Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- node t3dcachedb1912 inherits t3SL6_grid {
- # it's a VM in our PSI DMZ Cluster
- include sl6vm
- # Notify the client
- notify { "notify_$title":
- message => "=== FILE === $title"
- }
- service { 'portmap': ensure=> stopped, enable => false }
- service { 'nfslock': ensure=> stopped, enable => false }
- # by Martinelli for Postgresql shared_buffers - Pag 67 Postgresql 9 Admin CookBook
- # kernel.shmmax = 1074000000
- cfile{"/etc/sysctl.conf":
- owner => 'root',
- group => 'root',
- mode => '444'
- }
- # PostgreSQL RPMs - from http://yum.postgresql.org/9.2/redhat/
- file{"/var/log/postgresql.log": ensure => "present", owner=>postgres, group=>postgres, mode=>664}
- cfile{"/etc/logrotate.d/postgres": owner=>root, group=>root, mode=>444, require=>File['/var/log/postgresql.log'] }
- $postgresql92repo="pgdg-sl92-9.2-8"
- package{"$postgresql92repo": ensure => "present", require => File["/etc/sysctl.conf"] } # want to highlight that PG needs right value kernel.shmmax
- package{"postgresql92": ensure => "present", require => Package["${postgresql92repo}"] }
- package{"postgresql92-contrib": ensure => "present", require => Package["${postgresql92repo}"] }
- package{"postgresql92-devel": ensure => "present", require => Package["${postgresql92repo}"] }
- package{"postgresql92-docs": ensure => "present", require => Package["${postgresql92repo}"] }
- package{"postgresql92-libs": ensure => "present", require => Package["${postgresql92repo}"] }
- package{"postgresql92-plperl": ensure => "present", require => Package["${postgresql92repo}"] }
- package{"postgresql92-plpython": ensure => "present", require => Package["${postgresql92repo}"] }
- package{"postgresql92-pltcl": ensure => "present", require => Package["${postgresql92repo}"] }
- package{"postgresql92-server": ensure => "present", require => Package["${postgresql92repo}"] }
- package{"postgresql92-test": ensure => "present", require => Package["${postgresql92repo}"] }
- package{"pgadmin3_92": ensure => "present", require => Package["${postgresql92repo}"] }
- package{"pgadmin3_92-docs": ensure => "present", require => Package["${postgresql92repo}"] }
- cfile{"/etc/profile.d/postgresql92.sh": owner=>root, group=>root, mode=>444, require=>Package['postgresql92'] }
- #############################################################
- # http://www.postgresql.org/docs/9.2/interactive/adminpack.html
- exec{"PGSQL adminpack installation":
- path => ["/usr/bin", "/usr/sbin", "/sbin","/bin" ,"/usr/sbin" ],
- command => "/usr/pgsql-9.2/bin/psql -U postgres -c \"CREATE EXTENSION adminpack;\" && touch /usr/pgsql-9.2/share/extension/adminpack--1.0.sql.was.already.installed.by.puppet",
- onlyif => "pgrep postmaster",
- creates => '/usr/pgsql-9.2/share/extension/adminpack--1.0.sql.was.already.installed.by.puppet',
- logoutput => true,
- }
- # http://www.postgresql.org/docs/9.2/interactive/pgstatstatements.html
- exec{"PGSQL pg_stat_statements installation":
- path => ["/usr/bin", "/usr/sbin", "/sbin","/bin" ,"/usr/sbin" ],
- command => "/usr/pgsql-9.2/bin/psql -U postgres -c \"CREATE EXTENSION pg_stat_statements;\" && touch /usr/pgsql-9.2/share/extension/pg_stat_statements--1.0--1.1.sql.was.already.installed.by.puppet",
- onlyif => "pgrep postmaster",
