-
-
Notifications
You must be signed in to change notification settings - Fork 126
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add 7.2 support and refactor module #215
Conversation
Still need to:
|
manifests/addon.pp
Outdated
$package_manage = true, | ||
Optional[String] $package_name = undef, | ||
$inputs = {}, | ||
) { | ||
|
||
include '::splunk::params' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please remove the leading ::
. That is legacy syntax that was required for puppet 3.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have...a lot of these to remove lol
manifests/addon.pp
Outdated
include '::splunk::params' | ||
|
||
if !defined($splunk_home) { | ||
$_splunk_home = $::splunk::params::forwarder_homedir |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same here, please remove the leading ::
.
manifests/enterprise.pp
Outdated
# Class splunk::enterprise | ||
# | ||
class splunk::enterprise ( | ||
String $version = $::splunk::params::version, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
for all the strings, can you update it to String[1]
to prohibit empty strings?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sure can!
manifests/addon.pp
Outdated
$package_manage = true, | ||
Optional[String] $package_name = undef, | ||
$inputs = {}, | ||
) { | ||
|
||
include '::splunk::params' | ||
|
||
if !defined($splunk_home) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
or just unless $splunk_home {
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or if $splunk_home
and reverse the blocks.
@nick-markowski Huge thanks for taking this on! It's something I'm going to be needing myself shortly, so I should be able to test your PR sometime over the next week or so. |
manifests/enterprise.pp
Outdated
String $service_file = $::splunk::params::enterprise_service_file, | ||
Boolean $boot_start = $::splunk::params::boot_start, | ||
Boolean $use_default_config = true, | ||
String $input_default_host = $facts['clientcert'], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
clientcert
? That doesn't actually have to be a hostname. Probably better to stick with $facts['fqdn']
here.
manifests/enterprise.pp
Outdated
Optional[String] $package_provider = $::splunk::params::package_provider, | ||
Boolean $manage_package_source = true, | ||
Optional[String] $package_source = undef, | ||
Optional[Array[String]] $install_options = $::splunk::params::enterprise_install_options, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of this being Optional
, can we default to an empty array instead?
manifests/enterprise.pp
Outdated
Optional[String] $package_source = undef, | ||
Optional[Array[String]] $install_options = $::splunk::params::enterprise_install_options, | ||
String $splunk_user = $::splunk::params::splunk_user, | ||
String $enterprise_homedir = $::splunk::params::enterprise_homedir, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Stdlib::Absolutepath
instead of String
?
manifests/enterprise.pp
Outdated
Boolean $use_default_config = true, | ||
String $input_default_host = $facts['clientcert'], | ||
String $input_connection_host = 'dns', | ||
String $splunkd_listen = '127.0.0.1', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Stdlib::IP::Address
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I need to comb through all of the strong typing, I winged it
@alexjfisher @bastelfreak Splunk has made an assumption that cgroups are present in the systmed unit file, if enabled (boot-start). Cgroups are obviously not present in containers, so the test suite fails: chown: cannot access ‘/sys/fs/cgroup/cpu/system.slice/Splunkd.service’: No such file or directory One way we can probably get around it is to hack in the 2 cgroup files the until file expects to manage. It's ugly, but i'm not sure what else to do until Splunk fixes their code. EDIT: If you're running splunk in a container IRL you would probably not use systemd to manage the service, you would use the binaries directly to kick off the container (or download the splunk container, per their docs). We may need to update the travis tests to utilize virtual hosts instead of containers to fully test the suite. |
manifests/enterprise/install.pp
Outdated
} | ||
|
||
if $splunk::enterprise::package_provider != undef and $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey' { | ||
include ::archive::staging |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please use:
include ::archive::staging | |
include archive::staging |
Hey @nick-markowski, How can I help get this over the line and merged? Working on a project and officially blocked by the lack of 7.2 support. |
Hey @ody ! I have a list of todo items I should be able to begin addressing this week:
Before the tests can be completed, I need some resolution about how to handle issues I posted in the chain, above. EDIT: while automated acceptance is a good end-goal, manually deploying the module in a test environment and ensuring the logic is not complete garbage would be very useful, too! |
Umm... I really don't know. I wonder if @ekohl has any ideas? |
This sounds fair. The spec_acceptance_helper sounds like the correct place if they just need to exist and setting it up once is enough.
