From 9879444f56654fded22ad4d5f5913cb4058446c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 19 Jan 2014 15:34:01 +0100 Subject: [PATCH] First commit --- Berksfile | 14 +++++ Gemfile | 10 ++++ README | 0 Rakefile | 9 ++++ Thorfile | 5 ++ Vagrantfile | 52 +++++++++++++++++++ roles/compute_node.json | 15 ++++++ roles/head_node.json | 35 +++++++++++++ site-cookbooks/bind/attributes/default.rb | 3 ++ site-cookbooks/bind/metadata.rb | 2 + site-cookbooks/bind/recipes/default.rb | 35 +++++++++++++ .../bind/templates/default/named.conf.erb | 10 ++++ .../templates/default/named.conf.options.erb | 23 ++++++++ .../bind/templates/default/zone.erb | 10 ++++ site-cookbooks/dhcp/attributes/default.rb | 3 ++ site-cookbooks/dhcp/metadata.rb | 2 + site-cookbooks/dhcp/recipes/default.rb | 9 ++++ .../dhcp/templates/default/dhcpd.conf.erb | 15 ++++++ site-cookbooks/ntp/attributes/default.rb | 2 + site-cookbooks/ntp/metadata.rb | 2 + site-cookbooks/ntp/recipes/default.rb | 9 ++++ .../ntp/templates/default/ntp.conf.erb | 9 ++++ spec/coobooks/bind_spec.rb | 28 ++++++++++ spec/coobooks/dhcp_spec.rb | 18 +++++++ spec/coobooks/ntp_spec.rb | 14 +++++ spec/spec_helper.rb | 15 ++++++ 26 files changed, 349 insertions(+) create mode 100644 Berksfile create mode 100644 Gemfile create mode 100644 README create mode 100644 Rakefile create mode 100644 Thorfile create mode 100644 Vagrantfile create mode 100644 roles/compute_node.json create mode 100644 roles/head_node.json create mode 100644 site-cookbooks/bind/attributes/default.rb create mode 100644 site-cookbooks/bind/metadata.rb create mode 100644 site-cookbooks/bind/recipes/default.rb create mode 100644 site-cookbooks/bind/templates/default/named.conf.erb create mode 100644 site-cookbooks/bind/templates/default/named.conf.options.erb create mode 100644 site-cookbooks/bind/templates/default/zone.erb create mode 100644 site-cookbooks/dhcp/attributes/default.rb create mode 100644 site-cookbooks/dhcp/metadata.rb create mode 100644 site-cookbooks/dhcp/recipes/default.rb create mode 100644 site-cookbooks/dhcp/templates/default/dhcpd.conf.erb create mode 100644 site-cookbooks/ntp/attributes/default.rb create mode 100644 site-cookbooks/ntp/metadata.rb create mode 100644 site-cookbooks/ntp/recipes/default.rb create mode 100644 site-cookbooks/ntp/templates/default/ntp.conf.erb create mode 100644 spec/coobooks/bind_spec.rb create mode 100644 spec/coobooks/dhcp_spec.rb create mode 100644 spec/coobooks/ntp_spec.rb create mode 100644 spec/spec_helper.rb diff --git a/Berksfile b/Berksfile new file mode 100644 index 0000000..f29b3a4 --- /dev/null +++ b/Berksfile @@ -0,0 +1,14 @@ +#!/usr/bin/env ruby +#^syntax detection +site :opscode + +cookbook 'apt' + +def own_cookbook(name,opts={}) + opts = { path: "site-cookbooks/#{name}"}.merge!(opts) + cookbook name, opts +end + +own_cookbook "dhcp" +own_cookbook "bind" +own_cookbook "ntp" diff --git a/Gemfile b/Gemfile new file mode 100644 index 0000000..cb511ce --- /dev/null +++ b/Gemfile @@ -0,0 +1,10 @@ +source 'https://rubygems.org' + +gem "foodcritic" +gem "chef"#, '~> 0.10.6' +gem "pry-nav" + +gem "chefspec" +gem "rspec" +gem 'knife-spec' +gem "berkshelf" diff --git a/README b/README new file mode 100644 index 0000000..e69de29 diff --git a/Rakefile b/Rakefile new file mode 100644 index 0000000..b3e01e3 --- /dev/null +++ b/Rakefile @@ -0,0 +1,9 @@ +COOKBOOKS = FileList[File.join("site-cookbooks", "*")] + +task :test do + COOKBOOKS.each do |cookbook| + #sh "knife cookbook test #{File.basename(cookbook)}" + sh "foodcritic #{cookbook}" + end + sh "rspec spec" +end diff --git a/Thorfile b/Thorfile new file mode 100644 index 0000000..cb1aeae --- /dev/null +++ b/Thorfile @@ -0,0 +1,5 @@ +# encoding: utf-8 + +require 'bundler' +require 'bundler/setup' +require 'berkshelf/thor' diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 0000000..0729220 --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,52 