From 82d60d40f873822a10a06db71a376fc4ab0e6cdf Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Tue, 23 Jun 2015 15:28:22 +0100 Subject: [PATCH 01/18] adding kitchenci stuff --- .gitignore | 8 +- kitchenci/.kitchen.yml | 25 +++ kitchenci/Gemfile | 8 + kitchenci/Puppetfile | 14 ++ kitchenci/hiradata/common.yaml | 167 ++++++++++++++++++ kitchenci/manifests/site.pp | 1 + .../default/serverspec/conf_spec.rb | 114 ++++++++++++ .../default/serverspec/install_spec.rb | 22 +++ .../default/serverspec/repo_spec.rb | 21 +++ .../default/serverspec/service_spec.rb | 18 ++ 10 files changed, 397 insertions(+), 1 deletion(-) create mode 100644 kitchenci/.kitchen.yml create mode 100644 kitchenci/Gemfile create mode 100644 kitchenci/Puppetfile create mode 100644 kitchenci/hiradata/common.yaml create mode 100644 kitchenci/manifests/site.pp create mode 100644 kitchenci/test/integration/default/serverspec/conf_spec.rb create mode 100644 kitchenci/test/integration/default/serverspec/install_spec.rb create mode 100644 kitchenci/test/integration/default/serverspec/repo_spec.rb create mode 100644 kitchenci/test/integration/default/serverspec/service_spec.rb diff --git a/.gitignore b/.gitignore index 7d10b86..3f158d7 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,11 @@ pkg .vagrant .gitreview - Gemfile.lock + +kitchenci/.tmp/ +kitchenci/modules/ +kitchenci/*.lock +kitchenci/.ruby* +kitchenci/.kitchen +kitchenci/.librarian diff --git a/kitchenci/.kitchen.yml b/kitchenci/.kitchen.yml new file mode 100644 index 0000000..a894b4a --- /dev/null +++ b/kitchenci/.kitchen.yml @@ -0,0 +1,25 @@ +--- +driver: + name: {driver} + +provisioner: + name: puppet_apply + puppet_version: {puppet_version} + mainfests_path: manifests + modules_path: modules + hira_data_path: hiradata + +platforms: + {platforms} + +suites: + - name: default + manifest: site.pp + provisioner: + custom_facts: + seed_a_eni_ip: 1.2.3.4 + seed_b_eni_ip: 5.6.7.8 + seed_c_eni_ip: 9.10.11.12 + processorcount: 2 + ipaddress_eth0: 13.14.15.16 + opscenter_eni_ip: 17.18.19.20 diff --git a/kitchenci/Gemfile b/kitchenci/Gemfile new file mode 100644 index 0000000..a2e07b1 --- /dev/null +++ b/kitchenci/Gemfile @@ -0,0 +1,8 @@ +# A sample Gemfile +source "https://rubygems.org" + +gem "test-kitchen" +gem "kitchen-puppet" +gem "kitchen-docker" +gem "kitchen-vagrant" +gem "librarian-puppet" diff --git a/kitchenci/Puppetfile b/kitchenci/Puppetfile new file mode 100644 index 0000000..7cc5cc3 --- /dev/null +++ b/kitchenci/Puppetfile @@ -0,0 +1,14 @@ +# Role specific modules + +mod "cakesolutions/cassandra", + :git => "git@github.com:cakesolutions/puppet-cassandra.git", + +mod "cakesolutions/java", + :git => "git@github.com:cakesolutions/puppet-java.git", + :ref => "0.0.6" + +mod "cakesolutions/appdynamics", + :git => "git@github.com:cakesolutions/puppet-appdynamics.git", + :ref => "0.0.1" + +mod "saz/rsyslog", "3.5.1" diff --git a/kitchenci/hiradata/common.yaml b/kitchenci/hiradata/common.yaml new file mode 100644 index 0000000..38b86f4 --- /dev/null +++ b/kitchenci/hiradata/common.yaml @@ -0,0 +1,167 @@ +--- +awscli::version: '1.7.34' +appdynamics::source_url: 'https://s3-eu-west-1.amazonaws.com/cakesolutions-public-downloads' +appdynamics::version: '4.0.7.0' +appdynamics::install_location: '/opt/appdynamics_agent' +appdynamics::controller_host: 'cakesolutions720.saas.appdynamics.com' +appdynamics::controller_port: '443' +appdynamics::controller_ssl_enabled: 'true' +appdynamics::account_name: 'CakeSolutions720' +appdynamics::account_access_key: '2u3xgvl0w2zd' +appdynamics::application_name: 'ODS' +appdynamics::tier_name: 'undef' +appdynamics::service_ensure: 'running' +appdynamics::service_enable: 'true' +appdynamics::java_opts: '-Dappdynamics.agent.maxMetrics=10000' +profile::aws_manager::install::github_source: 'git@github.com:cakesolutions/shopdirect-aws-manager.git' +profile::aws_manager::install::version: '0.1.0' +profile::aws_manager::install::ruby_version: '2.1.5' +timezone::timezone: "Europe/London" +timezone::region: "Europe" +timezone::locality: "London" +selinux::mode: "enforcing" +vim::opt_misc: [ai, shiftwidth=2, tabstop=2, softtabstop=2, expandtab, ruler, hlsearch, incsearch, nu, nuw=1, nocompatible, history=50, bs=indent,eol,start] +rvm::system_rubies: + "%{hiera('profile::aws_manager::install::ruby_version')}": {} +ntp::servers: [ 'server 0.centos.pool.ntp.org', 'server 1.centos.pool.ntp.org', 'server 2.centos.pool.ntp.org' ] +limits: + '*': + nofile: + soft: '100000' + hard: '100000' + memlock: + soft: 'unlimited' + hard: 'unlimited' + as: + soft: 'unlimited' + hard: 'unlimited' + 'root': + nofile: + soft: '100000' + hard: '100000' + memlock: + soft: 'unlimited' + hard: 'unlimited' + as: + soft: 'unlimited' + hard: 'unlimited' +sudo::purge: false +sudo::configs: + 'ec2-user': + content: 'ec2-user ALL=(ALL) NOPASSWD:ALL' + priority: 5 + 'admins': + content: '%wheel ALL=(ALL) ALL' + priority: 10 +users_cake_sysadmins: + 'tom.stockton': + ensure: 'present' + groups: 'wheel' + home: '/home/tom.stockton' + password: '$1$71dzmhkX$QVRX92u8cZi9V/XvRcJX6/' + shell: '/bin/bash' + managehome: 'true' + ssh_authorized_keys: + 'tom.stockton.key': + type: 'ssh-rsa' + key: 'AAAAB3NzaC1yc2EAAAABIwAAAQEArLhCZiBRIXeq0L/6ulEOGvBLQ7F+IfHyXg1ZmbXhBdMUwx1jm+geS9fn9qlp86vgIHzgNknsZqU0GQkXY3Lp2LyddeBxcTxdv9Ysd94pHBs8in3uhK9Uxl+wrJh88BpKqXuIk91u4zGD89b0evujPRKHuWxFCk6wZiEMCpIWCSjeTQPxY9vmdb/ARtRlOaqisBdrkW4Xy+zcVjjTJHrAsi8a+ctGTNhIG0GV0pWOHoFMvIdd74AP774w1Hlv3u9aqlvdOhZzi+nxQZMrkb8/EugSKAPKzpVyu6/FFoGPBshXGI74W6samu5BOYAdL2vP4MR1qVYoLRQ170P3KhWTww==' + 'cornel.foltea': + ensure: 'present' + groups: 'wheel' + home: '/home/cornel.foltea' + password: '$6$U1n.ftpo$x59ldS3XK9LbkbjfGjlccQRca5xfoCbkzsG7rj1UO4cxZfQaUd.joXsoT1075tF3Y3Ftu3j1LYIe1tpP2RlKL1' + shell: '/bin/bash' + managehome: 'true' + ssh_authorized_keys: + 'cornel.foltea.key': + type: 'ssh-rsa' + key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDEtg4YOVqBRTfeDQQ/x9KQlsNwwzbO0N5u+ppYyG2pR+22FU4u2Rpc+rFdgBRQBCYHOTYb/xGugsLCxBjtne2cg6KmAEXHNAIP3dS8OkQItvHqV3dneHoGfanpk4ZjDY2yHtFnTRZkjQOFq/jnWQvhwtQxopQ9XSE54ghYyePEaDUa/kyZ+FOfA9tYCz+KR2gyPgS3HncFtjsivxABzg6l8d7rG09tb0pGtlNV9O8YRB8lLVZywhYCB/9zPjYsozkK/0oQqsYsB9h+o2gjXyX+0aG9eWxiR3RAVm5GWFcB1wS76/J29ncPvvPyKx9/Ul8KCq/QQtaCWvcz/XDYYEyD' + 'laura.glasu': + ensure: 'present' + groups: 'wheel' + home: '/home/laura.glasu' + password: '$6$VDzdTg4v$FNoRAVRqq0xFwJVfmhXLe6LDzw6Oh5z7DImxq6HcQ.9OBKQ3RMgjsGl2lMJkA5LmndKAKhcH2DOg67Xy8ye/W0' + shell: '/bin/bash' + managehome: 'true' + ssh_authorized_keys: + 'laura.glasu.key': + type: 'ssh-rsa' + key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDiruo0n715F83bgkmed8nYfrL6qXmMlGtbVkk2OemLt+7gVjKVDKoc0wCDrFK+WYts2n2SfQ1tmGTDgYjCgRd20mDaCttiTXrpyevNdU5eiaT2t77Ce4FQaeOJJUF+ECOf/71wpCe7GupXow84bPSC9yIw5Dwy4NPTzN01ArZXD/+DeZeNfupgGb7Tti+JgsiaqhRZaLUzkN6Za/F/nP7nPwhivgQAtu7obIsQZNPA0ug2REGICwp2ncPH7EIV3qrtzyZO5VUCbwG+WFCKZwBq255e72Sgd1F3cpmLWUWDcaSET37Ao27VV41CXCDQcLNRio1SYtTPuDedVOrsFPoR' + 'anirvan.chakraborty': + ensure: 'present' + groups: 'wheel' + home: '/home/anirvan.chakraborty' + password: '$6$ipisq0tN$ooV.owarjKhVVmB00O0xA8NQbVFC.J/McRkaj8DB/ragmVHKvDR7LURj8Ki1q9r2jH/N0vpbTRZp.v30vjCgm.' + shell: '/bin/bash' + managehome: 'true' + ssh_authorized_keys: + 'anirvan.chakraborty.key': + type: 'ssh-rsa' + key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQCkPjMJ5h/qpglOBcVq22+J9Tcs2SWbepCAzvdHB1lyCwTJNn14NERVx6BDsmdxK9x8sDOaVTRuXFcdcCvjjVzfJD+5aLr0tprfT/YeEnn/2jriepg6p4dPmpGN+usyk/ECVm/VEEQmaD7MsWXCexnj3yVBzPK9ldEtVQshtM15xlqeAzPCgvyIZx3RnV3ZIiM34tHCkWMl/gRBq5c36+Ok8+UXOqPelffSzF12340rtMUbpiZqD7bB6JMNAGZOjimA8IngwVls0lAj58KmqZBXF1OiTgf+K82QzsnezZ05lRr4H4jIEFfSFp7vExQzU1E2xNb95Gjkp9o3CfqJy0TN' + +sys::ssh::allowusers: 'anirvan.chakraborty tom.stockton cornel.foltea laura.glasu ec2-user' +sys::ssh::allowgroups: 'ec2-user wheel' + +cassandra::version: "4.7.0-1" +cassandra::opscenter_version: "5.1.3-1" +cassandra::using_dse: true +cassandra::config_path: /etc/dse/cassandra +cassandra_home: /var/lib/cassandra +cassandra_home_mode: 755 +cassandra::service_name: "dse" +cassandra::package_name: "dse-full" +cassandra::repo_baseurl: "http://auto_cakesolutions.net:T4MAbMsNBvtlSKu@rpm.datastax.com/enterprise" +cassandra::seeds: [ "%{::seed_a_eni_ip}", "%{::seed_b_eni_ip}", "%{::seed_c_eni_ip}" ] +cassandra::listen_address: "%{::ipaddress_eth0}" +cassandra::broadcast_address: "%{hiera('cassandra::listen_address')}" +cassandra::rpc_address: '0.0.0.0' +cassandra::broadcast_rpc_address: "%{hiera('cassandra::broadcast_address')}" +cassandra::cluster_name: 'testCassandra' +cassandra::endpoint_snitch: "Ec2Snitch" +cassandra::dse_audit_logging_enabled: true +cassandra::dse_audit_logger: "SLF4JAuditWriter" +cassandra::dse_audit_included_categories: "ADMIN, AUTH, QUERY" +profile::rsyslog::using_rsyslog: false +profile::rsyslog::server: "" +profile::rsyslog::port: "" +profile::rsyslog::cassandra_audit_local: "" +cassandra::service_enable: "true" +cassandra::service_ensure: "running" +cassandra::opscenter_service_enable: "true" +cassandra::opscenter_service_ensure: "running" +cassandra::cassandra_seed_hosts: "%{::seed_a_eni_ip},%{::seed_b_eni_ip},%{::seed_c_eni_ip}" +cassandra::datastax_agent_address_stomp_interface: "%{::opscenter_eni_ip}" +cassandra::datastax_agent_additional_jvm_opts: + - "-Dorg.xerial.snappy.tempdir=/var/lib/datastax-agent/" + - "-Djava.io.tmpdir=/var/lib/datastax-agent/" +cassandra::additional_jvm_opts: + - "-Dorg.xerial.snappy.tempdir=/var/lib/cassandra/" + - "-Dcom.sun.management.jmxremote.rmi.port=48888" + - "-Djava.io.tmpdir=/var/lib/cassandra/" + - "-Dconsistent.rangemovement=false" +profile::ssl_keystores::certs_path: "/etc/dse/certs" +profile::ssl_keystores::keyalg: RSA +profile::ssl_keystores::keysize: 2048 +profile::ssl_keystores::dname: "CN=ods.internal,OU=SDG,O=Shop Direct Home Shopping Limited" +profile::ssl_keystores::keypass: shopdirect +profile::ssl_keystores::storepass: shopdirect +profile::ssl_keystores::keystore: localhost.keystore +profile::ssl_keystores::truststore: localhost.truststore +profile::ssl_keystores::local_csr: localhost.csr +profile::ssl_keystores::local_crt: localhost.signed +profile::ssl_keystores::crt_alias: "%{hiera('cassandra::listen_address')}.crt" +profile::ssl_keystores::crt_signed_alias: "%{hiera('cassandra::listen_address')}.signed.crt" +profile::ssl_keystores::validity: 999999 +profile::ssl_keystores::ca_path: /root/ssl +profile::ssl_keystores::ca_key: clusterCA.key +profile::ssl_keystores::ca_crt: clusterCA.pem +profile::ssl_keystores::ca_alias: clusterca.crt +profile::ssl_keystores::keystore_owner: cassandra +profile::ssl_keystores::keystore_group: cassandra +rsyslog::client::log_remote: false +rsyslog_remote_server_host: '' +rsyslog_remote_server_port: '514' +rsyslog_remote_server_protocol: 'tcp' +rsyslog::server::enable_tcp: false +rsyslog::server::enable_udp: false +rsyslog::server::enable_relp: false \ No newline at end of file diff --git a/kitchenci/manifests/site.pp b/kitchenci/manifests/site.pp new file mode 100644 index 0000000..e5bd0d6 --- /dev/null +++ b/kitchenci/manifests/site.pp @@ -0,0 +1 @@ +include cassandra diff --git a/kitchenci/test/integration/default/serverspec/conf_spec.rb b/kitchenci/test/integration/default/serverspec/conf_spec.rb new file mode 100644 index 0000000..f0b31fe --- /dev/null +++ b/kitchenci/test/integration/default/serverspec/conf_spec.rb @@ -0,0 +1,114 @@ +require 'serverspec' + +set :backend, :exec + +## checking successfull puppet run +describe command('grep fail /var/lib/puppet/state/last_run_summary.yaml |grep -v "fail.*:\ 0”') do + its(:exit_status) { should eq 1 } +end + +describe user('cassandra') do + it { should exist } +end + +describe group('cassandra') do + it { should exist } +end + +describe file('/var/lib/cassandra/data') do + it { should be_directory } + it { should be_mode 0644 } + it { should be_owned_by 'cassandra' } + it { should be_grouped_into 'cassandra' } +end + +describe file('/etc/cassandra/conf/cassandra-env.sh') do + it { should be_file } + it { should be_mode 0644 } + it { should be_owned_by 'cassandra' } + it { should be_grouped_into 'cassandra' } + its(:content) { should match /JVM_OPTS="$JVM_OPTS -Dorg.xerial.snappy.tempdir=\/var\/lib\/cassandra\/ -Dcom.sun.management.jmxremote.rmi.port=48888 -Djava.io.tmpdir=\/var\/lib\/cassandra\/ -Dconsistent.rangemovement=false JMX_PORT=7199"/} +end + +describe file('/etc/cassandra/conf/cassandra.yaml') do + it { should be_file } + it { should be_mode 0644 } + it { should be_owned_by 'cassandra' } + it { should be_grouped_into 'cassandra' } + its(:content) { should match /cluster_name: testCassandra/} + its(:content) { should match /num_tokens: 256/} + its(:content) { should match /initial_token: /} + its(:content) { should match /authenticator: AllowAllAuthenticator/} + its(:content) { should match /authorizer: AllowAllAuthorizer/} + its(:content) { should match /partitioner: org.apache.cassandra.dht.Murmur3Partitioner/} + its(:content) { should match /- '\/var\/lib\/cassandra\/data'/} + its(:content) { should match /commitlog_directory: '\/var\/lib\/cassandra\/commitlog'/} + its(:content) { should match /disk_failure_policy: stop/} + its(:content) { should match /saved_caches_directory: '\/var\/lib\/cassandra\/saved_caches'/} + its(:content) { should match /seeds: 1.2.3.4, 5.6.7.8, 9.10.11.12/} # %{::seed_a_eni_ip}, %{::seed_b_eni_ip}, %{::seed_c_eni_ip} ==> 1.2.3.4, 5.6.7.8, 9.10.11.12 + its(:content) { should match /concurrent_reads: 16/} # $::processorcount * 8 ==> 16 + its(:content) { should match /concurrent_writes: 16/} # $::processorcount * 8 ==> 16 + its(:content) { should match /storage_port: 7000/} + its(:content) { should match /listen_address: 13.14.15.16/} #::ipaddress_eth0 ==> 13.14.15.16 + its(:content) { should match /broadcast_address: 13.14.15.16/} #::ipaddress_eth0 ==> 13.14.15.16 + its(:content) { should match /start_native_transport: true/} + its(:content) { should match /native_transport_port: 9042/} + its(:content) { should match /start_rpc: true/} + its(:content) { should match /rpc_port: 9160/} + its(:content) { should match /broadcast_rpc_address: 13.14.15.16/} #::ipaddress_eth0 ==> 13.14.15.16 + its(:content) { should match /rpc_server_type: hsha/} + its(:content) { should match /rpc_min_threads: 0/} + its(:content) { should match /rpc_max_threads: 2048/} + its(:content) { should match /incremental_backups: false/} + its(:content) { should match /snapshot_before_compaction: false/} + its(:content) { should match /auto_snapshot: true/} + its(:content) { should match /endpoint_snitch: Ec2Snitch/} +### server_encryption_options: + its(:content) { should match /internode_encryption: none/} + its(:content) { should match /keystore: /} + its(:content) { should match /keystore_password: /} + its(:content) { should match /require_client_auth: false/} + its(:content) { should match /truststore: /} + its(:content) { should match /truststore_password: /} + its(:content) { should match /protocol: TLS/} + its(:content) { should match /algorithm: SunX509/} + its(:content) { should match /store_type: JKS/} +###client_encryption_options: + its(:content) { should match /enabled: false/} + its(:content) { should match /keystore: /} + its(:content) { should match /keystore_password: /} + its(:content) { should match /require_client_auth: false/} + its(:content) { should match /protocol: TLS/} + its(:content) { should match /algorithm: SunX509/} + its(:content) { should match /store_type: JKS/} +end + +describe file('/etc/dse/dse.yaml') do + it { should be_file } + it { should be_mode 0644 } + it { should be_owned_by 'cassandra' } + it { should be_grouped_into 'cassandra' } +### Audit logging options + its(:content) { should match /enabled: true/} + its(:content) { should match /logger: SLF4JAuditWriter/} + its(:content) { should match /included_categories: ADMIN, AUTH, QUERY/} + its(:content) { should match /# excluded_categories:/} + its(:content) { should match /# included_keyspaces:/} + its(:content) { should match /# excluded_keyspaces:/} +end + +describe file('/etc/datastax-agent/datastax-agent-env.sh') do + it { should be_file } + it { should be_mode 0644 } + it { should be_owned_by 'cassandra' } + it { should be_grouped_into 'cassandra' } + its(:content) { should match /JVM_OPTS="$JVM_OPTS -Dorg.xerial.snappy.tempdir=\/var\/lib\/datastax-agent\/ -Djava.io.tmpdir=\/var\/lib\/datastax-agent\//} +end + +describe file('var/lib/datastax-agent/conf/address.yaml') do + it { should be_file } + it { should be_mode 0644 } + it { should be_owned_by 'cassandra' } + it { should be_grouped_into 'cassandra' } + its(:content) { should match /stomp_interface: 17.18.19.20/} #::opscenter_eni_ip ==> 17.18.19.20 +end \ No newline at end of file diff --git a/kitchenci/test/integration/default/serverspec/install_spec.rb b/kitchenci/test/integration/default/serverspec/install_spec.rb new file mode 100644 index 0000000..207a349 --- /dev/null +++ b/kitchenci/test/integration/default/serverspec/install_spec.rb @@ -0,0 +1,22 @@ +require 'serverspec' + +set :backend, :exec + +## checking successfull puppet run +describe command('grep fail /var/lib/puppet/state/last_run_summary.yaml |grep -v "fail.*:\ 0”') do + its(:exit_status) { should eq 1 } +end + +## java_package is defined twice in params.pp of puppet-cassandra module with two different values, +## seems like java-1.7.0-openjdk is the correct default value not openjdk-7-jre +describe package('java-1.7.0-openjdk') do + it { should be_installed.by('rpm') } +end + +describe package('dse') do + it { should be_installed}.by('rpm').with_version('4.7.0-1') } +end + +describe package('python26-cql') do + it { should be_installed.by('rpm') } +end diff --git a/kitchenci/test/integration/default/serverspec/repo_spec.rb b/kitchenci/test/integration/default/serverspec/repo_spec.rb new file mode 100644 index 0000000..33ee8b2 --- /dev/null +++ b/kitchenci/test/integration/default/serverspec/repo_spec.rb @@ -0,0 +1,21 @@ +require 'serverspec' + +set :backend, :exec + +## checking successfull puppet run +describe command('grep fail /var/lib/puppet/state/last_run_summary.yaml |grep -v "fail.*:\ 0”') do + its(:exit_status) { should eq 1 } +end + +## check Cassandra repo +describe yumrepo('datastax') do + it { should exist } + it { should be_enabled } +end + +#TODO: add matches for the rest of repo file content +describe file('/etc/yum.repo.d/datastax.repo') do + it { should be_file } + its(:content) { should match /baseurl=http:\/\/auto_cakesolutions.net:T4MAbMsNBvtlSKu@rpm.datastax.com\/enterprise/ } + its(:content) { should match /gpgcheck=0/ } +end \ No newline at end of file diff --git a/kitchenci/test/integration/default/serverspec/service_spec.rb b/kitchenci/test/integration/default/serverspec/service_spec.rb new file mode 100644 index 0000000..3a7411f --- /dev/null +++ b/kitchenci/test/integration/default/serverspec/service_spec.rb @@ -0,0 +1,18 @@ +require 'serverspec' + +set :backend, :exec + +## checking successfull puppet run +describe command('grep fail /var/lib/puppet/state/last_run_summary.yaml |grep -v "fail.*:\ 0”') do + its(:exit_status) { should eq 1 } +end + +describe service('dse') do + it { should be_enabled } + it { should be_running } +end + +describe service('datastax-agent') do + it { should be_enabled } + it { should be_running } +end \ No newline at end of file From 568dc0beccadf9b791a50d75fe5dd16edb4aac23 Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 24 Jun 2015 14:39:28 +0100 Subject: [PATCH 02/18] fixing hiera_data_path typo, adding hiera_config_path param --- kitchenci/.kitchen.yml | 3 +- kitchenci/hiera.yaml | 7 ++ kitchenci/hieradata/common.yaml | 167 ++++++++++++++++++++++++++++++++ 3 files changed, 176 insertions(+), 1 deletion(-) create mode 100644 kitchenci/hiera.yaml create mode 100644 kitchenci/hieradata/common.yaml diff --git a/kitchenci/.kitchen.yml b/kitchenci/.kitchen.yml index a894b4a..c4ea147 100644 --- a/kitchenci/.kitchen.yml +++ b/kitchenci/.kitchen.yml @@ -7,7 +7,8 @@ provisioner: puppet_version: {puppet_version} mainfests_path: manifests modules_path: modules - hira_data_path: hiradata + hiera_config_path: hiera.yaml + hiera_data_path: hieradata platforms: {platforms} diff --git a/kitchenci/hiera.yaml b/kitchenci/hiera.yaml new file mode 100644 index 0000000..c258cff --- /dev/null +++ b/kitchenci/hiera.yaml @@ -0,0 +1,7 @@ +--- +:backends: + - yaml +:yaml: + :datadir: /tmp/kitchen/hiera +:hierarchy: + - common diff --git a/kitchenci/hieradata/common.yaml b/kitchenci/hieradata/common.yaml new file mode 100644 index 0000000..5cda36c --- /dev/null +++ b/kitchenci/hieradata/common.yaml @@ -0,0 +1,167 @@ +--- +awscli::version: '1.7.34' +appdynamics::source_url: 'https://s3-eu-west-1.amazonaws.com/cakesolutions-public-downloads' +appdynamics::version: '4.0.7.0' +appdynamics::install_location: '/opt/appdynamics_agent' +appdynamics::controller_host: 'cakesolutions720.saas.appdynamics.com' +appdynamics::controller_port: '443' +appdynamics::controller_ssl_enabled: 'true' +appdynamics::account_name: 'CakeSolutions720' +appdynamics::account_access_key: '2u3xgvl0w2zd' +appdynamics::application_name: 'ODS' +appdynamics::tier_name: 'undef' +appdynamics::service_ensure: 'running' +appdynamics::service_enable: 'true' +appdynamics::java_opts: '-Dappdynamics.agent.maxMetrics=10000' +profile::aws_manager::install::github_source: 'git@github.com:cakesolutions/shopdirect-aws-manager.git' +profile::aws_manager::install::version: '0.1.0' +profile::aws_manager::install::ruby_version: '2.1.5' +timezone::timezone: "Europe/London" +timezone::region: "Europe" +timezone::locality: "London" +selinux::mode: "enforcing" +vim::opt_misc: [ai, shiftwidth=2, tabstop=2, softtabstop=2, expandtab, ruler, hlsearch, incsearch, nu, nuw=1, nocompatible, history=50, bs=indent,eol,start] +rvm::system_rubies: + "%{hiera('profile::aws_manager::install::ruby_version')}": {} +ntp::servers: [ 'server 0.centos.pool.ntp.org', 'server 1.centos.pool.ntp.org', 'server 2.centos.pool.ntp.org' ] +limits: + '*': + nofile: + soft: '100000' + hard: '100000' + memlock: + soft: 'unlimited' + hard: 'unlimited' + as: + soft: 'unlimited' + hard: 'unlimited' + 'root': + nofile: + soft: '100000' + hard: '100000' + memlock: + soft: 'unlimited' + hard: 'unlimited' + as: + soft: 'unlimited' + hard: 'unlimited' +sudo::purge: false +sudo::configs: + 'ec2-user': + content: 'ec2-user ALL=(ALL) NOPASSWD:ALL' + priority: 5 + 'admins': + content: '%wheel ALL=(ALL) ALL' + priority: 10 +users_cake_sysadmins: + 'tom.stockton': + ensure: 'present' + groups: 'wheel' + home: '/home/tom.stockton' + password: '$1$71dzmhkX$QVRX92u8cZi9V/XvRcJX6/' + shell: '/bin/bash' + managehome: 'true' + ssh_authorized_keys: + 'tom.stockton.key': + type: 'ssh-rsa' + key: 'AAAAB3NzaC1yc2EAAAABIwAAAQEArLhCZiBRIXeq0L/6ulEOGvBLQ7F+IfHyXg1ZmbXhBdMUwx1jm+geS9fn9qlp86vgIHzgNknsZqU0GQkXY3Lp2LyddeBxcTxdv9Ysd94pHBs8in3uhK9Uxl+wrJh88BpKqXuIk91u4zGD89b0evujPRKHuWxFCk6wZiEMCpIWCSjeTQPxY9vmdb/ARtRlOaqisBdrkW4Xy+zcVjjTJHrAsi8a+ctGTNhIG0GV0pWOHoFMvIdd74AP774w1Hlv3u9aqlvdOhZzi+nxQZMrkb8/EugSKAPKzpVyu6/FFoGPBshXGI74W6samu5BOYAdL2vP4MR1qVYoLRQ170P3KhWTww==' + 'cornel.foltea': + ensure: 'present' + groups: 'wheel' + home: '/home/cornel.foltea' + password: '$6$U1n.ftpo$x59ldS3XK9LbkbjfGjlccQRca5xfoCbkzsG7rj1UO4cxZfQaUd.joXsoT1075tF3Y3Ftu3j1LYIe1tpP2RlKL1' + shell: '/bin/bash' + managehome: 'true' + ssh_authorized_keys: + 'cornel.foltea.key': + type: 'ssh-rsa' + key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDEtg4YOVqBRTfeDQQ/x9KQlsNwwzbO0N5u+ppYyG2pR+22FU4u2Rpc+rFdgBRQBCYHOTYb/xGugsLCxBjtne2cg6KmAEXHNAIP3dS8OkQItvHqV3dneHoGfanpk4ZjDY2yHtFnTRZkjQOFq/jnWQvhwtQxopQ9XSE54ghYyePEaDUa/kyZ+FOfA9tYCz+KR2gyPgS3HncFtjsivxABzg6l8d7rG09tb0pGtlNV9O8YRB8lLVZywhYCB/9zPjYsozkK/0oQqsYsB9h+o2gjXyX+0aG9eWxiR3RAVm5GWFcB1wS76/J29ncPvvPyKx9/Ul8KCq/QQtaCWvcz/XDYYEyD' + 'laura.glasu': + ensure: 'present' + groups: 'wheel' + home: '/home/laura.glasu' + password: '$6$VDzdTg4v$FNoRAVRqq0xFwJVfmhXLe6LDzw6Oh5z7DImxq6HcQ.9OBKQ3RMgjsGl2lMJkA5LmndKAKhcH2DOg67Xy8ye/W0' + shell: '/bin/bash' + managehome: 'true' + ssh_authorized_keys: + 'laura.glasu.key': + type: 'ssh-rsa' + key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDiruo0n715F83bgkmed8nYfrL6qXmMlGtbVkk2OemLt+7gVjKVDKoc0wCDrFK+WYts2n2SfQ1tmGTDgYjCgRd20mDaCttiTXrpyevNdU5eiaT2t77Ce4FQaeOJJUF+ECOf/71wpCe7GupXow84bPSC9yIw5Dwy4NPTzN01ArZXD/+DeZeNfupgGb7Tti+JgsiaqhRZaLUzkN6Za/F/nP7nPwhivgQAtu7obIsQZNPA0ug2REGICwp2ncPH7EIV3qrtzyZO5VUCbwG+WFCKZwBq255e72Sgd1F3cpmLWUWDcaSET37Ao27VV41CXCDQcLNRio1SYtTPuDedVOrsFPoR' + 'anirvan.chakraborty': + ensure: 'present' + groups: 'wheel' + home: '/home/anirvan.chakraborty' + password: '$6$ipisq0tN$ooV.owarjKhVVmB00O0xA8NQbVFC.J/McRkaj8DB/ragmVHKvDR7LURj8Ki1q9r2jH/N0vpbTRZp.v30vjCgm.' + shell: '/bin/bash' + managehome: 'true' + ssh_authorized_keys: + 'anirvan.chakraborty.key': + type: 'ssh-rsa' + key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQCkPjMJ5h/qpglOBcVq22+J9Tcs2SWbepCAzvdHB1lyCwTJNn14NERVx6BDsmdxK9x8sDOaVTRuXFcdcCvjjVzfJD+5aLr0tprfT/YeEnn/2jriepg6p4dPmpGN+usyk/ECVm/VEEQmaD7MsWXCexnj3yVBzPK9ldEtVQshtM15xlqeAzPCgvyIZx3RnV3ZIiM34tHCkWMl/gRBq5c36+Ok8+UXOqPelffSzF12340rtMUbpiZqD7bB6JMNAGZOjimA8IngwVls0lAj58KmqZBXF1OiTgf+K82QzsnezZ05lRr4H4jIEFfSFp7vExQzU1E2xNb95Gjkp9o3CfqJy0TN' + +sys::ssh::allowusers: 'anirvan.chakraborty tom.stockton cornel.foltea laura.glasu ec2-user' +sys::ssh::allowgroups: 'ec2-user wheel' + +cassandra::version: "4.7.0-1" +cassandra::opscenter_version: "5.1.3-1" +cassandra::using_dse: true +cassandra::config_path: /etc/dse/cassandra +cassandra_home: /var/lib/cassandra +cassandra_home_mode: 755 +cassandra::service_name: "dse" +cassandra::package_name: "dse-full" +cassandra::repo_baseurl: "http://auto_cakesolutions.net:T4MAbMsNBvtlSKu@rpm.datastax.com/enterprise" +cassandra::seeds: [ "%{::seed_a_eni_ip}", "%{::seed_b_eni_ip}", "%{::seed_c_eni_ip}" ] +cassandra::listen_address: "%{::ipaddress_eth0}" +cassandra::broadcast_address: "%{hiera('cassandra::listen_address')}" +cassandra::rpc_address: '0.0.0.0' +cassandra::broadcast_rpc_address: "%{hiera('cassandra::broadcast_address')}" +cassandra::cluster_name: 