- creates => '/usr/pgsql-9.2/share/extension/pg_stat_statements--1.0--1.1.sql.was.already.installed.by.puppet',
- logoutput => true,
- }
- #######################
- file {"/postgresql": ensure => directory }
- mount{"/postgresql":
- require => File["/postgresql"],
- device => "/dev/sdb1",
- fstype => "xfs",
- ensure => "mounted",
- options => "rw,noatime,sync,nodev,noexec",
- atboot => true
- }
- file {"/postgresql-backups": ensure => directory }
- mount{"/postgresql-backups":
- require => File["/postgresql"],
- device => "/dev/sdc1",
- fstype => "xfs",
- ensure => "mounted",
- options => "rw,noatime,async,nodev",
- atboot => true
- }
- file{"/postgresql-backups/pgsql_backups": ensure => directory, owner=> root, group => postgres, mode => 775, require => Mount['/postgresql-backups'] }
- # file {"/var/lib/pgsql":
- # ensure => link,
- # target => "/postgresql/pgsql/",
- # require => Mount["/postgresql"]
- # }
- service{"postgresql-9.2":
- ensure => running,
- enable => true,
- hasstatus => true, hasrestart => true,
- require => [Package['postgresql92-server'],Mount["/postgresql"]]
- }
- #
- cfile{"/var/lib/pgsql/9.2/data/postgresql.conf":
- owner => 'root',
- group => 'postgres',
- mode => '440',
- require => [ Mount['/postgresql'],
- Package['postgresql92-server']],
- notify => Service['postgresql-9.2']
- }
- #
- # cfile{"/etc/security/limits.conf":
- # owner => 'root',
- # group => 'root',
- # mode => '400',
- # require => [ Mount['/postgresql'],
- # Package['postgresql-server']],
- # notify => Service['postgresql']
- # }
- file {'/etc/cron.allow':
- content => "root\npostgres\n",
- owner =>'root',
- group =>'root',
- mode=>'400',
- require => Package['cronie']
- }
- file{'/var/lib/pgsql_backups' :
- ensure=>link,
- owner =>'root',
- group =>'postgres',
- mode=>'775',
- target => "/postgresql-backups/pgsql_backups",
- require => [Service['postgresql-9.2'],File['/etc/security/access.conf'],File['/etc/cron.allow'],File['/postgresql-backups/pgsql_backups'],Mount['/postgresql-backups']]
- }
- cfile{'/var/lib/pgsql_backups/dcache-db-backup.sh':
- require => [File['/var/lib/pgsql_backups'],Package['cronie']],
- owner =>'root',
- group =>'postgres',
- mode=>'554'
- }
- cron { 'postgresql-backups':
- ensure => present,
- require => File['/var/lib/pgsql_backups/dcache-db-backup.sh'],
- command => '/var/lib/pgsql_backups/dcache-db-backup.sh 2>&1 | tee /var/lib/pgsql_backups/dcache-db-backup.sh.cron.log',
- user => 'postgres',
- minute => '10',
- hour => '*/12'
- }
- file {'/var/spool/cron/postgres' :
- ensure=> present,
- require => [Cron['postgresql-backups'],Service['postgresql-9.2'],File['/var/lib/pgsql_backups/dcache-db-backup.sh']],
- owner => 'root',
- group => 'postgres',
- mode => '440'
- }
- # PG Auth files ############################
- cfile{"/var/lib/pgsql/9.2/data/pg_hba.conf":
- owner => 'root',
- group => 'postgres',
- mode => '440',
- require => [Package['postgresql92-server'],Mount["/postgresql"]],
- notify => Service['postgresql-9.2']
- }
- cfile{"/var/lib/pgsql/9.2/data/pg_ident.conf":
- owner => 'root',
- group => 'postgres',
- mode => '440',
- require => [Package['postgresql92-server'],Mount["/postgresql"]],
- notify => Service['postgresql-9.2']
- }
- #########################################
