Ganeti Puppet support

Description

The ganeti module installs and configures packages to configure a Ganeti cluster.

Setup

This module does not initialize a cluster or add nodes, which are expected to be pre-installed in the cluster. However, it will properly prepare nodes with the right software to do so. So normally, you should only have to run gnt-cluster init on the master and gnt-node add for each secondary node.

Requires the camptocamp/kmod module in order to load the right kernel modules when the module is configured with_drbd.

Usage

The main ganeti class handles most of the work:

include ganeti

It sets up ganeti packages and also deploys a few set of custom hooks to make gnt-instance-debootstrap work properly. Extra hooks can be deployed manually in /etc/ganeti/instance-debootstrap/hooks/ as needed. The debootstrap configuration can be modified through the bootstrap_defaults parameter. This, for example, will add extra pacakges to every install:

  class { ganeti :
    debootstrap_defaults => {
      extra_packages => ['linux-image-amd64', 'dbus', 'libpam-systemd'],
    }
  }

Note that, by default, gnt-instance-deboostrap does not install a kernel, so the above extra_packages is actually likely to be needed to get a working install on Debian virtual machines. This will vary based on the guest operating system; on Ubuntu, it might instead be the linux-image-generic package, for example.

Creating a swap partition at instance creation

If you are using ganeti-instance-debootstrap to provision the base install for your instances, this module provides a hook that will help you setup a disk as a swap partition upon instance creation.

To achieve this, you need to label (name) one of the disk as "swap", as in the following example:

gnt-instance add -d -o debootstrap+bullseye -t plain \
 --disk 0:size=14G --disk 1:size=1G,name=swap
 instance1.example.com

Here, we have one disk of 1Gb that's named "swap": this will be used as swap space automatically. The other disk will be used as the main disk to install the system on.

Reference

See [REFERENCE.md][] for full reference documentation. Note that this file is generally only generated when a tag is added.

The full online reference documentation for this module may be found at on GitLab Pages. This online reference is generated automatically on each new commit.

Alternatively, you may build yourself the documentation using the puppet strings generate command. See the documentation for Puppet Strings for more information.

Limitations

Tested on Debian stretch, buster, and bullseye. Compatibility with other versions and distributions unknown.

Development

Developed and maintained by the shared puppet modules group.

Reference

Table of Contents

Classes

Public Classes

• ganeti: Configure a drbd node server
• ganeti::extstorage::zfs: Install extstorage scripts to manage zfs volumes
• ganeti::nagios_checks: Deploy optional nagios check scripts for ganeti

Private Classes

• ganeti::config: Setup files and other resources for a ganeti node
• ganeti::package: Install packages required for a ganeti node
• ganeti::service: Make sure that the ganeti services are running.

Data types

• Ganeti::Debootstrap_config: Default configurations for ganeti-instance-debootstrap
• Ganeti::Rapi_user: User that can be used to authenticate to ganeti's RAPI
• Ganeti::Variant: Contents of a variants file

Classes

ganeti

Configure a drbd node server

Parameters

The following parameters are available in the ganeti class:

• with_drbd
• cron_template
• security_model
• pool_uid_base
• pool_num_users
• pool_username_prefix
• private_ip
• rapi_bind
• rapi_ip
• rapi_users
• use_debootstrap_os_template
• purge_instance_debootstrap
• package_ensure
• debootstrap_defaults
• debootstrap_variants
• debootstrap_puppet_hook
• debootstrap_puppet_server
• debootstrap_locale
• debootstrap_charmap

with_drbd

Data type: Boolean

Set this to false to disable installing drbd on the node.

Default value: true

cron_template

Data type: String[1]

Path to the template used for configuring cronjobs for ganeti. The template is expected to be an epp template.

Default value: 'ganeti/ganeti_cron.epp'

security_model

Data type: Optional[Enum['pool']]

If set to 'pool', will create a number of non-privileged users that ganeti will use to run instances with. This is mostly useful when using the kvm backend.

