diff options
| author | Micah Anderson <micah@riseup.net> | 2007-10-12 16:14:11 +0000 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2007-10-12 16:14:11 +0000 |
| commit | 284b50a1d07310c8c10f1c1f953d1e979762c476 (patch) | |
| tree | 3974da499c584648e3aefbb8be13270f3d90ff93 | |
| download | puppet-virtual-284b50a1d07310c8c10f1c1f953d1e979762c476.tar.gz puppet-virtual-284b50a1d07310c8c10f1c1f953d1e979762c476.tar.bz2 | |
add the virtual module
| -rw-r--r-- | README | 61 | ||||
| -rwxr-xr-x | files/build_vserver | 32 | ||||
| -rw-r--r-- | files/munin/xen_mem | 77 | ||||
| -rw-r--r-- | files/munin/xen_vm | 67 | ||||
| -rw-r--r-- | manifests/init.pp | 9 | ||||
| -rw-r--r-- | manifests/vserver.pp | 194 | ||||
| -rw-r--r-- | manifests/xen.pp | 38 | ||||
| -rw-r--r-- | plugins/facter/virtual.rb | 39 | ||||
| -rw-r--r-- | plugins/facter/vserver.rb | 29 |
9 files changed, 546 insertions, 0 deletions
@@ -0,0 +1,61 @@ +Overview +======== + +Virtualisation technologies have to be taken into account when configuring +systems to enable optimal performance and minimal resource consumption. This +module enables detection of virtualisation technologies and brings along +classes to react to specific implementations. + +See http://reductivelabs.com/trac/puppet/wiki/VirtualRecipe for details about +this module. + +Technology detection +-------------------- + +The "virtual" fact can take these values: + + * physical: no virtualisation technologies + * vmware: a VMware guest + * vmware_server: a VMware host + * xen0: dom0, the priviledged XEN Management Domain + * xenu: domU, a XEN guest + +VServer +------- + +The Linux-VServer project maintains a lightweight isolation container as patch +to current Linux kernels at http://www.linux-vserver.org/ . + +The vserver fact can detect vserver "host" and "guest" status. + +This module provides classes and defines for managing vserver guests in vserver.pp + + +XEN +--- + +For details see http://www.xensource.org/ + +Beyond detection, this module currently only brings along the class +munin::plugins::xen to install the xen_mem and xen_vm munin plugins. + +VServer Types +============= + +On all vserver hosts, the class vserver::host should be installed. This brings +along the infrastructure and files for the guest configuration types. + + + + + +TODO +==== + +Split xen and vserver specific functionality into separate modules? + +Add XEN guest configuration and initialisation. + +Detect XEN HVM container for fact::virtual. + +Collect various VServer and XEN bits from dbp and integrate here. diff --git a/files/build_vserver b/files/build_vserver new file mode 100755 index 0000000..bf4b949 --- /dev/null +++ b/files/build_vserver @@ -0,0 +1,32 @@ +#!/bin/bash + +NAME=$1 +DOMAIN=$2 + +# create basic vserver +vserver $NAME build -m debootstrap -- -d etch -m http://ftp.at.debian.org/debian + +# default settings +echo $NAME >/etc/vservers/$NAME/uts/nodename + +# copy in some some defaults +TARGET=/etc/vservers/$NAME/vdir/ + +cp /etc/apt/{preferences,sources.list} $TARGET/etc/apt/ + +# this is needed so puppet can find the puppetmaster and creates the right +# certificate +grep -v $NAME /etc/hosts > $TARGET/etc/hosts +echo "127.0.0.1 $NAME.$DOMAIN $NAME" >> $TARGET/etc/hosts +mkdir -p $TARGET/var/lib/puppet/modules/dbp +cp /var/lib/puppet/modules/dbp/puppet_current.deb $TARGET/var/lib/puppet/modules/dbp/ + +# Setup is complete, now do the post-install stuff +vserver $NAME start +vserver $NAME exec dselect update +# install a few packages needed for facter +vserver $NAME exec apt-get -y install lsb-release iproute +vserver $NAME exec dpkg --install var/lib/puppet/modules/dbp/puppet_current.deb +vserver $NAME exec apt-get -fy install + +echo "Please sign now: puppetca --sign $NAME.$DOMAIN" >&2 diff --git a/files/munin/xen_mem b/files/munin/xen_mem new file mode 100644 index 0000000..5e985a5 --- /dev/null +++ b/files/munin/xen_mem @@ -0,0 +1,77 @@ +#!/bin/sh +# +# Copyright (C) 2006 Rodolphe Quiedeville <rodolphe@quiedeville.org> +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; version 2 dated June, +# 1991. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# +# Script to monitor affected memory by domain +# +# $Log$ +# Revision 1.0 2006/09/08 19:20:19 rodo +# Created by Rodolphe Quiedeville +# +# Need to be run as root, add the following lines ... +# +# [xen*] +# user root +# +# to /etc/munin/plugin-conf.d/munin-node +# +# +# Parameters understood: +# +# config (required) +# autoconf (optional - used by munin-config) +# +# +# Magic markers (optional - used by munin-config and installation +# scripts): +# +#%# family=auto +#%# capabilities=autoconf + +XM="/usr/sbin/xm" + +if [ "$1" = "autoconf" ]; then + echo yes + exit 0 +fi + +if [ "$1" = "config" ]; then + + echo 'graph_title Xen affected memory' + echo 'graph_args --base 1024 --upper-limit 1024 -l 0' + echo 'graph_vlabel Memory' + echo 'graph_category xen' + echo 'graph_total Total' + echo 'graph_info This graph shows affected memory for each domain.' + echo 'Domain_0.label Domain-0' + echo 'Domain_0.draw AREA' +$XM list | grep -v 'Mem' | grep -v 'Domain-0' | while read i; do + name=`echo $i | awk '{ print $1 }' | sed 's/[\/.-]/_/g'` + echo -n "$name.label " + echo $i | awk '{ print $1 }' + echo "$name.draw STACK" +done + + exit 0 +fi + +$XM list | grep -v 'Mem' | while read i; do + name=`echo $i | awk '{ print $1 }' | sed 's/[\/.-]/_/g'` + echo -n "$name.value " + echo $i | awk '{ print $3 * 1024 * 1024 }' +done diff --git a/files/munin/xen_vm b/files/munin/xen_vm new file mode 100644 index 0000000..a0dc0b7 --- /dev/null +++ b/files/munin/xen_vm @@ -0,0 +1,67 @@ +#!/bin/sh +# +# Copyright (C) 2006 Rodolphe Quiedeville <rodolphe@quiedeville.org> +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; version 2 dated June, +# 1991. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# +# Monitor number of vm running on a xen dom0. +# +# $Log$ +# Revision 1.0 2006/09/08 19:20:19 rodo +# Created by Rodolphe Quiedeville +# +# Need to be run as root, add the following lines ... +# +# [xen*] +# user root +# +# to /etc/munin/plugin-conf.d/munin-node +# +# +# Parameters understood: +# +# config (required) +# autoconf (optional - used by munin-config) +# +# +# Magic markers (optional - used by munin-config and installation +# scripts): +# +#%# family=auto +#%# capabilities=autoconf + +XM="/usr/sbin/xm" + +if [ "$1" = "autoconf" ]; then + echo yes + exit 0 +fi + +if [ "$1" = "config" ]; then + + echo 'graph_title Xen Virtual Machines' + echo 'graph_args --base 1000 -l 0' + echo 'graph_vlabel vm' + echo 'graph_category xen' + echo 'graph_info This graph shows how many virtual machines runs on dom0.' + echo 'domains.label vm' + exit 0 +fi + +domains=`$XM list | wc -l` + +echo -n "domains.value " +echo $(($domains-2)) diff --git a/manifests/init.pp b/manifests/init.pp new file mode 100644 index 0000000..ff2df80 --- /dev/null +++ b/manifests/init.pp @@ -0,0 +1,9 @@ +# virtual/init.pp -- miscellaneous stuff for virtual hosts and guests +# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> +# See LICENSE for the full license granted to you. +# Based on the work of abnormaliti on http://reductivelabs.com/trac/puppet/wiki/VirtualRecipe + +modules_dir{ "virtual": } + +import "vserver.pp" +import "xen.pp" diff --git a/manifests/vserver.pp b/manifests/vserver.pp new file mode 100644 index 0000000..42c1fdf --- /dev/null +++ b/manifests/vserver.pp @@ -0,0 +1,194 @@ +# virtual/vserver.pp -- manage vserver specifica +# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> +# See LICENSE for the full license granted to you. + +modules_dir{ "virtual/contexts": } + +class vserver::host { + + package { [ 'util-vserver', debootstrap ]: ensure => installed, } + + file { + "/usr/local/bin/build_vserver": + source => "puppet://$servername/virtual/build_vserver", + mode => 0755, owner => root, group => root, + require => [ Package['util-vserver'], Package[debootstrap], + # this comes from dbp module and is the most current puppet deb + File["/var/lib/puppet/modules/dbp/puppet_current.deb"] ]; + "/etc/vservers/local-interfaces/": + ensure => directory, + mode => 0755, owner => root, group => root; + } + +} + +define vs_create($in_domain, $legacy = false) { + $vs_name = $legacy ? { true => $name, false => $in_domain ? { '' => $name, default => "${name}.