From 02d4abf414ba88d16ce15af7b9751771da646c2b Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 23 Nov 2021 17:01:44 +0100 Subject: [PATCH 01/37] first round of refactor and reorganization of the module --- manifests/component/actionrunner.pp | 85 ++++ manifests/component/api.pp | 75 ++++ manifests/component/auth.pp | 81 ++++ manifests/{profile => component}/chatops.pp | 4 +- manifests/component/garbagecollector.pp | 49 +++ manifests/{ => component}/notifier.pp | 4 +- manifests/{ => component}/rulesengine.pp | 4 +- manifests/{ => component}/scheduler.pp | 6 +- manifests/component/sensorcontainer.pp | 69 +++ manifests/component/stream.pp | 49 +++ manifests/{ => component}/timersengine.pp | 6 +- manifests/{profile => component}/web.pp | 10 +- manifests/{ => component}/workflowengine.pp | 4 +- manifests/config/common.pp | 194 +++++++++ manifests/config/coordination.pp | 30 ++ manifests/config/db.pp | 64 +++ manifests/config/messaging.pp | 36 ++ manifests/{profile => dependency}/facter.pp | 4 +- manifests/{profile => dependency}/mongodb.pp | 6 +- manifests/{profile => dependency}/nginx.pp | 6 +- manifests/{profile => dependency}/nodejs.pp | 6 +- manifests/{profile => dependency}/python.pp | 6 +- manifests/{profile => dependency}/rabbitmq.pp | 6 +- manifests/{profile => dependency}/redis.pp | 4 +- manifests/{profile => dependency}/selinux.pp | 4 +- manifests/init.pp | 3 + manifests/params.pp | 40 +- manifests/profile/fullinstall.pp | 22 +- manifests/profile/ha/api.pp | 31 ++ manifests/profile/ha/core.pp | 31 ++ manifests/profile/ha/noha.pp | 29 ++ manifests/profile/ha/runner.pp | 32 ++ manifests/profile/ha/sensor.pp | 32 ++ manifests/profile/server.pp | 408 +----------------- manifests/stanley.pp | 2 +- spec/classes/profile/mongodb_spec.rb | 2 +- spec/classes/profile/nginx_spec.rb | 4 +- spec/classes/profile/web_spec.rb | 4 +- .../etc/sysconfig/st2sensorcontainer.erb | 3 + 39 files changed, 1001 insertions(+), 454 deletions(-) create mode 100644 manifests/component/actionrunner.pp create mode 100644 manifests/component/api.pp create mode 100644 manifests/component/auth.pp rename manifests/{profile => component}/chatops.pp (98%) create mode 100644 manifests/component/garbagecollector.pp rename manifests/{ => component}/notifier.pp (94%) rename manifests/{ => component}/rulesengine.pp (94%) rename manifests/{ => component}/scheduler.pp (94%) create mode 100644 manifests/component/sensorcontainer.pp create mode 100644 manifests/component/stream.pp rename manifests/{ => component}/timersengine.pp (94%) rename manifests/{profile => component}/web.pp (98%) rename manifests/{ => component}/workflowengine.pp (94%) create mode 100644 manifests/config/common.pp create mode 100644 manifests/config/coordination.pp create mode 100644 manifests/config/db.pp create mode 100644 manifests/config/messaging.pp rename manifests/{profile => dependency}/facter.pp (55%) rename manifests/{profile => dependency}/mongodb.pp (98%) rename manifests/{profile => dependency}/nginx.pp (81%) rename manifests/{profile => dependency}/nodejs.pp (96%) rename manifests/{profile => dependency}/python.pp (90%) rename manifests/{profile => dependency}/rabbitmq.pp (95%) rename manifests/{profile => dependency}/redis.pp (85%) rename manifests/{profile => dependency}/selinux.pp (91%) create mode 100644 manifests/profile/ha/api.pp create mode 100644 manifests/profile/ha/core.pp create mode 100644 manifests/profile/ha/noha.pp create mode 100644 manifests/profile/ha/runner.pp create mode 100644 manifests/profile/ha/sensor.pp create mode 100644 templates/etc/sysconfig/st2sensorcontainer.erb diff --git a/manifests/component/actionrunner.pp b/manifests/component/actionrunner.pp new file mode 100644 index 00000000..0b61f88d --- /dev/null +++ b/manifests/component/actionrunner.pp @@ -0,0 +1,85 @@ +# @summary Manages the st2actionrunner service. +# +# Normally this class is instantiated by +st2::profile::fullinstall+. +# However, advanced users can instantiate this class directly to configure +# and manage just the st2actionrunner service on a single node. +# Parameters for this class mirror the parameters in the st2 config. +# +# @see https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample#L337-L343 +# +# @example Basic usage +# include st2::component::actionrunner +# +# @example Customizing parameters +# class { 'st2::component::actionrunner': +# } +# +# @param enabled +# Specify to enable sensor service. +# @param partition_provider +# partition_provider for distribution strategy of sensors. +# @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# +class st2::component::actionrunner ( + $actionrunner_workers = $st2::actionrunner_workers, + $ssh_key_location = $st2::ssh_key_location, + $conf_file = $st2::conf_file, + $actionrunner_services = $st2::params::actionrunner_services +) inherits st2 { + + $_logger_config = $st2::syslog ? { + true => 'syslog', + default => 'logging', + } + + ## SSH + ini_setting { 'ssh_key_stanley': + ensure => present, + path => $conf_file, + section => 'system_user', + setting => 'ssh_key_file', + value => $ssh_key_location, + tag => 'st2::config', + } + + ## ActionRunner settings + ini_setting { 'actionrunner_logging': + ensure => present, + path => $conf_file, + section => 'actionrunner', + setting => 'logging', + value => "/etc/st2/${_logger_config}.actionrunner.conf", + tag => 'st2::config', + } + + file { $st2::params::actionrunner_global_env_file: + ensure => file, + owner => 'root', + group => 'root', + mode => '0644', + content => template('st2/etc/sysconfig/st2actionrunner.erb'), + tag => 'st2::config', + } + + ## Resultstracker Settings (Part of Action Runner) + ini_setting { 'resultstracker_logging': + ensure => present, + path => $conf_file, + section => 'resultstracker', + setting => 'logging', + value => "/etc/st2/${_logger_config}.resultstracker.conf", + tag => 'st2::config', + } + + ######################################## + ## Services + service { $actionrunner_services: + ensure => 'running', + enable => true, + tag => 'st2::service', + } + + ######################################## + ## Datastore keys + class { 'st2::server::datastore_keys': } +} diff --git a/manifests/component/api.pp b/manifests/component/api.pp new file mode 100644 index 00000000..2f807e20 --- /dev/null +++ b/manifests/component/api.pp @@ -0,0 +1,75 @@ +# @summary Manages the st2api service. +# +# Normally this class is instantiated by +st2::profile::fullinstall+. +# However, advanced users can instantiate this class directly to configure +# and manage just the st2api service on a single node. +# Parameters for this class mirror the parameters in the st2 config. +# +# @see https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample#L337-L343 +# +# @example Basic usage +# include st2::component::api +# +# @example Customizing parameters +# class { 'st2::component::api': +# partition_provider => 'name:hash, hash_ranges:0..1024|2048..3072|2147483648..MAX', +# } +# +# @param partition_provider +# partition_provider for distribution strategy of sensors. +# @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# +class st2::component::api ( + $conf_file = $st2::conf_file, + $api_services = $st2::params::api_services, + $st2api_listen_ip = '0.0.0.0', + $st2api_listen_port = '9101', +) inherits st2 { + + $_logger_config = $st2::syslog ? { + true => 'syslog', + default => 'logging', + } + + ## API Settings + ini_setting { 'api_listen_ip': + ensure => present, + path => $conf_file, + section => 'api', + setting => 'host', + value => $st2api_listen_ip, + tag => 'st2::config', + } + ini_setting { 'api_listen_port': + ensure => present, + path => $conf_file, + section => 'api', + setting => 'port', + value => $st2api_listen_port, + tag => 'st2::config', + } + ini_setting { 'api_allow_origin': + ensure => 'present', + path => $conf_file, + section => 'api', + setting => 'allow_origin', + value => '*', + tag => 'st2::config', + } + ini_setting { 'api_logging': + ensure => present, + path => $conf_file, + section => 'api', + setting => 'logging', + value => "/etc/st2/${_logger_config}.api.gunicorn.conf", + tag => 'st2::config', + } + + ######################################## + ## Services + service { $api_services: + ensure => 'running', + enable => true, + tag => 'st2::service', + } +} diff --git a/manifests/component/auth.pp b/manifests/component/auth.pp new file mode 100644 index 00000000..99eca071 --- /dev/null +++ b/manifests/component/auth.pp @@ -0,0 +1,81 @@ +# @summary Manages the st2auth service. +# +# Normally this class is instantiated by +st2::profile::fullinstall+. +# However, advanced users can instantiate this class directly to configure +# and manage just the st2auth service on a single node. +# Parameters for this class mirror the parameters in the st2 config. +# +# @see https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample#L337-L343 +# +# @example Basic usage +# include st2::component::auth +# +# @example Customizing parameters +# class { 'st2::component::auth': +# partition_provider => 'name:hash, hash_ranges:0..1024|2048..3072|2147483648..MAX', +# } +# +# @param partition_provider +# partition_provider for distribution strategy of sensors. +# @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# +class st2::component::auth ( + $conf_file = $st2::conf_file, + $auth = $st2::auth, + $st2auth_listen_ip = '0.0.0.0', + $st2auth_listen_port = '9100', + $auth_services = $st2::params::auth_services, +) inherits st2 { + + $_enable_auth = $auth ? { + true => 'True', + default => 'False', + } + + $_logger_config = $st2::syslog ? { + true => 'syslog', + default => 'logging', + } + + ## Authentication Settings + ini_setting { 'auth': + ensure => present, + path => $conf_file, + section => 'auth', + setting => 'enable', + value => $_enable_auth, + tag => 'st2::config', + } + ini_setting { 'auth_listen_port': + ensure => present, + path => $conf_file, + section => 'auth', + setting => 'port', + value => $st2auth_listen_port, + tag => 'st2::config', + } + ini_setting { 'auth_listen_ip': + ensure => present, + path => $conf_file, + section => 'auth', + setting => 'host', + value => $st2auth_listen_ip, + tag => 'st2::config', + } + ini_setting { 'auth_logging': + ensure => present, + path => $conf_file, + section => 'auth', + setting => 'logging', + value => "/etc/st2/${_logger_config}.auth.gunicorn.conf", + tag => 'st2::config', + } + + ######################################## + ## Services + service { $auth_services: + ensure => 'running', + enable => true, + tag => 'st2::service', + } +} diff --git a/manifests/profile/chatops.pp b/manifests/component/chatops.pp similarity index 98% rename from manifests/profile/chatops.pp rename to manifests/component/chatops.pp index 78b06a9d..22c94880 100644 --- a/manifests/profile/chatops.pp +++ b/manifests/component/chatops.pp @@ -63,7 +63,7 @@ # }, # } # -class st2::profile::chatops ( +class st2::component::chatops ( $version = $st2::version, $hubot_log_level = $st2::chatops_hubot_log_level, $hubot_express_port = $st2::chatops_hubot_express_port, @@ -115,7 +115,7 @@ ######################################## ## Additional nodejs packages - include st2::profile::nodejs + include st2::dependency::nodejs $npm_package_defaults = { ensure => present, diff --git a/manifests/component/garbagecollector.pp b/manifests/component/garbagecollector.pp new file mode 100644 index 00000000..c28d341e --- /dev/null +++ b/manifests/component/garbagecollector.pp @@ -0,0 +1,49 @@ +# @summary Manages the st2garbagecollector service. +# +# Normally this class is instantiated by +st2::profile::fullinstall+. +# However, advanced users can instantiate this class directly to configure +# and manage just the st2garbagecollector service on a single node. +# Parameters for this class mirror the parameters in the st2 config. +# +# @see https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample#L337-L343 +# +# @example Basic usage +# include st2::component::garbagecollector +# +# @example Customizing parameters +# class { 'st2::component::garbagecollector': +# partition_provider => 'name:hash, hash_ranges:0..1024|2048..3072|2147483648..MAX', +# } +# +# @param partition_provider +# partition_provider for distribution strategy of sensors. +# @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# +class st2::component::garbagecollector ( + $conf_file = $st2::conf_file, + $garbagecollector_services = $st2::params::garbagecollector_services, +) inherits st2 { + + $_logger_config = $st2::syslog ? { + true => 'syslog', + default => 'logging', + } + + ## Sensor container Settings + ini_setting { 'garbagecollector_logging': + ensure => present, + path => $conf_file, + section => 'garbagecollector', + setting => 'logging', + value => "/etc/st2/${_logger_config}.garbagecollector.conf", + tag => 'st2::config', + } + + ######################################## + ## Services + service { $garbagecollector_services: + ensure => 'running', + enable => true, + tag => 'st2::service', + } +} diff --git a/manifests/notifier.pp b/manifests/component/notifier.pp similarity index 94% rename from manifests/notifier.pp rename to manifests/component/notifier.pp index 1a1bd0d2..7680a1b1 100644 --- a/manifests/notifier.pp +++ b/manifests/component/notifier.pp @@ -8,14 +8,14 @@ # @see https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample # # @example Basic usage -# include st2::notifier +# include st2::component::notifier # # @param notifier_num # The number of notifiers to have in an active active state # @param notifier_services # Name of all the notifier services # -class st2::notifier ( +class st2::component::notifier ( $notifier_num = $st2::notifier_num, $notifier_services = $st2::params::notifier_services, ) inherits st2 { diff --git a/manifests/rulesengine.pp b/manifests/component/rulesengine.pp similarity index 94% rename from manifests/rulesengine.pp rename to manifests/component/rulesengine.pp index 3c0e573a..e090981d 100644 --- a/manifests/rulesengine.pp +++ b/manifests/component/rulesengine.pp @@ -8,14 +8,14 @@ # @see https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample # # @example Basic usage -# include st2::rulesengine +# include st2::component::rulesengine # # @param rulesengine_num # The number of rulesengines to have in an active active state # @param rulesengine_services # Name of all the rulesengine services # -class st2::rulesengine ( +class st2::component::rulesengine ( $rulesengine_num = $st2::rulesengine_num, $rulesengine_services = $st2::params::rulesengine_services, ) inherits st2 { diff --git a/manifests/scheduler.pp b/manifests/component/scheduler.pp similarity index 94% rename from manifests/scheduler.pp rename to manifests/component/scheduler.pp index 90cdde33..a34eb54d 100644 --- a/manifests/scheduler.pp +++ b/manifests/component/scheduler.pp @@ -8,10 +8,10 @@ # @see https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample#L251-L259 # # @example Basic usage -# include st2::scheduler +# include st2::component::scheduler # # @example Customizing parameters -# class { 'st2::scheduler': +# class { 'st2::component::scheduler': # sleep_interval => 60, # gc_interval => 120, # } @@ -27,7 +27,7 @@ # @param scheduler_services # Name of all the scheduler services. # -class st2::scheduler ( +class st2::component::scheduler ( $sleep_interval = $st2::scheduler_sleep_interval, $gc_interval = $st2::scheduler_gc_interval, $pool_size = $st2::scheduler_pool_size, diff --git a/manifests/component/sensorcontainer.pp b/manifests/component/sensorcontainer.pp new file mode 100644 index 00000000..90ce4a9f --- /dev/null +++ b/manifests/component/sensorcontainer.pp @@ -0,0 +1,69 @@ +# @summary Manages the st2sensorcontainer service. +# +# Normally this class is instantiated by +st2::profile::fullinstall+. +# However, advanced users can instantiate this class directly to configure +# and manage just the st2sensorcontainer service on a single node. +# Parameters for this class mirror the parameters in the st2 config. +# +# @see https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample#L337-L343 +# +# @example Basic usage +# include st2::component::sensorcontainer +# +# @example Customizing parameters +# class { 'st2::component::sensorcontainer': +# partition_provider => 'name:hash, hash_ranges:0..1024|2048..3072|2147483648..MAX', +# } +# +# @param partition_provider +# partition_provider for distribution strategy of sensors. +# @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# +class st2::component::sensorcontainer ( + $partition_provider = $st2::sensor_partition_provider, + $conf_file = $st2::conf_file, + $sensorcontainer_services = $st2::params::sensorcontainer_services, +) inherits st2 { + + $_logger_config = $st2::syslog ? { + true => 'syslog', + default => 'logging', + } + + ## Sensor container Settings + ini_setting { 'sensorcontainer_logging': + ensure => present, + path => $conf_file, + section => 'sensorcontainer', + setting => 'logging', + value => "/etc/st2/${_logger_config}.sensorcontainer.conf", + tag => 'st2::config', + } + + ini_setting { 'sensorcontainer_partitioning': + ensure => present, + path => $conf_file, + section => 'sensorcontainer', + setting => 'partition_provider', + value => $partition_provider, + tag => 'st2::config', + } + + file { $st2::params::sensorcontainer_global_env_file: + ensure => file, + owner => 'root', + group => 'root', + mode => '0644', + content => template('st2/etc/sysconfig/st2sensorcontainer.erb'), + tag => 'st2::config', + } + + + ######################################## + ## Services + service { $sensorcontainer_services: + ensure => 'running', + enable => true, + tag => 'st2::service', + } +} diff --git a/manifests/component/stream.pp b/manifests/component/stream.pp new file mode 100644 index 00000000..49553074 --- /dev/null +++ b/manifests/component/stream.pp @@ -0,0 +1,49 @@ +# @summary Manages the st2stream service. +# +# Normally this class is instantiated by +st2::profile::fullinstall+. +# However, advanced users can instantiate this class directly to configure +# and manage just the st2stream service on a single node. +# Parameters for this class mirror the parameters in the st2 config. +# +# @see https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample#L337-L343 +# +# @example Basic usage +# include st2::component::stream +# +# @example Customizing parameters +# class { 'st2::component::stream': +# partition_provider => 'name:hash, hash_ranges:0..1024|2048..3072|2147483648..MAX', +# } +# +# @param partition_provider +# partition_provider for distribution strategy of sensors. +# @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# +class st2::component::stream ( + $conf_file = $st2::conf_file, + $stream_services = $st2::params::stream_services, +) inherits st2 { + + $_logger_config = $st2::syslog ? { + true => 'syslog', + default => 'logging', + } + + ## Stream Settings + ini_setting { 'stream_logging': + ensure => present, + path => $conf_file, + section => 'stream', + setting => 'logging', + value => "/etc/st2/${_logger_config}.stream.gunicorn.conf", + tag => 'st2::config', + } + + ######################################## + ## Services + service { $stream_services: + ensure => 'running', + enable => true, + tag => 'st2::service', + } +} diff --git a/manifests/timersengine.pp b/manifests/component/timersengine.pp similarity index 94% rename from manifests/timersengine.pp rename to manifests/component/timersengine.pp index 5808bafe..67a732e1 100644 --- a/manifests/timersengine.pp +++ b/manifests/component/timersengine.pp @@ -8,10 +8,10 @@ # @see https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample#L337-L343 # # @example Basic usage -# include st2::timersengine +# include st2::component::timersengine # # @example Customizing parameters -# class { 'st2::timersengine': +# class { 'st2::component::timersengine': # enabled => true, # timezone => 'America/Los_Angeles', # } @@ -21,7 +21,7 @@ # @param timezone # Timezone pertaining to the location where st2 is run. # -class st2::timersengine ( +class st2::component::timersengine ( $enabled = $st2::timersengine_enabled, $timezone = $st2::timersengine_timezone, ) inherits st2 { diff --git a/manifests/profile/web.pp b/manifests/component/web.pp similarity index 98% rename from manifests/profile/web.pp rename to manifests/component/web.pp index aedb11d5..1aee7c57 100644 --- a/manifests/profile/web.pp +++ b/manifests/component/web.pp @@ -34,7 +34,7 @@ # Directory where the StackStorm WebUI site lives on the filesystem # # @example Basic Usage -# include st2::profile::web' +# include st2::component::web' # # @example Managing your own certificate # # create your own certificate and key in the correct locations @@ -46,13 +46,13 @@ # } # # # instantiate this profile with ssl_cert_manage false -# class { 'st2::profile::web': +# class { 'st2::component::web': # ssl_cert_manage => false, # } # # # @example Change the SSL protocols and ciphers -# class { 'st2::profile::web': +# class { 'st2::component::web': # nginx_ssl_protocols => ['TLSv1.2'], # nginx_ssl_ciphers => [ # 'ECDHE-ECDSA-AES256-GCM-SHA384', @@ -60,7 +60,7 @@ # ], # } # -class st2::profile::web( +class st2::component::web( Variant[Array[String], String] $nginx_ssl_ciphers = $st2::nginx_ssl_ciphers, Variant[Array[String], String] $nginx_ssl_protocols = $st2::nginx_ssl_protocols, Stdlib::Port $nginx_ssl_port = $st2::nginx_ssl_port, @@ -76,7 +76,7 @@ # if we include this in st2::profile::fullinstall Anchor['pre_reqs'] then # a dependency cycle is created because we must modify the nginx config # in this profile. - include st2::profile::nginx + include st2::dependency::nginx include st2::params ## Install the packages diff --git a/manifests/workflowengine.pp b/manifests/component/workflowengine.pp similarity index 94% rename from manifests/workflowengine.pp rename to manifests/component/workflowengine.pp index 04444dc3..c5adb678 100644 --- a/manifests/workflowengine.pp +++ b/manifests/component/workflowengine.pp @@ -8,14 +8,14 @@ # @see https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample # # @example Basic usage -# include st2::workflowengine +# include st2::component::workflowengine # # @param workflowengine_num # The number of workflowengines to have in an active active state # @param workflowengine_services # Name of all the workflowengine services. # -class st2::workflowengine ( +class st2::component::workflowengine ( $workflowengine_num = $st2::workflowengine_num, $workflowengine_services = $st2::params::workflowengine_services, ) inherits st2 { diff --git a/manifests/config/common.pp b/manifests/config/common.pp new file mode 100644 index 00000000..54bb03a2 --- /dev/null +++ b/manifests/config/common.pp @@ -0,0 +1,194 @@ +# @summary Common configuration for st2 +# +# @note This class doesn't need to be invoked directly, instead it's included +# by other installation profiles to setup the configuration properly +# +# @param version +# Version of the st2 package to install +# +# @example Basic Usage +# class { 'st2': +# chatops_hubot_name => '"@RosieRobot"', +# chatops_api_key => '"xxxxyyyyy123abc"', +# chatops_adapter => { +# hubot-adapter => { +# package => 'hubot-rocketchat', +# source => 'git+ssh://git@git.company.com:npm/hubot-rocketchat#master', +# }, +# }, +# chatops_adapter_conf => { +# HUBOT_ADAPTER => 'rocketchat', +# ROCKETCHAT_URL => 'https://chat.company.com', +# ROCKETCHAT_ROOM => 'stackstorm', +# LISTEN_ON_ALL_PUBLIC => 'true', +# ROCKETCHAT_USER => 'st2', +# ROCKETCHAT_PASSWORD => 'secret123', +# ROCKETCHAT_AUTH => 'password', +# RESPOND_TO_DM => 'true', +# }, +# } +# +class st2::config::common ( + $version = $st2::version, + $conf_dir = $st2::conf_dir, + $conf_file = $st2::conf_file, + $index_url = $st2::index_url, + $packs_group = $st2::packs_group_name, + $validate_output_schema = $st2::validate_output_schema, + $manage_nfs_dirs = $st2::manage_nfs_dirs, + $stanley_user = $st2::stanley_user, + $syslog_host = $st2::syslog_host, + $syslog_port = $st2::syslog_port, + $syslog_facility = $st2::syslog_facility, + $syslog_protocol = $st2::syslog_protocol, +) inherits st2 { + include st2::notices + include st2::params + + $_validate_output_schema = $validate_output_schema ? { + true => 'True', + default => 'False', + } + + ######################################## + ## Packages + package { $st2::params::st2_server_packages: + ensure => $version, + tag => ['st2::packages', 'st2::server::packages'], + } + + ## Groups + ensure_resource('group', $packs_group, { + 'ensure' => present, + }) + + if $manage_nfs_dirs { + ensure_resource('file', '/opt/stackstorm', { + 'ensure' => 'directory', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0755', + 'tag' => 'st2::server', + }) + + ensure_resource('file', '/opt/stackstorm/packs', { + 'ensure' => 'directory', + 'owner' => 'root', + 'group' => $packs_group, + 'mode' => '0775', + 'tag' => 'st2::server', + 'recurse' => true, + }) + + ensure_resource('file', '/opt/stackstorm/virtualenvs', { + 'ensure' => 'directory', + 'owner' => 'root', + 'group' => $packs_group, + 'mode' => '0755', + 'tag' => 'st2::server', + 'recurse' => true, + }) + + ensure_resource('file', '/opt/stackstorm/configs', { + 'ensure' => 'directory', + 'owner' => 'st2', + 'group' => 'root', + 'mode' => '0755', + 'tag' => 'st2::server', + }) + + recursive_file_permissions { '/opt/stackstorm/packs': + owner => 'root', + group => $packs_group, + tag => 'st2::server', + } + + recursive_file_permissions { '/opt/stackstorm/virtualenvs': + owner => 'root', + group => $packs_group, + tag => 'st2::server', + } + } + + ######################################## + ## Config + file { $conf_dir: + ensure => directory, + } + + ## System Settings + ini_setting { 'validate_output_schema': + ensure => present, + path => $conf_file, + section => 'system', + setting => 'validate_output_schema', + value => $_validate_output_schema, + tag => 'st2::config', + } + + ## System User Setting (Override stanley user with this setting) + ini_setting { 'stanley_system_user': + ensure => present, + path => $conf_file, + section => 'system_user', + setting => 'user', + value => $stanley_user, + tag => 'st2::config', + } + + ## Exchange config + if $index_url { + ini_setting { 'exchange_index_url': + ensure => present, + path => $conf_file, + section => 'content', + setting => 'index_url', + value => $index_url, + tag => 'st2::config', + } + } + + ## Enable system debug + ini_setting { 'enable_system_debug': + ensure => present, + path => $conf_file, + section => 'system', + setting => 'debug', + value => 'True', + tag => 'st2::config', + } + + ## Syslog Settings + ini_setting { 'syslog_host': + ensure => present, + path => $conf_file, + section => 'syslog', + setting => 'host', + value => $syslog_host, + tag => 'st2::config', + } + ini_setting { 'syslog_protocol': + ensure => present, + path => $conf_file, + section => 'syslog', + setting => 'protocol', + value => $syslog_protocol, + tag => 'st2::config', + } + ini_setting { 'syslog_port': + ensure => present, + path => $conf_file, + section => 'syslog', + setting => 'port', + value => $syslog_port, + tag => 'st2::config', + } + ini_setting { 'syslog_facility': + ensure => present, + path => $conf_file, + section => 'syslog', + setting => 'facility', + value => $syslog_facility, + tag => 'st2::config', + } +} diff --git a/manifests/config/coordination.pp b/manifests/config/coordination.pp new file mode 100644 index 00000000..1b12879c --- /dev/null +++ b/manifests/config/coordination.pp @@ -0,0 +1,30 @@ +# @summary Common configuration for st2 +# +# @note This class doesn't need to be invoked directly, instead it's included +# by other installation profiles to setup the configuration properly +# +# @param version +# Version of the st2 package to install +# +# @example Basic Usage +# class { 'st2': +# chatops_hubot_name => '"@RosieRobot"', +# } +# +class st2::config::coordination ( + $conf_file = $st2::conf_file, + $redis_hostname = $st2::redis_hostname, + $redis_port = $st2::redis_port, + $redis_password = $st2::redis_password, +) inherits st2 { + + ## Coordination Settings (Redis) + $_redis_url = "redis://:${redis_password}@${redis_hostname}:${redis_port}/" + ini_setting { 'coordination_url': + path => $conf_file, + section => 'coordination', + setting => 'url', + value => $_redis_url, + tag => 'st2::config', + } +} diff --git a/manifests/config/db.pp b/manifests/config/db.pp new file mode 100644 index 00000000..2ea1a12f --- /dev/null +++ b/manifests/config/db.pp @@ -0,0 +1,64 @@ +# @summary Common configuration for st2 +# +# @note This class doesn't need to be invoked directly, instead it's included +# by other installation profiles to setup the configuration properly +# +# @param version +# Version of the st2 package to install +# +# @example Basic Usage +# class { 'st2': +# chatops_hubot_name => '"@RosieRobot"', +# } +# +class st2::config::db ( + $conf_file = $st2::conf_file, + $db_host = $st2::db_host, + $db_port = $st2::db_port, + $db_name = $st2::db_name, + $db_username = $st2::db_username, + $db_password = $st2::db_password, +) inherits st2 { + + ## Database settings (MongoDB) + ini_setting { 'database_host': + ensure => present, + path => $conf_file, + section => 'database', + setting => 'host', + value => $db_host, + tag => 'st2::config', + } + ini_setting { 'database_port': + ensure => present, + path => $conf_file, + section => 'database', + setting => 'port', + value => $db_port, + tag => 'st2::config', + } + ini_setting { 'database_username': + ensure => present, + path => $conf_file, + section => 'database', + setting => 'username', + value => $db_username, + tag => 'st2::config', + } + ini_setting { 'database_name': + ensure => present, + path => $conf_file, + section => 'database', + setting => 'db_name', + value => $db_name, + tag => 'st2::config', + } + ini_setting { 'database_password': + ensure => present, + path => $conf_file, + section => 'database', + setting => 'password', + value => $db_password, + tag => 'st2::config', + } +} diff --git a/manifests/config/messaging.pp b/manifests/config/messaging.pp new file mode 100644 index 00000000..16967261 --- /dev/null +++ b/manifests/config/messaging.pp @@ -0,0 +1,36 @@ +# @summary Common configuration for st2 +# +# @note This class doesn't need to be invoked directly, instead it's included +# by other installation profiles to setup the configuration properly +# +# @param version +# Version of the st2 package to install +# +# @example Basic Usage +# class { 'st2': +# chatops_hubot_name => '"@RosieRobot"', +# } +# +class st2::config::messaging ( + $conf_file = $st2::conf_file, + $rabbitmq_username = $st2::rabbitmq_username, + $rabbitmq_password = $st2::rabbitmq_password, + $rabbitmq_hostname = $st2::rabbitmq_hostname, + $rabbitmq_port = $st2::rabbitmq_port, + $rabbitmq_vhost = $st2::rabbitmq_vhost, +) inherits st2 { + + ## Messaging Settings (RabbitMQ) + + # URL encode the RabbitMQ password, in case it contains special characters that + # can mess up the URL in the config. + $_rabbitmq_pass = st2::urlencode($rabbitmq_password) + ini_setting { 'messaging_url': + ensure => present, + path => $conf_file, + section => 'messaging', + setting => 'url', + value => "amqp://${rabbitmq_username}:${_rabbitmq_pass}@${rabbitmq_hostname}:${rabbitmq_port}/${rabbitmq_vhost}", + tag => 'st2::config', + } +} diff --git a/manifests/profile/facter.pp b/manifests/dependency/facter.pp similarity index 55% rename from manifests/profile/facter.pp rename to manifests/dependency/facter.pp index b41c6a00..161fc6dc 100644 --- a/manifests/profile/facter.pp +++ b/manifests/dependency/facter.pp @@ -1,8 +1,8 @@ # @summary Setup custom fact locations # # @example Basic Usage -# include st2::profile::facter +# include st2::dependency::facter # -class st2::profile::facter { +class st2::dependency::facter { include facter } diff --git a/manifests/profile/mongodb.pp b/manifests/dependency/mongodb.pp similarity index 98% rename from manifests/profile/mongodb.pp rename to manifests/dependency/mongodb.pp index 3147e87a..becc2297 100644 --- a/manifests/profile/mongodb.pp +++ b/manifests/dependency/mongodb.pp @@ -18,7 +18,7 @@ # Boolean determining if auth should be enabled for MongoDB. # # @example Basic Usage -# include st2::profile::mongodb +# include st2::dependency::mongodb # # @example Customize (done via st2) # class { 'st2': @@ -27,9 +27,9 @@ # db_password => 'xyz123', # db_port => 12345, # } -# include st2::profile::mongodb +# include st2::dependency::mongodb # -class st2::profile::mongodb ( +class st2::dependency::mongodb ( $db_name = $st2::db_name, $db_username = $st2::db_username, $db_password = $st2::db_password, diff --git a/manifests/profile/nginx.pp b/manifests/dependency/nginx.pp similarity index 81% rename from manifests/profile/nginx.pp rename to manifests/dependency/nginx.pp index 7097b4d1..b8ae2252 100644 --- a/manifests/profile/nginx.pp +++ b/manifests/dependency/nginx.pp @@ -4,14 +4,14 @@ # Set this to false when you have your own repository for nginx # # @example Basic Usage -# include st2::profile::nginx +# include st2::dependency::nginx # # @example Disable managing the nginx repo so you can manage it yourself -# class { 'st2::profile::nginx': +# class { 'st2::dependency::nginx': # manage_repo => false, # } # -class st2::profile::nginx ( +class st2::dependency::nginx ( $manage_repo = $st2::nginx_manage_repo ) inherits st2 { class { 'nginx': diff --git a/manifests/profile/nodejs.pp b/manifests/dependency/nodejs.pp similarity index 96% rename from manifests/profile/nodejs.pp rename to manifests/dependency/nodejs.pp index fc18354e..0dc86353 100644 --- a/manifests/profile/nodejs.pp +++ b/manifests/dependency/nodejs.pp @@ -6,10 +6,10 @@ # and manage just the NodeJS installation on a single node. # # @example Basic Usage -# include st2::profile::nodejs +# include st2::dependency::nodejs # # @example Custom Parameters -# class { 'st2::profile::nodejs': +# class { 'st2::dependency::nodejs': # } # # @param manage_repo @@ -17,7 +17,7 @@ # @param version # Version of NodeJS to install. If not provided it will be auto-calcuated based on $st2::version # -class st2::profile::nodejs( +class st2::dependency::nodejs( $manage_repo = $st2::nodejs_manage_repo, $version = $st2::nodejs_version, ) inherits st2 { diff --git a/manifests/profile/python.pp b/manifests/dependency/python.pp similarity index 90% rename from manifests/profile/python.pp rename to manifests/dependency/python.pp index 95d84f55..e42e7cba 100644 --- a/manifests/profile/python.pp +++ b/manifests/dependency/python.pp @@ -7,7 +7,7 @@ # To install Python 3.6 on Ubuntu 16.05 specify 'python3.6'. # # @example Basic Usage -# include st2::profile::python +# include st2::dependency::python # # @example Install