Default value: 'pool'

pool_uid_base

Data type: Integer

When security_model is set to 'pool', users that get created will start with this uid and all additional ones will have uids incremented from this number.

Default value: 4000

pool_num_users

Data type: Integer

When security_model is set to 'pool', number of users with sequential uids that will get created for the pool.

Default value: 20

pool_username_prefix

Data type: String[1]

When security_model is set to 'pool', users that get created will have a username that starts with this string. Names will then be completed with the increment on the uid_base, starting at 0, appended to the prefix.

Default value: 'ganeti'

private_ip

Data type: Optional[Stdlib::IP::Address]

IP address configured on the node that is not facing a public network. It is strongly recommended to configure nodes to have a second interface that is part of a network that's not reachable through a public network. This makes it possible to hide away ganeti commands, drbd replication traffic and other sensitive information. This module will also configure ganeti services to listen only to the private IP, if provided. See this post for more information on how that can be configured: https://groups.google.com/forum/#!searchin/ganeti/secondary$20ip|sort:date/ganeti/XBRWU7LwA6g/QnxpAo5HAQAJ

Default value: undef

rapi_bind

Data type: Optional[Stdlib::IP::Address]

Set the address for the Ganeti remote API daemon to bind to. By default this is 127.0.0.1 but 0.0.0.0 may be used to bind to all interfaces, including localhost, which is the ganeti-rapi daemon default.

Default value: '127.0.0.1'

rapi_ip

Data type: Optional[Stdlib::IP::Address]

Set the address to use to access the Ganeti remote API daemon.

Default value: '127.0.0.1'

rapi_users

Data type: Array[Ganeti::Rapi_user]

Define credentials for the Ganeti remote API daemon, and used to populate the file /var/lib/ganeti/rapi/users. Must consist of an array of hashes containing username, password and options keys. Default is not to define any credentials (empty).

Default value: []

use_debootstrap_os_template

Data type: Boolean

Set this to false to avoid installing and configuring ganeti-instance-debootstrap, the OS template that uses debootstrap. All params purge_instance_debootstrap and debootstrap_* will have no effect if this option is set to false. Users must make sure to keep os template parameters consistent across all nodes in the same cluster.

Default value: true

purge_instance_debootstrap

Data type: Boolean

By default, this module removes all unknown configuration in the ganeti-instance-debootstrap package creation template so that instances created are using a known configuration. Set this value to false in order to disable purging of the hooks directory.

Default value: true

package_ensure

Data type: String[1]

Set the ensure of the package. Useful to have a specific version installed.

Default value: 'installed'

debootstrap_defaults

Data type: Ganeti::Debootstrap_config

Set of configuration options that define the default behaviour for instances created with ganeti-instance-debootstrap. The values in this hash correspond to values in /etc/default/ganeti-instance-debootstrap. Refer to types/debootstrap_config.pp to see all of the available options and their expected data types.

Options:

• :proxy String[1]: If set, configure apt to use a proxy when downloading packages
• :mirror String[1]: URL of the debian apt source used to retrieve packages
• : String[1]: arch If set, will install instances with a different architecture than the host
• : String[1]: suite If set, define the default suite used by debootstrap
• :extra_packages Array[String[1]]: List of packages to have debootstrap install on top of the requested suite
• : Array[String[1]]: components If set, define the suite components used by debootstrap (e.g. "main,contrib,non-free")
• :customize_dir Stdlib::Absolutepath: Absolute path to a directory containing hooks run after debootstrap is done
• :generate_cache: Enum['yes', 'no']: set to 'no' to disable package cache for debootstrap
• :clean_cache: Integer[1]: number of days during which packages are kept in cache
• :partition_style: Enum['none', 'msdos']: set to 'none' to avoid creating a partition table on
• :partition_alignment: String[1]: alignment of the partitions in sectors

Default value: {}

debootstrap_variants

Data type: Hash[String, Ganeti::Variant]

Hash of definitions for debootstrapt variants that are defined on the cluster. Each value should be a struct with any of the required values set (see the type alias Ganeti::Variant for a complete list of available values). An empty list will create an empty configuration file, which means that all default values will be used.

debootstrap_puppet_hook

Data type: Boolean

Set this to true to install puppet inside instances when they are installed with instance-debootstrap. Make sure to also set debootstrap_puppet_server.

