Skip to content

Commit

Permalink
add support to use forward-journald. This should fix SIGPIPE's sent t…
Browse files Browse the repository at this point in the history 
…o the daemon
  • Loading branch information
@cristifalcas
cristifalcas committed Jun 13, 2016
1 parent 7bc4b06 commit a3c9a1f
Show file tree
Hide file tree
Showing 7 changed files with 117 additions and 40 deletions.
35 changes: 34 additions & 1 deletion README.md
View file
Expand Up @@ -14,6 +14,39 @@ Or:
class { 'flannel':
etcd_endpoints => "http://${::fqdn}:2379",
etcd_prefix => '/coreos.com/network',
configure_etcd => true,
network => '172.16.0.0/16',
}

Or using certificates:

class { '::etcd':
ensure => 'latest',
etcd_name => $::hostname,
# clients
listen_client_urls => 'https://0.0.0.0:2379',
advertise_client_urls => "https://${::fqdn}:2379",
# clients ssl
cert_file => '/etc/pki/puppet_certs/etcd/public_cert.pem',
key_file => '/etc/pki/puppet_certs/etcd/private_cert.pem',
trusted_ca_file => '/etc/pki/puppet_certs/etcd/ca_cert.pem',
# authorize clients
client_cert_auth => true,
# cluster
initial_cluster => $initial_cluster,
listen_peer_urls => 'https://0.0.0.0:7001',
initial_advertise_peer_urls => "https://${::fqdn}:7001",
# peers ssl
peer_cert_file => '/etc/pki/puppet_certs/etcd/public_cert.pem',
peer_key_file => '/etc/pki/puppet_certs/etcd/private_cert.pem',
peer_trusted_ca_file => '/etc/pki/puppet_certs/etcd/ca_cert.pem',
# authorize peers
peer_client_cert_auth => true,
}

## Journald forward:

The class support a parameter called journald_forward_enable.

This was added because of the PIPE signal that is sent to go programs when systemd-journald dies.

For more information read here: https://github.com/projectatomic/forward-journald
24 changes: 22 additions & 2 deletions manifests/config.pp
View file
@@ -1,22 +1,23 @@
# configures flannel
class flannel::config {

if $::osfamily == 'Debian' {
file { '/etc/flanneld':
ensure => directory,
mode => '0755',
}

file { '/etc/flanneld/flanneld.conf':
ensure => file,
content => template("${module_name}/sysconfig/flanneld.erb"),
mode => '0644',
}

file { '/etc/default/flanneld':
ensure => file,
content => template("${module_name}/default/flanneld.erb"),
mode => '0644',
}
} else { # 'RedHat'
} elsif $::osfamily == 'RedHat' {
file { '/etc/sysconfig/flanneld':
ensure => file,
content => template("${module_name}/sysconfig/flanneld.erb"),
Expand All @@ -40,5 +41,24 @@
command => '/bin/systemctl daemon-reload',
refreshonly => true,
}

if $flannel::journald_forward_enable and $::operatingsystemmajrelease == 7 {
file { '/etc/systemd/system/flannel.service.d':
ensure => 'directory',
owner => 'root',
group => 'root',
mode => '0755',
}
file { '/etc/systemd/system/flannel.service.d/journald.conf':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => template("${module_name}/journald.conf.erb"),
} ~>
Exec['reload systemctl daemon for flannel']
}
} else {
fail("Unsupported OS: ${::osfamily}")
}
}
63 changes: 34 additions & 29 deletions manifests/init.pp
View file
Expand Up @@ -120,39 +120,44 @@
# what port to use for backend communication
# Defaults to 7890
#

# [*journald_forward_enable*]
# Enable log forwarding via journald_forward_enable
#
class flannel (
$ensure = $flannel::params::ensure,
$service_state = $flannel::params::service_state,
$service_enable = $flannel::params::service_enable,
$ensure = $flannel::params::ensure,
$service_state = $flannel::params::service_state,
$service_enable = $flannel::params::service_enable,
# flannel parameters
$manage_docker = $flannel::params::manage_docker,
$alsologtostderr = $flannel::params::alsologtostderr,
$public_ip = $flannel::params::public_ip,
$etcd_endpoints = $flannel::params::etcd_endpoints,
$etcd_prefix = $flannel::params::etcd_prefix,
$etcd_keyfile = $flannel::params::etcd_keyfile,
$etcd_certfile = $flannel::params::etcd_certfile,
$etcd_cafile = $flannel::params::etcd_cafile,
$iface = $flannel::params::iface,
$subnet_dir = $flannel::params::subnet_dir,
$subnet_file = $flannel::params::subnet_file,
$ip_masq = $flannel::params::ip_masq,
$listen = $flannel::params::listen,
$log_dir = $flannel::params::log_dir,
$remote = $flannel::params::remote,
$remote_keyfile = $flannel::params::remote_keyfile,
$remote_certfile = $flannel::params::remote_certfile,
$remote_cafile = $flannel::params::remote_cafile,
$networks = $flannel::params::networks,
$manage_docker = $flannel::params::manage_docker,
$alsologtostderr = $flannel::params::alsologtostderr,
$public_ip = $flannel::params::public_ip,
$etcd_endpoints = $flannel::params::etcd_endpoints,
$etcd_prefix = $flannel::params::etcd_prefix,
$etcd_keyfile = $flannel::params::etcd_keyfile,
$etcd_certfile = $flannel::params::etcd_certfile,
$etcd_cafile = $flannel::params::etcd_cafile,
$iface = $flannel::params::iface,
$subnet_dir = $flannel::params::subnet_dir,
$subnet_file = $flannel::params::subnet_file,
$ip_masq = $flannel::params::ip_masq,
$listen = $flannel::params::listen,
$log_dir = $flannel::params::log_dir,
$remote = $flannel::params::remote,
$remote_keyfile = $flannel::params::remote_keyfile,
$remote_certfile = $flannel::params::remote_certfile,
$remote_cafile = $flannel::params::remote_cafile,
$networks = $flannel::params::networks,
# etcd network definition
$network = $flannel::params::network,
$subnetlen = $flannel::params::subnetlen,
$subnetmin = $flannel::params::subnetmin,
$subnetmax = $flannel::params::subnetmax,
$backend_type = $flannel::params::backend_type,
$backend_port = $flannel::params::backend_port,
$network = $flannel::params::network,
$subnetlen = $flannel::params::subnetlen,
$subnetmin = $flannel::params::subnetmin,
$subnetmax = $flannel::params::subnetmax,
$backend_type = $flannel::params::backend_type,
$backend_port = $flannel::params::backend_port,
$journald_forward_enable = $flannel::params::journald_forward_enable,
) inherits flannel::params {
validate_bool($service_enable, $manage_docker, $alsologtostderr, $journald_forward_enable)

contain flannel::install
contain flannel::config
contain flannel::service
Expand Down
2 changes: 1 addition & 1 deletion manifests/install.pp
View file
@@ -1,4 +1,4 @@
# Installs default flannel packages
class flannel::install {
package { ['flanneld',]: ensure => $flannel::ensure, }
package { [$flannel::package_name]: ensure => $flannel::ensure, }
}
10 changes: 10 additions & 0 deletions manifests/params.pp
View file
Expand Up @@ -4,6 +4,14 @@
$service_state = 'running'
$service_enable = true

if $::osfamily == 'Debian' {
$package_name = 'flanneld'
} elsif $::osfamily == 'RedHat' {
$package_name = 'flannel'
} else {
fail("Unsupported OS: ${::osfamily}")
}

$manage_docker = true
$alsologtostderr = false
$public_ip = undef
Expand All @@ -30,4 +38,6 @@
$subnetmax = undef
$backend_type = 'udp'
$backend_port = 7890

$journald_forward_enable = false
}
16 changes: 9 additions & 7 deletions metadata.json
View file
@@ -1,6 +1,6 @@
{
"name": "cristifalcas-flannel",
"version": "1.2.0",
"version": "1.3.0",
"author": "Cristian Falcas",
"license": "Apache-2.0",
"project_page": "https://github.com/cristifalcas/puppet-flannel",
Expand All @@ -15,7 +15,7 @@
{
"operatingsystem": "RedHat",
"operatingsystemrelease": [
"7"
"6", "7"
]
},
{
Expand Down Expand Up @@ -50,10 +50,12 @@
}
],
"requirements": [],
"dependencies": [
{
"name": "cristifalcas/docker",
"version_requirement": "5.x"
}
"dependencies": [{
"name": "puppetlabs/stdlib",
"version_requirement": ">= 4.6.0 < 5.0.0"
},{
"name": "cristifalcas/docker",
"version_requirement": "5.x"
}
]
}
7 changes: 7 additions & 0 deletions templates/journald.conf.erb
View file
@@ -0,0 +1,7 @@
[Service]
NotifyAccess=all
Type=notify
ExecStart=
ExecStart=-/bin/sh -c "/usr/bin/flanneld -etcd-endpoints=${FLANNEL_ETCD} -etcd-prefix=${FLANNEL_ETCD_KEY} $FLANNEL_OPTIONS 2>&1 | /usr/bin/forward-journald -tag flanneld"
StandardOutput=null
StandardError=null

0 comments on commit a3c9a1f

Please sign in to comment.