Add 7.2 support and refactor module #215
Conversation
nick-markowski
changed the title
|
Still need to:
|
manifests/addon.pp
Outdated
| $package_manage = true, | ||
| Optional[String] $package_name = undef, | ||
| $inputs = {}, | ||
| ) { | ||
|
|
||
| include '::splunk::params' |
There was a problem hiding this comment.
please remove the leading ::. That is legacy syntax that was required for puppet 3.
There was a problem hiding this comment.
I have...a lot of these to remove lol
manifests/addon.pp
Outdated
| include '::splunk::params' | ||
|
|
||
| if !defined($splunk_home) { | ||
| $_splunk_home = $::splunk::params::forwarder_homedir |
There was a problem hiding this comment.
same here, please remove the leading ::.
manifests/enterprise.pp
Outdated
| # Class splunk::enterprise | ||
| # | ||
| class splunk::enterprise ( | ||
| String $version = $::splunk::params::version, |
There was a problem hiding this comment.
for all the strings, can you update it to String[1] to prohibit empty strings?
manifests/addon.pp
Outdated
| $package_manage = true, | ||
| Optional[String] $package_name = undef, | ||
| $inputs = {}, | ||
| ) { | ||
|
|
||
| include '::splunk::params' | ||
|
|
||
| if !defined($splunk_home) { |
There was a problem hiding this comment.
or just unless $splunk_home {
There was a problem hiding this comment.
Or if $splunk_home and reverse the blocks.
|
@nick-markowski Huge thanks for taking this on! It's something I'm going to be needing myself shortly, so I should be able to test your PR sometime over the next week or so. |
manifests/enterprise.pp
Outdated
| String $service_file = $::splunk::params::enterprise_service_file, | ||
| Boolean $boot_start = $::splunk::params::boot_start, | ||
| Boolean $use_default_config = true, | ||
| String $input_default_host = $facts['clientcert'], |
There was a problem hiding this comment.
clientcert? That doesn't actually have to be a hostname. Probably better to stick with $facts['fqdn'] here.
manifests/enterprise.pp
Outdated
| Optional[String] $package_provider = $::splunk::params::package_provider, | ||
| Boolean $manage_package_source = true, | ||
| Optional[String] $package_source = undef, | ||
| Optional[Array[String]] $install_options = $::splunk::params::enterprise_install_options, |
There was a problem hiding this comment.
Instead of this being Optional, can we default to an empty array instead?
manifests/enterprise.pp
Outdated
| Optional[String] $package_source = undef, | ||
| Optional[Array[String]] $install_options = $::splunk::params::enterprise_install_options, | ||
| String $splunk_user = $::splunk::params::splunk_user, | ||
| String $enterprise_homedir = $::splunk::params::enterprise_homedir, |
There was a problem hiding this comment.
Stdlib::Absolutepath instead of String?
manifests/enterprise.pp
Outdated
| Boolean $use_default_config = true, | ||
| String $input_default_host = $facts['clientcert'], | ||
| String $input_connection_host = 'dns', | ||
| String $splunkd_listen = '127.0.0.1', |
There was a problem hiding this comment.
I need to comb through all of the strong typing, I winged it
|
@alexjfisher @bastelfreak Splunk has made an assumption that cgroups are present in the systmed unit file, if enabled (boot-start). Cgroups are obviously not present in containers, so the test suite fails: chown: cannot access ‘/sys/fs/cgroup/cpu/system.slice/Splunkd.service’: No such file or directory One way we can probably get around it is to hack in the 2 cgroup files the until file expects to manage. It's ugly, but i'm not sure what else to do until Splunk fixes their code. EDIT: If you're running splunk in a container IRL you would probably not use systemd to manage the service, you would use the binaries directly to kick off the container (or download the splunk container, per their docs). We may need to update the travis tests to utilize virtual hosts instead of containers to fully test the suite. |
manifests/enterprise/install.pp
Outdated
| } | ||
|
|
||
| if $splunk::enterprise::package_provider != undef and $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey' { | ||
| include ::archive::staging |
There was a problem hiding this comment.
please use:
| include ::archive::staging | |
| include archive::staging |
|
Hey @nick-markowski, How can I help get this over the line and merged? Working on a project and officially blocked by the lack of 7.2 support. |
|
Hey @ody ! I have a list of todo items I should be able to begin addressing this week:
Before the tests can be completed, I need some resolution about how to handle issues I posted in the chain, above. EDIT: while automated acceptance is a good end-goal, manually deploying the module in a test environment and ensuring the logic is not complete garbage would be very useful, too! |
Umm... I really don't know. I wonder if @ekohl has any ideas? |
This sounds fair. The spec_acceptance_helper sounds like the correct place if they just need to exist and setting it up once is enough.
AFAIK we have no place to run VMs |
|
@ekohl I'll try to get the tests running in the containers and report any other blockers, thanks! |
|
@alexjfisher @bastelfreak looks like some dependencies within the debian nodeset are defunct, not sure how you want to handle it |
|
Debian 8 is EOL. Technically it's LTS, but in Debian that has a different meaning. It's fine to drop Debian 8 as a supported OS and only support Debian 9 IMHO. |
|
@nick-markowski are you happy with this as it is now? I don't want to review such a huge PR multiple times :D. Please remove the |
|
@bastelfreak understandable! I left it WIP because I need to update the README and in-module param documentation. I'll get that done this week. |
nick-markowski
changed the title
manifests/addon.pp
Outdated
| Optional[String] $package_name = undef, | ||
| $inputs = {}, | ||
| Optional[Stdlib::Absolutepath] $splunk_home = undef, | ||
| Boolead $package_manage = true, |
|
@alexjfisher @bastelfreak @ekohl Looks like the review has already started and I need to add some testing - could I get some more 👀 on this? :) |
|
@nick-markowski I'm going to be trying this change out for real in the next few days. :) |
.sync.yml
Outdated
| @@ -4,7 +4,7 @@ | |||
| docker_sets: | |||
| - set: centos6-64 | |||
| - set: centos7-64 | |||
| - set: debian8-64 | |||
| - set: debian9-64 | |||
There was a problem hiding this comment.
to make the whole diff smaller, do you think it's possible to add debian9 in a seperate PR and drop debian 8 in a seperate PR?
There was a problem hiding this comment.
I could re-introduce those changes as a separate PR (unless someone else beats me to it) and rebase this one to clean things up, for sure
There was a problem hiding this comment.
Is a move to Debian 9 a requirement for Splunk 7.2? That would be the only reason to rebase. If it isn't a requirement then it should be able to be handled entirely separately.
There was a problem hiding this comment.
I only updated because the debian 8 docker images were defunct and not letting the test suite pass, I'm fine with ditching the change and ignoring the deb8 tests
| } | ||
|
|
||
| if $facts['virtual'] == 'docker' { | ||
| ini_setting { 'OPTIMISTIC_ABOUT_FILE_LOCKING': |
There was a problem hiding this comment.
lol, nice name for an option :D
There was a problem hiding this comment.
Lol, most of this is reused code I didn't find reason to modify :)
manifests/enterprise/config.pp
Outdated
| } | ||
| } | ||
|
|
||
| File <| tag == 'splunk_enterprise' |> |
There was a problem hiding this comment.
I'm wondering if we can simplify the whole block of class dependencies 🤔
There was a problem hiding this comment.
I hope so, it was painful to write these out! I guess, technically, we could order the types to consolidate them into one block; order is arbitrary anyways:
File <| tag == 'splunk_enterprise' |>
-> Splunk_authentication <| tag == 'splunk_enterprise' |>
-> Splunk_authorize <| tag == 'splunk_enterprise' |>
-> Splunk_deploymentclient <| tag == 'splunk_enterprise' |>
... etc
~> Class['splunk::enterprise::service']
Thoughts?
