Advertisement
fmartinelli

Puppet Example

Feb 27th, 2013
362
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Ruby 15.03 KB | None | 0 0
  1. node t3dcachedb1912  inherits t3SL6_grid  {
  2.  
  3.    # it's a VM in our PSI DMZ Cluster
  4.    include sl6vm
  5.  
  6.    # Notify the client
  7.    notify { "notify_$title":
  8.                  message => "=== FILE === $title"
  9.    }
  10.  
  11.  
  12.    service { 'portmap': ensure=> stopped, enable => false }
  13.    service { 'nfslock': ensure=> stopped, enable => false }
  14.  
  15.    # by Martinelli for Postgresql shared_buffers - Pag 67 Postgresql 9 Admin CookBook
  16.    # kernel.shmmax = 1074000000
  17.    cfile{"/etc/sysctl.conf":
  18.              owner => 'root',
  19.              group => 'root',
  20.              mode => '444'
  21.    }
  22.  
  23.    # PostgreSQL RPMs - from http://yum.postgresql.org/9.2/redhat/
  24.    file{"/var/log/postgresql.log":          ensure => "present", owner=>postgres, group=>postgres, mode=>664}
  25.    cfile{"/etc/logrotate.d/postgres":       owner=>root, group=>root, mode=>444, require=>File['/var/log/postgresql.log'] }
  26.    $postgresql92repo="pgdg-sl92-9.2-8"
  27.    package{"$postgresql92repo":          ensure => "present", require => File["/etc/sysctl.conf"] } # want to highlight that PG needs right value kernel.shmmax
  28.    package{"postgresql92":          ensure => "present", require => Package["${postgresql92repo}"] }
  29.    package{"postgresql92-contrib":  ensure => "present", require => Package["${postgresql92repo}"] }
  30.    package{"postgresql92-devel":    ensure => "present", require => Package["${postgresql92repo}"] }
  31.    package{"postgresql92-docs":     ensure => "present", require => Package["${postgresql92repo}"] }
  32.    package{"postgresql92-libs":     ensure => "present", require => Package["${postgresql92repo}"] }
  33.  
  34.    package{"postgresql92-plperl":   ensure => "present", require => Package["${postgresql92repo}"] }
  35.    package{"postgresql92-plpython": ensure => "present", require => Package["${postgresql92repo}"] }
  36.    package{"postgresql92-pltcl":    ensure => "present", require => Package["${postgresql92repo}"] }
  37.                                                    
  38.    package{"postgresql92-server":   ensure => "present", require => Package["${postgresql92repo}"] }
  39.                                                                    
  40.    package{"postgresql92-test":     ensure => "present", require => Package["${postgresql92repo}"] }
  41.  
  42.    package{"pgadmin3_92":             ensure => "present", require => Package["${postgresql92repo}"] }
  43.    package{"pgadmin3_92-docs":        ensure => "present", require => Package["${postgresql92repo}"] }
  44.  
  45.    cfile{"/etc/profile.d/postgresql92.sh":   owner=>root, group=>root, mode=>444, require=>Package['postgresql92'] }
  46.    #############################################################
  47.  
  48.    # http://www.postgresql.org/docs/9.2/interactive/adminpack.html
  49.    exec{"PGSQL adminpack installation":
  50.         path => ["/usr/bin", "/usr/sbin", "/sbin","/bin" ,"/usr/sbin" ],
  51.         command => "/usr/pgsql-9.2/bin/psql -U postgres -c \"CREATE EXTENSION adminpack;\" && touch /usr/pgsql-9.2/share/extension/adminpack--1.0.sql.was.already.installed.by.puppet",
  52.         onlyif => "pgrep postmaster",
  53.         creates => '/usr/pgsql-9.2/share/extension/adminpack--1.0.sql.was.already.installed.by.puppet',
  54.         logoutput => true,
  55.    }
  56.    # http://www.postgresql.org/docs/9.2/interactive/pgstatstatements.html
  57.    exec{"PGSQL pg_stat_statements installation":
  58.         path => ["/usr/bin", "/usr/sbin", "/sbin","/bin" ,"/usr/sbin" ],
  59.         command => "/usr/pgsql-9.2/bin/psql -U postgres -c \"CREATE EXTENSION pg_stat_statements;\" && touch /usr/pgsql-9.2/share/extension/pg_stat_statements--1.0--1.1.sql.was.already.installed.by.puppet",
  60.         onlyif => "pgrep postmaster",
  61.         creates => '/usr/pgsql-9.2/share/extension/pg_stat_statements--1.0--1.1.sql.was.already.installed.by.puppet',
  62.         logoutput => true,
  63.    }
  64.    #######################
  65.  