AFAIK we have no place to run VMs |
@ekohl I'll try to get the tests running in the containers and report any other blockers, thanks! |
@alexjfisher @bastelfreak looks like some dependencies within the debian nodeset are defunct, not sure how you want to handle it |
Debian 8 is EOL. Technically it's LTS, but in Debian that has a different meaning. It's fine to drop Debian 8 as a supported OS and only support Debian 9 IMHO. |
@nick-markowski are you happy with this as it is now? I don't want to review such a huge PR multiple times :D. Please remove the |
@bastelfreak understandable! I left it WIP because I need to update the README and in-module param documentation. I'll get that done this week. |
manifests/addon.pp
Outdated
Optional[String] $package_name = undef, | ||
$inputs = {}, | ||
Optional[Stdlib::Absolutepath] $splunk_home = undef, | ||
Boolead $package_manage = true, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Boolean
@alexjfisher @bastelfreak @ekohl Looks like the review has already started and I need to add some testing - could I get some more 👀 on this? :) |
@nick-markowski I'm going to be trying this change out for real in the next few days. :) |
.sync.yml
Outdated
@@ -4,7 +4,7 @@ | |||
docker_sets: | |||
- set: centos6-64 | |||
- set: centos7-64 | |||
- set: debian8-64 | |||
- set: debian9-64 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
to make the whole diff smaller, do you think it's possible to add debian9 in a seperate PR and drop debian 8 in a seperate PR?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I could re-introduce those changes as a separate PR (unless someone else beats me to it) and rebase this one to clean things up, for sure
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is a move to Debian 9 a requirement for Splunk 7.2? That would be the only reason to rebase. If it isn't a requirement then it should be able to be handled entirely separately.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I only updated because the debian 8 docker images were defunct and not letting the test suite pass, I'm fine with ditching the change and ignoring the deb8 tests
} | ||
|
||
if $facts['virtual'] == 'docker' { | ||
ini_setting { 'OPTIMISTIC_ABOUT_FILE_LOCKING': |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lol, nice name for an option :D
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lol, most of this is reused code I didn't find reason to modify :)
manifests/enterprise/config.pp
Outdated
} | ||
} | ||
|
||
File <| tag == 'splunk_enterprise' |> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm wondering if we can simplify the whole block of class dependencies 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I hope so, it was painful to write these out! I guess, technically, we could order the types to consolidate them into one block; order is arbitrary anyways:
File <| tag == 'splunk_enterprise' |>
-> Splunk_authentication <| tag == 'splunk_enterprise' |>
-> Splunk_authorize <| tag == 'splunk_enterprise' |>
-> Splunk_deploymentclient <| tag == 'splunk_enterprise' |>
... etc
~> Class['splunk::enterprise::service']
Thoughts?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@alexjfisher @binford2k can you have a look please?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed ability to include enterprise and forwarder on the same machine
Was this the only reason for tagging the resources? Maybe much of this could be simplified??
manifests/enterprise/install.pp
Outdated
false => $splunk::enterprise::package_source | ||
} | ||
|
||
if $splunk::enterprise::package_provider != undef and $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey' { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if $splunk::enterprise::package_provider != undef
is equal to if $splunk::enterprise::package_provider
if $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey'
should be equal to if not $splunk::enterprise::package_provider in ['apt', 'chocolatey', 'yum']
(but I didn't test it).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll try cleaning this up, I have a local centos7 build I'm using yum providers with
manifests/enterprise/install.pp
Outdated
} | ||
|
||
if $splunk::enterprise::package_provider != undef and $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey' { | ||
include archive::staging |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this include actually required? 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good question, most of the crazy install logic I just forklifted and plopped into place...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was unable to find a reason for its inclusion aside from it including the archive class but I am also not even sure the archive class is required, it just installs awscli or 7zip on Windows.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This module is listed as supporting Windows though.
manifests/enterprise/install/nix.pp
Outdated
|
||
# Required for splunk 7.2.4.2 | ||
if versioncmp($splunk::enterprise::version, '7.2.4.2') >= 0 { | ||
if !defined(Package['net-tools']) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this could be simplified by using https://github.com/puppetlabs/puppetlabs-stdlib#ensure_packages
manifests/enterprise/service.pp
Outdated
# This is a module that supports multiple platforms. For some platforms | ||
# there is non-generic configuration that needs to be declared in addition | ||
# to the agnostic resources declared here. | ||
if $facts['kernel'] == 'Linux' or $facts['kernel'] == 'SunOS' { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Untetested but should work and is shorter:
if $facts['kernel'] == 'Linux' or $facts['kernel'] == 'SunOS' { | |
if $facts['kernel'] in ['Linux', 'SunOS'] { |
manifests/forwarder/install.pp
Outdated
false => $splunk::forwarder::package_source | ||
} | ||
|
||
if $splunk::forwarder::package_provider != undef and $splunk::forwarder::package_provider != 'yum' and $splunk::forwarder::package_provider != 'apt' and $splunk::forwarder::package_provider != 'chocolatey' { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same here as mentioned above
manifests/forwarder.pp
Outdated
# If the purge parameters have been set, remove all unmanaged entries from | ||
# the respective config files. | ||
# Class splunk::forwarder | ||
# |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit. Trailing whitespace on every other line.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure why puppet-lint doesn't complain.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe comments are linted differently?
manifests/forwarder.pp
Outdated
) | ||
} | ||
|
||
include 'splunk::forwarder::install' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should these use contain
?
eg what if I'm doing something like...
pulp_rpmbind {'internal-splunk-7': }
class { 'splunk::forwarder':
server => $server,
manage_package_source => false,
package_provider => 'yum',
package_ensure => 'latest',
require => Pulp_rpmbind['internal-splunk-7'],
}
README.md
Outdated
|
||
#### `addons` | ||
|
||
Manage a splunk addons, see `splunk::addons`. Defaults to an empty Hash. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit. Should read Manage splunk addons
(without the a
).
manifests/forwarder/config.pp
Outdated
|
||
# Declare inputs and outputs specific to the forwarder profile | ||
$_tag_resources = { tag => 'splunk_forwarder' } | ||
if $splunk::forwarder::forwarder_input { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will always be truthy as $splunk::forwarder::forwarder_input
is of type Hash
.
manifests/forwarder/config.pp
Outdated
# Declare inputs and outputs specific to the forwarder profile | ||
$_tag_resources = { tag => 'splunk_forwarder' } | ||
if $splunk::forwarder::forwarder_input { | ||
create_resources( 'splunkforwarder_input', $splunk::forwarder::forwarder_input, $_tag_resources) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You could/should use iteration instead of create_resources
.
manifests/addon.pp
Outdated
Optional[Stdlib::Absolutepath] $splunk_home = undef, | ||
Boolead $package_manage = true, | ||
Optional[String[1]] $package_name = undef, | ||
$inputs = {}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you strong type this parameter too so its consistent?
manifests/enterprise/install.pp
Outdated
} | ||
|
||
if $splunk::enterprise::package_provider != undef and $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey' { | ||
include archive::staging |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was unable to find a reason for its inclusion aside from it including the archive class but I am also not even sure the archive class is required, it just installs awscli or 7zip on Windows.
manifests/enterprise/install.pp
Outdated
if $splunk::enterprise::package_provider != undef and $splunk::enterprise::package_provider != 'yum' and $splunk::enterprise::package_provider != 'apt' and $splunk::enterprise::package_provider != 'chocolatey' { | ||
include archive::staging | ||
$_src_package_filename = basename($_package_source) | ||
$_package_path_parts = [$archive::path, $splunk::enterprise::staging_subdir, $_src_package_filename] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
$archive::path isn't ever set by Class[archive]
Basic functionality of standing up a new instance of 7.2 and installing forwarder validated Thanks @nick-markowski! |
manifests/enterprise/service/nix.pp
Outdated
|
||
if $splunk::enterprise::boot_start { | ||
# Eensure splunk services *not* managed by the system service file are | ||
# Ensuure splunk services *not* managed by the system service file are |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So close! ;)
@ody Thanks for testing! It's been looking good for me too. |
manifests/forwarder/config.pp
Outdated
~> Class['splunk::forwarder::service'] | ||
|
||
File <| tag == 'splunk_forwarder' |> | ||
-> Splunkforwarder_input <| tag == 'splunk_forwarder' |> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What's the deal with only looking for resources with the specific tag?
Previously, you could declare these resources without a tag and they would notify the service.
See #50
* Default splunk version to 7.2.4.2 * Supports systemd boot-start * sysvinit file ensured absent on systemd machines when supported * net-tools ensured present on enterprise nodes splunk >= 7.2.4.2 * Removed legacy-style service management * Changed module design from Class[splunk], Class[splunk::forwarder] to Class[splunk::enterprise] and Class[splunk::forwarder] * Removed inclusion of the ::archive class * Cleaned up install logic * Allow users to disable default config (splunk/forwarder_* types) * Generate splunkforwarder_input/output with iteration, instead of create_resources * Removed ability to include enterprise and forwarder on the same machine * Forwarder and enterprise potentially share common service names and other assets, which cause issues when including both * Forwarder is simply a subset of enterprise capability and there is no need to have both * Bumped dependency on stdlib to 4.25.0 to ensure strong typing support * Allow users to specify splunk service user * Added password management to enterprise Fixes #213 Fixes #212 Fixes #210
Class[splunk::enterprise] and Class[splunk::forwarder]
to have both
assets, which cause issues when including both
Fixes #213
Fixes #212
Fixes #210
Pull Request (PR) description
This Pull Request (PR) fixes the following issues