Module overhaul for performance and extensibility

Author: nhr

.gitignore

@@ -1,5 +1,7 @@
 .DS_Store
+.project
 .vagrant
 metadata.json
 *~
 *.swp
+pkg

Modulefile

@@ -1,11 +1,14 @@
 name 'openshift-openshift_origin'
-version '3.0.1'
+version '4.0.0'
 
 author 'Mojo Lingo, Red Hat'
 license 'ASL'
 project_page 'https://github.com/kraman/puppet-openshift_origin'
 source 'git://github.com/openshift/puppet-openshift_origin.git'
 summary 'Module for installing Red Hat Openshift'
 description 'Configures OpenShift Origin broker, nodes and support servers'
+dependency 'rharrison/lokkit', '>=0.2.0'
 dependency 'puppetlabs/ntp', '>=0.1.0'
 dependency 'puppetlabs/stdlib', '>=2.6.0'
+dependency 'blentz/selinux_types', '>=0.1.0'
+dependency 'duritong/sysctl', '>=0.0.1'

README.asciidoc

@@ -45,36 +45,36 @@ this class.
 
 http://docs.puppetlabs.com/guides/parameterized_classes.html[Using Parameterized Classes]
 
-.Example: Single host (broker+console+node) which uses the Avahi MDNS and mongo Auth plugin:
+.Example: Single host (broker+console+node) which uses the Avahi MDNS and htpasswd Auth plugin:
 ----
 class { 'openshift_origin' :
-  domain                     => 'example.com',
-  node_unmanaged_users       => ['root'],
-  development_mode           => true,
-  conf_node_external_eth_dev => 'eth0',
-  install_method             => 'yum',
-  register_host_with_named   => true,
-  broker_auth_plugin         => 'mongo',
-  broker_dns_plugin          => 'avahi',
+  domain                        => 'example.com',
+  node_unmanaged_users          => ['root'],
+  development_mode              => true,
+  conf_node_external_eth_dev    => 'eth0',
+  install_method                => 'yum',
+  register_host_with_nameserver => true,
+  broker_auth_plugin            => 'htpasswd',
+  broker_dns_plugin             => 'avahi',
 }
 ----
 
 .Example: Single host (broker+console+node) which uses the **Kerberos** Auth plugin and GSS-TSIG.
 ----
 class { 'openshift_origin' :
-  domain                     => 'example.com',
-  node_unmanaged_users       => ['root'],
-  development_mode           => true,
-  conf_node_external_eth_dev => 'eth0',
-  install_method             => 'yum',
-  register_host_with_named   => true,
-  broker_auth_plugin         => 'remote-user',
-  broker_dns_plugin          => 'named',
-  bind_krb_principal         => $hostname,
-  bind_krb_keytab            => '/etc/dns.keytab'
-  broker_krb_keytab          => '/etc/http.keytab',
-  broker_krb_auth_realms     => 'EXAMPLE.COM',
-  broker_krb_service_name    => $hostname,
+  domain                        => 'example.com',
+  node_unmanaged_users          => ['root'],
+  development_mode              => true,
+  conf_node_external_eth_dev    => 'eth0',
+  install_method                => 'yum',
+  register_host_with_nameserver => true,
+  broker_auth_plugin            => 'remote-user',
+  broker_dns_plugin             => 'nsupdate',
+  bind_krb_principal            => $hostname,
+  bind_krb_keytab               => '/etc/dns.keytab'
+  broker_krb_keytab             => '/etc/http.keytab',
+  broker_krb_auth_realms        => 'EXAMPLE.COM',
+  broker_krb_service_name       => $hostname,
 }
 ----
 
@@ -107,13 +107,13 @@ $ d.register_application "appname", "namespace", "node_fqdn"
 
 Choose from the following roles to be configured on this node.
 
-* broker    - Installs the broker and console.
-* node      - Installs the node and cartridges.
-* activemq  - Installs activemq message broker.
-* datastore - Installs MongoDB (not sharded/replicated)
-* named     - Installs a BIND dns server configured with a TSIG key for updates.
+* broker     - Installs the broker and console.
+* node       - Installs the node and cartridges.
+* msgserver  - Installs ActiveMQ message broker.
+* datastore  - Installs MongoDB (not sharded/replicated)
+* nameserver - Installs a BIND dns server configured with a TSIG key for updates.
 
-Default: ['broker','node','activemq','datastore','named']
+Default: ['broker','node','msgserver','datastore','nameserver']
 
 ==== install_method
 Choose from the following ways to provide packages:
@@ -189,11 +189,11 @@ Default: example.com
 
 ==== broker_hostname
 ==== node_hostname
-==== named_hostname
-==== activemq_hostname
+==== nameserver_hostname
+==== msgserver_hostname
 ==== datastore_hostname
 Default: the root plus the domain, e.g. broker.example.com - except
-named=ns1.example.com 
+nameserver=ns1.example.com 
 
 These supply the FQDN of the hosts containing these components. Used
 for configuring the host's name at install, and also for configuring
@@ -204,8 +204,8 @@ DNS entries for the hostnames of the other components being
 installed on this host as well. If you are using a nameserver set
 up separately, you are responsible for all necessary DNS entries.
 
-==== named_ip_addr
-Default: IP of a named instance or current IP if installing on this 
+==== nameserver_ip_addr
+Default: IP of a name server instance or current IP if installing on this 
 node. This is used by every node to configure its primary name server.
 
 Default: the current IP (at install)  
@@ -223,8 +223,8 @@ can be used instead of the HMAC-MD5 key for updates.
 When the nameserver is remote, this Kerberos principal together with
 Kerberos keytab can be used instead of the HMAC-MD5 key for updates.
 
-==== conf_named_upstream_dns
-List of upstream DNS servers to use when installing named on this node.
+==== conf_nameserver_upstream_dns
+List of upstream DNS servers to use when installing a nameserver on this node.
 
 Default: ['8.8.8.8']
 
@@ -263,7 +263,7 @@ Default: ['time.apple.com iburst', 'pool.ntp.org iburst', 'clock.redhat.com ibur
 NOTE: Use iburst after every ntp server definition to speed up the
 initial synchronization.
 
-==== activemq_admin_password
+==== msgserver_admin_password
 This is the admin password for the ActiveMQ admin console, which is
 not needed by OpenShift but might be useful in troubleshooting.
 
@@ -429,7 +429,7 @@ Default: false
 Install a Getty shell which displays DNS, IP and login information. Used for 
 all-in-one VM installation.
 
-==== register_host_with_named
+==== register_host_with_nameserver
 Setup DNS entries for this host in a locally installed bind DNS instance.
 
 Default: false

configure_origin.pp.broker_example

@@ -1,26 +1,26 @@
 class { 'openshift_origin' :
   # Components to install on this host:
-  roles			 => ['broker','named','activemq','datastore'],
+  roles => ['broker','nameserver','msgserver','datastore'],
 
   # BIND / named config
   # This is the key for updating the OpenShift BIND server
-  bind_key                   => '<DNSSEC_BIND_KEY>',
+  bind_key                       => '<DNSSEC_BIND_KEY>',
   # The domain under which applications should be created.
-  domain                     => 'example.com',
+  domain                         => 'example.com',
   # Apps would be named <app>-<namespace>.example.com
   # This also creates hostnames for local components under our domain
-  register_host_with_named   => true,
+  register_host_with_nameserver  => true,
   # Forward requests for other domains (to Google by default)
-  conf_named_upstream_dns    => ['<UPSTREAM_DNS_IP>'],
+  conf_nameserver_upstream_dns   => ['<UPSTREAM_DNS_IP>'],
 
   # NTP Servers for OpenShift hosts to sync time
-  ntp_servers                => ['<NTP_SERVER_FQDN> iburst'],
+  ntp_servers => ['<NTP_SERVER_FQDN> iburst'],
 
   # The FQDNs of the OpenShift component hosts
-  broker_hostname            => '<BROKER_HOSTNAME>.example.com',
-  named_hostname             => '<BROKER_HOSTNAME>.example.com',
-  datastore_hostname         => '<BROKER_HOSTNAME>.example.com',
-  activemq_hostname          => '<BROKER_HOSTNAME>.example.com',
+  broker_hostname     => '<BROKER_HOSTNAME>.example.com',
+  nameserver_hostname => '<BROKER_HOSTNAME>.example.com',
+  datastore_hostname  => '<BROKER_HOSTNAME>.example.com',
+  msgserver_hostname  => '<BROKER_HOSTNAME>.example.com',
 
   # Auth OpenShift users created with htpasswd tool in /etc/openshift/htpasswd
   broker_auth_plugin         => 'htpasswd',

configure_origin.pp.node_example

@@ -4,26 +4,26 @@ class { 'openshift_origin' :
 
   # BIND / named config
   # This is the key for updating the OpenShift BIND server
-  bind_key                   => '<DNSSEC_BIND_KEY>',
+  bind_key                      => '<DNSSEC_BIND_KEY>',
   # This is the IP address for OpenShift BIND server - here, the broker.
-  named_ip_addr              => '<BROKER_IP_ADDRESS>',
+  nameserver_ip_addr            => '<BROKER_IP_ADDRESS>',
   # The domain under which applications should be created.
-  domain                     => 'example.com',
+  domain                        => 'example.com',
   # Apps would be named <app>-<namespace>.example.com
   # This also creates hostnames for local components under our domain
-  register_host_with_named   => true,
+  register_host_with_nameserver => true,
 
   # The FQDNs of the OpenShift component hosts we will need
-  broker_hostname            => '<BROKER_HOSTNAME>.example.com',
-  activemq_hostname          => '<BROKER_HOSTNAME>.example.com',
-  node_hostname              => '<NODE_HOSTNAME>.example.com',
+  broker_hostname    => '<BROKER_HOSTNAME>.example.com',
+  msgserver_hostname => '<BROKER_HOSTNAME>.example.com',
+  node_hostname      => '<NODE_HOSTNAME>.example.com',
 
   # NTP Servers for OpenShift hosts to sync time
-  ntp_servers                => ['<NTP_SERVER_FQDN> iburst'],
+  ntp_servers => ['<NTP_SERVER_FQDN> iburst'],
 
   # To enable installing the Jenkins cartridge:
-  install_method             => 'yum',
-  jenkins_repo_base          => 'http://pkg.jenkins-ci.org/redhat',
+  install_method    => 'yum',
+  jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat',
 
   # Cartridges to install on Node hosts
   install_cartridges         => ['php', 'mysql'],

manifests/avahi.pp

@@ -16,6 +16,8 @@
 class openshift_origin::avahi {
   include openshift_origin::params
 
+  # TODO: Farm work out to Avahi module
+
   package { ['avahi-cname-manager']:
     ensure => present,
     require => Class['openshift_origin::install_method'],