From 33fc25db8ba9e2432ba77282d42f99b0b0f809f0 Mon Sep 17 00:00:00 2001 From: Jeremy MAURO Date: Wed, 31 May 2017 03:29:18 +0200 Subject: [PATCH] Add systemd for pdns_authoritative STATE: - Currently, systemd is not handle for 'pdns' - Kitchen-dokken test are failing for 'authoritative-postgres-centos-6' CAUSE: - systemd is not the current target for the cookbook mainteners - The 'postgres' cookbook does fail the first run when used for CentOS 6 Ref: https://github.com/sous-chefs/postgresql/issues/421 - kitchen-dokken does not provide a correct 'retry' feature: PR has been filled: https://github.com/someara/kitchen-dokken/pull/110 - Inspec 'process' resource has issue with partial match: https://github.com/chef/inspec/issues/1497 https://github.com/chef/inspec/issues/1867 FIX: - Add in '.kitchen.yml' a 'max_retries' value for handling 'posgresql' failure for CentOS 6 - Add helper: 'PdnsAuthoritativeResource' - Convert 'default_authoritative_config_directory' to module_function to be used in the test cookbooks - Change 'socket-dir' right to allow systemd to start - Change 'pdns_authoritative_config' namespace to 'pdns-INSTANCE_NAME' and update rspec tests and cookbook pdns_test to reflect that - Remove init scripts for sysvinit and use the default implementation of powerdns virtual use (link creation) - Create 'pdns_authoritative_service_systemd' resource - Create 'pdns_authoritative_service_sysvint' resource - Add 'mock_service_resource_providers' - Update rspec tests for handling 'sysvinit' and 'systemd' resources - Remove 'pdns_authoritative_service_rhel_sysvinit' and 'pdns_authoritative_service_debian_sysvinit' resources - Fix recipe 'authoritative_install_single_postgres' (pdns_test) - Update inspec tests - Add new inspec helper function to determine if systemd is used or not ('systemd_is_init?') - Add new inspec helper function to get powerdns process name according init system ('check_process_name') - Update '.kitchen.dokken.yml' to be compliant with systemd Change-Id: Id5ea3264391ab55774c51c1cff1325e9b0f58685 --- .kitchen.dokken.yml | 14 + .kitchen.yml | 19 +- README.md | 2 +- libraries/authoritative_helpers.rb | 57 ---- libraries/helpers.rb | 90 +++++- libraries/recursor_helpers.rb | 47 --- resources/pdns_authoritative_backend.rb | 7 +- resources/pdns_authoritative_config.rb | 13 +- ...s_authoritative_service_debian_sysvinit.rb | 96 ------ ...dns_authoritative_service_rhel_sysvinit.rb | 93 ------ .../pdns_authoritative_service_systemd.rb | 79 +++++ .../pdns_authoritative_service_sysvinit.rb | 92 ++++++ resources/pdns_recursor_config.rb | 3 +- resources/pdns_recursor_install_debian.rb | 2 +- resources/pdns_recursor_install_rhel.rb | 2 +- resources/pdns_recursor_service_systemd.rb | 20 +- resources/pdns_recursor_service_sysvinit.rb | 15 +- spec/spec_helper.rb | 6 +- .../unit/recipes/authoritative_debian_spec.rb | 31 +- spec/unit/recipes/authoritative_rhel_spec.rb | 33 ++- spec/unit/recipes/recursor_debian_spec.rb | 34 ++- spec/unit/recipes/recursor_rhel_spec.rb | 37 ++- .../default/authoritative.init.debian.erb | 273 ------------------ templates/default/authoritative.init.rhel.erb | 211 -------------- .../recipes/authoritative_install_multi.rb | 7 +- .../authoritative_install_single_postgres.rb | 4 +- .../authoritative-multi/default_spec.rb | 9 +- .../authoritative-postgres/default_spec.rb | 4 +- .../recursor-multi/default_spec.rb | 5 +- test/libraries/helpers.rb | 32 ++ 30 files changed, 460 insertions(+), 877 deletions(-) delete mode 100644 libraries/authoritative_helpers.rb delete mode 100644 libraries/recursor_helpers.rb delete mode 100644 resources/pdns_authoritative_service_debian_sysvinit.rb delete mode 100644 resources/pdns_authoritative_service_rhel_sysvinit.rb create mode 100644 resources/pdns_authoritative_service_systemd.rb create mode 100644 resources/pdns_authoritative_service_sysvinit.rb delete mode 100644 templates/default/authoritative.init.debian.erb delete mode 100644 templates/default/authoritative.init.rhel.erb diff --git a/.kitchen.dokken.yml b/.kitchen.dokken.yml index ac7e3e93..a28c3189 100644 --- a/.kitchen.dokken.yml +++ b/.kitchen.dokken.yml @@ -8,6 +8,12 @@ transport: provisioner: name: dokken + # On CentOS 6, restart the 'postgres' database could fail the first time so + # let's try twice before failing: + # https://github.com/sous-chefs/postgresql/issues/421 + retry_on_exit_code: + - 1 + max_retries: 2 verifier: name: inspec @@ -23,6 +29,9 @@ platforms: - name: ubuntu-16.04 driver: image: ubuntu:16.04 + pid_one_command: /bin/systemd + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro # required by systemd intermediate_instructions: - RUN /usr/bin/apt-get update - RUN /usr/bin/apt-get install apt-transport-https lsb-release procps net-tools lsof dnsutils -y @@ -38,12 +47,17 @@ platforms: image: centos:7 pid_one_command: /usr/lib/systemd/systemd platform: rhel + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro # required by systemd intermediate_instructions: - RUN yum -y install lsof which systemd-sysv initscripts wget net-tools - name: debian-8 driver: image: debian:8 + pid_one_command: /bin/systemd + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro # required by systemd intermediate_instructions: - RUN /usr/bin/apt-get update - RUN /usr/bin/apt-get install apt-transport-https lsb-release procps net-tools lsof dnsutils -y diff --git a/.kitchen.yml b/.kitchen.yml index cce7813b..2f2b4391 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -4,6 +4,12 @@ driver: provisioner: name: chef_zero + # On CentOS 6, restart the 'postgres' database could fail the first time so + # let's try twice before failing: + # https://github.com/sous-chefs/postgresql/issues/421 + retry_on_exit_code: + - 1 + max_retries: 2 verifier: name: inspec @@ -13,6 +19,7 @@ platforms: - name: ubuntu-14.04 - name: debian-8.7 - name: centos-6.7 + - name: centos-6.9 - name: centos-7.2 suites: @@ -27,11 +34,13 @@ suites: - recipe[pdns_test::authoritative_install_multi] attributes: - name: authoritative-postgres - includes: [ - 'centos-7', - 'debian-8', - 'ubuntu-14.04', - 'ubuntu-16.04' + # On CentOS 6, restart the 'postgres' database could fail the first time so + # let's try twice before failing: + # https://github.com/sous-chefs/postgresql/issues/421 + excludes: [ + 'centos-6.7', + 'centos-6.9', + 'centos-6', # for dokken ] run_list: - recipe[pdns_test::inspec_dependencies] diff --git a/README.md b/README.md index 1b00feb1..e64b7f86 100644 --- a/README.md +++ b/README.md @@ -265,7 +265,7 @@ Creates a init service to manage a PowerDNS authoritative instance. This service | cookbook | String, nil | 'pdns' | No | | source | String, nil | 'authoritative.init.debian.erb' | No | | config_dir | String | see `default_authoritative_config_directory` helper method | Yes | -| socket_dir | String | lazy { |resource| "/var/run/#{resource.instance_name}" } | Yes | +| socket_dir | String | "/var/run/#{instance_name}" | Yes | #### Usage example diff --git a/libraries/authoritative_helpers.rb b/libraries/authoritative_helpers.rb deleted file mode 100644 index 4c62681a..00000000 --- a/libraries/authoritative_helpers.rb +++ /dev/null @@ -1,57 +0,0 @@ -# -# Cookbook Name:: pdns -# Libraries:: authoritive_helpers -# -# Copyright 2014-2017 Aetrion LLC. dba DNSimple -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -def default_authoritative_config_directory - case node['platform_family'] - when 'debian' - '/etc/powerdns' - when 'rhel' - '/etc/pdns' - end -end - -def default_authoritative_run_user - 'pdns' -end - -def backend_package_per_platform - return 'pdns-backend-geo' if node['platform_family'] == 'debian' && new_resource.instance_name == 'geo' - return 'pdns-backend-ldap' if node['platform_family'] == 'debian' && new_resource.instance_name == 'ldap' - return 'pdns-backend-mysql' if node['platform_family'] == 'debian' && new_resource.instance_name == 'mysql' - return 'pdns-backend-pgsql' if node['platform_family'] == 'debian' && new_resource.instance_name == 'postgresql' - return 'pdns-backend-pipe' if node['platform_family'] == 'debian' && new_resource.instance_name == 'pipe' - return 'pdns-backend-sqlite3' if node['platform_family'] == 'debian' && new_resource.instance_name == 'sqlite' - return 'pdns-backend-geoip' if node['platform_family'] == 'debian' && new_resource.instance_name == 'geoip' - return 'pdns-backend-lua' if node['platform_family'] == 'debian' && new_resource.instance_name == 'lua' - return 'pdns-backend-mydns' if node['platform_family'] == 'debian' && new_resource.instance_name == 'mydns' - return 'pdns-backend-odbc' if node['platform_family'] == 'debian' && new_resource.instance_name == 'odbc' - return 'pdns-backend-opendbx' if node['platform_family'] == 'debian' && new_resource.instance_name == 'opendbx' - return 'pdns-backend-remote' if node['platform_family'] == 'debian' && new_resource.instance_name == 'remote' - return 'pdns-backend-tinydns' if node['platform_family'] == 'debian' && new_resource.instance_name == 'tinydns' - - return 'pdns-backend-geo' if node['platform_family'] == 'rhel' && new_resource.instance_name == 'geo' - return 'pdns-backend-ldap' if node['platform_family'] == 'rhel' && new_resource.instance_name == 'ldap' - return 'pdns-backend-lua' if node['platform_family'] == 'rhel' && new_resource.instance_name == 'lua' - return 'pdns-backend-mydns' if node['platform_family'] == 'rhel' && new_resource.instance_name == 'mydns' - return 'pdns-backend-mysql' if node['platform_family'] == 'rhel' && new_resource.instance_name == 'mysql' - return 'pdns-backend-pipe' if node['platform_family'] == 'rhel' && new_resource.instance_name == 'pipe' - return 'pdns-backend-postgresql' if node['platform_family'] == 'rhel' && new_resource.instance_name == 'postgresql' - return 'pdns-backend-remote' if node['platform_family'] == 'rhel' && new_resource.instance_name == 'remote' - return 'pdns-backend-sqlite' if node['platform_family'] == 'rhel' && new_resource.instance_name == 'sqlite' -end diff --git a/libraries/helpers.rb b/libraries/helpers.rb index ca3b85e0..9f895133 100644 --- a/libraries/helpers.rb +++ b/libraries/helpers.rb @@ -16,14 +16,98 @@ # See the License for the specific language governing permissions and # limitations under the License. # -module PdnsResource +module Pdns + # Common helper for PowerDNS cookbook module Helpers def default_user_attributes case node['platform_family'] when 'debian' - { home: '/var/spool/powerdns', shell: '/bin/false' } + Mash.new(home: '/var/spool/powerdns', shell: '/bin/false') when 'rhel' - { home: '/', shell: '/sbin/nologin' } + Mash.new(home: '/', shell: '/sbin/nologin') + end + end + end + + # Helpers method for recursor feature + module PdnsRecursorHelpers + include Pdns::Helpers + + def systemd_name(name = nil) + "pdns-recursor@#{name}" + end + + def sysvinit_name(name = nil) + "pdns_recursor-#{name}" + end + + def default_recursor_run_user + case node['platform_family'] + when 'debian' + 'pdns' + when 'rhel' + 'pdns-recursor' + end + end + + def default_recursor_config_directory + case node['platform_family'] + when 'debian' + '/etc/powerdns' + when 'rhel' + '/etc/pdns-recursor' + end + end + end + + # Helpers method for authoritative feature + module PdnsAuthoritativeHelpers + include Pdns::Helpers + + def systemd_name(name = nil) + "pdns@#{name}" + end + + def sysvinit_name(name = nil) + "pdns_authoritative-#{name}" + end + + def default_authoritative_run_user + 'pdns' + end + + def backend_package_per_platform(instance_name = 'postgresql') + return 'pdns-backend-geo' if node['platform_family'] == 'debian' && instance_name == 'geo' + return 'pdns-backend-ldap' if node['platform_family'] == 'debian' && instance_name == 'ldap' + return 'pdns-backend-mysql ' if node['platform_family'] == 'debian' && instance_name == 'mysql' + return 'pdns-backend-pgsql' if node['platform_family'] == 'debian' && instance_name == 'postgresql' + return 'pdns-backend-pipe' if node['platform_family'] == 'debian' && instance_name == 'pipe' + return 'pdns-backend-sqlite3' if node['platform_family'] == 'debian' && instance_name == 'sqlite' + return 'pdns-backend-geoip' if node['platform_family'] == 'debian' && instance_name == 'geoip' + return 'pdns-backend-lua' if node['platform_family'] == 'debian' && instance_name == 'lua' + return 'pdns-backend-mydns' if node['platform_family'] == 'debian' && instance_name == 'mydns' + return 'pdns-backend-odbc' if node['platform_family'] == 'debian' && instance_name == 'odbc' + return 'pdns-backend-opendbx' if node['platform_family'] == 'debian' && instance_name == 'opendbx' + return 'pdns-backend-remote' if node['platform_family'] == 'debian' && instance_name == 'remote' + return 'pdns-backend-tinydns' if node['platform_family'] == 'debian' && instance_name == 'tinydns' + return 'pdns-backend-geo' if node['platform_family'] == 'rhel' && instance_name == 'geo' + return 'pdns-backend-ldap' if node['platform_family'] == 'rhel' && instance_name == 'ldap' + return 'pdns-backend-lua' if node['platform_family'] == 'rhel' && instance_name == 'lua' + return 'pdns-backend-mydns' if node['platform_family'] == 'rhel' && instance_name == 'mydns' + return 'pdns-backend-mysql' if node['platform_family'] == 'rhel' && instance_name == 'mysql' + return 'pdns-backend-pipe' if node['platform_family'] == 'rhel' && instance_name == 'pipe' + return 'pdns-backend-postgresql' if node['platform_family'] == 'rhel' && instance_name == 'postgresql' + return 'pdns-backend-remote' if node['platform_family'] == 'rhel' && instance_name == 'remote' + return 'pdns-backend-sqlite' if node['platform_family'] == 'rhel' && instance_name == 'sqlite' + end + + module_function + def default_authoritative_config_directory(platform_family = 'rhel') + case