- #$dCache1912="dcache-server-1.9.12-23"
- # dCache services
- #package{"${dCache1912}": require => [Service['postgresql-9.2'],File['/var/log/dcache'],File["/usr/bin/java"]], ensure => "present" }
- # gPlazma files
- cfile{"/opt/d-cache/etc/dcachesrm-gplazma.policy": owner => root, group => dcache, mode =>440, require => Package["${dCache1912}"] }
- cfile{"/opt/d-cache/etc/dcache.kpwd": owner => root, group => dcache, mode =>440, require => Package["${dCache1912}"] }
- cfile{"/etc/grid-security/grid-mapfile": owner => root, group => dcache, mode =>440, require => [File['/etc/grid-security'],Package["${dCache1912}"]]}
- # gPlazma dynamic generated files - source is LDAP
- file{"/etc/grid-security/storage-authzdb":
- ensure => link, target => "/opt/d-cache/ldap2grid-vorolemap/storage-authzdb",
- owner => root, group => root,
- require => File['/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py']
- }
- file{"/etc/grid-security/grid-vorolemap":
- ensure => link, target => "/opt/d-cache/ldap2grid-vorolemap/grid-vorolemap",
- owner => root, group => root,
- require => File['/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py'],
- }
- exec{"Dynamic generation of gPlazma auth/authz files from t3ldap01":
- path => ["/usr/bin", "/usr/sbin", "/sbin","/bin" ,"/usr/sbin" ],
- command => "cd /opt/d-cache/ldap2grid-vorolemap/ && /opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py -v -H t3ldap01.psi.ch --output-directory=/opt/d-cache/ldap2grid-vorolemap",
- onlyif => "test -x /opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py",
- logoutput => true,
- #subscribe => File["/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py"],
- #refreshonly => true
- }
- # gPlazma custom T3 ldap logic
- file {'/opt/d-cache/ldap2grid-vorolemap': ensure => directory, owner =>root,group =>dcache,
- mode=>750, require => [File['/etc/grid-security'],Package["${dCache1912}"],File['/opt/d-cache/etc/dcachesrm-gplazma.policy']]}
- cfile{'/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py' : owner =>root,group =>dcache,mode=>544, require => File['/opt/d-cache/ldap2grid-vorolemap']}
- cfile{'/opt/d-cache/ldap2grid-vorolemap/grid-vorolemap_template' : owner =>root,group =>dcache,mode=>444, require => File['/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py']}
- cfile{'/opt/d-cache/ldap2grid-vorolemap/storage-authzdb_template': owner =>root,group =>dcache,mode=>444, require => File['/opt/d-cache/ldap2grid-vorolemap/ldap2grid-vorolemap.py']}
- file{"/pnfs": ensure => directory, owner =>'root',group =>'root',mode=>'755',require=>Service["dcache"] }
- mount { "/pnfs":
- require => [File["/pnfs"],Service["dcache"]],
- device => "localhost:/pnfs",
- fstype => "nfs",
- ensure => "mounted",
- options => "nolock,intr,rw,noac,hard,nfsvers=3",
- atboot => true,
- }
- # dCache chkconfig integration
- #file{"/etc/init.d/dcache": ensure => link, owner => root, group => root, target=> '/opt/d-cache/bin/dcache', require => Package["${dCache1912}"] }
- #exec { "dCache installed into /etc/init.d/ like a common service":
- # path => ["/usr/bin", "/usr/sbin", "/sbin","/bin" ,"/usr/sbin" ],
- # command => "/sbin/chkconfig --add dcache && /sbin/chkconfig dcache on ",
- # onlyif => [ "[ -h /etc/init.d/dcache ] " ], # -l = is the file a symbolic link ?