Default value: false

debootstrap_puppet_server

Data type: Optional[Stdlib::Host]

Hostname or IP address of the puppet server to which the instances should connect to. This value is only used when debootstrap_puppet_hook is set to true.

Default value: undef

debootstrap_locale

Data type: Optional[String[1]]

Name of the default locale that will be configured in the new instances when they get created by the debootstrap template. If set to undef (default), locale will be untouched and no hook script for setting the locale will be installed. This should be something legal in the locales package, for example en_US or en_US.UTF-8, as (currently) defined in /var/lib/dpkg/info/locales.config.

Default value: undef

debootstrap_charmap

Data type: String[1]

Name of the character map (should correspond to the name of a file in /usr/share/i18n/charmaps) used by the default locale configured in new instances. This value is unused if debootstrap_locale is set to undef.

Default value: 'UTF-8'

ganeti::extstorage::zfs

With this extstorage installed, you need to enable the "ext" disk template on your cluster:

gnt-cluster modify --enabled-disk-templates plain,drbd,ext gnt-cluster modify --ipolicy-disk-templates plain,drbd,ext

You can then install instances on zvols by adding something like --disk 0:size=60G,provider=zfs,zfs=POOLNAME to a gnt-instance add command.

The scripts for the extstorage come from (no license specified): https://github.com/candlerb/ganeti-zfs

ganeti::nagios_checks

If you include this class, make sure to order it after install of nagios-plugins-basic. Otherwise, the plugin directory will not exist.

Data types

Ganeti::Debootstrap_config

These values will be used in /etc/default/ganeti-instance-debootstrap

Alias of

Struct[{
  Optional[proxy]               => String[1],
  Optional[mirror]              => String[1],
  Optional[arch]                => String[1],
  Optional[suite]               => String[1],
  Optional[extra_packages]      => Array[String[1]],
  Optional[components]          => Array[String[1]],
  Optional[customize_dir]       => Stdlib::Absolutepath,
  Optional[generate_cache]      => Enum['yes', 'no'],
  Optional[clean_cache]         => Integer[1],
  Optional[partition_style]     => Enum['none','msdos'],
  Optional[partition_alignment] => String[1],
}]

Ganeti::Rapi_user

User that can be used to authenticate to ganeti's RAPI

• Note Options can be an empty array, which means that no special permissions are given. The user is, however, still authenticated and can perform some requests on the RAPI (see the "Access permissions" section of upstream documentation linked above)

• See also

  • http://docs.ganeti.org/ganeti/current/html/rapi.html#users-and-passwords
  • http://docs.ganeti.org/ganeti/current/html/rapi.html#rapi-access-permissions

Alias of

Struct[{
  username => String[1],
  password => String[1],
  options  => Array[Enum['write', 'read']],
}]

Ganeti::Variant

The file will be in /etc/ganeti/instance-debootstrap/variants/$name

The values given to extra_variables will be exported so that they become available to the hook scripts. This can let you define any arbitrary customization for how you install the OS.

• See also
  • http://docs.ganeti.org/ganeti/master/html/man-ganeti-os-interface.html

Alias of

Struct[{
  Optional[suite]           => String[1],
  Optional[components]      => String[1],
  Optional[mirror]          => String[1],
  Optional[target]          => String[1],
  Optional[arch]            => String[1],
  Optional[partition_style] => String[1],
  Optional[extra_pkgs]      => String[1],
  Optional[blockdev]        => String[1],
  Optional[fsysdev]         => String[1],
  Optional[extra_variables] => Hash[String[1],String[1],1],
  Optional[extra_code]      => String[1],
}]