platform_family + when 'debian' + '/etc/powerdns' + when 'rhel' + '/etc/pdns' end end end diff --git a/libraries/recursor_helpers.rb b/libraries/recursor_helpers.rb deleted file mode 100644 index 3c2b3ea4..00000000 --- a/libraries/recursor_helpers.rb +++ /dev/null @@ -1,47 +0,0 @@ -# -# Cookbook Name:: pdns -# Libraries:: recursor_helpers -# -# Copyright 2014-2017 Aetrion LLC. dba DNSimple -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -module PdnsRecursorResource - module Helpers - def systemd_name(name = nil) - "pdns-recursor@#{name}" - end - - def sysvinit_name(name = nil) - "pdns-recursor_#{name}" - end - - def default_recursor_config_directory - case node['platform_family'] - when 'debian' - '/etc/powerdns' - when 'rhel' - '/etc/pdns-recursor' - end - end - - def default_recursor_run_user - case node['platform_family'] - when 'debian' - 'pdns' - when 'rhel' - 'pdns-recursor' - end - end - end -end diff --git a/resources/pdns_authoritative_backend.rb b/resources/pdns_authoritative_backend.rb index ecb331f6..bccfedae 100644 --- a/resources/pdns_authoritative_backend.rb +++ b/resources/pdns_authoritative_backend.rb @@ -16,6 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # +include ::Pdns::PdnsAuthoritativeHelpers resource_name :pdns_authoritative_backend @@ -35,14 +36,14 @@ property :version, [String, nil], default: nil action :install do - package backend_package_per_platform do + package backend_package_per_platform(new_resource.instance_name) do + version new_resource.version action :install end end action :uninstall do - apt_package backend_package_per_platform do + package backend_package_per_platform(new_resource.instance_name) do action :remove - version new_resource.version end end diff --git a/resources/pdns_authoritative_config.rb b/resources/pdns_authoritative_config.rb index a8dde58d..e754336e 100644 --- a/resources/pdns_authoritative_config.rb +++ b/resources/pdns_authoritative_config.rb @@ -16,7 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # -include ::PdnsResource::Helpers +include ::Pdns::PdnsAuthoritativeHelpers resource_name :pdns_authoritative_config @@ -34,12 +34,12 @@ property :instance_name, String, name_property: true property :launch, Array, default: ['bind'] -property :config_dir, String, default: lazy { default_authoritative_config_directory } -property :socket_dir, String, default: lazy { |resource| "/var/run/#{resource.instance_name}" } +property :config_dir, String, default: lazy { default_authoritative_config_directory(node['platform_family']) } property :run_group, String, default: lazy { default_authoritative_run_user } property :run_user, String, default: lazy { default_authoritative_run_user } property :run_user_home, String, default: lazy { default_user_attributes[:home] } property :run_user_shell, String, default: lazy { default_user_attributes[:shell] } +property :socket_dir, String, default: lazy { |resource| "/var/run/#{resource.instance_name}" } property :setuid, String, default: lazy { |resource| resource.run_user } property :setgid, String, default: lazy { |resource| resource.run_group } @@ -71,12 +71,15 @@ directory new_resource.socket_dir do owner new_resource.run_user group new_resource.run_group - mode '0755' + # Because of the DynListener creation before dropping privileges, the + # socket-directory has to be '0777' for now + # Issue: https://github.com/PowerDNS/pdns/issues/4826 + mode Chef::Platform::ServiceHelpers.service_resource_providers.include?(:systemd) ? '0777' : '0755' recursive true action :create end - template "#{new_resource.config_dir}/pdns-authoritative_#{new_resource.instance_name}.conf" do + template "#{new_resource.config_dir}/pdns-#{new_resource.instance_name}.conf" do source new_resource.source cookbook new_resource.cookbook owner 'root' diff --git a/resources/pdns_authoritative_service_debian_sysvinit.rb b/resources/pdns_authoritative_service_debian_sysvinit.rb deleted file mode 100644 index ac65fadb..00000000 --- a/resources/pdns_authoritative_service_debian_sysvinit.rb +++ /dev/null @@ -1,96 +0,0 @@ -# -# Cookbook Name:: pdns -# Resources:: pdns_authoritative_service -# -# Copyright 2017, Aetrion, LLC DBA DNSimple -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -include ::PdnsResource::Helpers - -resource_name :pdns_authoritative_service_debian_sysvinit - -provides :pdns_authoritative_service_sysvinit - -provides :pdns_authoritative_service, platform: 'ubuntu' do |node| - node['platform_version'].to_f >= 14.04 -end - -provides :pdns_authoritative_service, platform: 'debian' do |node| - node['platform_version'].to_i >= 8 -end - -property :instance_name, String, name_property: true -property :cookbook, String, default: 'pdns' -property :source, String, default: 'authoritative.init.debian.erb' -property :config_dir, String, default: lazy { default_authoritative_config_directory } -property :socket_dir, String, default: lazy { |resource| "/var/run/#{resource.instance_name}" } - -action :enable do - service 'pdns' do - action [:stop, :disable] - end - - template "/etc/init.d/pdns-authoritative_#{new_resource.instance_name}" do - source new_resource.source - owner 'root' - group 'root' - mode '0755' - variables( - socket_dir: new_resource.socket_dir, - provides: "pdns-authoritative_#{new_resource.instance_name}" - ) - cookbook new_resource.cookbook - action :create - end - - service "pdns-authoritative_#{new_resource.instance_name}" do - provider Chef::Provider::Service::Init::Debian - pattern 'pdns_server' - supports restart: true, status: true - action :enable - end -end - -action :start do - service "pdns-authoritative_#{new_resource.instance_name}" do - provider Chef::Provider::Service::Init::Debian - pattern 'pdns_server' - supports restart: true, status: true - action :start - end -end - -action :stop do - service "pdns-authoritative_#{new_resource.instance_name}" do - provider Chef::Provider::Service::Init::Debian - pattern 'pdns_server' - supports restart: true, status: true - action :stop - end -end - -action :restart do - service "pdns-authoritative_#{new_resource.instance_name}" do - provider Chef::Provider::Service::Init::Debian - pattern 'pdns_server' - supports restart: true, status: true - action :restart - end -end - -action_class.class_eval do - def whyrun_supported? - true - end -end diff --git a/resources/pdns_authoritative_service_rhel_sysvinit.rb b/resources/pdns_authoritative_service_rhel_sysvinit.rb deleted file mode 100644 index 5714b093..00000000 --- a/resources/pdns_authoritative_service_rhel_sysvinit.rb +++ /dev/null @@ -1,93 +0,0 @@ -# -# Cookbook Name:: pdns -# Resources:: pdns_authoritative_service -# -# Copyright 2017, Aetrion, LLC DBA DNSimple -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -include ::PdnsResource::Helpers - -resource_name :pdns_authoritative_service_rhel_sysvinit - -provides :pdns_authoritative_service_sysvinit - -provides :pdns_authoritative_service, platform: 'centos' do |node| - node['platform_version'].to_i >= 6 -end - -property :instance_name, String, name_property: true -property :cookbook, String, default: 'pdns' -property :source, String, default: 'authoritative.init.rhel.erb' -property :config_dir, String, default: lazy { default_authoritative_config_directory } -property :socket_dir, String, default: lazy { |resource| "/var/run/#{resource.instance_name}" } - -action :enable do - service 'pdns' do - provider Chef::Provider::Service::Init::Redhat - action [:stop, :disable] - end - - template "/etc/init.d/pdns-authoritative_#{new_resource.instance_name}" do - source new_resource.source - owner 'root' - group 'root' - mode '0755' - variables( - socket_dir: new_resource.socket_dir, - provides: "pdns-authoritative_#{new_resource.instance_name}" - ) - cookbook new_resource.cookbook - action :create - end - - service "pdns-authoritative_#{new_resource.instance_name}" do - provider Chef::Provider::Service::Init::Redhat - pattern 'pdns_server' - supports restart: true, status: true - action :enable - end -end - -action :start do - service "pdns-authoritative_#{new_resource.instance_name}" do - provider Chef::Provider::Service::Init::Redhat - pattern 'pdns_server' - supports restart: true, status: true - action :start - end -end - -action :stop do - service "pdns-authoritative_#{new_resource.instance_name}" do - provider Chef::Provider::Service::Init::Redhat - pattern 'pdns_server' - supports restart: true, status: true - action :stop - end -end - -action :restart do - service "pdns-authoritative_#{new_resource.instance_name}" do - provider Chef::Provider::Service::Init::Redhat - pattern 'pdns_server' - supports restart: true, status: true - action :restart - end -end - -action_class.class_eval do - def whyrun_supported? - true - end -end diff --git a/resources/pdns_authoritative_service_systemd.rb b/resources/pdns_authoritative_service_systemd.rb new file mode 100644 index 00000000..091b7f3f --- /dev/null +++ b/resources/pdns_authoritative_service_systemd.rb @@ -0,0 +1,79 @@ +# +# Cookbook Name:: pdns +# Resources:: pdns_authoritative_service +# +# Copyright 2017, Aetrion, LLC DBA DNSimple +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +include ::Pdns::PdnsAuthoritativeHelpers + +resource_name :pdns_authoritative_service_systemd + +# Inspired by +# https://github.com/chef/inspec/blob/master/lib/resources/service.rb#L104 +provides :pdns_authoritative_service, os: 'linux' do |node| + case node['platform'] + when 'ubuntu' + node['platform_version'].to_f >= 15.04 + when 'debian' + node['platform_version'].to_i > 7 + when 'redhat', 'centos', 'oracle' + node['platform_version'].to_i >= 7 + when 'fedora' + node['platform_version'].to_i >= 15 + end +end +# The following helper could also be used +# Chef::Platform::ServiceHelpers.service_resource_providers.include?(:systemd) + +property :instance_name, String, name_property: true +property :config_dir, String, default: lazy { default_authoritative_config_directory } + +action :enable do + service 'pdns' do + action [:stop, :disable] + end + + service systemd_name(new_resource.instance_name) do + supports restart: true, status: true + action :enable + end +end + +action :start do + service systemd_name(new_resource.instance_name) do + supports restart: true, status: true + action :start + end +end + +action :stop do + service systemd_name(new_resource.instance_name) do + supports restart: true, status: true + action :stop + end +end + +action :restart do + service systemd_name(new_resource.instance_name) do + supports restart: true, status: true + action :restart + end +end + +action_class.class_eval do + def whyrun_supported? + true + end +end diff --git a/resources/pdns_authoritative_service_sysvinit.rb b/resources/pdns_authoritative_service_sysvinit.rb new file mode 100644 index 00000000..cc365a51 --- /dev/null +++ b/resources/pdns_authoritative_service_sysvinit.rb @@ -0,0 +1,92 @@ +# +# Cookbook Name:: pdns +# Resources:: pdns_authoritative_service +# +# Copyright 2017, Aetrion, LLC DBA DNSimple +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +include ::Pdns::PdnsAuthoritativeHelpers + +resource_name :pdns_authoritative_service_sysvinit + +provides :pdns_authoritative_service, os: 'linux' do |node| + %w[debian rhel].include?(node['platform_family']) +end + +property :instance_name, String, name_property: true +property :cookbook, ['String', 'NilClass'] +property :source, ['String', 'NilClass'] +property :config_dir, String, default: lazy { default_authoritative_config_directory } +property :variables, String + +action :enable do + service 'pdns' do + action [:stop, :disable] + only_if { ::File.exist?('/var/run/pdns.pid') } + end + + sysvinit_script = ::File.join('/etc/init.d', sysvinit_name(new_resource.instance_name)) + if new_resource.source + template sysvinit_script do + source new_resource.source + owner 'root' + group 'root' + mode '0755' + variables( + variables: new_resource.variables + ) + cookbook new_resource.cookbook unless new_resource.cookbook.nil? + action :create + end + else + # Has specified in the PowerDNS documentation, a symlink to the init.d script + # "pdns" should be enough for setting up a Virtual instance: + # https://github.com/PowerDNS/pdns/blob/master/docs/markdown/authoritative/running.md#starting-virtual-instances-with-sysv-init-scripts + link sysvinit_script do + to 'pdns' + end + end + + service sysvinit_name(new_resource.instance_name) do + supports restart: true, status: true + action :enable + end +end + +action :start do + service sysvinit_name(new_resource.instance_name) do + supports restart: true, status: true + action :start + end +end + +action :stop do + service sysvinit_name(new_resource.instance_name) do + supports restart: true, status: true + action :stop + end +end + +action :restart do + service sysvinit_name(new_resource.instance_name) do + supports restart: true, status: true + action :restart + end +end + +action_class.class_eval do + def whyrun_supported? + true + end +end diff --git a/resources/pdns_recursor_config.rb b/resources/pdns_recursor_config.rb index 96d5a98f..522eb5a0 100644 --- a/resources/pdns_recursor_config.rb +++ b/resources/pdns_recursor_config.rb @@ -16,8 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # -include ::PdnsResource::Helpers -include ::PdnsRecursorResource::Helpers +include ::Pdns::PdnsRecursorHelpers resource_name :pdns_recursor_config diff --git a/resources/pdns_recursor_install_debian.rb b/resources/pdns_recursor_install_debian.rb index f8a86e79..dfe349a6 100644 --- a/resources/pdns_recursor_install_debian.rb +++ b/resources/pdns_recursor_install_debian.rb @@ -16,7 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # -include ::PdnsRecursorResource::Helpers +include ::Pdns::PdnsRecursorHelpers