'testCassandra' +cassandra::endpoint_snitch: "Ec2Snitch" +cassandra::dse_audit_logging_enabled: true +cassandra::dse_audit_logger: "SLF4JAuditWriter" +cassandra::dse_audit_included_categories: "ADMIN, AUTH, QUERY" +profile::rsyslog::using_rsyslog: false +profile::rsyslog::server: "" +profile::rsyslog::port: "" +profile::rsyslog::cassandra_audit_local: "" +cassandra::service_enable: "true" +cassandra::service_ensure: "running" +cassandra::opscenter_service_enable: "true" +cassandra::opscenter_service_ensure: "running" +cassandra::cassandra_seed_hosts: "%{::seed_a_eni_ip},%{::seed_b_eni_ip},%{::seed_c_eni_ip}" +cassandra::datastax_agent_stomp_interface: "%{::opscenter_eni_ip}" +cassandra::datastax_agent_additional_jvm_opts: + - "-Dorg.xerial.snappy.tempdir=/var/lib/datastax-agent/" + - "-Djava.io.tmpdir=/var/lib/datastax-agent/" +cassandra::additional_jvm_opts: + - "-Dorg.xerial.snappy.tempdir=/var/lib/cassandra/" + - "-Dcom.sun.management.jmxremote.rmi.port=48888" + - "-Djava.io.tmpdir=/var/lib/cassandra/" + - "-Dconsistent.rangemovement=false" +profile::ssl_keystores::certs_path: "/etc/dse/certs" +profile::ssl_keystores::keyalg: RSA +profile::ssl_keystores::keysize: 2048 +profile::ssl_keystores::dname: "CN=ods.internal,OU=SDG,O=Shop Direct Home Shopping Limited" +profile::ssl_keystores::keypass: shopdirect +profile::ssl_keystores::storepass: shopdirect +profile::ssl_keystores::keystore: localhost.keystore +profile::ssl_keystores::truststore: localhost.truststore +profile::ssl_keystores::local_csr: localhost.csr +profile::ssl_keystores::local_crt: localhost.signed +profile::ssl_keystores::crt_alias: "%{hiera('cassandra::listen_address')}.crt" +profile::ssl_keystores::crt_signed_alias: "%{hiera('cassandra::listen_address')}.signed.crt" +profile::ssl_keystores::validity: 999999 +profile::ssl_keystores::ca_path: /root/ssl +profile::ssl_keystores::ca_key: clusterCA.key +profile::ssl_keystores::ca_crt: clusterCA.pem +profile::ssl_keystores::ca_alias: clusterca.crt +profile::ssl_keystores::keystore_owner: cassandra +profile::ssl_keystores::keystore_group: cassandra +rsyslog::client::log_remote: false +rsyslog_remote_server_host: '' +rsyslog_remote_server_port: '514' +rsyslog_remote_server_protocol: 'tcp' +rsyslog::server::enable_tcp: false +rsyslog::server::enable_udp: false +rsyslog::server::enable_relp: false From 5cf12cd19eb57149f809b8fb895297c51986c8aa Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 24 Jun 2015 14:41:38 +0100 Subject: [PATCH 03/18] removing old hiradat directory --- kitchenci/hiradata/common.yaml | 167 --------------------------------- 1 file changed, 167 deletions(-) delete mode 100644 kitchenci/hiradata/common.yaml diff --git a/kitchenci/hiradata/common.yaml b/kitchenci/hiradata/common.yaml deleted file mode 100644 index 38b86f4..0000000 --- a/kitchenci/hiradata/common.yaml +++ /dev/null @@ -1,167 +0,0 @@ ---- -awscli::version: '1.7.34' -appdynamics::source_url: 'https://s3-eu-west-1.amazonaws.com/cakesolutions-public-downloads' -appdynamics::version: '4.0.7.0' -appdynamics::install_location: '/opt/appdynamics_agent' -appdynamics::controller_host: 'cakesolutions720.saas.appdynamics.com' -appdynamics::controller_port: '443' -appdynamics::controller_ssl_enabled: 'true' -appdynamics::account_name: 'CakeSolutions720' -appdynamics::account_access_key: '2u3xgvl0w2zd' -appdynamics::application_name: 'ODS' -appdynamics::tier_name: 'undef' -appdynamics::service_ensure: 'running' -appdynamics::service_enable: 'true' -appdynamics::java_opts: '-Dappdynamics.agent.maxMetrics=10000' -profile::aws_manager::install::github_source: 'git@github.com:cakesolutions/shopdirect-aws-manager.git' -profile::aws_manager::install::version: '0.1.0' -profile::aws_manager::install::ruby_version: '2.1.5' -timezone::timezone: "Europe/London" -timezone::region: "Europe" -timezone::locality: "London" -selinux::mode: "enforcing" -vim::opt_misc: [ai, shiftwidth=2, tabstop=2, softtabstop=2, expandtab, ruler, hlsearch, incsearch, nu, nuw=1, nocompatible, history=50, bs=indent,eol,start] -rvm::system_rubies: - "%{hiera('profile::aws_manager::install::ruby_version')}": {} -ntp::servers: [ 'server 0.centos.pool.ntp.org', 'server 1.centos.pool.ntp.org', 'server 2.centos.pool.ntp.org' ] -limits: - '*': - nofile: - soft: '100000' - hard: '100000' - memlock: - soft: 'unlimited' - hard: 'unlimited' - as: - soft: 'unlimited' - hard: 'unlimited' - 'root': - nofile: - soft: '100000' - hard: '100000' - memlock: - soft: 'unlimited' - hard: 'unlimited' - as: - soft: 'unlimited' - hard: 'unlimited' -sudo::purge: false -sudo::configs: - 'ec2-user': - content: 'ec2-user ALL=(ALL) NOPASSWD:ALL' - priority: 5 - 'admins': - content: '%wheel ALL=(ALL) ALL' - priority: 10 -users_cake_sysadmins: - 'tom.stockton': - ensure: 'present' - groups: 'wheel' - home: '/home/tom.stockton' - password: '$1$71dzmhkX$QVRX92u8cZi9V/XvRcJX6/' - shell: '/bin/bash' - managehome: 'true' - ssh_authorized_keys: - 'tom.stockton.key': - type: 'ssh-rsa' - key: 'AAAAB3NzaC1yc2EAAAABIwAAAQEArLhCZiBRIXeq0L/6ulEOGvBLQ7F+IfHyXg1ZmbXhBdMUwx1jm+geS9fn9qlp86vgIHzgNknsZqU0GQkXY3Lp2LyddeBxcTxdv9Ysd94pHBs8in3uhK9Uxl+wrJh88BpKqXuIk91u4zGD89b0evujPRKHuWxFCk6wZiEMCpIWCSjeTQPxY9vmdb/ARtRlOaqisBdrkW4Xy+zcVjjTJHrAsi8a+ctGTNhIG0GV0pWOHoFMvIdd74AP774w1Hlv3u9aqlvdOhZzi+nxQZMrkb8/EugSKAPKzpVyu6/FFoGPBshXGI74W6samu5BOYAdL2vP4MR1qVYoLRQ170P3KhWTww==' - 'cornel.foltea': - ensure: 'present' - groups: 'wheel' - home: '/home/cornel.foltea' - password: '$6$U1n.ftpo$x59ldS3XK9LbkbjfGjlccQRca5xfoCbkzsG7rj1UO4cxZfQaUd.joXsoT1075tF3Y3Ftu3j1LYIe1tpP2RlKL1' - shell: '/bin/bash' - managehome: 'true' - ssh_authorized_keys: - 'cornel.foltea.key': - type: 'ssh-rsa' - key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDEtg4YOVqBRTfeDQQ/x9KQlsNwwzbO0N5u+ppYyG2pR+22FU4u2Rpc+rFdgBRQBCYHOTYb/xGugsLCxBjtne2cg6KmAEXHNAIP3dS8OkQItvHqV3dneHoGfanpk4ZjDY2yHtFnTRZkjQOFq/jnWQvhwtQxopQ9XSE54ghYyePEaDUa/kyZ+FOfA9tYCz+KR2gyPgS3HncFtjsivxABzg6l8d7rG09tb0pGtlNV9O8YRB8lLVZywhYCB/9zPjYsozkK/0oQqsYsB9h+o2gjXyX+0aG9eWxiR3RAVm5GWFcB1wS76/J29ncPvvPyKx9/Ul8KCq/QQtaCWvcz/XDYYEyD' - 'laura.glasu': - ensure: 'present' - groups: 'wheel' - home: '/home/laura.glasu' - password: '$6$VDzdTg4v$FNoRAVRqq0xFwJVfmhXLe6LDzw6Oh5z7DImxq6HcQ.9OBKQ3RMgjsGl2lMJkA5LmndKAKhcH2DOg67Xy8ye/W0' - shell: '/bin/bash' - managehome: 'true' - ssh_authorized_keys: - 'laura.glasu.key': - type: 'ssh-rsa' - key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDiruo0n715F83bgkmed8nYfrL6qXmMlGtbVkk2OemLt+7gVjKVDKoc0wCDrFK+WYts2n2SfQ1tmGTDgYjCgRd20mDaCttiTXrpyevNdU5eiaT2t77Ce4FQaeOJJUF+ECOf/71wpCe7GupXow84bPSC9yIw5Dwy4NPTzN01ArZXD/+DeZeNfupgGb7Tti+JgsiaqhRZaLUzkN6Za/F/nP7nPwhivgQAtu7obIsQZNPA0ug2REGICwp2ncPH7EIV3qrtzyZO5VUCbwG+WFCKZwBq255e72Sgd1F3cpmLWUWDcaSET37Ao27VV41CXCDQcLNRio1SYtTPuDedVOrsFPoR' - 'anirvan.chakraborty': - ensure: 'present' - groups: 'wheel' - home: '/home/anirvan.chakraborty' - password: '$6$ipisq0tN$ooV.owarjKhVVmB00O0xA8NQbVFC.J/McRkaj8DB/ragmVHKvDR7LURj8Ki1q9r2jH/N0vpbTRZp.v30vjCgm.' - shell: '/bin/bash' - managehome: 'true' - ssh_authorized_keys: - 'anirvan.chakraborty.key': - type: 'ssh-rsa' - key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQCkPjMJ5h/qpglOBcVq22+J9Tcs2SWbepCAzvdHB1lyCwTJNn14NERVx6BDsmdxK9x8sDOaVTRuXFcdcCvjjVzfJD+5aLr0tprfT/YeEnn/2jriepg6p4dPmpGN+usyk/ECVm/VEEQmaD7MsWXCexnj3yVBzPK9ldEtVQshtM15xlqeAzPCgvyIZx3RnV3ZIiM34tHCkWMl/gRBq5c36+Ok8+UXOqPelffSzF12340rtMUbpiZqD7bB6JMNAGZOjimA8IngwVls0lAj58KmqZBXF1OiTgf+K82QzsnezZ05lRr4H4jIEFfSFp7vExQzU1E2xNb95Gjkp9o3CfqJy0TN' - -sys::ssh::allowusers: 'anirvan.chakraborty tom.stockton cornel.foltea laura.glasu ec2-user' -sys::ssh::allowgroups: 'ec2-user wheel' - -cassandra::version: "4.7.0-1" -cassandra::opscenter_version: "5.1.3-1" -cassandra::using_dse: true -cassandra::config_path: /etc/dse/cassandra -cassandra_home: /var/lib/cassandra -cassandra_home_mode: 755 -cassandra::service_name: "dse" -cassandra::package_name: "dse-full" -cassandra::repo_baseurl: "http://auto_cakesolutions.net:T4MAbMsNBvtlSKu@rpm.datastax.com/enterprise" -cassandra::seeds: [ "%{::seed_a_eni_ip}", "%{::seed_b_eni_ip}", "%{::seed_c_eni_ip}" ] -cassandra::listen_address: "%{::ipaddress_eth0}" -cassandra::broadcast_address: "%{hiera('cassandra::listen_address')}" -cassandra::rpc_address: '0.0.0.0' -cassandra::broadcast_rpc_address: "%{hiera('cassandra::broadcast_address')}" -cassandra::cluster_name: 'testCassandra' -cassandra::endpoint_snitch: "Ec2Snitch" -cassandra::dse_audit_logging_enabled: true -cassandra::dse_audit_logger: "SLF4JAuditWriter" -cassandra::dse_audit_included_categories: "ADMIN, AUTH, QUERY" -profile::rsyslog::using_rsyslog: false -profile::rsyslog::server: "" -profile::rsyslog::port: "" -profile::rsyslog::cassandra_audit_local: "" -cassandra::service_enable: "true" -cassandra::service_ensure: "running" -cassandra::opscenter_service_enable: "true" -cassandra::opscenter_service_ensure: "running" -cassandra::cassandra_seed_hosts: "%{::seed_a_eni_ip},%{::seed_b_eni_ip},%{::seed_c_eni_ip}" -cassandra::datastax_agent_address_stomp_interface: "%{::opscenter_eni_ip}" -cassandra::datastax_agent_additional_jvm_opts: - - "-Dorg.xerial.snappy.tempdir=/var/lib/datastax-agent/" - - "-Djava.io.tmpdir=/var/lib/datastax-agent/" -cassandra::additional_jvm_opts: - - "-Dorg.xerial.snappy.tempdir=/var/lib/cassandra/" - - "-Dcom.sun.management.jmxremote.rmi.port=48888" - - "-Djava.io.tmpdir=/var/lib/cassandra/" - - "-Dconsistent.rangemovement=false" -profile::ssl_keystores::certs_path: "/etc/dse/certs" -profile::ssl_keystores::keyalg: RSA -profile::ssl_keystores::keysize: 2048 -profile::ssl_keystores::dname: "CN=ods.internal,OU=SDG,O=Shop Direct Home Shopping Limited" -profile::ssl_keystores::keypass: shopdirect -profile::ssl_keystores::storepass: shopdirect -profile::ssl_keystores::keystore: localhost.keystore -profile::ssl_keystores::truststore: localhost.truststore -profile::ssl_keystores::local_csr: localhost.csr -profile::ssl_keystores::local_crt: localhost.signed -profile::ssl_keystores::crt_alias: "%{hiera('cassandra::listen_address')}.crt" -profile::ssl_keystores::crt_signed_alias: "%{hiera('cassandra::listen_address')}.signed.crt" -profile::ssl_keystores::validity: 999999 -profile::ssl_keystores::ca_path: /root/ssl -profile::ssl_keystores::ca_key: clusterCA.key -profile::ssl_keystores::ca_crt: clusterCA.pem -profile::ssl_keystores::ca_alias: clusterca.crt -profile::ssl_keystores::keystore_owner: cassandra -profile::ssl_keystores::keystore_group: cassandra -rsyslog::client::log_remote: false -rsyslog_remote_server_host: '' -rsyslog_remote_server_port: '514' -rsyslog_remote_server_protocol: 'tcp' -rsyslog::server::enable_tcp: false -rsyslog::server::enable_udp: false -rsyslog::server::enable_relp: false \ No newline at end of file From 3659efce770bac5bebec2a19514224ced1668e1b Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 24 Jun 2015 14:43:43 +0100 Subject: [PATCH 04/18] fixing wrong paths of conf files --- kitchenci/test/integration/default/serverspec/conf_spec.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/kitchenci/test/integration/default/serverspec/conf_spec.rb b/kitchenci/test/integration/default/serverspec/conf_spec.rb index f0b31fe..cfe0870 100644 --- a/kitchenci/test/integration/default/serverspec/conf_spec.rb +++ b/kitchenci/test/integration/default/serverspec/conf_spec.rb @@ -22,7 +22,7 @@ it { should be_grouped_into 'cassandra' } end -describe file('/etc/cassandra/conf/cassandra-env.sh') do +describe file('/etc/dse/cassandra/cassandra-env.sh') do it { should be_file } it { should be_mode 0644 } it { should be_owned_by 'cassandra' } @@ -30,7 +30,7 @@ its(:content) { should match /JVM_OPTS="$JVM_OPTS -Dorg.xerial.snappy.tempdir=\/var\/lib\/cassandra\/ -Dcom.sun.management.jmxremote.rmi.port=48888 -Djava.io.tmpdir=\/var\/lib\/cassandra\/ -Dconsistent.rangemovement=false JMX_PORT=7199"/} end -describe file('/etc/cassandra/conf/cassandra.yaml') do +describe file('/etc/dse/cassandra/cassandra.yaml') do it { should be_file } it { should be_mode 0644 } it { should be_owned_by 'cassandra' } @@ -111,4 +111,4 @@ it { should be_owned_by 'cassandra' } it { should be_grouped_into 'cassandra' } its(:content) { should match /stomp_interface: 17.18.19.20/} #::opscenter_eni_ip ==> 17.18.19.20 -end \ No newline at end of file +end From 3eeb5897b2c0d996c2013457f6a810b9958bb6bb Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 24 Jun 2015 14:44:16 +0100 Subject: [PATCH 05/18] fixing typo in install_spec.rb --- kitchenci/test/integration/default/serverspec/install_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kitchenci/test/integration/default/serverspec/install_spec.rb b/kitchenci/test/integration/default/serverspec/install_spec.rb index 207a349..e65c508 100644 --- a/kitchenci/test/integration/default/serverspec/install_spec.rb +++ b/kitchenci/test/integration/default/serverspec/install_spec.rb @@ -14,7 +14,7 @@ end describe package('dse') do - it { should be_installed}.by('rpm').with_version('4.7.0-1') } + it { should be_installed.by('rpm').with_version('4.7.0-1') } end describe package('python26-cql') do From a879ecf2dc47815395ad606ee25c29c4e29b8253 Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 24 Jun 2015 15:05:33 +0100 Subject: [PATCH 06/18] fix repo file's directory path --- kitchenci/test/integration/default/serverspec/repo_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kitchenci/test/integration/default/serverspec/repo_spec.rb b/kitchenci/test/integration/default/serverspec/repo_spec.rb index 33ee8b2..1624efd 100644 --- a/kitchenci/test/integration/default/serverspec/repo_spec.rb +++ b/kitchenci/test/integration/default/serverspec/repo_spec.rb @@ -14,7 +14,7 @@ end #TODO: add matches for the rest of repo file content -describe file('/etc/yum.repo.d/datastax.repo') do +describe file('/etc/yum.repos.d/datastax.repo') do it { should be_file } its(:content) { should match /baseurl=http:\/\/auto_cakesolutions.net:T4MAbMsNBvtlSKu@rpm.datastax.com\/enterprise/ } its(:content) { should match /gpgcheck=0/ } From 914d9fddad1b98c1a9455fce3a5993b4c5f1be22 Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 24 Jun 2015 15:11:02 +0100 Subject: [PATCH 07/18] fix dse package_name --- kitchenci/test/integration/default/serverspec/install_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kitchenci/test/integration/default/serverspec/install_spec.rb b/kitchenci/test/integration/default/serverspec/install_spec.rb index e65c508..c51a0ef 100644 --- a/kitchenci/test/integration/default/serverspec/install_spec.rb +++ b/kitchenci/test/integration/default/serverspec/install_spec.rb @@ -13,7 +13,7 @@ it { should be_installed.by('rpm') } end -describe package('dse') do +describe package('dse-full') do it { should be_installed.by('rpm').with_version('4.7.0-1') } end From 8ca2949cfad2c85f4fcaeb50ae5fc58ba0e2b1cd Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 24 Jun 2015 15:43:17 +0100 Subject: [PATCH 08/18] fix different typos --- .../default/serverspec/conf_spec.rb | 47 ++++++++++--------- 1 file changed, 26 insertions(+), 21 deletions(-) diff --git a/kitchenci/test/integration/default/serverspec/conf_spec.rb b/kitchenci/test/integration/default/serverspec/conf_spec.rb index cfe0870..41e39c3 100644 --- a/kitchenci/test/integration/default/serverspec/conf_spec.rb +++ b/kitchenci/test/integration/default/serverspec/conf_spec.rb @@ -17,35 +17,39 @@ describe file('/var/lib/cassandra/data') do it { should be_directory } - it { should be_mode 0644 } + it { should be_mode 644 } it { should be_owned_by 'cassandra' } it { should be_grouped_into 'cassandra' } end describe file('/etc/dse/cassandra/cassandra-env.sh') do it { should be_file } - it { should be_mode 0644 } + it { should be_mode 644 } it { should be_owned_by 'cassandra' } it { should be_grouped_into 'cassandra' } - its(:content) { should match /JVM_OPTS="$JVM_OPTS -Dorg.xerial.snappy.tempdir=\/var\/lib\/cassandra\/ -Dcom.sun.management.jmxremote.rmi.port=48888 -Djava.io.tmpdir=\/var\/lib\/cassandra\/ -Dconsistent.rangemovement=false JMX_PORT=7199"/} + its(:content) { should match /JVM_OPTS=\"\$JVM_OPTS -Dorg.xerial.snappy.tempdir=\/var\/lib\/cassandra\/\"/ } + its(:content) { should match /JVM_OPTS=\"\$JVM_OPTS -Dcom.sun.management.jmxremote.rmi.port=48888\"/ } + its(:content) { should match /JVM_OPTS=\"\$JVM_OPTS -Djava.io.tmpdir=\/var\/lib\/cassandra\/\"/ } + its(:content) { should match /JVM_OPTS=\"\$JVM_OPTS -Dconsistent.rangemovement=false/ } + its(:content) { should match /JMX_PORT=\"7199\"/ } end describe file('/etc/dse/cassandra/cassandra.yaml') do it { should be_file } - it { should be_mode 0644 } + it { should be_mode 644 } it { should be_owned_by 'cassandra' } it { should be_grouped_into 'cassandra' } - its(:content) { should match /cluster_name: testCassandra/} + its(:content) { should match /cluster_name: 'testCassandra'/} its(:content) { should match /num_tokens: 256/} - its(:content) { should match /initial_token: /} + its(:content) { should match /initial_token: /} its(:content) { should match /authenticator: AllowAllAuthenticator/} its(:content) { should match /authorizer: AllowAllAuthorizer/} its(:content) { should match /partitioner: org.apache.cassandra.dht.Murmur3Partitioner/} - its(:content) { should match /- '\/var\/lib\/cassandra\/data'/} - its(:content) { should match /commitlog_directory: '\/var\/lib\/cassandra\/commitlog'/} + its(:content) { should match /- \/var\/lib\/cassandra\/data/} + its(:content) { should