had
# their client certs revoked)
#
# $user_cert_expiration:: Number of days a user certificate is valid
# @param user_cert_expiration
# Number of days a user certificate is valid
#
# $default_login:: Default admin username of the Pulp server; this user will be the first time the server
# is started
# @param default_login
# Default admin username of the Pulp server; this user will be the first
# time the server is started
#
# $default_password:: Default password for admin when it is first created; this should be changed once the
# server is operational
# @param default_password
# Default password for admin when it is first created; this should be
# changed once the server is operational
#
# $repo_auth:: Whether to determine whether repos managed by pulp will require authentication.
# @param repo_auth
# Whether to determine whether repos managed by pulp will require authentication.
#
# $consumer_cert_expiration:: Number of days a consumer certificate is valid
# @param consumer_cert_expiration
# Number of days a consumer certificate is valid
#
# $disabled_authenticators:: List of repo authenticators to disable.
# @param disabled_authenticators
# List of repo authenticators to disable.
#
# $additional_wsgi_scripts:: Hash of additional paths and WSGI script locations for Pulp vhost
# @param additional_wsgi_scripts
# Hash of additional paths and WSGI script locations for Pulp vhost
#
# $reset_cache:: Whether to force a cache flush. Not recommend in a regular puppet environment.
# @param reset_cache
# Whether to force a cache flush. Not recommend in a regular puppet environment.
#
# $ssl_verify_client:: Enforce use of SSL authentication for yum repos access
# @param ssl_verify_client
# Enforce use of SSL authentication for yum repos access
#
# $ssl_protocol:: Versions of the SSL/TLS protocol will be accepted in new connections
# @param ssl_protocol
# Versions of the SSL/TLS protocol will be accepted in new connections
#
# $serial_number_path:: Path to the serial number file
# @param serial_number_path
# Path to the serial number file
#
# $consumer_history_lifetime:: number of days to store consumer events; events older
# than this will be purged; set to -1 to disable
# @param consumer_history_lifetime
# number of days to store consumer events; events older than this will be
# purged; set to -1 to disable
#
# $messaging_url:: the url used to contact the broker: <protocol>://<host>:<port>/<virtual-host>
# Supported <protocol> values are 'tcp' or 'ssl' depending on if SSL should be used or not.
# The <virtual-host> is optional, and is only applicable to RabbitMQ broker environments.
# @param messaging_url
# the url used to contact the broker:
# <protocol>://<host>:<port>/<virtual-host> Supported <protocol> values are
# 'tcp' or 'ssl' depending on if SSL should be used or not. The
# <virtual-host> is optional, and is only applicable to RabbitMQ broker
# environments.
#
# $messaging_auth_enabled:: Whether to enable message authentication.
# @param messaging_auth_enabled
# Whether to enable message authentication.
#
# $messaging_topic_exchange:: The name of the exchange to use. The exchange must be a topic exchange. The
# default 'amq.topic' is a default exchange that is guaranteed to exist on a Qpid broker.
# @param messaging_topic_exchange
# The name of the exchange to use. The exchange must be a topic exchange.
# The default 'amq.topic' is a default exchange that is guaranteed to exist
# on a Qpid broker.
#
# $messaging_event_notifications_enabled:: Whether to enable Pulp event notfications on the message bus.
# @param messaging_event_notifications_enabled
# Whether to enable Pulp event notfications on the message bus.
#
# $messaging_event_notification_url:: The AMQP URL for event notifications.
# @param messaging_event_notification_url
# The AMQP URL for event notifications.
#
# $email_host:: Hostname of the MTA pulp should relay through
# @param email_host
# Hostname of the MTA pulp should relay through
#
# $email_port:: Port of the MTA relay
# @param email_port
# Port of the MTA relay
#
# $email_from:: The "From" address of each email the system sends
# @param email_from
# The "From" address of each email the system sends
#
# $email_enabled:: Whether emails will be sent
# @param email_enabled
# Whether emails will be sent
#
# $manage_squid:: Whether the Squid configuration is managed. This is used by Pulp Streamer.
# Requires the squid module.
# @param manage_squid
# Whether the Squid configuration is managed. This is used by Pulp Streamer.
# Requires the squid module.
#
# $lazy_redirect_host:: The host FQDN or IP to which requests are redirected.
# @param lazy_redirect_host
# The host FQDN or IP to which requests are redirected.
#
# $lazy_redirect_port:: The TCP port to which requests are redirected
# @param lazy_redirect_port
# The TCP port to which requests are redirected
#
# $lazy_redirect_path:: The base path to which requests are redirected
# @param lazy_redirect_path
# The base path to which requests are redirected
#
# $lazy_https_retrieval:: controls whether Pulp uses HTTPS or HTTP to retrieve content from the streamer.
# WARNING: Setting this to 'false' is not safe if you wish to use Pulp to provide
# repository entitlement enforcement. It is strongly recommended to keep this set to
# 'true' and use certificates that are signed by a trusted authority on the web server
# that serves as the streamer reverse proxy.
# @param lazy_https_retrieval
# Controls whether Pulp uses HTTPS or HTTP to retrieve content from the streamer.
# WARNING: Setting this to 'false' is not safe if you wish to use Pulp to
# provide repository entitlement enforcement. It is strongly recommended to
# keep this set to 'true' and use certificates that are signed by a trusted
# authority on the web server that serves as the streamer reverse proxy.
#
# $lazy_download_interval:: The interval in minutes between checks for content cached by the Squid proxy.
# @param lazy_download_interval
# The interval in minutes between checks for content cached by the Squid proxy.
#
# $lazy_download_concurrency:: The number of downloads to perform concurrently when downloading content from the Squid
# cache.
# @param lazy_download_concurrency
# The number of downloads to perform concurrently when downloading content
# from the Squid cache.
#
# $proxy_url:: URL of the proxy server
# @param proxy_url
# URL of the proxy server
#
# $proxy_port:: Port the proxy is running on
# @param proxy_port
# Port the proxy is running on
#
# $proxy_username:: Proxy username for authentication
# @param proxy_username
# Proxy username for authentication
#
# $proxy_password:: Proxy password for authentication
# @param proxy_password
# Proxy password for authentication
#
# $yum_max_speed:: The maximum download speed for RPM & ISO Pulp tasks, such as a sync. (e.g. "4 kb" or "1 Gb")
# @param yum_max_speed
# The maximum download speed for RPM & ISO Pulp tasks, such as a sync. (e.g.
# "4 kb" or "1 Gb")
#
# $yum_gpg_sign_repo_metadata:: Whether yum repo metadata GPG signing will be enabled
# @param yum_gpg_sign_repo_metadata
# Whether yum repo metadata GPG signing will be enabled
#
# $num_workers:: Number of Pulp workers to use.
# @param num_workers
# Number of Pulp workers to use.
#
# $enable_admin:: Whether to install and configure the admin command
# @param enable_admin
# Whether to install and configure the admin command
#
# $enable_katello:: Whether to enable pulp katello plugin.
# @param enable_katello
# Whether to enable pulp katello plugin.
#
# $enable_crane:: Whether to enable crane docker repository
# @param enable_crane
# Whether to enable crane docker repository
#
# $max_tasks_per_child:: Number of tasks after which the worker is restarted and the memory it allocated is
# returned to the system
# @param max_tasks_per_child
# Number of tasks after which the worker is restarted and the memory it
# allocated is returned to the system
#
# $enable_rpm:: Whether to enable rpm plugin.
# @param enable_rpm
# Whether to enable rpm plugin.
#
# $enable_deb:: Whether to enable deb plugin.
# @param enable_deb
# Whether to enable deb plugin.
#
# $enable_iso:: Whether to enable iso plugin.
# @param enable_iso
# Whether to enable iso plugin.
#
# $enable_docker:: Whether to enable docker plugin.
# @param enable_docker
# Whether to enable docker plugin.
#
# $enable_puppet:: Whether to enable puppet plugin.
# @param enable_puppet
# Whether to enable puppet plugin.
#
# $enable_python:: Whether to enable python plugin.
# @param enable_python
# Whether to enable python plugin.
#
# $enable_ostree:: Whether to enable ostree plugin.
# @param enable_ostree
# Whether to enable ostree plugin.
#
# $enable_parent_node:: Whether to enable pulp parent nodes.
# @param enable_parent_node
# Whether to enable pulp parent nodes.
#
# $enable_http:: Whether to enable http access to deb/rpm repos.
# @param enable_http
# Whether to enable http access to deb/rpm repos.
#
# $http_port:: HTTP port Apache will listen
# @param http_port
# HTTP port Apache will listen
#
# $https_port:: HTTPS port Apache will listen
# @param https_port
# HTTPS port Apache will listen
#
# $manage_httpd:: Whether to install and configure the httpd server.
# @param manage_httpd
# Whether to install and configure the httpd server.
#
# $manage_plugins_httpd:: Whether to install the enabled pulp plugins apache configs even if $manage_httpd is
# false.