resource_name :pdns_recursor_install_debian diff --git a/resources/pdns_recursor_install_rhel.rb b/resources/pdns_recursor_install_rhel.rb index 87241dc7..4901e5a8 100644 --- a/resources/pdns_recursor_install_rhel.rb +++ b/resources/pdns_recursor_install_rhel.rb @@ -16,7 +16,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # -include ::PdnsRecursorResource::Helpers +include ::Pdns::PdnsRecursorHelpers resource_name :pdns_recursor_install_rhel diff --git a/resources/pdns_recursor_service_systemd.rb b/resources/pdns_recursor_service_systemd.rb index bfd60a82..794bf2b8 100644 --- a/resources/pdns_recursor_service_systemd.rb +++ b/resources/pdns_recursor_service_systemd.rb @@ -16,14 +16,26 @@ # See the License for the specific language governing permissions and # limitations under the License. # -include ::PdnsResource::Helpers -include ::PdnsRecursorResource::Helpers +include ::Pdns::PdnsRecursorHelpers resource_name :pdns_recursor_service_systemd -provides :pdns_recursor_service, os: 'linux' do |_node| - Chef::Platform::ServiceHelpers.service_resource_providers.include?(:systemd) +# Inspired by +# https://github.com/chef/inspec/blob/master/lib/resources/service.rb#L104 +provides :pdns_recursor_service, os: 'linux' do |node| + case node['platform'] + when 'ubuntu' + node['platform_version'].to_f >= 15.04 + when 'debian' + node['platform_version'].to_i > 7 + when 'redhat', 'centos', 'oracle' + node['platform_version'].to_i >= 7 + when 'fedora' + node['platform_version'].to_i >= 15 + end end +# The following helper could also be used +# Chef::Platform::ServiceHelpers.service_resource_providers.include?(:systemd) property :instance_name, String, name_property: true property :config_dir, String, default: lazy { default_recursor_config_directory } diff --git a/resources/pdns_recursor_service_sysvinit.rb b/resources/pdns_recursor_service_sysvinit.rb index 2dfa88b2..b3be69aa 100644 --- a/resources/pdns_recursor_service_sysvinit.rb +++ b/resources/pdns_recursor_service_sysvinit.rb @@ -16,21 +16,12 @@ # See the License for the specific language governing permissions and # limitations under the License. # -include ::PdnsResource::Helpers -include ::PdnsRecursorResource::Helpers +include ::Pdns::PdnsRecursorHelpers resource_name :pdns_recursor_service_sysvinit -provides :pdns_recursor_service, platform: 'centos' do |node| # ~FC005 - node['platform_version'].to_i >= 6 -end - -provides :pdns_recursor_service, platform: 'ubuntu' do |node| - node['platform_version'].to_f >= 14.04 -end - -provides :pdns_recursor_service, platform: 'debian' do |node| - node['platform_version'].to_i >= 8 +provides :pdns_recursor_service, os: 'linux' do |node| + %w[debian rhel].include?(node['platform_family']) end property :instance_name, String, name_property: true diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index e6cb9404..50a6674d 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -3,10 +3,6 @@ Dir['libraries/*.rb'].each { |f| require File.expand_path(f) } -RSpec.configure { } - -def mock_service_resource_providers(hints) - allow(Chef::Platform::ServiceHelpers).to receive(:service_resource_providers).and_return(hints) -end +RSpec.configure {} at_exit { ChefSpec::Coverage.report! } diff --git a/spec/unit/recipes/authoritative_debian_spec.rb b/spec/unit/recipes/authoritative_debian_spec.rb index 84597c89..6773b1b3 100644 --- a/spec/unit/recipes/authoritative_debian_spec.rb +++ b/spec/unit/recipes/authoritative_debian_spec.rb @@ -4,6 +4,7 @@ context 'on ubuntu platform' do let(:ubuntu_runner) do ChefSpec::SoloRunner.new( + os: 'linux', platform: 'ubuntu', version: '14.04', step_into: ['pdns_authoritative_install', 'pdns_authoritative_config', 'pdns_authoritative_service']) @@ -12,6 +13,15 @@ let(:chef_run) { ubuntu_runner.converge(described_recipe) } let(:version) { '4.0.4-1pdns.trusty' } + let(:ubuntu_runner_1604) do + ChefSpec::SoloRunner.new( + os: 'linux', + platform: 'ubuntu', + version: '16.04', + step_into: ['pdns_authoritative_install', 'pdns_authoritative_config', 'pdns_authoritative_service']) + end + + let(:chef_run_1604) { ubuntu_runner_1604.converge(described_recipe) } # # Tests for the install resource # @@ -35,13 +45,22 @@ # Tests for the service resource # - it 'creates a specific init script' do - expect(chef_run).to create_template('/etc/init.d/pdns-authoritative_server_01') + it '[sysvinit] creates a specific init script' do + expect(chef_run).to create_link('/etc/init.d/pdns_authoritative-server_01').with(to: 'pdns') + end + + it '[sysvinit] enables and starts pdns_authoritative service' do + expect(chef_run).to enable_service('pdns_authoritative-server_01') + expect(chef_run).to start_service('pdns_authoritative-server_01') + end + + it '[systemd] should not creates a specific init script' do + expect(chef_run_1604).not_to create_link('/etc/init.d/pdns_authoritative-server_01').with(to: 'pdns') end - it 'enables and starts pdns_authoritative service' do - expect(chef_run).to enable_service('pdns-authoritative_server_01').with(pattern: 'pdns_server') - expect(chef_run).to start_service('pdns-authoritative_server_01').with(pattern: 'pdns_server') + it '[systemd] enables and starts pdns_authoritative instance' do + expect(chef_run_1604).to enable_service('pdns@server_01') + expect(chef_run_1604).to start_service('pdns@server_01') end # @@ -64,7 +83,7 @@ end it 'creates a authoritative instance config' do - expect(chef_run).to create_template('/etc/powerdns/pdns-authoritative_server_01.conf') + expect(chef_run).to create_template('/etc/powerdns/pdns-server_01.conf') .with(owner: 'root', group: 'root', mode: '0640') end diff --git a/spec/unit/recipes/authoritative_rhel_spec.rb b/spec/unit/recipes/authoritative_rhel_spec.rb index 2306fbda..19fbfef4 100644 --- a/spec/unit/recipes/authoritative_rhel_spec.rb +++ b/spec/unit/recipes/authoritative_rhel_spec.rb @@ -4,6 +4,7 @@ context 'on rhel platform' do let(:rhel_runner) do ChefSpec::SoloRunner.new( + os: 'linux', platform: 'centos', version: '6.8', step_into: ['pdns_authoritative_install', 'pdns_authoritative_config', 'pdns_authoritative_service']) do |node| @@ -14,6 +15,17 @@ let(:chef_run) { rhel_runner.converge(described_recipe) } let(:version) { '4.0.4-1pdns.el6' } + let(:rhel_runner_7) do + ChefSpec::SoloRunner.new( + os: 'linux', + platform: 'centos', + version: '7.3.1611', + step_into: ['pdns_authoritative_install', 'pdns_authoritative_config', 'pdns_authoritative_service']) do |node| + node.automatic['packages']['centos-release']['version'] = '7' + end + end + + let(:chef_run_7) { rhel_runner_7.converge(described_recipe) } # # Tests for the install resource # @@ -38,13 +50,22 @@ # Tests for the service resource # - it 'creates a specific init script' do - expect(chef_run).to create_template('/etc/init.d/pdns-authoritative_server_01') + it '[sysvinit] creates a specific init script' do + expect(chef_run).to