Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Fix for cert signing on mix-cased hostnames, Rakefile fix, new daemonize_puppet action #7

Merged
merged 4 commits into from

2 participants

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Dec 27, 2012
  1. @aripringle

    adding daemonize_puppet action to run puppet as a deaemon (allows for…

    aripringle authored
    … quick response, and won't break if puppet restarts mcollective)
  2. @aripringle

    adding data dir to Rakefile

    aripringle authored
Commits on Dec 28, 2012
  1. @aripringle
  2. @aripringle
This page is out of date. Refresh to see the latest.
View
2  Rakefile
@@ -9,7 +9,7 @@ PROJ_VERSION = "1.0.0"
PROJ_RELEASE = "1"
PROJ_NAME = "mcprovision"
PROJ_RPM_NAMES = [PROJ_NAME]
-PROJ_FILES = ["#{PROJ_NAME}.spec", "#{PROJ_NAME}.rb", "#{PROJ_NAME}.init", "COPYING", "lib", "etc", "agent"]
+PROJ_FILES = ["#{PROJ_NAME}.spec", "#{PROJ_NAME}.rb", "#{PROJ_NAME}.init", "COPYING", "lib", "etc", "agent", "data"]
ENV["RPM_VERSION"] ? CURRENT_VERSION = ENV["RPM_VERSION"] : CURRENT_VERSION = PROJ_VERSION
ENV["BUILD_NUMBER"] ? CURRENT_RELEASE = ENV["BUILD_NUMBER"] : CURRENT_RELEASE = PROJ_RELEASE
View
10 agent/provision.ddl
@@ -49,6 +49,16 @@ action "run_puppet", :description => "Runs Puppet in the normal environment" do
:display_as => "Exit Code"
end
+action "daemonize_puppet", :description => "Runs Puppet as a daemon in the normal environment" do
+ output :output,
+ :description => "Puppetd Output",
+ :display_as => "Output"
+
+ output :exitcode,
+ :description => "Puppetd Exit Code",
+ :display_as => "Exit Code"
+end
+
action "has_cert", :description => "Finds out if we already have a Puppet certificate" do
output :has_cert,
:description => "Have a puppet certificate already been created",
View
10 agent/provision.rb
@@ -11,7 +11,7 @@ def startup_hook
certname = PluginManager["facts_plugin"].get_fact("fqdn")
certname = config.identity unless certname
- @puppetcert = config.pluginconf.fetch("provision.certfile", "/var/lib/puppet/ssl/certs/#{certname}.pem")
+ @puppetcert = config.pluginconf.fetch("provision.certfile", "/var/lib/puppet/ssl/certs/#{certname.downcase}.pem")
@lockfile = config.pluginconf.fetch("provision.lockfile", "/etc/mcollective/provisioner.lock")
@disablefile = config.pluginconf.fetch("provision.disablefile", "/etc/mcollective/provisioner.disable")
@puppet = config.pluginconf.fetch("provision.puppet", "/usr/bin/puppet agent")
@@ -58,6 +58,14 @@ def startup_hook
fail "Puppet returned #{reply[:exitcode]}" if [4,6].include?(reply[:exitcode])
end
+
+ # runs puppet as a daemon
+ action "daemonize_puppet" do
+ reply[:output] = %x[#{@puppet} --onetime]
+ reply[:exitcode] = $?.exitstatus
+
+ fail "Puppet returned #{reply[:exitcode]}" if [4,6].include?(reply[:exitcode])
+ end
action "has_cert" do
reply[:has_cert] = has_cert?
View
1  etc/provisioner.yaml
@@ -10,6 +10,7 @@ steps:
sign_node_csr: true
puppet_bootstrap_stage: true
puppet_final_run: true
+ puppet_daemonize: false
notify: false
master:
criteria:
View
1  etc/provisioner.yaml.dist
@@ -10,6 +10,7 @@ steps:
sign_node_csr: false
puppet_bootstrap_stage: false
puppet_final_run: false
+ puppet_daemonize: false
notify: false
master:
criteria:
View
6 lib/mcprovision/node.rb
@@ -69,6 +69,12 @@ def run_puppet
result = request("run_puppet")
check_puppet_output(result[:data][:output].split("\n"))
end
+
+ # Run puppet as a daemon on the client by calling daemonize_puppet
+ def daemonize_puppet
+ MCProvision.info("Calling daemonize_puppet")
+ result = request("daemonize_puppet")
+ end
private
# Wrapper that calls to a node, checks the result structure and status messages and return
View
5 lib/mcprovision/runner.rb
@@ -80,17 +80,18 @@ def provision(node)
# Only do certificate management if the node is clean and doesnt already have a cert
unless node.has_cert?
- @master.clean_cert(node.hostname) if @config.settings["steps"]["clean_node_certname"]
+ @master.clean_cert(node.hostname.downcase) if @config.settings["steps"]["clean_node_certname"]
node.send_csr if @config.settings["steps"]["send_node_csr"]
- @master.sign(node.hostname) if @config.settings["steps"]["sign_node_csr"]
+ @master.sign(node.hostname.downcase) if @config.settings["steps"]["sign_node_csr"]
else
MCProvision.info("Skipping SSL certificate management for node - already has a cert")
end
node.bootstrap if @config.settings["steps"]["puppet_bootstrap_stage"]
node.run_puppet if @config.settings["steps"]["puppet_final_run"]
+ node.daemonize_puppet if @config.settings["steps"]["puppet_daemon"]
node.disable
@notifier.notify("Provisioned #{node.hostname} against #{chosen_master.hostname}", "New Node") if @config.settings["steps"]["notify"]
Something went wrong with that request. Please try again.