match /commitlog_directory: \/var\/lib\/cassandra\/commitlog/} its(:content) { should match /disk_failure_policy: stop/} - its(:content) { should match /saved_caches_directory: '\/var\/lib\/cassandra\/saved_caches'/} - its(:content) { should match /seeds: 1.2.3.4, 5.6.7.8, 9.10.11.12/} # %{::seed_a_eni_ip}, %{::seed_b_eni_ip}, %{::seed_c_eni_ip} ==> 1.2.3.4, 5.6.7.8, 9.10.11.12 + its(:content) { should match /saved_caches_directory: \/var\/lib\/cassandra\/saved_caches/} + its(:content) { should match /seeds: 1.2.3.4,5.6.7.8,9.10.11.12/} # %{::seed_a_eni_ip}, %{::seed_b_eni_ip}, %{::seed_c_eni_ip} ==> 1.2.3.4, 5.6.7.8, 9.10.11.12 its(:content) { should match /concurrent_reads: 16/} # $::processorcount * 8 ==> 16 its(:content) { should match /concurrent_writes: 16/} # $::processorcount * 8 ==> 16 its(:content) { should match /storage_port: 7000/} @@ -65,18 +69,18 @@ its(:content) { should match /endpoint_snitch: Ec2Snitch/} ### server_encryption_options: its(:content) { should match /internode_encryption: none/} - its(:content) { should match /keystore: /} - its(:content) { should match /keystore_password: /} + its(:content) { should match /keystore: /} + its(:content) { should match /keystore_password: /} its(:content) { should match /require_client_auth: false/} - its(:content) { should match /truststore: /} - its(:content) { should match /truststore_password: /} + its(:content) { should match /truststore: /} + its(:content) { should match /truststore_password: /} its(:content) { should match /protocol: TLS/} its(:content) { should match /algorithm: SunX509/} its(:content) { should match /store_type: JKS/} ###client_encryption_options: its(:content) { should match /enabled: false/} - its(:content) { should match /keystore: /} - its(:content) { should match /keystore_password: /} + its(:content) { should match /keystore: /} + its(:content) { should match /keystore_password: /} its(:content) { should match /require_client_auth: false/} its(:content) { should match /protocol: TLS/} its(:content) { should match /algorithm: SunX509/} @@ -85,7 +89,7 @@ describe file('/etc/dse/dse.yaml') do it { should be_file } - it { should be_mode 0644 } + it { should be_mode 644 } it { should be_owned_by 'cassandra' } it { should be_grouped_into 'cassandra' } ### Audit logging options @@ -99,15 +103,16 @@ describe file('/etc/datastax-agent/datastax-agent-env.sh') do it { should be_file } - it { should be_mode 0644 } + it { should be_mode 644 } it { should be_owned_by 'cassandra' } it { should be_grouped_into 'cassandra' } - its(:content) { should match /JVM_OPTS="$JVM_OPTS -Dorg.xerial.snappy.tempdir=\/var\/lib\/datastax-agent\/ -Djava.io.tmpdir=\/var\/lib\/datastax-agent\//} + its(:content) { should match /JVM_OPTS=\"\$JVM_OPTS -Dorg.xerial.snappy.tempdir=\/var\/lib\/datastax-agent\/\"/ } + its(:content) { should match /JVM_OPTS=\"\$JVM_OPTS -Djava.io.tmpdir=\/var\/lib\/datastax-agent\/\"/} end -describe file('var/lib/datastax-agent/conf/address.yaml') do +describe file('/var/lib/datastax-agent/conf/address.yaml') do it { should be_file } - it { should be_mode 0644 } + it { should be_mode 644 } it { should be_owned_by 'cassandra' } it { should be_grouped_into 'cassandra' } its(:content) { should match /stomp_interface: 17.18.19.20/} #::opscenter_eni_ip ==> 17.18.19.20 From 2a49adfb1b48a0a291eba32bc7a923493a268a7e Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 24 Jun 2015 15:52:13 +0100 Subject: [PATCH 09/18] manipulating Puppetfile to add only required cassandra module dependencies --- kitchenci/Puppetfile | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/kitchenci/Puppetfile b/kitchenci/Puppetfile index 7cc5cc3..c517ac8 100644 --- a/kitchenci/Puppetfile +++ b/kitchenci/Puppetfile @@ -1,14 +1,6 @@ # Role specific modules mod "cakesolutions/cassandra", - :git => "git@github.com:cakesolutions/puppet-cassandra.git", + :git => "git@github.com:cakesolutions/puppet-cassandra.git" -mod "cakesolutions/java", - :git => "git@github.com:cakesolutions/puppet-java.git", - :ref => "0.0.6" - -mod "cakesolutions/appdynamics", - :git => "git@github.com:cakesolutions/puppet-appdynamics.git", - :ref => "0.0.1" - -mod "saz/rsyslog", "3.5.1" +mod "puppetlabs/stdlib", "4.6.0" From 87dba0216b97e4c8d38e7a8dc32258806d338d19 Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 24 Jun 2015 17:11:42 +0100 Subject: [PATCH 10/18] trimming un-needed hiera vars, changing Snitch to SimpleSnitch to fit testing env --- kitchenci/hieradata/common.yaml | 135 +------------------------------- 1 file changed, 1 insertion(+), 134 deletions(-) diff --git a/kitchenci/hieradata/common.yaml b/kitchenci/hieradata/common.yaml index 5cda36c..1aa02a2 100644 --- a/kitchenci/hieradata/common.yaml +++ b/kitchenci/hieradata/common.yaml @@ -1,107 +1,4 @@ --- -awscli::version: '1.7.34' -appdynamics::source_url: 'https://s3-eu-west-1.amazonaws.com/cakesolutions-public-downloads' -appdynamics::version: '4.0.7.0' -appdynamics::install_location: '/opt/appdynamics_agent' -appdynamics::controller_host: 'cakesolutions720.saas.appdynamics.com' -appdynamics::controller_port: '443' -appdynamics::controller_ssl_enabled: 'true' -appdynamics::account_name: 'CakeSolutions720' -appdynamics::account_access_key: '2u3xgvl0w2zd' -appdynamics::application_name: 'ODS' -appdynamics::tier_name: 'undef' -appdynamics::service_ensure: 'running' -appdynamics::service_enable: 'true' -appdynamics::java_opts: '-Dappdynamics.agent.maxMetrics=10000' -profile::aws_manager::install::github_source: 'git@github.com:cakesolutions/shopdirect-aws-manager.git' -profile::aws_manager::install::version: '0.1.0' -profile::aws_manager::install::ruby_version: '2.1.5' -timezone::timezone: "Europe/London" -timezone::region: "Europe" -timezone::locality: "London" -selinux::mode: "enforcing" -vim::opt_misc: [ai, shiftwidth=2, tabstop=2, softtabstop=2, expandtab, ruler, hlsearch, incsearch, nu, nuw=1, nocompatible, history=50, bs=indent,eol,start] -rvm::system_rubies: - "%{hiera('profile::aws_manager::install::ruby_version')}": {} -ntp::servers: [ 'server 0.centos.pool.ntp.org', 'server 1.centos.pool.ntp.org', 'server 2.centos.pool.ntp.org' ] -limits: - '*': - nofile: - soft: '100000' - hard: '100000' - memlock: - soft: 'unlimited' - hard: 'unlimited' - as: - soft: 'unlimited' - hard: 'unlimited' - 'root': - nofile: - soft: '100000' - hard: '100000' - memlock: - soft: 'unlimited' - hard: 'unlimited' - as: - soft: 'unlimited' - hard: 'unlimited' -sudo::purge: false -sudo::configs: - 'ec2-user': - content: 'ec2-user ALL=(ALL) NOPASSWD:ALL' - priority: 5 - 'admins': - content: '%wheel ALL=(ALL) ALL' - priority: 10 -users_cake_sysadmins: - 'tom.stockton': - ensure: 'present' - groups: 'wheel' - home: '/home/tom.stockton' - password: '$1$71dzmhkX$QVRX92u8cZi9V/XvRcJX6/' - shell: '/bin/bash' - managehome: 'true' - ssh_authorized_keys: - 'tom.stockton.key': - type: 'ssh-rsa' - key: 'AAAAB3NzaC1yc2EAAAABIwAAAQEArLhCZiBRIXeq0L/6ulEOGvBLQ7F+IfHyXg1ZmbXhBdMUwx1jm+geS9fn9qlp86vgIHzgNknsZqU0GQkXY3Lp2LyddeBxcTxdv9Ysd94pHBs8in3uhK9Uxl+wrJh88BpKqXuIk91u4zGD89b0evujPRKHuWxFCk6wZiEMCpIWCSjeTQPxY9vmdb/ARtRlOaqisBdrkW4Xy+zcVjjTJHrAsi8a+ctGTNhIG0GV0pWOHoFMvIdd74AP774w1Hlv3u9aqlvdOhZzi+nxQZMrkb8/EugSKAPKzpVyu6/FFoGPBshXGI74W6samu5BOYAdL2vP4MR1qVYoLRQ170P3KhWTww==' - 'cornel.foltea': - ensure: 'present' - groups: 'wheel' - home: '/home/cornel.foltea' - password: '$6$U1n.ftpo$x59ldS3XK9LbkbjfGjlccQRca5xfoCbkzsG7rj1UO4cxZfQaUd.joXsoT1075tF3Y3Ftu3j1LYIe1tpP2RlKL1' - shell: '/bin/bash' - managehome: 'true' - ssh_authorized_keys: - 'cornel.foltea.key': - type: 'ssh-rsa' - key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDEtg4YOVqBRTfeDQQ/x9KQlsNwwzbO0N5u+ppYyG2pR+22FU4u2Rpc+rFdgBRQBCYHOTYb/xGugsLCxBjtne2cg6KmAEXHNAIP3dS8OkQItvHqV3dneHoGfanpk4ZjDY2yHtFnTRZkjQOFq/jnWQvhwtQxopQ9XSE54ghYyePEaDUa/kyZ+FOfA9tYCz+KR2gyPgS3HncFtjsivxABzg6l8d7rG09tb0pGtlNV9O8YRB8lLVZywhYCB/9zPjYsozkK/0oQqsYsB9h+o2gjXyX+0aG9eWxiR3RAVm5GWFcB1wS76/J29ncPvvPyKx9/Ul8KCq/QQtaCWvcz/XDYYEyD' - 'laura.glasu': - ensure: 'present' - groups: 'wheel' - home: '/home/laura.glasu' - password: '$6$VDzdTg4v$FNoRAVRqq0xFwJVfmhXLe6LDzw6Oh5z7DImxq6HcQ.9OBKQ3RMgjsGl2lMJkA5LmndKAKhcH2DOg67Xy8ye/W0' - shell: '/bin/bash' - managehome: 'true' - ssh_authorized_keys: - 'laura.glasu.key': - type: 'ssh-rsa' - key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDiruo0n715F83bgkmed8nYfrL6qXmMlGtbVkk2OemLt+7gVjKVDKoc0wCDrFK+WYts2n2SfQ1tmGTDgYjCgRd20mDaCttiTXrpyevNdU5eiaT2t77Ce4FQaeOJJUF+ECOf/71wpCe7GupXow84bPSC9yIw5Dwy4NPTzN01ArZXD/+DeZeNfupgGb7Tti+JgsiaqhRZaLUzkN6Za/F/nP7nPwhivgQAtu7obIsQZNPA0ug2REGICwp2ncPH7EIV3qrtzyZO5VUCbwG+WFCKZwBq255e72Sgd1F3cpmLWUWDcaSET37Ao27VV41CXCDQcLNRio1SYtTPuDedVOrsFPoR' - 