diff --git a/README.md b/README.md index 95df42c..0198c89 100644 --- a/README.md +++ b/README.md @@ -5,16 +5,16 @@ Manage cgroups configuration service and files. - /etc/cgconfig.conf - /etc/cgconfig.d/*.conf -# Compatibility +## Compatibility This module has been tested to work on the following systems with Puppet v3 (with and without the future parser) and Puppet v4 (with strict variables) using Ruby versions 1.8.7 (Puppet v3 only), 1.9.3, 2.0.0, 2.1.0 and 2.3.1. - * EL 6 - * EL 7 - * SLED 11 SP2 - * SLES 11 SP2 +- EL 6 +- EL 7 +- SLED 11 SP2 +- SLES 11 SP2 [![Build Status](https://travis-ci.org/Ericsson/puppet-module-cgroups.png?branch=master)](https://travis-ci.org/Ericsson/puppet-module-cgroups) @@ -27,24 +27,31 @@ The `cgroups` class is used to configure the cgroup service and its main configu ### Parameters --- + #### cgconfig_content (string) + Optional, specify arbitary content for the cgconfig.conf file that will be included at the bottom. - *Default*: undef --- + #### config_file_path (string) + Absolute path to cgroups config file. - *Default*: '/etc/cgconfig.conf' --- + #### groups (hash) + A hash containing group resources to be configured (see below for cgroups::group resources) - *Default*: undef -##### Example: +##### Example + ```yaml cgroups::groups: "user/mgw-all": @@ -61,7 +68,8 @@ cgroups::groups: "cpuset.cpus": "0,1" ``` -##### Hiera example with Suse 11.2 bugfix: +##### Hiera example with Suse 11.2 bugfix + ```yaml cgroups::user_path_fix: '/sys/fs/cgroup/user/mgw-all' cgroups::groups: @@ -78,38 +86,116 @@ cgroups::groups: "cpuset.mems": "0" "cpuset.cpus": "0,1" ``` + --- + #### mounts (hash) + A hash containing mounts to be configured in /etc/cgconfig.conf. NOTE: On systemd managed systems, the default resource controllers are the domain of systemd, therefore this setting should probably not be used unless you are managing a controller not yet supported by systemd such as net_prio. - *Default*: undef -##### Example: +##### Example + ```yaml cgroups::mounts: cpu: '/cgroup' ``` + --- + #### package_name (string or array) + Name of package(s) that enables cgroups. Only set it to overwrite the modules defaults: RedHat 'libcgroup', Suse 'libcgroup1'. - *Default*: undef --- + #### service_name (string) + Name of service to manage. - *Default*: 'cgconfig' --- + #### user_path_fix (string) + Absolute path to set 0775 permissions on when defined. This is a fix for Suse that have a bug in setting this though the config file. Only available on Suse. - *Default*: undef --- +#### rules_file_path (string) + +Absolute path to cgroups rules config file. + +- *Default*: '/etc/cgrules.conf' + +--- + +#### rules_service_name (string) + +Name of the rules service to manage. + +- *Default*: 'cgred' + +--- + +#### rules_service_enable (boolean) + +A boolean to decide whether the rules service should be enabled or not. + +- *Default*: false + +--- + +#### rules_service_ensure (string) + +The state that shoudl be enforced for the rules service. + +- *Default*: 'stopped' + +--- + +#### rules (hash) + +An optional hash containing rules for the `cgrules.conf` file. Note that the keys of the hash are the `user` values (one per line in the configuration file), and the `controllers` and `destination` elements of the next level of each hash are required. + +- *Default*: undef + +##### rules Example + +```puppet + rules => { + '@template1' => { + controllers => 'cpu,cpuacct,memory', + destination => 'template1/%u', + }, + '@template2' => { + controllers => 'cpu,cpuacct,memory', + destination => 'template2/%u', + }, + }, +``` + +##### Hiera rules example + +```yaml +cgroups::rules: + '@template1': + controllers: 'cpu,cpuacct,memory' + destination: 'template1/%u' + '@template2': + controllers: 'cpu,cpuacct,memory' + destination: 'template2/%u' +``` + +--- + ## Defined type `cgroups::group` ### Description @@ -121,29 +207,35 @@ You can also specify `cgroups::groups` from hiera as a hash of group resources a ### Parameters --- + #### controllers (hash) + An optional hash containing the controllers for the group. - *Default*: undef -##### Example: -```yaml +##### Example + +```puppet controllers => { - 'cpuset' => { + 'cpuset' => { 'cpuset.mems' => '0', 'cpuset.cpus' => '0,1' } } ``` + --- #### permissions (hash) + An optional hash containing permissions for the group. - *Default*: undef -##### Example: -```yaml +##### Example + +```puppet permissions => { 'task' => { 'uid' => 'root', @@ -155,16 +247,20 @@ An optional hash containing permissions for the group. }, } ``` + --- #### target_path (string) + Optional parameter to define in which path the configuration file should be put. By default the module will use the /etc/cgconfig.d directory. - *Default*: '/etc/cgconfig.d' --- + ### Full example -```yaml + +```puppet cggroups::group { 'mgw/user': permissions => { 'task' => { @@ -177,11 +273,12 @@ cggroups::group { 'mgw/user': }, }, controllers => { - 'cpuset' => { + 'cpuset' => { 'cpuset.mems' => '0', 'cpuset.cpus' => '0,1' } } } ``` + --- diff --git a/manifests/group.pp b/manifests/group.pp index 1f65bf8..15f24a2 100644 --- a/manifests/group.pp +++ b/manifests/group.pp @@ -23,6 +23,9 @@ file { $target: ensure => file, content => template('cgroups/group.conf.erb'), - notify => Service[$cgroups::service_name], + notify => [ + Service[$cgroups::service_name], + Service[$cgroups::rules_service_name], + ], } } diff --git a/manifests/init.pp b/manifests/init.pp index a22dac9..51d4698 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -3,13 +3,18 @@ # Manage cgroups configuration service and files. # class cgroups ( - $config_file_path = '/etc/cgconfig.conf', - $service_name = 'cgconfig', - $package_name = undef, - $cgconfig_content = undef, - $user_path_fix = undef, - $mounts = {}, - $groups = {}, + $config_file_path = '/etc/cgconfig.conf', + $rules_file_path = '/etc/cgrules.conf', + $service_name = 'cgconfig', + $rules_service_name = 'cgred', + $rules_service_enable = false, + $rules_service_ensure = 'stopped', + $package_name = undef, + $cgconfig_content = undef, + $user_path_fix = undef, + $mounts = {}, + $groups = {}, + $rules = {}, ) { # variables preparation @@ -51,6 +56,10 @@ fail('cgroups::service_name is not a string.') } + if is_string($rules_service_name) == false { + fail('cgroups::rules_service_name is not a string.') + } + if is_string($package_name_real) == false and is_array($package_name_real) == false { fail('cgroups::package_name is not a string or an array.') } @@ -65,6 +74,7 @@ validate_hash($mounts) validate_hash($groups) + validate_hash($rules) # functionality package { $package_name_real: @@ -73,17 +83,36 @@ file { $config_file_path: ensure => file, - notify => Service[$service_name], + notify => [ + Service[$service_name], + Service[$rules_service_name], + ], content => template('cgroups/cgroup.conf.erb'), require => Package[$package_name_real], } + file { $rules_file_path: + ensure => file, + notify => [ + Service[$service_name], + Service[$rules_service_name], + ], + content => template('cgroups/cgrules.conf.erb'), + require => Package[$package_name_real], + } + service { $service_name: ensure => running, enable => true, require => Package[$package_name_real], } + service { $rules_service_name: + ensure => $rules_service_ensure, + enable => $rules_service_enable, + require => Package[$package_name_real], + } + create_resources('cgroups::group', $groups) if ($user_path_fix != undef) and ($::osfamily == 'Suse') { @@ -91,7 +120,10 @@ ensure => directory, path => $user_path_fix, mode => '0775', - require => Service[$service_name], + require => [ + Service[$service_name], + Service[$rules_service_name], + ], } } } diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 290e1f2..75ee17d 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -37,7 +37,16 @@ it do should contain_file('/etc/cgconfig.conf').with({ 'ensure' => 'file', - 'notify' => 'Service[cgconfig]', + 'notify' => ['Service[cgconfig]', 'Service[cgred]'], + 'require' => 'Package[libcgroup]', + 'content' => content, + }) + end + + it do + should contain_file('/etc/cgrules.conf').with({ + 'ensure' => 'file', + 'notify' => ['Service[cgconfig]', 'Service[cgred]'], 'require' => 'Package[libcgroup]', 'content' => content, }) @@ -50,6 +59,14 @@ 'require' => 'Package[libcgroup]', }) end + + it do + should contain_service('cgred').with({ + 'ensure' => 'stopped', + 'enable' => 'false', + 'require' => 'Package[libcgroup]', + }) + end end describe 'with config_file_path set to valid string ' do @@ -58,6 +75,12 @@ it { should contain_file('/specific/path') } end + describe 'with rules_file_path set to valid string ' do + let(:params) { { :rules_file_path => '/specific/path' } } + + it { should contain_file('/specific/path') } + end + describe 'with service_name set to valid string ' do # $user_path_fix on SLES >= 11.2 utilizes $service_name too let(:facts) do @@ -73,11 +96,50 @@ } end - it { should contain_file('cgroups_path_fix').with_require('Service[other_name]') } - it { should contain_file('/etc/cgconfig.conf').with_notify('Service[other_name]') } + it { should contain_file('cgroups_path_fix').with_require(['Service[other_name]', 'Service[cgred]']) } + it { should contain_file('/etc/cgconfig.conf').with_notify(['Service[other_name]', 'Service[cgred]']) } it { should contain_service('other_name') } end + describe 'with rules_service_name set to valid string ' do + let(:facts) do + { + :operatingsystemrelease => '11.2', + :osfamily => 'Suse', + } + end + let(:params) do + { + :rules_service_name => 'rules_other_name', + :user_path_fix => '/specific/path', + } + end + + it { should contain_file('cgroups_path_fix').with_require(['Service[cgconfig]', 'Service[rules_other_name]']) } + it { should contain_file('/etc/cgconfig.conf').with_notify(['Service[cgconfig]', 'Service[rules_other_name]']) } + it { should contain_service('rules_other_name') } + end + + describe 'with rules service enabled and running' do + let(:facts) do + { + :operatingsystemrelease => '11.2', + :osfamily => 'Suse', + } + end + let(:params) do + { + :rules_service_enable => true, + :rules_service_ensure => 'running', + } + end + + it { should contain_service('cgred').with({ + 'ensure' => 'running', + 'enable' => 'true', + })} + end + platforms.sort.each do |platform, v| describe "with package_name default value on osfamily <#{platform}>" do let(:facts) do @@ -138,7 +200,7 @@ end let(:params) { { :user_path_fix => '/specific/path' } } - it { should contain_file('cgroups_path_fix').with_require('Service[cgconfig]') } + it { should contain_file('cgroups_path_fix').with_require(['Service[cgconfig]', 'Service[cgred]']) } end describe 'with mounts set to valid hash { spec => /test, cpu => /cgroups }' do @@ -225,6 +287,31 @@ end end + describe 'with rules set to valid hash' do + let(:params) {{ + :rules => { + '@template1' => { + 'controllers' => 'cpu,cpuacct,memory', + 'destination' => 'template1/%u', + }, + '@template2' => { + 'controllers' => 'cpu,cpuacct,memory', + 'destination' => 'template2/%u', + } + } + }} + + # test includes alphabetical sorting of values in the template + content = <<-END.gsub(/^\s+\|/, '') + |# This file is being maintained by Puppet. + |# DO NOT EDIT + |@template1\tcpu,cpuacct,memory\ttemplate1/%u + |@template2\tcpu,cpuacct,memory\ttemplate2/%u + END + + it { should contain_file('/etc/cgrules.conf').with_content(content) } + end + %w(5 8).each do |release| context "on EL #{release}" do let(:facts) do diff --git a/spec/defines/group_spec.rb b/spec/defines/group_spec.rb index 18e8084..60680e7 100644 --- a/spec/defines/group_spec.rb +++ b/spec/defines/group_spec.rb @@ -22,7 +22,7 @@ it do should contain_file('/etc/cgconfig.d/rspec-test.conf').with({ 'ensure' => 'file', - 'notify' => 'Service[cgconfig]', + 'notify' => ['Service[cgconfig]', 'Service[cgred]'], 'content' => content, }) end @@ -79,7 +79,7 @@ it do should contain_file('/specific/path/rspec-test.conf').with({ 'ensure' => 'file', - 'notify' => 'Service[cgconfig]', + 'notify' => ['Service[cgconfig]', 'Service[cgred]'], 'content' => content, }) end diff --git a/templates/cgrules.conf.erb b/templates/cgrules.conf.erb new file mode 100644 index 0000000..7656d65 --- /dev/null +++ b/templates/cgrules.conf.erb @@ -0,0 +1,9 @@ +# This file is being maintained by Puppet. +# DO NOT EDIT +<% unless @rules.empty? -%> +<% if @rules.is_a?(Hash) -%> +<% @rules.sort.each do |user,settings| -%> +<%= user %><%= 0x09.chr %><%= settings['controllers'] %><%= 0x09.chr %><%= settings['destination'] %> +<% end -%> +<% end -%> +<% end -%>