create_link('/etc/init.d/pdns_authoritative-server_01').with(to: 'pdns') + end + + it '[sysvinit] enables and starts pdns_authoritative service' do + expect(chef_run).to enable_service('pdns_authoritative-server_01') + expect(chef_run).to start_service('pdns_authoritative-server_01') + end + + it '[systemd] should not creates a specific init script' do + expect(chef_run_7).not_to create_link('/etc/init.d/pdns_authoritative-server_01').with(to: 'pdns') end - it 'enables and starts pdns_authoritative service' do - expect(chef_run).to enable_service('pdns-authoritative_server_01').with(pattern: 'pdns_server') - expect(chef_run).to start_service('pdns-authoritative_server_01').with(pattern: 'pdns_server') + it '[systemd] enables and starts pdns_authoritative instance' do + expect(chef_run_7).to enable_service('pdns@server_01') + expect(chef_run_7).to start_service('pdns@server_01') end # @@ -67,7 +88,7 @@ end it 'creates a authoritative instance config' do - expect(chef_run).to create_template('/etc/pdns/pdns-authoritative_server_01.conf') + expect(chef_run).to create_template('/etc/pdns/pdns-server_01.conf') .with(owner: 'root', group: 'root', mode: '0640') end diff --git a/spec/unit/recipes/recursor_debian_spec.rb b/spec/unit/recipes/recursor_debian_spec.rb index e67f2928..4e77b981 100644 --- a/spec/unit/recipes/recursor_debian_spec.rb +++ b/spec/unit/recipes/recursor_debian_spec.rb @@ -4,6 +4,7 @@ context 'on ubuntu platform' do let(:ubuntu_runner) do ChefSpec::SoloRunner.new( + os: 'linux', platform: 'ubuntu', version: '14.04', step_into: ['pdns_recursor_install', 'pdns_recursor_config', 'pdns_recursor_service']) @@ -12,6 +13,15 @@ let(:chef_run) { ubuntu_runner.converge(described_recipe) } let(:version) { '4.0.5-1pdns.trusty' } + let(:ubuntu_runner_1604) do + ChefSpec::SoloRunner.new( + os: 'linux', + platform: 'ubuntu', + version: '16.04', + step_into: ['pdns_recursor_install', 'pdns_recursor_config', 'pdns_recursor_service']) + end + + let(:chef_run_1604) { ubuntu_runner_1604.converge(described_recipe) } # # Tests for the install resource # @@ -35,26 +45,22 @@ # Tests for the service resource # - it 'creates a specific init script (SysVinit)' do - mock_service_resource_providers(%i{debian upstart}) - expect(chef_run).to create_template('/etc/init.d/pdns-recursor_server_01') + it '[sysvinit] creates a specific init script' do + expect(chef_run).to create_template('/etc/init.d/pdns_recursor-server_01') end - it 'enables and starts pdns_recursor service (SysVinit)' do - mock_service_resource_providers(%i{debian upstart}) - expect(chef_run).to enable_service('pdns-recursor_server_01') - expect(chef_run).to start_service('pdns-recursor_server_01') + it '[sysvinit] enables and starts pdns_recursor service' do + expect(chef_run).to enable_service('pdns_recursor-server_01') + expect(chef_run).to start_service('pdns_recursor-server_01') end - it 'should not creates any specific init script (Systemd)' do - mock_service_resource_providers(%i{systemd}) - expect(chef_run).not_to create_template('/etc/init.d/pdns-recursor_server_01') + it '[systemd] should not creates any specific init script' do + expect(chef_run_1604).not_to create_template('/etc/init.d/pdns_recursor-server_01') end - it 'enables and starts pdns_recursor instance (Systemd)' do - mock_service_resource_providers(%i{systemd}) - expect(chef_run).to enable_service('pdns-recursor@server_01') - expect(chef_run).to start_service('pdns-recursor@server_01') + it '[systemd] enables and starts pdns_recursor instance' do + expect(chef_run_1604).to enable_service('pdns-recursor@server_01') + expect(chef_run_1604).to start_service('pdns-recursor@server_01') end # # Tests for the config resource diff --git a/spec/unit/recipes/recursor_rhel_spec.rb b/spec/unit/recipes/recursor_rhel_spec.rb index 081cb802..66f1fa08 100644 --- a/spec/unit/recipes/recursor_rhel_spec.rb +++ b/spec/unit/recipes/recursor_rhel_spec.rb @@ -4,6 +4,7 @@ context 'on rhel platform' do let(:rhel_runner) do ChefSpec::SoloRunner.new( + os: 'linux', platform: 'centos', version: '6.8', step_into: ['pdns_recursor_install', 'pdns_recursor_config', 'pdns_recursor_service']) do |node| @@ -14,6 +15,18 @@ let(:chef_run) { rhel_runner.converge(described_recipe) } let(:version) { '4.0.5-1pdns.el6' } + let(:rhel_runner_7) do + ChefSpec::SoloRunner.new( + os: 'linux', + platform: 'centos', + version: '7.2.1511', + step_into: ['pdns_recursor_install', 'pdns_recursor_config', 'pdns_recursor_service']) do |node| + node.automatic['packages']['centos-release']['version'] = '7' + end + end + + let(:chef_run_7) { rhel_runner_7.converge(described_recipe) } + # # Tests for the install resource # @@ -38,26 +51,22 @@ # Tests for the service resource # - it 'creates a specific init script (SysVinit)' do - mock_service_resource_providers(%i{redhat upstart}) - expect(chef_run).to create_template('/etc/init.d/pdns-recursor_server_01') + it '[sysvinit] creates a specific init script' do + expect(chef_run).to create_template('/etc/init.d/pdns_recursor-server_01') end - it 'enables and starts pdns_recursor service (SysVinit)' do - mock_service_resource_providers(%i{redhat upstart}) - expect(chef_run).to enable_service('pdns-recursor_server_01') - expect(chef_run).to start_service('pdns-recursor_server_01') + it '[sysvinit] enables and starts pdns_recursor service' do + expect(chef_run).to enable_service('pdns_recursor-server_01') + expect(chef_run).to start_service('pdns_recursor-server_01') end - it 'should not creates a specific init script (Systemd)' do - mock_service_resource_providers(%i{redhat systemd}) - expect(chef_run).not_to create_template('/etc/init.d/pdns-recursor_server_01') + it '[systemd] should not creates a specific init script' do + expect(chef_run_7).not_to create_template('/etc/init.d/pdns_recursor-server_01') end - it 'enables and starts pdns_recursor instance (Systemd)' do - mock_service_resource_providers(%i{redhat systemd}) - expect(chef_run).to enable_service('pdns-recursor@server_01') - expect(chef_run).to start_service('pdns-recursor@server_01') + it '[systemd] enables and starts pdns_recursor instance' do + expect(chef_run_7).to enable_service('pdns-recursor@server_01') + expect(chef_run_7).to start_service('pdns-recursor@server_01') end # diff --git a/templates/default/authoritative.init.debian.erb b/templates/default/authoritative.init.debian.erb deleted file mode 100644 index 864376ec..00000000 --- a/templates/default/authoritative.init.debian.erb +++ /dev/null @@ -1,273 +0,0 @@ -#!