puppet
/
proxmox4
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

* Now use "proxmox4::…" instead of "proxmox::…"

This commit is contained in:
gardouille 2015-12-10 10:09:02 +01:00
parent 703241117f
commit fb0df1fb52
20 changed files with 156 additions and 279 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

129
CHANGELOG.md
View File

@ -1,133 +1,10 @@
---------------------------------------
### 0.2.4
### 0.1.0
##### Features
* Latest release for Proxmox 3.x. Please be careful with the next release!
* Start this new module from the V3: https://git.101010.fr/puppet/proxmox
##### Changes
* Upgrade pve-kernel-3.10.0-13-pve and pve-kernel-2.6.32-43 to the last version.
---------------------------------------
### 0.2.3 - 2015/06/01
##### Features
* New fact is_pve_kernel check if the running kernel is a PVE.
##### Changes
* Some installation's instructions only run if running a PVE kernel (test the new is_pve_kernel fact).
* Use the stdlib function 'ensure_packages' to install recommended packages instead of 'if ! defined'.
* Upgrade pve-kernel-3.10.0-9-pve and pve-kernel-2.6.32-39 to the last version.
* Correct puppet-lint warnings.
##### Bugfixes
* #14 The module no longer automatically reboot nodes after kernel upgrade, show a warning message instead.
---------------------------------------
### 0.2.2 - 2015/03/25
##### Features
* A new subclass to automates the creation of a cluster from the master and join from other nodes.
##### Changes
* Update README.md.
* Upgrade pve-kernel-3.10.0-8-pve and pve-kernel-2.6.32-37 to the last version.
* Puppet-lint
* Add a case for 'kvm' VM doesn't do anything right now, wait for specific (packages, config, …).
##### Bugfixes
* (#11) Add a new fact to get a valid netmask for OpenVZ's virtual interfaces (venet).
* (#11) Use the new fact vznetmask_venet0_0 to add the route in interfaces.tail file.
---------------------------------------
### 0.2.1 - 2015/02/03
##### Features
* Manage the main OpenVZ's configuration file (/etc/vz/vz.conf).
* Add vz service management.
##### Changes
* The network management for an OpenVZ CT now works for all Debian family and not only Debian >=7.
* Modification in OpenVZ's configuration file notify the 'vz' service.
* Set an option to manage iptables modules in OpenVZ configuration.
* Correct puppet-lint warnings.
---------------------------------------
### 0.2.0 - 2015/01/27
#### Summary
This release introduce a new subclasse for OpenVZ CT (network management):
include proxmox::vm
It's also provide a array of kernel modules added at the boot start.
##### Features
* (#2) Add an array and a file to load additionnal modules.
* (#9) Add a puppetlabs-firewall rule.
* (#3) Add a new class and subclass: proxmox::vm::openvz to manage OpenVZ CT.
* (#3) Add a new fact to calculate venet's network with /24 instead of /32.)
* Add many modules (mainly for iptables) to load at startup (sea README.md).
##### Bugfixes
* Correct module's dependencies.
* Run the proxmox::hypervisor::group only if PVE is installed.
##### Changes
* README.md: Add examples, a table of contents, information about proxmox::vm::openvz (#3).
* Correct indentation, double quote, ...
---------------------------------------
### 0.1.0 - 2015/01/15
This release introduce new defined types:
proxmox::hypervisor::group { 'sysadmin':
role => 'Administrator',
users => [ 'root@pam', 'test@pve' ],
}
proxmox::hypervisor::user { 'toto@pve':
group => 'sysadmin',
}
And also directly jump to 0.1.0, the module allow to manage a simple Proxmox hypervisor right now.
##### Changes
* Add a variable to choose to keep PVE enterprise repo for the subscribers.
* (#4) Add an access control list for PveProxy.
* (#4) Add a new class to manage Proxmox's service (proxmox::hypervisor::service).
* (#6) Add a new defined type to manage groups for PVE WebGUI.
* (#7) Add a new defined type to manage users for PVE WebGUI.
* Update the README.md file for (#6) group and (#7) user defined types.
* Add a test for (#6) group and (#7) user defined types.
---------------------------------------
### 0.0.2 - 2015/01/08
New functionality release, Proxmox installation now working :)
##### Changes
* (#1) Possibility to choose between newer kernel that only supports KVM or a ~2.6.32 that supports both KVM and OpenVZ.
* (#1) Install the Virtual Environment and it's works with 2 puppet run.
* Add new test (hypervisor_kvm_only).
* Add a fact to check if Proxmox is "available".
* Add a new class: proxmox::hypervisor::config for some tiny configurations.
* Remove the subscription message in the web gui.
* Add operatingsystem_support information in the metadata.json (to correct the error in Metadata Quality).
* Correct wtfpl into WTFPL to be recognized by SPDX (Metadata Quality).
* Correct indentation, double quote, ...
---------------------------------------
### 0.0.1 - 2015/01/07
Initial release.
##### Changes
* Only prepare the system for Proxmox installation (proxmox::hypervisor::preconfig)
* Now use "proxmox4::…" instead of "proxmox::…"

38
README.md
View File

@ -45,14 +45,14 @@ The proxmox module automates installing Proxmox on Debian systems.
### Beginning with Proxmox
To begin using proxmox module with default parameters, declare the hypervisor's class with `include proxmox::hypervisor`.
To begin using proxmox module with default parameters, declare the hypervisor's class with `include proxmox4::hypervisor`.
## Usage
### Hypervisor
```
include proxmox::hypervisor
include proxmox4::hypervisor
```
**Note**: The module will NOT automatically reboot the system on the PVE Kernel. You will need to reboot it manually and start again the puppet agent.
@ -60,7 +60,7 @@ include proxmox::hypervisor
If you will use only KVM you can have a most recent kernel with:
```
class { 'proxmox::hypervisor':
class { 'proxmox4::hypervisor':
kvm_only => true,
}
```
@ -68,7 +68,7 @@ class { 'proxmox::hypervisor':
#### Disable additionnal modules
Disable all additionnal modules load at the boot time:
```
class { 'proxmox::hypervisor':
class { 'proxmox4::hypervisor':
pve_modules_list => [ '' ],
}
```
@ -77,14 +77,14 @@ class { 'proxmox::hypervisor':
```
node "pve_node" {
# Install an hypervisor full KVM
class { 'proxmox::hypervisor':
class { 'proxmox4::hypervisor':
pveproxy_allow => '127.0.0.1,192.168.0.0/24',
kvm_only => true,
cluster_master_ip => '192.168.0.201',
cluster_name => 'DeepThought',
}
# Access to PVE Webgui
proxmox::hypervisor::group { 'sysadmin': role => "Administrator", users => [ 'marvin@pam', 'arthur@pam' ] }
proxmox4::hypervisor::group { 'sysadmin': role => "Administrator", users => [ 'marvin@pam', 'arthur@pam' ] }
# SSH authorized keys between all nodes without passphrase (the module generate a key if not present)
ssh_authorized_key { 'hyper01':
@ -144,12 +144,12 @@ Will create a Cluster Proxmox with name "Deepthought", the master will be "hyper
Only OpenVZ is supported right now but the vm's class will check-it by it self:
```
include proxmox::vm
include proxmox4::vm
```
#### proxmox::vm::openvz
#### proxmox4::vm::openvz
Automatically call by the `proxmox::vm` class, it will manage network configuration, but only few configurations are possible:
Automatically call by the `proxmox4::vm` class, it will manage network configuration, but only few configurations are possible:
* Only one Virtual Ethernet device (aka veth) and it will work with **DHCP**.
* If a veth is available, it will be the main network's interface (set the default gateway throught eth0).
* If a veth is available, only one Virtual Network device (aka venet) as chance to work (the first one), because all others routes will be flushed.
@ -161,34 +161,34 @@ Automatically call by the `proxmox::vm` class, it will manage network configurat
* `proxmox`: Main class, do nothing right now.
* `proxmox::hypervisor`: Install the Proxmox hypervisor on the system.
* `proxmox4::hypervisor`: Install the Proxmox hypervisor on the system.
* `proxmox::vm`: Manage virtual machines and containers.
* `proxmox4::vm`: Manage virtual machines and containers.
### Defined types
* `proxmox::hypervisor::group`: Manage groups for Proxmox WebGUI and set permissions.
* `proxmox4::hypervisor::group`: Manage groups for Proxmox WebGUI and set permissions.
```
proxmox::hypervisor::group { 'sysadmin':
proxmox4::hypervisor::group { 'sysadmin':
role => "Administrator",
users => [ 'user1@pam', 'toto@pve' ],
}
```
* `proxmox::hypervisor::user`: Manage user for Proxmox WebGUI.
* `proxmox4::hypervisor::user`: Manage user for Proxmox WebGUI.
```
proxmox::hypervisor::user { 'marvin':
proxmox4::hypervisor::user { 'marvin':
group => 'sysadmin',
}
```
Mainly used by the `proxmox::hypervisor::group` defined type to create the group, permissions and also create/add the users to a group. Because to add a user to a group via this defined type, the group should already exist.
Mainly used by the `proxmox4::hypervisor::group` defined type to create the group, permissions and also create/add the users to a group. Because to add a user to a group via this defined type, the group should already exist.
### Parameters
#### proxmox::hypervisor
#### proxmox4::hypervisor
* `ve_pkg_ensure`: What to set the Virtual Environnment package to. Can be 'present', 'absent' or 'version'. Defaults to 'present'.
* `ve_pkg_name`: The list of VirtualEnvironnment packages. Can be an array [ 'proxmox-ve-2.6.32', 'ksm-control-daemon', 'vzprocps', 'open-iscsi', 'bootlogd', 'pve-firmware' ].
@ -220,7 +220,7 @@ proxmox::hypervisor::user { 'marvin':
* `cluster_master_ip`: The ip address of the "master" node that will create the cluster. Must be an IP address. Defaults to 'undef'.
* `cluster_name`: The cluster's name. Defaults to 'undef'.
#### proxmox::vm
#### proxmox4::vm
* `vm_interfaces_path`: The main network configuration's file. Defaults to '/etc/network/interfaces'.
* `vm_interfaces_content`: Template file used to generate the previous configuration file. Defaults to 'proxmox/vm/openvz_interfaces.erb'.
* `vm_interfaces_tail_path`: A second network configuration file that will be concatenated in the main. Defaults to '/etc/network/interfaces.tail'.
@ -231,7 +231,7 @@ proxmox::hypervisor::user { 'marvin':
Other notes
-----------
By default `proxmox::hypervisor` comes with several modules kernel load at boot time. Mainly iptables's modules to allow it in the OpenVZ CT.
By default `proxmox4::hypervisor` comes with several modules kernel load at boot time. Mainly iptables's modules to allow it in the OpenVZ CT.
The default modules list:
* `iptable_filter`

84
manifests/hypervisor.pp
View File

@ -1,4 +1,4 @@
# == Class: proxmox::hypervisor
# == Class: proxmox4::hypervisor
#
# Manage the Proxmox hypervisor.
#
@ -23,7 +23,7 @@
#
# === Examples
#
# class { '::proxmox::hypervisor':
# class { '::proxmox4::hypervisor':
# kvm_only => true,
# }
#
@ -35,48 +35,48 @@
#
# WTFPL <http://wtfpl.org/>
#
class proxmox::hypervisor (
$ve_pkg_ensure = $proxmox::params::ve_pkg_ensure,
$ve_pkg_name = $proxmox::params::ve_pkg_name,
$kvm_only = $proxmox::params::kvm_only,
$kernel_kvm_pkg_name = $proxmox::params::kernel_kvm_pkg_name,
$kernel_pkg_name = $proxmox::params::kernel_pkg_name,
$rec_pkg_name = $proxmox::params::rec_pkg_name,
$old_pkg_ensure = $proxmox::params::old_pkg_ensure,
$old_pkg_name = $proxmox::params::old_pkg_name,
$pve_enterprise_repo_ensure = $proxmox::params::pve_enterprise_repo_ensure,
$pveproxy_default_path = $proxmox::params::pveproxy_default_path,
$pveproxy_default_content = $proxmox::params::pveproxy_default_content,
$pveproxy_allow = $proxmox::params::pveproxy_allow,
$pveproxy_deny = $proxmox::params::pveproxy_deny,
$pveproxy_policy = $proxmox::params::pveproxy_policy,
$pveproxy_service_name = $proxmox::params::pveproxy_service_name,
$pveproxy_service_manage = $proxmox::params::pveproxy_service_manage,
$pveproxy_service_enabled = $proxmox::params::pveproxy_service_enabled,
$pve_modules_list = $proxmox::params::pve_modules_list,
$pve_modules_file_path = $proxmox::params::pve_modules_file_path,
$pve_modules_file_content = $proxmox::params::pve_modules_file_content,
$vz_config_file_path = $proxmox::params::vz_config_file_path,
$vz_config_file_tpl = $proxmox::params::vz_config_file_tpl,
$vz_iptables_modules = $proxmox::params::vz_iptables_modules,
$vz_service_name = $proxmox::params::vz_service_name,
$vz_service_manage = $proxmox::params::vz_service_manage,
$vz_service_enabled = $proxmox::params::vz_service_enabled,
$labs_firewall_rule = $proxmox::params::labs_firewall_rule,
class proxmox4::hypervisor (
$ve_pkg_ensure = $proxmox4::params::ve_pkg_ensure,
$ve_pkg_name = $proxmox4::params::ve_pkg_name,
$kvm_only = $proxmox4::params::kvm_only,
$kernel_kvm_pkg_name = $proxmox4::params::kernel_kvm_pkg_name,
$kernel_pkg_name = $proxmox4::params::kernel_pkg_name,
$rec_pkg_name = $proxmox4::params::rec_pkg_name,
$old_pkg_ensure = $proxmox4::params::old_pkg_ensure,
$old_pkg_name = $proxmox4::params::old_pkg_name,
$pve_enterprise_repo_ensure = $proxmox4::params::pve_enterprise_repo_ensure,
$pveproxy_default_path = $proxmox4::params::pveproxy_default_path,
$pveproxy_default_content = $proxmox4::params::pveproxy_default_content,
$pveproxy_allow = $proxmox4::params::pveproxy_allow,
$pveproxy_deny = $proxmox4::params::pveproxy_deny,
$pveproxy_policy = $proxmox4::params::pveproxy_policy,
$pveproxy_service_name = $proxmox4::params::pveproxy_service_name,
$pveproxy_service_manage = $proxmox4::params::pveproxy_service_manage,
$pveproxy_service_enabled = $proxmox4::params::pveproxy_service_enabled,
$pve_modules_list = $proxmox4::params::pve_modules_list,
$pve_modules_file_path = $proxmox4::params::pve_modules_file_path,
$pve_modules_file_content = $proxmox4::params::pve_modules_file_content,
$vz_config_file_path = $proxmox4::params::vz_config_file_path,
$vz_config_file_tpl = $proxmox4::params::vz_config_file_tpl,
$vz_iptables_modules = $proxmox4::params::vz_iptables_modules,
$vz_service_name = $proxmox4::params::vz_service_name,
$vz_service_manage = $proxmox4::params::vz_service_manage,
$vz_service_enabled = $proxmox4::params::vz_service_enabled,
$labs_firewall_rule = $proxmox4::params::labs_firewall_rule,
$cluster_master_ip = undef,
$cluster_name = undef,
) inherits proxmox::params {
) inherits proxmox4::params {
include '::proxmox::hypervisor::preconfig'
include '::proxmox::hypervisor::install'
include '::proxmox::hypervisor::config'
include '::proxmox::hypervisor::service'
include '::proxmox::hypervisor::cluster'
include '::proxmox4::hypervisor::preconfig'
include '::proxmox4::hypervisor::install'
include '::proxmox4::hypervisor::config'
include '::proxmox4::hypervisor::service'
include '::proxmox4::hypervisor::cluster'
Class['proxmox::hypervisor::preconfig'] ->
Class['proxmox::hypervisor::install'] ->
Class['proxmox::hypervisor::config'] ->
Class['proxmox::hypervisor::service'] ->
Class['proxmox::hypervisor::cluster']
Class['proxmox4::hypervisor::preconfig'] ->
Class['proxmox4::hypervisor::install'] ->
Class['proxmox4::hypervisor::config'] ->
Class['proxmox4::hypervisor::service'] ->
Class['proxmox4::hypervisor::cluster']
} # Public class: proxmox::hypervisor
} # Public class: proxmox4::hypervisor

20
manifests/hypervisor/cluster.pp
View File

@ -1,8 +1,8 @@
# == Class: proxmox::hypervisor::cluster
# == Class: proxmox4::hypervisor::cluster
#
# Manage the Proxmox cluster.
#
class proxmox::hypervisor::cluster
class proxmox4::hypervisor::cluster
{
File {
@ -17,7 +17,7 @@ class proxmox::hypervisor::cluster
}
## Quoted boolean value because can't return "true" boolean with personal fact
if $::is_proxmox == 'true' and $proxmox::hypervisor::cluster_master_ip != undef and $proxmox::hypervisor::cluster_name != undef {
if $::is_proxmox == 'true' and $proxmox4::hypervisor::cluster_master_ip != undef and $proxmox4::hypervisor::cluster_name != undef {
# Ensure the root user got an ssh-key
exec { 'create ssh-key for root':
command => 'ssh-keygen -t rsa -f /root/.ssh/id_rsa -b 2048 -N "" -q',
@ -26,11 +26,11 @@ class proxmox::hypervisor::cluster
# Test if this node should be the master or a node
## has_interface_with needs double quoted string for the argument !
if has_interface_with('ipaddress', "${proxmox::hypervisor::cluster_master_ip}") {
if has_interface_with('ipaddress', "${proxmox4::hypervisor::cluster_master_ip}") {
# Create the cluster on this node
exec { "Create ${proxmox::hypervisor::cluster_name} cluster on ${proxmox::hypervisor::cluster_master_ip}":
command => "pvecm create ${proxmox::hypervisor::cluster_name}",
exec { "Create ${proxmox4::hypervisor::cluster_name} cluster on ${proxmox4::hypervisor::cluster_master_ip}":
command => "pvecm create ${proxmox4::hypervisor::cluster_name}",
onlyif => 'uname -r | grep -- "-pve"',
creates => '/etc/pve/cluster.conf',
}
@ -38,8 +38,8 @@ class proxmox::hypervisor::cluster
else {
# Connect this node to the cluster
exec { "Connect to ${proxmox::hypervisor::cluster_name} cluster":
command => "pvecm add ${proxmox::hypervisor::cluster_master_ip}",
exec { "Connect to ${proxmox4::hypervisor::cluster_name} cluster":
command => "pvecm add ${proxmox4::hypervisor::cluster_master_ip}",
onlyif => 'uname -r | grep -- "-pve"',
creates => '/etc/pve/cluster.conf',
}
@ -47,6 +47,6 @@ class proxmox::hypervisor::cluster
}
#notify { "Master IP: ${proxmox::hypervisor::cluster_master_ip} and Cluster name: ${proxmox::hypervisor::cluster_name}": }
#notify { "Master IP: ${proxmox4::hypervisor::cluster_master_ip} and Cluster name: ${proxmox4::hypervisor::cluster_name}": }
} # Private class: proxmox::hypervisor::cluster
} # Private class: proxmox4::hypervisor::cluster

20
manifests/hypervisor/config.pp
View File

@ -1,8 +1,8 @@
# == Class: proxmox::hypervisor::config
# == Class: proxmox4::hypervisor::config
#
# Some tiny configurations for Proxmox
#
class proxmox::hypervisor::config {
class proxmox4::hypervisor::config {
File {
owner => root,
@ -20,10 +20,10 @@ class proxmox::hypervisor::config {
if $::is_proxmox == 'true' {
# Pveproxy access control list
file { $proxmox::hypervisor::pveproxy_default_path:
file { $proxmox4::hypervisor::pveproxy_default_path:
ensure => present,
content => template($proxmox::hypervisor::pveproxy_default_content),
notify => Service[$proxmox::hypervisor::pveproxy_service_name],
content => template($proxmox4::hypervisor::pveproxy_default_content),
notify => Service[$proxmox4::hypervisor::pveproxy_service_name],
}
->
@ -34,15 +34,15 @@ class proxmox::hypervisor::config {
}
## OpenVZ configuration
file { $proxmox::hypervisor::vz_config_file_path:
file { $proxmox4::hypervisor::vz_config_file_path:
ensure => present,
content => template($proxmox::hypervisor::vz_config_file_tpl),
notify => Service[$proxmox::hypervisor::vz_service_name],
content => template($proxmox4::hypervisor::vz_config_file_tpl),
notify => Service[$proxmox4::hypervisor::vz_service_name],
}
}
if $proxmox::hypervisor::labs_firewall_rule == true {
if $proxmox4::hypervisor::labs_firewall_rule == true {
firewall { '100 accept proxmox':
proto => 'tcp',
@ -53,4 +53,4 @@ class proxmox::hypervisor::config {
}
} # Private class: proxmox::hypervisor::config
} # Private class: proxmox4::hypervisor::config

8
manifests/hypervisor/group.pp
View File

@ -1,4 +1,4 @@
# == Define: proxmox::hypervisor::group
# == Define: proxmox4::hypervisor::group
#
# Manage groups and permissions to access the PVE ressources
#
@ -29,7 +29,7 @@
#
# The user list members of this group. A user will be created if not exist.
#
define proxmox::hypervisor::group ( $group = $title, $acl_path = '/', $permission_file = '/etc/pve/user.cfg', $users = '', $role ) {
define proxmox4::hypervisor::group ( $group = $title, $acl_path = '/', $permission_file = '/etc/pve/user.cfg', $users = '', $role ) {
File {
owner => root,
@ -58,7 +58,7 @@ define proxmox::hypervisor::group ( $group = $title, $acl_path = '/', $permissio
}
->
# Create user(s) and add it to this group
proxmox::hypervisor::user { $users:
proxmox4::hypervisor::user { $users:
group => $group,
}
@ -71,4 +71,4 @@ define proxmox::hypervisor::group ( $group = $title, $acl_path = '/', $permissio
}
} # Public ressource: proxmox::hypervisor::group
} # Public ressource: proxmox4::hypervisor::group

30
manifests/hypervisor/install.pp
View File

@ -1,8 +1,8 @@
# == Class: proxmox::hypervisor::install
# == Class: proxmox4::hypervisor::install
#
# Install Proxmox and inform the user he needs to reboot the system on the PVE kernel
#
class proxmox::hypervisor::install {
class proxmox4::hypervisor::install {
Exec {
path => [ '/bin', '/sbin', '/usr/bin', '/usr/sbin' ],
@ -14,18 +14,18 @@ class proxmox::hypervisor::install {
if $::is_pve_kernel == 'true' {
# Installation of Virtual Environnment
package { $proxmox::hypervisor::ve_pkg_name:
ensure => $proxmox::hypervisor::ve_pkg_ensure,
package { $proxmox4::hypervisor::ve_pkg_name:
ensure => $proxmox4::hypervisor::ve_pkg_ensure,
} ->
# Remove useless packages (such as the standard kernel, acpid, ...)
package { $proxmox::hypervisor::old_pkg_name:
ensure => $proxmox::hypervisor::old_pkg_ensure,
package { $proxmox4::hypervisor::old_pkg_name:
ensure => $proxmox4::hypervisor::old_pkg_ensure,
notify => Exec['update_grub'],
}
# Ensure that some recommended packages are present on the system
ensure_packages( $proxmox::hypervisor::rec_pkg_name )
ensure_packages( $proxmox4::hypervisor::rec_pkg_name )
}
else { # If the system run on a standard Debian Kernel
@ -35,25 +35,25 @@ class proxmox::hypervisor::install {
# You will need to update your PVE kernel manually.
# Installation of the PVE Kernel
if $proxmox::hypervisor::kvm_only == true {
if $proxmox4::hypervisor::kvm_only == true {
notify { 'Please REBOOT':
message => "Need to REBOOT the system on the new PVE kernel (${proxmox::hypervisor::kernel_kvm_pkg_name}) ...",
message => "Need to REBOOT the system on the new PVE kernel (${proxmox4::hypervisor::kernel_kvm_pkg_name}) ...",
loglevel => warning,
}
->
package { $proxmox::hypervisor::kernel_kvm_pkg_name:
ensure => $proxmox::hypervisor::ve_pkg_ensure,
package { $proxmox4::hypervisor::kernel_kvm_pkg_name:
ensure => $proxmox4::hypervisor::ve_pkg_ensure,
notify => Exec['update_grub'],
}
}
else {
notify { 'Please REBOOT':
message => "Need to REBOOT the system on the new PVE kernel (${proxmox::hypervisor::kernel_pkg_name}) ...",
message => "Need to REBOOT the system on the new PVE kernel (${proxmox4::hypervisor::kernel_pkg_name}) ...",
loglevel => warning,
}
->
package { $proxmox::hypervisor::kernel_pkg_name:
ensure => $proxmox::hypervisor::ve_pkg_ensure,
package { $proxmox4::hypervisor::kernel_pkg_name:
ensure => $proxmox4::hypervisor::ve_pkg_ensure,
notify => Exec['update_grub','grub_reboot'],
}
# The kernel that allow KVM + OpenVZ is older than the standard Debian's
@ -75,4 +75,4 @@ class proxmox::hypervisor::install {
}
} # Private class: proxmox::hypervisor::install
} # Private class: proxmox4::hypervisor::install

12
manifests/hypervisor/preconfig.pp
View File

@ -1,8 +1,8 @@
# == Class: proxmox::hypervisor::preconfig
# == Class: proxmox4::hypervisor::preconfig
#
# Before installing Proxmox some modifications have to be applied on the system
#
class proxmox::hypervisor::preconfig {
class proxmox4::hypervisor::preconfig {
File {
owner => root,
@ -32,7 +32,7 @@ class proxmox::hypervisor::preconfig {
->
# Remove Enterprise repository (need a subscription)
file { '/etc/apt/sources.list.d/pve-enterprise.list':
ensure => $proxmox::hypervisor::pve_enterprise_repo_ensure,
ensure => $proxmox4::hypervisor::pve_enterprise_repo_ensure,
notify => Exec[apt_update],
}
->
@ -66,10 +66,10 @@ class proxmox::hypervisor::preconfig {
$values = [ 'v1', 'v2' ]
file { $proxmox::hypervisor::pve_modules_file_path:
file { $proxmox4::hypervisor::pve_modules_file_path:
ensure => present,
content => template($proxmox::hypervisor::pve_modules_file_content),
content => template($proxmox4::hypervisor::pve_modules_file_content),
require => File['/etc/modules-load.d'],
}
} # Private class: proxmox::hypervisor::preconfig
} # Private class: proxmox4::hypervisor::preconfig

22
manifests/hypervisor/service.pp
View File

@ -1,17 +1,17 @@
# == Class: proxmox::hypervisor::service
# == Class: proxmox4::hypervisor::service
#
# Manage Proxmox services
#
class proxmox::hypervisor::service {
class proxmox4::hypervisor::service {
if $proxmox::hypervisor::pveproxy_service_enabled == true {
if $proxmox4::hypervisor::pveproxy_service_enabled == true {
$pveproxy_service_ensure = 'running'
} else {
$pveproxy_service_ensure = 'stopped'
}
if $proxmox::hypervisor::vz_service_enabled == true {
if $proxmox4::hypervisor::vz_service_enabled == true {
$vz_service_ensure = 'running'
} else {
$vz_service_ensure = 'stopped'
@ -20,19 +20,19 @@ class proxmox::hypervisor::service {
if $::is_proxmox == 'true' {
if $proxmox::hypervisor::pveproxy_service_manage == true {
service { $proxmox::hypervisor::pveproxy_service_name:
if $proxmox4::hypervisor::pveproxy_service_manage == true {
service { $proxmox4::hypervisor::pveproxy_service_name:
ensure => $pveproxy_service_ensure,
enable => $proxmox::hypervisor::pveproxy_service_enabled,
enable => $proxmox4::hypervisor::pveproxy_service_enabled,
hasstatus => false,
hasrestart => true,
}
}
if $proxmox::hypervisor::vz_service_manage == true {
service { $proxmox::hypervisor::vz_service_name:
if $proxmox4::hypervisor::vz_service_manage == true {
service { $proxmox4::hypervisor::vz_service_name:
ensure => $vz_service_ensure,
enable => $proxmox::hypervisor::pveproxy_service_enabled,
enable => $proxmox4::hypervisor::pveproxy_service_enabled,
hasstatus => true,
hasrestart => true,
}
@ -42,4 +42,4 @@ class proxmox::hypervisor::service {
} # Private class: proxmox::hypervisor::service
} # Private class: proxmox4::hypervisor::service

6
manifests/hypervisor/user.pp
View File

@ -1,4 +1,4 @@
# == Define: proxmox::hypervisor::user
# == Define: proxmox4::hypervisor::user
#
# Manage users allowed to WebGUI
#
@ -19,7 +19,7 @@
#
# The file where group's informations are stored.
#
define proxmox::hypervisor::user ( $user = $title, $group = '', $permission_file = '/etc/pve/user.cfg' ) {
define proxmox4::hypervisor::user ( $user = $title, $group = '', $permission_file = '/etc/pve/user.cfg' ) {
Exec {
path => ['/bin','/sbin','/usr/bin','/usr/sbin'],
@ -56,4 +56,4 @@ define proxmox::hypervisor::user ( $user = $title, $group = '', $permission_file
}
}
} # Public ressource: proxmox::hypervisor::user
} # Public ressource: proxmox4::hypervisor::user

2
manifests/init.pp
View File

@ -1,7 +1,7 @@
# == Class: proxmox
#
# This class do nothing right now.
# Please use proxmox::hypervisor to manage proxmox.
# Please use proxmox4::hypervisor to manage proxmox.
#
# === Examples
#

6
manifests/params.pp
View File

@ -1,6 +1,6 @@
# == Class: proxmox::params
# == Class: proxmox4::params
#
class proxmox::params {
class proxmox4::params {
case $::osfamily {
'Debian': {
if $::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '7.0') >= 0 {
@ -70,4 +70,4 @@ class proxmox::params {
}
} # Private class: proxmox::params
} # Private class: proxmox4::params

26
manifests/vm.pp
View File

@ -1,4 +1,4 @@
# == Class: proxmox::vm
# == Class: proxmox4::vm
#
# Manage Virtual Machines/VM (only OpenVZ right now)
#
@ -11,7 +11,7 @@
#
# === Examples
#
# include proxmox::vm
# include proxmox4::vm
#
# === Authors
#
@ -21,19 +21,19 @@
#
# WTFPL <http://wtfpl.org/>
#
class proxmox::vm (
$vm_interfaces_path = $proxmox::params::vm_interfaces_path,
$vm_interfaces_content = $proxmox::params::vm_interfaces_content,
$vm_interfaces_tail_path = $proxmox::params::vm_interfaces_tail_path,
$vm_interfaces_tail_content = $proxmox::params::vm_interfaces_tail_content,
$network_service_name = $proxmox::params::network_service_name,
$network_service_manage = $proxmox::params::network_service_manage,
$network_service_enabled = $proxmox::params::network_service_enabled,
) inherits proxmox::params {
class proxmox4::vm (
$vm_interfaces_path = $proxmox4::params::vm_interfaces_path,
$vm_interfaces_content = $proxmox4::params::vm_interfaces_content,
$vm_interfaces_tail_path = $proxmox4::params::vm_interfaces_tail_path,
$vm_interfaces_tail_content = $proxmox4::params::vm_interfaces_tail_content,
$network_service_name = $proxmox4::params::network_service_name,
$network_service_manage = $proxmox4::params::network_service_manage,
$network_service_enabled = $proxmox4::params::network_service_enabled,
) inherits proxmox4::params {
case $::virtual {
'openvz': {
include proxmox::vm::openvz
include proxmox4::vm::openvz
}
'kvm': {
}
@ -43,4 +43,4 @@ class proxmox::vm (
}
} # Public class: proxmox::vm
} # Public class: proxmox4::vm

14
manifests/vm/openvz.pp
View File

@ -1,8 +1,8 @@
# == Class: proxmox::vm::openvz
# == Class: proxmox4::vm::openvz
#
# Manage OpenVZ virtual machines (CT aka Containers)
#
class proxmox::vm::openvz {
class proxmox4::vm::openvz {
File {
owner => root,
@ -19,18 +19,18 @@ class proxmox::vm::openvz {
# Need to configure eth0 in an interfaces.tail file because
# the main interfaces file is auto-generated by PVE (for venet config)
file { $proxmox::vm::vm_interfaces_tail_path:
file { $proxmox4::vm::vm_interfaces_tail_path:
ensure => present,
content => template($proxmox::vm::vm_interfaces_tail_content),
content => template($proxmox4::vm::vm_interfaces_tail_content),
}
}
else { # Only virtual interface is available
# If eth0 is the only interface, push it's configuration in the standard interfaces file
file { $proxmox::vm::vm_interfaces_path:
file { $proxmox4::vm::vm_interfaces_path:
ensure => present,
content => template($proxmox::vm::vm_interfaces_content),
content => template($proxmox4::vm::vm_interfaces_content),
}
} # fi
@ -38,4 +38,4 @@ class proxmox::vm::openvz {
} # Private class: proxmox::vm::openvz
} # Private class: proxmox4::vm::openvz

6
templates/hypervisor/pveproxy_default.erb
View File

@ -2,7 +2,7 @@
#Don't edit, please see https://forge.puppetlabs.com/gardouille/proxmox
# Access control list (Apache2 like)
ALLOW_FROM="<%= scope.lookupvar('proxmox::hypervisor::pveproxy_allow') %>"
DENY_FROM="<%= scope.lookupvar('proxmox::hypervisor::pveproxy_deny') %>"
POLICY="<%= scope.lookupvar('proxmox::hypervisor::pveproxy_policy') %>"
ALLOW_FROM="<%= scope.lookupvar('proxmox4::hypervisor::pveproxy_allow') %>"
DENY_FROM="<%= scope.lookupvar('proxmox4::hypervisor::pveproxy_deny') %>"
POLICY="<%= scope.lookupvar('proxmox4::hypervisor::pveproxy_policy') %>"

2
templates/hypervisor/vz.conf.erb
View File

@ -41,7 +41,7 @@ VE_PRIVATE=/var/lib/vz/private/$VEID
VZWDOG="no"
## IPv4 iptables kernel modules to be enabled in CTs by default
<% if scope.lookupvar('proxmox::hypervisor::vz_iptables_modules') == true -%>
<% if scope.lookupvar('proxmox4::hypervisor::vz_iptables_modules') == true -%>
IPTABLES="ipt_REJECT ipt_recent ipt_owner ipt_REDIRECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp"
<% else -%>
IPTABLES=""

2
tests/add_user.pp
View File

@ -1 +1 @@
proxmox::hypervisor::user { 'zaphod@pam': group => 'sysadmin', }
proxmox4::hypervisor::user { 'zaphod@pam': group => 'sysadmin', }

4
tests/group_management.pp
View File

@ -1,8 +1,8 @@
proxmox::hypervisor::group { 'sysadmin':
proxmox4::hypervisor::group { 'sysadmin':
role => 'Administrator',
users => [ 'user1@pam', 'toto@pve' ],
}
proxmox::hypervisor::group { 'audit':
proxmox4::hypervisor::group { 'audit':
role => 'PVEAuditor',
users => [ 'user2@pam' ],
}

2
tests/hypervisor.pp
View File

@ -1 +1 @@
include proxmox::hypervisor
include proxmox4::hypervisor

2
tests/hypervisor_kvm_only.pp
View File

@ -1,4 +1,4 @@
class { 'proxmox::hypervisor':
class { 'proxmox4::hypervisor':
kvm_only => true,
}