diff options
| -rwxr-xr-x | facts.d/nspawn_machines.py | 71 | ||||
| -rw-r--r-- | manifests/init.pp | 10 | ||||
| -rw-r--r-- | manifests/machine.pp | 72 | ||||
| -rw-r--r-- | manifests/os/arch.pp | 17 | ||||
| -rw-r--r-- | manifests/os/debian.pp | 61 | ||||
| -rw-r--r-- | manifests/setup.pp | 21 | ||||
| -rw-r--r-- | manifests/template.pp | 39 | ||||
| -rw-r--r-- | manifests/template_final.pp | 42 | ||||
| -rw-r--r-- | manifests/util/disable_networking.pp | 13 | ||||
| -rw-r--r-- | manifests/util/enable_networkd.pp | 39 | ||||
| l--------- | templates/unit_file.epp | 1 |
11 files changed, 0 insertions, 386 deletions
diff --git a/facts.d/nspawn_machines.py b/facts.d/nspawn_machines.py deleted file mode 100755 index f8fc9a5..0000000 --- a/facts.d/nspawn_machines.py +++ /dev/null @@ -1,71 +0,0 @@ -#!/usr/bin/env python3 - -import sys - -try: - import dbus - import yaml -except ImportError: - sys.exit(0) - -bus = dbus.SystemBus() -bus_name = 'org.freedesktop.machine1' # dest -object_path = '/org/freedesktop/machine1' -try: - machined_proxy = bus.get_object(bus_name=bus_name, object_path=object_path) -except: - sys.exit(1) -iface = dbus.Interface(machined_proxy, dbus_interface='org.freedesktop.machine1.Manager') - - -machines = iface.ListMachines() -machine_names = [] -machines_info = {} -for (machine_name, *_) in machines: - machine = iface.GetMachine(machine_name) - pp = bus.get_object(bus_name='org.freedesktop.machine1', object_path=machine) - ii = dbus.Interface(pp, dbus_interface='org.freedesktop.DBus.Properties') - out_dict = {} - for key, value in ii.GetAll('org.freedesktop.machine1.Machine').items(): - # see help(dbus.types) - t = type(value) - if t == dbus.ByteArray: - raise NotImplementedError('Byte array') - elif t == dbus.Double: - v = float(value) - elif t == dbus.Boolean: - v = bool(value) - elif t in [ dbus.Byte, dbus.Int16, dbus.Int32, dbus.Int64, dbus.UInt16, dbus.UInt32, dbus.UInt64 ]: - v = int(value) - elif t in [ dbus.ObjectPath, dbus.Signature ]: - # string likes - v = str(value) - elif t == dbus.Dictionary: - # dict like - raise NotImplementedError('Dictionary') - elif t == dbus.Array: - if value.signature == dbus.Signature('y'): - v = bytes(int(x) for x in value) - elif value.signature == dbus.Signature('i'): - v = [int(x) for x in value] - else: - print(repr(value)) - print(repr(value.signature)) - raise NotImplementedError('Array') - # case dbus.UnixFd: - # raise NotImplementedError() - elif t == dbus.String: - v = str(value) - elif t == dbus.Struct: - # tuple like - raise NotImplementedError('Struct') - out_dict[str(key)] = v - machine_names.append(str(machine_name)) - machines_info[str(machine_name)] = out_dict - -out = { - 'machined-machines': machine_names, - 'machined-info': machines_info, -} - -print(yaml.dump(out)) diff --git a/manifests/init.pp b/manifests/init.pp deleted file mode 100644 index f768f43..0000000 --- a/manifests/init.pp +++ /dev/null @@ -1,10 +0,0 @@ -class nspawn ( - String $machine_dir = '/var/lib/machines', - String $template_dir = '/var/lib/machines', - String $puppet_server = 'puppet', - Hash[String,Hash] $templates, - Hash[String,Hash] $machines, -) { - create_resources(nspawn::machine, $machines) - create_resources(nspawn::template, $templates) -} diff --git a/manifests/machine.pp b/manifests/machine.pp deleted file mode 100644 index e6d01e2..0000000 --- a/manifests/machine.pp +++ /dev/null @@ -1,72 +0,0 @@ -define nspawn::machine ( - String $template, - String $machine = $name, - Boolean $enable = false, - String $machine_dir = $nspawn::machine_dir, - Hash $nspawn_opts = {}, -) { - - require ::nspawn::setup - - # TODO - # gather fact from 'machinectl list-images', and check if one with - # our name + '.base' exists - - $domain = $facts['domain'] - $root = "${machine_dir}/${machine}" - - exec { "lvcreate -n vm-${machine} -V 100G --thinpool lvpoolData VolGroup": - creates => "/dev/VolGroup/vm-${machine}", - path => ['/usr/bin',], - } -> systemd_mount { "/var/lib/machines/${machine}": - what => "/dev/VolGroup/vm-${machine}" - } - - # Copies image to us - # TODO does this actually do anything more than a deep copy? - exec { "Create ${machine} from template": - command => [ 'systemd-nspawn', - "--template=/var/lib/machines/${template}.base", - '--quiet', - '-D', $machine, - '/bin/true', # run some command so we don't get stuck on boot prompt - ], - path => ['/bin','/usr/bin'], - cwd => $machine_dir, - creates => "${machine_dir}/${machine}", - } - - file { "/var/lib/machines/${machine}/etc/hostname": - ensure => file, - content => "${machine}.