with python 3.6 (if not default on your system) # $st2_python_version = $facts['os']['family'] ? { @@ -17,9 +17,9 @@ # class { 'st2': # python_version => $st2_python_version, # } -# include st2::profile::python +# include st2::dependency::python # -class st2::profile::python ( +class st2::dependency::python ( String $version = $st2::python_version, ) inherits st2 { notice("Python version: ${version}") diff --git a/manifests/profile/rabbitmq.pp b/manifests/dependency/rabbitmq.pp similarity index 95% rename from manifests/profile/rabbitmq.pp rename to manifests/dependency/rabbitmq.pp index 562ae6f9..fc4d2591 100644 --- a/manifests/profile/rabbitmq.pp +++ b/manifests/dependency/rabbitmq.pp @@ -12,16 +12,16 @@ # RabbitMQ virtual host to create for StackStorm # # @example Basic Usage -# include st2::profile::rabbitmq +# include st2::dependency::rabbitmq # # @example Authentication enabled (configured vi st2) # class { 'st2': # rabbitmq_username => 'rabbitst2', # rabbitmq_password => 'secret123', # } -# include st2::profile::rabbitmq +# include st2::dependency::rabbitmq # -class st2::profile::rabbitmq ( +class st2::dependency::rabbitmq ( $username = $st2::rabbitmq_username, $password = $st2::rabbitmq_password, $port = $st2::rabbitmq_port, diff --git a/manifests/profile/redis.pp b/manifests/dependency/redis.pp similarity index 85% rename from manifests/profile/redis.pp rename to manifests/dependency/redis.pp index b52afd2a..81e37989 100644 --- a/manifests/profile/redis.pp +++ b/manifests/dependency/redis.pp @@ -4,14 +4,14 @@ # Bind IP of the Redis server. Default is 127.0.0.1 # # @example Basic Usage -# include st2::profile::redis +# include st2::dependency::redis # # @example Install with redis # class { '::redis': # bind => '127.0.0.1', # } # -class st2::profile::redis ( +class st2::dependency::redis ( String $bind_ip = $st2::redis_bind_ip, ) inherits st2 { diff --git a/manifests/profile/selinux.pp b/manifests/dependency/selinux.pp similarity index 91% rename from manifests/profile/selinux.pp rename to manifests/dependency/selinux.pp index 5b7e509c..b840cd63 100644 --- a/manifests/profile/selinux.pp +++ b/manifests/dependency/selinux.pp @@ -1,9 +1,9 @@ # @summary Configure SELinux so that StackStorm services run properly # # @example Basic Usage -# include st2::profile::selinux +# include st2::dependency::selinux # -class st2::profile::selinux inherits st2::params { +class st2::dependency::selinux inherits st2::params { # note: the selinux module downcases the mode in the fact if ( ($facts['os']['family'] == 'RedHat') and ($facts['os']['selinux']['current_mode'] == 'enforcing')) { if (Numeric($facts['os']['release']['major']) >= 8) { # package was renamed in el8 diff --git a/manifests/init.pp b/manifests/init.pp index bbeb8acd..a3945644 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -338,6 +338,7 @@ $chatops_api_url = "https://${st2::params::hostname}/api", $chatops_auth_url = "https://${st2::params::hostname}/auth", $chatops_web_url = undef, + $sensor_partition_provider = $st2::params::sensor_partition_provider, $nodejs_version = undef, $nodejs_manage_repo = true, $workflowengine_num = $st2::params::workflowengine_num, @@ -345,6 +346,8 @@ $rulesengine_num = $st2::params::rulesengine_num, $notifier_num = $st2::params::notifier_num, $validate_output_schema = $st2::params::validate_output_schema, + $manage_nfs_dirs = true, + $stanley_user = $st2::params::st2_stanley_user, ) inherits st2::params { ######################################## diff --git a/manifests/params.pp b/manifests/params.pp index 12879540..935f8463 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -81,14 +81,42 @@ } } + $st2_stanley_user = 'stanley' + ## StackStorm core services $st2_services = [ - 'st2actionrunner', 'st2api', 'st2auth', + 'st2stream', + ] + + ## StackStorm EndPoint Services + # StackStorm Auth Services + $auth_services = [ + 'st2auth', + ] + # StackStorm API Services + $api_services = [ + 'st2api', + ] + # StackStorm Stream Services + $stream_services = [ + 'st2stream', + ] + + ## StackStorm ActionRunner Services + $actionrunner_services = [ + 'st2actionrunner', + ] + + ## StackStorm Garbage Collector Services + $garbagecollector_services = [ 'st2garbagecollector', + ] + + ## StackStorm Sensor Services + $sensorcontainer_services = [ 'st2sensorcontainer', - 'st2stream', ] ## StackStorm Workflow Engine (Orchestra) @@ -204,6 +232,14 @@ 'RedHat' => '/etc/sysconfig/st2actionrunner', } + ## actionrunner config + $sensorcontainer_global_env_file = $facts['os']['family'] ? { + 'Debian' => '/etc/default/st2sensorcontainer', + 'RedHat' => '/etc/sysconfig/st2sensorcontainer', + } + + $sensor_partition_provider = 'name:default' + ## chatops default config $st2_chatops_dir = '/opt/stackstorm/chatops' $st2_chatops_global_env_file = $facts['os']['family'] ? { diff --git a/manifests/profile/fullinstall.pp b/manifests/profile/fullinstall.pp index 8f54b913..09e4c738 100644 --- a/manifests/profile/fullinstall.pp +++ b/manifests/profile/fullinstall.pp @@ -6,6 +6,7 @@ # * MongoDB # * NodeJS # * nginx +# * redis # # @example Basic Usage # include st2::profile::fullinstall @@ -20,27 +21,20 @@ # class st2::profile::fullinstall inherits st2 { - anchor { 'st2::begin': } - -> anchor { 'st2::bootstrap': } - -> anchor { 'st2::pre_reqs': } - -> anchor { 'st2::main': } - -> anchor { 'st2::end': } - Anchor['st2::begin'] -> Anchor['st2::bootstrap'] - -> class { 'st2::profile::facter': } + -> class { 'st2::dependency::facter': } -> class { 'st2::repo': } - -> class { 'st2::profile::selinux': } + -> class { 'st2::dependency::selinux': } -> Anchor['st2::pre_reqs'] - -> class { 'st2::profile::redis': } - -> class { 'st2::profile::python': } - -> class { 'st2::profile::nodejs': } - -> class { 'st2::profile::rabbitmq': } - -> class { 'st2::profile::mongodb': } + -> class { 'st2::dependency::redis': } + -> class { 'st2::dependency::python': } + -> class { 'st2::dependency::nodejs': } + -> class { 'st2::dependency::rabbitmq': } + -> class { 'st2::dependency::mongodb': } -> Anchor['st2::main'] -> class { 'st2::profile::client': } -> class { 'st2::profile::server': } - -> class { 'st2::profile::web': } -> class { 'st2::profile::chatops': } -> Anchor['st2::end'] diff --git a/manifests/profile/ha/api.pp b/manifests/profile/ha/api.pp new file mode 100644 index 00000000..092dd883 --- /dev/null +++ b/manifests/profile/ha/api.pp @@ -0,0 +1,31 @@ +# @summary Profile to install, configure and manage all server components for st2 +# +# @example Basic usage +# include st2::profile::ha::api +# +class st2::profile::ha::api ( +) inherits st2 { + + class { 'st2::config::common': } + -> class { 'st2::config::db': } + -> class { 'st2::config::messaging': } + -> class { 'st2::config::coordination': } + + contain st2::component::web + contain st2::component::api + contain st2::component::auth + contain st2::component::stream + + ######################################## + ## Dependencies + Package<| tag == 'st2::server::packages' |> + -> Ini_setting<| tag == 'st2::config' |> + ~> Service<| tag == 'st2::service' |> + + Package<| tag == 'st2::server::packages' |> + -> File<| tag == 'st2::server' |> + -> Service<| tag == 'st2::service' |> + + Service<| tag == 'st2::service' |> + ~> Exec<| tag == 'st2::reload' |> +} diff --git a/manifests/profile/ha/core.pp b/manifests/profile/ha/core.pp new file mode 100644 index 00000000..9301ed9d --- /dev/null +++ b/manifests/profile/ha/core.pp @@ -0,0 +1,31 @@ +# @summary Profile to install, configure and manage all server components for st2 +# +# @example Basic usage +# include st2::profile::server +# +class st2::profile::ha::core ( +) inherits st2 { + + class { 'st2::config::common': } + -> class { 'st2::config::db': } + -> class { 'st2::config::messaging': } + -> class { 'st2::config::coordination': } + + contain st2::component::notifier + contain st2::component::rulesengine + contain st2::component::scheduler + contain st2::component::workflowengine + + ######################################## + ## Dependencies + Package<| tag == 'st2::server::packages' |> + -> Ini_setting<| tag == 'st2::config' |> + ~> Service<| tag == 'st2::service' |> + + Package<| tag == 'st2::server::packages' |> + -> File<| tag == 'st2::server' |> + -> Service<| tag == 'st2::service' |> + + Service<| tag == 'st2::service' |> + ~> Exec<| tag == 'st2::reload' |> +} diff --git a/manifests/profile/ha/noha.pp b/manifests/profile/ha/noha.pp new file mode 100644 index 00000000..28cb7626 --- /dev/null +++ b/manifests/profile/ha/noha.pp @@ -0,0 +1,29 @@ +# @summary Profile to install, configure and manage all NON HA server components for st2 +# +# @example Basic usage +# include st2::profile::ha::noha +# +class st2::profile::ha::noha ( +) inherits st2 { + + class { 'st2::config::common': } + -> class { 'st2::config::db': } + -> class { 'st2::config::messaging': } + -> class { 'st2::config::coordination': } + + contain st2::component::timersengine + contain st2::component::garbagecollector + + ######################################## + ## Dependencies + Package<| tag == 'st2::server::packages' |> + -> Ini_setting<| tag == 'st2::config' |> + ~> Service<| tag == 'st2::service' |> + + Package<| tag == 'st2::server::packages' |> + -> File<| tag == 'st2::server' |> + -> Service<| tag == 'st2::service' |> + + Service<| tag == 'st2::service' |> + ~> Exec<| tag == 'st2::reload' |> +} diff --git a/manifests/profile/ha/runner.pp b/manifests/profile/ha/runner.pp new file mode 100644 index 00000000..a735f761 --- /dev/null +++ b/manifests/profile/ha/runner.pp @@ -0,0 +1,32 @@ +# @summary Profile to install, configure and manage actionrunner for st2 +# +# @example Basic usage +# include st2::profile::ha::runner +# +class st2::profile::ha::runner ( +) inherits st2 { + + class { 'st2::config::common': } + -> class { 'st2::config::db': } + -> class { 'st2::config::messaging': } + -> class { 'st2::config::coordination': } + + contain st2::component::actionrunner + + ######################################## + ## Dependencies + Package<| tag == 'st2::server::packages' |> + -> Ini_setting<| tag == 'st2::config' |> + ~> Service<| tag == 'st2::service' |> + + Package<| tag == 'st2::server::packages' |> + -> Class['st2::server::datastore_keys'] + -> Service<| tag == 'st2::service' |> + + Package<| tag == 'st2::server::packages' |> + -> File<| tag == 'st2::server' |> + -> Service<| tag == 'st2::service' |> + + Service<| tag == 'st2::service' |> + ~> Exec<| tag == 'st2::reload' |> +} diff --git a/manifests/profile/ha/sensor.pp b/manifests/profile/ha/sensor.pp new file mode 100644 index 00000000..b7cff4f6 --- /dev/null +++ b/manifests/profile/ha/sensor.pp @@ -0,0 +1,32 @@ +# @summary Profile to install, configure and manage actionrunner for st2 +# +# @example Basic usage +# include st2::profile::ha::sensor +# +class st2::profile::ha::sensor ( +) inherits st2 { + + class { 'st2::config::common': } + -> class { 'st2::config::db': } + -> class { 'st2::config::messaging': } + -> class { 'st2::config::coordination': } + + contain st2::component::sensorcontainer + + ######################################## + ## Dependencies + Package<| tag == 'st2::server::packages' |> + -> Ini_setting<| tag == 'st2::config' |> + ~> Service<| tag == 'st2::service' |> + + Package<| tag == 'st2::server::packages' |> + -> Class['st2::server::datastore_keys'] + -> Service<| tag == 'st2::service' |> + + Package<| tag == 'st2::server::packages' |> + -> File<| tag == 'st2::server' |> + -> Service<| tag == 'st2::service' |> + + Service<| tag == 'st2::service' |> + ~> Exec<| tag == 'st2::reload' |> +} diff --git a/manifests/profile/server.pp b/manifests/profile/server.pp index f8ae40e7..31cde7d2 100644 --- a/manifests/profile/server.pp +++ b/manifests/profile/server.pp @@ -1,411 +1,35 @@ # @summary Profile to install, configure and manage all server components for st2 # -# @param version -# Version of StackStorm to install -# @param conf_dir -# The directory where st2 configs are stored -# @param conf_file -# The path where st2 config is stored -# @param auth -# Toggle Auth -# @param actionrunner_workers -# Set the number of actionrunner processes to start -# @param st2api_listen_ip -# Listen IP for st2api process -# @param st2api_listen_port -# Listen port for st2api process -# @param st2auth_listen_ip -# Listen IP for st2auth process -# @param st2auth_listen_port -# Listen port for st2auth process -# @param syslog -# Routes all log messages to syslog -# @param syslog_host -# Syslog host. -# @param syslog_protocol -# Syslog protocol. -# @param syslog_port -# Syslog port. -# @param syslog_facility -# Syslog facility. -# @param ssh_key_location -# Location on filesystem of Admin SSH key for remote runner -# @param db_username -# Username to connect to MongoDB with (default: 'stackstorm') -# @param db_password -# Password for 'stackstorm' user in MongDB. -# @param index_url -# Url to the StackStorm Exchange index file. (default undef) -# # @example Basic usage # include st2::profile::server # class st2::profile::server ( - $version = $st2::version, - $conf_dir = $st2::conf_dir, - $conf_file = $st2::conf_file, - $auth = $st2::auth, - $actionrunner_workers = $st2::actionrunner_workers, - $syslog = $st2::syslog, - $syslog_host = $st2::syslog_host, - $syslog_port = $st2::syslog_port, - $syslog_facility = $st2::syslog_facility, - $syslog_protocol = $st2::syslog_protocol, - $st2api_listen_ip = '0.0.0.0', - $st2api_listen_port = '9101', - $st2auth_listen_ip = '0.0.0.0', - $st2auth_listen_port = '9100', - $ssh_key_location = $st2::ssh_key_location, - $ng_init = $st2::ng_init, - $db_username = $st2::db_username, - $db_password = $st2::db_password, - $rabbitmq_username = $st2::rabbitmq_username, - $rabbitmq_password = $st2::rabbitmq_password, - $rabbitmq_hostname = $st2::rabbitmq_hostname, - $rabbitmq_port = $st2::rabbitmq_port, - $rabbitmq_vhost = $st2::rabbitmq_vhost, - $redis_hostname = $st2::redis_hostname, - $redis_port = $st2::redis_port, - $redis_password = $st2::redis_password, - $index_url = $st2::index_url, - $packs_group = $st2::packs_group_name, - $validate_output_schema = $st2::validate_output_schema, ) inherits st2 { - include st2::notices - include st2::params - - $_enable_auth = $auth ? { - true => 'True', - default => 'False', - } - $_validate_output_schema = $validate_output_schema ? { - true => 'True', - default => 'False', - } - $_logger_config = $syslog ? { - true => 'syslog', - default => 'logging', - } - - ######################################## - ## Packages - package { $st2::params::st2_server_packages: - ensure => $version, - tag => ['st2::packages', 'st2::server::packages'], - } - ensure_resource('file', '/opt/stackstorm', { - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0755', - 'tag' => 'st2::server', - }) + class { 'st2::config::common': } + -> class { 'st2::config::db': } + -> class { 'st2::config::messaging': } + -> class { 'st2::config::coordination': } - ensure_resource('group', $packs_group, { - 'ensure' => present, - }) - ensure_resource('file', '/opt/stackstorm/configs', { - 'ensure' => 'directory', - 'owner' => 'st2', - 'group' => 'root', - 'mode' => '0755', - 'tag' => 'st2::server', - }) + contain st2::component::actionrunner + contain st2::component::sensorcontainer + contain st2::component::web + contain st2::component::api + contain st2::component::auth + contain st2::component::stream - ensure_resource('file', '/opt/stackstorm/packs', { - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => $packs_group, - 'mode' => '0775', - 'tag' => 'st2::server', - }) - - ensure_resource('file', '/opt/stackstorm/virtualenvs', { - 'ensure' => 'directory', - 'owner' => 'root', - 'group' => $packs_group, - 'mode' => '0755', - 'tag' => 'st2::server', - }) - - recursive_file_permissions { '/opt/stackstorm/packs': - owner => 'root', - group => $packs_group, - tag => 'st2::server', - } - - recursive_file_permissions { '/opt/stackstorm/virtualenvs': - owner => 'root', - group => $packs_group, - tag => 'st2::server', - } - - ######################################## - ## Config - file { $conf_dir: - ensure => directory, - } - - ## SSH - ini_setting { 'ssh_key_stanley': - ensure => present, - path => $conf_file, - section => 'system_user', - setting => 'ssh_key_file', - value => $ssh_key_location, - tag => 'st2::config', - } - - ## ActionRunner settings - ini_setting { 'actionrunner_logging': - ensure => present, - path => $conf_file, - section => 'actionrunner', - setting => 'logging', - value => "/etc/st2/${_logger_config}.actionrunner.conf", - tag => 'st2::config', - } - - file { $st2::params::actionrunner_global_env_file: - ensure => file, - owner => 'root', - group => 'root', - mode => '0644', - content => template('st2/etc/sysconfig/st2actionrunner.erb'), - tag => 'st2::config', - } - - ## API Settings - ini_setting { 'api_listen_ip': - ensure => present, - path => $conf_file, - section => 'api', - setting => 'host', - value => $st2api_listen_ip, - tag => 'st2::config', - } - ini_setting { 'api_listen_port': - ensure => present, - path => $conf_file, - section => 'api', - setting => 'port', - value => $st2api_listen_port, - tag => 'st2::config', - } - ini_setting { 'api_allow_origin': - ensure => 'present', - path => $conf_file, - section => 'api', - setting => 'allow_origin', - value => '*', - tag => 'st2::config', - } - ini_setting { 'api_logging': - ensure => present, - path => $conf_file, - section => 'api', - setting => 'logging', - value => "/etc/st2/${_logger_config}.api.gunicorn.conf", - tag => 'st2::config', - } - - ## Authentication Settings - ini_setting { 'auth': - ensure => present, - path => $conf_file, - section => 'auth', - setting => 'enable', - value => $_enable_auth, - tag => 'st2::config', - } - ini_setting { 'auth_listen_port': - ensure => present, - path => $conf_file, - section => 'auth', - setting => 'port', - value => $st2auth_listen_port, - tag => 'st2::config', - } - ini_setting { 'auth_listen_ip': - ensure => present, - path => $conf_file, - section => 'auth', - setting => 'host', - value => $st2auth_listen_ip, - tag => 'st2::config', - } - ini_setting { 'auth_logging': - ensure => present, - path => $conf_file, - section => 'auth', - setting => 'logging', - value => "/etc/st2/${_logger_config}.auth.gunicorn.conf", - tag => 'st2::config', - } - - ## Database settings (MongoDB) - ini_setting { 'database_username': - ensure => present, - path => $conf_file, - section => 'database', - setting => 'username', - value => $db_username, - tag => 'st2::config', - } - ini_setting { 'database_password': - ensure => present, - path => $conf_file, - section => 'database', - setting => 'password', - value => $db_password, - tag => 'st2::config', - } - - ## Messaging Settings (RabbitMQ) - - # URL encode the RabbitMQ password, in case it contains special characters that - # can mess up the URL in the config. - $_rabbitmq_pass = st2::urlencode($rabbitmq_password) - ini_setting { 'messaging_url': - ensure => present, - path => '/etc/st2/st2.conf', - section => 'messaging', - setting => 'url', - value => "amqp://${rabbitmq_username}:${_rabbitmq_pass}@${rabbitmq_hostname}:${rabbitmq_port}/${rabbitmq_vhost}", - tag => 'st2::config', - } - - ## Coordination Settings (Redis) - - $_redis_url = "redis://:${redis_password}@${redis_hostname}:${redis_port}/" - ini_setting { 'coordination_url': - path => '/etc/st2/st2.conf', - section => 'coordination', - setting => 'url', - value => $_redis_url, - tag => 'st2::config', - } - - ## Resultstracker Settings - ini_setting { 'resultstracker_logging': - ensure => present, - path => $conf_file, - section => 'resultstracker', - setting => 'logging', - value => "/etc/st2/${_logger_config}.resultstracker.conf", - tag => 'st2::config', - } - - ## Garbage collector Settings - ini_setting { 'garbagecollector_logging': - ensure => present, - path => $conf_file, - section => 'garbagecollector', - setting => 'logging', - value => "/etc/st2/${_logger_config}.garbagecollector.conf", - tag => 'st2::config', - } - - ## Sensor container Settings - ini_setting { 'sensorcontainer_logging': - ensure => present, - path => $conf_file, - section => 'sensorcontainer', - setting => 'logging', - value => "/etc/st2/${_logger_config}.sensorcontainer.conf", - tag => 'st2::config', - } - - ## Stream Settings - ini_setting { 'stream_logging': - ensure => present, - path => $conf_file, - section => 'stream', - setting => 'logging', - value => "/etc/st2/${_logger_config}.stream.gunicorn.conf", - tag => 'st2::config', - } - - ## Syslog Settings - ini_setting { 'syslog_host': - ensure => present, - path => $conf_file, - section => 'syslog', - setting => 'host', - value => $syslog_host, - tag => 'st2::config', - } - ini_setting { 'syslog_protocol': - ensure => present, - path => $conf_file, - section => 'syslog', - setting => 'protocol', - value => $syslog_protocol, - tag => 'st2::config', - } - ini_setting { 'syslog_port': - ensure => present, - path => $conf_file, - section => 'syslog', - setting => 'port', - value => $syslog_port, - tag => 'st2::config', - } - ini_setting { 'syslog_facility': - ensure => present, - path => $conf_file, - section => 'syslog', - setting => 'facility', - value => $syslog_facility, - tag => 'st2::config', - } - - ## System Settings - ini_setting { 'validate_output_schema': - ensure => present, - path => $conf_file, - section => 'system', - setting => 'validate_output_schema', - value => $_validate_output_schema, - tag => 'st2::config', - } - - ## Exchange config - if $index_url { - ini_setting { 'exchange_index_url': - ensure => present, - path => $conf_file, - section => 'content', - setting => 'index_url', - value => $index_url, - tag => 'st2::config', - } - } - - ######################################## - ## Services - service { $st2::params::st2_services: - ensure => 'running', - enable => true, - tag => 'st2::service', - } - - contain st2::notifier - contain st2::rulesengine - contain st2::scheduler - contain st2::timersengine - contain st2::workflowengine + contain st2::component::notifier + contain st2::component::rulesengine + contain st2::component::scheduler + contain st2::component::timersengine + contain st2::component::workflowengine + contain st2::component::garbagecollector ######################################## ## st2 user (stanley) class { 'st2::stanley': } - ######################################## - ## Datastore keys - class { 'st2::server::datastore_keys': } - ######################################## ## Dependencies Package<| tag == 'st2::server::packages' |> diff --git a/manifests/stanley.pp b/manifests/stanley.pp index bfe3f22a..20334c90 100644 --- a/manifests/stanley.pp +++ b/manifests/stanley.pp @@ -26,7 +26,7 @@ # } # class st2::stanley ( - $username = 'stanley', + $username = $st2::stanley_user, $ssh_public_key = undef, $ssh_key_type = undef, $ssh_private_key = undef, diff --git a/spec/classes/profile/mongodb_spec.rb b/spec/classes/profile/mongodb_spec.rb index cf75da82..fd084183 100644 --- a/spec/classes/profile/mongodb_spec.rb +++ b/spec/classes/profile/mongodb_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper' -describe 'st2::profile::mongodb' do +describe 'st2::dependency::mongodb' do on_supported_os.each do |os, os_facts| let(:facts) { os_facts } diff --git a/spec/classes/profile/nginx_spec.rb b/spec/classes/profile/nginx_spec.rb index 36a96229..102f8ab5 100644 --- a/spec/classes/profile/nginx_spec.rb +++ b/spec/classes/profile/nginx_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper' -describe 'st2::profile::nginx' do +describe 'st2::dependency::nginx' do on_supported_os.each do |os, os_facts| let(:facts) do os_facts.merge( @@ -30,4 +30,4 @@ end # context 'with manage_repo=false' end # context 'on #{os}' end # on_supported_os -end # describe 'st2::profile::nginx' +end # describe 'st2::dependency::nginx' diff --git a/spec/classes/profile/web_spec.rb b/spec/classes/profile/web_spec.rb index 56b5887a..e3d4ec7e 100644 --- a/spec/classes/profile/web_spec.rb +++ b/spec/classes/profile/web_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper' -describe 'st2::profile::web' do +describe 'st2::component::web' do on_supported_os.each do |os, os_facts| let(:facts) { os_facts } let(:ssl_dir) { '/etc/ssl/st2' } @@ -40,7 +40,7 @@ context "on #{os}" do context 'with default options' do it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_class('st2::profile::nginx') } + it { is_expected.to contain_class('st2::dependency::nginx') } it do is_expected.to contain_package('st2web') .with(ensure: 'present', diff --git a/templates/etc/sysconfig/st2sensorcontainer.erb b/templates/etc/sysconfig/st2sensorcontainer.erb new file mode 100644 index 00000000..96b7faf5 --- /dev/null +++ b/templates/etc/sysconfig/st2sensorcontainer.erb @@ -0,0 +1,3 @@ +## This file is maintained by Puppet + +# Add any env variables to inject in the sensor container here \ No newline at end of file From b9a434e712e670c98c042eaa6893e3584b505e87 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 23 Nov 2021 17:12:07 +0100 Subject: [PATCH 02/37] fix chatops include --- manifests/profile/fullinstall.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/profile/fullinstall.pp b/manifests/profile/fullinstall.pp index 09e4c738..7216148e 100644 --- a/manifests/profile/fullinstall.pp +++ b/manifests/profile/fullinstall.pp @@ -35,7 +35,7 @@ -> Anchor['st2::main'] -> class { 'st2::profile::client': } -> class { 'st2::profile::server': } - -> class { 'st2::profile::chatops': } + -> class { 'st2::component::chatops': } -> Anchor['st2::end'] include st2::auth From 751ba9eac7250b12b5f2721d92b04ab64bfee721 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 23 Nov 2021 17:23:07 +0100 Subject: [PATCH 03/37] remove depricated anchor statements --- manifests/profile/fullinstall.pp | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/manifests/profile/fullinstall.pp b/manifests/profile/fullinstall.pp index 7216148e..cbca672b 100644 --- a/manifests/profile/fullinstall.pp +++ b/manifests/profile/fullinstall.pp @@ -21,22 +21,17 @@ # class st2::profile::fullinstall inherits st2 { - Anchor['st2::begin'] - -> Anchor['st2::bootstrap'] - -> class { 'st2::dependency::facter': } + class { 'st2::dependency::facter': } -> class { 'st2::repo': } -> class { 'st2::dependency::selinux': } - -> Anchor['st2::pre_reqs'] -> class { 'st2::dependency::redis': } -> class { 'st2::dependency::python': } -> class { 'st2::dependency::nodejs': } -> class { 'st2::dependency::rabbitmq': } -> class { 'st2::dependency::mongodb': } - -> Anchor['st2::main'] -> class { 'st2::profile::client': } -> class { 'st2::profile::server': } -> class { 'st2::component::chatops': } - -> Anchor['st2::end'] include st2::auth include st2::packs From 591cf6ef3ea3e976f3de2740e7358cdb05e09715 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 23 Nov 2021 17:42:17 +0100 Subject: [PATCH 04/37] update ha structure, add single test for dev --- .kitchen.yml | 122 ++++++++++++------------- manifests/config/common.pp | 5 + manifests/profile/{ha/api.pp => ha.pp} | 25 ++--- manifests/profile/ha/core.pp | 21 +---- manifests/profile/ha/noha.pp | 29 ------ manifests/profile/ha/runner.pp | 25 +---- manifests/profile/ha/sensor.pp | 25 +---- manifests/profile/ha/solo.pp | 10 ++ manifests/profile/ha/web.pp | 12 +++ manifests/profile/server.pp | 4 - manifests/test/fullinstall_hatest.pp | 9 ++ manifests/test/fullinstall_python36.pp | 9 +- 12 files changed, 122 insertions(+), 174 deletions(-) rename manifests/profile/{ha/api.pp => ha.pp} (56%) delete mode 100644 manifests/profile/ha/noha.pp create mode 100644 manifests/profile/ha/solo.pp create mode 100644 manifests/profile/ha/web.pp create mode 100644 manifests/test/fullinstall_hatest.pp diff --git a/.kitchen.yml b/.kitchen.yml index c4b84d07..3dde5da6 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -39,27 +39,27 @@ provisioner: - 2 platforms: - # CentOS7 with Systemd - Puppet 6 - - name: centos7-puppet6 - driver: - platform: centos - dockerfile: build/centos7-puppet6/Dockerfile.kitchen - run_command: /sbin/init - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - provisioner: - puppetfile_path: build/centos7-puppet6/Puppetfile + # # CentOS7 with Systemd - Puppet 6 + # - name: centos7-puppet6 + # driver: + # platform: centos + # dockerfile: build/centos7-puppet6/Dockerfile.kitchen + # run_command: /sbin/init + # volume: + # - /sys/fs/cgroup:/sys/fs/cgroup:ro + # provisioner: + # puppetfile_path: build/centos7-puppet6/Puppetfile - # CentOS7 with Systemd - Puppet 7 - - name: centos7-puppet7 - driver: - platform: centos - dockerfile: build/centos7-puppet7/Dockerfile.kitchen - run_command: /sbin/init - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - provisioner: - puppetfile_path: build/centos7-puppet7/Puppetfile + # # CentOS7 with Systemd - Puppet 7 + # - name: centos7-puppet7 + # driver: + # platform: centos + # dockerfile: build/centos7-puppet7/Dockerfile.kitchen + # run_command: /sbin/init + # volume: + # - /sys/fs/cgroup:/sys/fs/cgroup:ro + # provisioner: + # puppetfile_path: build/centos7-puppet7/Puppetfile # CentOS7 with Systemd - Puppet 7 - Python 3.6 - name: centos7-puppet7-python36 @@ -71,51 +71,51 @@ platforms: - /sys/fs/cgroup:/sys/fs/cgroup:ro provisioner: puppetfile_path: build/centos7-puppet7/Puppetfile - manifest: test/fullinstall_python36.pp + manifest: test/fullinstall_hatest.pp - # Ubuntu Bionic with Systemd - Puppet 6 - - name: ubuntu18-puppet6 - driver: - platform: ubuntu - dockerfile: build/ubuntu18-puppet6/Dockerfile.kitchen - run_command: /sbin/init - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - provisioner: - puppetfile_path: build/ubuntu18-puppet6/Puppetfile + # # Ubuntu Bionic with Systemd - Puppet 6 + # - name: ubuntu18-puppet6 + # driver: + # platform: ubuntu + # dockerfile: build/ubuntu18-puppet6/Dockerfile.kitchen + # run_command: /sbin/init + # volume: + # - /sys/fs/cgroup:/sys/fs/cgroup:ro + # provisioner: + # puppetfile_path: build/ubuntu18-puppet6/Puppetfile - # Ubuntu Bionic with Systemd - Puppet 7 - - name: ubuntu18-puppet7 - driver: - platform: ubuntu - dockerfile: build/ubuntu18-puppet7/Dockerfile.kitchen - run_command: /sbin/init - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - provisioner: - puppetfile_path: build/ubuntu18-puppet7/Puppetfile + # # Ubuntu Bionic with Systemd - Puppet 7 + # - name: ubuntu18-puppet7 + # driver: + # platform: ubuntu + # dockerfile: build/ubuntu18-puppet7/Dockerfile.kitchen + # run_command: /sbin/init + # volume: + # - /sys/fs/cgroup:/sys/fs/cgroup:ro + # provisioner: + # puppetfile_path: build/ubuntu18-puppet7/Puppetfile - # Ubuntu Focal with Systemd - Puppet 6 - - name: ubuntu20-puppet6 - driver: - platform: ubuntu - dockerfile: build/ubuntu20-puppet6/Dockerfile.kitchen - run_command: /sbin/init - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - provisioner: - puppetfile_path: build/ubuntu20-puppet6/Puppetfile + # # Ubuntu Focal with Systemd - Puppet 6 + # - name: ubuntu20-puppet6 + # driver: + # platform: ubuntu + # dockerfile: build/ubuntu20-puppet6/Dockerfile.kitchen + # run_command: /sbin/init + # volume: + # - /sys/fs/cgroup:/sys/fs/cgroup:ro + # provisioner: + # puppetfile_path: build/ubuntu20-puppet6/Puppetfile - # Ubuntu Focal with Systemd - Puppet 7 - - name: ubuntu20-puppet7 - driver: - platform: ubuntu - dockerfile: build/ubuntu20-puppet7/Dockerfile.kitchen - run_command: /sbin/init - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - provisioner: - puppetfile_path: build/ubuntu20-puppet7/Puppetfile + # # Ubuntu Focal with Systemd - Puppet 7 + # - name: ubuntu20-puppet7 + # driver: + # platform: ubuntu + # dockerfile: build/ubuntu20-puppet7/Dockerfile.kitchen + # run_command: /sbin/init + # volume: + # - /sys/fs/cgroup:/sys/fs/cgroup:ro + # provisioner: + # puppetfile_path: build/ubuntu20-puppet7/Puppetfile suites: - name: default diff --git a/manifests/config/common.pp b/manifests/config/common.pp index 54bb03a2..e3df7d48 100644 --- a/manifests/config/common.pp +++ b/manifests/config/common.pp @@ -45,6 +45,11 @@ include st2::notices include st2::params + # Include the settings for DB, Redis and RabbitMQ + contain st2::config::db + contain st2::config::messaging + contain st2::config::coordination + $_validate_output_schema = $validate_output_schema ? { true => 'True', default => 'False', diff --git a/manifests/profile/ha/api.pp b/manifests/profile/ha.pp similarity index 56% rename from manifests/profile/ha/api.pp rename to manifests/profile/ha.pp index 092dd883..4a94ccc0 100644 --- a/manifests/profile/ha/api.pp +++ b/manifests/profile/ha.pp @@ -1,20 +1,12 @@ # @summary Profile to install, configure and manage all server components for st2 # # @example Basic usage -# include st2::profile::ha::api +# include st2::profile::ha # -class st2::profile::ha::api ( +class st2::profile::ha ( ) inherits st2 { - class { 'st2::config::common': } - -> class { 'st2::config::db': } - -> class { 'st2::config::messaging': } - -> class { 'st2::config::coordination': } - - contain st2::component::web - contain st2::component::api - contain st2::component::auth - contain st2::component::stream + contain st2::config::common ######################################## ## Dependencies @@ -22,10 +14,21 @@ -> Ini_setting<| tag == 'st2::config' |> ~> Service<| tag == 'st2::service' |> + Package<| tag == 'st2::server::packages' |> + -> Class['st2::server::datastore_keys'] + -> Service<| tag == 'st2::service' |> + + Package<| tag == 'st2::server::packages' |> + -> Class['st2::stanley'] + -> Service<| tag == 'st2::service' |> + Package<| tag == 'st2::server::packages' |> -> File<| tag == 'st2::server' |> -> Service<| tag == 'st2::service' |> Service<| tag == 'st2::service' |> ~> Exec<| tag == 'st2::reload' |> + + St2_pack<||> + ~> Recursive_file_permissions<| tag == 'st2::server' |> } diff --git a/manifests/profile/ha/core.pp b/manifests/profile/ha/core.pp index 9301ed9d..6dae26af 100644 --- a/manifests/profile/ha/core.pp +++ b/manifests/profile/ha/core.pp @@ -4,28 +4,9 @@ # include st2::profile::server # class st2::profile::ha::core ( -) inherits st2 { - - class { 'st2::config::common': } - -> class { 'st2::config::db': } - -> class { 'st2::config::messaging': } - -> class { 'st2::config::coordination': } - +) inherits st2::profile::ha { contain st2::component::notifier contain st2::component::rulesengine contain st2::component::scheduler contain st2::component::workflowengine - - ######################################## - ## Dependencies - Package<| tag == 'st2::server::packages' |> - -> Ini_setting<| tag == 'st2::config' |> - ~> Service<| tag == 'st2::service' |> - - Package<| tag == 'st2::server::packages' |> - -> File<| tag == 'st2::server' |> - -> Service<| tag == 'st2::service' |> - - Service<| tag == 'st2::service' |> - ~> Exec<| tag == 'st2::reload' |> } diff --git a/manifests/profile/ha/noha.pp b/manifests/profile/ha/noha.pp deleted file mode 100644 index 28cb7626..00000000 --- a/manifests/profile/ha/noha.pp +++ /dev/null @@ -1,29 +0,0 @@ -# @summary Profile to install, configure and manage all NON HA server components for st2 -# -# @example Basic usage -# include st2::profile::ha::noha -# -class st2::profile::ha::noha ( -) inherits st2 { - - class { 'st2::config::common': } - -> class { 'st2::config::db': } - -> class { 'st2::config::messaging': } - -> class { 'st2::config::coordination': } - - contain st2::component::timersengine - contain st2::component::garbagecollector - - ######################################## - ## Dependencies - Package<| tag == 'st2::server::packages' |> - -> Ini_setting<| tag == 'st2::config' |> - ~> Service<| tag == 'st2::service' |> - - Package<| tag == 'st2::server::packages' |> - -> File<| tag == 'st2::server' |> - -> Service<| tag == 'st2::service' |> - - Service<| tag == 'st2::service' |> - ~> Exec<| tag == 'st2::reload' |> -} diff --git a/manifests/profile/ha/runner.pp b/manifests/profile/ha/runner.pp index a735f761..da2a53b1 100644 --- a/manifests/profile/ha/runner.pp +++ b/manifests/profile/ha/runner.pp @@ -4,29 +4,6 @@ # include st2::profile::ha::runner # class st2::profile::ha::runner ( -) inherits st2 { - - class { 'st2::config::common': } - -> class { 'st2::config::db': } - -> class { 'st2::config::messaging': } - -> class { 'st2::config::coordination': } - +) inherits st2::profile::ha { contain st2::component::actionrunner - - ######################################## - ## Dependencies - Package<| tag == 'st2::server::packages' |> - -> Ini_setting<| tag == 'st2::config' |> - ~> Service<| tag == 'st2::service' |> - - Package<| tag == 'st2::server::packages' |> - -> Class['st2::server::datastore_keys'] - -> Service<| tag == 'st2::service' |> - - Package<| tag == 'st2::server::packages' |> - -> File<| tag == 'st2::server' |> - -> Service<| tag == 'st2::service' |> - - Service<| tag == 'st2::service' |> - ~> Exec<| tag == 'st2::reload' |> } diff --git a/manifests/profile/ha/sensor.pp b/manifests/profile/ha/sensor.pp index b7cff4f6..be990502 100644 --- a/manifests/profile/ha/sensor.pp +++ b/manifests/profile/ha/sensor.pp @@ -4,29 +4,6 @@ # include st2::profile::ha::sensor # class st2::profile::ha::sensor ( -) inherits st2 { - - class { 'st2::config::common': } - -> class { 'st2::config::db': } - -> class { 'st2::config::messaging': } - -> class { 'st2::config::coordination': } - +) inherits st2::profile::ha { contain st2::component::sensorcontainer - - ######################################## - ## Dependencies - Package<| tag == 'st2::server::packages' |> - -> Ini_setting<| tag == 'st2::config' |> - ~> Service<| tag == 'st2::service' |> - - Package<| tag == 'st2::server::packages' |> - -> Class['st2::server::datastore_keys'] - -> Service<| tag == 'st2::service' |> - - Package<| tag == 'st2::server::packages' |> - -> File<| tag == 'st2::server' |> - -> Service<| tag == 'st2::service' |> - - Service<| tag == 'st2::service' |> - ~> Exec<| tag == 'st2::reload' |> } diff --git a/manifests/profile/ha/solo.pp b/manifests/profile/ha/solo.pp new file mode 100644 index 00000000..656cfd45 --- /dev/null +++ b/manifests/profile/ha/solo.pp @@ -0,0 +1,10 @@ +# @summary Profile to install, configure and manage all NON HA server components for st2 +# +# @example Basic usage +# include st2::profile::ha::solo +# +class st2::profile::ha::solo ( +) inherits st2::profile::ha { + contain st2::component::timersengine + contain st2::component::garbagecollector +} diff --git a/manifests/profile/ha/web.pp b/manifests/profile/ha/web.pp new file mode 100644 index 00000000..5c3e2d4d --- /dev/null +++ b/manifests/profile/ha/web.pp @@ -0,0 +1,12 @@ +# @summary Profile to install, configure and manage all server components for st2 +# +# @example Basic usage +# include st2::profile::ha::web +# +class st2::profile::ha::web ( +) inherits st2::profile::ha { + contain st2::component::web + contain st2::component::api + contain st2::component::auth + contain st2::component::stream +} diff --git a/manifests/profile/server.pp b/manifests/profile/server.pp index 31cde7d2..fa990e6f 100644 --- a/manifests/profile/server.pp +++ b/manifests/profile/server.pp @@ -7,10 +7,6 @@ ) inherits st2 { class { 'st2::config::common': } - -> class { 'st2::config::db': } - -> class { 'st2::config::messaging': } - -> class { 'st2::config::coordination': } - contain st2::component::actionrunner contain st2::component::sensorcontainer diff --git a/manifests/test/fullinstall_hatest.pp b/manifests/test/fullinstall_hatest.pp new file mode 100644 index 00000000..e8fba26a --- /dev/null +++ b/manifests/test/fullinstall_hatest.pp @@ -0,0 +1,9 @@ +# Test for installing standalone StackStorm using Python 3.6 +$st2_python_version = $facts['os']['family'] ? { + 'RedHat' => '3.6', + 'Debian' => 'python3.6', +} +class { 'st2': + python_version => $st2_python_version, +} +include st2::profile::fullinstall diff --git a/manifests/test/fullinstall_python36.pp b/manifests/test/fullinstall_python36.pp index e8fba26a..8f170850 100644 --- a/manifests/test/fullinstall_python36.pp +++ b/manifests/test/fullinstall_python36.pp @@ -6,4 +6,11 @@ class { 'st2': python_version => $st2_python_version, } -include st2::profile::fullinstall +include st2::profile::ha::sensor +include st2::profile::ha::web +include st2::profile::ha::core +include st2::profile::ha::solo +include st2::profile::ha::runner +######################################## +## st2 user (stanley) +class { 'st2::stanley': } \ No newline at end of file From 70b4423d7dc61a136184b343c5a739b6c75cba87 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 23 Nov 2021 17:48:53 +0100 Subject: [PATCH 05/37] disable extra workflows for dev --- .github/workflows/build.yaml | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index a534cee9..43d1db53 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -117,20 +117,20 @@ jobs: matrix: include: # note: actions/setup-ruby only allows using a major.minor release of ruby - - ruby: '2.7' - name: 'centos7-puppet6' - - ruby: '2.7' - name: 'centos7-puppet7' + # - ruby: '2.7' + # name: 'centos7-puppet6' + # - ruby: '2.7' + # name: 'centos7-puppet7' - ruby: '2.7' name: 'centos7-puppet7-python36' - - ruby: '2.7' - name: 'ubuntu18-puppet6' - - ruby: '2.7' - name: 'ubuntu18-puppet7' - - ruby: '2.7' - name: 'ubuntu20-puppet6' - - ruby: '2.7' - name: 'ubuntu20-puppet7' + # - ruby: '2.7' + # name: 'ubuntu18-puppet6' + # - ruby: '2.7' + # name: 'ubuntu18-puppet7' + # - ruby: '2.7' + # name: 'ubuntu20-puppet6' + # - ruby: '2.7' + # name: 'ubuntu20-puppet7' env: CHECK: '${{ matrix.check }}' steps: @@ -232,4 +232,3 @@ jobs: run: | bundle exec rake module:build bundle exec rake module:push - From a730fae6b8cfcb2287c68b13c7aa1ae61c192838 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Wed, 24 Nov 2021 11:15:39 +0100 Subject: [PATCH 06/37] add k/v setup support with apikey --- CHANGELOG.md | 6 ++++-- manifests/kv.pp | 14 ++++++++++++-- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5cfa9a00..78c24b90 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,9 +2,11 @@ ## Development -- Add support for packs to be installed with api_key provided as config instead of using username/password to obtain a token" +- Add support for k/v to be set with api_key provided as config. Contributed by @rush-skills -- Update `policycoreutils-python` package name in CentOS8+ for `st2::profile::selinux` +- Add support for packs to be installed with api_key provided as config instead of using username/password to obtain a token". Contributed by @rush-skills + +- Update `policycoreutils-python` package name in CentOS8+ for `st2::profile::selinux`. Contributed by @rush-skills - Add validate_output_schema flag. Contributed by @rush-skills diff --git a/manifests/kv.pp b/manifests/kv.pp index abedf557..9791c82b 100644 --- a/manifests/kv.pp +++ b/manifests/kv.pp @@ -14,12 +14,22 @@ $value, $ensure = present, $key = $name, + $apikey = $st2::cli_apikey, ) { include st2 + if $apikey { + _command = "st2 key set --api-key ${apikey} ${key} ${value}" + _unless = "st2 key get --api-key ${apikey} ${key} | grep ${key}" + } + else { + _command = "st2 key set ${key} ${value}" + _unless = "st2 key get ${key} | grep ${key}" + } + exec { "set-st2-key-${key}": - command => "st2 key set ${key} ${value}", - unless => "st2 key get ${key} | grep ${key}", + command => _command, + unless => _unless, path => '/usr/sbin:/usr/bin:/sbin:/bin', tries => '5', try_sleep => '10', From 52292923f3642c810a6afdd6e755b5e7c1832917 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Wed, 24 Nov 2021 14:20:37 +0100 Subject: [PATCH 07/37] fix variable names for k/v apikey support --- manifests/kv.pp | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/manifests/kv.pp b/manifests/kv.pp index 9791c82b..717b4552 100644 --- a/manifests/kv.pp +++ b/manifests/kv.pp @@ -19,17 +19,17 @@ include st2 if $apikey { - _command = "st2 key set --api-key ${apikey} ${key} ${value}" - _unless = "st2 key get --api-key ${apikey} ${key} | grep ${key}" + $_command = "st2 key set --api-key ${apikey} ${key} ${value}" + $_unless = "st2 key get --api-key ${apikey} ${key} | grep ${key}" } else { - _command = "st2 key set ${key} ${value}" - _unless = "st2 key get ${key} | grep ${key}" + $_command = "st2 key set ${key} ${value}" + $_unless = "st2 key get ${key} | grep ${key}" } exec { "set-st2-key-${key}": - command => _command, - unless => _unless, + command => $_command, + unless => $_unless, path => '/usr/sbin:/usr/bin:/sbin:/bin', tries => '5', try_sleep => '10', From e92a235c10423e81c01f1dced82fc674e698f728 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Wed, 24 Nov 2021 14:37:24 +0100 Subject: [PATCH 08/37] add ability to specify a pack version in the pack resource --- CHANGELOG.md | 2 ++ lib/puppet/provider/st2_pack/default.rb | 25 ++++++++++++++++++++++++- lib/puppet/type/st2_pack.rb | 4 ++++ manifests/pack.pp | 2 ++ 4 files changed, 32 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 78c24b90..d95b5307 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ## Development +- Add support for a specific pack version/tag to be installed + - Add support for k/v to be set with api_key provided as config. Contributed by @rush-skills - Add support for packs to be installed with api_key provided as config instead of using username/password to obtain a token". Contributed by @rush-skills diff --git a/lib/puppet/provider/st2_pack/default.rb b/lib/puppet/provider/st2_pack/default.rb index b2e9b8de..6486c794 100644 --- a/lib/puppet/provider/st2_pack/default.rb +++ b/lib/puppet/provider/st2_pack/default.rb @@ -23,6 +23,9 @@ def auth_params def create source = (@resource[:source]) ? @resource[:source] : @resource[:name] + if @resource[:version] + source = "#{source}=#{@resource[:version]}" + end exec_st2('pack', 'install', source, *auth_params) end @@ -31,7 +34,11 @@ def destroy end def exists? - list_installed_packs.include?(@resource[:name]) + if @resource[:version] + list_installed_packs_with_versions.include?([@resource[:name],@resource[:version]]) + else + list_installed_packs.include?(@resource[:name]) + end end def list_installed_packs @@ -39,6 +46,11 @@ def list_installed_packs parse_output_json(output) end + def list_installed_packs_with_versions + output = exec_st2('pack', 'list', '-a', 'ref', 'version', '-j', *auth_params) + parse_version_output_json(output) + end + # Return list of package names def parse_output_json(raw) result = [] @@ -49,6 +61,17 @@ def parse_output_json(raw) end result end + + # Return list of package names + def parse_version_output_json(raw) + result = [] + if raw && !raw.empty? + pack_list = JSON.parse(raw) + result = pack_list.map { |pack| [pack['ref'], pack['version']] } + debug("Installed packs: #{result}") + end + result + end private diff --git a/lib/puppet/type/st2_pack.rb b/lib/puppet/type/st2_pack.rb index bef33493..71e66ec5 100644 --- a/lib/puppet/type/st2_pack.rb +++ b/lib/puppet/type/st2_pack.rb @@ -20,6 +20,10 @@ desc 'St2 apikey' end + newparam(:version) do + desc 'Specific pack version to install' + end + newparam(:source) do desc 'Git URL for st2 pack' end diff --git a/manifests/pack.pp b/manifests/pack.pp index fda1836f..6f68e595 100644 --- a/manifests/pack.pp +++ b/manifests/pack.pp @@ -20,6 +20,7 @@ $pack = $name, $repo_url = undef, $config = undef, + $version = undef, ) { include st2 $_cli_username = $st2::cli_username @@ -33,6 +34,7 @@ password => $_cli_password, apikey => $_cli_apikey, source => $repo_url, + version => $version, } if $config { From ca6d1f4c680d51aed7a17b2b9e4c8eadaa50f927 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Wed, 24 Nov 2021 14:39:17 +0100 Subject: [PATCH 09/37] update changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d95b5307..11c9f3e2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ ## Development -- Add support for a specific pack version/tag to be installed +- Add support for a specific pack version/tag to be installed. Contributed by @rush-skills - Add support for k/v to be set with api_key provided as config. Contributed by @rush-skills From 6d8e756c63465314b5d0e0941ace7bb7465a0f1f Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Wed, 24 Nov 2021 14:41:04 +0100 Subject: [PATCH 10/37] rubocop fixes --- lib/puppet/provider/st2_pack/default.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/puppet/provider/st2_pack/default.rb b/lib/puppet/provider/st2_pack/default.rb index 6486c794..ec30a6b1 100644 --- a/lib/puppet/provider/st2_pack/default.rb +++ b/lib/puppet/provider/st2_pack/default.rb @@ -35,7 +35,7 @@ def destroy def exists? if @resource[:version] - list_installed_packs_with_versions.include?([@resource[:name],@resource[:version]]) + list_installed_packs_with_versions.include?([@resource[:name], @resource[:version]]) else list_installed_packs.include?(@resource[:name]) end @@ -61,7 +61,7 @@ def parse_output_json(raw) end result end - + # Return list of package names def parse_version_output_json(raw) result = [] From f15c7d829b6c057c09f7763c65de32798a19b7d0 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Wed, 24 Nov 2021 17:57:50 +0100 Subject: [PATCH 11/37] fix test profiles --- manifests/test/fullinstall_hatest.pp | 9 ++++++++- manifests/test/fullinstall_python36.pp | 10 ++-------- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/manifests/test/fullinstall_hatest.pp b/manifests/test/fullinstall_hatest.pp index e8fba26a..3a5cc401 100644 --- a/manifests/test/fullinstall_hatest.pp +++ b/manifests/test/fullinstall_hatest.pp @@ -6,4 +6,11 @@ class { 'st2': python_version => $st2_python_version, } -include st2::profile::fullinstall +include st2::profile::ha::sensor +include st2::profile::ha::web +include st2::profile::ha::core +include st2::profile::ha::solo +include st2::profile::ha::runner +######################################## +## st2 user (stanley) +class { 'st2::stanley': } diff --git a/manifests/test/fullinstall_python36.pp b/manifests/test/fullinstall_python36.pp index 8f170850..1586dc1e 100644 --- a/manifests/test/fullinstall_python36.pp +++ b/manifests/test/fullinstall_python36.pp @@ -6,11 +6,5 @@ class { 'st2': python_version => $st2_python_version, } -include st2::profile::ha::sensor -include st2::profile::ha::web -include st2::profile::ha::core -include st2::profile::ha::solo -include st2::profile::ha::runner -######################################## -## st2 user (stanley) -class { 'st2::stanley': } \ No newline at end of file + +include st2::profile::fullinstall From c1769581e223c8af2e78714c77149e25c480b71d Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Wed, 24 Nov 2021 18:02:46 +0100 Subject: [PATCH 12/37] rework runner sysconfig configuration --- manifests/component/actionrunner.pp | 9 --------- manifests/component/sensorcontainer.pp | 10 ---------- manifests/config/runners.pp | 21 +++++++++++++++++++++ manifests/profile/ha.pp | 1 + manifests/profile/server.pp | 5 +++-- 5 files changed, 25 insertions(+), 21 deletions(-) create mode 100644 manifests/config/runners.pp diff --git a/manifests/component/actionrunner.pp b/manifests/component/actionrunner.pp index 0b61f88d..2416661c 100644 --- a/manifests/component/actionrunner.pp +++ b/manifests/component/actionrunner.pp @@ -52,15 +52,6 @@ tag => 'st2::config', } - file { $st2::params::actionrunner_global_env_file: - ensure => file, - owner => 'root', - group => 'root', - mode => '0644', - content => template('st2/etc/sysconfig/st2actionrunner.erb'), - tag => 'st2::config', - } - ## Resultstracker Settings (Part of Action Runner) ini_setting { 'resultstracker_logging': ensure => present, diff --git a/manifests/component/sensorcontainer.pp b/manifests/component/sensorcontainer.pp index 90ce4a9f..fbb3882c 100644 --- a/manifests/component/sensorcontainer.pp +++ b/manifests/component/sensorcontainer.pp @@ -49,16 +49,6 @@ tag => 'st2::config', } - file { $st2::params::sensorcontainer_global_env_file: - ensure => file, - owner => 'root', - group => 'root', - mode => '0644', - content => template('st2/etc/sysconfig/st2sensorcontainer.erb'), - tag => 'st2::config', - } - - ######################################## ## Services service { $sensorcontainer_services: diff --git a/manifests/config/runners.pp b/manifests/config/runners.pp new file mode 100644 