Skip to content
This repository has been archived by the owner on Apr 21, 2023. It is now read-only.

Commit

Permalink
Added pool_suggestion parameter
Browse files Browse the repository at this point in the history
  • Loading branch information
jorritfolmer committed Apr 13, 2018
1 parent b47537a commit 82efb87
Show file tree
Hide file tree
Showing 9 changed files with 122 additions and 92 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
### 3.11.0

- Added pool_suggestion parameter

### 3.10.2

- Improved searchpeer documentation and error handling
Expand Down
6 changes: 5 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -864,8 +864,12 @@ Optional.
### `phonehomeintervalinsec`
Optional. Unsed to configure the phonehomeinterval of the deploymentclient.
Optional. Used to configure the phonehomeinterval of the deploymentclient.
Defaults to undef.
### `pool_suggestion`
Optional. Used to perform license pool management at the indexers instead of at the licence master.
### `repositorylocation`
Expand Down
6 changes: 4 additions & 2 deletions TEST_COVERAGE.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,14 @@
| v3.7.0 | 30 | 48 |
| v3.8.0 | 30 | 50 |
| v3.9.0 | 33 | 53 |
| v3.11.0 | 34 | 54 |

## By operating system:

| os | tested | total |
|---------|--------|-------|
| linux | 33 | 53 |
| windows | 0 | 53 |
| linux | 34 | 54 |
| windows | 0 | 54 |

## By parameter:

Expand Down Expand Up @@ -52,6 +53,7 @@
| `package_source` | yes |
| `pass4symmkey` | no |
| `phonehomeintervalinsec` | no |
| `pool_suggestion` | Y |
| `replication_port`| Y |
| `repositorylocation`| Y |
| `requireclientcert`| Y |
Expand Down
75 changes: 38 additions & 37 deletions manifests/init.pp
Original file line number Diff line number Diff line change
Expand Up @@ -21,54 +21,55 @@
# SOFTWARE.

class splunk (
$type = $splunk::params::type,
$package_source = $splunk::params::package_source,
$splunk_os_user = $splunk::params::splunk_os_user,
$splunk_os_group = $splunk::params::splunk_os_group,
$splunk_bindip = $splunk::params::splunk_bindip,
$splunk_db = $splunk::params::splunk_db,
$lm = $splunk::params::lm,
$ds = $splunk::params::ds,
$sslcompatibility = $splunk::params::sslcompatibility,
$ciphersuite_modern = $splunk::params::ciphersuite_modern,
$sslversions_modern = $splunk::params::sslversions_modern,
$dhparamsize_modern = $splunk::params::dhparamsize_modern,
$ecdhcurvename_modern = $splunk::params::ecdhcurvename_modern,
$admin = $splunk::params::admin,
$auth = $splunk::params::auth,
$ciphersuite_intermediate = $splunk::params::ciphersuite_intermediate,
$sslversions_intermediate = $splunk::params::sslversions_intermediate,
$ciphersuite_modern = $splunk::params::ciphersuite_modern,
$clustering = $splunk::params::clustering,
$dhparamsize_intermediate = $splunk::params::dhparamsize_intermediate,
$dhparamsize_modern = $splunk::params::dhparamsize_modern,
$dontruncmds = $splunk::params::dontruncmds,
$ds = $splunk::params::ds,
$ds_intermediate = $splunk::params::ds_intermediate,
$ecdhcurvename_intermediate = $splunk::params::ecdhcurvename_intermediate,
$ecdhcurvename_modern = $splunk::params::ecdhcurvename_modern,
$httpport = $splunk::params::httpport,
$inputport = $splunk::params::inputport,
$kvstoreport = $splunk::params::kvstoreport,
$lm = $splunk::params::lm,
$maxbackupindex = $splunk::params::maxbackupindex,
$maxfilesize = $splunk::params::maxfilesize,
$maxkbps = $splunk::params::maxkbps,
$minfreespace = $splunk::params::minfreespace,
$mgmthostport = $splunk::params::mgmthostport,
$package_source = $splunk::params::package_source,
$pass4symmkey = $splunk::params::pass4symmkey,
$phonehomeintervalinsec = $splunk::params::phonehomeintervalinsec,
$pool_suggestion = $splunk::params::pool_suggestion,
$replication_port = $splunk::params::replication_port,
$repositorylocation = $splunk::params::repositorylocation,
$requireclientcert = $splunk::params::requireclientcert,
$reuse_puppet_certs = $splunk::params::reuse_puppet_certs,
$rolemap = $splunk::params::rolemap,
$searchpeers = $splunk::params::searchpeers,
$secret = $splunk::params::secret,
$service = $splunk::params::service,
$shclustering = $splunk::params::shclustering,
$sslcompatibility = $splunk::params::sslcompatibility,
$sslversions_modern = $splunk::params::sslversions_modern,
$sslversions_intermediate = $splunk::params::sslversions_intermediate,
$sslcertpath = $splunk::params::sslcertpath,
$sslrootcapath = $splunk::params::sslrootcapath,
$sslpassword = $splunk::params::sslpassword,
$sslverifyservercert = $splunk::params::sslverifyservercert,
$inputport = $splunk::params::inputport,
$httpport = $splunk::params::httpport,
$kvstoreport = $splunk::params::kvstoreport,
$mgmthostport = $splunk::params::mgmthostport,
$splunk_os_user = $splunk::params::splunk_os_user,
$splunk_os_group = $splunk::params::splunk_os_group,
$splunk_bindip = $splunk::params::splunk_bindip,
$splunk_db = $splunk::params::splunk_db,
$tcpout = $splunk::params::tcpout,
$searchpeers = $splunk::params::searchpeers,
$admin = $splunk::params::admin,
$clustering = $splunk::params::clustering,
$replication_port = $splunk::params::replication_port,
$shclustering = $splunk::params::shclustering,
$service = $splunk::params::service,
$type = $splunk::params::type,
$use_ack = $splunk::params::use_ack,
$ds_intermediate = $splunk::params::ds_intermediate,
$repositorylocation = $splunk::params::repositorylocation,
$version = $splunk::params::version,
$auth = $splunk::params::auth,
$rolemap = $splunk::params::rolemap,
$dontruncmds = $splunk::params::dontruncmds,
$pass4symmkey = $splunk::params::pass4symmkey,
$minfreespace = $splunk::params::minfreespace,
$phonehomeintervalinsec = $splunk::params::phonehomeintervalinsec,
$secret = $splunk::params::secret,
$maxbackupindex = $splunk::params::maxbackupindex,
$maxfilesize = $splunk::params::maxfilesize,
$maxkbps = $splunk::params::maxkbps
$version = $splunk::params::version
) inherits splunk::params {

case $::osfamily {
Expand Down
103 changes: 52 additions & 51 deletions manifests/params.pp
Original file line number Diff line number Diff line change
Expand Up @@ -5,51 +5,7 @@

class splunk::params (
) {
$type = undef
$package_source = undef
$splunk_os_user = undef
$splunk_os_group = undef
$splunk_bindip = undef
$splunk_db = undef
$lm = undef
$ds = undef
$inputport = undef
$outputs = undef
$webssl = true
$sslcompatibility = 'modern'
$sslversions_modern = 'tls1.1, tls1.2'
$ciphersuite_modern = 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES256-GCM-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK'
$dhparamsize_modern = 2048
$ecdhcurvename_modern = 'secp384r1'
$sslversions_intermediate = '*,-ssl2'
$ciphersuite_intermediate = 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'
$dhparamsize_intermediate = 2048
$ecdhcurvename_intermediate = 'secp384r1'
$requireclientcert = undef
$reuse_puppet_certs = true
$sslcertpath = 'certs/s2s.pem'
$sslrootcapath = 'certs/ca.crt'
$sslpassword = undef
$sslverifyservercert = undef
$httpport = undef
$kvstoreport = undef
$mgmthostport = undef
$tcpout = undef
# set to some string instead of undef to prevent 'Missing title' errors in Puppet 4.x
$searchpeers = 'empty'
$admin = undef
$clustering = { }
$replication_port = 9887
$shclustering = { }
$service = {
enable => true,
ensure => undef,
}
$use_ack = false
$ds_intermediate = undef
$phonehomeintervalinsec = 60
$repositorylocation = undef
$version = undef
$admin = undef
$auth = {
'type' => 'Splunk',
'saml_idptype' => undef,
Expand All @@ -74,17 +30,62 @@
'ldap_userbasefilter' => '(objectclass=user)',
'ldap_usernameattribute' => 'sAMAccountName',
}
$ciphersuite_intermediate = 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'
$ciphersuite_modern = 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES256-GCM-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK'
$clustering = { }
$dhparamsize_intermediate = 2048
$dhparamsize_modern = 2048
$ds = undef
$ds_intermediate = undef
$dontruncmds = false
$ecdhcurvename_intermediate = 'secp384r1'
$ecdhcurvename_modern = 'secp384r1'
$httpport = undef
$inputport = undef
$kvstoreport = undef
$lm = undef
$maxbackupindex = 1
$maxfilesize = 10000000
$maxkbps = undef
$mgmthostport = undef
$minfreespace = undef
$package_source = undef
$pass4symmkey = 'changeme'
$phonehomeintervalinsec = 60
$pool_suggestion = undef
$outputs = undef
$replication_port = 9887
$repositorylocation = undef
$requireclientcert = undef
$reuse_puppet_certs = true
$rolemap = {
'admin' => 'Domain Admins',
'power' => 'Power Users',
'user' => 'Domain Users',
}
$dontruncmds = false
$minfreespace = undef
$pass4symmkey = 'changeme'
# set to some string instead of undef to prevent 'Missing title' errors in Puppet 4.x
$searchpeers = 'empty'
$secret = undef
$maxbackupindex = 1
$maxfilesize = 10000000
$maxkbps = undef
$service = {
enable => true,
ensure => undef,
}
$shclustering = { }
$splunk_os_user = undef
$splunk_os_group = undef
$splunk_bindip = undef
$splunk_db = undef
$sslcompatibility = 'modern'
$sslversions_modern = 'tls1.1, tls1.2'
$sslversions_intermediate = '*,-ssl2'
$sslcertpath = 'certs/s2s.pem'
$sslrootcapath = 'certs/ca.crt'
$sslpassword = undef
$sslverifyservercert = undef
$tcpout = undef
$type = undef
$use_ack = false
$version = undef
$webssl = true
}

1 change: 1 addition & 0 deletions manifests/server/license.pp
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@

class splunk::server::license (
$lm = $splunk::lm,
$pool_suggestion = $splunk::pool_suggestion,
$splunk_os_user = $splunk::real_splunk_os_user,
$splunk_os_group = $splunk::real_splunk_os_group,
$splunk_dir_mode = $splunk::real_splunk_dir_mode,
Expand Down
2 changes: 1 addition & 1 deletion metadata.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "jorritfolmer-splunk",
"version": "3.10.2",
"version": "3.11.0",
"author": "Jorrit Folmer",
"summary": "Deploy Splunk indexers, search heads and universal forwarders into any imaginable topology, distributed or (multisite) clustered.",
"license": "MIT",
Expand Down
14 changes: 14 additions & 0 deletions spec/classes/init_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -414,6 +414,20 @@
it { should contain_file('/opt/splunk/etc/apps/puppet_common_license_client_base/local/server.conf').with_content(/master_uri = https:\/\/lm.internal.corp.tld:8089/) }
end

context 'with license server and pool suggestion' do
let(:params) {
{
:lm => 'lm.internal.corp.tld:8089',
:pool_suggestion => 'prodpool',
:admin => { 'hash' => 'zzzz', 'fn' => 'yyyy', 'email' => 'wwww', },
:dontruncmds => true,
}
}
it { should contain_class('splunk::installed') }
it { should contain_package('splunk') }
it { should contain_file('/opt/splunk/etc/apps/puppet_common_license_client_base/local/server.conf').with_content(/master_uri = https:\/\/lm.internal.corp.tld:8089\npool_suggestion = prodpool/) }
end

context 'with splunk secret' do
let(:params) {
{
Expand Down
3 changes: 3 additions & 0 deletions templates/puppet_common_license_client_base/local/server.conf
Original file line number Diff line number Diff line change
@@ -1,2 +1,5 @@
[license]
master_uri = https://<%= @lm %>
<% if not @pool_suggestion.nil? -%>
pool_suggestion = <%= @pool_suggestion %>
<% end -%>

0 comments on commit 82efb87

Please sign in to comment.