From: Christian Hofstaedtler <[email protected]>
Signed-off-by: Christian Hofstaedtler <[email protected]> --- ext/rack/README | 76 +++++++++++++++++++++++++++++++ ext/rack/apache2.conf | 24 ++++++++++ ext/rack/config.ru | 16 +++++++ lib/puppet/application/puppetmasterd.rb | 22 +++++++-- spec/unit/application/puppetmasterd.rb | 41 +++++++++++++++++ 5 files changed, 174 insertions(+), 5 deletions(-) create mode 100644 ext/rack/README create mode 100644 ext/rack/apache2.conf create mode 100644 ext/rack/config.ru diff --git a/ext/rack/README b/ext/rack/README new file mode 100644 index 0000000..dc15158 --- /dev/null +++ b/ext/rack/README @@ -0,0 +1,76 @@ + +PUPPETMASTER AS A RACK APPLICATION +================================== + +puppetmaster can now be hosted as a standard Rack application. A proper +config.ru is provided for this. + +For more details about rack, see http://rack.rubyforge.org/ . + +Getting started +=============== + +You'll need rack installed. Puppetmaster has only been tested with version +0.9.1. + + +WEBrick +------- + +WEBrick is currently not supported as a Rack host. You'll be better off +just running puppetmasterd directly. + + +Mongrel +------- + +If you like Mongrel, and want to replicate wiki:UsingMongrel, you could +probably start your backend mongrels this way: + +cd ext/rack +for port in `seq 18140 18150`; do + rackup --server mongrel --port $port & +done + +rackup is part of the rack gem. Make sure it's in your path. + + + +Apache with Passenger (aka mod_rails) +------------------------------------- + +Make sure puppetmasterd ran at least once, so the SSL certificates +got set up. + +Install Rack: + gem install -v 0.9.1 rack + +Install Apache and Passenger: + apt-get install apache2 + gem install passenger + passenger-install-apache2-module + (See the Passenger installation instructions [1] for details.) + +Enable Apache modules: + a2enmod ssl + a2enmod headers + +Configure Apache: + cp apache2.conf /etc/apache2/conf.d/puppetmasterd + vim /etc/apache2/conf.d/puppetmasterd (replace the server hostnames) + +Install the rack application [2]: + chown puppet ext/rack/config.ru + +Go: +/etc/init.d/apache2 restart + + +[1] http://www.modrails.com/install.html + +[2] Passenger will not let applications run as root or the Apache user, +instead an implicit setuid will be done, to the user whom owns +config.ru. Therefore, config.ru shall be owned by the puppet user. + + + diff --git a/ext/rack/apache2.conf b/ext/rack/apache2.conf new file mode 100644 index 0000000..0711316 --- /dev/null +++ b/ext/rack/apache2.conf @@ -0,0 +1,24 @@ +Listen 8140 +<VirtualHost *:8140> + SSLEngine on + SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA + SSLCertificateFile /var/lib/puppet/ssl/certs/puppet-server.inqnet.at.pem + SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet-server.inqnet.at.pem + SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem + SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem + # If Apache complains about invalid signatures on the CRL, you can try disabling + # CRL checking by commenting the next line. + SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem + SSLVerifyClient optional + SSLVerifyDepth 1 + SSLOptions +StdEnvVars + + RackAutoDetect On + DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/ + <Directory /usr/share/puppet/rack/puppetmasterd/> + Options None + AllowOverride None + Order allow,deny + allow from all + </Directory> +</VirtualHost> diff --git a/ext/rack/config.ru b/ext/rack/config.ru new file mode 100644 index 0000000..171b07e --- /dev/null +++ b/ext/rack/config.ru @@ -0,0 +1,16 @@ +# a config.ru, for use with every rack-compatible webserver. +# SSL needs to be handled outside this, though. + +# if puppet is not in your RUBYLIB: +$:.push('/home/ch/puppet-cleanrack/lib') + +require 'puppet' +Puppet.settings[:name] = "puppetmasterd" + +ARGV << "--debug" +ARGV << "--rack" +require 