  66.    file {"/postgresql": ensure => directory }
  67.  
  68.    mount{"/postgresql":
  69.               require => File["/postgresql"],
  70.               device => "/dev/sdb1",
  71.               fstype => "xfs",
  72.               ensure => "mounted",
  73.               options => "rw,noatime,sync,nodev,noexec",
  74.               atboot => true
  75.    }
  76.  
  77.  
  78.    file {"/postgresql-backups": ensure => directory }
  79.  
  80.    mount{"/postgresql-backups":
  81.               require => File["/postgresql"],
  82.               device => "/dev/sdc1",
  83.               fstype => "xfs",
  84.               ensure => "mounted",
  85.               options => "rw,noatime,async,nodev",
  86.               atboot => true
  87.    }
  88.    file{"/postgresql-backups/pgsql_backups": ensure => directory, owner=> root, group => postgres, mode => 775, require => Mount['/postgresql-backups']  }
  89.  
  90. #   file {"/var/lib/pgsql":
  91. #              ensure => link,
  92. #              target => "/postgresql/pgsql/",
  93. #              require  => Mount["/postgresql"]
  94. #   }
  95.  
  96.    service{"postgresql-9.2":  
  97.            ensure => running,
  98.            enable => true,
  99.            hasstatus => true, hasrestart => true,
  100.            require => [Package['postgresql92-server'],Mount["/postgresql"]]
  101.    }
  102. #
  103.    cfile{"/var/lib/pgsql/9.2/data/postgresql.conf":
  104.           owner => 'root',
  105.           group => 'postgres',
  106.           mode => '440',
  107.           require => [ Mount['/postgresql'],
  108.                        Package['postgresql92-server']],
  109.           notify => Service['postgresql-9.2']
  110.    }
  111. #
  112. #   cfile{"/etc/security/limits.conf":
  113. #         owner => 'root',
  114. #         group => 'root',
  115. #         mode => '400',
  116. #         require => [ Mount['/postgresql'],
  117. #                      Package['postgresql-server']],
  118. #         notify => Service['postgresql']
  119. #   }
  120.    
  121.    file {'/etc/cron.allow':
  122.           content => "root\npostgres\n",
  123.           owner =>'root',
  124.           group =>'root',
  125.           mode=>'400',
  126.           require => Package['cronie']
  127.    }
  128.  
  129.    file{'/var/lib/pgsql_backups' :
  130.           ensure=>link,
  131.           owner =>'root',
  132.           group =>'postgres',
  133.           mode=>'775',
  134.           target => "/postgresql-backups/pgsql_backups",
  135.           require => [Service['postgresql-9.2'],File['/etc/security/access.conf'],File['/etc/cron.allow'],File['/postgresql-backups/pgsql_backups'],Mount['/postgresql-backups']]
  136.    }
  137.  
  138.    cfile{'/var/lib/pgsql_backups/dcache-db-backup.sh':
  139.           require => [File['/var/lib/pgsql_backups'],Package['cronie']],
  140.           owner =>'root',
  141.           group =>'postgres',
  142.           mode=>'554'
  143.    }      
  144.  
  145.    cron { 'postgresql-backups':
  146.           ensure => present,
  147.           require => File['/var/lib/pgsql_backups/dcache-db-backup.sh'],
  148.           command => '/var/lib/pgsql_backups/dcache-db-backup.sh  2>&1 | tee /var/lib/pgsql_backups/dcache-db-backup.sh.cron.log',
  149.           user => 'postgres',
  150.           minute => '10',
  151.           hour =>  '*/12'
  152.    }
  153.  
  154.    file {'/var/spool/cron/postgres' :
  155.           ensure=> present,
  156.           require => [Cron['postgresql-backups'],Service['postgresql-9.2'],File['/var/lib/pgsql_backups/dcache-db-backup.sh']],
  157.           owner => 'root',
  158.           group => 'postgres',
  159.           mode => '440'
  160.    }  
  161.  
  162.    #  PG Auth files ############################
  163.    cfile{"/var/lib/pgsql/9.2/data/pg_hba.conf":
  164.           owner => 'root',
  165.           group => 'postgres',
  166.           mode => '440',
  167.           require => [Package['postgresql92-server'],Mount["/postgresql"]],
  168.           notify => Service['postgresql-9.2']
  169.    }
  170.  
  171.    cfile{"/var/lib/pgsql/9.2/data/pg_ident.conf":
  172.           owner => 'root',
  173.           group => 'postgres',
  174.           mode => '440',
  175.           require => [Package['postgresql92-server'],Mount["/postgresql"]],
  176.           notify => Service['postgresql-9.2']
  177.    }
  178.    #########################################
  179.  
  180.    #$dCache1912="dcache-server-1.9.12-23"
  181.  
  182.    # dCache services
  183.    #package{"${dCache1912}": require => [Service['postgresql-9.2'],File['/var/log/dcache'],File["/usr/bin/java"]], ensure => "present"  }
  184.  
  185.    # gPlazma files
  186.    cfile{"/opt/d-cache/etc/dcachesrm-gplazma.policy":    owner => root, group => dcache, mode =>440, require => Package["${dCache1912}"] }
  187.    cfile{"/opt/d-cache/etc/dcache.kpwd":                 owner => root, group => dcache, mode =>440, require => Package["${dCache1912}"] }
  188.    cfile{"/etc/grid-security/grid-mapfile":    owner => root, group => dcache, mode =>440, require => [File['/etc/grid-security'],Package["${dCache1912}"]]}
  189.  
  190.    # gPlazma dynamic generated files - source is LDAP
  191.    file{"/etc/grid-security/storage-authzdb":
  192.              ensure => link, target => "/opt/d-cache/ldap2grid-vorolemap/storage-authzdb",
  193.              owner => root, group => root,
  194.              require => File['/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py']
  195.    }
  196.    file{"/etc/grid-security/grid-vorolemap":
  197.              ensure => link, target => "/opt/d-cache/ldap2grid-vorolemap/grid-vorolemap",
  198.              owner => root, group => root,
  199.              require => File['/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py'],
  200.    }
  201.  
  202.    exec{"Dynamic generation of gPlazma auth/authz files from t3ldap01":
  203.              path => ["/usr/bin", "/usr/sbin", "/sbin","/bin" ,"/usr/sbin" ],
  204.              command => "cd /opt/d-cache/ldap2grid-vorolemap/ && /opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py -v -H t3ldap01.psi.ch --output-directory=/opt/d-cache/ldap2grid-vorolemap",
  205.              onlyif => "test -x /opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py",
  206.              logoutput => true,
  207.              #subscribe   => File["/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py"],
  208.              #refreshonly => true
  209.    }
  210.  
  211.    # gPlazma custom T3 ldap logic
  212.    file {'/opt/d-cache/ldap2grid-vorolemap': ensure => directory, owner =>root,group =>dcache,
  213.           mode=>750, require => [File['/etc/grid-security'],Package["${dCache1912}"],File['/opt/d-cache/etc/dcachesrm-gplazma.policy']]}
  214.    cfile{'/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py'  : owner =>root,group =>dcache,mode=>544, require => File['/opt/d-cache/ldap2grid-vorolemap']}
  215.    cfile{'/opt/d-cache/ldap2grid-vorolemap/grid-vorolemap_template' : owner =>root,group =>dcache,mode=>444, require => File['/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py']}
  216.    cfile{'/opt/d-cache/ldap2grid-vorolemap/storage-authzdb_template': owner =>root,group =>dcache,mode=>444, require => File['/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py']}
  217.  
  218.    file{"/pnfs": ensure => directory, owner =>'root',group =>'root',mode=>'755',require=>Service["dcache"]  }
  219.    mount { "/pnfs":
  220.           require => [File["/pnfs"],Service["dcache"]],
  221.           device => "localhost:/pnfs",
  222.           fstype => "nfs",
  223.           ensure => "mounted",
  224.           options => "nolock,intr,rw,noac,hard,nfsvers=3",
  225.           atboot => true,
  226.    }
  227.  
  228.    # dCache chkconfig integration
  229.    #file{"/etc/init.d/dcache": ensure => link, owner => root, group => root, target=> '/opt/d-cache/bin/dcache', require => Package["${dCache1912}"] }
  230.    #exec { "dCache installed into /etc/init.d/ like a common service":
  231.    #     path => ["/usr/bin", "/usr/sbin", "/sbin","/bin" ,"/usr/sbin" ],
  232.    #     command => "/sbin/chkconfig --add dcache && /sbin/chkconfig dcache on ",
  233.    #     onlyif => [ "[ -h /etc/init.d/dcache ] " ],   # -l = is the file a symbolic link ?
  234.    #     subscribe => File['/etc/init.d/dcache'],      # exec will run again just if /etc/init.d/dcache will be updated
  235.    #     refreshonly => true,
  236.    #     logoutput => true
  237.    #}
  238.    
  239.    cfile {"/etc/exports" :           owner =>root,group =>dcache,mode=>440  }
  240.  
  241.  
  242.    #service{"dcache": ensure => running , enable => true, require => [File['/etc/exports'],File['/etc/init.d/dcache']]}
  243.  