index 00000000..dd6b3d7c --- /dev/null +++ b/manifests/config/runners.pp @@ -0,0 +1,21 @@ +class st2::config::runners ( + $actionrunner_workers = $st2::actionrunner_workers, +) inherits st2 { + file { $st2::params::actionrunner_global_env_file: + ensure => file, + owner => 'root', + group => 'root', + mode => '0644', + content => template('st2/etc/sysconfig/st2actionrunner.erb'), + tag => 'st2::config', + } + + file { $st2::params::sensorcontainer_global_env_file: + ensure => file, + owner => 'root', + group => 'root', + mode => '0644', + content => template('st2/etc/sysconfig/st2sensorcontainer.erb'), + tag => 'st2::config', + } +} diff --git a/manifests/profile/ha.pp b/manifests/profile/ha.pp index 4a94ccc0..90108c74 100644 --- a/manifests/profile/ha.pp +++ b/manifests/profile/ha.pp @@ -7,6 +7,7 @@ ) inherits st2 { contain st2::config::common + contain st2::config::runners ######################################## ## Dependencies diff --git a/manifests/profile/server.pp b/manifests/profile/server.pp index fa990e6f..82d87456 100644 --- a/manifests/profile/server.pp +++ b/manifests/profile/server.pp @@ -6,7 +6,8 @@ class st2::profile::server ( ) inherits st2 { - class { 'st2::config::common': } + contain st2::config::common + contain st2::config::runners contain st2::component::actionrunner contain st2::component::sensorcontainer @@ -24,7 +25,7 @@ ######################################## ## st2 user (stanley) - class { 'st2::stanley': } + contain st2::stanley ######################################## ## Dependencies From c18eb539f886cfbee16637055bc046b45bd0f87a Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Wed, 24 Nov 2021 18:14:11 +0100 Subject: [PATCH 13/37] rework ha test --- manifests/test/fullinstall_hatest.pp | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/manifests/test/fullinstall_hatest.pp b/manifests/test/fullinstall_hatest.pp index 3a5cc401..11543565 100644 --- a/manifests/test/fullinstall_hatest.pp +++ b/manifests/test/fullinstall_hatest.pp @@ -6,11 +6,34 @@ class { 'st2': python_version => $st2_python_version, } + +class { 'st2::dependency::facter': } +-> class { 'st2::repo': } +-> class { 'st2::dependency::selinux': } +-> class { 'st2::dependency::redis': } +-> class { 'st2::dependency::python': } +-> class { 'st2::dependency::nodejs': } +-> class { 'st2::dependency::rabbitmq': } +-> class { 'st2::dependency::mongodb': } +-> class { 'st2::profile::client': } +-> class { 'st2::component::chatops': } + include st2::profile::ha::sensor include st2::profile::ha::web include st2::profile::ha::core include st2::profile::ha::solo include st2::profile::ha::runner + ######################################## ## st2 user (stanley) + class { 'st2::stanley': } + +include st2::auth +include st2::packs +include st2::kvs + +# If user has not defined a pack "st2", install it from the Exchange. +if ! defined(St2::Pack['st2']) { + ensure_resource('st2::pack', 'st2', {'ensure' => 'present'}) +} From a34da9d74790d9cc8f2aef2108c1453d8a068294 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Wed, 24 Nov 2021 18:50:01 +0100 Subject: [PATCH 14/37] segment db config includes --- manifests/config/common.pp | 5 ----- manifests/profile/ha.pp | 3 +++ manifests/profile/server.pp | 3 +++ 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/manifests/config/common.pp b/manifests/config/common.pp index e3df7d48..54bb03a2 100644 --- a/manifests/config/common.pp +++ b/manifests/config/common.pp @@ -45,11 +45,6 @@ include st2::notices include st2::params - # Include the settings for DB, Redis and RabbitMQ - contain st2::config::db - contain st2::config::messaging - contain st2::config::coordination - $_validate_output_schema = $validate_output_schema ? { true => 'True', default => 'False', diff --git a/manifests/profile/ha.pp b/manifests/profile/ha.pp index 90108c74..6c58fdb2 100644 --- a/manifests/profile/ha.pp +++ b/manifests/profile/ha.pp @@ -7,6 +7,9 @@ ) inherits st2 { contain st2::config::common + contain st2::config::db + contain st2::config::messaging + contain st2::config::coordination contain st2::config::runners ######################################## diff --git a/manifests/profile/server.pp b/manifests/profile/server.pp index 82d87456..9ca49b53 100644 --- a/manifests/profile/server.pp +++ b/manifests/profile/server.pp @@ -7,6 +7,9 @@ ) inherits st2 { contain st2::config::common + contain st2::config::db + contain st2::config::messaging + contain st2::config::coordination contain st2::config::runners contain st2::component::actionrunner From 3a652d04eb06be0a23d69c3067e7324f42cd2a4f Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Thu, 24 Feb 2022 12:53:04 +0100 Subject: [PATCH 15/37] fix ldap service dependency --- manifests/auth/ldap.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/auth/ldap.pp b/manifests/auth/ldap.pp index bda3ccf9..7ad7387c 100644 --- a/manifests/auth/ldap.pp +++ b/manifests/auth/ldap.pp @@ -163,5 +163,5 @@ # dependencies Package<| tag == 'st2::server::packages' |> -> Package[$_dep_pkgs] - ~> Service['st2auth'] + ~> Service<| tag == 'st2::service' |> } From fda76e477f2afb723028504e5bcdcb42278746b8 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Thu, 24 Feb 2022 12:54:35 +0100 Subject: [PATCH 16/37] revert ldap service dependency change --- manifests/auth/ldap.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/auth/ldap.pp b/manifests/auth/ldap.pp index 7ad7387c..bda3ccf9 100644 --- a/manifests/auth/ldap.pp +++ b/manifests/auth/ldap.pp @@ -163,5 +163,5 @@ # dependencies Package<| tag == 'st2::server::packages' |> -> Package[$_dep_pkgs] - ~> Service<| tag == 'st2::service' |> + ~> Service['st2auth'] } From 738d1ce146e7d3792254cc307394e2740a61c0eb Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Thu, 24 Feb 2022 13:09:13 +0100 Subject: [PATCH 17/37] add cli config params and st2::hostname setting --- manifests/client/settings.pp | 2 +- manifests/init.pp | 24 +++++++++++++++--------- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/manifests/client/settings.pp b/manifests/client/settings.pp index 2f5bf45c..71b88d19 100644 --- a/manifests/client/settings.pp +++ b/manifests/client/settings.pp @@ -46,7 +46,7 @@ $base_url = $st2::cli_base_url, $username = $st2::cli_username, $password = $st2::cli_password, - $disable_credentials = false, + $disable_credentials = $st2::cli_disable_credentials, $api_version = $st2::cli_api_version, $cacert = $st2::cli_cacert, $debug = $st2::cli_debug, diff --git a/manifests/init.pp b/manifests/init.pp index a3945644..2e5df2e1 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -31,6 +31,8 @@ # @param ssl_key # Path to the file where the StackStorm SSL key will # be generated. (default: /etc/ssl/st2/st2.key) +# @param hostname +# Hostname of the StackStorm instance, used by other services to communicate # @param auth # Toggle to enable/disable auth (Default: true) # @param auth_api_url @@ -62,6 +64,8 @@ # CLI config - Enable/Disable Debug # @param cli_cache_token # CLI config - True to cache auth token until expries +# @param [boolean] cli_disable_credentials +# CLI config - False to setup the admin credentials (Default: false) # @param cli_username # CLI config - Auth Username # @param cli_password @@ -265,22 +269,24 @@ $ssl_dir = $st2::params::ssl_dir, $ssl_cert = $st2::params::ssl_cert, $ssl_key = $st2::params::ssl_key, + $hostname = $st2::params::hostname, $auth = true, - $auth_api_url = "http://${st2::params::hostname}:${st2::params::api_port}", + $auth_api_url = "http://${st2::hostname}:${st2::params::api_port}", $auth_debug = false, $auth_mode = $st2::params::auth_mode, $auth_backend = $st2::params::auth_backend, $auth_backend_config = $st2::params::auth_backend_config, - $cli_base_url = "http://${st2::params::hostname}", + $cli_base_url = "http://${st2::hostname}", $cli_api_version = 'v1', $cli_debug = false, $cli_cache_token = true, $cli_silence_ssl_warnings = false, + $cli_disable_credentials = false, $cli_username = $st2::params::admin_username, $cli_password = $st2::params::admin_password, $cli_apikey = undef, - $cli_api_url = "http://${st2::params::hostname}:${st2::params::api_port}", - $cli_auth_url = "http://${st2::params::hostname}:${st2::params::auth_port}", + $cli_api_url = "http://${st2::hostname}/api", + $cli_auth_url = "http://${st2::hostname}/auth", $actionrunner_workers = $st2::params::actionrunner_workers, $packs = {}, $packs_group = $st2::params::packs_group_name, @@ -291,7 +297,7 @@ $syslog_port = 514, $syslog_facility = 'local7', $ssh_key_location = '/home/stanley/.ssh/st2_stanley_key', - $db_host = $st2::params::hostname, + $db_host = $st2::hostname, $db_port = $st2::params::mongodb_port, $db_bind_ips = $st2::params::mongodb_bind_ips, $db_name = $st2::params::mongodb_st2_db, @@ -334,10 +340,10 @@ $chatops_hubot_name = $st2::params::hubot_name, $chatops_hubot_alias = $st2::params::hubot_alias, $chatops_api_key = undef, - $chatops_st2_hostname = $st2::params::hostname, - $chatops_api_url = "https://${st2::params::hostname}/api", - $chatops_auth_url = "https://${st2::params::hostname}/auth", - $chatops_web_url = undef, + $chatops_st2_hostname = $st2::hostname, + $chatops_api_url = "https://${st2::hostname}/api", + $chatops_auth_url = "https://${st2::hostname}/auth", + $chatops_web_url = "https://${st2::hostname}/", $sensor_partition_provider = $st2::params::sensor_partition_provider, $nodejs_version = undef, $nodejs_manage_repo = true, From e8948a2d3179d4d52d49fec4263bec20e35b637a Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Thu, 24 Feb 2022 13:10:41 +0100 Subject: [PATCH 18/37] fix hostname refs to https --- manifests/init.pp | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 2e5df2e1..a3d05689 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -271,12 +271,12 @@ $ssl_key = $st2::params::ssl_key, $hostname = $st2::params::hostname, $auth = true, - $auth_api_url = "http://${st2::hostname}:${st2::params::api_port}", + $auth_api_url = "http://${st2::params::hostname}:${st2::params::api_port}", $auth_debug = false, $auth_mode = $st2::params::auth_mode, $auth_backend = $st2::params::auth_backend, $auth_backend_config = $st2::params::auth_backend_config, - $cli_base_url = "http://${st2::hostname}", + $cli_base_url = "https://${st2::hostname}", $cli_api_version = 'v1', $cli_debug = false, $cli_cache_token = true, @@ -285,8 +285,8 @@ $cli_username = $st2::params::admin_username, $cli_password = $st2::params::admin_password, $cli_apikey = undef, - $cli_api_url = "http://${st2::hostname}/api", - $cli_auth_url = "http://${st2::hostname}/auth", + $cli_api_url = "https://${st2::hostname}/api", + $cli_auth_url = "https://${st2::hostname}/auth", $actionrunner_workers = $st2::params::actionrunner_workers, $packs = {}, $packs_group = $st2::params::packs_group_name, @@ -297,7 +297,7 @@ $syslog_port = 514, $syslog_facility = 'local7', $ssh_key_location = '/home/stanley/.ssh/st2_stanley_key', - $db_host = $st2::hostname, + $db_host = $st2::params::hostname, $db_port = $st2::params::mongodb_port, $db_bind_ips = $st2::params::mongodb_bind_ips, $db_name = $st2::params::mongodb_st2_db, @@ -341,9 +341,9 @@ $chatops_hubot_alias = $st2::params::hubot_alias, $chatops_api_key = undef, $chatops_st2_hostname = $st2::hostname, - $chatops_api_url = "https://${st2::hostname}/api", - $chatops_auth_url = "https://${st2::hostname}/auth", - $chatops_web_url = "https://${st2::hostname}/", + $chatops_api_url = "https://${st2::chatops_st2_hostname}/api", + $chatops_auth_url = "https://${st2::chatops_st2_hostname}/auth", + $chatops_web_url = "https://${st2::chatops_st2_hostname}/", $sensor_partition_provider = $st2::params::sensor_partition_provider, $nodejs_version = undef, $nodejs_manage_repo = true, From cbd09d64d7f99663caa266bf49fc49f7005d81bc Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Thu, 24 Feb 2022 13:11:17 +0100 Subject: [PATCH 19/37] add stream url to cli settings --- manifests/client/settings.pp | 6 ++++++ manifests/init.pp | 3 +++ manifests/profile/client.pp | 2 ++ templates/etc/profile.d/st2.sh.erb | 7 +++++++ 4 files changed, 18 insertions(+) diff --git a/manifests/client/settings.pp b/manifests/client/settings.pp index 71b88d19..a2b48d03 100644 --- a/manifests/client/settings.pp +++ b/manifests/client/settings.pp @@ -43,6 +43,7 @@ $auth = $st2::auth, $api_url = $st2::cli_api_url, $auth_url = $st2::cli_auth_url, + $stream_url = $st2::cli_stream_url, $base_url = $st2::cli_base_url, $username = $st2::cli_username, $password = $st2::cli_password, @@ -70,6 +71,11 @@ setting => 'url', value => $api_url, } + ini_setting { "${user}-st2_cli_stream_url": + section => 'stream', + setting => 'url', + value => $stream_url, + } ini_setting { "${user}-st2_cli_general_base_url": section => 'general', setting => 'base_url', diff --git a/manifests/init.pp b/manifests/init.pp index a3d05689..7fd3bf41 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -74,6 +74,8 @@ # CLI config - API URL # @param cli_auth_url # CLI config - Auth URL +# @param cli_stream_url +# CLI config - Stream URL # @param actionrunner_workers # Set the number of actionrunner processes to start # @param packs @@ -287,6 +289,7 @@ $cli_apikey = undef, $cli_api_url = "https://${st2::hostname}/api", $cli_auth_url = "https://${st2::hostname}/auth", + $cli_stream_url = "https://${st2::hostname}/stream", $actionrunner_workers = $st2::params::actionrunner_workers, $packs = {}, $packs_group = $st2::params::packs_group_name, diff --git a/manifests/profile/client.pp b/manifests/profile/client.pp index 07f05438..7eb0b76f 100644 --- a/manifests/profile/client.pp +++ b/manifests/profile/client.pp @@ -30,6 +30,7 @@ $auth = $st2::auth, $api_url = $st2::cli_api_url, $auth_url = $st2::cli_auth_url, + $stream_url = $st2::cli_stream_url, $base_url = $st2::cli_base_url, $username = $st2::cli_username, $password = $st2::cli_password, @@ -46,6 +47,7 @@ auth => $auth, api_url => $api_url, auth_url => $auth_url, + stream_url => $stream_url, base_url => $base_url, username => $username, password => $password, diff --git a/templates/etc/profile.d/st2.sh.erb b/templates/etc/profile.d/st2.sh.erb index 7d9792ea..fc2fb1a9 100644 --- a/templates/etc/profile.d/st2.sh.erb +++ b/templates/etc/profile.d/st2.sh.erb @@ -13,3 +13,10 @@ export ST2_AUTH_URL="<%= @auth_url %>" <%- else -%> # export ST2_AUTH_URL="" <%- end -%> + +# URL to the StackStorm stream service (st2stream) +<%- if @stream_url -%> +export ST2_STREAM_URL="<%= @stream_url %>" +<%- else -%> +# export ST2_STREAM_URL="" +<%- end -%> From f68e58c0a886e04afdd3f97491de6b1010d0d6d4 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Thu, 24 Feb 2022 13:12:14 +0100 Subject: [PATCH 20/37] revert build pipeline changes --- .github/workflows/build.yaml | 24 +++---- .kitchen.yml | 120 +++++++++++++++++------------------ 2 files changed, 72 insertions(+), 72 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 43d1db53..eb3023c3 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -117,20 +117,20 @@ jobs: matrix: include: # note: actions/setup-ruby only allows using a major.minor release of ruby - # - ruby: '2.7' - # name: 'centos7-puppet6' - # - ruby: '2.7' - # name: 'centos7-puppet7' + - ruby: '2.7' + name: 'centos7-puppet6' + - ruby: '2.7' + name: 'centos7-puppet7' - ruby: '2.7' name: 'centos7-puppet7-python36' - # - ruby: '2.7' - # name: 'ubuntu18-puppet6' - # - ruby: '2.7' - # name: 'ubuntu18-puppet7' - # - ruby: '2.7' - # name: 'ubuntu20-puppet6' - # - ruby: '2.7' - # name: 'ubuntu20-puppet7' + - ruby: '2.7' + name: 'ubuntu18-puppet6' + - ruby: '2.7' + name: 'ubuntu18-puppet7' + - ruby: '2.7' + name: 'ubuntu20-puppet6' + - ruby: '2.7' + name: 'ubuntu20-puppet7' env: CHECK: '${{ matrix.check }}' steps: diff --git a/.kitchen.yml b/.kitchen.yml index 3dde5da6..ed1a3264 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -39,27 +39,27 @@ provisioner: - 2 platforms: - # # CentOS7 with Systemd - Puppet 6 - # - name: centos7-puppet6 - # driver: - # platform: centos - # dockerfile: build/centos7-puppet6/Dockerfile.kitchen - # run_command: /sbin/init - # volume: - # - /sys/fs/cgroup:/sys/fs/cgroup:ro - # provisioner: - # puppetfile_path: build/centos7-puppet6/Puppetfile + # CentOS7 with Systemd - Puppet 6 + - name: centos7-puppet6 + driver: + platform: centos + dockerfile: build/centos7-puppet6/Dockerfile.kitchen + run_command: /sbin/init + volume: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + provisioner: + puppetfile_path: build/centos7-puppet6/Puppetfile - # # CentOS7 with Systemd - Puppet 7 - # - name: centos7-puppet7 - # driver: - # platform: centos - # dockerfile: build/centos7-puppet7/Dockerfile.kitchen - # run_command: /sbin/init - # volume: - # - /sys/fs/cgroup:/sys/fs/cgroup:ro - # provisioner: - # puppetfile_path: build/centos7-puppet7/Puppetfile + # CentOS7 with Systemd - Puppet 7 + - name: centos7-puppet7 + driver: + platform: centos + dockerfile: build/centos7-puppet7/Dockerfile.kitchen + run_command: /sbin/init + volume: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + provisioner: + puppetfile_path: build/centos7-puppet7/Puppetfile # CentOS7 with Systemd - Puppet 7 - Python 3.6 - name: centos7-puppet7-python36 @@ -73,49 +73,49 @@ platforms: puppetfile_path: build/centos7-puppet7/Puppetfile manifest: test/fullinstall_hatest.pp - # # Ubuntu Bionic with Systemd - Puppet 6 - # - name: ubuntu18-puppet6 - # driver: - # platform: ubuntu - # dockerfile: build/ubuntu18-puppet6/Dockerfile.kitchen - # run_command: /sbin/init - # volume: - # - /sys/fs/cgroup:/sys/fs/cgroup:ro - # provisioner: - # puppetfile_path: build/ubuntu18-puppet6/Puppetfile + # Ubuntu Bionic with Systemd - Puppet 6 + - name: ubuntu18-puppet6 + driver: + platform: ubuntu + dockerfile: build/ubuntu18-puppet6/Dockerfile.kitchen + run_command: /sbin/init + volume: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + provisioner: + puppetfile_path: build/ubuntu18-puppet6/Puppetfile - # # Ubuntu Bionic with Systemd - Puppet 7 - # - name: ubuntu18-puppet7 - # driver: - # platform: ubuntu - # dockerfile: build/ubuntu18-puppet7/Dockerfile.kitchen - # run_command: /sbin/init - # volume: - # - /sys/fs/cgroup:/sys/fs/cgroup:ro - # provisioner: - # puppetfile_path: build/ubuntu18-puppet7/Puppetfile + # Ubuntu Bionic with Systemd - Puppet 7 + - name: ubuntu18-puppet7 + driver: + platform: ubuntu + dockerfile: build/ubuntu18-puppet7/Dockerfile.kitchen + run_command: /sbin/init + volume: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + provisioner: + puppetfile_path: build/ubuntu18-puppet7/Puppetfile - # # Ubuntu Focal with Systemd - Puppet 6 - # - name: ubuntu20-puppet6 - # driver: - # platform: ubuntu - # dockerfile: build/ubuntu20-puppet6/Dockerfile.kitchen - # run_command: /sbin/init - # volume: - # - /sys/fs/cgroup:/sys/fs/cgroup:ro - # provisioner: - # puppetfile_path: build/ubuntu20-puppet6/Puppetfile + # Ubuntu Focal with Systemd - Puppet 6 + - name: ubuntu20-puppet6 + driver: + platform: ubuntu + dockerfile: build/ubuntu20-puppet6/Dockerfile.kitchen + run_command: /sbin/init + volume: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + provisioner: + puppetfile_path: build/ubuntu20-puppet6/Puppetfile - # # Ubuntu Focal with Systemd - Puppet 7 - # - name: ubuntu20-puppet7 - # driver: - # platform: ubuntu - # dockerfile: build/ubuntu20-puppet7/Dockerfile.kitchen - # run_command: /sbin/init - # volume: - # - /sys/fs/cgroup:/sys/fs/cgroup:ro - # provisioner: - # puppetfile_path: build/ubuntu20-puppet7/Puppetfile + # Ubuntu Focal with Systemd - Puppet 7 + - name: ubuntu20-puppet7 + driver: + platform: ubuntu + dockerfile: build/ubuntu20-puppet7/Dockerfile.kitchen + run_command: /sbin/init + volume: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + provisioner: + puppetfile_path: build/ubuntu20-puppet7/Puppetfile suites: - name: default From 2439538653e4a70e766901a0d15dc7622e01a21f Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Thu, 24 Feb 2022 13:14:31 +0100 Subject: [PATCH 21/37] don't handle ssl dir in web.pp --- manifests/component/web.