--- /dev/null
+Overview
+========
+
+Virtualisation technologies have to be taken into account when configuring
+systems to enable optimal performance and minimal resource consumption. This
+module enables detection of virtualisation technologies and brings along
+classes to react to specific implementations.
+
+See http://reductivelabs.com/trac/puppet/wiki/VirtualRecipe for details about
+this module.
+
+Technology detection
+--------------------
+
+The "virtual" fact can take these values:
+
+ * physical: no virtualisation technologies
+ * vmware: a VMware guest
+ * vmware_server: a VMware host
+ * xen0: dom0, the priviledged XEN Management Domain
+ * xenu: domU, a XEN guest
+
+VServer
+-------
+
+The Linux-VServer project maintains a lightweight isolation container as patch
+to current Linux kernels at http://www.linux-vserver.org/ .
+
+The vserver fact can detect vserver "host" and "guest" status.
+
+This module provides classes and defines for managing vserver guests in vserver.pp
+
+
+XEN
+---
+
+For details see http://www.xensource.org/
+
+Beyond detection, this module currently only brings along the class
+munin::plugins::xen to install the xen_mem and xen_vm munin plugins.
+
+VServer Types
+=============
+
+On all vserver hosts, the class vserver::host should be installed. This brings
+along the infrastructure and files for the guest configuration types.
+
+
+
+
+
+TODO
+====
+
+Split xen and vserver specific functionality into separate modules?
+
+Add XEN guest configuration and initialisation.
+
+Detect XEN HVM container for fact::virtual.
+
+Collect various VServer and XEN bits from dbp and integrate here.
--- /dev/null
+#!/bin/bash
+
+NAME=$1
+DOMAIN=$2
+
+# create basic vserver
+vserver $NAME build -m debootstrap -- -d etch -m http://ftp.at.debian.org/debian
+
+# default settings
+echo $NAME >/etc/vservers/$NAME/uts/nodename
+
+# copy in some some defaults
+TARGET=/etc/vservers/$NAME/vdir/
+
+cp /etc/apt/{preferences,sources.list} $TARGET/etc/apt/
+
+# this is needed so puppet can find the puppetmaster and creates the right
+# certificate
+grep -v $NAME /etc/hosts > $TARGET/etc/hosts
+echo "127.0.0.1 $NAME.$DOMAIN $NAME" >> $TARGET/etc/hosts
+mkdir -p $TARGET/var/lib/puppet/modules/dbp
+cp /var/lib/puppet/modules/dbp/puppet_current.deb $TARGET/var/lib/puppet/modules/dbp/
+
+# Setup is complete, now do the post-install stuff
+vserver $NAME start
+vserver $NAME exec dselect update
+# install a few packages needed for facter
+vserver $NAME exec apt-get -y install lsb-release iproute
+vserver $NAME exec dpkg --install var/lib/puppet/modules/dbp/puppet_current.deb
+vserver $NAME exec apt-get -fy install
+
+echo "Please sign now: puppetca --sign $NAME.$DOMAIN" >&2
--- /dev/null
+#!/bin/sh
+#
+# Copyright (C) 2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; version 2 dated June,
+# 1991.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+#
+# Script to monitor affected memory by domain
+#
+# $Log$
+# Revision 1.0 2006/09/08 19:20:19 rodo
+# Created by Rodolphe Quiedeville
+#
+# Need to be run as root, add the following lines ...
+#
+# [xen*]
+# user root
+#
+# to /etc/munin/plugin-conf.d/munin-node
+#
+#
+# Parameters understood:
+#
+# config (required)
+# autoconf (optional - used by munin-config)
+#
+#
+# Magic markers (optional - used by munin-config and installation
+# scripts):
+#
+#%# family=auto
+#%# capabilities=autoconf
+
+XM="/usr/sbin/xm"
+
+if [ "$1" = "autoconf" ]; then
+ echo yes
+ exit 0
+fi
+
+if [ "$1" = "config" ]; then
+
+ echo 'graph_title Xen affected memory'
+ echo 'graph_args --base 1024 --upper-limit 1024 -l 0'
+ echo 'graph_vlabel Memory'
+ echo 'graph_category xen'
+ echo 'graph_total Total'
+ echo 'graph_info This graph shows affected memory for each domain.'
+ echo 'Domain_0.label Domain-0'
+ echo 'Domain_0.draw AREA'
+$XM list | grep -v 'Mem' | grep -v 'Domain-0' | while read i; do
+ name=`echo $i | awk '{ print $1 }' | sed 's/[\/.-]/_/g'`
+ echo -n "$name.label "
+ echo $i | awk '{ print $1 }'
+ echo "$name.draw STACK"
+done
+
+ exit 0
+fi
+
+$XM list | grep -v 'Mem' | while read i; do
+ name=`echo $i | awk '{ print $1 }' | sed 's/[\/.-]/_/g'`
+ echo -n "$name.value "
+ echo $i | awk '{ print $3 * 1024 * 1024 }'
+done
--- /dev/null
+#!/bin/sh
+#
+# Copyright (C) 2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; version 2 dated June,
+# 1991.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+#
+# Monitor number of vm running on a xen dom0.
+#
+# $Log$
+# Revision 1.0 2006/09/08 19:20:19 rodo
+# Created by Rodolphe Quiedeville
+#
+# Need to be run as root, add the following lines ...
+#
+# [xen*]
+# user root
+#
+# to /etc/munin/plugin-conf.d/munin-node
+#
+#
+# Parameters understood:
+#
+# config (required)
+# autoconf (optional - used by munin-config)
+#
+#
+# Magic markers (optional - used by munin-config and installation
+# scripts):
+#
+#%# family=auto
+#%# capabilities=autoconf
+
+XM="/usr/sbin/xm"
+
+if [ "$1" = "autoconf" ]; then
+ echo yes
+ exit 0
+fi
+
+if [ "$1" = "config" ]; then
+
+ echo 'graph_title Xen Virtual Machines'
+ echo 'graph_args --base 1000 -l 0'
+ echo 'graph_vlabel vm'
+ echo 'graph_category xen'
+ echo 'graph_info This graph shows how many virtual machines runs on dom0.'
+ echo 'domains.label vm'
+ exit 0
+fi
+
+domains=`$XM list | wc -l`
+
+echo -n "domains.value "
+echo $(($domains-2))
--- /dev/null
+# virtual/init.pp -- miscellaneous stuff for virtual hosts and guests
+# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+# See LICENSE for the full license granted to you.
+# Based on the work of abnormaliti on http://reductivelabs.com/trac/puppet/wiki/VirtualRecipe
+
+modules_dir{ "virtual": }
+
+import "vserver.pp"
+import "xen.pp"
--- /dev/null
+# virtual/vserver.pp -- manage vserver specifica
+# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+# See LICENSE for the full license granted to you.
+
+modules_dir{ "virtual/contexts": }
+
+class vserver::host {
+
+ package { [ 'util-vserver', debootstrap ]: ensure => installed, }
+
+ file {
+ "/usr/local/bin/build_vserver":
+ source => "puppet://$servername/virtual/build_vserver",
+ mode => 0755, owner => root, group => root,
+ require => [ Package['util-vserver'], Package[debootstrap],
+ # this comes from dbp module and is the most current puppet deb
+ File["/var/lib/puppet/modules/dbp/puppet_current.deb"] ];
+ "/etc/vservers/local-interfaces/":
+ ensure => directory,
+ mode => 0755, owner => root, group => root;
+ }
+
+}
+
+define vs_create($in_domain, $legacy = false) {
+ $vs_name = $legacy ? { true => $name, false => $in_domain ? { '' => $name, default => "${name}.${in_domain}" } }
+
+ case $vs_name { '': { fail ( "Cannot create VServer with empty name" ) } }
+
+ case $legacy {
+ true: {
+ exec { "/usr/local/bin/build_vserver \"${vs_name}\" \"${in_domain}\"":
+ creates => "/etc/vservers/${vs_name}",
+ require => File["/usr/local/bin/build_vserver"],
+ alias => "vs_create_${vs_name}"
+ }
+ }
+ false: {
+ exec { "/usr/local/bin/build_vserver \"${vs_name}\" \"\"":
+ creates => "/etc/vservers/${vs_name}",
+ require => File["/usr/local/bin/build_vserver"],
+ alias => "vs_create_${vs_name}"
+ }
+ }
+ }
+}
+
+
+# ensure: present, stopped, running
+define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false) {
+ case $in_domain { '': {}
+ default: { err("${fqdn}: vserver ${name} uses deprecated \$in_domain" ) }
+ }
+ $vs_name = $legacy ? { true => $name, false => $in_domain ? { '' => $name, default => "${name}.${in_domain}" } }
+ $if_dir = "/etc/vservers/${vs_name}/interfaces/"
+ $mark_file = "/etc/vservers/${vs_name}/apps/init/mark"
+
+ case $vs_name { '': { fail ( "Cannot create VServer with empty name" ) } }
+
+ # TODO: wasn't there a syntax for using arrays as case selectors??
+ case $ensure {
+ present: { vs_create{$name: in_domain => $in_domain, legacy => $legacy, } }
+ running: { vs_create{$name: in_domain => $in_domain, legacy => $legacy, } }
+ stopped: { vs_create{$name: in_domain => $in_domain, legacy => $legacy, } }
+ default: { err("${fqdn}: vserver(${vs_name}): unknown ensure '${ensure}'") }
+ }
+
+ file {
+ $if_dir:
+ ensure => directory, checksum => mtime,
+ require => Exec["vs_create_${vs_name}"];
+ }
+
+ config_file {
+ "/etc/vservers/${vs_name}/context":
+ content => "${context}\n",
+ notify => Exec["vs_restart_${vs_name}"],
+ require => Exec["vs_create_${vs_name}"];
+ # create illegal configuration, when two vservers have the same context
+ # number
+ "/var/lib/puppet/modules/virtual/contexts/${context}":
+ content => "\n";
+ "/etc/vservers/${vs_name}/uts/nodename":
+ content => "${vs_name}\n",
+ notify => Exec["vs_restart_${vs_name}"],
+ require => Exec["vs_create_${vs_name}"];
+ "/etc/vservers/${vs_name}/name":
+ content => "${vs_name}\n",
+ # Changing this needs no restart
+ # notify => Exec["vs_restart_${vs_name}"],
+ require => Exec["vs_create_${vs_name}"];
+ }
+
+ case $ensure {
+ stopped: {
+ exec { "vserver ${vs_name} stop":
+ onlyif => "test -e \$(readlink -f /etc/vservers/${vs_name}/run || echo /doesntexist )",
+ require => Exec["vs_create_${vs_name}"],
+ # fake the restart exec in the stopped case, so the dependencies are fulfilled
+ alias => "vs_restart_${vs_name}",
+ }
+ file { $mark_file: ensure => absent, }
+ }
+ running: {
+ exec { "vserver ${vs_name} start":
+ unless => "test -e \$(readlink -f /etc/vservers/${vs_name}/run)",
+ require => Exec["vs_create_${vs_name}"],
+ }
+
+ exec { "vserver ${vs_name} restart":
+ refreshonly => true,
+ require => Exec["vs_create_${vs_name}"],
+ alias => "vs_restart_${vs_name}",
+ subscribe => File[$if_dir],
+ }
+
+ case $mark {
+ '': {
+ err("${fqdn}: vserver ${vs_name} set to running, but won't be started on reboot without mark!")
+ file { $mark_file: ensure => absent, }
+ }
+ default: {
+ config_file { "/etc/vservers/${vs_name}/apps/init/mark":
+ content => "${mark}\n",
+ require => Exec["vs_create_${vs_name}"],
+ }
+ }
+ }
+ }
+ }
+
+}
+
+# Changeing stuff with this define won't do much good, since it relies on
+# restarting the vservers to do the work, which won't clean up orphaned
+# interfaces
+define vs_interface($prefix = 24, $dev = '') {
+
+ file {
+ "/etc/vservers/local-interfaces/${name}/":
+ ensure => directory,
+ mode => 0755, owner => root, group => root;
+ "/etc/vservers/local-interfaces/${name}/ip":
+ content => "${name}\n",
+ mode => 0644, owner => root, group => root;
+ "/etc/vservers/local-interfaces/${name}/prefix":
+ content => "${prefix}\n",
+ mode => 0644, owner => root, group => root;
+ }
+
+ case $dev {
+ '': {
+ file {
+ "/etc/vservers/local-interfaces/${name}/nodev":
+ ensure => present,
+ mode => 0644, owner => root, group => root;
+ "/etc/vservers/local-interfaces/${name}/dev":
+ ensure => absent;
+ }
+ }
+ default: {
+ config_file { "/etc/vservers/local-interfaces/${name}/dev": content => $dev, }
+ file { "/etc/vservers/local-interfaces/${name}/nodev": ensure => absent, }
+ }
+ }
+}
+
+define vs_ip($vserver, $ip, $ensure) {
+ err("$fqdn is using deprecated vs_ip instead of vs_ip_binding for $name")
+ vs_ip_binding { $name: vserver => $vserver, ip => $ip, ensure => $ensure }
+}
+
+define vs_ip_binding($vserver, $ip, $ensure) {
+ case $ensure {
+ connected: {
+ file { "/etc/vservers/${vserver}/interfaces/${name}":
+ ensure => "/etc/vservers/local-interfaces/${ip}/",
+ require => [ File["/etc/vservers/local-interfaces/${ip}/"], Exec["vs_create_${vserver}"] ],
+ notify => Exec["vs_restart_${vserver}"],
+ }
+ }
+ disconnected: {
+ file { "/etc/vservers/${vserver}/interfaces/${name}":
+ ensure => absent,
+ # TODO: fix message:
+ # warning: //ic/vs_ip[mailman_00]/File[/etc/vservers/mailman/interfaces/mailman_00]: Exec[vserver mailman restart] still depend on me -- not deleting
+ # notify => Exec["vs_restart_${vserver}"],
+ }
+ }
+ default: {
+ err( "${fqdn}: vs_ip: ${vserver} -> ${ip}: unknown ensure: '${ensure}'" )
+ }
+ }
+}
--- /dev/null
+# virtual/xen.pp -- XEN specifica
+# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+# See LICENSE for the full license granted to you.