/bin/sh -### BEGIN INIT INFO -# Provides: <%= @provides %> -# Required-Start: $network $remote_fs $syslog -# Required-Stop: $network $remote_fs $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Should-Start: slapd -# Should-Stop: slapd -# Short-Description: PowerDNS Authoritative Name Server -# Description: PDNS is a versatile high performance authoritative nameser -### END INIT INFO - -PATH=/bin:/sbin:/usr/bin:/usr/sbin -BINARYPATH=/usr/bin -SBINARYPATH=/usr/sbin -SOCKETPATH=/var/run - -ODESC="PowerDNS Authoritative Name Server" -DESC="$ODESC" -NAME=pdns -DAEMON=/usr/sbin/pdns_server -DAEMON_ARGS="" -CONTROL=/usr/bin/pdns_control -PIDFILE=/var/run/$NAME.pid -SCRIPTNAME=/etc/init.d/$NAME - -[ -x "$DAEMON" ] || exit 0 - -[ -r /etc/default/pdns ] && . /etc/default/pdns - -# Make sure that /var/run exists -mkdir -p $SOCKETPATH -cd $SOCKETPATH - -# Handle instance scripts -suffix=$(basename $0 | cut -d- -f2- -s) - -if [ -n "$suffix" ]; then - SUFFIX="--config-name=$suffix" - DAEMON_ARGS="$DAEMON_ARGS $SUFFIX" - NAME="$NAME-$suffix" - DESC="$DESC (config name $suffix)" - PIDFILE="/var/run/$NAME-$suffix.pid" -fi - -# Define LSB log_* functions. -. /lib/lsb/init-functions - -# function to invoke properly parametrized pdns_control -doPC() -{ - $CONTROL $SUFFIX $1 $2 2> /dev/null - return $? -} - -isrunning() -{ - doPC ping > /dev/null - return $? -} - -# -# Function that starts the daemon/service -# -do_start() -{ - # Return - # 0 if daemon has been started - # 1 if daemon was already running - # 2 if daemon could not be started - if isrunning; then - return 1 - fi - start-stop-daemon --start --quiet \ - --pidfile $PIDFILE --exec $DAEMON -- \ - $DAEMON_ARGS --daemon --guardian=yes \ - || return 2 -} - -# -# Function that stops the daemon/service -# -do_stop() -{ - # Return - # 0 if daemon has been stopped - # 1 if daemon was already stopped - # 2 if daemon could not be stopped - # other if a failure occurred - doPC quit >/dev/null - RETVAL="2" - for sec in $(seq 1 5); do - if ! isrunning; then - RETVAL="0" - break - fi - sleep 1 - done - [ "$RETVAL" = 2 ] && return 2 - rm -f $PIDFILE -} - -case "$1" in - start) - [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" - do_start - case "$?" in - 0|1) - [ "$VERBOSE" != no ] && log_end_msg 0 - exit 0 - ;; - 2) - [ "$VERBOSE" != no ] && log_end_msg 1 - exit 1 - ;; - esac - ;; - stop) - [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" - do_stop - case "$?" in - 0|1) - [ "$VERBOSE" != no ] && log_end_msg 0 - exit 0 - ;; - 2) - [ "$VERBOSE" != no ] && log_end_msg 1 - exit 1 - ;; - esac - ;; - status) - if isrunning; then - log_success_msg "$NAME is running: $(doPC status)" - exit 0 - else - log_failure_msg "$NAME is not running" - exit 3 - fi - ;; - force-stop) - [ "$VERBOSE" != no ] && log_daemon_msg "Killing $ODESC (all instances)" "$NAME" - kill -9 $(pidof pdns_server) - case "$?" in - 0) - [ "$VERBOSE" != no ] && log_end_msg 0 - exit 0 - ;; - 1) - [ "$VERBOSE" != no ] && log_end_msg 1 - exit 1 - ;; - esac - ;; - restart) - log_daemon_msg "Restarting $DESC" "$NAME" - do_stop - case "$?" in - 0|1) - do_start - case "$?" in - 0) - log_end_msg 0 - exit 0 - ;; - 1) - log_end_msg 1 # Old process is still running - exit 1 - ;; - *) - log_end_msg 1 # Failed to start - exit 1 - ;; - esac - ;; - *) - # Failed to stop - log_end_msg 1 - exit 1 - ;; - esac - ;; - reload|force-reload) - log_daemon_msg "Reloading $DESC" "$NAME" - if isrunning; then - doPC cycle >/dev/null - case "$?" in - 0) - [ "$VERBOSE" != no ] && log_end_msg 0 - exit 0 - ;; - 1) - [ "$VERBOSE" != no ] && log_end_msg 1 - exit 1 - ;; - esac - else - log_end_msg 0 - exit 7 - fi - ;; - monitor) - if isrunning; then - echo "already running" - exit 1 - else - $DAEMON $DAEMON_ARGS --daemon=no --guardian=no --control-console --loglevel=9 - exit 0 - fi - ;; - dump) - if isrunning; then - doPC list - exit 0 - else - echo "not running" - exit 7 - fi - ;; - show) - if isrunning; then - if [ $# -lt 2 ]; then - echo "Insufficient parameters" - exit 2 - fi - echo -n "$2=" - doPC show $2 - exit 0 - else - echo "not running" - exit 7 - fi - ;; - mrtg) - if isrunning; then - if [ $# -lt 2 ]; then - echo "Insufficient parameters" - exit 2 - fi - doPC show $2 - if [ "$3x" != "x" ]; then - doPC show $3 - else - echo 0 - fi - doPC uptime - echo "$DESC" - exit 0 - else - echo "not running" - exit 7 - fi - ;; - cricket) - if isrunning; then - if [ $# -lt 2 ]; then - echo "Insufficient parameters" - exit 1 - fi - doPC show $2 - exit 0 - else - echo "not running" - exit 7 - fi - ;; - *) - echo "Usage: $SCRIPTNAME {start|stop|status|force-stop|restart|reload|monitor|dump|show|mrtg|cricket}" - ;; -esac - -exit 0 \ No newline at end of file diff --git a/templates/default/authoritative.init.rhel.erb b/templates/default/authoritative.init.rhel.erb deleted file mode 100644 index fed0addc..00000000 --- a/templates/default/authoritative.init.rhel.erb +++ /dev/null @@ -1,211 +0,0 @@ -#!/bin/sh -# chkconfig: - 80 75 -# description: PDNS is a versatile high performance authoritative nameserver - -### BEGIN INIT INFO -# Provides: <%= @provides %> -# Required-Start: $remote_fs $network $syslog -# Required-Stop: $remote_fs $network $syslog -# Should-Start: -# Should-Stop: -# Default-Start: -# Default-Stop: 0 1 6 -# Short-Description: PowerDNS authoritative server -# Description: PowerDNS authoritative server -### END INIT INFO - -set -e - -prefix=/usr -exec_prefix=/usr -BINARYPATH=/usr/bin -SBINARYPATH=/usr/sbin -SOCKETPATH=/var/run - -[ -f "$SBINARYPATH/pdns_server" ] || exit 0 - -[ -r /etc/default/pdns ] && . /etc/default/pdns - -cd $SOCKETPATH -suffix=$(basename $0 | cut -d- -f2- -s) -if [ -n "$suffix" ] -then - EXTRAOPTS=--config-name=$suffix - PROGNAME=pdns-$suffix -else - PROGNAME=pdns -fi - -pdns_server="$SBINARYPATH/pdns_server $EXTRAOPTS" - -doPC() -{ - ret=$($BINARYPATH/pdns_control $EXTRAOPTS $1 $2 2> /dev/null) -} - -NOTRUNNING=0 -doPC ping || NOTRUNNING=$? - -case "$1" in - status) - if test "$NOTRUNNING" = "0" - then - doPC status - echo $ret - else - echo "not running" - exit 3 - fi - ;; - - stop) - echo -n "Stopping PowerDNS authoritative nameserver: " - if test "$NOTRUNNING" = "0" - then - doPC quit - rm -f /var/lock/subsys/pdns - echo $ret - else - echo "not running" - fi - ;; - - - force-stop) - echo -n "Stopping PowerDNS authoritative nameserver: " - killall -v -9 pdns_server - rm -f /var/lock/subsys/pdns - echo "killed" - ;; - - start) - echo -n "Starting PowerDNS authoritative nameserver: " - if test "$NOTRUNNING" = "0" - then - echo "already running" - else - if $pdns_server --daemon --guardian=yes - then - touch /var/lock/subsys/pdns - echo "started" - else - echo "starting failed" - exit 1 - fi - fi - ;; - - condrestart) - if [ -f /var/lock/subsys/pdns ]; - then - echo "running, restarting" - $0 restart - else - echo "not running" - fi - ;; - - force-reload | restart) - echo -n "Restarting PowerDNS authoritative nameserver: " - if test "$NOTRUNNING" = "1" - then - echo "not running, starting" - else - - echo -n stopping and waiting.. - doPC quit - sleep 3 - echo done - fi - $0 start - ;; - - reload) - echo -n "Reloading PowerDNS authoritative nameserver: " - if test "$NOTRUNNING" = "0" - then - doPC