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/component/web.pp b/manifests/component/web.pp index 1aee7c57..fe6c1875 100644 --- a/manifests/component/web.pp +++ b/manifests/component/web.pp @@ -88,9 +88,9 @@ } ## Create ssl cert directory - file { $ssl_dir: - ensure => directory, - } + # file { $ssl_dir: + # ensure => directory, + # } ## optionally manage the SSL certificate used by nginx if $ssl_cert_manage { From 462bc444b3c7032f8b5973b3a94bb4202c3cf18b Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Thu, 24 Feb 2022 13:14:43 +0100 Subject: [PATCH 22/37] make ssl dir management configurable --- manifests/component/web.pp | 13 +++++++++---- manifests/init.pp | 4 ++++ 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/manifests/component/web.pp b/manifests/component/web.pp index fe6c1875..10a3022b 100644 --- a/manifests/component/web.pp +++ b/manifests/component/web.pp @@ -32,6 +32,8 @@ # Version of StackStorm WebUI to install # @param web_root # Directory where the StackStorm WebUI site lives on the filesystem +# @param [Boolean] manage_ssl_dir +# Manage the directory for ssl_dir # # @example Basic Usage # include st2::component::web' @@ -71,6 +73,7 @@ String $ssl_key = $st2::ssl_key, String $version = $st2::version, String $web_root = $st2::web_root, + Boolean $manage_ssl_dir = $st2::manage_ssl_dir ) inherits st2 { # include nginx here only # if we include this in st2::profile::fullinstall Anchor['pre_reqs'] then @@ -87,10 +90,12 @@ notify => Service['nginx'], # notify to force a refresh if the package is updated } - ## Create ssl cert directory - # file { $ssl_dir: - # ensure => directory, - # } + ## Create ssl cert directory if needed + if $manage_ssl_dir { + file { $ssl_dir: + ensure => directory, + } + } ## optionally manage the SSL certificate used by nginx if $ssl_cert_manage { diff --git a/manifests/init.pp b/manifests/init.pp index 7fd3bf41..f8d49264 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -31,6 +31,9 @@ # @param ssl_key # Path to the file where the StackStorm SSL key will # be generated. (default: /etc/ssl/st2/st2.key) +# @param [Boolean] manage_ssl_dir +# Manage the directory for ssl_dir +# (default: True) # @param hostname # Hostname of the StackStorm instance, used by other services to communicate # @param auth @@ -271,6 +274,7 @@ $ssl_dir = $st2::params::ssl_dir, $ssl_cert = $st2::params::ssl_cert, $ssl_key = $st2::params::ssl_key, + $manage_ssl_dir = true, $hostname = $st2::params::hostname, $auth = true, $auth_api_url = "http://${st2::params::hostname}:${st2::params::api_port}", From 3fbd6840b3996f38740a2c60f7b958ab2643b8b8 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 17:02:10 +0100 Subject: [PATCH 23/37] fix rabbitmq classname --- manifests/dependency/rabbitmq.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/dependency/rabbitmq.pp b/manifests/dependency/rabbitmq.pp index a541da8a..6a3ec7e6 100644 --- a/manifests/dependency/rabbitmq.pp +++ b/manifests/dependency/rabbitmq.pp @@ -21,7 +21,7 @@ # } # include st2::dependency::rabbitmq # -class st2::profile::rabbitmq ( +class st2::dependency::rabbitmq ( $username = $st2::rabbitmq_username, $password = $st2::rabbitmq_password, $port = $st2::rabbitmq_port, From 4a8b87d29eaaccfd108e53bd997c5e52261ad4fb Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 17:21:40 +0100 Subject: [PATCH 24/37] silence cli ssl warning in integration test --- manifests/test/fullinstall_hatest.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manifests/test/fullinstall_hatest.pp b/manifests/test/fullinstall_hatest.pp index 11543565..eeea30a1 100644 --- a/manifests/test/fullinstall_hatest.pp +++ b/manifests/test/fullinstall_hatest.pp @@ -4,7 +4,8 @@ 'Debian' => 'python3.6', } class { 'st2': - python_version => $st2_python_version, + python_version => $st2_python_version, + cli_silence_ssl_warnings => true, # needed for clean pack install in tests } class { 'st2::dependency::facter': } From 564e26ed3918617950ab92d30ee0af3d091c44c2 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 17:26:07 +0100 Subject: [PATCH 25/37] fix indentation --- manifests/test/fullinstall_hatest.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/test/fullinstall_hatest.pp b/manifests/test/fullinstall_hatest.pp index eeea30a1..38bd97b9 100644 --- a/manifests/test/fullinstall_hatest.pp +++ b/manifests/test/fullinstall_hatest.pp @@ -4,7 +4,7 @@ 'Debian' => 'python3.6', } class { 'st2': - python_version => $st2_python_version, + python_version => $st2_python_version, cli_silence_ssl_warnings => true, # needed for clean pack install in tests } From 16f553393e73d2524d38f486c2704562afc5ef3c Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 18:03:34 +0100 Subject: [PATCH 26/37] add docs for stream_url in client --- manifests/client/settings.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/client/settings.pp b/manifests/client/settings.pp index a2b48d03..aaae92cc 100644 --- a/manifests/client/settings.pp +++ b/manifests/client/settings.pp @@ -12,6 +12,8 @@ # URL of the StackStorm API service # @param auth_url # URL of the StackStorm Auth service +# @param stream_url +# URL of the StackStorm Stream service # @param base_url # Base URL for other StackStorm services # @param username From 58489d760bf89e3ead354e6930fc5ae5a19f1803 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 18:53:56 +0100 Subject: [PATCH 27/37] fix actionrunner docs --- manifests/component/actionrunner.pp | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/manifests/component/actionrunner.pp b/manifests/component/actionrunner.pp index 2416661c..b76fd447 100644 --- a/manifests/component/actionrunner.pp +++ b/manifests/component/actionrunner.pp @@ -1,6 +1,7 @@ # @summary Manages the st2actionrunner service. # # Normally this class is instantiated by +st2::profile::fullinstall+. +# OR by +st2::profile::ha::runner+ # However, advanced users can instantiate this class directly to configure # and manage just the st2actionrunner service on a single node. # Parameters for this class mirror the parameters in the st2 config. @@ -12,13 +13,18 @@ # # @example Customizing parameters # class { 'st2::component::actionrunner': +# actionrunner_workers => 5, +# ssh_key_location => '/etc/secrets/my_ssh_key', # } # -# @param enabled -# Specify to enable sensor service. -# @param partition_provider -# partition_provider for distribution strategy of sensors. -# @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# @param actionrunner_workers +# Number of action runners. +# @param ssh_key_location +# Path to ssh key for the runner user +# @param conf_file +# Path to st2 conf file +# @param actionrunner_services +# List of services for actionrunner # class st2::component::actionrunner ( $actionrunner_workers = $st2::actionrunner_workers, From 14c9e079b2513430af034cff21d889fa49612e9a Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 18:59:06 +0100 Subject: [PATCH 28/37] fix sensor docs --- manifests/component/sensorcontainer.pp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/manifests/component/sensorcontainer.pp b/manifests/component/sensorcontainer.pp index fbb3882c..9b41f378 100644 --- a/manifests/component/sensorcontainer.pp +++ b/manifests/component/sensorcontainer.pp @@ -1,6 +1,7 @@ # @summary Manages the st2sensorcontainer service. # # Normally this class is instantiated by +st2::profile::fullinstall+. +# OR +st2::profile::ha::sensor+ # However, advanced users can instantiate this class directly to configure # and manage just the st2sensorcontainer service on a single node. # Parameters for this class mirror the parameters in the st2 config. @@ -18,6 +19,11 @@ # @param partition_provider # partition_provider for distribution strategy of sensors. # @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# @param conf_file +# Path to st2 conf file +# @param sensorcontainer_services +# List of services for sensorcontainer +# # class st2::component::sensorcontainer ( $partition_provider = $st2::sensor_partition_provider, From 3e4f6efe44ea45ee3e35b64a13397c65f43afc66 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 19:00:17 +0100 Subject: [PATCH 29/37] fix workflow engine docs --- manifests/component/workflowengine.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/component/workflowengine.pp b/manifests/component/workflowengine.pp index c5adb678..682b8499 100644 --- a/manifests/component/workflowengine.pp +++ b/manifests/component/workflowengine.pp @@ -1,6 +1,7 @@ # @summary Manages the st2workflowengine service (Orquesta) # # Normally this class is instantiated by +st2::profile::fullinstall+. +# OR by +st2::profile::ha::core+ # However, advanced users can instantiate this class directly to configure # and manage just the st2workflowengine service on a single node. # Parameters for this class mirror the parameters in the st2 config. From ed02f5b142779d3b271fe8bcc213f0b0b5753862 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 19:04:49 +0100 Subject: [PATCH 30/37] fix web docs --- manifests/component/web.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/component/web.pp b/manifests/component/web.pp index 10a3022b..4baaa0ac 100644 --- a/manifests/component/web.pp +++ b/manifests/component/web.pp @@ -47,7 +47,7 @@ # content => 'my privatekey data', # } # -# # instantiate this profile with ssl_cert_manage false +# # instantiate this component with ssl_cert_manage false # class { 'st2::component::web': # ssl_cert_manage => false, # } From 4128dd35dd73b2a14269ef8d32cb57e0c6460d52 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 19:05:50 +0100 Subject: [PATCH 31/37] fix timerengine docs --- manifests/component/timersengine.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/component/timersengine.pp b/manifests/component/timersengine.pp index 67a732e1..61117d9f 100644 --- a/manifests/component/timersengine.pp +++ b/manifests/component/timersengine.pp @@ -1,6 +1,7 @@ # @summary Manages the st2timersengine service. # # Normally this class is instantiated by +st2::profile::fullinstall+. +# OR by +st2::profile::ha::solo+ # However, advanced users can instantiate this class directly to configure # and manage just the st2timersengine service on a single node. # Parameters for this class mirror the parameters in the st2 config. From fca3e238c0a080c9bb9dc10408dace5ee3b72218 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 19:13:38 +0100 Subject: [PATCH 32/37] fix docs for other components --- manifests/component/garbagecollector.pp | 13 +++++-------- manifests/component/notifier.pp | 1 + manifests/component/rulesengine.pp | 1 + manifests/component/scheduler.pp | 1 + manifests/component/stream.pp | 8 +++++--- 5 files changed, 13 insertions(+), 11 deletions(-) diff --git a/manifests/component/garbagecollector.pp b/manifests/component/garbagecollector.pp index c28d341e..299ef5f4 100644 --- a/manifests/component/garbagecollector.pp +++ b/manifests/component/garbagecollector.pp @@ -1,6 +1,7 @@ # @summary Manages the st2garbagecollector service. # # Normally this class is instantiated by +st2::profile::fullinstall+. +# OR by +st2::profile::ha::solo+ # However, advanced users can instantiate this class directly to configure # and manage just the st2garbagecollector service on a single node. # Parameters for this class mirror the parameters in the st2 config. @@ -10,14 +11,10 @@ # @example Basic usage # include st2::component::garbagecollector # -# @example Customizing parameters -# class { 'st2::component::garbagecollector': -# partition_provider => 'name:hash, hash_ranges:0..1024|2048..3072|2147483648..MAX', -# } -# -# @param partition_provider -# partition_provider for distribution strategy of sensors. -# @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# @param conf_file +# Path to st2 conf file +# @param garbagecollector_services +# List of services for garbagecollector # class st2::component::garbagecollector ( $conf_file = $st2::conf_file, diff --git a/manifests/component/notifier.pp b/manifests/component/notifier.pp index 7680a1b1..0b4182d9 100644 --- a/manifests/component/notifier.pp +++ b/manifests/component/notifier.pp @@ -1,6 +1,7 @@ # @summary Manages the st2notifier service (Orquesta) # # Normally this class is instantiated by +st2::profile::fullinstall+. +# OR by +st2::profile::ha::core+ # However, advanced users can instantiate this class directly to configure # and manage just the st2notifier service on a single node. # Parameters for this class mirror the parameters in the st2 config. diff --git a/manifests/component/rulesengine.pp b/manifests/component/rulesengine.pp index e090981d..966df0bb 100644 --- a/manifests/component/rulesengine.pp +++ b/manifests/component/rulesengine.pp @@ -1,6 +1,7 @@ # @summary Manages the st2rulesengine service (Orquesta) # # Normally this class is instantiated by +st2::profile::fullinstall+. +# OR by +st2::profile::ha::core+ # However, advanced users can instantiate this class directly to configure # and manage just the st2rulesengine service on a single node. # Parameters for this class mirror the parameters in the st2 config. diff --git a/manifests/component/scheduler.pp b/manifests/component/scheduler.pp index a34eb54d..77c9dcd2 100644 --- a/manifests/component/scheduler.pp +++ b/manifests/component/scheduler.pp @@ -1,6 +1,7 @@ # @summary Manages the st2scheduler service. # # Normally this class is instantiated by st2::profile::fullinstall. +# OR by +st2::profile::ha::core+ # However, advanced users can instantiate this class directly to configure # and manage just the st2scheduler service on a single node. # Parameters for this class mirror the parameters in the st2 config. diff --git a/manifests/component/stream.pp b/manifests/component/stream.pp index 49553074..1645d454 100644 --- a/manifests/component/stream.pp +++ b/manifests/component/stream.pp @@ -1,6 +1,7 @@ # @summary Manages the st2stream service. # # Normally this class is instantiated by +st2::profile::fullinstall+. +# OR by +st2::profile::ha::web+ # However, advanced users can instantiate this class directly to configure # and manage just the st2stream service on a single node. # Parameters for this class mirror the parameters in the st2 config. @@ -15,9 +16,10 @@ # partition_provider => 'name:hash, hash_ranges:0..1024|2048..3072|2147483648..MAX', # } # -# @param partition_provider -# partition_provider for distribution strategy of sensors. -# @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# @param conf_file +# Path to st2 conf file +# @param stream_services +# List of services for stream # class st2::component::stream ( $conf_file = $st2::conf_file, From 3ba30a24185f4ba0d485b546574f658ec187b7f7 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 19:42:38 +0100 Subject: [PATCH 33/37] documentation changes --- manifests/config/common.pp | 44 ++++++++++++++++---------------- manifests/config/coordination.pp | 16 +++++++++--- manifests/config/db.pp | 24 +++++++++++------ manifests/config/messaging.pp | 21 +++++++++------ manifests/config/runners.pp | 8 ++++++ manifests/init.pp | 25 +++++++++++++++++- manifests/logging/rsyslog.pp | 1 + manifests/profile/ha.pp | 5 +--- manifests/profile/ha/core.pp | 4 +-- manifests/profile/ha/sensor.pp | 2 +- manifests/profile/ha/web.pp | 2 +- 11 files changed, 101 insertions(+), 51 deletions(-) diff --git a/manifests/config/common.pp b/manifests/config/common.pp index 54bb03a2..c33a7ef6 100644 --- a/manifests/config/common.pp +++ b/manifests/config/common.pp @@ -5,28 +5,28 @@ # # @param version # Version of the st2 package to install -# -# @example Basic Usage -# class { 'st2': -# chatops_hubot_name => '"@RosieRobot"', -# chatops_api_key => '"xxxxyyyyy123abc"', -# chatops_adapter => { -# hubot-adapter => { -# package => 'hubot-rocketchat', -# source => 'git+ssh://git@git.company.com:npm/hubot-rocketchat#master', -# }, -# }, -# chatops_adapter_conf => { -# HUBOT_ADAPTER => 'rocketchat', -# ROCKETCHAT_URL => 'https://chat.company.com', -# ROCKETCHAT_ROOM => 'stackstorm', -# LISTEN_ON_ALL_PUBLIC => 'true', -# ROCKETCHAT_USER => 'st2', -# ROCKETCHAT_PASSWORD => 'secret123', -# ROCKETCHAT_AUTH => 'password', -# RESPOND_TO_DM => 'true', -# }, -# } +# @param conf_dir +# The directory where st2 configs are stored +# @param conf_file +# The path where st2 config is stored +# @param index_url +# URL to custom st2 pack exchange +# @param packs_group +# owner group for packs directory +# @param validate_output_schema +# If output schema for actions/workflows should be validated +# @param manage_nfs_dirs +# If directories that might be shared between nodes should be managed by the module +# @param stanley_user +# name of the stackstorm user +# @param syslog_host +# Syslog host. Default: localhost +# @param syslog_protocol +# Syslog protocol. Default: udp +# @param syslog_port +# Syslog port. Default: 514 +# @param syslog_facility +# Syslog facility. Default: local7 # class st2::config::common ( $version = $st2::version, diff --git a/manifests/config/coordination.pp b/manifests/config/coordination.pp index 1b12879c..0736454f 100644 --- a/manifests/config/coordination.pp +++ b/manifests/config/coordination.pp @@ -1,14 +1,22 @@ -# @summary Common configuration for st2 +# @summary Coordination (Redis) configuration for st2 # # @note This class doesn't need to be invoked directly, instead it's included # by other installation profiles to setup the configuration properly # -# @param version -# Version of the st2 package to install +# @param conf_file +# The path where st2 config is stored +# @param redis_hostname +# Hostname of the redis instance to connect +# @param redis_port +# Port of the redis instance to connect +# @param redis_password +# Password of the redis instance to connect # # @example Basic Usage # class { 'st2': -# chatops_hubot_name => '"@RosieRobot"', +# redis_hostname => 'myredis.server.tld', +# redis_port => '6379', +# redis_password => 'supersecretpassword', # } # class st2::config::coordination ( diff --git a/manifests/config/db.pp b/manifests/config/db.pp index 2ea1a12f..54307fd9 100644 --- a/manifests/config/db.pp +++ b/manifests/config/db.pp @@ -1,15 +1,23 @@ -# @summary Common configuration for st2 +# @summary Database (MongoDB) configuration for st2 # # @note This class doesn't need to be invoked directly, instead it's included # by other installation profiles to setup the configuration properly # -# @param version -# Version of the st2 package to install -# -# @example Basic Usage -# class { 'st2': -# chatops_hubot_name => '"@RosieRobot"', -# } +# @param conf_file +# The path where st2 config is stored +# @param db_host +# Hostname to talk to st2 db +# @param db_port +# Port for db server for st2 to talk to +# @param db_bind_ips +# Array of bind IP addresses for MongoDB to listen on +# @param db_name +# Name of db to connect to (default: 'st2') +# @param db_username +# Username to connect to db with (default: 'stackstorm') +# @param db_password +# Password for 'admin' and 'stackstorm' users in MongDB. +# If 'undef' then use $cli_password # class st2::config::db ( $conf_file = $st2::conf_file, diff --git a/manifests/config/messaging.pp b/manifests/config/messaging.pp index 16967261..8bbd4f3c 100644 --- a/manifests/config/messaging.pp +++ b/manifests/config/messaging.pp @@ -1,15 +1,20 @@ -# @summary Common configuration for st2 +# @summary Messaging (RabbitMQ) configuration for st2 # # @note This class doesn't need to be invoked directly, instead it's included # by other installation profiles to setup the configuration properly # -# @param version -# Version of the st2 package to install -# -# @example Basic Usage -# class { 'st2': -# chatops_hubot_name => '"@RosieRobot"', -# } +# @param conf_file +# The path where st2 config is stored +# @param rabbitmq_username +# Username for the RabbitMQ connection +# @param rabbitmq_password +# Password for the RabbitMQ connection +# @param rabbitmq_hostname +# Hostname for the RabbitMQ connection +# @param rabbitmq_port +# Port for the RabbitMQ connection +# @param rabbitmq_vhost +# Vhost for the RabbitMQ connection # class st2::config::messaging ( $conf_file = $st2::conf_file, diff --git a/manifests/config/runners.pp b/manifests/config/runners.pp index dd6b3d7c..7359b3a5 100644 --- a/manifests/config/runners.pp +++ b/manifests/config/runners.pp @@ -1,3 +1,11 @@ +# @summary Runners (Actionrunner and SensorConainer) configuration for st2 +# +# @note This class doesn't need to be invoked directly, instead it's included +# by other installation profiles to setup the configuration properly +# +# @param actionrunner_workers +# Number of action runners. +# class st2::config::runners ( $actionrunner_workers = $st2::actionrunner_workers, ) inherits st2 { diff --git a/manifests/init.pp b/manifests/init.pp index 3c673d0c..163f2ab1 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -213,6 +213,12 @@ # for NodeJS (default: true) # @param redis_bind_ip # Bind IP of the Redis server. Default is 127.0.0.1 +# @param redis_hostname +# Hostname of the redis instance to connect +# @param redis_port +# Port of the redis instance to connect +# @param redis_password +# Password of the redis instance to connect # @param workflowengine_num # The number of workflowengines to have in an active active state (default: 1) # @param scheduler_num @@ -221,12 +227,28 @@ # The number of rulesengines to have in an active active state (default: 1) # @param notifier_num # The number of notifiers to have in an active active state (default: 1) +# @param rabbitmq_username +# Username for the RabbitMQ connection +# @param rabbitmq_password +# Password for the RabbitMQ connection +# @param rabbitmq_hostname +# Hostname for the RabbitMQ connection +# @param rabbitmq_port +# Port for the RabbitMQ connection +# @param rabbitmq_vhost +# Vhost for the RabbitMQ connection +# @param rabbitmq_bind_ip +# Bind IP for RabbitMQ server # @param erlang_url # The url for the erlang repositiory to be used for rabbitmq # @param erlang_key # The gpg key for the erlang repositiory to be used for rabbitmq # @param validate_output_schema # Enable/disable output schema validation in StackStorm +# @param manage_nfs_dirs +# If directories that might be shared between nodes should be managed by the module +# @param stanley_user +# name of the stackstorm user # # # @example Basic Usage @@ -267,6 +289,7 @@ # class { 'st2': # python_version => $st2_python_version, # } +# class st2( $version = 'present', String $python_version = 'system', @@ -330,8 +353,8 @@ $rabbitmq_password = $st2::params::rabbitmq_password, $rabbitmq_hostname = $st2::params::rabbitmq_hostname, $rabbitmq_port = $st2::params::rabbitmq_port, - $rabbitmq_bind_ip = $st2::params::rabbitmq_bind_ip, $rabbitmq_vhost = $st2::params::rabbitmq_vhost, + $rabbitmq_bind_ip = $st2::params::rabbitmq_bind_ip, $erlang_url = $st2::params::erlang_url, $erlang_key = $st2::params::erlang_key, $erlang_key_id = $st2::params::erlang_key_id, diff --git a/manifests/logging/rsyslog.pp b/manifests/logging/rsyslog.pp index e10ea54a..91c317c1 100644 --- a/manifests/logging/rsyslog.pp +++ b/manifests/logging/rsyslog.pp @@ -6,6 +6,7 @@ # # @example Basic usage # include st2::logging::rsyslog +# class st2::logging::rsyslog { file { '/etc/rsyslog.d/10-st2.conf': ensure => file, diff --git a/manifests/profile/ha.pp b/manifests/profile/ha.pp index 6c58fdb2..651682cd 100644 --- a/manifests/profile/ha.pp +++ b/manifests/profile/ha.pp @@ -1,7 +1,4 @@ -# @summary Profile to install, configure and manage all server components for st2 -# -# @example Basic usage -# include st2::profile::ha +# @summary Base profile to install and configure HA st2 installation # class st2::profile::ha ( ) inherits st2 { diff --git a/manifests/profile/ha/core.pp b/manifests/profile/ha/core.pp index 6dae26af..672e7c8d 100644 --- a/manifests/profile/ha/core.pp +++ b/manifests/profile/ha/core.pp @@ -1,7 +1,7 @@ -# @summary Profile to install, configure and manage all server components for st2 +# @summary Profile to install, configure and manage all core components for st2 # # @example Basic usage -# include st2::profile::server +# include st2::profile::ha::core # class st2::profile::ha::core ( ) inherits st2::profile::ha { diff --git a/manifests/profile/ha/sensor.pp b/manifests/profile/ha/sensor.pp index be990502..d80b8e08 100644 --- a/manifests/profile/ha/sensor.pp +++ b/manifests/profile/ha/sensor.pp @@ -1,4 +1,4 @@ -# @summary Profile to install, configure and manage actionrunner for st2 +# @summary Profile to install, configure and manage sensorcontainer for st2 # # @example Basic usage # include st2::profile::ha::sensor diff --git a/manifests/profile/ha/web.pp b/manifests/profile/ha/web.pp index 5c3e2d4d..e3bf337e 100644 --- a/manifests/profile/ha/web.pp +++ b/manifests/profile/ha/web.pp @@ -1,4 +1,4 @@ -# @summary Profile to install, configure and manage all server components for st2 +# @summary Profile to install, configure and manage all web and api components for st2 # # @example Basic usage # include st2::profile::ha::web From 4bcd54b38f3ea1cfe226967215bc36ecd62a94ce Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 19:43:03 +0100 Subject: [PATCH 34/37] remove unused params from server profile --- manifests/profile/server.pp | 29 ----------------------------- 1 file changed, 29 deletions(-) diff --git a/manifests/profile/server.pp b/manifests/profile/server.pp index f9f47857..9ca49b53 100644 --- a/manifests/profile/server.pp +++ b/manifests/profile/server.pp @@ -4,35 +4,6 @@ # include st2::profile::server # class st2::profile::server ( - $version = $st2::version, - $conf_dir = $st2::conf_dir, - $conf_file = $st2::conf_file, - $auth = $st2::auth, - $actionrunner_workers = $st2::actionrunner_workers, - $syslog = $st2::syslog, - $syslog_host = $st2::syslog_host, - $syslog_port = $st2::syslog_port, - $syslog_facility = $st2::syslog_facility, - $syslog_protocol = $st2::syslog_protocol, - $st2api_listen_ip = '127.0.0.1', - $st2api_listen_port = '9101', - $st2auth_listen_ip = '127.0.0.1', - $st2auth_listen_port = '9100', - $ssh_key_location = $st2::ssh_key_location, - $ng_init = $st2::ng_init, - $db_username = $st2::db_username, - $db_password = $st2::db_password, - $rabbitmq_username = $st2::rabbitmq_username, - $rabbitmq_password = $st2::rabbitmq_password, - $rabbitmq_hostname = $st2::rabbitmq_hostname, - $rabbitmq_port = $st2::rabbitmq_port, - $rabbitmq_vhost = $st2::rabbitmq_vhost, - $redis_hostname = $st2::redis_hostname, - $redis_port = $st2::redis_port, - $redis_password = $st2::redis_password, - $index_url = $st2::index_url, - $packs_group = $st2::packs_group_name, - $validate_output_schema = $st2::validate_output_schema, ) inherits st2 { contain st2::config::common From 5713182fe4a7fbbb514af01c29b9b38a8eab5970 Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Tue, 1 Mar 2022 19:54:32 +0100 Subject: [PATCH 35/37] documentation changes for web/api/auth --- manifests/component/api.pp | 12 +++++++++++- manifests/component/auth.pp | 17 +++++++++++++---- manifests/component/stream.pp | 5 ----- manifests/component/web.pp | 2 ++ 4 files changed, 26 insertions(+), 10 deletions(-) diff --git a/manifests/component/api.pp b/manifests/component/api.pp index 2f807e20..3277bc8e 100644 --- a/manifests/component/api.pp +++ b/manifests/component/api.pp @@ -1,6 +1,7 @@ # @summary Manages the st2api service. # # Normally this class is instantiated by +st2::profile::fullinstall+. +# OR by +st2::profile::ha::web+ # However, advanced users can instantiate this class directly to configure # and manage just the st2api service on a single node. # Parameters for this class mirror the parameters in the st2 config. @@ -12,12 +13,21 @@ # # @example Customizing parameters # class { 'st2::component::api': -# partition_provider => 'name:hash, hash_ranges:0..1024|2048..3072|2147483648..MAX', +# st2api_listen_ip => '127.0.0.1', +# st2api_listen_port => '9201', # } # # @param partition_provider # partition_provider for distribution strategy of sensors. # @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# @param conf_file +# Path to st2 conf file +# @param api_services +# List of services for API +# @param st2api_listen_ip +# IP to bind API server +# @param st2api_listen_port +# Port to bind API server # class st2::component::api ( $conf_file = $st2::conf_file, diff --git a/manifests/component/auth.pp b/manifests/component/auth.pp index 99eca071..1d2edd37 100644 --- a/manifests/component/auth.pp +++ b/manifests/component/auth.pp @@ -1,6 +1,7 @@ # @summary Manages the st2auth service. # # Normally this class is instantiated by +st2::profile::fullinstall+. +# OR by +st2::profile::ha::web+ # However, advanced users can instantiate this class directly to configure # and manage just the st2auth service on a single node. # Parameters for this class mirror the parameters in the st2 config. @@ -12,12 +13,20 @@ # # @example Customizing parameters # class { 'st2::component::auth': -# partition_provider => 'name:hash, hash_ranges:0..1024|2048..3072|2147483648..MAX', +# st2auth_listen_ip => '127.0.0.1', +# st2auth_listen_port => '9200', # } # -# @param partition_provider -# partition_provider for distribution strategy of sensors. -# @see https://docs.stackstorm.com/reference/sensor_partitioning.html +# @param conf_file +# Path to st2 conf file +# @param auth +# Enable or disable auth (default: true) +# @param st2auth_listen_ip +# IP to bind Auth server +# @param st2auth_listen_port +# Port to bind Auth server +# @param auth_services +# List of services for Auth # class st2::component::auth ( $conf_file = $st2::conf_file, diff --git a/manifests/component/stream.pp b/manifests/component/stream.pp index 1645d454..85717da0 100644 --- a/manifests/component/stream.pp +++ b/manifests/component/stream.pp @@ -11,11 +11,6 @@ # @example Basic usage # include st2::component::stream # -# @example Customizing parameters -# class { 'st2::component::stream': -# partition_provider => 'name:hash, hash_ranges:0..1024|2048..3072|2147483648..MAX', -# } -# # @param conf_file # Path to st2 conf file # @param stream_services diff --git a/manifests/component/web.pp b/manifests/component/web.pp index 4baaa0ac..e8332f66 100644 --- a/manifests/component/web.pp +++ b/manifests/component/web.pp @@ -1,5 +1,7 @@ # @summary Profile to install, configure and manage StackStorm web UI (st2web). # +# This component gets installed by +st2::profile::ha::web+ +# # @param nginx_ssl_ciphers # String or list of strings of acceptable SSL ciphers to configure nginx with. # @see http://nginx.org/en/docs/http/ngx_http_ssl_module.html From a8f0ac55004f5df41dcc63b661e1ed141c71230c Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Wed, 8 Jun 2022 16:10:22 +0200 Subject: [PATCH 36/37] fix broken merge --- manifests/init.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/init.pp b/manifests/init.pp index f5b4f54c..0771d88e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -343,6 +343,8 @@ $ng_init = true, $datastore_keys_dir = $st2::params::datstore_keys_dir, $datastore_key_path = "${st2::params::datstore_keys_dir}/datastore_key.json", + $nginx_basicstatus_enabled = $st2::params::basicstatus_enabled, + $nginx_basicstatus_port = $st2::params::basicstatus_port, $nginx_manage_repo = true, $nginx_client_max_body_size = $st2::params::nginx_client_max_body_size, $nginx_ssl_ciphers = $st2::params::nginx_ssl_ciphers, From e32055eaba80f203b93495b1bb7f6bcc2c1fae1b Mon Sep 17 00:00:00 2001 From: Ankur Singh Date: Thu, 9 Jun 2022 15:55:51 +0200 Subject: [PATCH 37/37] added ha test in ci integration tests --- .kitchen.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.kitchen.yml b/.kitchen.yml index c70d17ea..91f0c9d6 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -85,6 +85,18 @@ platforms: puppetfile_path: build/rocky8-puppet7/Puppetfile manifest: test/fullinstall_python38.pp + # RockyLinux 8 - Puppet 7 + - name: rocky8-puppet7-hatest + driver: + platform: rockylinux + dockerfile: build/rocky8-puppet7/Dockerfile.kitchen + run_command: /sbin/init + volume: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + provisioner: + puppetfile_path: build/rocky8-puppet7/Puppetfile + manifest: test/fullinstall_hatest.pp + # Ubuntu Bionic with Systemd - Puppet 6 - name: ubuntu18-puppet6 driver: