From 0c7686fa6f83b3b9ac4d5c88ead58d22bdc5e544 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Franti=C5=A1ek=20Dvo=C5=99=C3=A1k?= Date: Thu, 8 Jan 2015 00:33:00 +0100 Subject: [PATCH] Separate main class and components. Fix Debian. --- manifests/kdc.pp | 12 ++++-------- manifests/kdc/client.pp | 12 ++++++++++++ manifests/kdc/config.pp | 25 ------------------------- manifests/kdc/install.pp | 5 ----- manifests/kdc/params.pp | 18 +++++++++++++----- manifests/kdc/server.pp | 44 ++++++++++++++++++++++++++++++++++++++++++++ manifests/kdc/service.pp | 8 -------- templates/kdc.conf.erb | 4 ++-- 8 files changed, 75 insertions(+), 53 deletions(-) create mode 100644 manifests/kdc/client.pp delete mode 100644 manifests/kdc/config.pp delete mode 100644 manifests/kdc/install.pp create mode 100644 manifests/kdc/server.pp delete mode 100644 manifests/kdc/service.pp diff --git a/manifests/kdc.pp b/manifests/kdc.pp index dce3cfe..bf43922 100644 --- a/manifests/kdc.pp +++ b/manifests/kdc.pp @@ -1,13 +1,9 @@ class site_hadoop::kdc ( $realm = $site_hadoop::kdc::params::realm, $master_password = $site_hadoop::kdc::params::master_password, + $perform = undef, ) inherits site_hadoop::kdc::params { - - include site_hadoop::kdc::install - include site_hadoop::kdc::config - include site_hadoop::kdc::service - - Class['site_hadoop::kdc::install'] -> - Class['site_hadoop::kdc::config'] ~> - Class['site_hadoop::kdc::service'] + if $site_hadoop::kdc::perform { + include site_hadoop::kdc::server + } } diff --git a/manifests/kdc/client.pp b/manifests/kdc/client.pp new file mode 100644 index 0000000..045b681 --- /dev/null +++ b/manifests/kdc/client.pp @@ -0,0 +1,12 @@ +class site_hadoop::kdc::client { + $realm = $site_hadoop::kdc::realm + $domain = $site_hadoop::kdc::domain + $kdcserver = $site_hadoop::kdc::kdcserver + + #ensure_packages($site_hadoop::kdc::packages['client']) + + file { '/etc/krb5.conf': + mode => '0644', + content => template('site_hadoop/krb5.conf.erb'), + } +} diff --git a/manifests/kdc/config.pp b/manifests/kdc/config.pp deleted file mode 100644 index 5f8c979..0000000 --- a/manifests/kdc/config.pp +++ /dev/null @@ -1,25 +0,0 @@ -class site_hadoop::kdc::config { - $realm = $site_hadoop::kdc::realm - $domain = $site_hadoop::kdc::domain - $kdcserver = $site_hadoop::kdc::kdcserver - - file { '/etc/krb5.conf': - mode => '0644', - content => template('site_hadoop/krb5.conf.erb'), - } - - file { "${site_hadoop::kdc::kdc_dir}/kdc.conf": - mode => '0600', - content => template('site_hadoop/kdc.conf.erb'), - } - - exec { 'kdb5_util-create': - command => "kdb5_util create -s -P ${site_hadoop::kdc::master_password}", - path => '/sbin:/usr/sbin:/bin:/usr/bin', - # reading /dev/random - timeout => 0, - creates => "${site_hadoop::kdc::kdc_dir}/principal", - } - File['/etc/krb5.conf'] -> Exec['kdb5_util-create'] - File["${site_hadoop::kdc::kdc_dir}/kdc.conf"] -> Exec['kdb5_util-create'] -} diff --git a/manifests/kdc/install.pp b/manifests/kdc/install.pp deleted file mode 100644 index aabbbbf..0000000 --- a/manifests/kdc/install.pp +++ /dev/null @@ -1,5 +0,0 @@ -class site_hadoop::kdc::install { - if $site_hadoop::kdc::kdc_packages { - ensure_packages($site_hadoop::kdc::kdc_packages) - } -} diff --git a/manifests/kdc/params.pp b/manifests/kdc/params.pp index c4631ea..c1e3d6e 100644 --- a/manifests/kdc/params.pp +++ b/manifests/kdc/params.pp @@ -5,23 +5,31 @@ class site_hadoop::kdc::params { 'kadmin' => 'krb5-admin-server', 'kdc' => 'krb5-kdc', } + $packages = { + 'server' => ['krb5-kdc', 'krb5-admin-server'], + #'client' => ['krb5-user'], + } } 'RedHat': { $daemons = { 'kadmin' => 'kadmin', 'kdc' => 'krb5kdc', } + $packages = { + 'server' => ['krb5-server'], + #'client' => ['krb5-workstation'], + } } } - $kdc_dir = $::osfamily ? { - debian => '/var/lib/krb5kdc', + $kdc_conf_dir = $::osfamily ? { + debian => '/etc/krb5kdc', redhat => '/var/kerberos/krb5kdc', } - $kdc_packages = $::osfamily ? { - debian => ['krb5-kdc', 'krb5-admin-server'], - redhat => ['krb5-server', 'krb5-workstation'], + $kdc_data_dir = $::osfamily ? { + debian => '/var/lib/krb5kdc', + redhat => '/var/kerberos/krb5kdc', } $realm = 'HADOOP' diff --git a/manifests/kdc/server.pp b/manifests/kdc/server.pp new file mode 100644 index 0000000..f4333d8 --- /dev/null +++ b/manifests/kdc/server.pp @@ -0,0 +1,44 @@ +class site_hadoop::kdc::server { + include stdlib + include site_hadoop::kdc::client + + ensure_packages($site_hadoop::kdc::packages['server']) + + $realm = $site_hadoop::kdc::realm + $domain = $site_hadoop::kdc::domain + $kdcserver = $site_hadoop::kdc::kdcserver + $kdcconf = "${site_hadoop::kdc::kdc_conf_dir}/kdc.conf" + + file { $kdcconf: + mode => '0600', + content => template('site_hadoop/kdc.conf.erb'), + require => Package[$site_hadoop::kdc::packages['server']], + } + + exec { 'kdb5_util-create': + command => "kdb5_util create -s -P ${site_hadoop::kdc::master_password}", + path => '/sbin:/usr/sbin:/bin:/usr/bin', + # reading /dev/random + timeout => 0, + creates => "${site_hadoop::kdc::kdc_data_dir}/principal", + require => Package[$site_hadoop::kdc::packages['server']], + } + + service{$site_hadoop::kdc::daemons['kadmin']: + ensure => running, + } + service{$site_hadoop::kdc::daemons['kdc']: + ensure => running, + } + + File['/etc/krb5.conf'] -> Exec['kdb5_util-create'] + File['/etc/krb5.conf'] ~> Service[$site_hadoop::kdc::daemons['kadmin']] + File['/etc/krb5.conf'] ~> Service[$site_hadoop::kdc::daemons['kdc']] + + File[$kdcconf] -> Exec['kdb5_util-create'] + File[$kdcconf] ~> Service[$site_hadoop::kdc::daemons['kadmin']] + File[$kdcconf] ~> Service[$site_hadoop::kdc::daemons['kdc']] + + Exec['kdb5_util-create'] -> Service[$site_hadoop::kdc::daemons['kadmin']] + Exec['kdb5_util-create'] -> Service[$site_hadoop::kdc::daemons['kdc']] +} diff --git a/manifests/kdc/service.pp b/manifests/kdc/service.pp deleted file mode 100644 index 1c700f7..0000000 --- a/manifests/kdc/service.pp +++ /dev/null @@ -1,8 +0,0 @@ -class site_hadoop::kdc::service { - service{$site_hadoop::kdc::daemons['kadmin']: - ensure => running, - } - service{$site_hadoop::kdc::daemons['kdc']: - ensure => running, - } -} diff --git a/templates/kdc.conf.erb b/templates/kdc.conf.erb index 19aa204..44ae1e9 100644 --- a/templates/kdc.conf.erb +++ b/templates/kdc.conf.erb @@ -1,4 +1,4 @@ -<% if scope.lookupvar('::osfamily') == 'debian' -%> +<% if scope.lookupvar('::osfamily') == 'Debian' -%> [kdcdefaults] kdc_ports = 750,88 @@ -15,7 +15,7 @@ supported_enctypes = aes256-cts:normal arcfour-hmac:normal des3-hmac-sha1:normal des-cbc-crc:normal des:normal des:v4 des:norealm des:onlyrealm des:afs3 default_principal_flags = +preauth } -<% elsif scope.lookupvar('::osfamily') == 'redhat' -%> +<% elsif scope.lookupvar('::osfamily') == 'RedHat' -%> [kdcdefaults] kdc_ports = 88 kdc_tcp_ports = 88 -- 1.8.2.3