'anirvan.chakraborty': - ensure: 'present' - groups: 'wheel' - home: '/home/anirvan.chakraborty' - password: '$6$ipisq0tN$ooV.owarjKhVVmB00O0xA8NQbVFC.J/McRkaj8DB/ragmVHKvDR7LURj8Ki1q9r2jH/N0vpbTRZp.v30vjCgm.' - shell: '/bin/bash' - managehome: 'true' - ssh_authorized_keys: - 'anirvan.chakraborty.key': - type: 'ssh-rsa' - key: 'AAAAB3NzaC1yc2EAAAADAQABAAABAQCkPjMJ5h/qpglOBcVq22+J9Tcs2SWbepCAzvdHB1lyCwTJNn14NERVx6BDsmdxK9x8sDOaVTRuXFcdcCvjjVzfJD+5aLr0tprfT/YeEnn/2jriepg6p4dPmpGN+usyk/ECVm/VEEQmaD7MsWXCexnj3yVBzPK9ldEtVQshtM15xlqeAzPCgvyIZx3RnV3ZIiM34tHCkWMl/gRBq5c36+Ok8+UXOqPelffSzF12340rtMUbpiZqD7bB6JMNAGZOjimA8IngwVls0lAj58KmqZBXF1OiTgf+K82QzsnezZ05lRr4H4jIEFfSFp7vExQzU1E2xNb95Gjkp9o3CfqJy0TN' - -sys::ssh::allowusers: 'anirvan.chakraborty tom.stockton cornel.foltea laura.glasu ec2-user' -sys::ssh::allowgroups: 'ec2-user wheel' - cassandra::version: "4.7.0-1" cassandra::opscenter_version: "5.1.3-1" cassandra::using_dse: true @@ -117,14 +14,10 @@ cassandra::broadcast_address: "%{hiera('cassandra::listen_address')}" cassandra::rpc_address: '0.0.0.0' cassandra::broadcast_rpc_address: "%{hiera('cassandra::broadcast_address')}" cassandra::cluster_name: 'testCassandra' -cassandra::endpoint_snitch: "Ec2Snitch" +cassandra::endpoint_snitch: "SimpleSnitch" cassandra::dse_audit_logging_enabled: true cassandra::dse_audit_logger: "SLF4JAuditWriter" cassandra::dse_audit_included_categories: "ADMIN, AUTH, QUERY" -profile::rsyslog::using_rsyslog: false -profile::rsyslog::server: "" -profile::rsyslog::port: "" -profile::rsyslog::cassandra_audit_local: "" cassandra::service_enable: "true" cassandra::service_ensure: "running" cassandra::opscenter_service_enable: "true" @@ -139,29 +32,3 @@ cassandra::additional_jvm_opts: - "-Dcom.sun.management.jmxremote.rmi.port=48888" - "-Djava.io.tmpdir=/var/lib/cassandra/" - "-Dconsistent.rangemovement=false" -profile::ssl_keystores::certs_path: "/etc/dse/certs" -profile::ssl_keystores::keyalg: RSA -profile::ssl_keystores::keysize: 2048 -profile::ssl_keystores::dname: "CN=ods.internal,OU=SDG,O=Shop Direct Home Shopping Limited" -profile::ssl_keystores::keypass: shopdirect -profile::ssl_keystores::storepass: shopdirect -profile::ssl_keystores::keystore: localhost.keystore -profile::ssl_keystores::truststore: localhost.truststore -profile::ssl_keystores::local_csr: localhost.csr -profile::ssl_keystores::local_crt: localhost.signed -profile::ssl_keystores::crt_alias: "%{hiera('cassandra::listen_address')}.crt" -profile::ssl_keystores::crt_signed_alias: "%{hiera('cassandra::listen_address')}.signed.crt" -profile::ssl_keystores::validity: 999999 -profile::ssl_keystores::ca_path: /root/ssl -profile::ssl_keystores::ca_key: clusterCA.key -profile::ssl_keystores::ca_crt: clusterCA.pem -profile::ssl_keystores::ca_alias: clusterca.crt -profile::ssl_keystores::keystore_owner: cassandra -profile::ssl_keystores::keystore_group: cassandra -rsyslog::client::log_remote: false -rsyslog_remote_server_host: '' -rsyslog_remote_server_port: '514' -rsyslog_remote_server_protocol: 'tcp' -rsyslog::server::enable_tcp: false -rsyslog::server::enable_udp: false -rsyslog::server::enable_relp: false From 9784889a11043414b85db68fa84dec1cb5174641 Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 24 Jun 2015 17:14:14 +0100 Subject: [PATCH 11/18] modifying Snitch match test --- kitchenci/test/integration/default/serverspec/conf_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kitchenci/test/integration/default/serverspec/conf_spec.rb b/kitchenci/test/integration/default/serverspec/conf_spec.rb index 41e39c3..e6d7fb7 100644 --- a/kitchenci/test/integration/default/serverspec/conf_spec.rb +++ b/kitchenci/test/integration/default/serverspec/conf_spec.rb @@ -66,7 +66,7 @@ its(:content) { should match /incremental_backups: false/} its(:content) { should match /snapshot_before_compaction: false/} its(:content) { should match /auto_snapshot: true/} - its(:content) { should match /endpoint_snitch: Ec2Snitch/} + its(:content) { should match /endpoint_snitch: SimpleSnitch/} ### server_encryption_options: its(:content) { should match /internode_encryption: none/} its(:content) { should match /keystore: /} From 1fcb0bc823dd1763d48a6cdc37ccf49d38f15733 Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 24 Jun 2015 23:51:02 +0100 Subject: [PATCH 12/18] using puppet-lint -f for autofix --- manifests/config.pp | 14 +++++++------- manifests/init.pp | 12 ++++++------ manifests/install.pp | 4 ++-- manifests/params.pp | 16 ++++++++-------- manifests/repo.pp | 18 +++++++++--------- manifests/repo/debian.pp | 2 +- 6 files changed, 33 insertions(+), 33 deletions(-) diff --git a/manifests/config.pp b/manifests/config.pp index 032631e..5287444 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -168,20 +168,20 @@ content => template("${module_name}/dse.yaml.erb"), } - file { "/etc/datastax-agent/datastax-agent-env.sh": + file { '/etc/datastax-agent/datastax-agent-env.sh': ensure => file, content => template("${module_name}/datastax-agent-env.sh.erb"), notify => Service['datastax-agent'], } - file { "/var/lib/datastax-agent/conf/address.yaml": + file { '/var/lib/datastax-agent/conf/address.yaml': ensure => file, content => template("${module_name}/address.yaml.erb"), notify => Service['datastax-agent'], } } - if(($dse_audit_logging_enabled) and ($dse_audit_logger=="Log4JAuditWriter")) { + if(($dse_audit_logging_enabled) and ($dse_audit_logger=='Log4JAuditWriter')) { file { "${dse_config_path}/cassandra/log4j-server.properties": ensure => file, content => template("${module_name}/log4j-server.properties.erb"), @@ -189,17 +189,17 @@ } if($using_opscenter) { - file { "/etc/opscenter/opscenterd.conf": + file { '/etc/opscenter/opscenterd.conf': ensure => file, owner => opscenter, group => opscenter, content => template("${module_name}/opscenterd.conf.erb"), } - file { "/etc/opscenter/clusters": + file { '/etc/opscenter/clusters': ensure => directory, - owner => opscenter, - group => opscenter, + owner => opscenter, + group => opscenter, } file { "/etc/opscenter/clusters/${cluster_name}.conf": diff --git a/manifests/init.pp b/manifests/init.pp index 2ccc27a..5c2f81e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -167,12 +167,12 @@ validate_re($snapshot_before_compaction, '^(true|false)$') validate_re($auto_snapshot, '^(true|false)$') validate_re($multithreaded_compaction, '^(true|false)$') - validate_re("${concurrent_reads}", '^[0-9]+$') - validate_re("${concurrent_writes}", '^[0-9]+$') - validate_re("${num_tokens}", '^[0-9]+$') + validate_re($concurrent_reads, '^[0-9]+$') + validate_re($concurrent_writes, '^[0-9]+$') + validate_re($num_tokens, '^[0-9]+$') validate_re($internode_compression, '^(all|dc|none)$') validate_re($disk_failure_policy, '^(stop|best_effort|ignore)$') - validate_re("${thread_stack_size}", '^[0-9]+$') + validate_re($thread_stack_size, '^[0-9]+$') validate_re($service_enable, '^(true|false)$') validate_re($service_ensure, '^(running|stopped)$') @@ -237,7 +237,7 @@ if(!is_integer($datastax_agent_use_ssl)) { fail('datastax_agent_use_ssl must be a nuber between 0 and 1') } - validate_re("$datastax_agent_use_ssl", '^[0-1]$') + validate_re($datastax_agent_use_ssl, '^[0-1]$') validate_string($datastax_agent_ssl_keystore) validate_string($datastax_agent_ssl_keystore_password) validate_string($datastax_agent_ssl_ca_certs) @@ -296,7 +296,7 @@ validate_string($dse_audit_included_categories) validate_string($dse_audit_excluded_categories) validate_string($dse_audit_included_keyspaces) - validate_string($dse_audit_excluded_keyspaces) + validate_string($dse_audit_excluded_keyspaces) } diff --git a/manifests/install.pp b/manifests/install.pp index 434e711..22f2789 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -2,8 +2,8 @@ if !defined (Package['java']) { package { 'java': - ensure => installed, - name => "$java_package" + ensure => installed, + name => $java_package } } diff --git a/manifests/params.pp b/manifests/params.pp index d6480a5..7589bb8 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -431,22 +431,22 @@ } $incremental_backups = $::cassandra_incremental_backups ? { - undef => 'false', + undef => false, default => $::cassandra_incremental_backups, } $snapshot_before_compaction = $::cassandra_snapshot_before_compaction ? { - undef => 'false', + undef => false, default => $::cassandra_snapshot_before_compaction, } $auto_snapshot = $::cassandra_auto_snapshot ? { - undef => 'true', + undef => true, default => $::cassandra_auto_snapshot, } $multithreaded_compaction = $::cassandra_multithreaded_compaction ? { - undef => 'false', + undef => false, default => $::cassandra_multithreaded_compaction, } @@ -466,7 +466,7 @@ } $start_native_transport = $::cassandra_start_native_transport ? { - undef => 'true', + undef => true, default => $::cassandra_start_native_transport, } @@ -476,7 +476,7 @@ } $start_rpc = $::cassandra_start_rpc ? { - undef => 'true', + undef => true, default => $::cassandra_start_rpc, } @@ -491,7 +491,7 @@ } $service_enable = $::cassandra_service_enable ? { - undef => 'true', + undef => true, default => $::cassandra_service_enable, } @@ -501,7 +501,7 @@ } $opscenter_service_enable = $::cassandra_opscenter_service_enable ? { - undef => 'true', + undef => true, default => $::cassandra_opscenter_service_enable, } diff --git a/manifests/repo.pp b/manifests/repo.pp index 7e8ba06..99037b2 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -12,15 +12,15 @@ case $::osfamily { 'Debian': { class { 'cassandra::repo::debian': - repo_name => $repo_name, - location => $baseurl, - repos => $repos, - release => $release, - key => $key_id, - key_source => $gpgkey, - pin => $pin, - before => Anchor['cassandra::repo::end'], - require => Anchor['cassandra::repo::begin'], + repo_name => $repo_name, + location => $baseurl, + repos => $repos, + release => $release, + key => $key_id, + key_source => $gpgkey, + pin => $pin, + before => Anchor['cassandra::repo::end'], + require => Anchor['cassandra::repo::begin'], } } 'RedHat': { diff --git a/manifests/repo/debian.pp b/manifests/repo/debian.pp index 2732d65..25da397 100644 --- a/manifests/repo/debian.pp +++ b/manifests/repo/debian.pp @@ -25,7 +25,7 @@ notice("cassandra will be pinned to ${version_pin}") apt::pin { "hold_cassandra_at_${version_pin}": - packages => "cassandra", + packages => 'cassandra', version => $version_pin, priority => 1001, } From 4ee3b1f13b4f9688264fd35edd8a8f5ce50bd1d5 Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 1 Jul 2015 03:15:16 +0100 Subject: [PATCH 13/18] - Fix provider to be vagrant as dse service manipulates ulimits. - increasing vagrant box memory to 4096MB to get dse service running. - remove some custom facts, and use default facts instead. --- kitchenci/.kitchen.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/kitchenci/.kitchen.yml b/kitchenci/.kitchen.yml index c4ea147..dbbf914 100644 --- a/kitchenci/.kitchen.yml +++ b/kitchenci/.kitchen.yml @@ -1,6 +1,8 @@ --- driver: - name: {driver} + name: vagrant + customzie: + memory: 4096 provisioner: name: puppet_apply @@ -18,9 +20,4 @@ suites: manifest: site.pp provisioner: custom_facts: - seed_a_eni_ip: 1.2.3.4 - seed_b_eni_ip: 5.6.7.8 - seed_c_eni_ip: 9.10.11.12 processorcount: 2 - ipaddress_eth0: 13.14.15.16 - opscenter_eni_ip: 17.18.19.20 From 59f7f330d52ff13e4867ba8d553d1c0a1cd444e5 Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Wed, 1 Jul 2015 03:20:18 +0100 Subject: [PATCH 14/18] fix hieradata related facts --- kitchenci/hieradata/common.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kitchenci/hieradata/common.yaml b/kitchenci/hieradata/common.yaml index 1aa02a2..7c58a16 100644 --- a/kitchenci/hieradata/common.yaml +++ b/kitchenci/hieradata/common.yaml @@ -8,7 +8,7 @@ cassandra_home_mode: 755 cassandra::service_name: "dse" cassandra::package_name: "dse-full" cassandra::repo_baseurl: "http://auto_cakesolutions.net:T4MAbMsNBvtlSKu@rpm.datastax.com/enterprise" -cassandra::seeds: [ "%{::seed_a_eni_ip}", "%{::seed_b_eni_ip}", "%{::seed_c_eni_ip}" ] +cassandra::seeds: [ "127.0.0.1" ] cassandra::listen_address: "%{::ipaddress_eth0}" cassandra::broadcast_address: "%{hiera('cassandra::listen_address')}" cassandra::rpc_address: '0.0.0.0' @@ -23,7 +23,7 @@ cassandra::service_ensure: "running" cassandra::opscenter_service_enable: "true" cassandra::opscenter_service_ensure: "running" cassandra::cassandra_seed_hosts: "%{::seed_a_eni_ip},%{::seed_b_eni_ip},%{::seed_c_eni_ip}" -cassandra::datastax_agent_stomp_interface: "%{::opscenter_eni_ip}" +cassandra::datastax_agent_stomp_interface: "%{::ipaddress}" cassandra::datastax_agent_additional_jvm_opts: - "-Dorg.xerial.snappy.tempdir=/var/lib/datastax-agent/" - "-Djava.io.tmpdir=/var/lib/datastax-agent/" From c6940c7221b2a2aec4741d576df4faa8260f280c Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Thu, 2 Jul 2015 23:47:58 +0100 Subject: [PATCH 15/18] Adding forge line in Puppetfile, librarian-puppet requires forge line --- kitchenci/Puppetfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kitchenci/Puppetfile b/kitchenci/Puppetfile index c517ac8..4f6deae 100644 --- a/kitchenci/Puppetfile +++ b/kitchenci/Puppetfile @@ -1,5 +1,7 @@ # Role specific modules +forge "https://forgeapi.puppetlabs.com" + mod "cakesolutions/cassandra", :git => "git@github.com:cakesolutions/puppet-cassandra.git" From 861b446fcda44dd52647fb2767b8d98166342649 Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Thu, 2 Jul 2015 23:49:13 +0100 Subject: [PATCH 16/18] using ::ipaddress_eth0 for seeds instead of localhost, both seeds and listen_address should be the same for single node dse --- kitchenci/hieradata/common.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kitchenci/hieradata/common.yaml b/kitchenci/hieradata/common.yaml index 7c58a16..2baff6a 100644 --- a/kitchenci/hieradata/common.yaml +++ b/kitchenci/hieradata/common.yaml @@ -8,7 +8,7 @@ cassandra_home_mode: 755 cassandra::service_name: "dse" cassandra::package_name: "dse-full" cassandra::repo_baseurl: "http://auto_cakesolutions.net:T4MAbMsNBvtlSKu@rpm.datastax.com/enterprise" -cassandra::seeds: [ "127.0.0.1" ] +cassandra::seeds: [ "%{::ipaddress_eth0}" ] cassandra::listen_address: "%{::ipaddress_eth0}" cassandra::broadcast_address: "%{hiera('cassandra::listen_address')}" cassandra::rpc_address: '0.0.0.0' From 6b39a5195b0c41be8024c13172d79ae4ab304105 Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Thu, 2 Jul 2015 23:49:54 +0100 Subject: [PATCH 17/18] fixing tests to fit new configuration --- .../test/integration/default/serverspec/conf_spec.rb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/kitchenci/test/integration/default/serverspec/conf_spec.rb b/kitchenci/test/integration/default/serverspec/conf_spec.rb index e6d7fb7..8bf5c64 100644 --- a/kitchenci/test/integration/default/serverspec/conf_spec.rb +++ b/kitchenci/test/integration/default/serverspec/conf_spec.rb @@ -49,17 +49,17 @@ its(:content) { should match /commitlog_directory: \/var\/lib\/cassandra\/commitlog/} its(:content) { should match /disk_failure_policy: stop/} its(:content) { should match /saved_caches_directory: \/var\/lib\/cassandra\/saved_caches/} - its(:content) { should match /seeds: 1.2.3.4,5.6.7.8,9.10.11.12/} # %{::seed_a_eni_ip}, %{::seed_b_eni_ip}, %{::seed_c_eni_ip} ==> 1.2.3.4, 5.6.7.8, 9.10.11.12 + its(:content) { should match /seeds: 10.0.2.15/} #::ipaddress_eth0 its(:content) { should match /concurrent_reads: 16/} # $::processorcount * 8 ==> 16 its(:content) { should match /concurrent_writes: 16/} # $::processorcount * 8 ==> 16 its(:content) { should match /storage_port: 7000/} - its(:content) { should match /listen_address: 13.14.15.16/} #::ipaddress_eth0 ==> 13.14.15.16 - its(:content) { should match /broadcast_address: 13.14.15.16/} #::ipaddress_eth0 ==> 13.14.15.16 + its(:content) { should match /listen_address: 10.0.2.15/} #::ipaddress_eth0 + its(:content) { should match /broadcast_address: 10.0.2.15/} #::ipaddress_eth0 its(:content) { should match /start_native_transport: true/} its(:content) { should match /native_transport_port: 9042/} its(:content) { should match /start_rpc: true/} its(:content) { should match /rpc_port: 9160/} - its(:content) { should match /broadcast_rpc_address: 13.14.15.16/} #::ipaddress_eth0 ==> 13.14.15.16 + its(:content) { should match /broadcast_rpc_address: 10.0.2.15/} #::ipaddress_eth0 its(:content) { should match /rpc_server_type: hsha/} its(:content) { should match /rpc_min_threads: 0/} its(:content) { should match /rpc_max_threads: 2048/} @@ -115,5 +115,5 @@ it { should be_mode 644 } it { should be_owned_by 'cassandra' } it { should be_grouped_into 'cassandra' } - its(:content) { should match /stomp_interface: 17.18.19.20/} #::opscenter_eni_ip ==> 17.18.19.20 + its(:content) { should match /stomp_interface: 10.0.2.15/} #::ipaddress_eth0 end From b55498423d98eccaae07280235d081d8e53ba7cb Mon Sep 17 00:00:00 2001 From: Eslam ElHusseiny Date: Thu, 2 Jul 2015 23:53:41 +0100 Subject: [PATCH 18/18] increasing vagrant memory to 4GB to get dse working without freeze --- kitchenci/.kitchen.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/kitchenci/.kitchen.yml b/kitchenci/.kitchen.yml index dbbf914..49987c4 100644 --- a/kitchenci/.kitchen.yml +++ b/kitchenci/.kitchen.yml @@ -1,8 +1,6 @@ --- driver: name: vagrant - customzie: - memory: 4096 provisioner: name: puppet_apply @@ -14,6 +12,9 @@ provisioner: platforms: {platforms} + driver: + customize: + memory: 4096 suites: - name: default