There was a problem hiding this comment.
@alexjfisher @binford2k can you have a look please?
There was a problem hiding this comment.
Removed ability to include enterprise and forwarder on the same machine
Was this the only reason for tagging the resources? Maybe much of this could be simplified??
manifests/enterprise/install.pp
Outdated
| false => $splunk::enterprise::package_source | ||
| } | ||
|
|
||
| if $splunk::enterprise::package_provider != undef and $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey' { |
There was a problem hiding this comment.
if $splunk::enterprise::package_provider != undef is equal to if $splunk::enterprise::package_provider
if $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey' should be equal to if not $splunk::enterprise::package_provider in ['apt', 'chocolatey', 'yum'] (but I didn't test it).
There was a problem hiding this comment.
I'll try cleaning this up, I have a local centos7 build I'm using yum providers with
manifests/enterprise/install.pp
Outdated
| } | ||
|
|
||
| if $splunk::enterprise::package_provider != undef and $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey' { | ||
| include archive::staging |
There was a problem hiding this comment.
is this include actually required? 🤔
There was a problem hiding this comment.
Good question, most of the crazy install logic I just forklifted and plopped into place...
There was a problem hiding this comment.
I was unable to find a reason for its inclusion aside from it including the archive class but I am also not even sure the archive class is required, it just installs awscli or 7zip on Windows.
There was a problem hiding this comment.
This module is listed as supporting Windows though.
manifests/enterprise/install/nix.pp
Outdated
|
|
||
| # Required for splunk 7.2.4.2 | ||
| if versioncmp($splunk::enterprise::version, '7.2.4.2') >= 0 { | ||
| if !defined(Package['net-tools']) { |
There was a problem hiding this comment.
this could be simplified by using https://github.com/puppetlabs/puppetlabs-stdlib#ensure_packages
manifests/enterprise/service.pp
Outdated
| # This is a module that supports multiple platforms. For some platforms | ||
| # there is non-generic configuration that needs to be declared in addition | ||
| # to the agnostic resources declared here. | ||
| if $facts['kernel'] == 'Linux' or $facts['kernel'] == 'SunOS' { |
There was a problem hiding this comment.
Untetested but should work and is shorter:
| if $facts['kernel'] == 'Linux' or $facts['kernel'] == 'SunOS' { | |
| if $facts['kernel'] in ['Linux', 'SunOS'] { |
manifests/forwarder/install.pp
Outdated
| false => $splunk::forwarder::package_source | ||
| } | ||
|
|
||
| if $splunk::forwarder::package_provider != undef and $splunk::forwarder::package_provider != 'yum' and $splunk::forwarder::package_provider != 'apt' and $splunk::forwarder::package_provider != 'chocolatey' { |
There was a problem hiding this comment.
same here as mentioned above
manifests/forwarder.pp
Outdated
| # If the purge parameters have been set, remove all unmanaged entries from | ||
| # the respective config files. | ||
| # Class splunk::forwarder | ||
| # |
There was a problem hiding this comment.
nit. Trailing whitespace on every other line.
There was a problem hiding this comment.
Not sure why puppet-lint doesn't complain.
There was a problem hiding this comment.
Maybe comments are linted differently?
manifests/forwarder.pp
Outdated
| ) | ||
| } | ||
|
|
||
| include 'splunk::forwarder::install' |
There was a problem hiding this comment.
Should these use contain?
eg what if I'm doing something like...
pulp_rpmbind {'internal-splunk-7': }
class { 'splunk::forwarder':
server => $server,
manage_package_source => false,
package_provider => 'yum',
package_ensure => 'latest',
require => Pulp_rpmbind['internal-splunk-7'],
}
README.md
Outdated
|
|
||
| #### `addons` | ||
|
|
||
| Manage a splunk addons, see `splunk::addons`. Defaults to an empty Hash. |
There was a problem hiding this comment.
nit. Should read Manage splunk addons (without the a).
manifests/forwarder/config.pp
Outdated
|
|
||
| # Declare inputs and outputs specific to the forwarder profile | ||
| $_tag_resources = { tag => 'splunk_forwarder' } | ||
| if $splunk::forwarder::forwarder_input { |
There was a problem hiding this comment.
