Giter VIP home page Giter VIP logo

puppet-pulp's Introduction

Puppet Forge Build Status puppetmodule.info docs

Table of Contents

  1. Overview
  2. Usage - The basics of getting started with pulp
  3. Development - Guide for contributing to the module

Overview

This module can be used to install and manage several aspects of a pulp installation.

Pulp

Installation

The main pulp server installation. This includes the Apache configuration and the various daemons.

include ::pulp

Note that you need EPEL and a Pulp repository. For this we recommend stahnma/epel and use of the pulp::repo::upstream or pulp::repo::katello.

include ::epel
include ::pulp::repo::upstream
class { '::pulp':
  require => Class['epel', 'pulp::repo::upstream'],
}

Plugins can be enabled as well:

class { '::pulp':
  enable_docker => true,
  enable_ostree => true,
  enable_puppet => true,
  enable_python => true,
  enable_rpm    => true,
}

By default a user admin will be created with a randomized password. This is configurable with the default_login and default_password parameters:

class { '::pulp':
  default_login    => 'user',
  default_password => 'secret',
}

Security and external services

By default the MongoDB database is managed, but the manage_db parameter can be used to change this behaviour.

Likewise the broker is managed by default, but manage_broker is there. The implementation can be switched from the default qpid to rabbitmq.

There are various types that can be used to manage providers, assuming the correct plugin is installed.

For security certificates can be used. For example on the webservice:

class { '::pulp':
  https_cert   => '/path/to/public_key.pem',
  https_key    => '/path/to/private_key.pem',
  https_chain  => '/path/to/ca_chain.pem',
  # Optionally you can change the accepted protocols
  ssl_protocol => ['all', '-SSLv3', '-TLSv1', '-TLSv1.1'],
}

The connection to the MongoDB server can also be encrypted:

class { '::pulp':
  db_ssl          => true,
  db_ssl_keyfile  => '/path/to/private_key.pem',
  db_ssl_certfile => '/path/to/public_key.pem',
  db_ca_path      => '/path/to/ca.pem',
}

Similarly the connection to the message broker can be encrypted:

class { '::pulp':
  broker_url     => 'qpid://user:[email protected]:5671',
  broker_use_ssl => true,
}

The email behaviour is configurable as well:

class { '::pulp':
  email_host    => 'localhost',
  email_port    => 25,
  email_from    => '[email protected]',
  email_enabled => true,
}

In case you need to connect through a proxy you can specify the host, port, username and password. Note the proxy_url parameter actually maps to the proxy_host parameter in the configs.

class { '::pulp':
  proxy_url      => 'proxy.example.com',
  proxy_port     => 80,
  proxy_username => 'user',
  proxy_password => 'secret',
}

RPM provider

pulp_rpmrepo { 'scl_ruby22_el7':
  checksum_type    => 'sha256',
  display_name     => 'scl_ruby22_el7',
  feed             => 'https://www.softwarecollections.org/repos/rhscl/rh-ruby22/epel-7-x86_64/',
  relative_url     => 'scl_ruby22/7Server',
  remove_missing   => true,
  retain_old_count => 1,
  serve_http       => true,
  serve_https      => true,
  validate         => true,
}

Puppet provider

pulp_puppetrepo { 'company_puppet_forge':
  display_name    => 'company_puppet_forge',
  max_downloads   => 10,
  serve_http      => true,
  serve_https     => true,
  validate        => true,
  verify_feed_ssl => false,
}

ISO provider

pulp_isorepo { 'optymyze_thirdparty':
  display_name    => 'files_thirdparty',
  feed            => 'https://pulp-server.company.net/pulp/isos/files_thirdparty/',
  max_downloads   => 10,
  remove_missing  => false,
  serve_http      => true,
  serve_https     => true,
  validate        => true,
  verify_feed_ssl => false,
}

Schedule provider

pulp_schedule { 'scl_ruby22_el7':
  enabled       => 'true',
  schedule_time => '2000-W01-6T12:00Z/P1W',
}

# force schedules to be added after the repos are created
Pulp_rpmrepo <| |> -> Pulp_schedule <| |>

Pulp admin

The easiest is to use enable_admin parameter. This ensures all plugins have their admin component installed as well as configuring the client to talk to the server using the default_login and default_password parameters.

class { 'pulp':
  enable_admin => true,
}

On standalone machines it is also possible to only install the admin utility by directly using pulp::admin:

include ::pulp::admin

In this case plugins need to be managed explicitly.

class { '::pulp::admin':
  enable_docker => true,
  enable_ostree => true,
  enable_puppet => true,
  enable_python => true,
  enable_nodes  => true
  enable_rpm    => true,
}

Pulp Child

Manage a pulp child installation.

include ::pulp::child

Pulp consumer

Manage pulp consumers.

Installation

include ::pulp::consumer

Register consumer

pulp_register { $::fqdn:
  user => 'admin',
  pass => 'admin',
}

Pulp Crane

Manage pulp crane, a minimal docker registry.

You can either deploy it standalone:

include ::pulp::crane

Or as part of a full Pulp installation:

class { '::pulp':
  enable_crane => true,
}

Role provider

pulp_role { 'repo_admin':
  ensure      => 'present',
  users       => ['alice', 'bob'],
  permissions => {'/' => ['READ', 'CREATE'], '/v2/repositories/scl_ruby22_el7/' => ['READ', 'EXECUTE', 'UPDATE', 'CREATE', 'DELETE']},
}

Development

See the CONTRIBUTING guide for steps on how to make a change and get it accepted upstream.

puppet-pulp's People

Contributors

adamruzicka avatar alexjfisher avatar bbuckingham avatar beav avatar cfouant avatar chris1984 avatar cristifalcas avatar dgoodwin avatar ehelms avatar ekohl avatar glbyers avatar inecas avatar jlambert121 avatar jlsherrill avatar jmontleon avatar khdevel avatar ladynamedlaura avatar llabrat avatar lzap avatar mbacovsky avatar mccun934 avatar omaciel avatar parthaa avatar pascalbourdier avatar paulsd avatar pseiler avatar sean797 avatar stbenjam avatar timogoebel avatar walkamongus avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.