Puppet library for MuranoPL

Change-Id: Iff552da1dc76e8c91f0794208b99cc38d0682163

murano-apps/Puppet/package/Classes/PuppetInstance.yaml

@@ -0,0 +1,113 @@
+#  Licensed under the Apache License, Version 2.0 (the "License"); you may
+#  not use this file except in compliance with the License. You may obtain
+#  a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#  License for the specific language governing permissions and limitations
+#  under the License.
+
+Namespaces:
+    =: io.murano.opaas.puppet
+    res: io.murano.resources
+    std: io.murano
+    sys: io.murano.system
+
+Name: PuppetInstance
+
+Extends: res:LinuxMuranoInstance
+
+Methods:
+  initialize:
+    Body:
+      - $._environment: $.find(std:Environment).require()
+
+  deploy:
+    Body:
+      - $.super($.deploy())
+
+      # Deploy host only once
+      - If: $.getAttr(hostDeployed, false)
+        Then:
+          - Return:
+
+      - $.installPuppet()
+      - $.installHiera()
+      - $.installPuppetModule('reidmv/yamlfile')
+      - !yaql "$.setHieraConfigValue(':hierarchy', 'murano')"
+      - $.setAttr(hostDeployed, true)
+
+  installPuppet:
+    Body:
+      - $._environment.reporter.report($this,
+        'Install puppet on instance {0}'.format($.openstackId))
+      - $resources: new(sys:Resources)
+      - $template: $resources.yaml('InstallPuppet.template')
+      - $.agent.call($template, $resources)
+      - $._environment.reporter.report($this,
+        'Puppet installed on instance {0}'.format($.openstackId))
+
+  installHiera:
+    Body:
+      - $._environment.reporter.report($this,
+        'Install Hiera on instance {0}'.format($.openstackId))
+      - $resources: new(sys:Resources)
+      - $template: $resources.yaml('InstallHiera.template')
+      - $.agent.call($template, $resources)
+      - $._environment.reporter.report($this,
+        'Puppet installed on instance {0}'.format($.openstackId))
+
+  installPuppetModule:
+    Arguments:
+      - module:
+          Contract: $.string().notNull()
+    Body:
+      - $._environment.reporter.report($this,
+        'Installing puppet module {0} on {1}'.format( $module, $.openstackId))
+      - $resources: new(sys:Resources)
+      - $template: $resources.yaml('InstallPuppetModule.template').bind(dict(
+          module => $module))
+      - $.agent.call($template, $resources)
+      - $._environment.reporter.report($this,
+        'Puppet module {0} installed on {1}'.format( $module, $.openstackId))
+
+  setHieraValue:
+    Arguments:
+      - key:
+          Contract: $.string().notNull()
+      - value:
+          Contract: $.string().notNull()
+    Body:
+      - $._environment.reporter.report($this,
+        'Put value {0} = {1}'.format( $key, $value))
+      - $.setYamlValue('/etc/puppet/hieradata/murano.yaml', $key, $value)
+
+  setHieraConfigValue:
+    Arguments:
+      - key:
+          Contract: $.string().notNull()
+      - value:
+          Contract: $.string().notNull()
+    Body:
+      - $._environment.reporter.report($this,
+        'setHieraConfigValue {0}={1}'.format( $key, $value))
+      - $.setYamlValue('/etc/puppet/hiera.yaml', $key, $value)
+
+  setYamlValue:
+    Arguments:
+      - path:
+          Contract: $.string().notNull()
+      - key:
+          Contract: $.string().notNull()
+      - value:
+          Contract: $.string().notNull()
+    Body:
+      - $resources: new(sys:Resources)
+      - $template: $resources.yaml('setYamlValue.template').bind(dict(
+          path => $path,
+          key => $key,
+          value => $value))
+      - $.agent.call($template, $resources)

murano-apps/Puppet/package/Resources/InstallHiera.template

@@ -0,0 +1,19 @@
+FormatVersion: 2.0.0
+Version: 1.0.0
+Name: Install Hiera
+
+Parameters:
+
+Body: |
+  return installHiera().stdout
+
+Scripts:
+  installHiera:
+    Type: Application
+    Version: 1.0.0
+    EntryPoint: installHiera.sh
+    Files: ['hiera.yaml', 'murano.yaml']
+    Options:
+      captureStdout: true
+      captureStderr: true
+      verifyExitcode: true

murano-apps/Puppet/package/Resources/InstallPuppet.template

@@ -0,0 +1,19 @@
+FormatVersion: 2.0.0
+Version: 1.0.0
+Name: InstallPuppet
+
+Parameters:
+
+Body: |
+  return installPuppet().stdout
+
+Scripts:
+  installPuppet:
+    Type: Application
+    Version: 1.0.0
+    EntryPoint: installPuppet.sh
+    Files: []
+    Options:
+      captureStdout: true
+      captureStderr: true
+      verifyExitcode: true

murano-apps/Puppet/package/Resources/InstallPuppetModule.template

@@ -0,0 +1,20 @@
+FormatVersion: 2.0.0
+Version: 1.0.0
+Name: InstallPuppetModule
+
+Parameters:
+  module: $module
+
+Body: |
+  return installPuppetModule('{0}'.format(args.module)).stdout
+
+Scripts:
+  installPuppetModule:
+    Type: Application
+    Version: 1.0.0
+    EntryPoint: installPuppetModule.sh
+    Files: []
+    Options:
+      captureStdout: true
+      captureStderr: true
+      verifyExitcode: true

murano-apps/Puppet/package/Resources/putHieraData.template

@@ -0,0 +1,21 @@
+FormatVersion: 2.0.0
+Version: 1.0.0
+Name: Hiera Data
+
+Parameters:
+  key: $key
+  value: $value
+
+Body: |
+  return putHieraData('{0} {1} test'.format(args.key, args.value)).stdout
+
+Scripts:
+  putHieraData:
+    Type: Application
+    Version: 1.0.0
+    EntryPoint: putHieraData.sh
+    Files: []
+    Options:
+      captureStdout: true
+      captureStderr: true
+      verifyExitcode: true

murano-apps/Puppet/package/Resources/scripts/hiera.yaml

@@ -0,0 +1,10 @@
+---
+:backends: yaml
+
+:logger: puppet
+
+:hierarchy:
+  - murano
+
+:yaml:
+   :datadir: /etc/puppet/hieradata

murano-apps/Puppet/package/Resources/scripts/installHiera.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+logger Installing Hiera
+
+sudo puppet resource package hiera ensure=installed
+
+mkdir /etc/puppet/hieradata/
+
+# hiera config
+cp hiera.yaml /etc/puppet/hiera.yaml
+
+# data file
+cp murano.yaml /etc/puppet/hieradata/murano.yaml
+
+
+mkdir /etc/system-config/
+
+#cp murano.yaml /opt/system-config/murano.yaml
+
+puppet config set environment production
+
+exit

murano-apps/Puppet/package/Resources/scripts/installPuppet.sh

@@ -0,0 +1,262 @@
+#!/usr/bin/env bash
+
+# Copyright 2013 OpenStack Foundation.
+# Copyright 2013 Hewlett-Packard Development Company, L.P.
+# Copyright 2013 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+
+#
+# Distro identification functions
+#  note, can't rely on lsb_release for these as we're bare-bones and
+#  it may not be installed yet)
+
+
+function is_fedora {
+    [ -f /usr/bin/yum ] && cat /etc/*release | grep -q -e "Fedora"
+}
+
+function is_rhel7 {
+    [ -f /usr/bin/yum ] && \
+        cat /etc/*release | grep -q -e "Red Hat" -e "CentOS" -e "CloudLinux" && \
+        cat /etc/*release | grep -q 'release 7'
+}
+
+function is_ubuntu {
+    [ -f /usr/bin/apt-get ]
+}
+
+function is_opensuse {
+    [ -f /usr/bin/zypper ] && \
+        cat /etc/os-release | grep -q -e "openSUSE"
+}
+
+# dnf is a drop-in replacement for yum on Fedora>=22
+YUM=yum
+if is_fedora && [[ $(lsb_release -rs) -ge 22 ]]; then
+    YUM=dnf
+fi
+
+
+#
+# Distro specific puppet installs
+#
+
+function _systemd_update {
+    # there is a bug (rhbz#1261747) where systemd can fail to enable
+    # services due to selinux errors after upgrade.  A work-around is
+    # to install the latest version of selinux and systemd here and
+    # restart the daemon for good measure after it is upgraded.
+    $YUM install -y selinux-policy
+    $YUM install -y systemd
+    systemctl daemon-reload
+}
+
+function setup_puppet_fedora {
+    _systemd_update
+
+    $YUM update -y
+
+    # NOTE: we preinstall lsb_release here to ensure facter sets
+    # lsbdistcodename
+    #
+    # Fedora declares some global hardening flags, which distutils
+    # pick up when building python modules.  redhat-rpm-config
+    # provides the required config options.  Really this should be a
+    # dependency of python-devel (fix in the works, see
+    # https://bugzilla.redhat.com/show_bug.cgi?id=1217376) and can be
+    # removed when that is sorted out.
+
+    $YUM install -y redhat-lsb-core git puppet \
+        redhat-rpm-config
+
+    mkdir -p /etc/puppet/modules/
+
+    # Puppet expects the pip command named as pip-python on
+    # Fedora, as per the packaged command name.  However, we're
+    # installing from get-pip.py so it's just 'pip'.  An easy
+    # work-around is to just symlink pip-python to "fool" it.
+    # See upstream issue:
+    #  https://tickets.puppetlabs.com/browse/PUP-1082
+    ln -fs /usr/bin/pip /usr/bin/pip-python
+    # Wipe out templatedir so we don't get warnings about it
+    sed -i '/templatedir/d' /etc/puppet/puppet.conf
+
+    # upstream is currently looking for /run/systemd files to check
+    # for systemd.  This fails in a chroot where /run isn't mounted
+    # (like when using dib).  Comment out this confine as fedora
+    # always has systemd
+    #  see
+    #   https://github.com/puppetlabs/puppet/pull/4481
+    #   https://bugzilla.redhat.com/show_bug.cgi?id=1254616
+    sudo sed -i.bak  '/^[^#].*/ s|\(^.*confine :exists => \"/run/systemd/system\".*$\)|#\ \1|' \
+        /usr/share/ruby/vendor_ruby/puppet/provider/service/systemd.rb
+}
+
+function setup_puppet_rhel7 {
+    local puppet_pkg="https://yum.puppetlabs.com/el/7/products/x86_64/puppetlabs-release-7-10.noarch.rpm"
+
+    # install a bootstrap epel repo to install latest epel-release
+    # package (which provides correct gpg keys, etc); then remove
+    # boostrap
+    cat > /etc/yum.repos.d/epel-bootstrap.repo <<EOF
+[epel-bootstrap]
+name=Bootstrap EPEL
+mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=epel-7&arch=\$basearch
+failovermethod=priority
+enabled=0
+gpgcheck=0
+EOF
+    yum --enablerepo=epel-bootstrap -y install epel-release
+    rm -f /etc/yum.repos.d/epel-bootstrap.repo
+
+    _systemd_update
+    yum update -y
+
+    # NOTE: we preinstall lsb_release to ensure facter sets lsbdistcodename
+    yum install -y redhat-lsb-core git puppet
+
+    rpm -ivh $puppet_pkg
+
+    # see comments in setup_puppet_fedora
+    ln -s /usr/bin/pip /usr/bin/pip-python
+    # Wipe out templatedir so we don't get warnings about it
+    sed -i '/templatedir/d' /etc/puppet/puppet.conf
+
+    # install RDO repo as well; this covers a few things like
+    # openvswitch that aren't available for EPEL
+    yum install -y https://rdoproject.org/repos/rdo-release.rpm
+}
+
+function setup_puppet_ubuntu {
+    if ! which lsb_release > /dev/null 2<&1 ; then
+        DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
+            --assume-yes install -y --force-yes lsb-release
+    fi
+
+    lsbdistcodename=`lsb_release -c -s`
+    if [ $lsbdistcodename != 'trusty' ] ; then
+        rubypkg=rubygems
+    else
+        rubypkg=ruby
+    fi
+
+
+    PUPPET_VERSION=3.*
+    PUPPETDB_VERSION=2.*
+    FACTER_VERSION=2.*
+
+    cat > /etc/apt/preferences.d/00-puppet.pref <<EOF
+Package: puppet puppet-common puppetmaster puppetmaster-common puppetmaster-passenger
+Pin: version $PUPPET_VERSION
+Pin-Priority: 501
+
+Package: puppetdb puppetdb-terminus
+Pin: version $PUPPETDB_VERSION
+Pin-Priority: 501
+
+Package: facter
+Pin: version $FACTER_VERSION
+Pin-Priority: 501
+EOF
+
+    puppet_deb=puppetlabs-release-${lsbdistcodename}.deb
+    wget http://apt.puppetlabs.com/$puppet_deb -O $puppet_deb
+    dpkg -i $puppet_deb
+    rm $puppet_deb
+
+    apt-get update
+    DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
+        --assume-yes dist-upgrade
+    DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
+        --assume-yes install -y --force-yes puppet git $rubypkg
+    # Wipe out templatedir so we don't get warnings about it
+    sed -i '/templatedir/d' /etc/puppet/puppet.conf
+}
+
+function setup_puppet_opensuse {
+    local version=`grep -e "VERSION_ID" /etc/os-release | tr -d "\"" | cut -d "=" -f2`
+    zypper ar http://download.opensuse.org/repositories/systemsmanagement:/puppet/openSUSE_${version}/systemsmanagement:puppet.repo
+    zypper -v --gpg-auto-import-keys --no-gpg-checks -n ref
+    zypper --non-interactive in --force-resolution puppet
+    # Wipe out templatedir so we don't get warnings about it
+    sed -i '/templatedir/d' /etc/puppet/puppet.conf
+}
+
+#
+# pip setup
+#
+
+function setup_pip {
+    # Install pip using get-pip
+    local get_pip_url=https://bootstrap.pypa.io/get-pip.py
+    local ret=1
+
+    if [ -f ./get-pip.py ]; then
+        ret=0
+    elif type curl >/dev/null 2>&1; then
+        curl -O $get_pip_url
+        ret=$?
+    elif type wget >/dev/null 2>&1; then
+        wget $get_pip_url
+        ret=$?
+    fi
+
+    if [ $ret -ne 0 ]; then
+        echo "Failed to get get-pip.py"
+        exit 1
+    fi
+
+    if is_opensuse; then
+        zypper --non-interactive in --force-resolution python python-xml
+    fi
+
+    python get-pip.py -c <(echo 'pip<8')
+    rm get-pip.py
+
+    # we are about to overwrite setuptools, but some packages we
+    # install later might depend on the python-setuptools package.  To
+    # avoid later conflicts, and because distro packages don't include
+    # enough info for pip to certain it can fully uninstall the old
+    # package, for safety we clear it out by hand (this seems to have
+    # been a problem with very old to new updates, e.g. centos6 to
+    # current-era, but less so for smaller jumps).  There is a bit of
+    # chicken-and-egg problem with pip in that it requires setuptools
+    # for some operations, such as wheel creation.  But just
+    # installing setuptools shouldn't require setuptools itself, so we
+    # are safe for this small section.
+    if is_rhel7 || is_fedora; then
+        yum install -y python-setuptools
+        rm -rf /usr/lib/python2.7/site-packages/setuptools*
+    fi
+
+    pip install -U setuptools
+}
+
+setup_pip
+
+if is_fedora; then
+    setup_puppet_fedora
+elif is_rhel7; then
+    setup_puppet_rhel7
+elif is_ubuntu; then
+    setup_puppet_ubuntu
+elif is_opensuse; then
+    setup_puppet_opensuse
+else
+    echo "*** Can not setup puppet: distribution not recognized"
+    exit 1
+fi
+
+exit

murano-apps/Puppet/package/Resources/scripts/installPuppetModule.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+module_name=$1
+
+echo sudo puppet module install ${module_name}
+
+sudo puppet module install ${module_name}
+
+exit

murano-apps/Puppet/package/Resources/scripts/murano.yaml

@@ -0,0 +1 @@
+murano: Hello, World!

murano-apps/Puppet/package/Resources/scripts/putHieraData.sh

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+key=$1
+value=$2
+logger Put value to Hiera $key=$value
+
+puppet apply --execute "yaml_setting { 'example': target=>'/etc/puppet/hieradata/murano.yaml', key=>'$key', value=>'$value', }"

murano-apps/Puppet/package/Resources/scripts/setYamlValue.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+path=$1
+key=$2
+value=$3
+
+logger Put value to $path $key=$value
+
+puppet apply --execute "yaml_setting { 'example': target=>'$path', key=>'$key', value=>'$value', }"

murano-apps/Puppet/package/Resources/setYamlValue.template

@@ -0,0 +1,22 @@
+FormatVersion: 2.0.0
+Version: 1.0.0
+Name: Hiera Data
+
+Parameters:
+  path: $path
+  key: $key
+  value: $value
+
+Body: |
+  return putHieraData('{0} {1} {2}'.format(args.path, args.key, args.value)).stdout
+
+Scripts:
+  putHieraData:
+    Type: Application
+    Version: 1.0.0
+    EntryPoint: setYamlValue.sh
+    Files: []
+    Options:
+      captureStdout: true
+      captureStderr: true
+      verifyExitcode: true

murano-apps/Puppet/package/manifest.yaml

@@ -0,0 +1,12 @@
+Format: 1.0
+Type: Library
+FullName: io.murano.opaas.puppet.Puppet
+Name: Puppet
+Description: |
+ Puppet is an open-source configuration management tool. It runs on many
+ Unix-like systems as well as on Microsoft Windows, and includes its own
+ declarative language to describe system configuration.
+Author: 'Mirantis, Inc'
+Tags: [Server, Puppet]
+Classes:
+ io.murano.opaas.puppet.PuppetInstance: PuppetInstance.yaml