diff --git a/README.md b/README.md index 0b174ad..06595bd 100644 --- a/README.md +++ b/README.md @@ -13,28 +13,25 @@ request, you are agreeing to comply with this waiver of copyright interest. ## Getting Started Puppet Tests is developed using the following technologies: * Vagrant 2.2.3 -* Ansible 2.7.6 +* Ansible 2.7.7 * Puppet 4.8.2 After installing the above, simply navigate to the root directory and deploy the virtual machines: -`vagrant up` +`sudo chmod +x pup-tests.sh` -Vagrant will create at least two virtual machines and provision a puppet -client-server architecture using Ansible code from the /setup/ folder. You will -want to login to the puppet master: +`./pup-tests.sh create` -`vagrant ssh master` +The command above will create three virtual machines: a puppet master, +a wordpress websever, and an amanda backup server. -Sign the client's certificate and logout: +Apply any code changes with the command below (omit the machine to run +puppet on all clients): -`sudo puppet cert sign webserver` +`./pup-tests.sh apply [machine]` -`exit` +And if for some reason you come across an invalid certificate while running +puppet, you can reapply a new certificate: -Now login to the webserver and provision the machine: - -`vagrant ssh webserv` - -`sudo puppet agent -t` +`./pup-tests.sh cert-update [machine]` diff --git a/Vagrantfile b/Vagrantfile index 3e5ca59..768e1f6 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -24,16 +24,22 @@ Vagrant.configure("2") do |config| end - # Puppet Agent - config.vm.define "webserv" do |webserv| - webserv.vm.box = "debian/stretch64" - webserv.vm.hostname = "webserver" - webserv.vm.network 'private_network', ip: '192.168.121.101' + # Clients / Agents + servers = ["webserver", "backups"] + ip = 101 + + servers.each do |server| + config.vm.define "#{server}" do |node| + node.vm.box = "debian/stretch64" + node.vm.hostname = "#{server}" + node.vm.network 'private_network', ip: '192.168.121.' + ip.to_s + ip = ip + 1 + + node.vm.provision "ansible" do |ansible| + ansible.compatibility_mode = "2.0" + ansible.playbook = "setup/client.yml" + end - # Setup Puppet Agent via Ansible - webserv.vm.provision "ansible" do |ansible| - ansible.compatibility_mode = "2.0" - ansible.playbook = "setup/client.yml" end end diff --git a/code/environments/production/Puppetfile b/code/environments/production/Puppetfile index 2d26829..7fb5c9e 100644 --- a/code/environments/production/Puppetfile +++ b/code/environments/production/Puppetfile @@ -2,6 +2,7 @@ forge "http://forge.puppetlabs.com" # Custom mod 'wordpress', local: true +mod 'amanda', local: true # Forge Mods mod 'puppetlabs-apache', '4.0.0' # Supported diff --git a/code/environments/production/manifests/site.pp b/code/environments/production/manifests/site.pp index 92aaf00..6351278 100644 --- a/code/environments/production/manifests/site.pp +++ b/code/environments/production/manifests/site.pp @@ -2,3 +2,7 @@ node 'webserver' { include wordpress } +node 'backups' { + include amanda +} + diff --git a/code/environments/production/modules/amanda/manifests/init.pp b/code/environments/production/modules/amanda/manifests/init.pp new file mode 100644 index 0000000..2a04cf8 --- /dev/null +++ b/code/environments/production/modules/amanda/manifests/init.pp @@ -0,0 +1,51 @@ +class amanda { + + # Install Amanda + package { ['amanda-server','amanda-client','amanda-common']: + ensure => present + } + + # Enable "backup" user account + user { 'backup': + ensure => present, + shell => "/bin/bash" + } + + # Create important Amanda directories + file { ['/etc/amanda','/etc/amanda/MyConfig','/amanda', + '/amanda/vtapes','/amanda/holding','/amanda/state']: + ensure => directory, + owner => "backup" + } + + # Create vtape directories + file { ['/amanda/vtapes/slot1','/amanda/vtapes/slot2', + '/amanda/vtapes/slot3','/amanda/vtapes/slot4']: + ensure => directory, + owner => "backup" + } + + # State directories + file { ['/amanda/state/curinfo', + '/amanda/state/log', + '/amanda/state/index']: + ensure => directory, + owner => "backup" + } + + # Backup config + file { '/etc/amanda/MyConfig/amanda.conf': + ensure => file, + content => template('amanda/amanda.conf.epp'), + owner => "backup" + } + + # Backup locations + file { '/etc/amanda/MyConfig/disklist': + ensure => file, + content => template('amanda/disklist.epp'), + owner => "backup" + } + +} + diff --git a/code/environments/production/modules/amanda/templates/amanda.conf.epp b/code/environments/production/modules/amanda/templates/amanda.conf.epp new file mode 100644 index 0000000..9a78e57 --- /dev/null +++ b/code/environments/production/modules/amanda/templates/amanda.conf.epp @@ -0,0 +1,31 @@ +org "MyConfig" +infofile "/amanda/state/curinfo" +logdir "/amanda/state/log" +indexdir "/amanda/state/index" +dumpuser "backup" + +tpchanger "chg-disk:/amanda/vtapes" +labelstr "MyData[0-9][0-9]" +autolabel "MyData%%" EMPTY VOLUME_ERROR +tapecycle 4 +dumpcycle 3 days +amrecover_changer "changer" + +tapetype "TEST-TAPE" +define tapetype TEST-TAPE { + length 100 mbytes + filemark 4 kbytes +} + +define dumptype simple-gnutar-local { + auth "local" + compress none + program "GNUTAR" +} + +holdingdisk hd1 { + directory "/amanda/holding" + use 50 mbytes + chunksize 1 mbyte +} + diff --git a/code/environments/production/modules/amanda/templates/disklist.epp b/code/environments/production/modules/amanda/templates/disklist.epp new file mode 100644 index 0000000..7045e29 --- /dev/null +++ b/code/environments/production/modules/amanda/templates/disklist.epp @@ -0,0 +1,2 @@ +localhost /etc simple-gnutar-local + diff --git a/pup-tests.sh b/pup-tests.sh new file mode 100755 index 0000000..e9b6ed4 --- /dev/null +++ b/pup-tests.sh @@ -0,0 +1,69 @@ +#!/bin/bash + +cat << "EOF" + _____ _ _______ _ +| __ \ | | |__ __| | | +| |__) | _ _ __ _ __ ___| |_ | | ___ ___| |_ ___ +| ___/ | | | '_ \| '_ \ / _ \ __| | |/ _ \/ __| __/ __| +| | | |_| | |_) | |_) | __/ |_ | | __/\__ \ |_\__ \ +|_| \__,_| .__/| .__/ \___|\__| |_|\___||___/\__|___/ + | | | | + |_| |_| by Kris Lamoureux + +Random Puppet tests and projects written for learning +https://github.com/krislamo/pup-tests + +To the extent possible under law, Kris Lamoureux has waived +all copyright and related or neighboring rights to Puppet +Tests. This work is published from the United States. + +You can copy, modify, distribute and perform the work, even +for commercial purposes, all without asking permission. + +============================================================= + +EOF + +if [ "$1" == "create" ] +then + vagrant destroy -f + vagrant up + + vagrant ssh master -c "sudo puppet cert sign webserver" + vagrant ssh master -c "sudo puppet cert sign backups" + + vagrant ssh webserver -c "sudo puppet agent -t" + vagrant ssh backups -c "sudo puppet agent -t" +elif [ "$1" == "apply" ] +then + vagrant rsync + if [ -z "$2" ]; then + vagrant ssh webserver -c "sudo puppet agent -t" + vagrant ssh backups -c "sudo puppet agent -t"; + else + vagrant ssh $2 -c "sudo puppet agent -t"; + fi +elif [ "$1" == "cert-update" ] +then + vagrant ssh master -c "sudo puppet cert clean $2" + vagrant ssh $2 -c "sudo find /var/lib/puppet/ssl -name $2.pem -delete" + vagrant ssh $2 -c "sudo puppet agent -t" + sleep 3 + vagrant ssh master -c "sudo puppet cert sign $2" + sleep 3 + vagrant ssh $2 -c "sudo puppet agent -t" +elif [ "$1" == "help" ] +then + cat << "EOF" + Commands + + create creates the environment from the ground up + apply syncs code and runs the puppet agent on specified client + cert-update update SSL cert + help displays this page +EOF + +else + printf "Error: Command \"$1\" unknown. See \"./pup-tests.sh help\"\n" +fi + diff --git a/setup/roles/common/templates/hosts.j2 b/setup/roles/common/templates/hosts.j2 index 2590626..25b6939 100644 --- a/setup/roles/common/templates/hosts.j2 +++ b/setup/roles/common/templates/hosts.j2 @@ -8,4 +8,5 @@ ff02::2 ip6-allrouters 192.168.121.100 puppet 192.168.121.101 webserver +192.168.121.102 amanda