diff options
| author | James Shubin <james@shubin.ca> | 2014-01-15 18:20:11 -0500 |
|---|---|---|
| committer | James Shubin <james@shubin.ca> | 2014-01-15 18:25:54 -0500 |
| commit | 48455ac24e72ab8ade4217a1370c35bc6f92dd2b (patch) | |
| tree | 9e0607d9a7ac81c34a1e1268765766bab8cd04da | |
| parent | de7bca145345ee35072218382f6f02e98f30ea92 (diff) | |
| download | puppet-gluster-48455ac24e72ab8ade4217a1370c35bc6f92dd2b.tar.gz puppet-gluster-48455ac24e72ab8ade4217a1370c35bc6f92dd2b.tar.xz puppet-gluster-48455ac24e72ab8ade4217a1370c35bc6f92dd2b.zip | |
Make it easier to enable/disable the firewall.
This patch adds a --gluster-firewall=true|false option for vagrant.
| -rw-r--r-- | vagrant/gluster/Vagrantfile | 20 | ||||
| -rw-r--r-- | vagrant/gluster/puppet/manifests/site.pp | 28 |
2 files changed, 41 insertions, 7 deletions
diff --git a/vagrant/gluster/Vagrantfile b/vagrant/gluster/Vagrantfile index 4233942..5066867 100644 --- a/vagrant/gluster/Vagrantfile +++ b/vagrant/gluster/Vagrantfile @@ -60,6 +60,7 @@ offset = 100 # start gluster hosts after here # mutable by ARGV and settings file count = 4 # default number of gluster hosts to build version = '' # default gluster version (empty string means latest!) +firewall = false # default firewall enabled (FIXME: default to true when keepalived bug is fixed) # # ARGV parsing @@ -72,6 +73,7 @@ if File.exist?(f) settings = YAML::load_file f count = settings[:count] version = settings[:version] + firewall = settings[:firewall] end # ARGV parser @@ -91,13 +93,24 @@ while skip < ARGV.length version = v.to_s # set gluster version + elsif ARGV[skip].start_with?(arg='--gluster-firewall=') + v = ARGV.delete_at(skip).dup + v.slice! arg + + firewall = v.to_s # set firewall flag + if ['false', 'no'].include?(firewall.downcase) + firewall = false + else + firewall = true + end + else # skip over "official" vagrant args skip = skip + 1 end end # save settings (ARGV overrides) -settings = {:count => count, :version => version} +settings = {:count => count, :version => version, :firewall => firewall} File.open(f, 'w') do |file| file.write settings.to_yaml end @@ -248,7 +261,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| # custom fact puppet.facter = { 'vagrant' => '1', - #'vagrant_puppet_allow' => "#{network.to_s}/#{cidr}", # TODO ? + 'vagrant_gluster_firewall' => firewall ? 'true' : 'false', + 'vagrant_gluster_allow' => (1..count).map{|z| range[offset+z].to_s}.join(','), } end end @@ -323,6 +337,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| puppet.facter = { 'vagrant' => '1', 'vagrant_gluster_vip' => vip_ip, + 'vagrant_gluster_firewall' => firewall ? 'true' : 'false', + 'vagrant_gluster_allow' => (1..count).map{|z| range[offset+z].to_s}.join(','), 'gluster_package_version' => version, } end diff --git a/vagrant/gluster/puppet/manifests/site.pp b/vagrant/gluster/puppet/manifests/site.pp index fa849c5..c13726c 100644 --- a/vagrant/gluster/puppet/manifests/site.pp +++ b/vagrant/gluster/puppet/manifests/site.pp @@ -9,6 +9,12 @@ node default { # puppetmaster node puppet inherits default { + if "${::vagrant_gluster_firewall}" != 'false' { + include firewall + } + + $allow = split("${::vagrant_gluster_allow}", ',') # ip list fact + class { '::puppet::server': pluginsync => true, # do we want to enable pluginsync? storeconfigs => true, # do we want to enable storeconfigs? @@ -17,9 +23,12 @@ node puppet inherits default { #"*.${domain}", # FIXME: this is a temporary solution ], #allow_duplicate_certs => true, # redeploy without cert clean - #allow => XXX, # also used in fileserver.conf + allow => $allow, # also used in fileserver.conf repo => true, # automatic repos - shorewall => false, # XXX: for now... + shorewall => "${::vagrant_gluster_firewall}" ? { + 'false' => false, + default => true, + }, start => true, } @@ -31,7 +40,9 @@ node puppet inherits default { node /^annex\d+$/ inherits default { # annex{1,2,..N} - #include firewall # XXX: for now... + if "${::vagrant_gluster_firewall}" != 'false' { + include firewall + } class { '::puppet::client': #start => true, @@ -42,7 +53,10 @@ node /^annex\d+$/ inherits default { # annex{1,2,..N} class { '::gluster::simple': vip => "${::vagrant_gluster_vip}", # from vagrant vrrp => true, - shorewall => false, # XXX: for now... + shorewall => "${::vagrant_gluster_firewall}" ? { + 'false' => false, + default => true, + }, } } @@ -54,7 +68,11 @@ node /^annex\d+$/ inherits default { # annex{1,2,..N} # } # # class { '::gluster::client': -# shorewall => false, # XXX: for now... +# shorewall => "${::vagrant_gluster_firewall}" ? { +# 'false' => false, +# default => true, +# }, +# # } #} |