+
+class munin::plugins::xen {
+ munin::remoteplugin {
+ xen_mem:
+ source => "puppet://$servername/virtual/munin/xen_mem",
+ config => "user root";
+ xen_vm:
+ source => "puppet://$servername/virtual/munin/xen_vm",
+ config => "user root";
+ }
+}
+
+class xen::domain {
+ # install the special libc and parameters to enable it
+ $xen_ensure = $virtual ? {
+ 'xen0' => present,
+ 'xenu' => present,
+ default => 'absent'
+ }
+
+ case $ensure {
+ 'absent': { err("xen::domain configured, but not detected") }
+ }
+
+ package { libc6-xen:
+ ensure => $xen_ensure,
+ }
+
+ config_file {
+ "/etc/ld.so.conf.d/nosegneg.conf":
+ ensure => $xen_ensure,
+ content => "hwcap 0 nosegneg\n",
+ }
+
+}
--- /dev/null
+# Copied from http://reductivelabs.com/trac/puppet/wiki/VirtualRecipe?version=6
+# Authored by abnormaliti with contributions by daniel@nsp.co.nz and mwr
+
+# This defines the fact "virtual" with the possible values of "physical",
+# "vmware", "vmware_server", "xenu", or "xen0"
+
+Facter.add("virtual") do
+ confine :kernel => :linux
+
+ ENV["PATH"]="/bin:/sbin:/usr/bin:/usr/sbin"
+
+ result = "physical"
+
+ setcode do
+
+ lspciexists = system "which lspci >&/dev/null"
+ if $?.exitstatus == 0
+ output = %x{lspci}
+ output.each {|p|
+ # --- look for the vmware video card to determine if it is virtual => vmware.
+ # --- 00:0f.0 VGA compatible controller: VMware Inc [VMware SVGA II] PCI Display Adapter
+ result = "vmware" if p =~ /VMware/
+ }
+ end
+
+ # VMware server 1.0.3 rpm places vmware-vmx in this place, other versions or platforms may not.
+ if FileTest.exists?("/usr/lib/vmware/bin/vmware-vmx")
+ result = "vmware_server"
+ end
+
+ if FileTest.exists?("/proc/xen/capabilities") and File.read("/proc/xen/capabilities") =~ /control_d/i
+ result = "xen0"
+ elsif FileTest.exists?("/proc/sys/xen/independent_wallclock")
+ result = "xenu"
+ end
+ result
+ end
+end
+
--- /dev/null
+# vserver.rb -- linux-vserver.org related facts
+# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+# See LICENSE for the full license granted to you.
+# Based on abnormaliti's "virtual" fact from
+# http://reductivelabs.com/trac/puppet/wiki/VirtualRecipe
+
+# This defines the fact "vserver" with the possible values of "none", "guest",
+# or "host"
+
+Facter.add("vserver") do
+ confine :kernel => :linux
+
+ ENV["PATH"]="/bin:/sbin:/usr/bin:/usr/sbin"
+
+ result = "none"
+
+ setcode do
+ if FileTest.directory?('/proc/virtual')
+ result = "host"
+ elsif ! FileTest.directory?('/proc/2')
+ # gross hack: PID 2 is usually a
+ # kernel thread, which doesn't existin vserver
+ result = "guest"
+ end
+
+ result
+ end
+end
+
projects / puppet-virtual.git / commitdiff