  244.    # dCache admin cell files
  245.    cfile {"/opt/d-cache/etc/authorized_keys" : owner =>root,group =>dcache,mode=>440, require=>Package["${dCache1912}"] }
  246.    cfile {"/opt/d-cache/etc/server_key" :      owner =>dcache,group =>root,mode=>600, require=>Package["${dCache1912}"] }
  247.    cfile {"/opt/d-cache/etc/server_key.pub" :  owner =>root,group =>dcache,mode=>644, require=>Package["${dCache1912}"] }
  248.    cfile {"/opt/d-cache/etc/host_key" :        owner =>dcache,group =>root,mode=>600, require=>Package["${dCache1912}"] }
  249.    cfile {"/opt/d-cache/etc/host_key.pub" :    owner =>root,group =>dcache,mode=>440, require=>Package["${dCache1912}"] }
  250.    #cfile {"/opt/d-cache/etc/dcache.conf":    owner =>root,group =>dcache,mode=>440, require=>[File['/var/log/dcache'],Package["${dCache1912}"]], notify =>Service['dcache'] }
  251.  
  252.    #cfile {"/opt/d-cache/etc/layouts/${hostname}.conf" :    owner =>root,group =>dcache,mode=>440, require=>File['/opt/d-cache/etc/dcache.conf'], notify =>Service['dcache']}
  253.  
  254.  
  255.    # Nagios related
  256.    package{'perl-Time-HiRes':ensure => "present"}
  257.    cfile{'/usr/bin/check_postgres.pl': require => [Package['postgresql92'],Package['nrpe'],Package['nagios-plugins-nrpe'],Package['perl-Time-HiRes']],
  258.          owner => root, group => nagios, mode => 750
  259.    }
  260.  
  261.    # Chimera Dump logic to dump TOP CMS dirs and TOP CMS Users @ T3
  262.    file { "/opt/d-cache/chimera-dump"   : ensure => directory, owner => root, group => root, mode => 755, require =>Package["${dCache1912}"] }
  263.    file { "/var/log/dcache/chimera-dump": ensure => directory, owner => root, group => root, mode => 755, require =>Package["${dCache1912}"] }
  264.    cfile { "/opt/d-cache/chimera-dump/cd_conf.py" :              owner => root, group => root, mode => 440, require =>File['/opt/d-cache/chimera-dump','/var/log/dcache/chimera-dump']}
  265.    cfile { "/opt/d-cache/chimera-dump/chimera-dump.py" :         owner => root, group => root, mode => 550, require =>File['/opt/d-cache/chimera-dump/cd_conf.py']}
  266.    cfile { "/opt/d-cache/chimera-dump/cms-topdirs-topusers.sh" : owner => root, group => root, mode => 550, require =>File['/opt/d-cache/chimera-dump/chimera-dump.py']}
  267.    file { "/shome":
  268.           ensure => directory,
  269.           require => File["/opt/d-cache/chimera-dump","/var/log/dcache/chimera-dump"] }
  270.    file { "/shome/monuser":
  271.           ensure => directory,
  272.           require => File['/shome'] }
  273.    mount { "/shome/monuser":
  274.       require => File["/shome/monuser"],
  275.       device => "t3fs06:/shome/monuser",
  276.       fstype => "nfs",
  277.       ensure => "mounted",
  278.       options => "nolock,intr,rw,hard,nfsvers=3,async,noatime,noac",
  279.       atboot => true,
  280.    }
  281.    cron { 'chimera-dump':
  282.           ensure => present,
  283.           require => [File['/opt/d-cache/chimera-dump/cms-topdirs-topusers.sh','/var/log/dcache/chimera-dump'],Package['cronie'],File['/etc/cron.allow']],
  284.           command => '/opt/d-cache/chimera-dump/cms-topdirs-topusers.sh',
  285.           user => 'root',
  286.           minute => '10',
  287.           hour =>  '*/4'
  288.    }
  289.    ##################################################################
  290.  
  291.    # 18-02-2013
  292.    # needed by Fabio's code /usr/local/monuser/pnfs.usage.PSI.UniZ.ETHZ.ipy to dump /pnfs usage in GB splitted by UniZ, ETHZ, PSI
  293.    package{'python-prettytable':ensure => "present"}
  294.    package{'python-psycopg2'   :ensure => "present"}
  295.  
  296.    file { "/usr/local/monuser": ensure => directory, owner => root, group => root, mode => 555, require =>[ Package['python-prettytable','python-psycopg2' ]] }
  297.    cfile {"/usr/local/monuser/pnfs.usage.PSI.UniZ.ETHZ.py": owner => monuser, group => root, mode => 554 , require =>[ File['/usr/local/monuser']] }
  298.  
  299. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement