From de4f90b4dabb713bdc975e97ff23413cd12148ed Mon Sep 17 00:00:00 2001 From: Bram Vogelaar Date: Wed, 3 Feb 2021 22:20:47 +0100 Subject: [PATCH] removing os x support since we cant test, which also was the last place we need user management for. This module and the upstream package allways run it as root anyway simplyfing init system code to only support systemd --- README.md | 2 +- REFERENCE.md | 87 +++++++++++++++---------------------- manifests/config.pp | 38 +++++----------- manifests/init.pp | 19 -------- manifests/install.pp | 26 +---------- manifests/run_service.pp | 11 +---- spec/classes/init_spec.rb | 37 ---------------- templates/nomad.launchd.erb | 27 ------------ 8 files changed, 52 insertions(+), 195 deletions(-) delete mode 100644 templates/nomad.launchd.erb diff --git a/README.md b/README.md index 8533e1d..d796f19 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ * If installing from zip, you *must* ensure the unzip utility is available. * Optionally installs a user to run it under * Installs a configuration file (/etc/nomad/config.json) -* Manages the nomad service via launchd or systemd +* Manages the nomad service via systemd ## Reference diff --git a/REFERENCE.md b/REFERENCE.md index 19442b4..71c3276 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -33,7 +33,7 @@ Installs, configures, and manages nomad ##### To set up a single nomad server, with several agents attached, on the server. ```puppet -class { '::nomad': +class { 'nomad': version => '1.0.2', # check latest version at https://github.com/hashicorp/nomad/blob/master/CHANGELOG.md config_hash => { 'region' => 'us-west', @@ -71,12 +71,37 @@ class { 'nomad': } ``` +##### Install as package from the HashiCorp repositories + +```puppet +class { 'nomad': + install_method => 'package', + bin_dir => '/bin', + manage_repo => true, + package_ensure => installed, + config_hash => { + 'region' => 'us-west', + 'datacenter' => 'ptk', + 'log_level' => 'INFO', + 'bind_addr' => '0.0.0.0', + 'data_dir' => '/opt/nomad', + 'client' => { + 'enabled' => true, + 'servers' => [ + "nomad01.your-org.pvt:4647", + "nomad02.your-org.pvt:4647", + "nomad03.your-org.pvt:4647" + ] + } + }, +} +``` + ##### Disable install and service components ```puppet -class { '::nomad': +class { 'nomad': install_method => 'none', - init_style => false, manage_service => false, config_hash => { 'region' => 'us-west', @@ -106,38 +131,6 @@ Data type: `String[1]` cpu architecture -##### `manage_user` - -Data type: `Boolean` - -manage the user that will run nomad - -Default value: ``true`` - -##### `user` - -Data type: `String[1]` - -username - -Default value: `'nomad'` - -##### `manage_group` - -Data type: `Boolean` - -manage the group that will run nomad - -Default value: ``true`` - -##### `extra_groups` - -Data type: `Array[String[1]]` - -additional groups to add the nomad user - -Default value: `[]` - ##### `purge_config_dir` Data type: `Boolean` @@ -146,14 +139,6 @@ Purge config files no longer generated by Puppet Default value: ``true`` -##### `group` - -Data type: `String[1]` - -groupname - -Default value: `'nomad'` - ##### `join_wan` Data type: `Optional[String[1]]` @@ -274,6 +259,14 @@ Use this to set the JSON config file mode for nomad. Default value: `'0660'` +##### `manage_repo` + +Data type: `Boolean` + +Configure the upstream HashiCorp repository. Only relevant when $nomad::install_method = 'package'. + +Default value: ``true`` + ##### `manage_service` Data type: `Boolean` @@ -322,14 +315,6 @@ Determines whether to restart nomad agent on $config_hash changes. This will not Default value: ``true`` -##### `init_style` - -Data type: `Variant[String[1], Boolean]` - -What style of init system your system uses. - -Default value: `$facts['service_provider']` - ## Functions ### `nomad::nomad_sorted_json` diff --git a/manifests/config.pp b/manifests/config.pp index dfa01d9..fbb154c 