github
/
puppetlabs-puppet
зеркало из https://github.com/github/puppetlabs-puppet.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Switched puppetmasterd to use the new-style server plumbing. 

The code is much cleaner, and it seems to be mostly
functional, but we have to pick a strategy for signing
the host's certificate on first startup.  Also, I haven't
actually done end-to-end testing yet, which needs the certs
working first.
This commit is contained in:
Luke Kanies 2008-05-02 13:47:44 -05:00
Родитель 4c590df607
Коммит 6356c043a4
5 изменённых файлов: 43 добавлений и 105 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

122
bin/puppetmasterd
Просмотреть файл

@ -8,8 +8,7 @@
# = Usage
#
# puppetmasterd [-D|--daemonize|--no-daemonize] [-d|--debug] [-h|--help]
# [-l|--logdest <file>|console|syslog] [--nobucket] [--nonodes]
# [-v|--verbose] [-V|--version]
# [-l|--logdest <file>|console|syslog] [-v|--verbose] [-V|--version]
#
# = Description
#
@ -22,7 +21,7 @@
# parameter, so you can specify '--ssldir <directory>' as an argument.
#
# See the configuration file documentation at
# http://reductivelabs.com/projects/puppet/reference/configref.html for
# http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference for
# the full list of acceptable parameters. A commented list of all
# configuration options can also be generated by running puppetmasterdd with
# '--genconfig'.
@ -44,16 +43,6 @@
# Defaults to sending messages to syslog, or the console
# if debugging or verbosity is enabled.
#
# nobucket::
# Do not function as a file bucket.
#
# nonodes::
# Do not use individual node designations; each node will receive the result
# of evaluating the entire configuration.
#
# noreports::
# Do not start the reports server.
#
# verbose::
# Enable verbosity.
#
@ -81,16 +70,12 @@ end
require 'getoptlong'
require 'puppet'
require 'puppet/network/handler'
require 'puppet/sslcertificates'
require 'puppet/network/server'
options = [
[ "--debug", "-d", GetoptLong::NO_ARGUMENT ],
[ "--help", "-h", GetoptLong::NO_ARGUMENT ],
[ "--logdest", "-l", GetoptLong::REQUIRED_ARGUMENT ],
[ "--nobucket", GetoptLong::NO_ARGUMENT ],
[ "--noreports", GetoptLong::NO_ARGUMENT ],
[ "--nonodes", GetoptLong::NO_ARGUMENT ],
[ "--verbose", "-v", GetoptLong::NO_ARGUMENT ],
[ "--version", "-V", GetoptLong::NO_ARGUMENT ]
]
@ -100,15 +85,7 @@ Puppet.settings.addargs(options)
result = GetoptLong.new(*options)
master = {}
ca = {}
report = {}
bucket = {}
options = {
:havereport => true,
:havebucket => true,
:havemaster => true,
:setdest => false,
:verbose => false,
:debug => false
@ -128,14 +105,6 @@ begin
puts "No help available unless you have RDoc::usage installed"
exit
end
when "--noreports"
options[:havereport] = false
when "--nomaster"
options[:havemaster] = false
when "--nobucket"
options[:havebucket] = false
when "--nonodes"
master[:UseNodes] = false
when "--logdest"
begin
Puppet::Util::Log.newdestination(arg)
@ -193,85 +162,39 @@ Puppet::Node.cache_class = :yaml
require 'etc'
handlers = {
:Status => {},
:FileServer => {}
}
if options[:havemaster]
handlers[:Master] = master
end
if options[:havereport]
handlers[:Report] = report
end
if Puppet[:ca]
handlers[:CA] = ca
end
if options[:havebucket]
handlers[:FileBucket] = bucket
end
if Puppet[:parseonly]
begin
Puppet::Network::Handler.master.new(master)
Puppet::Parser::Interpreter.new.parser(Puppet[:environment])
rescue => detail
if Puppet[:trace]
puts detail.backtrace
end
$stderr.puts detail
exit(32)
Puppet.err detail
exit 1
end
# we would have already exited if the file weren't syntactically correct
exit(0)
end
webserver = server = nil
begin
case Puppet[:servertype]
when "webrick"
# use the default, um, everything
require 'puppet/network/http_server/webrick'
webserver = server = Puppet::Network::HTTPServer::WEBrick.new(:Handlers => handlers)
when "mongrel":
require 'puppet/network/http_server/mongrel'
server = Puppet::Network::HTTPServer::Mongrel.new(handlers)
addr = Puppet[:bindaddress]
if addr == ""
addr = "127.0.0.1"
end
webserver = Mongrel::HttpServer.new(addr, Puppet[:masterport])
webserver.register("/", server)
else
Puppet.err "Invalid server type %s" % Puppet[:servertype]
exit(45)
end
rescue => detail
if Puppet[:trace]
puts detail.backtrace
end
$stderr.puts detail
exit(1)
end
require 'puppet/file_serving/content'
require 'puppet/file_serving/metadata'
require 'puppet/checksum'
xmlrpc_handlers = [:Status, :FileServer, :Master, :Report, :CA, :Filebucket]
rest_handlers = [:file_content, :file_metadata, :certificate, :facts, :catalog, :report, :checksum]
server = Puppet::Network::Server.new(:handlers => rest_handlers, :xmlrpc_handlers => xmlrpc_handlers)
if Process.uid == 0
begin
Puppet::Util.chuser
rescue => detail
if Puppet[:debug]
puts detail.backtrace
end
puts detail.backtrace if Puppet[:trace]
$stderr.puts "Could not change user to %s: %s" % [Puppet[:user], detail]
exit(39)
end
end
# Mongrel doesn't shut down like webrick; we really need to write plugins for it.
if Puppet[:servertype] == "webrick"
Puppet.newservice(server)
end
# Tell Puppet to manage this service for us, which has it starting and stopping
# as appropriate.
Puppet.newservice(server)
Puppet.settraps
if Puppet[:daemonize]
@ -279,10 +202,5 @@ if Puppet[:daemonize]
end
Puppet.notice "Starting Puppet server version %s" % [Puppet.version]
case Puppet[:servertype]
when "webrick"
Puppet.start
when "mongrel":
webserver.run.join
end
Puppet.start

5
lib/puppet/network/http/webrick.rb
Просмотреть файл

@ -1,6 +1,7 @@
require 'webrick'
require 'webrick/https'
require 'puppet/network/http/webrick/rest'
require 'puppet/network/xmlrpc/webrick_servlet'
require 'thread'
require 'puppet/ssl/certificate'
@ -106,7 +107,7 @@ class Puppet::Network::HTTP::WEBrick
results[:SSLCACertificateFile] = Puppet[:localcacert]
results[:SSLVerifyClient] = OpenSSL::SSL::VERIFY_PEER
results[:SSLCertificateStore] = setup_ssl_store if Puppet[:hostcrl] != 'false'
results[:SSLCertificateStore] = setup_ssl_store if Puppet[:crl]
results
end
@ -114,7 +115,7 @@ class Puppet::Network::HTTP::WEBrick
# Create our Certificate revocation list
def setup_ssl_store
unless crl = Puppet::SSL::CertificateRevocationList.find("ca")
raise Puppet::Error, "Could not find CRL; set 'hostcrl' to 'false' to disable CRL usage"
raise Puppet::Error, "Could not find CRL; set 'crl' to 'false' to disable CRL usage"
end
store = OpenSSL::X509::Store.new
store.purpose = OpenSSL::X509::PURPOSE_ANY

8
lib/puppet/network/server.rb
Просмотреть файл

@ -84,6 +84,14 @@ class Puppet::Network::Server
http_server_class_by_type(@server_type)
end
def start
listen
end
def stop
unlisten
end
private
def http_server

3
spec/unit/network/http/webrick.rb
Просмотреть файл

@ -411,6 +411,7 @@ describe Puppet::Network::HTTP::WEBrick do
it "should add an x509 store if the CRL is enabled" do
Puppet.settings.stubs(:value).returns "whatever"
Puppet.settings.stubs(:value).with(:crl).returns true
Puppet.settings.stubs(:value).with(:hostcrl).returns '/my/crl'
@server.expects(:setup_ssl_store).returns("mystore")
@ -420,7 +421,7 @@ describe Puppet::Network::HTTP::WEBrick do
it "should not add an x509 store if the CRL is disabled" do
Puppet.settings.stubs(:value).returns "whatever"
Puppet.settings.stubs(:value).with(:hostcrl).returns 'false'
Puppet.settings.stubs(:value).with(:crl).returns false
@server.expects(:setup_ssl_store).never

10
spec/unit/network/server.rb
Просмотреть файл

@ -98,6 +98,16 @@ describe Puppet::Network::Server do
@server = Puppet::Network::Server.new(:address => "127.0.0.1", :port => 31337)
end
it "should listen when started" do
@server.expects(:listen)
@server.start
end
it "should unlisten when stopped" do
@server.expects(:unlisten)
@server.stop
end
describe "when managing indirection registrations" do
before do
Puppet::Indirector::Indirection.stubs(:model).returns mock('indirection')