This will always be truthy as $splunk::forwarder::forwarder_input is of type Hash.
manifests/forwarder/config.pp
Outdated
| # Declare inputs and outputs specific to the forwarder profile | ||
| $_tag_resources = { tag => 'splunk_forwarder' } | ||
| if $splunk::forwarder::forwarder_input { | ||
| create_resources( 'splunkforwarder_input', $splunk::forwarder::forwarder_input, $_tag_resources) |
There was a problem hiding this comment.
You could/should use iteration instead of create_resources.
manifests/addon.pp
Outdated
| Optional[Stdlib::Absolutepath] $splunk_home = undef, | ||
| Boolead $package_manage = true, | ||
| Optional[String[1]] $package_name = undef, | ||
| $inputs = {}, |
There was a problem hiding this comment.
Could you strong type this parameter too so its consistent?
manifests/enterprise/install.pp
Outdated
| } | ||
|
|
||
| if $splunk::enterprise::package_provider != undef and $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey' { | ||
| include archive::staging |
There was a problem hiding this comment.
I was unable to find a reason for its inclusion aside from it including the archive class but I am also not even sure the archive class is required, it just installs awscli or 7zip on Windows.
manifests/enterprise/install.pp
Outdated
| if $splunk::enterprise::package_provider != undef and $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey' { | ||
| include archive::staging | ||
| $_src_package_filename = basename($_package_source) | ||
| $_package_path_parts = [$archive::path, $splunk::enterprise::staging_subdir, $_src_package_filename] |
There was a problem hiding this comment.
$archive::path isn't ever set by Class[archive]
|
Basic functionality of standing up a new instance of 7.2 and installing forwarder validated Thanks @nick-markowski! |
manifests/enterprise/service/nix.pp
Outdated
|
|
||
| if $splunk::enterprise::boot_start { | ||
| # Eensure splunk services *not* managed by the system service file are | ||
| # Ensuure splunk services *not* managed by the system service file are |
@ody Thanks for testing! It's been looking good for me too. |
manifests/forwarder/config.pp
Outdated
| ~> Class['splunk::forwarder::service'] | ||
|
|
||
| File <| tag == 'splunk_forwarder' |> | ||
| -> Splunkforwarder_input <| tag == 'splunk_forwarder' |> |
There was a problem hiding this comment.
What's the deal with only looking for resources with the specific tag?
Previously, you could declare these resources without a tag and they would notify the service.
See #50
alexjfisher
added
enhancement
* Default splunk version to 7.2.4.2
* Supports systemd boot-start
* sysvinit file ensured absent on systemd machines when supported
* net-tools ensured present on enterprise nodes splunk >= 7.2.4.2
* Removed legacy-style service management
* Changed module design from Class[splunk], Class[splunk::forwarder] to
Class[splunk::enterprise] and Class[splunk::forwarder]
* Removed inclusion of the ::archive class
* Cleaned up install logic
* Allow users to disable default config (splunk/forwarder_* types)
* Generate splunkforwarder_input/output with iteration, instead of
create_resources
* Removed ability to include enterprise and forwarder on the same machine
* Forwarder and enterprise potentially share common service names and other
assets, which cause issues when including both
* Forwarder is simply a subset of enterprise capability and there is no need
to have both
* Bumped dependency on stdlib to 4.25.0 to ensure strong typing support
* Allow users to specify splunk service user
* Added password management to enterprise
Fixes #213
Fixes #212
Fixes #210
Class[splunk::enterprise] and Class[splunk::forwarder]
to have both
assets, which cause issues when including both
Fixes #213
Fixes #212
Fixes #210
Pull Request (PR) description
This Pull Request (PR) fixes the following issues