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -1,43 +1,27 @@ # This class is called from nomad::init to install the config file. # +# @api private class nomad::config { - if $nomad::init_style { - case $nomad::init_style { - 'systemd' : { - systemd::unit_file { 'nomad.service': - content => template('nomad/nomad.systemd.erb'), - } - # cleaning up legacy service file created before PR #13 - file { '/lib/systemd/system/nomad.service': - ensure => absent, - } - } - 'launchd' : { - file { '/Library/LaunchDaemons/io.nomad.daemon.plist': - mode => '0644', - owner => 'root', - group => 'wheel', - content => template('nomad/nomad.launchd.erb'), - } - } - default : { - fail("I don't know how to create an init script for style ${nomad::init_style}") - } - } + systemd::unit_file { 'nomad.service': + content => template('nomad/nomad.systemd.erb'), + } + # cleaning up legacy service file created before PR #13 + file { '/lib/systemd/system/nomad.service': + ensure => absent, } file { $nomad::config_dir: ensure => 'directory', - owner => $nomad::user, - group => $nomad::group, + owner => 'root', + group => 'root', purge => $nomad::purge_config_dir, recurse => $nomad::purge_config_dir, } -> file { 'nomad config.json': ensure => file, + owner => 'root', + group => 'root', path => "${nomad::config_dir}/config.json", - owner => $nomad::user, - group => $nomad::group, mode => $nomad::config_mode, content => nomad::sorted_json($nomad::config_hash_real, $nomad::pretty_config, $nomad::pretty_config_indent), } diff --git a/manifests/init.pp b/manifests/init.pp index 6c36988..e550b59 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -61,7 +61,6 @@ # @example Disable install and service components # class { 'nomad': # install_method => 'none', -# init_style => false, # manage_service => false, # config_hash => { # 'region' => 'us-west', @@ -82,18 +81,8 @@ # # @param arch # cpu architecture -# @param manage_user -# manage the user that will run nomad -# @param user -# username -# @param manage_group -# manage the group that will run nomad -# @param extra_groups -# additional groups to add the nomad user # @param purge_config_dir # Purge config files no longer generated by Puppet -# @param group -# groupname # @param join_wan # join nomad cluster over the WAN # @param bin_dir @@ -138,16 +127,9 @@ # ensure the state of the nomad service # @param restart_on_change # Determines whether to restart nomad agent on $config_hash changes. This will not affect reloads when service, check or watch configs change. -# @param init_style -# What style of init system your system uses. class nomad ( String[1] $arch, - Boolean $manage_user = true, - String[1] $user = 'nomad', - Boolean $manage_group = true, - Array[String[1]] $extra_groups = [], Boolean $purge_config_dir = true, - String[1] $group = 'nomad', Optional[String[1]] $join_wan = undef, Stdlib::Absolutepath $bin_dir = '/usr/local/bin', String[1] $version = '1.0.2', @@ -170,7 +152,6 @@ Boolean $manage_repo = true, Boolean $manage_service = true, Boolean $restart_on_change = true, - Variant[Enum['systemd', 'launchd'], Boolean] $init_style = $facts['service_provider'], ) { $real_download_url = pick($download_url, "${download_url_base}${version}/${package_name}_${version}_${os}_${arch}.${download_extension}") $config_hash_real = deep_merge($config_defaults, $config_hash) diff --git a/manifests/install.pp b/manifests/install.pp index 085a971..7b73425 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -5,8 +5,8 @@ if $nomad::data_dir { file { $nomad::data_dir: ensure => 'directory', - owner => $nomad::user, - group => $nomad::group, + owner => 'root', + group => 'root', mode => '0755', } } @@ -46,10 +46,6 @@ ensure => $nomad::package_ensure, } - if $nomad::manage_user { - User[$nomad::user] -> Package[$nomad::package_name] - } - if $nomad::data_dir { Package[$nomad::package_name] -> File[$nomad::data_dir] } @@ -59,22 +55,4 @@ fail("The provided install method ${nomad::install_method} is invalid") } } - - if $nomad::manage_user { - user { $nomad::user: - ensure => 'present', - system => true, - groups => $nomad::extra_groups, - } - - if $nomad::manage_group { - Group[$nomad::group] -> User[$nomad::user] - } - } - if $nomad::manage_group { - group { $nomad::group: - ensure => 'present', - system => true, - } - } } diff --git a/manifests/run_service.pp b/manifests/run_service.pp index 23ce05f..f69ca35 100644 --- a/manifests/run_service.pp +++ b/manifests/run_service.pp @@ -3,17 +3,10 @@ # # @api private class nomad::run_service { - $init_selector = $nomad::init_style ? { - 'launchd' => 'io.nomad.daemon', - default => 'nomad', - } - if $nomad::manage_service == true { service { 'nomad': - ensure => $nomad::service_ensure, - name => $init_selector, - enable => $nomad::service_enable, - provider => $nomad::init_style, + ensure => $nomad::service_ensure, + enable => $nomad::service_enable, } } diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 5120cd9..b254ac2 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -144,13 +144,6 @@ it { should_not contain_archive('/opt/puppet-archive/nomad-1.0.2.zip') } end - - - context "By default, a user and group should be installed" do - it { should contain_user('nomad').with(:ensure => :present) } - it { should contain_group('nomad').with(:ensure => :present) } - end - context "When data_dir is provided" do let(:params) {{ :config_hash => { @@ -232,16 +225,6 @@ it { should contain_file('nomad config.json').with_content(/"ports": \{/) } end - context "When asked not to manage the user" do - let(:params) {{ :manage_user => false }} - it { should_not contain_user('nomad') } - end - - context "When asked not to manage the group" do - let(:params) {{ :manage_group => false }} - it { should_not contain_group('nomad') } - end - context "When asked not to manage the service" do let(:params) {{ :manage_service => false }} @@ -262,24 +245,11 @@ it { should_not contain_exec('reload nomad service') } end - context "With a custom username" do - let(:params) {{ - :user => 'custom_nomad_user', - :group => 'custom_nomad_group', - }} - it { should contain_user('custom_nomad_user').with(:ensure => :present) } - it { should contain_group('custom_nomad_group').with(:ensure => :present) } - end - context "Config with custom file mode" do let(:params) {{ - :user => 'custom_nomad_user', - :group => 'custom_nomad_group', :config_mode => '0600', }} it { should contain_file('nomad config.json').with( - :owner => 'custom_nomad_user', - :group => 'custom_nomad_group', :mode => '0600' )} end @@ -320,12 +290,6 @@ } end - context "When asked not to manage the init_style" do - let(:params) {{ :init_style => false }} - it { should contain_class('nomad').with_init_style(false) } - it { should_not contain_file("/etc/systemd/system/nomad.service") } - end - # Config Stuff context "With extra_options" do let(:params) {{ @@ -335,7 +299,6 @@ end # Service Stuff - it { should contain_class('nomad').with_init_style('systemd') } it { should contain_file('/etc/systemd/system/nomad.service').with_content(/nomad agent/) } end end diff --git a/templates/nomad.launchd.erb b/templates/nomad.launchd.erb deleted file mode 100644 index fb6aeb9..0000000 --- a/templates/nomad.launchd.erb +++ /dev/null @@ -1,27 +0,0 @@ - - - - - Label io.nomad.daemon - UserName <%= scope.lookupvar('nomad::user') %> - GroupName <%= scope.lookupvar('nomad::group') %> -<% if scope.lookupvar('nomad::service_enable') %> - Disabled -<% else %> - Disabled> -<% end %> - RunAtLoad - KeepAlive - ProgramArguments - - <%= scope.lookupvar('nomad::bin_dir') %>/nomad - agent - -config - <%= scope.lookupvar('nomad::config_dir') %> -<% require 'shellwords' %> -<% for extra_option in Shellwords.split(scope.lookupvar('nomad::extra_options')) %> - <%= extra_option %> -<% end %> - - -