# @param manage_plugins_httpd
# Whether to install the enabled pulp plugins apache configs even if
# $manage_httpd is false.
#
# $manage_broker:: Whether install and configure the qpid or rabbitmq broker.
# @param manage_broker
# Whether install and configure the qpid or rabbitmq broker.
#
# $manage_db:: Boolean to install and configure the mongodb.
# @param manage_db
# Boolean to install and configure the mongodb.
#
# $node_certificate:: The absolute path to the node SSL certificate
# @param node_certificate
# The absolute path to the node SSL certificate
#
# $node_verify_ssl:: Whether to verify node SSL
# @param node_verify_ssl
# Whether to verify node SSL
#
# $node_server_ca_cert:: Server cert for pulp node
# @param node_server_ca_cert
# Server cert for pulp node
#
# $node_oauth_effective_user:: Effective user for node OAuth
# @param node_oauth_effective_user
# Effective user for node OAuth
#
# $node_oauth_key:: The oauth key used to authenticate to the parent node
# @param node_oauth_key
# The oauth key used to authenticate to the parent node
#
# $node_oauth_secret:: The oauth secret used to authenticate to the parent node
# @param node_oauth_secret
# The oauth secret used to authenticate to the parent node
#
# $max_keep_alive:: Configuration value for apache MaxKeepAliveRequests
# @param max_keep_alive
# Configuration value for apache MaxKeepAliveRequests
#
# $wsgi_processes:: Number of WSGI processes to spawn for pulp itself
# @param wsgi_processes
# Number of WSGI processes to spawn for pulp itself
#
# $wsgi_max_requests:: Maximum number of requests for each wsgi worker to process before
# shutting down and restarting, useful to combat memory leaks.
# @param wsgi_max_requests
# Maximum number of requests for each wsgi worker to process before shutting
# down and restarting, useful to combat memory leaks.
#
# $puppet_wsgi_processes:: Number of WSGI processes to spawn for the puppet webapp
# @param puppet_wsgi_processes
# Number of WSGI processes to spawn for the puppet webapp
#
# $migrate_db_timeout:: Change the timeout for pulp-manage-db
# @param migrate_db_timeout
# Change the timeout for pulp-manage-db
#
# $show_conf_diff:: Allow showing diff for changes in server.conf and importer.json;
# Warning: may display and log passwords contained in these files.
# @param show_conf_diff
# Allow showing diff for changes in server.conf and importer.json.
# Warning: may display and log passwords contained in these files.
#
# $enable_profiling:: Turns on cProfiling of tasks in Pulp
# @param enable_profiling
# Turns on cProfiling of tasks in Pulp
#
# $profiling_directory:: Directory to store task profiling data in
# @param profiling_directory
# Directory to store task profiling data in
#
# $ldap_url:: URL to use for LDAP authentication. Defaults
# to undef (internal authentication is used)
# @param ldap_url
# URL to use for LDAP authentication. Defaults to undef (internal
# authentication is used)
#
# $ldap_bind_dn:: LDAP Bind DN
# @param ldap_bind_dn
# LDAP Bind DN
#
# $ldap_bind_password:: LDAP Password
# @param ldap_bind_password
# LDAP Password
#
# $ldap_remote_user_attribute:: LDAP Remote User Attribute. Defaults to 'sAMAccountName'
# @param ldap_remote_user_attribute
# LDAP Remote User Attribute. Defaults to 'sAMAccountName'
#
# $worker_timeout:: The amount of time (in seconds) before considering a worker as missing. If Pulp's
# mongo database has slow I/O, then setting a higher number may resolve issues where workers are
# going missing incorrectly. Defaults to 30.
# @param worker_timeout
# The amount of time (in seconds) before considering a worker as missing. If
# Pulp's mongo database has slow I/O, then setting a higher number may
# resolve issues where workers are going missing incorrectly. Defaults to 30.
#
class pulp (
String $version = $pulp::params::version,
manifests/install.pp
# Pulp Installation Packages
# Private class
# @api private
class pulp::install {
package { ['pulp-server', 'pulp-selinux', 'python-pulp-streamer']: ensure => $pulp::version, }
manifests/params.pp
# Pulp Master Params
# Private class
# @api private
class pulp::params {
$version = 'installed'
manifests/repo/upstream.pp
# Create the yum repo definition for the upstream repository
# @api private
class pulp::repo::upstream(
$version = 2,
) {
manifests/service.pp
# Pulp Master Service
# @api private
class pulp::service {
exec { 'pulp refresh system service':
command => '/bin/systemctl daemon-reload',
manifests/squid.pp
# The class to manage squid. This is used by pulp streamer.
# @api private
class pulp::squid(
Stdlib::Port $port = 3128,
Stdlib::Host $streamer_host = '127.0.0.1',

Also available in: Unified diff