Antoine Beaupre
2008-Feb-15 16:57 UTC
[PATCH 1/5] provide a way to completely initialize a xen0 server, except for the reboot
From: anarcat <anarcat@koumbit.org>
---
manifests/xen.pp | 22 ++++++++++++++++++++--
1 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/manifests/xen.pp b/manifests/xen.pp
index afaa59c..613c15a 100644
--- a/manifests/xen.pp
+++ b/manifests/xen.pp
@@ -25,8 +25,13 @@ class xen::domain {
''absent'': { err("xen::domain configured, but not
detected") }
}
- package { libc6-xen:
- ensure => $xen_ensure,
+ case $architecture {
+ ''amd64'': {}
+ default: {
+ package { libc6-xen:
+ ensure => $xen_ensure,
+ }
+ }
}
config_file {
@@ -36,3 +41,16 @@ class xen::domain {
}
}
+
+class xen::domain::xen0 inherits xen::domain {
+ # install the packages required for xen
+ # TODO: this should be followed by a reboot
+ package {
+ [
+ "xen-hypervisor-3.0.3-1-$architecture",
+ "linux-image-xen-$architecture",
+ ''libsysfs2''
+ ]:
+ ensure => present
+ }
+}
--
1.5.3.7
From: anarcat <anarcat@koumbit.org>
only works with LVM for now
---
files/xen-tools.conf | 184 ++++++++++++++++++++++++++++++++++++++++++++++++++
manifests/xen.pp | 58 +++++++++++++++-
2 files changed, 241 insertions(+), 1 deletions(-)
create mode 100644 files/xen-tools.conf
diff --git a/files/xen-tools.conf b/files/xen-tools.conf
new file mode 100644
index 0000000..e766551
--- /dev/null
+++ b/files/xen-tools.conf
@@ -0,0 +1,184 @@
+#
+# /etc/xen-tools/xen-tools.conf
+#
+# Global configuration file for the scripts included with Xen-tools.
+#
+# Values may be set here so they don''t need to be specified upon the
+# command line.
+#
+# Steve
+# --
+#
+
+
+
+#
+##
+# Output directory for storing loopback images.
+#
+# If you choose to use loopback images, which are simple to manage but
+# slower than LVM partitions, then specify a directory here and uncomment
+# the line.
+#
+# New instances will be stored in subdirectories named after their
+# hostnames.
+#
+##
+# dir = /home/xen
+#
+
+#
+##
+#
+# If you don''t wish to use loopback images then you may specify an
+# LVM volume group here instead
+#
+##
+# lvm = skx-vg
+
+
+#
+##
+#
+# Installation method.
+#
+# There are four different methods you can use to install a new copy
+# of Linux to use in your Xen guest domain:
+#
+# - Installation via the debootstrap command.
+# - Installation via the rpmstrap command.
+# - Installation by copying a directory containing a previous installation.
+# - Installation by untarring a previously archived image.
+#
+# NOTE That if you use the "untar", or "copy" options you
should ensure
+# that the image you''re left with matches the ''dist''
setting later in
+# this file.
+#
+# Note that you can only uncomment one method - they are mutually exclusive.
+# However the command line installation method will allow you to override
+# the choice you make here.
+#
+##
+#
+# copy = /path/to/pristine/image
+# debootstrap = 1
+# rpmstrap = 1
+# tar = /path/to/img.tar
+#
+
+#
+##
+# Command definitions.
+##
+#
+# The "debootstrap" and "rpmstrap" commands are hardwired,
but if you
+# wish to alter the commands invoked when using the "--copy" +
"--tar"
+# options you can adjust these two settings:
+#
+# --copy:
+# copy-cmd = /bin/cp -a $src/* $dest
+#
+# --tar:
+# tar-cmd = /bin/tar --numeric-owner -xvf $src
+#
+#
+
+
+
+#
+##
+# Disk and Sizing options.
+##
+#
+size = 4Gb # Disk image size.
+memory = 128Mb # Memory size
+swap = 128Mb # Swap size
+# noswap = 1 # Don''t use swap at all for the new system.
+fs = ext3 # use the EXT3 filesystem for the disk image.
+dist = sarge # Default distribution to install.
+image = sparse # Specify sparse vs. full disk images.
+
+#
+# Currently supported and tested distributions include:
+#
+# sid - Debian
+# sarge - Debian
+# etch - Debian
+# dapper - Ubuntu
+# centos4 - CentOS 4
+# fedora-core4 - Fedora Core 4 (codname stentz)
+#
+
+
+
+##
+# Networking setup values.
+##
+
+#
+# Uncomment and adjust these network settings if you wish to give your
+# new instances static IP addresses.
+#
+# gateway = 192.168.1.1
+# netmask = 255.255.255.0
+#
+# Uncomment this if you wish the images to use DHCP
+#
+# dhcp = 1
+
+
+##
+# Misc options
+##
+
+#
+# Uncomment the following line if you wish to disable the caching
+# of downloaded .deb files when using debootstrap to install images.
+#
+# cache = no
+#
+
+#
+# Uncomment the following line if you wish to interactively setup
+# a new anarcat password for images.
+#
+# passwd = 1
+
+#
+# If you''d like all accounts on your host system which are not present
+# on the guest system to be copied over then uncomment the following line.
+#
+# accounts = 1
+#
+
+#
+# Default kernel and ramdisk to use for the virtual servers
+#
+kernel = /usr/lib/xen-3.0.3-1/bin/pygrub
+#initrd = /boot/initrd.img-2.6.16-2-xen-686
+
+#
+# The architecture to use when using debootstrap or rpmstrap.
+#
+# This is most useful on 64 bit host machines, for other systems it
+# doesn''t need to be used.
+#
+# arch=i386
+#
+
+#
+# The default mirror for debootstrap which can be used to install
+# Debian Sid, Sarge, and Etch.
+#
+mirror = http://ftp.us.debian.org/debian/
+
+#
+# A mirror suitable for use when installing the Dapper release of Ubuntu.
+#
+# mirror = http://gb.archive.ubuntu.com/ubuntu/
+
+#
+# Uncomment if you wish newly created images to boot once they''ve
been
+# created.
+#
+# boot = 1
diff --git a/manifests/xen.pp b/manifests/xen.pp
index 613c15a..935adf2 100644
--- a/manifests/xen.pp
+++ b/manifests/xen.pp
@@ -49,8 +49,64 @@ class xen::domain::xen0 inherits xen::domain {
[
"xen-hypervisor-3.0.3-1-$architecture",
"linux-image-xen-$architecture",
- ''libsysfs2''
+ ''libsysfs2'',
+ ''xen-tools''
]:
ensure => present
}
+ file { "/etc/xen-tools/xen-tools.conf":
+ source => "puppet://$servername/virtual/xen-tools.conf",
+ mode => 0644, owner => anarcat, group => root,
+ require => Package[''xen-tools''];
+ }
+}
+
+# XXX: we have a logic issue here: if xen::domain is a class applied on a node,
+# then a xen::domain::xenU would also be applied on a node, but then it
+# couldn''t be used to create the node in the first place since the
node
+# wouldn''t exist...
+# chicken and egg. we therefore don''t define xenU as a class but as a
define
+# that is applied on the parent xen0
+
+# ensure: present
+# TODO: running, stopped, absent... (in that order?)
+# TODO: resize LVM when $size changes?
+define xen::domain::xenU($ensure, $memory, $size, $swapsize = 0, $role =
"minimal", $vg = "vg00",
+ $ip = "", $netmask = "255.255.255.0", $gateway =
"", $mac = "") {
+ case $name { '''': { fail ( "Cannot create Xen domain
with empty name" ) } }
+ case $swapsize {
+ 0: {
+ $swap = "--noswap"
+ }
+ default: {
+ $swap = "--swap $swapsize"
+ }
+ }
+ case $gatway { "": { $gateway_flag = "" } default: {
$gateway_flag = "--gateway $gateway" } }
+ case $mac { "": { $mac_flag = "" } default: { $mac_flag
= "--mac $mac" } }
+ case $ip {
+ "": {
+ $network = "--dhcp $mac_flag"
+ }
+ default: {
+ $network = "--ip $ip --netmask $netmask $gateway_flag $mac_flag"
+ }
+ }
+ case $ensure {
+ "present": {
+ exec { "/usr/bin/xen-create-image --lvm $vg --memory $memory --size
$size $swap --hostname $name $network --debootstrap --role $role":
+ creates => "/dev/mapper/$vg-$name--disk",
+ alias => "xen_create_$name",
+ require => [ Package[''xen-tools''],
File[''/etc/xen-tools/xen-tools.conf'']],
+ }
+ }
+ "absent": {
+ exec { "/usr/bin/xen-delete-image --lvm $vg $name":
+ onlyif => "/usr/bin/test -e /dev/mapper/$vg-$name--disk",
+ alias => "xen_delete_$name",
+ require => [ Package[''xen-tools''],
File[''/etc/xen-tools/xen-tools.conf'']],
+ }
+ }
+ default: { err("${fqdn}: xen domain $name: unknown ensure
''${ensure}''") }
+ }
}
--
1.5.3.7
Antoine Beaupre
2008-Feb-15 16:57 UTC
[PATCH 3/5] add a puppet role to bootstrap puppet domUs
From: anarcat <anarcat@koumbit.org>
---
files/puppet.role.d | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++
files/xen-tools.conf | 4 +-
manifests/xen.pp | 23 +++++++++++++++--
3 files changed, 86 insertions(+), 5 deletions(-)
create mode 100644 files/puppet.role.d
diff --git a/files/puppet.role.d b/files/puppet.role.d
new file mode 100644
index 0000000..01cb74d
--- /dev/null
+++ b/files/puppet.role.d
@@ -0,0 +1,64 @@
+#!/bin/sh
+#
+# Configure the new image to be a minimal image, by removing
+# a packages I don''t care about - and installing some alternatives.
+#
+# Steve
+# --
+# http://www.steve.org.uk/
+#
+# (I strongly suggest to edit the default configurations of Xen
+# /etc/xen-tools/xen-tools.conf, before using this role.)
+# We can use this role the following way.
+# xen-create-image --role=minimal-puppet --hostname=pichu.exemple.net \
+# --ip=10.11.12.50
+#
+# Sebastien
+
+prefix=$1
+
+
+
+#
+# Source our common functions - this will let us install a Debian package.
+#
+if [ -e /usr/lib/xen-tools/common.sh ]; then
+ . /usr/lib/xen-tools/common.sh
+else
+ echo "Installation problem"
+fi
+
+# install puppet which should self-configure
+installDebianPackage ${prefix} puppet
+
+
+#
+# Remove some standard packages.
+#
+
+# PPP stuff.
+removeDebianPackage ${prefix} pppconfig
+removeDebianPackage ${prefix} pppoeconf
+removeDebianPackage ${prefix} pppoe
+removeDebianPackage ${prefix} ppp
+removeDebianPackage ${prefix} libpcap0.7
+
+# Editors
+#removeDebianPackage ${prefix} nano
+#removeDebianPackage ${prefix} ed
+#removeDebianPackage ${prefix} nvi
+
+# Syslog
+#removeDebianPackage ${prefix} klogd
+#removeDebianPackage ${prefix} sysklogd
+
+# manpages
+#removeDebianPackage ${prefix} manpages
+#removeDebianPackage ${prefix} man-db
+#removeDebianPackage ${prefix} info
+
+# misc
+#removeDebianPackage ${prefix} tasksel
+removeDebianPackage ${prefix} pciutils
+removeDebianPackage ${prefix} fdutils
+#removeDebianPackage ${prefix} cpio
diff --git a/files/xen-tools.conf b/files/xen-tools.conf
index e766551..d378af0 100644
--- a/files/xen-tools.conf
+++ b/files/xen-tools.conf
@@ -154,8 +154,8 @@ image = sparse # Specify sparse vs. full disk images.
#
# Default kernel and ramdisk to use for the virtual servers
#
-kernel = /usr/lib/xen-3.0.3-1/bin/pygrub
-#initrd = /boot/initrd.img-2.6.16-2-xen-686
+kernel = /boot/vmlinuz-2.6.18-6-xen-686
+initrd = /boot/initrd.img-2.6.18-6-xen-686
#
# The architecture to use when using debootstrap or rpmstrap.
diff --git a/manifests/xen.pp b/manifests/xen.pp
index 935adf2..66f22d0 100644
--- a/manifests/xen.pp
+++ b/manifests/xen.pp
@@ -58,6 +58,10 @@ class xen::domain::xen0 inherits xen::domain {
source => "puppet://$servername/virtual/xen-tools.conf",
mode => 0644, owner => anarcat, group => root,
require => Package[''xen-tools''];
+ "/etc/xen-tools/role.d/puppet":
+ source => "puppet://$servername/virtual/puppet.role.d",
+ mode => 0644, owner => anarcat, group => root,
+ require => Package[''xen-tools''];
}
}
@@ -71,7 +75,8 @@ class xen::domain::xen0 inherits xen::domain {
# ensure: present
# TODO: running, stopped, absent... (in that order?)
# TODO: resize LVM when $size changes?
-define xen::domain::xenU($ensure, $memory, $size, $swapsize = 0, $role =
"minimal", $vg = "vg00",
+# TODO: require File[/etc/xen-tools/role.d/$role]?
+define xen::domain::xenU($ensure, $memory, $size, $swapsize = 0, $role =
"minimal", $vg = "vg00", $dist = "etch",
$ip = "", $netmask = "255.255.255.0", $gateway =
"", $mac = "") {
case $name { '''': { fail ( "Cannot create Xen domain
with empty name" ) } }
case $swapsize {
@@ -92,9 +97,12 @@ define xen::domain::xenU($ensure, $memory, $size, $swapsize =
0, $role = "minima
$network = "--ip $ip --netmask $netmask $gateway_flag $mac_flag"
}
}
+ # XXX: crude hack to workaround the fact that xen-tools don''t like
my bootloader = directive
+ $flags = "--kernel /boot/vmlinuz-2.6.18-6-xen-$architecture --initrd
/boot/initrd.img-2.6.18-6-xen-$architecture"
+ # stage one: insure the domU exists
case $ensure {
- "present": {
- exec { "/usr/bin/xen-create-image --lvm $vg --memory $memory --size
$size $swap --hostname $name $network --debootstrap --role $role":
+ "running","present": {
+ exec { "/usr/bin/xen-create-image $flags --lvm $vg --memory $memory
--size $size $swap --hostname $name $network --debootstrap --dist $dist --role
$role":
creates => "/dev/mapper/$vg-$name--disk",
alias => "xen_create_$name",
require => [ Package[''xen-tools''],
File[''/etc/xen-tools/xen-tools.conf'']],
@@ -109,4 +117,13 @@ define xen::domain::xenU($ensure, $memory, $size, $swapsize
= 0, $role = "minima
}
default: { err("${fqdn}: xen domain $name: unknown ensure
''${ensure}''") }
}
+ case $ensure {
+ "running": {
+ exec { "/usr/sbin/xm create ${name}.cfg":
+ unless => "/usr/sbin/xm list | /bin/grep ${name}",
+ # XXX: a bit abusive, since we would also need a reboot if this is the first
kernel install...
+ require => [ Exec["xen_create_$name"],
Package["linux-image-xen-$architecture"],
Package["xen-hypervisor-3.0.3-1-$architecture"] ],
+ }
+ }
+ }
}
--
1.5.3.7
From: anarcat <anarcat@koumbit.org>
---
files/xend-config.sxp | 138 +++++++++++++++++++++++++++++++++++++++++++++++++
manifests/xen.pp | 13 ++++-
2 files changed, 149 insertions(+), 2 deletions(-)
create mode 100644 files/xend-config.sxp
diff --git a/files/xend-config.sxp b/files/xend-config.sxp
new file mode 100644
index 0000000..1a0404c
--- /dev/null
+++ b/files/xend-config.sxp
@@ -0,0 +1,138 @@
+# -*- sh -*-
+# manage by puppet
+# the only modification done here is to setup the network with network-bridge
+
+#
+# Xend configuration file.
+#
+
+# This example configuration is appropriate for an installation that
+# utilizes a bridged network configuration. Access to xend via http
+# is disabled.
+
+# Commented out entries show the default for that entry, unless otherwise
+# specified.
+
+#(logfile /var/log/xen/xend.log)
+#(loglevel DEBUG)
+
+#(xend-http-server no)
+#(xend-unix-server no)
+#(xend-tcp-xmlrpc-server no)
+#(xend-unix-xmlrpc-server yes)
+#(xend-relocation-server no)
+
+#(xend-unix-path /var/lib/xend/xend-socket)
+
+# Port xend should use for the HTTP interface, if xend-http-server is set.
+#(xend-port 8000)
+
+# Port xend should use for the relocation interface, if xend-relocation-server
+# is set.
+#(xend-relocation-port 8002)
+
+# Address xend should listen on for HTTP connections, if xend-http-server is
+# set.
+# Specifying ''localhost'' prevents remote connections.
+# Specifying the empty string '''' (the default) allows all
connections.
+#(xend-address '''')
+#(xend-address localhost)
+
+# Address xend should listen on for relocation-socket connections, if
+# xend-relocation-server is set.
+# Meaning and default as for xend-address above.
+#(xend-relocation-address '''')
+
+# The hosts allowed to talk to the relocation port. If this is empty (the
+# default), then all connections are allowed (assuming that the connection
+# arrives on a port and interface on which we are listening; see
+# xend-relocation-port and xend-relocation-address above). Otherwise, this
+# should be a space-separated sequence of regular expressions. Any host with
+# a fully-qualified domain name or an IP address that matches one of these
+# regular expressions will be accepted.
+#
+# For example:
+# (xend-relocation-hosts-allow ''^localhost$
^.*\.example\.org$'')
+#
+#(xend-relocation-hosts-allow '''')
+
+# The limit (in kilobytes) on the size of the console buffer
+#(console-limit 1024)
+
+##
+# To bridge network traffic, like this:
+#
+# dom0: fake eth0 -> vif0.0 -+
+# |
+# bridge -> real eth0 -> the network
+# |
+# domU: fake eth0 -> vifN.0 -+
+#
+# use
+#
+# (network-script network-bridge)
+#
+# Your default ethernet device is used as the outgoing interface, by default.
+# To use a different one (e.g. eth1) use
+#
+# (network-script ''network-bridge netdev=eth1'')
+#
+# The bridge is named xenbr0, by default. To rename the bridge, use
+#
+# (network-script ''network-bridge bridge=<name>'')
+#
+# It is possible to use the network-bridge script in more complicated
+# scenarios, such as having two outgoing interfaces, with two bridges, and
+# two fake interfaces per guest domain. To do things like this, write
+# yourself a wrapper script, and call network-bridge from it, as appropriate.
+#
+#(network-script network-dummy)
+(network-script network-bridge)
+
+# The script used to control virtual interfaces. This can be overridden on a
+# per-vif basis when creating a domain or a configuring a new vif. The
+# vif-bridge script is designed for use with the network-bridge script, or
+# similar configurations.
+#
+# If you have overridden the bridge name using
+# (network-script ''network-bridge bridge=<name>'') then
you may wish to do the
+# same here. The bridge name can also be set when creating a domain or
+# configuring a new vif, but a value specified here would act as a default.
+#
+# If you are using only one bridge, the vif-bridge script will discover that,
+# so there is no need to specify it explicitly.
+#
+(vif-script vif-bridge)
+
+
+## Use the following if network traffic is routed, as an alternative to the
+# settings for bridged networking given above.
+#(network-script network-route)
+#(vif-script vif-route)
+
+
+## Use the following if network traffic is routed with NAT, as an alternative
+# to the settings for bridged networking given above.
+#(network-script network-nat)
+#(vif-script vif-nat)
+
+
+# Dom0 will balloon out when needed to free memory for domU.
+# dom0-min-mem is the lowest memory level (in MB) dom0 will get down to.
+# If dom0-min-mem=0, dom0 will never balloon out.
+(dom0-min-mem 196)
+
+# In SMP system, dom0 will use dom0-cpus # of CPUS
+# If dom0-cpus = 0, dom0 will take all cpus available
+(dom0-cpus 0)
+
+# Whether to enable core-dumps when domains crash.
+#(enable-dump no)
+
+# The tool used for initiating virtual TPM migration
+#(external-migration-tool '''')
+
+# The interface for VNC servers to listen on. Defaults
+# to 127.0.0.1 To restore old ''listen everywhere'' behaviour
+# set this to 0.0.0.0
+#(vnc-listen ''127.0.0.1'')
diff --git a/manifests/xen.pp b/manifests/xen.pp
index 66f22d0..fc196c8 100644
--- a/manifests/xen.pp
+++ b/manifests/xen.pp
@@ -50,14 +50,23 @@ class xen::domain::xen0 inherits xen::domain {
"xen-hypervisor-3.0.3-1-$architecture",
"linux-image-xen-$architecture",
''libsysfs2'',
- ''xen-tools''
+ ''xen-tools'',
+ ''xen-utils-common''
]:
ensure => present
}
+ service { "xend":
+ ensure => "running",
+ }
file { "/etc/xen-tools/xen-tools.conf":
source => "puppet://$servername/virtual/xen-tools.conf",
mode => 0644, owner => anarcat, group => root,
require => Package[''xen-tools''];
+ "/etc/xen/xend-config.sxp":
+ source => "puppet://$servername/virtual/xend-config.sxp",
+ mode => 0644, owner => anarcat, group => root,
+ notify => Service[''xend''],
+ require => Package[''xen-utils-common''];
"/etc/xen-tools/role.d/puppet":
source => "puppet://$servername/virtual/puppet.role.d",
mode => 0644, owner => anarcat, group => root,
@@ -122,7 +131,7 @@ define xen::domain::xenU($ensure, $memory, $size, $swapsize
= 0, $role = "minima
exec { "/usr/sbin/xm create ${name}.cfg":
unless => "/usr/sbin/xm list | /bin/grep ${name}",
# XXX: a bit abusive, since we would also need a reboot if this is the first
kernel install...
- require => [ Exec["xen_create_$name"],
Package["linux-image-xen-$architecture"],
Package["xen-hypervisor-3.0.3-1-$architecture"] ],
+ require => [ Exec["xen_create_$name"],
Package["linux-image-xen-$architecture"],
Package["xen-hypervisor-3.0.3-1-$architecture"],
File["/etc/xen/xend-config.sxp"]],
}
}
}
--
1.5.3.7
Antoine Beaupre
2008-Feb-15 16:57 UTC
[PATCH 5/5] add bridge-utils to make the bridge work
From: anarcat <anarcat@koumbit.org>
---
manifests/xen.pp | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/manifests/xen.pp b/manifests/xen.pp
index fc196c8..6a2a429 100644
--- a/manifests/xen.pp
+++ b/manifests/xen.pp
@@ -51,7 +51,8 @@ class xen::domain::xen0 inherits xen::domain {
"linux-image-xen-$architecture",
''libsysfs2'',
''xen-tools'',
- ''xen-utils-common''
+ ''xen-utils-common'',
+ ''bridge-utils''
]:
ensure => present
}
--
1.5.3.7
Antoine Beaupre
2008-Feb-15 16:57 UTC
[PATCH 5/5] add bridge-utils to make the bridge work
Virtualisation technologies have to be taken into account when configuring systems to enable optimal performance and minimal resource consumption. This module enables detection of virtualisation technologies and brings along classes to react to specific implementations. See http://reductivelabs.com/trac/puppet/wiki/VirtualRecipe for details about this module. Technology detection -------------------- The "virtual" fact can take these values: * physical: no virtualisation technologies * vmware: a VMware guest * vmware_server: a VMware host * xen0: dom0, the priviledged XEN Management Domain * xenu: domU, a XEN guest VServer ------- The Linux-VServer project maintains a lightweight isolation container as patch to current Linux kernels at http://www.linux-vserver.org/ . The vserver fact can detect vserver "host" and "guest" status. This module provides classes and defines for managing vserver guests in vserver.pp XEN --- For details see http://www.xensource.org/ Beyond detection, this module currently only brings along the class munin::plugins::xen to install the xen_mem and xen_vm munin plugins. VServer Types ============ On all vserver hosts, the class vserver::host should be installed. This brings along the infrastructure and files for the guest configuration types. TODO === Split xen and vserver specific functionality into separate modules? Add XEN guest configuration and initialisation. Detect XEN HVM container for fact::virtual. Collect various VServer and XEN bits from dbp and integrate here.