- # subscribe => File['/etc/init.d/dcache'], # exec will run again just if /etc/init.d/dcache will be updated
- # refreshonly => true,
- # logoutput => true
- #}
- cfile {"/etc/exports" : owner =>root,group =>dcache,mode=>440 }
- #service{"dcache": ensure => running , enable => true, require => [File['/etc/exports'],File['/etc/init.d/dcache']]}
- # dCache admin cell files
- cfile {"/opt/d-cache/etc/authorized_keys" : owner =>root,group =>dcache,mode=>440, require=>Package["${dCache1912}"] }
- cfile {"/opt/d-cache/etc/server_key" : owner =>dcache,group =>root,mode=>600, require=>Package["${dCache1912}"] }
- cfile {"/opt/d-cache/etc/server_key.pub" : owner =>root,group =>dcache,mode=>644, require=>Package["${dCache1912}"] }
- cfile {"/opt/d-cache/etc/host_key" : owner =>dcache,group =>root,mode=>600, require=>Package["${dCache1912}"] }
- cfile {"/opt/d-cache/etc/host_key.pub" : owner =>root,group =>dcache,mode=>440, require=>Package["${dCache1912}"] }
- #cfile {"/opt/d-cache/etc/dcache.conf": owner =>root,group =>dcache,mode=>440, require=>[File['/var/log/dcache'],Package["${dCache1912}"]], notify =>Service['dcache'] }
- #cfile {"/opt/d-cache/etc/layouts/${hostname}.conf" : owner =>root,group =>dcache,mode=>440, require=>File['/opt/d-cache/etc/dcache.conf'], notify =>Service['dcache']}
- # Nagios related
- package{'perl-Time-HiRes':ensure => "present"}
- cfile{'/usr/bin/check_postgres.pl': require => [Package['postgresql92'],Package['nrpe'],Package['nagios-plugins-nrpe'],Package['perl-Time-HiRes']],
- owner => root, group => nagios, mode => 750
- }
- # Chimera Dump logic to dump TOP CMS dirs and TOP CMS Users @ T3
- file { "/opt/d-cache/chimera-dump" : ensure => directory, owner => root, group => root, mode => 755, require =>Package["${dCache1912}"] }
- file { "/var/log/dcache/chimera-dump": ensure => directory, owner => root, group => root, mode => 755, require =>Package["${dCache1912}"] }
- cfile { "/opt/d-cache/chimera-dump/cd_conf.py" : owner => root, group => root, mode => 440, require =>File['/opt/d-cache/chimera-dump','/var/log/dcache/chimera-dump']}
- cfile { "/opt/d-cache/chimera-dump/chimera-dump.py" : owner => root, group => root, mode => 550, require =>File['/opt/d-cache/chimera-dump/cd_conf.py']}
- cfile { "/opt/d-cache/chimera-dump/cms-topdirs-topusers.sh" : owner => root, group => root, mode => 550, require =>File['/opt/d-cache/chimera-dump/chimera-dump.py']}
- file { "/shome":
- ensure => directory,
- require => File["/opt/d-cache/chimera-dump","/var/log/dcache/chimera-dump"] }
- file { "/shome/monuser":
- ensure => directory,
- require => File['/shome'] }
- mount { "/shome/monuser":
- require => File["/shome/monuser"],
- device => "t3fs06:/shome/monuser",
- fstype => "nfs",
- ensure => "mounted",
- options => "nolock,intr,rw,hard,nfsvers=3,async,noatime,noac",
- atboot => true,
- }
- cron { 'chimera-dump':
- ensure => present,
- require => [File['/opt/d-cache/chimera-dump/cms-topdirs-topusers.sh','/var/log/dcache/chimera-dump'],Package['cronie'],File['/etc/cron.allow']],
- command => '/opt/d-cache/chimera-dump/cms-topdirs-topusers.sh',
- user => 'root',
- minute => '10',
- hour => '*/4'
- }
- ##################################################################
- # 18-02-2013
- # needed by Fabio's code /usr/local/monuser/pnfs.usage.PSI.UniZ.ETHZ.ipy to dump /pnfs usage in GB splitted by UniZ, ETHZ, PSI
- package{'python-prettytable':ensure => "present"}
- package{'python-psycopg2' :ensure => "present"}
- file { "/usr/local/monuser": ensure => directory, owner => root, group => root, mode => 555, require =>[ Package['python-prettytable','python-psycopg2' ]] }
- cfile {"/usr/local/monuser/pnfs.usage.PSI.UniZ.ETHZ.py": owner => monuser, group => root, mode => 554 , require =>[ File['/usr/local/monuser']] }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
