From 7af611e0182886baa11ae172e741d5e8eb2d2ce4 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Mon, 21 Mar 2011 11:34:54 +0100 Subject: [PATCH] More ekeyd work --- manifests/site.pp | 7 +-- modules/entropykey/manifests/init.pp | 16 +++++- .../parser/functions/entropy_provider.rb | 55 +++++++++++++++++++ .../lib/puppet/parser/functions/whohosts.rb | 7 +-- 4 files changed, 73 insertions(+), 12 deletions(-) create mode 100644 modules/puppetmaster/lib/puppet/parser/functions/entropy_provider.rb diff --git a/manifests/site.pp b/manifests/site.pp index 398da0ab9..ce473bfb8 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -36,12 +36,7 @@ node default { } case $hostname { - heininen: { - include "entropykey::provider" - } - unger: { - include "entropykey::remote_consumer" - } + heininen,unger: { include entropykey } } case $smartarraycontroller { diff --git a/modules/entropykey/manifests/init.pp b/modules/entropykey/manifests/init.pp index e9a2bbec6..13de3e4ea 100644 --- a/modules/entropykey/manifests/init.pp +++ b/modules/entropykey/manifests/init.pp @@ -55,12 +55,26 @@ class entropykey::remote_consumer inherits entropykey::local_consumer { stunnel4::stunnel_client { "ekeyd": accept => "127.0.0.1:8888", - connecthost => "heininen.debian.org", + connecthost => "${entropy_provider}", connectport => 18888, ; } } +class entropykey { + case getfromhash($nodeinfo, 'entropy_key') { + true: { include entropykey::provider } + } + + $entropy_provider = entropy_provider($fqdn, $nodeinfo) + case $entropy_provider { + false: {} + local: { include entropykey::local_consumer } + default: { include entropykey::remote_consumer } + } + +} + # vim:set et: # vim:set sts=4 ts=4: # vim:set shiftwidth=4: diff --git a/modules/puppetmaster/lib/puppet/parser/functions/entropy_provider.rb b/modules/puppetmaster/lib/puppet/parser/functions/entropy_provider.rb new file mode 100644 index 000000000..1a0f8e9b7 --- /dev/null +++ b/modules/puppetmaster/lib/puppet/parser/functions/entropy_provider.rb @@ -0,0 +1,55 @@ +module Puppet::Parser::Functions + newfunction(:entropy_provider, :type => :rvalue) do |args| + begin + require '/var/lib/puppet/lib/puppet/parser/functions/whohosts.rb' + + fqdn = args[0] + nodeinfo = args[1] + + localinfo = lookupvar('localinfo') + allnodeinfo = lookupvar('allnodeinfo') + + raise Puppet::ParseError, "entropy_provider: Cannot learn fqdn" unless fqdn + raise Puppet::ParseError, "entropy_provider: Cannot learn nodeinfo" unless nodeinfo + raise Puppet::ParseError, "entropy_provider: Cannot learn localinfo" unless localinfo + raise Puppet::ParseError, "entropy_provider: Cannot learn allnodeinfo" unless allnodeinfo + + # find where all the entropy keys are + provider = [] + hoster = {} + localinfo.keys.sort.each do |node| + next unless localinfo[node]['entropy_key'] + + addresses = allnodeinfo[node]['ipHostNumber'] + thishoster = function_whohosts(addresses, "/etc/puppet/modules/debian-org/misc/hoster.yaml") + name = thishoster['name'] + + provider << node + + hoster[name] = [] unless hoster[name] + hoster[name] << node + end + + # figure out which entropy provider to use + consumer_hoster = nodeinfo['hoster']['name'] + if provider.include?(fqdn) # if the host has an ekeyd + ans = 'local' + elsif hoster[consumer_hoster] # if there are any at the same hoster, use one of them + # if there are more than one ekeys at this hoster pick an arbitrary + # one, but the same every time + index = fqdn.hash % hoster[consumer_hoster].length + ans = hoster[consumer_hoster][index] + else # pick an arbitrary provider from all providers + index = fqdn.hash % provider.size + ans = provider[index] + end + + return ans + rescue => e + raise Puppet::ParseError, "Error in entropy_provider: #{e.message}\n#{e.backtrace}" + end + end +end +# vim:set ts=2: +# vim:set et: +# vim:set shiftwidth=2: diff --git a/modules/puppetmaster/lib/puppet/parser/functions/whohosts.rb b/modules/puppetmaster/lib/puppet/parser/functions/whohosts.rb index 20f83d367..ed2a0c043 100644 --- a/modules/puppetmaster/lib/puppet/parser/functions/whohosts.rb +++ b/modules/puppetmaster/lib/puppet/parser/functions/whohosts.rb @@ -14,11 +14,8 @@ module Puppet::Parser::Functions ipAddrs.each do |addr| yaml.keys.each do |hoster| - if yaml[hoster].kind_of?(Hash) and yaml[hoster].has_key?('netrange') - netrange = yaml[hoster]['netrange'] - else - next - end + next unless yaml[hoster].kind_of?(Hash) and yaml[hoster].has_key?('netrange') + netrange = yaml[hoster]['netrange'] netrange.each do |net| begin -- 2.20.1