From 1b7a898c7a336778c0e43ce6e26a36e43cf1080b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= Date: Wed, 21 Jun 2023 21:45:18 +0200 Subject: Remove everything. Remove everything in the module, to make room for a new module in its place (but keeping the history, just in case). The problem with this module was that it tried way to hard to handle the machines by itself, while that should be done outside puppet. The new module will have a much simpler idea of how to provission, not attempt to build machines from scratch, and especially not do anything expensive. --- facts.d/nspawn_machines.py | 71 ----------------------------------- manifests/init.pp | 10 ----- manifests/machine.pp | 72 ------------------------------------ manifests/os/arch.pp | 17 --------- manifests/os/debian.pp | 61 ------------------------------ manifests/setup.pp | 21 ----------- manifests/template.pp | 39 ------------------- manifests/template_final.pp | 42 --------------------- manifests/util/disable_networking.pp | 13 ------- manifests/util/enable_networkd.pp | 39 ------------------- templates/unit_file.epp | 1 - 11 files changed, 386 deletions(-) delete mode 100755 facts.d/nspawn_machines.py delete mode 100644 manifests/init.pp delete mode 100644 manifests/machine.pp delete mode 100644 manifests/os/arch.pp delete mode 100644 manifests/os/debian.pp delete mode 100644 manifests/setup.pp delete mode 100644 manifests/template.pp delete mode 100644 manifests/template_final.pp delete mode 100644 manifests/util/disable_networking.pp delete mode 100644 manifests/util/enable_networkd.pp delete mode 120000 templates/unit_file.epp diff --git a/facts.d/nspawn_machines.py b/facts.d/nspawn_machines.py deleted file mode 100755 index f8fc9a5..0000000 --- a/facts.d/nspawn_machines.py +++ /dev/null @@ -1,71 +0,0 @@ -#!/usr/bin/env python3 - -import sys - -try: - import dbus - import yaml -except ImportError: - sys.exit(0) - -bus = dbus.SystemBus() -bus_name = 'org.freedesktop.machine1' # dest -object_path = '/org/freedesktop/machine1' -try: - machined_proxy = bus.get_object(bus_name=bus_name, object_path=object_path) -except: - sys.exit(1) -iface = dbus.Interface(machined_proxy, dbus_interface='org.freedesktop.machine1.Manager') - - -machines = iface.ListMachines() -machine_names = [] -machines_info = {} -for (machine_name, *_) in machines: - machine = iface.GetMachine(machine_name) - pp = bus.get_object(bus_name='org.freedesktop.machine1', object_path=machine) - ii = dbus.Interface(pp, dbus_interface='org.freedesktop.DBus.Properties') - out_dict = {} - for key, value in ii.GetAll('org.freedesktop.machine1.Machine').items(): - # see help(dbus.types) - t = type(value) - if t == dbus.ByteArray: - raise NotImplementedError('Byte array') - elif t == dbus.Double: - v = float(value) - elif t == dbus.Boolean: - v = bool(value) - elif t in [ dbus.Byte, dbus.Int16, dbus.Int32, dbus.Int64, dbus.UInt16, dbus.UInt32, dbus.UInt64 ]: - v = int(value) - elif t in [ dbus.ObjectPath, dbus.Signature ]: - # string likes - v = str(value) - elif t == dbus.Dictionary: - # dict like - raise NotImplementedError('Dictionary') - elif t == dbus.Array: - if value.signature == dbus.Signature('y'): - v = bytes(int(x) for x in value) - elif value.signature == dbus.Signature('i'): - v = [int(x) for x in value] - else: - print(repr(value)) - print(repr(value.signature)) - raise NotImplementedError('Array') - # case dbus.UnixFd: - # raise NotImplementedError() - elif t == dbus.String: - v = str(value) - elif t == dbus.Struct: - # tuple like - raise NotImplementedError('Struct') - out_dict[str(key)] = v - machine_names.append(str(machine_name)) - machines_info[str(machine_name)] = out_dict - -out = { - 'machined-machines': machine_names, - 'machined-info': machines_info, -} - -print(yaml.dump(out)) diff --git a/manifests/init.pp b/manifests/init.pp deleted file mode 100644 index f768f43..0000000 --- a/manifests/init.pp +++ /dev/null @@ -1,10 +0,0 @@ -class nspawn ( - String $machine_dir = '/var/lib/machines', - String $template_dir = '/var/lib/machines', - String $puppet_server = 'puppet', - Hash[String,Hash] $templates, - Hash[String,Hash] $machines, -) { - create_resources(nspawn::machine, $machines) - create_resources(nspawn::template, $templates) -} diff --git a/manifests/machine.pp b/manifests/machine.pp deleted file mode 100644 index e6d01e2..0000000 --- a/manifests/machine.pp +++ /dev/null @@ -1,72 +0,0 @@ -define nspawn::machine ( - String $template, - String $machine = $name, - Boolean $enable = false, - String $machine_dir = $nspawn::machine_dir, - Hash $nspawn_opts = {}, -) { - - require ::nspawn::setup - - # TODO - # gather fact from 'machinectl list-images', and check if one with - # our name + '.base' exists - - $domain = $facts['domain'] - $root = "${machine_dir}/${machine}" - - exec { "lvcreate -n vm-${machine} -V 100G --thinpool lvpoolData VolGroup": - creates => "/dev/VolGroup/vm-${machine}", - path => ['/usr/bin',], - } -> systemd_mount { "/var/lib/machines/${machine}": - what => "/dev/VolGroup/vm-${machine}" - } - - # Copies image to us - # TODO does this actually do anything more than a deep copy? - exec { "Create ${machine} from template": - command => [ 'systemd-nspawn', - "--template=/var/lib/machines/${template}.base", - '--quiet', - '-D', $machine, - '/bin/true', # run some command so we don't get stuck on boot prompt - ], - path => ['/bin','/usr/bin'], - cwd => $machine_dir, - creates => "${machine_dir}/${machine}", - } - - file { "/var/lib/machines/${machine}/etc/hostname": - ensure => file, - content => "${machine}.${domain}\n", - require => Exec["Create ${machine} from template"], - } - - # systemd-nspawn --quiet -M debby systemctl enable puppet - - $nspawn_data = { - 'Exec' => { - # 'Hostname' => "${machine}.${domain}", - 'Boot' => 'true', - 'ResolvConf' => 'copy-static', # /usr/lib/systemd/resolv.conf - }, - 'Network' => { - 'Bridge' => 'br0', - } - # TODO deep merge? - } + $nspawn_opts - - file { "/etc/systemd/nspawn/${machine}.nspawn": - ensure => file, - content => epp('nspawn/unit_file.epp', { - data => $nspawn_data, - }), - notify => Service["systemd-nspawn@${machine}.service"], - } - - service { "systemd-nspawn@${machine}.service": - enable => $enable, - require => File["/etc/systemd/nspawn/${machine}.nspawn"], - } - -} diff --git a/manifests/os/arch.pp b/manifests/os/arch.pp deleted file mode 100644 index d9bd258..0000000 --- a/manifests/os/arch.pp +++ /dev/null @@ -1,17 +0,0 @@ -define nspawn::os::arch ( - String $template_name = $name, - String $template_dir = $nspawn::template_dir, -) { - - ensure_packages(['arch-install-scripts']) - - $root = "${template_dir}/${template_name}" - - file { $root: - ensure => directory, - } -> exec { "/usr/bin/pacstrap '${root}' base puppet": - creates => "${root}/etc/os-release", - } -> nspawn::util::enable_networkd { $template_name: - template_dir => $template_dir, - } -} diff --git a/manifests/os/debian.pp b/manifests/os/debian.pp deleted file mode 100644 index 9e42737..0000000 --- a/manifests/os/debian.pp +++ /dev/null @@ -1,61 +0,0 @@ -# TODO rename this to image-setup -define nspawn::os::debian ( - String $os_version, - String $template_name = $name, - String $template_dir = $nspawn::template_dir, -) { - - $root = "${template_dir}/${template_name}" - $pkg_pos = 'var/tmp' - - ensure_packages(['debootstrap']) - - exec { "/usr/bin/deboostrap ${os_version} '${root}'": - creates => "${root}/etc/os-release", - } - - $puppet_deb = "puppet7-release-${os_version}.deb" - $puppet_deb_path = "${root}/${pkg_pos}/${puppet_deb}" - - file { $puppet_deb_path: - ensure => file, - source => "https://apt.puppet.com/${puppet_deb}" - } - - $running = $facts['machined-info'][$template_name] != undef - and $facts['machined-info'][$template_name]['State'] == 'running' - - if $running { - # TODO - notify { "Notify skipping ${template_name} setup": - message => "Skipping setup for ${template_name}, already running", - } - } else { - exec { "Set up puppet repo for ${template_name}": - subscribe => File[$puppet_deb_path], - refreshonly => true, - command => [ '/usr/bin/systemd-nspawn', - '-M', $template_name, - '--quiet', - '/bin/sh', '-c', - "dpkg -i '/${pkg_pos}/puppet7-release-${os_version}.deb' && apt update" - ], - } - - exec { "install puppet-agent on ${template_name}": - command => [ '/usr/bin/systemd-nspawn', - '-M', $template_name, - '--quiet', - 'apt', 'install', 'puppet-agent', - ], - creates => "${root}/opt/puppetlabs/bin/puppet", - } - } - - nspawn::util::disable_networking { $template_name: - template_dir => $template_dir, - } - nspawn::util::enable_networkd { $template_name: - template_dir => $template_dir, - } -} diff --git a/manifests/setup.pp b/manifests/setup.pp deleted file mode 100644 index 01503c8..0000000 --- a/manifests/setup.pp +++ /dev/null @@ -1,21 +0,0 @@ -class nspawn::setup { - - # TODO find better file to use for containers - - file { '/usr/lib/systemd/resolv.conf': - ensure => file, - content => @(EOF) - # File /usr/lib/systemd/resolv.conf managed by puppet - # Local changes will be overwritten - nameserver 10.0.0.40 - search adrift.space - | EOF - } - - service { 'machines.target': - enable => true, - } - - Nspawn::Template <| |> -> Nspawn::Machine <| |> - -} diff --git a/manifests/template.pp b/manifests/template.pp deleted file mode 100644 index 3c66b97..0000000 --- a/manifests/template.pp +++ /dev/null @@ -1,39 +0,0 @@ -define nspawn::template ( - String $template_name = $name, - Enum['debian', 'arch'] $os = $template_name.split('-')[0], - Optional[String] $version = undef, - String $puppet_server = $nspawn::puppet_server, - String $template_dir = $nspawn::template_dir, -) { - - $template = "${template_name}.base" - $root = "${template_dir}/${template}" - - case $os { - 'debian': { - $real_version = if $version != undef { - $version - } else { - # Oout of bounds indexing gives 'undef' - $template_name.split('-')[1] - } - nspawn::os::debian { $template: - os_version => $real_version, - template_dir => $template_dir, - before => Nspawn::Template_final[$template], - } - } - 'arch': { - nspawn::os::arch { $template: - template_dir => $template_dir, - before => Nspawn::Template_final[$template], - } - } - } - - nspawn::template_final { $template: - root => $root, - puppet_server => $puppet_server, - } - -} diff --git a/manifests/template_final.pp b/manifests/template_final.pp deleted file mode 100644 index 4ab5a9d..0000000 --- a/manifests/template_final.pp +++ /dev/null @@ -1,42 +0,0 @@ -define nspawn::template_final ( - String $root, - String $puppet_server, - String $template = $name, -) { - exec { "Enable puppet on ${template}": - command => [ '/usr/bin/systemd-nspawn', - '-M', $template, - '--quiet', - 'systemctl', 'enable', 'puppet', - ], - creates => "${root}/etc/systemd/system/multi-user.target.wants/puppet.service", - } - - file { "${root}/etc/systemd/system/puppet.service.requires": - ensure => directory, - } - - # This is nice in theory, but has the problem that - # network-online.target is reached on our first IP-address, which - # will probably be our static IPv4 address, and busting.adrift.space - # isn't resolvable over IPv4... - file { "${root}/etc/systemd/system/puppet.service.requires/network-online.target": - ensure => link, - # Debian requires /lib, arch accepts it - target => '/lib/systemd/system/network-online.target' - } - - file { [ "${root}/etc/puppetlabs", - "${root}/etc/puppetlabs/puppet" ] : - ensure => directory, - } - - - file { "${root}/etc/puppetlabs/puppet/puppet.conf": - ensure => file, - content => @("EOF") - [main] - server = ${puppet_server} - | EOF - } -} diff --git a/manifests/util/disable_networking.pp b/manifests/util/disable_networking.pp deleted file mode 100644 index 186d096..0000000 --- a/manifests/util/disable_networking.pp +++ /dev/null @@ -1,13 +0,0 @@ -define nspawn::util::disable_networking ( - String $template_name = $name, - String $template_dir = $nspawn::template_dir, - String $template_path = "${template_dir}/${template_name}", -) { - # Manually masking instead of trying to disable/mask it through - # systemd, since this is MUCH easier to do whith puppet. - file { "${template_path}/etc/systemd/system/networking.service": - ensure => link, - target => '/dev/null', - } -} - diff --git a/manifests/util/enable_networkd.pp b/manifests/util/enable_networkd.pp deleted file mode 100644 index 40cb3d9..0000000 --- a/manifests/util/enable_networkd.pp +++ /dev/null @@ -1,39 +0,0 @@ -define nspawn::util::enable_networkd ( - String $template_name = $name, - String $template_dir = $nspawn::template_dir, - String $root = "${template_dir}/${template_name}", -) { - - networking::networkd_instance { "Initial networking on ${template_name}": - priority => 99, - filename => 'puppet-initial', - path => "${root}/${networking::networkd::path}", - content => { - 'Match' => { - 'Name' => 'host0', - }, - 'Network' => { - 'DHCP' => 'ipv4', - 'IPv6AcceptRA' => 1, - }, - }, - } - - $running = $facts['machined-info'][$template_name] != undef - and $facts['machined-info'][$template_name]['State'] == 'running' - - $cmd = if $running { - [ 'systemctl', '-M', $template_name, 'enable', 'systemd-networkd' ] - } else { - [ 'systemd-nspawn', '-M', $template_name, '--quiet', - 'systemctl', 'enable', 'systemd-networkd' ] - } - - exec { "Enable systemd-networkd on ${template_name}": - command => $cmd, - path => [ '/bin', '/usr/bin', ], - # among others - creates => "${root}/etc/systemd/system/multi-user.target.wants/systemd-networkd.service", - } - -} diff --git a/templates/unit_file.epp b/templates/unit_file.epp deleted file mode 120000 index ca099ec..0000000 --- a/templates/unit_file.epp +++ /dev/null @@ -1 +0,0 @@ -../../networking/templates/unit_file.epp \ No newline at end of file -- cgit v1.2.3