cycle - echo requested reload - else - echo not running yet - $0 start - fi - ;; - - monitor) - if test "$NOTRUNNING" = "0" - then - echo "already running" - else - $pdns_server --daemon=no --guardian=no --control-console --loglevel=9 - fi - ;; - - dump) - if test "$NOTRUNNING" = "0" - then - doPC list - echo $ret - else - echo "not running" - fi - ;; - - show) - if [ $# -lt 2 ] - then - echo Insufficient parameters - exit - fi - if test "$NOTRUNNING" = "0" - then - echo -n "$2=" - doPC show $2 ; echo $ret - else - echo "not running" - fi - ;; - - mrtg) - if [ $# -lt 2 ] - then - echo Insufficient parameters - exit - fi - if test "$NOTRUNNING" = "0" - then - doPC show $2 ; echo $ret - if [ "$3x" != "x" ] - then - doPC show $3 ; echo $ret - else - echo 0 - fi - doPC uptime ; echo $ret - echo PowerDNS daemon - else - echo "not running" - fi - - ;; - - cricket) - if [ $# -lt 2 ] - then - echo Insufficient parameters - exit - fi - if test "$NOTRUNNING" = "0" - then - doPC show $2 ; echo $ret - else - echo "not running" - fi - - ;; - - *) - echo pdns [start\|stop\|condrestart\|force-reload\|reload\|restart\|status\|dump\|show\|mrtg\|cricket\|monitor] - - ;; -esac \ No newline at end of file diff --git a/test/cookbooks/pdns_test/recipes/authoritative_install_multi.rb b/test/cookbooks/pdns_test/recipes/authoritative_install_multi.rb index a1e2140d..08d8a784 100644 --- a/test/cookbooks/pdns_test/recipes/authoritative_install_multi.rb +++ b/test/cookbooks/pdns_test/recipes/authoritative_install_multi.rb @@ -30,8 +30,9 @@ ) end +config_dir = ::Pdns::PdnsAuthoritativeHelpers.default_authoritative_config_directory(node['platform_family']) test_zonefile = <<-EOF -zone "example.org" { type master; file "#{default_authoritative_config_directory}/example.org.zone"; }; +zone "example.org" { type master; file "#{config_dir}/example.org.zone"; }; EOF test_zone = <<-EOF @@ -40,14 +41,14 @@ smoke.example.org. 172800 IN A 127.0.0.123 EOF -file "#{default_authoritative_config_directory}/bindbackend.conf" do +file "#{config_dir}/bindbackend.conf" do content test_zonefile owner 'pdns' group 'pdns' mode '0750' end -file "#{default_authoritative_config_directory}/example.org.zone" do +file "#{config_dir}/example.org.zone" do content test_zone owner 'pdns' group 'pdns' diff --git a/test/cookbooks/pdns_test/recipes/authoritative_install_single_postgres.rb b/test/cookbooks/pdns_test/recipes/authoritative_install_single_postgres.rb index 01aa6895..958a3795 100644 --- a/test/cookbooks/pdns_test/recipes/authoritative_install_single_postgres.rb +++ b/test/cookbooks/pdns_test/recipes/authoritative_install_single_postgres.rb @@ -52,11 +52,11 @@ not_if 'psql -t -d pdns -c "select \'public.domains\'::regclass;"', user: 'postgres' end -add_zone = 'pdnsutil --config-name authoritative_server_01 create-zone example.org ns1.example.org && pdnsutil --config-name authoritative_server_01 add-record example.org smoke A 127.0.0.123' +add_zone = 'pdnsutil --config-name server_01 create-zone example.org ns1.example.org && pdnsutil --config-name server_01 add-record example.org smoke A 127.0.0.123' execute add_zone do user 'root' - not_if 'pdnsutil --config-name authoritative_server_01 list-zone example.org | grep example.org' + not_if 'pdnsutil --config-name server_01 list-zone example.org | grep example.org' action :run end diff --git a/test/integration/authoritative-multi/default_spec.rb b/test/integration/authoritative-multi/default_spec.rb index 87d802d9..14ff1c82 100644 --- a/test/integration/authoritative-multi/default_spec.rb +++ b/test/integration/authoritative-multi/default_spec.rb @@ -22,13 +22,8 @@ it { should exist } end -describe processes('pdns_server-authoritative_server_01-instance') do - its ('users') { should eq [default_authoritative_run_user] } -end - -describe processes('pdns_server-authoritative_server_02-instance') do - its ('users') { should eq ['another-pdns'] } -end +check_process_name('server_01', default_authoritative_run_user) +check_process_name('server_02', 'another-pdns') describe command('dig -p 53 chaos txt version.bind @127.0.0.1 +short') do its('stdout.chomp') { should match(/"PowerDNS Authoritative Server 4.0.4/) } diff --git a/test/integration/authoritative-postgres/default_spec.rb b/test/integration/authoritative-postgres/default_spec.rb index 9d6692d3..9f644736 100644 --- a/test/integration/authoritative-postgres/default_spec.rb +++ b/test/integration/authoritative-postgres/default_spec.rb @@ -21,9 +21,7 @@ it { should exist } end -describe processes('pdns_server-authoritative_server_01-instance') do - its ('users') { should eq [default_authoritative_run_user] } -end +check_process_name('server_01', default_authoritative_run_user) describe command('dig chaos txt version.bind @127.0.0.1 +short') do its('stdout.chomp') { should match(/"PowerDNS Authoritative Server 4.0.4/) } diff --git a/test/integration/recursor-multi/default_spec.rb b/test/integration/recursor-multi/default_spec.rb index 47ad753e..ef0725ee 100644 --- a/test/integration/recursor-multi/default_spec.rb +++ b/test/integration/recursor-multi/default_spec.rb @@ -22,9 +22,8 @@ it { should exist } end -describe processes('pdns_recursor') do - its ('users') { should eq [default_recursor_run_user, 'another-pdns'] } -end +check_process_name('server_01', default_recursor_run_user, 'recursor') +check_process_name('server_02', 'another-pdns', 'recursor') describe command('dig -p 53 chaos txt version.bind @127.0.0.1 +short') do its('stdout.chomp') { should match(/"PowerDNS Recursor 4.0.5/) } diff --git a/test/libraries/helpers.rb b/test/libraries/helpers.rb index 6eb83d4e..e3687bb2 100644 --- a/test/libraries/helpers.rb +++ b/test/libraries/helpers.rb @@ -42,3 +42,35 @@ def default_authoritative_postgres_backend_package 'pdns-backend-postgresql' end end + +# Code extracted from inspec: +# https://github.com/chef/inspec/blob/master/lib/resources/service.rb#L104 +def systemd_is_init? + platform = os[:name] + if %w{ubuntu}.include?(platform) + os[:release].to_f >= 15.04 + elsif %w{debian}.include?(platform) + os[:release].to_i > 7 + elsif %w{redhat fedora centos oracle}.include?(platform) + version = os[:release].to_i + (%w{ redhat centos oracle }.include?(platform) && version >= 7) || (platform == 'fedora' && version >= 15) + else + false + end +end + +def check_process_name(instance_name = 'server01', user_name = 'pdns', type = 'authoritative') + if systemd_is_init? + describe processes(instance_name) do + its ('users') { should eq [user_name] } + end + else + instance_name = "#{instance_name}-instance" unless type == 'recursor' + # Grep cheat feature + # "ps aux | grep '[f]irefox'" will only match the process + instance_name[0] = "[#{instance_name[0]}]" + describe command("ps axo user:32,command | grep '#{instance_name}' | awk '{print $1}'") do + its ('stdout.chomp') { should eq user_name } + end + end +end