Commit 9a2595bd by Czémán Arnold

Cent OS 7 port of fwdriver, network, storagedriver, vmdriver, nfs-client. Issues: #5, #6.

parent aa5c987d
...@@ -6,19 +6,35 @@ ...@@ -6,19 +6,35 @@
- group: {{ pillar['fwdriver']['user'] }} - group: {{ pillar['fwdriver']['user'] }}
- mode: 700 - mode: 700
{% if grains['os_family'] == 'RedHat' %}
/etc/systemd/system/firewall.service:
file.managed:
- user: root
- group: root
- template: jinja
- source: file:///home/{{ pillar['fwdriver']['user'] }}/fwdriver/miscellaneous/firewall.service
/etc/systemd/system/firewall-init.service:
file.managed:
- user: root
- group: root
- template: jinja
- source: file:///home/{{ pillar['fwdriver']['user'] }}/fwdriver/miscellaneous/firewall-init.service
{% else %}
/etc/init/firewall.conf: /etc/init/firewall.conf:
file.managed: file.managed:
- user: root - user: root
- group: root - group: root
- template: jinja - template: jinja
- source: file:///home/{{ pillar['fwdriver']['user'] }}/fwdriver/miscellaneous/firewall.conf - source: file:///home/{{ pillar['fwdriver']['user'] }}/fwdriver/miscellaneous/firewall.conf
/etc/init/firewall-init.conf: /etc/init/firewall-init.conf:
file.managed: file.managed:
- user: root - user: root
- group: root - group: root
- template: jinja - template: jinja
- source: file:///home/{{ pillar['fwdriver']['user'] }}/fwdriver/miscellaneous/firewall-init.conf - source: file:///home/{{ pillar['fwdriver']['user'] }}/fwdriver/miscellaneous/firewall-init.conf
{% endif %}
/etc/dhcp/dhcpd.conf: /etc/dhcp/dhcpd.conf:
file.managed: file.managed:
...@@ -32,18 +48,12 @@ ...@@ -32,18 +48,12 @@
- user: {{ pillar['fwdriver']['user'] }} - user: {{ pillar['fwdriver']['user'] }}
- group: {{ pillar['fwdriver']['user'] }} - group: {{ pillar['fwdriver']['user'] }}
{% if grains['os_family'] != 'RedHat' %}
/etc/init.d/isc-dhcp-server: /etc/init.d/isc-dhcp-server:
file.symlink: file.symlink:
- target: /lib/init/upstart-job - target: /lib/init/upstart-job
- force: True - force: True
{% endif %}
isc-dhcp-server:
service:
- running
- watch:
- file: /etc/dhcp/dhcpd.conf
- file: /etc/dhcp/dhcpd.conf.generated
- file: /etc/init.d/isc-dhcp-server
/etc/sysctl.d/60-circle-firewall.conf: /etc/sysctl.d/60-circle-firewall.conf:
file.managed: file.managed:
...@@ -58,3 +68,25 @@ isc-dhcp-server: ...@@ -58,3 +68,25 @@ isc-dhcp-server:
- mode: 400 - mode: 400
- template: jinja - template: jinja
- source: salt://fwdriver/files/sudoers - source: salt://fwdriver/files/sudoers
{# TODO: standalone module for openvswitch #}
{% if grains['os_family'] == 'RedHat' %}
openvswitch2:
pkg.installed:
- sources:
- openvswitch: salt://vmdriver/files/openvswitch-2.3.1-1.x86_64.rpm
cmd.run:
- name: mkdir /etc/openvswitch; restorecon -R /etc/openvswitch/
- creates: /etc/openvswitch
- require:
- pkg: openvswitch
service:
- name: openvswitch
- running
- enable: True
- require:
- cmd: openvswitch
- required_in:
- cmd: ovs-bridge
{% endif %}
...@@ -6,39 +6,34 @@ include: ...@@ -6,39 +6,34 @@ include:
firewall: firewall:
pkg.installed: pkg.installed:
- pkgs: - pkgs:
{% if grains['os_family'] == 'RedHat' %}
- zlib-devel
- python-virtualenvwrapper
- python-devel
- libmemcached-devel
- dhcp
{% else %}
- zlib1g-dev - zlib1g-dev
- virtualenvwrapper - virtualenvwrapper
- git
- python-pip
- python-dev - python-dev
- libmemcached-dev - libmemcached-dev
- ntp
- openvswitch-switch - openvswitch-switch
- openvswitch-controller - openvswitch-controller
- isc-dhcp-server
{% endif %}
- git
- python-pip
- ntp
- iptables - iptables
- ipset - ipset
- isc-dhcp-server
- require: - require:
- user: {{ pillar['fwdriver']['user'] }} - user: {{ pillar['fwdriver']['user'] }}
- require_in: - require_in:
- git: gitrepo_fwdriver - git: gitrepo_fwdriver
- virtualenv: virtualenv_fwdriver - virtualenv: virtualenv_fwdriver
- service: isc-dhcp-server
user: user:
- present - present
- name: {{ pillar['fwdriver']['user'] }} - name: {{ pillar['fwdriver']['user'] }}
- gid_from_name: True - gid_from_name: True
service:
- running
- require:
- service: firewall-init
- watch:
- pkg: firewall
- sls: fwdriver.gitrepo
- sls: fwdriver.virtualenv
- sls: fwdriver.configuration
firewall-init:
service:
- running
...@@ -7,11 +7,15 @@ vm: ...@@ -7,11 +7,15 @@ vm:
network.managed: network.managed:
- enabled: True - enabled: True
- type: eth - type: eth
- proto: static - proto: none
- ipaddr: {{ pillar['fwdriver']['vm_net'].split('/')[0] }} - ipaddr: {{ pillar['fwdriver']['vm_net'].split('/')[0] }}
- netmask: {{ pillar['fwdriver']['vm_net'].split('/')[1] }} - netmask: {{ pillar['fwdriver']['vm_net'].split('/')[1] }}
- pre_up_cmds: - pre_up_cmds:
{% if grains['os_family'] == 'RedHat' %}
- /bin/systemctl restart openvswitch
{% else %}
- /etc/init.d/openvswitch-switch restart - /etc/init.d/openvswitch-switch restart
{% endif %}
- require: - require:
- cmd: ovs-if - cmd: ovs-if
......
nfs-client: nfs-client:
pkg.installed: pkg.installed:
- pkgs: - pkgs:
{% if grains['os_family'] == 'RedHat' %}
- nfs-utils
{% else %}
- nfs-common - nfs-common
{% endif %}
- require_in: - require_in:
- mount: /datastore - mount: /datastore
......
{% if pillar['nfs']['enabled'] %} {% if pillar['nfs']['enabled'] %}
nfs-server: nfs-server:
service: service:
{% if grains['os_family'] != 'RedHat' %}
- name: nfs-kernel-server - name: nfs-kernel-server
{% endif %}
- running - running
- watch: - watch:
- file: /etc/exports - file: /etc/exports
pkg.installed: pkg.installed:
{% if grains['os_family'] == 'RedHat' %}
- name: nfs-utils
{% else %}
- name: nfs-kernel-server - name: nfs-kernel-server
{% endif %}
/etc/exports: /etc/exports:
file.managed: file.managed:
- template: jinja - template: jinja
......
...@@ -20,6 +20,7 @@ ...@@ -20,6 +20,7 @@
- source: file:///home/{{ pillar['user'] }}/vmdriver/miscellaneous/{{ file }} - source: file:///home/{{ pillar['user'] }}/vmdriver/miscellaneous/{{ file }}
{% endfor %} {% endfor %}
{# TODO: standalone module for openvswitch #}
{% if grains['os_family'] == 'RedHat' %} {% if grains['os_family'] == 'RedHat' %}
openvswitch: openvswitch:
pkg.installed: pkg.installed:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment