class site_hadoop::kdc (
$realm = $site_hadoop::kdc::params::realm,
$master_password = $site_hadoop::kdc::params::master_password,
+ $perform = undef,
) inherits site_hadoop::kdc::params {
-
- include site_hadoop::kdc::install
- include site_hadoop::kdc::config
- include site_hadoop::kdc::service
-
- Class['site_hadoop::kdc::install'] ->
- Class['site_hadoop::kdc::config'] ~>
- Class['site_hadoop::kdc::service']
+ if $site_hadoop::kdc::perform {
+ include site_hadoop::kdc::server
+ }
}
--- /dev/null
+class site_hadoop::kdc::client {
+ $realm = $site_hadoop::kdc::realm
+ $domain = $site_hadoop::kdc::domain
+ $kdcserver = $site_hadoop::kdc::kdcserver
+
+ #ensure_packages($site_hadoop::kdc::packages['client'])
+
+ file { '/etc/krb5.conf':
+ mode => '0644',
+ content => template('site_hadoop/krb5.conf.erb'),
+ }
+}
+++ /dev/null
-class site_hadoop::kdc::config {
- $realm = $site_hadoop::kdc::realm
- $domain = $site_hadoop::kdc::domain
- $kdcserver = $site_hadoop::kdc::kdcserver
-
- file { '/etc/krb5.conf':
- mode => '0644',
- content => template('site_hadoop/krb5.conf.erb'),
- }
-
- file { "${site_hadoop::kdc::kdc_dir}/kdc.conf":
- mode => '0600',
- content => template('site_hadoop/kdc.conf.erb'),
- }
-
- exec { 'kdb5_util-create':
- command => "kdb5_util create -s -P ${site_hadoop::kdc::master_password}",
- path => '/sbin:/usr/sbin:/bin:/usr/bin',
- # reading /dev/random
- timeout => 0,
- creates => "${site_hadoop::kdc::kdc_dir}/principal",
- }
- File['/etc/krb5.conf'] -> Exec['kdb5_util-create']
- File["${site_hadoop::kdc::kdc_dir}/kdc.conf"] -> Exec['kdb5_util-create']
-}
+++ /dev/null
-class site_hadoop::kdc::install {
- if $site_hadoop::kdc::kdc_packages {
- ensure_packages($site_hadoop::kdc::kdc_packages)
- }
-}
'kadmin' => 'krb5-admin-server',
'kdc' => 'krb5-kdc',
}
+ $packages = {
+ 'server' => ['krb5-kdc', 'krb5-admin-server'],
+ #'client' => ['krb5-user'],
+ }
}
'RedHat': {
$daemons = {
'kadmin' => 'kadmin',
'kdc' => 'krb5kdc',
}
+ $packages = {
+ 'server' => ['krb5-server'],
+ #'client' => ['krb5-workstation'],
+ }
}
}
- $kdc_dir = $::osfamily ? {
- debian => '/var/lib/krb5kdc',
+ $kdc_conf_dir = $::osfamily ? {
+ debian => '/etc/krb5kdc',
redhat => '/var/kerberos/krb5kdc',
}
- $kdc_packages = $::osfamily ? {
- debian => ['krb5-kdc', 'krb5-admin-server'],
- redhat => ['krb5-server', 'krb5-workstation'],
+ $kdc_data_dir = $::osfamily ? {
+ debian => '/var/lib/krb5kdc',
+ redhat => '/var/kerberos/krb5kdc',
}
$realm = 'HADOOP'
--- /dev/null
+class site_hadoop::kdc::server {
+ include stdlib
+ include site_hadoop::kdc::client
+
+ ensure_packages($site_hadoop::kdc::packages['server'])
+
+ $realm = $site_hadoop::kdc::realm
+ $domain = $site_hadoop::kdc::domain
+ $kdcserver = $site_hadoop::kdc::kdcserver
+ $kdcconf = "${site_hadoop::kdc::kdc_conf_dir}/kdc.conf"
+
+ file { $kdcconf:
+ mode => '0600',
+ content => template('site_hadoop/kdc.conf.erb'),
+ require => Package[$site_hadoop::kdc::packages['server']],
+ }
+
+ exec { 'kdb5_util-create':
+ command => "kdb5_util create -s -P ${site_hadoop::kdc::master_password}",
+ path => '/sbin:/usr/sbin:/bin:/usr/bin',
+ # reading /dev/random
+ timeout => 0,
+ creates => "${site_hadoop::kdc::kdc_data_dir}/principal",
+ require => Package[$site_hadoop::kdc::packages['server']],
+ }
+
+ service{$site_hadoop::kdc::daemons['kadmin']:
+ ensure => running,
+ }
+ service{$site_hadoop::kdc::daemons['kdc']:
+ ensure => running,
+ }
+
+ File['/etc/krb5.conf'] -> Exec['kdb5_util-create']
+ File['/etc/krb5.conf'] ~> Service[$site_hadoop::kdc::daemons['kadmin']]
+ File['/etc/krb5.conf'] ~> Service[$site_hadoop::kdc::daemons['kdc']]
+
+ File[$kdcconf] -> Exec['kdb5_util-create']
+ File[$kdcconf] ~> Service[$site_hadoop::kdc::daemons['kadmin']]
+ File[$kdcconf] ~> Service[$site_hadoop::kdc::daemons['kdc']]
+
+ Exec['kdb5_util-create'] -> Service[$site_hadoop::kdc::daemons['kadmin']]
+ Exec['kdb5_util-create'] -> Service[$site_hadoop::kdc::daemons['kdc']]
+}
+++ /dev/null
-class site_hadoop::kdc::service {
- service{$site_hadoop::kdc::daemons['kadmin']:
- ensure => running,
- }
- service{$site_hadoop::kdc::daemons['kdc']:
- ensure => running,
- }
-}
-<% if scope.lookupvar('::osfamily') == 'debian' -%>
+<% if scope.lookupvar('::osfamily') == 'Debian' -%>
[kdcdefaults]
kdc_ports = 750,88
supported_enctypes = aes256-cts:normal arcfour-hmac:normal des3-hmac-sha1:normal des-cbc-crc:normal des:normal des:v4 des:norealm des:onlyrealm des:afs3
default_principal_flags = +preauth
}
-<% elsif scope.lookupvar('::osfamily') == 'redhat' -%>
+<% elsif scope.lookupvar('::osfamily') == 'RedHat' -%>
[kdcdefaults]
kdc_ports = 88
kdc_tcp_ports = 88
git://scientific.zcu.cz / meta-site_hadoop.git / commitdiff