Version information
This version is compatible with:
- Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
- Puppet >= 4.7.0 < 7.0.0
- , ,
Start using this module
Add this module to your Puppetfile:
mod 'maxadamo-tiny_nas', '0.5.7'Learn more about managing modules with a PuppetfileDocumentation
tiny_nas
Table of Contents
- Description
- Usage - Configuration options and additional functionality
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Description
Tiny_NAS sets up a tiny, low-end and Highly-Available NAS with two ways synchronization. Tiny_nas works in two ways. Directories can be either:
- watched and immediately synchronized based on kernel events
- synchronized through a cron job
You can have a combination of them (some directories watched, other directories under cron)
No ZFS. Tiny NAS is tiny, and it doesn't need a fancy filesystem nor complex volume management (stay tuned: I am working on a full fledged ZFS HA Nas).
It allows to use LVM through the options mentioned in init.pp.
If you intend to use ZFS, disable LVM management, and add the ZFS volume yourself.
No NFS4. Tiny NAS is tiny and the security is based on the IP (managed throught the firewall module)
Tiny NAS is low-end by design. If you have a high load on you NAS neither lscyncd + csync2 nor scheduled job are a proper solution and you should consider a clustered filesystems.
Setup Requirements
On CentOS 7 the package csync2 is missing. You can download an RPM here
You need to create the keys beforehand, using the following commands:
openssl req -x509 -newkey rsa:1024 -days 7200 \
-keyout ./csync2_ssl_key.pem -nodes \
-out ./csync2_ssl_cert.pem -subj '/CN=puppet'
csync2 -k ./csync2_puppet-group.key
You can either store the values in Hiera or they can be provided as templates.
Usage
Server setup
This is all you need (ipv6 is optional):
sync_dir:
moodledata:
client_list:
- '192.168.0.10(rw,insecure,async,no_root_squash)'
- '192.168.0.11(rw,insecure,async,no_root_squash)'
- '2001:777:3::50(rw,insecure,async,no_root_squash)'
- '2001:777:3::51(rw,insecure,async,no_root_squash)'
dir_watch: false
puppet_ca:
client_list:
- '192.168.0.12(rw,insecure,async,no_root_squash)'
- '192.168.0.13(rw,insecure,async,no_root_squash)'
- '2001:777:3::52(rw,insecure,async,no_root_squash)'
- '2001:777:3::53(rw,insecure,async,no_root_squash)'
dir_watch: true
class { 'tiny_nas':
sync_dir => lookup('sync_dir'),
nodes_hostnames => ['nas01.example.org', 'nas02.example.org'],
nodes_ip4 => ['192.168.0.48', '192.168.0.49'],
nodes_ip6 => ['2001:777:3::98', '2001:777:3::99'],
vip_ip4 => '192.168.0.50',
vip_ip4_subnet => '22',
vip_ip6 => '2001:777:3::100',
vip_ip6_subnet => '64',
csync2_ssl_key => lookup('csync2_ssl_key'),
csync2_ssl_cert => lookup('csync2_ssl_cert'),
csync2_preshared_key => lookup('csync2_preshared_key'),
manage_lvm => true,
vg_name => 'rootvg',
lv_size => 3;
}
If can also use templates for the keys:
csync2_ssl_key => template('mymodule/ssl_key'),
csync2_ssl_cert => template('mymodule/ssl_cert'),
csync2_preshared_key => template('mymodule/preshared_key'),
Client setup
tiny_nas::client { '/etc/puppetlabs/pupet/ssl':
ensure => present,
nfs_server_enabled => true,
server => 'nas.example.org',
share => '/nas/puppet_ca';
}
nfs options default is:
options_nfs => 'tcp,soft,nolock,rsize=32768,wsize=32768,intr,noatime,actimeo=3'
Please check manifests/client.pp for other available options.
Limitations
It is untested on more then two hosts.
It is untested without IPv6.
It is not tested very well on CentOS
Development
Feel free to make pull requests and/or open issues on my GitHub Repository
Dependencies
- puppet-keepalived (>= 2.0.0 <= 2.2.0)
- derdanne-nfs (>= 2.0.8 <= 2.1.4)
- puppetlabs-firewall (>= 1.9.0 <= 2.5.0)
- puppetlabs-cron_core (>= 1.0.0 <= 1.0.3)
- puppetlabs-mount_core (>= 1.0.0 <= 1.0.3)
- puppetlabs-xinetd (>= 3.0.0 <= 3.3.0)