${in_domain}" } } + + case $vs_name { '': { fail ( "Cannot create VServer with empty name" ) } } + + case $legacy { + true: { + exec { "/usr/local/bin/build_vserver \"${vs_name}\" \"${in_domain}\"": + creates => "/etc/vservers/${vs_name}", + require => File["/usr/local/bin/build_vserver"], + alias => "vs_create_${vs_name}" + } + } + false: { + exec { "/usr/local/bin/build_vserver \"${vs_name}\" \"\"": + creates => "/etc/vservers/${vs_name}", + require => File["/usr/local/bin/build_vserver"], + alias => "vs_create_${vs_name}" + } + } + } +} + + +# ensure: present, stopped, running +define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false) { + case $in_domain { '': {} + default: { err("${fqdn}: vserver ${name} uses deprecated \$in_domain" ) } + } + $vs_name = $legacy ? { true => $name, false => $in_domain ? { '' => $name, default => "${name}.${in_domain}" } } + $if_dir = "/etc/vservers/${vs_name}/interfaces/" + $mark_file = "/etc/vservers/${vs_name}/apps/init/mark" + + case $vs_name { '': { fail ( "Cannot create VServer with empty name" ) } } + + # TODO: wasn't there a syntax for using arrays as case selectors?? + case $ensure { + present: { vs_create{$name: in_domain => $in_domain, legacy => $legacy, } } + running: { vs_create{$name: in_domain => $in_domain, legacy => $legacy, } } + stopped: { vs_create{$name: in_domain => $in_domain, legacy => $legacy, } } + default: { err("${fqdn}: vserver(${vs_name}): unknown ensure '${ensure}'") } + } + + file { + $if_dir: + ensure => directory, checksum => mtime, + require => Exec["vs_create_${vs_name}"]; + } + + config_file { + "/etc/vservers/${vs_name}/context": + content => "${context}\n", + notify => Exec["vs_restart_${vs_name}"], + require => Exec["vs_create_${vs_name}"]; + # create illegal configuration, when two vservers have the same context + # number + "/var/lib/puppet/modules/virtual/contexts/${context}": + content => "\n"; + "/etc/vservers/${vs_name}/uts/nodename": + content => "${vs_name}\n", + notify => Exec["vs_restart_${vs_name}"], + require => Exec["vs_create_${vs_name}"]; + "/etc/vservers/${vs_name}/name": + content => "${vs_name}\n", + # Changing this needs no restart + # notify => Exec["vs_restart_${vs_name}"], + require => Exec["vs_create_${vs_name}"]; + } + + case $ensure { + stopped: { + exec { "vserver ${vs_name} stop": + onlyif => "test -e \$(readlink -f /etc/vservers/${vs_name}/run || echo /doesntexist )", + require => Exec["vs_create_${vs_name}"], + # fake the restart exec in the stopped case, so the dependencies are fulfilled + alias => "vs_restart_${vs_name}", + } + file { $mark_file: ensure => absent, } + } + running: { + exec { "vserver ${vs_name} start": + unless => "test -e \$(readlink -f /etc/vservers/${vs_name}/run)", + require => Exec["vs_create_${vs_name}"], + } + + exec { "vserver ${vs_name} restart": + refreshonly => true, + require => Exec["vs_create_${vs_name}"], + alias => "vs_restart_${vs_name}", + subscribe => File[$if_dir], + } + + case $mark { + '': { + err("${fqdn}: vserver ${vs_name} set to running, but won't be started on reboot without mark!") + file { $mark_file: ensure => absent, } + } + default: { + config_file { "/etc/vservers/${vs_name}/apps/init/mark": + content => "${mark}\n", + require => Exec["vs_create_${vs_name}"], + } + } + } + } + } + +} + +# Changeing stuff with this define won't do much good, since it relies on +# restarting the vservers to do the work, which won't clean up orphaned +# interfaces +define vs_interface($prefix = 24, $dev = '') { + + file { + "/etc/vservers/local-interfaces/${name}/": + ensure => directory, + mode => 0755, owner => root, group => root; + "/etc/vservers/local-interfaces/${name}/ip": + content => "${name}\n", + mode => 0644, owner => root, group => root; + "/etc/vservers/local-interfaces/${name}/prefix": + content => "${prefix}\n", + mode => 0644, owner => root, group => root; + } + + case $dev { + '': { + file { + "/etc/vservers/local-interfaces/${name}/nodev": + ensure => present, + mode => 0644, owner => root, group => root; + "/etc/vservers/local-interfaces/${name}/dev": + ensure => absent; + } + } + default: { + config_file { "/etc/vservers/local-interfaces/${name}/dev": content => $dev, } + file { "/etc/vservers/local-interfaces/${name}/nodev": ensure => absent, } + } + } +} + +define vs_ip($vserver, $ip, $ensure) { + err("$fqdn is using deprecated vs_ip instead of vs_ip_binding for $name") + vs_ip_binding { $name: vserver => $vserver, ip => $ip, ensure => $ensure } +} + +define vs_ip_binding($vserver, $ip, $ensure) { + case $ensure { + connected: { + file { "/etc/vservers/${vserver}/interfaces/${name}": + ensure => "/etc/vservers/local-interfaces/${ip}/", + require => [ File["/etc/vservers/local-interfaces/${ip}/"], Exec["vs_create_${vserver}"] ], + notify => Exec["vs_restart_${vserver}"], + } + } + disconnected: { + file { "/etc/vservers/${vserver}/interfaces/${name}": + ensure => absent, + # TODO: fix message: + # warning: //ic/vs_ip[mailman_00]/File[/etc/vservers/mailman/interfaces/mailman_00]: Exec[vserver mailman restart] still depend on me -- not deleting + # notify => Exec["vs_restart_${vserver}"], + } + } + default: { + err( "${fqdn}: vs_ip: ${vserver} -> ${ip}: unknown ensure: '${ensure}'" ) + } + } +} diff --git a/manifests/xen.pp b/manifests/xen.pp new file mode 100644 index 0000000..afaa59c --- /dev/null +++ b/manifests/xen.pp @@ -0,0 +1,38 @@ +# virtual/xen.pp -- XEN specifica +# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> +# See LICENSE for the full license granted to you. + +class munin::plugins::xen { + munin::remoteplugin { + xen_mem: + source => "puppet://$servername/virtual/munin/xen_mem", + config => "user root"; + xen_vm: + source => "puppet://$servername/virtual/munin/xen_vm", + config => "user root"; + } +} + +class xen::domain { + # install the special libc and parameters to enable it + $xen_ensure = $virtual ? { + 'xen0' => present, + 'xenu' => present, + default => 'absent' + } + + case $ensure { + 'absent': { err("xen::domain configured, but not detected") } + } + + package { libc6-xen: + ensure => $xen_ensure, + } + + config_file { + "/etc/ld.so.conf.d/nosegneg.conf": + ensure => $xen_ensure, + content => "hwcap 0 nosegneg\n", + } + +} diff --git a/plugins/facter/virtual.rb b/plugins/facter/virtual.rb new file mode 100644 index 0000000..e649345 --- /dev/null +++ b/plugins/facter/virtual.rb @@ -0,0 +1,39 @@ +# Copied from http://reductivelabs.com/trac/puppet/wiki/VirtualRecipe?version=6 +# Authored by abnormaliti with contributions by daniel@nsp.co.nz and mwr + +# This defines the fact "virtual" with the possible values of "physical", +# "vmware", "vmware_server", "xenu", or "xen0" + +Facter.add("virtual") do + confine :kernel => :linux + + ENV["PATH"]="/bin:/sbin:/usr/bin:/usr/sbin" + + result = "physical" + + setcode do + + lspciexists = system "which lspci >&/dev/null" + if $?.exitstatus == 0 + output = %x{lspci} + output.each {|p| + # --- look for the vmware video card to determine if it is virtual => vmware. + # --- 00:0f.0 VGA compatible controller: VMware Inc [VMware SVGA II] PCI Display Adapter + result = "vmware" if p =~ /VMware/ + } + end + + # VMware server 1.0.3 rpm places vmware-vmx in this place, other versions or platforms may not. + if FileTest.exists?("/usr/lib/vmware/bin/vmware-vmx") + result = "vmware_server" + end + + if FileTest.exists?("/proc/xen/capabilities") and File.read("/proc/xen/capabilities") =~ /control_d/i + result = "xen0" + elsif FileTest.exists?("/proc/sys/xen/independent_wallclock") + result = "xenu" + end + result + end +end + diff --git a/plugins/facter/vserver.rb b/plugins/facter/vserver.rb new file mode 100644 index 0000000..bd8218d --- /dev/null +++ b/plugins/facter/vserver.rb @@ -0,0 +1,29 @@ +# vserver.rb -- linux-vserver.org related facts +# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> +# See LICENSE for the full license granted to you. +# Based on abnormaliti's "virtual" fact from +# http://reductivelabs.com/trac/puppet/wiki/VirtualRecipe + +# This defines the fact "vserver" with the possible values of "none", "guest", +# or "host" + +Facter.add("vserver") do + confine :kernel => :linux + + ENV["PATH"]="/bin:/sbin:/usr/bin:/usr/sbin" + + result = "none" + + setcode do + if FileTest.directory?('/proc/virtual') + result = "host" + elsif ! FileTest.directory?('/proc/2') + # gross hack: PID 2 is usually a + # kernel thread, which doesn't existin vserver + result = "guest" + end + + result + end +end + |