'puppet/application/puppetmasterd' +# we're usually running inside a Rack::Builder.new {} block, +# therefore we need to call run *here*. +run Puppet::Application[:puppetmasterd].run + diff --git a/lib/puppet/application/puppetmasterd.rb b/lib/puppet/application/puppetmasterd.rb index fe92bca..85dc58f 100644 --- a/lib/puppet/application/puppetmasterd.rb +++ b/lib/puppet/application/puppetmasterd.rb @@ -2,6 +2,7 @@ require 'puppet' require 'puppet/application' require 'puppet/daemon' require 'puppet/network/server' +require 'puppet/network/http/rack' if Puppet.features.rack? Puppet::Application.new(:puppetmasterd) do @@ -10,6 +11,9 @@ Puppet::Application.new(:puppetmasterd) do option("--debug", "-d") option("--verbose", "-v") + # internal option, only to be used by ext/rack/config.ru + option("--rack") + option("--logdest", "-l") do |arg| begin Puppet::Util::Log.newdestination(arg) @@ -59,8 +63,6 @@ Puppet::Application.new(:puppetmasterd) do xmlrpc_handlers << :CA end - @daemon.server = Puppet::Network::Server.new(:xmlrpc_handlers => xmlrpc_handlers) - # Make sure we've got a localhost ssl cert Puppet::SSL::Host.localhost @@ -80,11 +82,21 @@ Puppet::Application.new(:puppetmasterd) do end end - @daemon.daemonize if Puppet[:daemonize] + if not options[:rack] + @daemon.server = Puppet::Network::Server.new(:xmlrpc_handlers => xmlrpc_handlers) + @daemon.daemonize if Puppet[:daemonize] + else + require 'puppet/network/http/rack' + @app = Puppet::Network::HTTP::Rack.new(:xmlrpc_handlers => xmlrpc_handlers, :protocols => [:rest, :xmlrpc]) + end Puppet.notice "Starting Puppet server version %s" % [Puppet.version] - @daemon.start + if not options[:rack] + @daemon.start + else + return @app + end end setup do @@ -96,7 +108,7 @@ Puppet::Application.new(:puppetmasterd) do Puppet::Util::Log.level = :info end - unless Puppet[:daemonize] + unless Puppet[:daemonize] or options[:rack] Puppet::Util::Log.newdestination(:console) options[:setdest] = true end diff --git a/spec/unit/application/puppetmasterd.rb b/spec/unit/application/puppetmasterd.rb index 5b193eb..df6f878 100644 --- a/spec/unit/application/puppetmasterd.rb +++ b/spec/unit/application/puppetmasterd.rb @@ -131,6 +131,14 @@ describe "PuppetMaster" do @puppetmasterd.run_setup end + it "should set syslog as the log destination if --rack" do + @puppetmasterd.options.stubs(:[]).with(:rack).returns(:true) + + Puppet::Log.expects(:newdestination).with(:syslog) + + @puppetmasterd.run_setup + end + it "should print puppet config if asked to in Puppet config" do @puppetmasterd.stubs(:exit) Puppet.settings.stubs(:print_configs?).returns(true) @@ -255,6 +263,8 @@ describe "PuppetMaster" do @puppetmasterd.run_preinit @server = stub_everything 'server' Puppet::Network::Server.stubs(:new).returns(@server) + @app = stub_everything 'app' + Puppet::Network::HTTP::Rack.stubs(:new).returns(@app) Puppet::SSL::Host.stubs(:localhost) Puppet::SSL::CertificateAuthority.stubs(:ca?) Process.stubs(:uid).returns(1000) @@ -325,6 +335,37 @@ describe "PuppetMaster" do @puppetmasterd.main end + describe "with --rack" do + confine "Rack is not available" => Puppet.features.rack? + + it "it should create the app with REST and XMLRPC support" do + @puppetmasterd.options.stubs(:[]).with(:rack).returns(:true) + + Puppet::Network::HTTP::Rack.expects(:new).with { |args| + args[:xmlrpc_handlers] == [:Status, :FileServer, :Master, :Report, :Filebucket] and + args[:protocols] == [:rest, :xmlrpc] + } + + @puppetmasterd.main + end + + it "it should not start a daemon" do + @puppetmasterd.options.stubs(:[]).with(:rack).returns(:true) + + @daemon.expects(:start).never + + @puppetmasterd.main + end + + it "it should return the app" do + @puppetmasterd.options.stubs(:[]).with(:rack).returns(:true) + + app = @puppetmasterd.main + app.should equal(@app) + end + + end + end end end -- 1.5.6.5 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en -~----------~----~----~----~------~----~------~--~---