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +# Vagrantfile API/syntax version. Don't touch unless you know what you're doing! +VAGRANTFILE_API_VERSION = "2" + +boxes = [ + { name: "head_node", ip: '172.28.128.2', role: :head_node }, + #{ name: "compute_node", role: :compute_node, mac: "5CA1AB1E0001" } +] + +["vbguest", "berkshelf"].each do |plugin| + begin + require "vagrant-#{plugin}" + rescue LoadError + puts "#{plugin} plugin not installed!" + puts "run:" + puts "\tvagrant plugin install vagrant-#{plugin}" + exit(1) + end +end + +Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| + config.vm.box = "opscode_ubuntu-12.04_chef-11.4.4" + config.vm.box_url = "https://opscode-vm.s3.amazonaws.com/vagrant/opscode_ubuntu-12.04_chef-11.4.4.box" + + # Enabling the Berkshelf plugin. To enable this globally, add this configuration + # option to your ~/.vagrant.d/Vagrantfile file + config.berkshelf.enabled = true + + chef_default = proc do |chef| + chef.cookbooks_path = "cookbooks" + chef.roles_path = "roles" + chef.data_bags_path = "data_bags" + end + + boxes.each do |box| + config.vm.define box[:name] do |node| + if box[:ip] + node.vm.network :private_network, ip: box[:ip] + else + node.vm.network :private_network, type: :dhcp, mac: box[:mac] + end + + config.vm.provision :chef_solo do |chef| + chef_default.call(chef) + chef.add_role box[:role].to_s + end + end + end + +end diff --git a/roles/compute_node.json b/roles/compute_node.json new file mode 100644 index 0000000..3ce18d1 --- /dev/null +++ b/roles/compute_node.json @@ -0,0 +1,15 @@ +{ + "name": "compute_node", + "chef_type": "role", + "json_class": "Chef::Role", + "description": "Compute Node", + "default_attributes": { + "ntp": { + "server": "de.pool.ntp.org" + } + }, + "run_list": [ + "recipe[apt]", + "recipe[ntp]" + ] +} diff --git a/roles/head_node.json b/roles/head_node.json new file mode 100644 index 0000000..d6f98c9 --- /dev/null +++ b/roles/head_node.json @@ -0,0 +1,35 @@ +{ + "name": "head_node", + "chef_type": "role", + "json_class": "Chef::Role", + "description": "Head Node", + "default_attributes": { + "dhcp" : { + "hosts": [{ + "name": "node0", + "mac": "5CA1AB1E0001", + "ip": "172.28.128.101" + }] + }, + "ntp" : { + "subnets": ["::1", "127.0.0.1", "172.28.128.0/24"] + }, + "bind": { + "zones" : { + "lctp": { + "records": [{ "name": "node1", "type": "A", "value": "172.28.128.101" }] + }, + "128.28.172.in-addr": { + "records": [{ "name": "101", "type": "PTR", "value": "node1" }] + } + }, + "trusted_subnets": ["localhost", "localnets", "172.28.128.101"] + } + }, + "run_list": [ + "recipe[apt]", + "recipe[dhcp]", + "recipe[ntp]", + "recipe[bind]" + ] +} diff --git a/site-cookbooks/bind/attributes/default.rb b/site-cookbooks/bind/attributes/default.rb new file mode 100644 index 0000000..b6ec677 --- /dev/null +++ b/site-cookbooks/bind/attributes/default.rb @@ -0,0 +1,3 @@ +default.bind.forwarders = ["8.8.8.8", "8.8.4.4"] +default.bind.trusted_subnets = ["localhost", "localnets"] +default.bind.zones = {} diff --git a/site-cookbooks/bind/metadata.rb b/site-cookbooks/bind/metadata.rb new file mode 100644 index 0000000..500dc27 --- /dev/null +++ b/site-cookbooks/bind/metadata.rb @@ -0,0 +1,2 @@ +name "bind" +depends "apt" diff --git a/site-cookbooks/bind/recipes/default.rb b/site-cookbooks/bind/recipes/default.rb new file mode 100644 index 0000000..6f17733 --- /dev/null +++ b/site-cookbooks/bind/recipes/default.rb @@ -0,0 +1,35 @@ +package 'bind9' + +execute "reload named" do + command "rndc reconfig" + action :nothing +end + +template "/etc/bind/named.conf" do + source "named.conf.erb" + notifies :run, "execute[reload named]", :delayed +end + +template "/etc/bind/named.conf.options" do + source "named.conf.options.erb" + notifies :run, "execute[reload named]", :delayed +end + +service "bind9" do + action [:enable, :start] + supports status: true, start: true, stop: true, restart: true +end + +node.bind.zones.each do |name, zone| + execute "update #{name} zone" do + command "rndc reload #{name}" + action :nothing + end + + template "/var/cache/bind/#{name}.zone" do + source "zone.erb" + notifies :run, "execute[update #{name} zone]" + variables(zone: zone, zone_name: name) + end +end + diff --git a/site-cookbooks/bind/templates/default/named.conf.erb b/site-cookbooks/bind/templates/default/named.conf.erb new file mode 100644 index 0000000..3777071 --- /dev/null +++ b/site-cookbooks/bind/templates/default/named.conf.erb @@ -0,0 +1,10 @@ +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + +<% @node.bind.zones.each do |name, zone| -%> +zone <%= name %> IN { + type master; + file "<%= name %>"; +}; +<% end -%> diff --git a/site-cookbooks/bind/templates/default/named.conf.options.erb b/site-cookbooks/bind/templates/default/named.conf.options.erb new file mode 100644 index 0000000..df48b1e --- /dev/null +++ b/site-cookbooks/bind/templates/default/named.conf.options.erb @@ -0,0 +1,23 @@ +acl "trusted" { + <%= @node.bind.trusted_subnets.map {|ip| "#{ip};" }.join(" ") -%> +}; + +options { + directory "/var/cache/bind"; + pid-file "/run/named/named.pid"; + auth-nxdomain yes; + datasize default; + listen-on-v6 { any; }; + listen-on { any; }; + + forwarders { <%= @node.bind.forwarders.map {|ip| "#{ip};" }.join(" ") -%> }; + allow-query { trusted; }; + allow-recursion { trusted; }; + allow-query-cache { trusted; }; + + allow-transfer { none; }; + allow-update { none; }; + version none; + hostname none; + server-id none; +}; diff --git a/site-cookbooks/bind/templates/default/zone.erb b/site-cookbooks/bind/templates/default/zone.erb new file mode 100644 index 0000000..c316101 --- /dev/null +++ b/site-cookbooks/bind/templates/default/zone.erb @@ -0,0 +1,10 @@ +@ IN SOA <%= @zone_name %> hostmaster ( + <%= Time.now.to_i %> + 1H ; refresh + 4H ; retry + 3W ; expire + 1D ) ; minimun + +<% @zone.records.each do |record| -%> + <%= record.name %> <%= record.type %> <%= record.value %> +<% end -%> diff --git a/site-cookbooks/dhcp/attributes/default.rb b/site-cookbooks/dhcp/attributes/default.rb new file mode 100644 index 0000000..3c50885 --- /dev/null +++ b/site-cookbooks/dhcp/attributes/default.rb @@ -0,0 +1,3 @@ +default.dhcp.domain.name = "lctp" +default.dhcp.domain.server = "lctp" +default.hosts = [] diff --git a/site-cookbooks/dhcp/metadata.rb b/site-cookbooks/dhcp/metadata.rb new file mode 100644 index 0000000..cdadd2c --- /dev/null +++ b/site-cookbooks/dhcp/metadata.rb @@ -0,0 +1,2 @@ +name "dhcp" +depends "apt" diff --git a/site-cookbooks/dhcp/recipes/default.rb b/site-cookbooks/dhcp/recipes/default.rb new file mode 100644 index 0000000..853892b --- /dev/null +++ b/site-cookbooks/dhcp/recipes/default.rb @@ -0,0 +1,9 @@ +include_recipe "apt" + +package "isc-dhcp-server" + +template "/etc/dhcpcd.conf" do + owner "root" + group "root" + source "dhcpd.conf.erb" +end diff --git a/site-cookbooks/dhcp/templates/default/dhcpd.conf.erb b/site-cookbooks/dhcp/templates/default/dhcpd.conf.erb new file mode 100644 index 0000000..6c3a425 --- /dev/null +++ b/site-cookbooks/dhcp/templates/default/dhcpd.conf.erb @@ -0,0 +1,15 @@ +# Crontab for <%= @node.name %> managed by Chef. Changes will be overwritten. +default-lease-time 600; +max-lease-time 7200; +# option definitions common to all supported networks... +option domain-name <%= @node.dhcp.domain.name %>; +option domain-name-servers <%= @node.dhcp.domain.server %>; + +<% @node.dhcp.hosts.each do |host| -%> + host <%= host.name %> { + hardware ethernet <%= host.mac %>; + fixed-address <%= "#{host.name}.#{@node.dhcp.domain.name}" %>; + use-host-decl-names true; + next-server <%= host.ip %>; + } +<% end -%> diff --git a/site-cookbooks/ntp/attributes/default.rb b/site-cookbooks/ntp/attributes/default.rb new file mode 100644 index 0000000..09a6594 --- /dev/null +++ b/site-cookbooks/ntp/attributes/default.rb @@ -0,0 +1,2 @@ +default.ntp.subnets = ["::1", "127.0.0.1"] +default.ntp.server = "de.pool.ntp.org" diff --git a/site-cookbooks/ntp/metadata.rb b/site-cookbooks/ntp/metadata.rb new file mode 100644 index 0000000..8339277 --- /dev/null +++ b/site-cookbooks/ntp/metadata.rb @@ -0,0 +1,2 @@ +name "ntp" +depends "apt" diff --git a/site-cookbooks/ntp/recipes/default.rb b/site-cookbooks/ntp/recipes/default.rb new file mode 100644 index 0000000..4e05d82 --- /dev/null +++ b/site-cookbooks/ntp/recipes/default.rb @@ -0,0 +1,9 @@ +include_recipe "apt" + +package 'ntp' + +template "/etc/ntp.conf" do + owner "root" + group "root" + source "ntp.conf.erb" +end diff --git a/site-cookbooks/ntp/templates/default/ntp.conf.erb b/site-cookbooks/ntp/templates/default/ntp.conf.erb new file mode 100644 index 0000000..ba3ed1d --- /dev/null +++ b/site-cookbooks/ntp/templates/default/ntp.conf.erb @@ -0,0 +1,9 @@ +# Crontab for <%= @node.name %> managed by Chef. Changes will be overwritten. +server <%= @node.ntp.server %> + +restrict default noquery nopeer +<% @node.ntp.subnets.each do |net| -%> + restrict <%= net %> +<% end -%> + +driftfile /var/lib/ntp/ntp.drift diff --git a/spec/coobooks/bind_spec.rb b/spec/coobooks/bind_spec.rb new file mode 100644 index 0000000..fa004e3 --- /dev/null +++ b/spec/coobooks/bind_spec.rb @@ -0,0 +1,28 @@ +require_relative '../spec_helper' + +describe 'bind::default' do + let(:chef_run) do + ChefSpec::Runner.new do |node| + node.set["bind"] = { + zones: { + "lctp" => { + records: [{ name: "node1", type: "A", value: "172.28.128.101" }] + }, + "128.28.172.in-addr" => { + records: [{ name: "101", type: "PTR", value: "node1" }] + } + }, + trusted_subnets: ["localhost", "localnets", "172.28.128.101"] + } + end.converge(described_recipe) + end + + it "should setup named" do + chef_run.should render_file("/etc/bind/named.conf").with_content("lctp") + chef_run.should render_file("/etc/bind/named.conf.options").with_content("8.8.8.8") + chef_run.should render_file("/var/cache/bind/lctp.zone").with_content("node1") + chef_run.should render_file("/var/cache/bind/128.28.172.in-addr.zone").with_content("node1") + chef_run.should install_package("bind9") + + end +end diff --git a/spec/coobooks/dhcp_spec.rb b/spec/coobooks/dhcp_spec.rb new file mode 100644 index 0000000..e93ff5c --- /dev/null +++ b/spec/coobooks/dhcp_spec.rb @@ -0,0 +1,18 @@ +require_relative '../spec_helper' + +describe 'dhcp::default' do + let(:chef_run) do + ChefSpec::Runner.new do |node| + node.set["dhcp"]["hosts"] =[{ + name: "node0", + mac: "5CA1AB1E0001", + ip: "172.28.128.101" + }] + end.converge(described_recipe) + end + + it "should setup dhcp" do + chef_run.should render_file("/etc/dhcpcd.conf").with_content("node0") + chef_run.should install_package("isc-dhcp-server") + end +end diff --git a/spec/coobooks/ntp_spec.rb b/spec/coobooks/ntp_spec.rb new file mode 100644 index 0000000..62a65ce --- /dev/null +++ b/spec/coobooks/ntp_spec.rb @@ -0,0 +1,14 @@ +require_relative '../spec_helper' + +describe 'ntp::default' do + let(:chef_run) do + ChefSpec::Runner.new do |node| + node.set["ntp"]["subnets"] = ["::1", "127.0.0.1", "172.28.128.0 mask 255.255.255.0 nomodify notrap nopeer"] + end.converge(described_recipe) + end + + it "should setup ntp" do + chef_run.should install_package("ntp") + chef_run.should render_file("/etc/ntp.conf").with_content("172.28.128.0") + end +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb new file mode 100644 index 0000000..da679bb --- /dev/null +++ b/spec/spec_helper.rb @@ -0,0 +1,15 @@ +require 'chefspec' +require 'chefspec/berkshelf' +require 'pry' + +RSpec.configure do |config| + config.color_enabled = true + config.tty = true + config.formatter = :documentation + config.treat_symbols_as_metadata_keys_with_true_values = true + config.filter_run :focus => true + config.run_all_when_everything_filtered = true + config.role_path = 'roles' +end + +#at_exit { ChefSpec::Coverage.report! }