${domain}\n", - require => Exec["Create ${machine} from template"], - } - - # systemd-nspawn --quiet -M debby systemctl enable puppet - - $nspawn_data = { - 'Exec' => { - # 'Hostname' => "${machine}.${domain}", - 'Boot' => 'true', - 'ResolvConf' => 'copy-static', # /usr/lib/systemd/resolv.conf - }, - 'Network' => { - 'Bridge' => 'br0', - } - # TODO deep merge? - } + $nspawn_opts - - file { "/etc/systemd/nspawn/${machine}.nspawn": - ensure => file, - content => epp('nspawn/unit_file.epp', { - data => $nspawn_data, - }), - notify => Service["systemd-nspawn@${machine}.service"], - } - - service { "systemd-nspawn@${machine}.service": - enable => $enable, - require => File["/etc/systemd/nspawn/${machine}.nspawn"], - } - -} diff --git a/manifests/os/arch.pp b/manifests/os/arch.pp deleted file mode 100644 index d9bd258..0000000 --- a/manifests/os/arch.pp +++ /dev/null @@ -1,17 +0,0 @@ -define nspawn::os::arch ( - String $template_name = $name, - String $template_dir = $nspawn::template_dir, -) { - - ensure_packages(['arch-install-scripts']) - - $root = "${template_dir}/${template_name}" - - file { $root: - ensure => directory, - } -> exec { "/usr/bin/pacstrap '${root}' base puppet": - creates => "${root}/etc/os-release", - } -> nspawn::util::enable_networkd { $template_name: - template_dir => $template_dir, - } -} diff --git a/manifests/os/debian.pp b/manifests/os/debian.pp deleted file mode 100644 index 9e42737..0000000 --- a/manifests/os/debian.pp +++ /dev/null @@ -1,61 +0,0 @@ -# TODO rename this to image-setup -define nspawn::os::debian ( - String $os_version, - String $template_name = $name, - String $template_dir = $nspawn::template_dir, -) { - - $root = "${template_dir}/${template_name}" - $pkg_pos = 'var/tmp' - - ensure_packages(['debootstrap']) - - exec { "/usr/bin/deboostrap ${os_version} '${root}'": - creates => "${root}/etc/os-release", - } - - $puppet_deb = "puppet7-release-${os_version}.deb" - $puppet_deb_path = "${root}/${pkg_pos}/${puppet_deb}" - - file { $puppet_deb_path: - ensure => file, - source => "https://apt.puppet.com/${puppet_deb}" - } - - $running = $facts['machined-info'][$template_name] != undef - and $facts['machined-info'][$template_name]['State'] == 'running' - - if $running { - # TODO - notify { "Notify skipping ${template_name} setup": - message => "Skipping setup for ${template_name}, already running", - } - } else { - exec { "Set up puppet repo for ${template_name}": - subscribe => File[$puppet_deb_path], - refreshonly => true, - command => [ '/usr/bin/systemd-nspawn', - '-M', $template_name, - '--quiet', - '/bin/sh', '-c', - "dpkg -i '/${pkg_pos}/puppet7-release-${os_version}.deb' && apt update" - ], - } - - exec { "install puppet-agent on ${template_name}": - command => [ '/usr/bin/systemd-nspawn', - '-M', $template_name, - '--quiet', - 'apt', 'install', 'puppet-agent', - ], - creates => "${root}/opt/puppetlabs/bin/puppet", - } - } - - nspawn::util::disable_networking { $template_name: - template_dir => $template_dir, - } - nspawn::util::enable_networkd { $template_name: - template_dir => $template_dir, - } -} diff --git a/manifests/setup.pp b/manifests/setup.pp deleted file mode 100644 index 01503c8..0000000 --- a/manifests/setup.pp +++ /dev/null @@ -1,21 +0,0 @@ -class nspawn::setup { - - # TODO find better file to use for containers - - file { '/usr/lib/systemd/resolv.conf': - ensure => file, - content => @(EOF) - # File /usr/lib/systemd/resolv.conf managed by puppet - # Local changes will be overwritten - nameserver 10.0.0.40 - search adrift.space - | EOF - } - - service { 'machines.target': - enable => true, - } - - Nspawn::Template <| |> -> Nspawn::Machine <| |> - -} diff --git a/manifests/template.pp b/manifests/template.pp deleted file mode 100644 index 3c66b97..0000000 --- a/manifests/template.pp +++ /dev/null @@ -1,39 +0,0 @@ -define nspawn::template ( - String $template_name = $name, - Enum['debian', 'arch'] $os = $template_name.split('-')[0], - Optional[String] $version = undef, - String $puppet_server = $nspawn::puppet_server, - String $template_dir = $nspawn::template_dir, -) { - - $template = "${template_name}.base" - $root = "${template_dir}/${template}" - - case $os { - 'debian': { - $real_version = if $version != undef { - $version - } else { - # Oout of bounds indexing gives 'undef' - $template_name.split('-')[1] - } - nspawn::os::debian { $template: - os_version => $real_version, - template_dir => $template_dir, - before => Nspawn::Template_final[$template], - } - } - 'arch': { - nspawn::os::arch { $template: - template_dir => $template_dir, - before => Nspawn::Template_final[$template], - } - } - } - - nspawn::template_final { $template: - root => $root, - puppet_server => $puppet_server, - } - -} diff --git a/manifests/template_final.pp b/manifests/template_final.pp deleted file mode 100644 index 4ab5a9d..0000000 --- a/manifests/template_final.pp +++ /dev/null @@ -1,42 +0,0 @@ -define nspawn::template_final ( - String $root, - String $puppet_server, - String $template = $name, -) { - exec { "Enable puppet on ${template}": - command => [ '/usr/bin/systemd-nspawn', - '-M', $template, - '--quiet', - 'systemctl', 'enable', 'puppet', - ], - creates => "${root}/etc/systemd/system/multi-user.target.wants/puppet.service", - } - - file { "${root}/etc/systemd/system/puppet.service.requires": - ensure => directory, - } - - # This is nice in theory, but has the problem that - # network-online.target is reached on our first IP-address, which - # will probably be our static IPv4 address, and busting.adrift.space - # isn't resolvable over IPv4... - file { "${root}/etc/systemd/system/puppet.service.requires/network-online.target": - ensure => link, - # Debian requires /lib, arch accepts it - target => '/lib/systemd/system/network-online.target' - } - - file { [ "${root}/etc/puppetlabs", - "${root}/etc/puppetlabs/puppet" ] : - ensure => directory, - } - - - file { "${root}/etc/puppetlabs/puppet/puppet.conf": - ensure => file, - content => @("EOF") - [main] - server = ${puppet_server} - | EOF - } -} diff --git a/manifests/util/disable_networking.pp b/manifests/util/disable_networking.pp deleted file mode 100644 index 186d096..0000000 --- a/manifests/util/disable_networking.pp +++ /dev/null @@ -1,13 +0,0 @@ -define nspawn::util::disable_networking ( - String $template_name = $name, - String $template_dir = $nspawn::template_dir, - String $template_path = "${template_dir}/${template_name}", -) { - # Manually masking instead of trying to disable/mask it through - # systemd, since this is MUCH easier to do whith puppet. - file { "${template_path}/etc/systemd/system/networking.service": - ensure => link, - target => '/dev/null', - } -} - diff --git a/manifests/util/enable_networkd.pp b/manifests/util/enable_networkd.pp deleted file mode 100644 index 40cb3d9..0000000 --- a/manifests/util/enable_networkd.pp +++ /dev/null @@ -1,39 +0,0 @@ -define nspawn::util::enable_networkd ( - String $template_name = $name, - String $template_dir = $nspawn::template_dir, - String $root = "${template_dir}/${template_name}", -) { - - networking::networkd_instance { "Initial networking on ${template_name}": - priority => 99, - filename => 'puppet-initial', - path => "${root}/${networking::networkd::path}", - content => { - 'Match' => { - 'Name' => 'host0', - }, - 'Network' => { - 'DHCP' => 'ipv4', - 'IPv6AcceptRA' => 1, - }, - }, - } - - $running = $facts['machined-info'][$template_name] != undef - and $facts['machined-info'][$template_name]['State'] == 'running' - - $cmd = if $running { - [ 'systemctl', '-M', $template_name, 'enable', 'systemd-networkd' ] - } else { - [ 'systemd-nspawn', '-M', $template_name, '--quiet', - 'systemctl', 'enable', 'systemd-networkd' ] - } - - exec { "Enable systemd-networkd on ${template_name}": - command => $cmd, - path => [ '/bin', '/usr/bin', ], - # among others - creates => "${root}/etc/systemd/system/multi-user.target.wants/systemd-networkd.service", - } - -} diff --git a/templates/unit_file.epp b/templates/unit_file.epp deleted file mode 120000 index ca099ec..0000000 --- a/templates/unit_file.epp +++ /dev/null @@ -1 +0,0 @@ -../../networking/templates/unit_file.epp
\ No newline at end of file |