diff --git a/README.md b/README.md index 41ac427b..5114ecdc 100644 --- a/README.md +++ b/README.md @@ -42,8 +42,8 @@ or apt to install these components if they're self-hosted. ### What splunk affects -* Installs the Splunk/Forwarder package and manages their config files. It does - not purge them by default. +* Installs the splunk or splunkforwarder package and manages their config + files. It does not purge them by default. * The module will set up both Splunk Enterprise and Splunk Forwarder to run as the 'root' user on POSIX platforms. * By default, enables Splunk Enterprise and Splunk Forwarder boot-start, and @@ -51,6 +51,8 @@ or apt to install these components if they're self-hosted. ### Setup Requirements +#### Module Installation + To begin using this module, use the Puppet Module Tool (PMT) from the command line to install this module: @@ -62,19 +64,26 @@ the --target-dir directive. You can also use r10k or code-manager to deploy the module so ensure that you have the correct entry in your Puppetfile. -Once the module is in place, there is just a little setup needed. +#### Package Dependencies + +Once the module is in place, you will need to ensure the splunk package(s) are +available. + +If your environment has the splunk package(s) available, and the supplied +`package_provider` supports it, it is not required for you to manage the splunk +packages. -First, you will need to place your downloaded splunk installers into the files +Otherwise, you will need to place your downloaded splunk installers into the files directory, `/splunk/files/`. If you're using r10k or code-manager -you'll need to override the `splunk::params::src_root` parameter to point at a -modulepath outside of the Splunk module because each deploy will overwrite the -files. +you'll need to override the `splunk::enterprise::src_root` or +`splunk::forwarder::src_root` parameter to point at a modulepath outside of the +Splunk module because each deploy will overwrite the files. The files must be placed according to directory structure example given below. The expected directory structure is: - $root_url/ + $src_root/ └── products/ ├── universalforwarder/ │ └── releases/ @@ -89,7 +98,7 @@ The expected directory structure is: A semi-populated example files directory might then contain: - $root_url/ + $src_root/ └── products/ ├── universalforwarder/ │ └── releases/ @@ -109,17 +118,6 @@ A semi-populated example files directory might then contain: ├── splunk-7.0.0-c8a78efdd40f-linux-2.6-intel.deb └── splunk-7.0.0-c8a78efdd40f-linux-2.6-x86_64.rpm -Second, you will need to supply the `splunk::params` class with three critical -pieces of information. - -* The version of Splunk you are using -* The build of Splunk you are using -* The root URL to use to retrieve the packages - -In the example given above, the version is 7.0.0, the build is c8a78efdd40f, -and the root URL is puppet:///modules/splunk. See the splunk::params class -documentation for more information. - ### Beginning with splunk Once the Splunk packages are hosted in the users repository or hosted by the @@ -127,25 +125,62 @@ Puppet Server in the modulepath the module is ready to deploy. ## Usage -If a user is installing Splunk Enterprise with packages provided from their -modulepath, this is the most basic way of installing Splunk Server with default -settings: +### Splunk Enterprise + +If splunk is already installed on the target node, the splunk `version` and +`build` will be determined by the `splunkenterprise` fact. You can simply +include the module on your node: ```puppet -include ::splunk::enterprise +include splunk::enterprise ``` -This is the most basic way of installing the Splunk Universal Forwarder with -default settings: +Otherwise, if splunk is not installed, you will need to follow the instructions +in Setup Requirements. You may need to specify `src_root` if the defaults are +not suitable for your environment. You will also need to specify `release`, +in the format `version-build` as follows: + +```yaml +--- +splunk::enterprise::release: '7.0.0-c8a78efdd40f' +``` ```puppet -class { '::splunk::params': - server => $my_splunk_server, -} +include splunk::enterprise +``` + +### Splunk Forwarder + +If splunkforwarder is already installed on the target node, the splunk +`version` and `build` will be determined by the `splunkforwarder` fact. You +will only need to specify a `server`: +```yaml +--- +splunk::forwarder::server: +``` + +```puppet include ::splunk::forwarder ``` +Otherwise, if splunkforwarder is not installed, you will need to follow the +instructions in Setup Requirements. You may need to specify `src_root` if the +defaults are not suitable for your environment. You will also need to specify +`release`, in the format `version-build` as follows: + +```yaml +--- +splunk::forwarder::release: '7.0.0-c8a78efdd40f' +splunk::forwarder::server: +``` + +```puppet +include ::splunk::forwarder +``` + +### Splunk Types + Once both Splunk Enterprise and Splunk Universal Forwarder have been deployed on their respective nodes, the Forwarder is ready to start sending logs. @@ -181,47 +216,14 @@ Alternatively the the `splunk::enterprise::password::seed` class can be used ind ### Upgrade splunk and splunkforwarder packages -This module has the ability to install *and* upgrade the splunk and splunkforwarder packages. All you have to do is declare `package_ensure => 'latest'` when calling the `::splunk` or `::splunk::forwarder` classes. - -Upgrades from 7.0.X to >= 7.0.X are not tested. +Upgrades have not been tested with this module. -#### Upgrade Example - -The following code will install the 6.6.8 version of the splunk forwarder. Then -comment out the 6.6.8 version and build values and uncomment the 7.1.2 version -and build values. Running puppet again will perform the following: - -1. splunk forwarder package is upgraded - 1. splunk service is stopped as part of the package upgrade process -1. new license agreement is automatically accepted - 1. license agreement must be accepted or the splunk service will fail to start -1. splunk service is started - -```puppet -# Tell the module to get packages directly from Splunk. -class { '::splunk::params': - version => '6.6.8', - build => '6c27a8439c1e', - #version => '7.1.2', - #build => 'a0c72a66db66', - src_root => 'https://download.splunk.com', -} - -# Specifying package_ensure => 'latest' will ensure that the splunk and -# splunkforwarder packages will be upgraded when you specify newer values for -# version and build. -class { '::splunk::forwarder': - package_ensure => 'latest', -} -``` ## Reference See in file [REFERENCE.md](REFERENCE.md). ## Limitations -- Currently tested manually on Centos 7, but we will eventually add automated - testing and are targeting compatibility with other platforms. - Tested with Puppet 5.x - New installations of splunk up to version 7.2.X are supported, but upgrades from 7.0.X to >= 7.0.X are not fully tested diff --git a/data/common.yaml b/data/common.yaml new file mode 100644 index 00000000..51edd3dd --- /dev/null +++ b/data/common.yaml @@ -0,0 +1,57 @@ +--- +splunk::enterprise::manage_password: false +splunk::enterprise::seed_password: false +splunk::enterprise::reset_seeded_password: false +splunk::enterprise::secret: 'hhy9DOGqli4.aZWCuGvz8stcqT2/OSJUZuyWHKc4wnJtQ6IZu2bfjeElgYmGHN9RWIT3zs5hRJcX1wGerpMNObWhFue78jZMALs3c3Mzc6CzM98/yGYdfcvWMo1HRdKn82LVeBJI5dNznlZWfzg6xdywWbeUVQZcOZtODi10hdxSJ4I3wmCv0nmkSWMVOEKHxti6QLgjfuj/MOoh8.2pM0/CqF5u6ORAzqFZ8Qf3c27uVEahy7ShxSv2K4K41z' +splunk::enterprise::password_hash: '$6$pIE/xAyP9mvBaewv$4GYFxC0SqonT6/x8qGcZXVCRLUVKODj9drDjdu/JJQ/Iw0Gg.aTkFzCjNAbaK4zcCHbphFz1g1HK18Z2bI92M0' +splunk::enterprise::password_content: ":admin:${password_hash}::Administrator:admin:changeme@example.com::" +splunk::enterprise::manage_package_source: true +splunk::enterprise::src_root: 'https://download.splunk.com' +splunk::enterprise::service_ensure: 'running' +splunk::enterprise::splunkd_port: 8089 +splunk::enterprise::logging_port: 9997 +splunk::enterprise::web_httpport: 8000 +splunk::enterprise::server: 'splunk' +splunk::enterprise::boot_start: true +splunk::enterprise::use_default_config: true +splunk::enterprise::input_default_host: "${facts.fqdn}" +splunk::enterprise::input_connection_host: 'dns' +splunk::enterprise::splunkd_listen: '127.0.0.1' +splunk::enterprise::purge_alert_actions: false +splunk::enterprise::purge_authentication: false +splunk::enterprise::purge_authorize: false +splunk::enterprise::purge_deploymentclient: false +splunk::enterprise::purge_distsearch: false +splunk::enterprise::purge_indexes: false +splunk::enterprise::purge_inputs: false +splunk::enterprise::purge_limits: false +splunk::enterprise::purge_outputs: false +splunk::enterprise::purge_props: false +splunk::enterprise::purge_server: false +splunk::enterprise::purge_serverclass: false +splunk::enterprise::purge_transforms: false +splunk::enterprise::purge_uiprefs: false +splunk::enterprise::purge_web: false + +splunk::forwarder::server: 'splunk' +splunk::forwarder::service_ensure: 'running' +splunk::forwarder::manage_package_source: true +splunk::forwarder::src_root: 'https://download.splunk.com' +splunk::forwarder::boot_start: true +splunk::forwarder::use_default_config: true +splunk::forwarder::splunkd_listen: '127.0.0.1' +splunk::forwarder::splunkd_port: 8089 +splunk::forwarder::logging_port: 9997 +splunk::forwarder::purge_deploymentclient: false +splunk::forwarder::purge_outputs: false +splunk::forwarder::purge_inputs: false +splunk::forwarder::purge_props: false +splunk::forwarder::purge_transforms: false +splunk::forwarder::purge_web: false +splunk::forwarder::manage_password: false +splunk::forwarder::seed_password: false +splunk::forwarder::reset_seeded_password: false +splunk::forwarder::secret: 'hhy9DOGqli4.aZWCuGvz8stcqT2/OSJUZuyWHKc4wnJtQ6IZu2bfjeElgYmGHN9RWIT3zs5hRJcX1wGerpMNObWhFue78jZMALs3c3Mzc6CzM98/yGYdfcvWMo1HRdKn82LVeBJI5dNznlZWfzg6xdywWbeUVQZcOZtODi10hdxSJ4I3wmCv0nmkSWMVOEKHxti6QLgjfuj/MOoh8.2pM0/CqF5u6ORAzqFZ8Qf3c27uVEahy7ShxSv2K4K41z' +splunk::forwarder::password_hash: '$6$pIE/xAyP9mvBaewv$4GYFxC0SqonT6/x8qGcZXVCRLUVKODj9drDjdu/JJQ/Iw0Gg.aTkFzCjNAbaK4zcCHbphFz1g1HK18Z2bI92M0' +splunk::forwarder::password_content: ":admin:${password_hash}::Administrator:admin:changeme@example.com::" +splunk::forwarder::addons: {} diff --git a/data/kernel/Linux.yaml b/data/kernel/Linux.yaml new file mode 100644 index 00000000..f0820682 --- /dev/null +++ b/data/kernel/Linux.yaml @@ -0,0 +1,25 @@ +--- + +splunk::enterprise::package_name: 'splunk' +splunk::enterprise::splunk_user: 'root' +splunk::enterprise::staging_dir: '/opt/staging/splunk' +splunk::enterprise::homedir: '/opt/splunk' +splunk::enterprise::path_delimiter: '/' +splunk::enterprise::seed_config_file: "%{lookup('splunk::enterprise::homedir')}/etc/system/local/user-seed.conf" +splunk::enterprise::password_config_file: "%{lookup('splunk::enterprise::homedir')}/etc/passwd" +splunk::enterprise::secret_file: "%{lookup('splunk::enterprise::homedir')}/etc/splunk.secret" +splunk::enterprise::confdir: "%{lookup('splunk::enterprise::homedir')}/etc" +splunk::enterprise::src_subdir: 'linux' +splunk::enterprise::install_options: [] + +splunk::forwarder::package_name: 'splunkforwarder' +splunk::forwarder::staging_dir: '/opt/staging/splunk' +splunk::forwarder::path_delimiter: '/' +splunk::forwarder::homedir: '/opt/splunkforwarder' +splunk::forwarder::confdir: "%{lookup('splunk::forwarder::homedir')}/etc" +splunk::forwarder::src_subdir: 'linux' +splunk::forwarder::install_options: [] +splunk::forwarder::splunk_user: 'root' +splunk::forwarder::password_config_file: "%{lookup('splunk::forwarder::homedir')}/etc/passwd" +splunk::forwarder::seed_config_file: "%{lookup('splunk::forwarder::homedir')}/etc/system/local/user-seed.conf" +splunk::forwarder::secret_file: "%{lookup('splunk::forwarder::homedir')}/etc/splunk.secret" diff --git a/data/kernel/SunOS.yaml b/data/kernel/SunOS.yaml new file mode 100644 index 00000000..c71dbe23 --- /dev/null +++ b/data/kernel/SunOS.yaml @@ -0,0 +1,25 @@ +--- + +splunk::enterprise::package_name: 'splunk' +splunk::enterprise::splunk_user: 'root' +splunk::enterprise::staging_dir: '/opt/staging/splunk' +splunk::enterprise::homedir: '/opt/splunk' +splunk::enterprise::path_delimiter: '/' +splunk::enterprise::seed_config_file: "%{lookup('splunk::enterprise::homedir')}/etc/system/local/user-seed.conf" +splunk::enterprise::password_config_file: "%{lookup('splunk::enterprise::homedir')}/etc/passwd" +splunk::enterprise::secret_file: "%{lookup('splunk::enterprise::homedir')}/etc/splunk.secret" +splunk::enterprise::confdir: "%{lookup('splunk::enterprise::homedir')}/etc" +splunk::enterprise::src_subdir: 'solaris' +splunk::enterprise::install_options: [] + +splunk::forwarder::package_name: 'splunkforwarder' +splunk::forwarder::staging_dir: '/opt/staging/splunk' +splunk::forwarder::path_delimiter: '/' +splunk::forwarder::homedir: '/opt/splunkforwarder' +splunk::forwarder::confdir: "%{lookup('splunk::forwarder::homedir')}/etc" +splunk::forwarder::src_subdir: 'solaris' +splunk::forwarder::install_options: [] +splunk::forwarder::splunk_user: 'root' +splunk::forwarder::password_config_file: "%{lookup('splunk::forwarder::homedir')}/etc/passwd" +splunk::forwarder::seed_config_file: "%{lookup('splunk::forwarder::homedir')}/etc/system/local/user-seed.conf" +splunk::forwarder::secret_file: "%{lookup('splunk::forwarder::homedir')}/etc/splunk.secret" diff --git a/data/kernel/Windows.yaml b/data/kernel/Windows.yaml new file mode 100644 index 00000000..c5dd1035 --- /dev/null +++ b/data/kernel/Windows.yaml @@ -0,0 +1,37 @@ +--- + +splunk::enterprise::package_name: 'Splunk Enterpirse' +splunk::enterprise::splunk_user: 'Administrator' +splunk::enterprise::staging_dir: "%{facts.archive_windir}\\splunk" +splunk::enterprise::homedir: 'C:\\Program Files\\Splunk' +splunk::enterprise::path_delimiter: '\\' +splunk::enterprise::seed_config_file: "%{lookup('splunk::enterprise::homedir')}\\etc\\system\\local\\user-seed.conf" +splunk::enterprise::password_config_file: "%{lookup('splunk::enterprise::homedir')}\\etc\\passwd" +splunk::enterprise::confdir: "%{lookup('splunk::enterprise::homedir')}\\etc" +splunk::enterprise::src_subdir: 'windows' +splunk::enterprise::install_options: [ + {INSTALLDIR: "%{lookup('splunk::enterprise::homedir')}"}, + {SPLUNKD_PORT: "%{lookup('splunk::enterprise::splunkd_port')}"}, + 'ARGEETOLICENSE=Yes', + 'LAUNCHSPLUNK=0'] + +splunk::forwarder::splunk_user: 'Administrator' +splunk::forwarder::package_name: 'UniversalForwarder' +splunk::forwarder::staging_dir: "%{facts.archive_windir}\\splunk" +splunk::forwarder::homedir: 'C:\\Program Files\\SplunkUniversalForwarder' +splunk::forwarder::confdir: "%{lookup('splunk::forwarder::homedir')}\\etc" +splunk::forwarder::src_subdir: 'windows' +splunk::forwarder::path_delimiter: '\\' +splunk::forwarder::password_config_file: "%{lookup('splunk::forwarder::homedir')}\\etc\\passwd" +splunk::forwarder::seed_config_file: "%{lookup('splunk::forwarder::homedir')}\\etc\\system\\local\\user-seed.conf" +splunk::forwarder::install_options: [ + {INSTALLDIR: "%{lookup('splunk::forwarder::homedir')}"}, + 'AGREETOLICENSE=Yes', + 'LAUNCHSPLUNK=0', + 'SERVICESTARTTYPE=auto', + 'WINEVENTLOG_APP_ENABLE=1', + 'WINEVENTLOG_SEC_ENABLE=1', + 'WINEVENTLOG_SYS_ENABLE=1', + 'WINEVENTLOG_FWD_ENABLE=1', + 'WINEVENTLOG_SET_ENABLE=1', + 'ENABLEADMON=1'] diff --git a/data/os/Debian.yaml b/data/os/Debian.yaml new file mode 100644 index 00000000..954d0cff --- /dev/null +++ b/data/os/Debian.yaml @@ -0,0 +1,5 @@ +--- + +splunk::enterprise::package_provider: 'dpkg' + +splunk::forwarder::package_provider: 'dpkg' diff --git a/data/os/RedHat.yaml b/data/os/RedHat.yaml new file mode 100644 index 00000000..f60f614d --- /dev/null +++ b/data/os/RedHat.yaml @@ -0,0 +1,5 @@ +--- + +splunk::enterprise::package_provider: 'rpm' + +splunk::forwarder::package_provider: 'rpm' diff --git a/data/os/Solaris.yaml b/data/os/Solaris.yaml new file mode 100644 index 00000000..40a189b4 --- /dev/null +++ b/data/os/Solaris.yaml @@ -0,0 +1,5 @@ +--- + +splunk::enterprise::package_provider: 'sun' + +splunk::forwarder::package_provider: 'sun' diff --git a/data/os/windows.yaml b/data/os/windows.yaml new file mode 100644 index 00000000..9f7d998a --- /dev/null +++ b/data/os/windows.yaml @@ -0,0 +1,5 @@ +--- + +splunk::enterprise::package_provider: 'windows' + +splunk::forwarder::package_provider: 'windows' diff --git a/hiera.yaml b/hiera.yaml new file mode 100644 index 00000000..8c6315ab --- /dev/null +++ b/hiera.yaml @@ -0,0 +1,16 @@ +--- +version: 5 + +defaults: + datadir: data + data_hash: yaml_data + +hierarchy: + - name: "OS family" + path: "os/%{facts.os.family}.yaml" + + - name: "Kernel" + path: "kernel/%{facts.kernel}.yaml" + + - name: "common" + path: "common.yaml" diff --git a/lib/facter/splunk_version.rb b/lib/facter/splunkenterprise.rb similarity index 59% rename from lib/facter/splunk_version.rb rename to lib/facter/splunkenterprise.rb index 515d344c..eb753714 100755 --- a/lib/facter/splunk_version.rb +++ b/lib/facter/splunkenterprise.rb @@ -1,6 +1,6 @@ -Facter.add(:splunk_version) do +Facter.add(:splunkenterprise) do setcode do - value = nil + splunk_hash = {} cmd = if File.exist?('C:/Program Files/Splunk/bin/splunk.exe') '"C:/Program Files/Splunk/bin/splunk.exe" --version' elsif File.exist?('/opt/splunk/bin/splunk') @@ -8,10 +8,11 @@ end if cmd output = Facter::Util::Resolution.exec(cmd) - if output =~ %r{^Splunk ([0-9\.]+) \(} # rubocop:disable Style/IfUnlessModifier - value = Regexp.last_match(1) + if output =~ %r{^Splunk ([0-9\.]+) \(build\s*(.*)\)} + splunk_hash['version'] = Regexp.last_match(1) + splunk_hash['build'] = Regexp.last_match(2) end end - value + splunk_hash end end diff --git a/lib/facter/splunkforwarder_version.rb b/lib/facter/splunkforwarder.rb similarity index 58% rename from lib/facter/splunkforwarder_version.rb rename to lib/facter/splunkforwarder.rb index 08723eec..29747a75 100755 --- a/lib/facter/splunkforwarder_version.rb +++ b/lib/facter/splunkforwarder.rb @@ -1,6 +1,6 @@ -Facter.add(:splunkforwarder_version) do +Facter.add(:splunkforwarder) do setcode do - value = nil + splunkforwarder_hash = {} cmd = if File.exist?('C:/Program Files/SplunkUniversalForwarder/bin/splunk.exe') '"C:/Program Files/SplunkUniversalForwarder/bin/splunk.exe" --version' elsif File.exist?('/opt/splunkforwarder/bin/splunk') @@ -8,10 +8,11 @@ end if cmd output = Facter::Util::Resolution.exec(cmd) - if output =~ %r{^Splunk Universal Forwarder ([0-9\.]+) \(} - value = Regexp.last_match(1) + if output =~ %r{^Splunk Universal Forwarder ([0-9\.]+) \(build\s*(.*)\)} + splunkforwarder_hash['version'] = Regexp.last_match(1) + splunkforwarder_hash['build'] = Regexp.last_match(2) end end - value + splunkforwarder_hash end end diff --git a/manifests/addon.pp b/manifests/addon.pp index 18cde544..a9630bc9 100644 --- a/manifests/addon.pp +++ b/manifests/addon.pp @@ -41,38 +41,42 @@ # A hash of inputs to be configured as part of add-on installation, alterntively you can also define splunk_input or splunkforwarder_input resouces seperately # define splunk::addon ( - Optional[Stdlib::Absolutepath] $splunk_home = undef, - Boolean $package_manage = true, - Optional[String[1]] $splunkbase_source = undef, - Optional[String[1]] $package_name = undef, - String[1] $owner = 'splunk', - Hash $inputs = {}, + Hash $inputs = {}, + String[1] $owner = 'splunk', + Boolean $package_manage = true, + Optional[String[1]] $splunkbase_source = undef, + Optional[Stdlib::Absolutepath] $splunk_home = undef, + Optional[String[1]] $package_name = undef, ) { if defined(Class['splunk::forwarder']) { $mode = 'forwarder' - } elsif defined(Class['splunk::enterprise']) { + } + elsif defined(Class['splunk::enterprise']) { $mode = 'enterprise' - } else { + } + else { fail('Instances of Splunk::Addon require the declaration of one of either Class[splunk::enterprise] or Class[splunk::forwarder]') } - - if $splunk_home { - $_splunk_home = $splunk_home - } else { - case $mode { - 'forwarder': { $_splunk_home = $splunk::params::forwarder_homedir } - 'enterprise': { $_splunk_home = $splunk::params::enterprise_homedir } - default: { fail('Instances of Splunk::Addon require the declaration of one of either Class[splunk::enterprise] or Class[splunk::forwarder]') } + case $mode { + 'forwarder' : { + $_splunk_home = pick($splunk_home, $splunk::forwarder::homedir) + $_staging_dir = $splunk::forwarder::staging_dir + } + 'enterprise': { + $_splunk_home = pick($splunk_home, $splunk::enterprise::homedir) + $_staging_dir = $splunk::enterprise::staging_dir } + default : { + fail('Instances of Splunk::Addon require the declaration of one of either Class[splunk::enterprise] or Class[splunk::forwarder]') } } if $package_manage { if $splunkbase_source { $archive_name = $splunkbase_source.split('/')[-1] archive { $name: - path => "${splunk::params::staging_dir}/${archive_name}", + path => "${_staging_dir}/${archive_name}", user => $owner, group => $owner, source => $splunkbase_source, diff --git a/manifests/enterprise.pp b/manifests/enterprise.pp index 74d21ebc..3074eff1 100644 --- a/manifests/enterprise.pp +++ b/manifests/enterprise.pp @@ -4,95 +4,72 @@ # @example Basic usage # include splunk::enterprise # -# @example Install specific version and build with admin passord management -# class { 'splunk::params': -# version => '7.2.5', -# build => '088f49762779', -# } +# @example Install specific version and release with admin password management # class { 'splunk::enterprise': -# package_ensure => latest, +# release => '7.2.5-088f49762779', # manage_password => true, # } # -# @param version -# Specifies the version of Splunk Enterprise the module should install and -# manage. -# -# @param package_name -# The name of the package(s) Puppet will use to install Splunk. -# -# @param package_ensure -# Ensure parameter which will get passed to the Splunk package resource. -# -# @param staging_dir -# Root of the archive path to host the Splunk package. -# -# @param path_delimiter -# The path separator used in the archived path of the Splunk package. +# @param boot_start +# Whether or not to enable splunk boot-start, which generates a service file to +# manage the Splunk Enterprise service. # -# @param enterprise_package_src -# The source URL for the splunk installation media (typically an RPM, MSI, -# etc). If a `$src_root` parameter is set in splunk::params, this will be -# automatically supplied. Otherwise it is required. The URL can be of any -# protocol supported by the pupept/archive module. On Windows, this can be -# a UNC path to the MSI. +# @param confdir +# Specifies the Splunk Enterprise configuration directory. # -# @param package_provider -# The package management system used to host the Splunk packages. +# @param homedir +# Specifies the Splunk Enterprise home directory. # -# @param manage_package_source -# Whether or not to use the supplied `enterprise_package_src` param. +# @param input_default_host +# Part of the default config. Sets the `splunk_input` default host. # -# @param package_source -# *Optional* The source URL for the splunk installation media (typically an RPM, -# MSI, etc). If `enterprise_package_src` parameter is set in splunk::params and -# `manage_package_source` is true, this will be automatically supplied. Otherwise -# it is required. The URL can be of any protocol supported by the puppet/archive -# module. On Windows, this can be a UNC path to the MSI. +# @param input_connection_host +# Part of the default config. Sets the `splunk_input` connection host. # # @param install_options # This variable is passed to the package resources' *install_options* parameter. # -# @param splunk_user -# The user to run Splunk as. -# -# @param enterprise_homedir -# Specifies the Splunk Enterprise home directory. +# @param logging_port +# The port to receive TCP logs on. # -# @param enterprise_confdir -# Specifies the Splunk Enterprise configuration directory. +# @param manage_package_source +# Whether or not to use the supplied `managed_package_source` param. # -# @param service_name -# The name of the Splunk Enterprise service. +# @param manage_password +# If set to true, Manage the contents of splunk.secret and passwd. # -# @param service_file -# The path to the Splunk Enterprise service file. +# @param package_ensure +# Optional. Ensure parameter which will get passed to the Splunk package +# resource. # -# @param boot_start -# Whether or not to enable splunk boot-start, which generates a service file to -# manage the Splunk Enterprise service. +# It is highly recommended to specify $splunk::enterprise::release to ensure +# a specific version of the Splunk package. # -# @param use_default_config -# Whether or not the module should manage a default set of Splunk Enterprise -# configuration parameters. +# @param managed_package_source +# Optional. The source URL for the splunk installation media (typically an +# RPM, MSI, etc). If a `$src_root` parameter is set in splunk::params, this +# will be automatically supplied. Otherwise it is required. The URL can be of +# any protocol supported by the pupept/archive module. On Windows, this can +# be a UNC path to the MSI. # -# @param input_default_host -# Part of the default config. Sets the `splunk_input` default host. +# @param package_name +# The name of the package(s) Puppet will use to install Splunk. # -# @param input_connection_host -# Part of the default config. Sets the `splunk_input` connection host. +# @param package_provider +# The package management system used to host the Splunk packages. # -# @param splunkd_listen -# The address on which splunkd should listen. +# @param password_config_file +# Which file to put the password in i.e. in linux it would be +# `/opt/splunk/etc/passwd`. # -# @param logging_port -# The port to receive TCP logs on. +# @param password_content +# The hashed password username/details for the user. # -# @param splunkd_port -# The management port for Splunk. +# @param password_hash +# The hashed password for the admin user. # -# @param web_port -# The port on which to service the Splunk Web interface. +# @param path_delimiter +# The path separator used in the archived path of the Splunk package. # # @param purge_inputs # If set to true, inputs.conf will be purged of configuration that is @@ -138,85 +115,129 @@ # If set to true, web.conf will be purged of configuration that is no # longer managed by the `splunk_web type`. # -# @param manage_password -# If set to true, Manage the contents of splunk.secret and passwd. +# @param release +# Optional. The release of Splunk to install and configure. It is *highly* +# recommended you specify a release at all times. # -# @param seed_password -# If set to true, Manage the contents of splunk.secret and user-seed.conf. +# It must be in the form `version-release`, eg. 7.2.4.2-fb30470262e3 +# +# If Splunk s not installed before applying the module, you will be required +# to provide a release. +# +# Should you not specify a release but Splunk is installed, the +# splunkenterprise['version'] and splunkenterprise['build'] facts will be +# used to assume the version of Splunk. # # @param reset_seed_password # If set to true, deletes `password_config_file` to trigger Splunk's password # import process on restart of the Splunk services. # -# @param password_config_file -# Which file to put the password in i.e. in linux it would be -# `/opt/splunk/etc/passwd`. +# @param secret +# The secret used to salt the splunk password. +# +# @param secret_file +# Which file we should put the secret in. # # @param seed_config_file # Which file to place the admin password hash in so its imported by Splunk on # restart. # -# @param password_content -# The hashed password username/details for the user. +# @param seed_password +# If set to true, Manage the contents of splunk.secret and user-seed.conf. # -# @param password_hash -# The hashed password for the admin user. +# @param service_ensure +# Ensure passed to the splunk service resource. # -# @param secret_file -# Which file we should put the secret in. +# @param service_file +# Optional. The path to the Splunk Enterprise service file. # -# @param secret -# The secret used to salt the splunk password. +# @param service_name +# Optional. The name of the Splunk Enterprise service. +# +# @param splunk_user +# The user to run Splunk as. +# +# @param splunkd_listen +# The address on which splunkd should listen. +# +# @param splunkd_port +# The management port for Splunk. +# +# @param src_root +# The root of the splunk package source directory. +# +# @param staging_dir +# Root of the archive path to host the Splunk package. +# +# @param unmanaged_package_source +# Optional. The source URL for the splunk installation media (typically an +# RPM, MSI, etc). +# +# If `managed_package_source` parameter is set, and `manage_package_source` +# is true, this will be automatically supplied. Otherwise it is required. +# +# The URL can be of any protocol supported by the puppet/archive +# module. On Windows, this can be a UNC path to the MSI. +# +# @param use_default_config +# Whether or not the module should manage a default set of Splunk Enterprise +# configuration parameters. +# +# @param web_httpport +# The port on which to service the Splunk Web interface. # class splunk::enterprise ( - String[1] $version = $splunk::params::version, - String[1] $package_name = $splunk::params::enterprise_package_name, - String[1] $package_ensure = $splunk::params::enterprise_package_ensure, - String[1] $staging_dir = $splunk::params::staging_dir, - String[1] $path_delimiter = $splunk::params::path_delimiter, - String[1] $enterprise_package_src = $splunk::params::enterprise_package_src, - Optional[String[1]] $package_provider = $splunk::params::package_provider, - Boolean $manage_package_source = true, - Optional[String[1]] $package_source = undef, - Splunk::Entinstalloptions $install_options = $splunk::params::enterprise_install_options, - String[1] $splunk_user = $splunk::params::splunk_user, - Stdlib::Absolutepath $enterprise_homedir = $splunk::params::enterprise_homedir, - Stdlib::Absolutepath $enterprise_confdir = $splunk::params::enterprise_confdir, - String[1] $service_name = $splunk::params::enterprise_service, - Stdlib::Absolutepath $service_file = $splunk::params::enterprise_service_file, - Boolean $boot_start = $splunk::params::boot_start, - Boolean $use_default_config = true, - String[1] $input_default_host = $facts['fqdn'], - String[1] $input_connection_host = 'dns', - Stdlib::IP::Address $splunkd_listen = '127.0.0.1', - Stdlib::Port $splunkd_port = $splunk::params::splunkd_port, - Stdlib::Port $logging_port = $splunk::params::logging_port, - Stdlib::Port $web_httpport = 8000, - Boolean $purge_alert_actions = false, - Boolean $purge_authentication = false, - Boolean $purge_authorize = false, - Boolean $purge_deploymentclient = false, - Boolean $purge_distsearch = false, - Boolean $purge_indexes = false, - Boolean $purge_inputs = false, - Boolean $purge_limits = false, - Boolean $purge_outputs = false, - Boolean $purge_props = false, - Boolean $purge_server = false, - Boolean $purge_serverclass = false, - Boolean $purge_transforms = false, - Boolean $purge_uiprefs = false, - Boolean $purge_web = false, - Boolean $manage_password = $splunk::params::manage_password, - Boolean $seed_password = $splunk::params::seed_password, - Boolean $reset_seeded_password = $splunk::params::reset_seeded_password, - Stdlib::Absolutepath $password_config_file = $splunk::params::enterprise_password_config_file, - Stdlib::Absolutepath $seed_config_file = $splunk::params::enterprise_seed_config_file, - String[1] $password_content = $splunk::params::password_content, - String[1] $password_hash = $splunk::params::password_hash, - Stdlib::Absolutepath $secret_file = $splunk::params::enterprise_secret_file, - String[1] $secret = $splunk::params::secret, -) inherits splunk { + Boolean $boot_start, + Stdlib::Absolutepath $confdir, + Stdlib::Absolutepath $homedir, + String[1] $input_default_host, + String[1] $input_connection_host, + Splunk::Entinstalloptions $install_options, + Stdlib::Port $logging_port, + Boolean $manage_package_source, + Boolean $manage_password, + String[1] $package_name, + Optional[String[1]] $package_provider, + Stdlib::Absolutepath $password_config_file, + String[1] $password_content, + String[1] $password_hash, + String[1] $path_delimiter, + Boolean $purge_alert_actions, + Boolean $purge_authentication, + Boolean $purge_authorize, + Boolean $purge_deploymentclient, + Boolean $purge_distsearch, + Boolean $purge_indexes, + Boolean $purge_inputs, + Boolean $purge_limits, + Boolean $purge_outputs, + Boolean $purge_props, + Boolean $purge_server, + Boolean $purge_serverclass, + Boolean $purge_transforms, + Boolean $purge_uiprefs, + Boolean $purge_web, + Boolean $reset_seeded_password, + String[1] $secret, + Stdlib::Absolutepath $secret_file, + Stdlib::Absolutepath $seed_config_file, + Boolean $seed_password, + String[1] $service_ensure, + String[1] $splunk_user, + Stdlib::IP::Address $splunkd_listen, + Stdlib::Port $splunkd_port, + String[1] $src_root, + String[1] $src_subdir, + String[1] $staging_dir, + Boolean $use_default_config, + Stdlib::Port $web_httpport, + Optional[String[1]] $managed_package_source = undef, + Optional[String[1]] $package_ensure = undef, + Optional[Splunk::Release] $release = undef, + Optional[String[1]] $service_name = undef, + Optional[Stdlib::Absolutepath] $service_file = undef, + Optional[String[1]] $unmanaged_package_source = undef, +) { if (defined(Class['splunk::forwarder'])) { fail('Splunk Universal Forwarder provides a subset of Splunk Enterprise capabilities, and has potentially conflicting resources when included with Splunk Enterprise on the same node. Do not include splunk::forwarder on the same node as splunk::enterprise. Configure Splunk Enterprise to meet your forwarding needs.' @@ -239,6 +260,45 @@ info("The setting \"reset_seeded_password\" will delete ${password_config_file} on each run of Puppet and generate a corrective change event, the file must be absent for Splunk's admin password seeding process to be triggered so this setting should only be used temporarily as it'll also cause a resart of the Splunk service") } + # Determine the Splunk version to ensure + if $release { + $_version = split($release,'-')[0] + $_build = split($release,'-')[1] + + if $package_ensure and $package_ensure =~ /^\d/ { + warning("Setting `splunk::enterprise::package_ensure` and `splunk::enterprise::release` to specific versions could result in unwanted behavior. It is recommended you specify the splunk version with `splunk::enterprise::release` only, in the form `version-build`, eg. 7.2.4.2-fb30470262e3'") + } + } + elsif has_key($facts['splunkenterprise'],'version') and has_key($facts['splunkenterprise'],'build') { + $_version = $facts['splunkenterprise']['version'] + $_build = $facts['splunkenterprise']['build'] + } + else { + fail('No splunk version detected (installed), you need to specify `$splunk::enterprise::release` in the form `version-build`, eg. 7.2.4.2-fb30470262e3') + } + + # Determine the Splunk service name and service file path + case $facts['kernel'] { + /^(Linux|SunOS)$/ : { + if $facts['service_provider'] == 'systemd' and versioncmp($_version, '7.2.2') >= 0 { + $_splunk_service_name = 'Splunkd' + $_splunk_service_file = '/etc/systemd/system/multi-user.target.wants/Splunkd.service' + } + else { + $_splunk_service_name = 'splunk' + $_splunk_service_file = '/etc/init.d/splunk' + } + } + 'windows': { + $_splunk_service_name = 'splunkd' + $_splunk_service_file = "${homedir}\\dummy" + } + default : { fail("splunk module does not support kernel ${facts['kernel']}") } + } + $_service_name = pick($service_name, $_splunk_service_name) + $_service_file = pick($service_file, $_splunk_service_file) + + contain 'splunk::enterprise::install' contain 'splunk::enterprise::config' contain 'splunk::enterprise::service' @@ -247,8 +307,10 @@ -> Class['splunk::enterprise::config'] ~> Class['splunk::enterprise::service'] - # Purge resources if option set - Splunk_config['splunk'] { + # A meta resource so providers know where splunk is installed: + splunk_config { 'splunk': + server_installdir => $homedir, + server_confdir => $confdir, purge_alert_actions => $purge_alert_actions, purge_authentication => $purge_authentication, purge_authorize => $purge_authorize, @@ -263,7 +325,6 @@ purge_serverclass => $purge_serverclass, purge_transforms => $purge_transforms, purge_uiprefs => $purge_uiprefs, - purge_web => $purge_web + purge_web => $purge_web, } - } diff --git a/manifests/enterprise/config.pp b/manifests/enterprise/config.pp index 715fb368..23f43649 100644 --- a/manifests/enterprise/config.pp +++ b/manifests/enterprise/config.pp @@ -2,7 +2,8 @@ # Private class declared by Class[splunk::enterprise] to contain all the # configuration needed for a base install of Splunk Enterprise # -class splunk::enterprise::config() { +class splunk::enterprise::config { + assert_private() if $splunk::enterprise::seed_password { class { 'splunk::enterprise::password::seed': @@ -30,7 +31,7 @@ } # Remove init.d file if the service provider is systemd - if $facts['service_provider'] == 'systemd' and versioncmp($splunk::enterprise::version, '7.2.2') >= 0 { + if $facts['service_provider'] == 'systemd' and versioncmp($splunk::enterprise::_version, '7.2.2') >= 0 { file { '/etc/init.d/splunk': ensure => 'absent', } @@ -42,26 +43,26 @@ section => '', setting => 'OPTIMISTIC_ABOUT_FILE_LOCKING', value => '1', - path => "${splunk::enterprise::enterprise_homedir}/etc/splunk-launch.conf", + path => "${splunk::enterprise::homedir}/etc/splunk-launch.conf", } } - file { ["${splunk::enterprise::enterprise_homedir}/etc/system/local/alert_actions.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/authentication.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/authorize.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/deploymentclient.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/distsearch.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/indexes.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/inputs.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/limits.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/outputs.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/props.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/server.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/serverclass.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/transforms.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/ui-prefs.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/local/web.conf", - "${splunk::enterprise::enterprise_homedir}/etc/system/metadata/local.meta"]: + file { ["${splunk::enterprise::homedir}/etc/system/local/alert_actions.conf", + "${splunk::enterprise::homedir}/etc/system/local/authentication.conf", + "${splunk::enterprise::homedir}/etc/system/local/authorize.conf", + "${splunk::enterprise::homedir}/etc/system/local/deploymentclient.conf", + "${splunk::enterprise::homedir}/etc/system/local/distsearch.conf", + "${splunk::enterprise::homedir}/etc/system/local/indexes.conf", + "${splunk::enterprise::homedir}/etc/system/local/inputs.conf", + "${splunk::enterprise::homedir}/etc/system/local/limits.conf", + "${splunk::enterprise::homedir}/etc/system/local/outputs.conf", + "${splunk::enterprise::homedir}/etc/system/local/props.conf", + "${splunk::enterprise::homedir}/etc/system/local/server.conf", + "${splunk::enterprise::homedir}/etc/system/local/serverclass.conf", + "${splunk::enterprise::homedir}/etc/system/local/transforms.conf", + "${splunk::enterprise::homedir}/etc/system/local/ui-prefs.conf", + "${splunk::enterprise::homedir}/etc/system/local/web.conf", + "${splunk::enterprise::homedir}/etc/system/metadata/local.meta"]: ensure => file, tag => 'splunk_enterprise', owner => $splunk::enterprise::splunk_user, diff --git a/manifests/enterprise/install.pp b/manifests/enterprise/install.pp index 2301b843..ef6c20ba 100644 --- a/manifests/enterprise/install.pp +++ b/manifests/enterprise/install.pp @@ -4,14 +4,30 @@ # for successfully installing Splunk Enterprise # class splunk::enterprise::install { + assert_private() if $facts['kernel'] == 'Linux' or $facts['kernel'] == 'SunOS' { include splunk::enterprise::install::nix } + # Determine the managed Splunk package_source + case "${facts['os']['family']} ${facts['architecture']}" { + 'RedHat i386' : { $_package_suffix = "${splunk::enterprise::_version}-${splunk::enterprise::_build}.i386.rpm" } + 'RedHat x86_64' : { $_package_suffix = "${splunk::enterprise::_version}-${splunk::enterprise::_build}-linux-2.6-x86_64.rpm" } + 'Debian i386' : { $_package_suffix = "${splunk::enterprise::_version}-${splunk::enterprise::_build}-linux-2.6-intel.deb" } + 'Debian amd64' : { $_package_suffix = "${splunk::enterprise::_version}-${splunk::enterprise::_build}-linux-2.6-amd64.deb" } + /^(W|w)indows (x86|i386)$/ : { $_package_suffix = "${splunk::enterprise::_version}-${splunk::enterprise::_build}-x86-release.msi" } + /^(W|w)indows (x64|x86_64)$/ : { $_package_suffix = "${splunk::enterprise::_version}-${splunk::enterprise::_build}-x64-release.msi" } + 'Solaris i86pc' : { $_package_suffix = "${splunk::enterprise::_version}-${splunk::enterprise::_build}-solaris-10-intel.pkg" } + 'Solaris sun4v' : { $_package_suffix = "${splunk::enterprise::_version}-${splunk::enterprise::_build}-solaris-8-sparc.pkg" } + default : { fail("unsupported osfamily/arch ${facts['os']['family']}/${facts['architecture']}") } + } + $_managed_package_source = pick($splunk::enterprise::managed_package_source,"${splunk::enterprise::src_root}/products/splunk/releases/${splunk::enterprise::_version}/${splunk::enterprise::src_subdir}/${splunk::enterprise::package_name}-${_package_suffix}") + + $_package_source = $splunk::enterprise::manage_package_source ? { - true => $splunk::enterprise::enterprise_package_src, - false => $splunk::enterprise::package_source + true => $_managed_package_source, + false => $splunk::enterprise::unmanaged_package_source } if $splunk::enterprise::package_provider and !($splunk::enterprise::package_provider in ['apt','chocolatey','yum']) { @@ -24,7 +40,8 @@ extract => false, before => Package[$splunk::enterprise::package_name], } - } else { + } + else { $_staged_package = undef } @@ -38,8 +55,17 @@ }, } + # Dpkg and sun are not versionable, and will utilize the source as the + # version + if $splunk::enterprise::package_provider in ['dpkg','sun'] { + $_package_ensure = pick($splunk::enterprise::package_ensure, 'installed') + } + else { + $_package_ensure = pick($splunk::enterprise::package_ensure, "${splunk::enterprise::_version}-${splunk::enterprise::_build}") + } + package { $splunk::enterprise::package_name: - ensure => $splunk::enterprise::package_ensure, + ensure => $_package_ensure, provider => $splunk::enterprise::package_provider, install_options => $splunk::enterprise::install_options, } diff --git a/manifests/enterprise/install/nix.pp b/manifests/enterprise/install/nix.pp index 5790b46c..d9754bd7 100644 --- a/manifests/enterprise/install/nix.pp +++ b/manifests/enterprise/install/nix.pp @@ -3,6 +3,7 @@ # platform specific installation steps on Linux or Unix type systems. # class splunk::enterprise::install::nix inherits splunk::enterprise::install { + assert_private() if $facts['kernel'] == 'SunOS' { $_responsefile = "${splunk::enterprise::staging_dir}/response.txt" @@ -25,17 +26,17 @@ } # Collect any Splunk packages and give them an admin and response file. - Package[$splunk::enterprise::enterprise_package_name] { + Package[$splunk::enterprise::package_name] { adminfile => $_adminfile, responsefile => $_responsefile, } } # Required for splunk 7.2.4.2 - if versioncmp($splunk::enterprise::version, '7.2.4.2') >= 0 { + if versioncmp($splunk::enterprise::_version, '7.2.4.2') >= 0 { ensure_packages(['net-tools'], { 'ensure' => 'present', - before => Package[$splunk::enterprise::enterprise_package_name] + before => Package[$splunk::enterprise::package_name] }) } diff --git a/manifests/enterprise/password/manage.pp b/manifests/enterprise/password/manage.pp index 4faf4fd4..ed7fef03 100644 --- a/manifests/enterprise/password/manage.pp +++ b/manifests/enterprise/password/manage.pp @@ -21,11 +21,11 @@ # @param secret # The secret used to salt the splunk password. # -# @params service +# @param service # Name of the Splunk Enterprise service that needs to be restarted after files # are updated, not applicable when running in agent mode. # -# @params mode +# @param mode # The class is designed to work in two ways, as a helper that is called by # Class[splunk::enterprise::config] or leveraged independently from with in a # Bolt Plan. The value defaults to "bolt" implicitly assuming that anytime it @@ -33,15 +33,19 @@ # Bolt # class splunk::enterprise::password::manage( - Boolean $manage_password = $splunk::params::manage_password, - Stdlib::Absolutepath $password_config_file = $splunk::params::forwarder_password_config_file, - String[1] $password_content = $splunk::params::password_content, - Stdlib::Absolutepath $secret_file = $splunk::params::forwarder_secret_file, - String[1] $secret = $splunk::params::secret, - String[1] $splunk_user = $splunk::params::splunk_user, - String[1] $service = $splunk::params::enterprise_service, + Boolean $manage_password = lookup($splunk::enterprise::manage_password), + Stdlib::Absolutepath $password_config_file = lookup($splunk::enterprise::password_config_file), + String[1] $password_content = lookup($splunk::enterprise::password_content), + Stdlib::Absolutepath $secret_file = lookup($splunk::enterprise::secret_file), + String[1] $secret = lookup($splunk::enterprise::secret), + String[1] $splunk_user = lookup($splunk::enterprise::splunk_user), Enum['agent', 'bolt'] $mode = 'bolt', -) inherits splunk::params { + Optional[String[1]] $service = undef, +) { + + if $mode == 'bolt' and !$service { + fail('You must specify `$splunk::enterprise::password::manage::service` for Bolt') + } file { $secret_file: ensure => file, diff --git a/manifests/enterprise/password/seed.pp b/manifests/enterprise/password/seed.pp index 6ff593e9..a1bc1187 100644 --- a/manifests/enterprise/password/seed.pp +++ b/manifests/enterprise/password/seed.pp @@ -27,11 +27,11 @@ # @param secret # The secret used to salt the splunk password. # -# @params service +# @param service # Name of the Splunk Enterprise service that needs to be restarted after files # are updated, not applicable when running in agent mode. # -# @params mode +# @param mode # The class is designed to work in two ways, as a helper that is called by # Class[splunk::enterprise::config] or leveraged independently from with in a # Bolt Plan. The value defaults to "bolt" implicitly assuming that anytime it @@ -39,16 +39,20 @@ # Bolt # class splunk::enterprise::password::seed( - Boolean $reset_seeded_password = $splunk::params::reset_seeded_password, - Stdlib::Absolutepath $password_config_file = $splunk::params::enterprise_password_config_file, - Stdlib::Absolutepath $seed_config_file = $splunk::params::enterprise_seed_config_file, - String[1] $password_hash = $splunk::params::password_hash, - Stdlib::Absolutepath $secret_file = $splunk::params::enterprise_secret_file, - String[1] $secret = $splunk::params::secret, - String[1] $splunk_user = $splunk::params::splunk_user, - String[1] $service = $splunk::params::enterprise_service, + Boolean $reset_seeded_password = lookup($splunk::enterprise::reset_seeded_password), + Stdlib::Absolutepath $password_config_file = lookup($splunk::enterprise::password_config_file), + Stdlib::Absolutepath $seed_config_file = lookup($splunk::enterprise::seed_config_file), + String[1] $password_hash = lookup($splunk::enterprise::password_hash), + Stdlib::Absolutepath $secret_file = lookup($splunk::enterprise::secret_file), + String[1] $secret = lookup($splunk::enterprise::secret), + String[1] $splunk_user = lookup($splunk::enterprise::splunk_user), Enum['agent', 'bolt'] $mode = 'bolt', -) inherits splunk::params { + Optional[String[1]] $service = undef, +) { + + if $mode == 'bolt' and !$service { + fail('You must specify $splunk::enterprise::password::seed::service` for Bolt') + } file { $secret_file: ensure => file, @@ -57,7 +61,7 @@ content => $secret, } - if $reset_seeded_password or $facts['splunk_version'].empty { + if $reset_seeded_password or $facts['splunkenterprise']['version'].empty { file { $password_config_file: ensure => absent, before => File[$seed_config_file], diff --git a/manifests/enterprise/service.pp b/manifests/enterprise/service.pp index 572636d1..895d3c6f 100644 --- a/manifests/enterprise/service.pp +++ b/manifests/enterprise/service.pp @@ -4,6 +4,7 @@ # sub-classes # class splunk::enterprise::service { + assert_private() # This is a module that supports multiple platforms. For some platforms # there is non-generic configuration that needs to be declared in addition @@ -12,8 +13,8 @@ include splunk::enterprise::service::nix } - service { $splunk::enterprise::service_name: - ensure => running, + service { $splunk::enterprise::_service_name: + ensure => $splunk::enterprise::service_ensure, enable => true, hasstatus => true, hasrestart => true, diff --git a/manifests/enterprise/service/nix.pp b/manifests/enterprise/service/nix.pp index 02c19cfa..806a28c2 100644 --- a/manifests/enterprise/service/nix.pp +++ b/manifests/enterprise/service/nix.pp @@ -3,6 +3,7 @@ # platform specific service management on Linux or Unix type systems. # class splunk::enterprise::service::nix inherits splunk::enterprise::service { + assert_private() if $splunk::enterprise::boot_start { # Ensure splunk services *not* managed by the system service file are @@ -11,9 +12,9 @@ # will no longer be able to control the binary-managed services # (start/stop/restart). exec { 'stop_splunk': - command => "${splunk::enterprise::enterprise_homedir}/bin/splunk stop", + command => "${splunk::enterprise::homedir}/bin/splunk stop", user => $splunk::enterprise::splunk_user, - creates => $splunk::enterprise::enterprise_service_file, + creates => $splunk::enterprise::_service_file, timeout => 0, notify => Exec['enable_splunk'], } @@ -21,9 +22,9 @@ # unit files during uninstallation, so you may be required to manually # remove existing unit files before re-installing and enabling boot-start. exec { 'enable_splunk': - command => "${splunk::enterprise::enterprise_homedir}/bin/splunk enable boot-start -user ${splunk::enterprise::splunk_user} --accept-license --answer-yes --no-prompt", + command => "${splunk::enterprise::homedir}/bin/splunk enable boot-start -user ${splunk::enterprise::splunk_user} --accept-license --answer-yes --no-prompt", refreshonly => true, - before => Service[$splunk::enterprise::service_name], + before => Service[$splunk::enterprise::_service_name], require => Exec['stop_splunk'], } } @@ -34,35 +35,35 @@ # present before installing splunk. The splunk package does not remove the # service files when uninstalled. exec { 'disable_splunk': - command => "${splunk::enterprise::enterprise_homedir}/bin/splunk disable boot-start -user ${splunk::enterprise::splunk_user} --accept-license --answer-yes --no-prompt", - onlyif => "/usr/bin/test -f ${splunk::enterprise::enterprise_service_file}", + command => "${splunk::enterprise::homedir}/bin/splunk disable boot-start -user ${splunk::enterprise::splunk_user} --accept-license --answer-yes --no-prompt", + onlyif => "/usr/bin/test -f ${splunk::enterprise::_service_file}", } # This will start splunkd and splunkweb in legacy mode assuming # appServerPorts is set to 0. exec { 'license_splunk': - command => "${splunk::enterprise::enterprise_homedir}/bin/splunk start --accept-license --answer-yes --no-prompt", + command => "${splunk::enterprise::homedir}/bin/splunk start --accept-license --answer-yes --no-prompt", user => $splunk::enterprise::splunk_user, - creates => "${splunk::enterprise::enterprise_homedir}/etc/auth/splunk.secret", + creates => "${splunk::enterprise::homedir}/etc/auth/splunk.secret", timeout => 0, - before => Service[$splunk::enterprise::service_name], + before => Service[$splunk::enterprise::_service_name], require => Exec['disable_splunk'], } if $facts['kernel'] == 'Linux' { - Service[$splunk::enterprise::service_name] { + Service[$splunk::enterprise::_service_name] { provider => 'base', } } else { - Service[$splunk::enterprise::service_name] { + Service[$splunk::enterprise::_service_name] { provider => 'init', } } - Service[$splunk::enterprise::service_name] { - restart => "/usr/sbin/runuser -l ${splunk::enterprise::splunk_user} -c '${splunk::enterprise::enterprise_homedir}/bin/splunk restart'", - start => "/usr/sbin/runuser -l ${splunk::enterprise::splunk_user} -c '${splunk::enterprise::enterprise_homedir}/bin/splunk start'", - stop => "/usr/sbin/runuser -l ${splunk::enterprise::splunk_user} -c '${splunk::enterprise::enterprise_homedir}/bin/splunk stop'", - status => "/usr/sbin/runuser -l ${splunk::enterprise::splunk_user} -c '${splunk::enterprise::enterprise_homedir}/bin/splunk status'", + Service[$splunk::enterprise::_service_name] { + restart => "/usr/sbin/runuser -l ${splunk::enterprise::splunk_user} -c '${splunk::enterprise::homedir}/bin/splunk restart'", + start => "/usr/sbin/runuser -l ${splunk::enterprise::splunk_user} -c '${splunk::enterprise::homedir}/bin/splunk start'", + stop => "/usr/sbin/runuser -l ${splunk::enterprise::splunk_user} -c '${splunk::enterprise::homedir}/bin/splunk stop'", + status => "/usr/sbin/runuser -l ${splunk::enterprise::splunk_user} -c '${splunk::enterprise::homedir}/bin/splunk status'", pattern => "splunkd -p ${splunk::enterprise::splunkd_port} (restart|start)", } } diff --git a/manifests/forwarder.pp b/manifests/forwarder.pp index af866300..4d6effb1 100644 --- a/manifests/forwarder.pp +++ b/manifests/forwarder.pp @@ -4,190 +4,207 @@ # @example Basic usage # include splunk::forwarder # -# @example Install specific version and build with admin passord management -# class { 'splunk::params': -# version => '7.2.5', -# build => '088f49762779', -# } -# class { 'splunk::forwarder': -# package_ensure => latest, -# manage_password => true, -# } +# @example Install specific version and build with admin password management +# class { 'splunk::forwarder': +# release => '7.2.5-088f49762779', +# manage_password => true, +# } # -# @param server -# The fqdn or IP address of the Splunk server. -# -# @param version` -# Specifies the version of Splunk Forwarder the module should install and -# manage. -# -# @param package_name -# The name of the package(s) Puppet will use to install Splunk Forwarder. +# @param addons +# A hash of Splunk addons. # -# @param package_ensure -# Ensure parameter which will get passed to the Splunk package resource. +# @param boot_start +# Whether or not to enable splunk boot-start, which generates a service file to +# manage the Splunk Forwarder service. # -# @param staging_dir -# Root of the archive path to host the Splunk package. +# @param confdir +# Specifies the Splunk Forwarder configuration directory. # -# @param path_delimiter -# The path separator used in the archived path of the Splunk package. +# @param homedir +# Specifies the Splunk Forwarder home directory. # -# @param forwarder_package_src -# The source URL for the splunk installation media (typically an RPM, MSI, -# etc). If a `$src_root` parameter is set in splunk::params, this will be -# automatically supplied. Otherwise it is required. The URL can be of any -# protocol supported by the puppet/archive module. On Windows, this can be -# a UNC path to the MSI. +# @param install_options +# This variable is passed to the package resources' *install_options* parameter. # -# @param package_provider -# The package management system used to host the Splunk packages. +# @param logging_port +# The port to receive TCP logs on. # # @param manage_package_source -# Whether or not to use the supplied `forwarder_package_src` param. -# -# @param package_source -# *Optional* The source URL for the splunk installation media (typically an RPM, -# MSI, etc). If `enterprise_package_src` parameter is set in splunk::params and -# `manage_package_source` is true, this will be automatically supplied. Otherwise -# it is required. The URL can be of any protocol supported by the puppet/archive -# module. On Windows, this can be a UNC path to the MSI. +# Whether or not to use the supplied `managed_package_source` param. # -# @param install_options -# This variable is passed to the package resources' *install_options* parameter. +# @param managed_package_source +# Optional. The source URL for the splunk installation media (typically an +# RPM, MSI, etc). If a `$src_root` parameter is set in splunk::params, this +# will be automatically supplied. Otherwise it is required. The URL can be of +# any protocol supported by the pupept/archive module. On Windows, this can +# be a UNC path to the MSI. # -# @param splunk_user -# The user to run Splunk as. -# -# @param forwarder_homedir -# Specifies the Splunk Forwarder home directory. +# @param manage_password +# If set to true, Manage the contents of splunk.secret and passwd. # -# @param forwarder_confdir -# Specifies the Splunk Forwarder configuration directory. +# @param package_name +# The name of the package(s) Puppet will use to install Splunk. # -# @param service_name -# The name of the Splunk Forwarder service. +# @param package_ensure +# Optional. Ensure parameter which will get passed to the Splunk package +# resource. # -# @param service_file -# The path to the Splunk Forwarder service file. +# It is highly recommended to specify $splunk::forwarder::release to ensure +# a specific version of the Splunk package. # -# @param boot_start -# Whether or not to enable splunk boot-start, which generates a service file to -# manage the Splunk Forwarder service. +# @param package_provider +# The package management system used to host the Splunk packages. # -# @param use_default_config -# Whether or not the module should manage a default set of Splunk Forwarder -# configuration parameters. +# @param password_config_file +# Which file to put the password in i.e. in linux it would be +# `/opt/splunk/etc/passwd`. # -# @param splunkd_listen -# The address on which splunkd should listen. +# @param password_content +# The hashed password username/details for the user. # -# @param splunkd_port -# The management port for Splunk. +# @param password_hash +# The hashed password for the admin user. # -# @param logging_port -# The port on which to send and listen for logs. +# @param path_delimiter +# The path separator used in the archived path of the Splunk package. # -# @param purge_inputs -# *Optional* If set to true, inputs.conf will be purged of configuration that is -# no longer managed by the `splunkforwarder_input` type. +# @param purge_deploymentclient +# If set to true, indexes.conf will be purged of configuration that is +# no longer managed by the `splunk_deploymentclient` type. # # @param purge_outputs -# *Optional* If set to true, outputs.conf will be purged of configuration that is +# If set to true, outputs.conf will be purged of configuration that is # no longer managed by the `splunk_output` type. # +# @param purge_inputs +# If set to true, inputs.conf will be purged of configuration that is +# no longer managed by the `splunk_input` type. +# # @param purge_props -# *Optional* If set to true, props.conf will be purged of configuration that is +# If set to true, props.conf will be purged of configuration that is # no longer managed by the `splunk_props` type. # # @param purge_transforms -# *Optional* If set to true, transforms.conf will be purged of configuration that is -# no longer managed by the `splunk_transforms` type. +# If set to true, transforms.conf will be purged of configuration that +# is no longer managed by the `splunk_transforms` type. # # @param purge_web -# *Optional* If set to true, web.conf will be purged of configuration that is -# no longer managed by the `splunk_web` type. +# If set to true, web.conf will be purged of configuration that is no +# longer managed by the `splunk_web type`. # -# @param forwarder_input -# Used to override the default `forwarder_input` type defined in splunk::params. +# @param release +# Optional. The release of Splunk to install and configure. It is *highly* +# recommended you specify a release at all times. # -# @param forwarder_output -# Used to override the default `forwarder_output` type defined in splunk::params. +# It must be in the form `version-release`, eg. 7.2.4.2-fb30470262e3 # -# @param manage_password -# If set to true, Manage the contents of splunk.secret and passwd. +# If Splunk s not installed before applying the module, you will be required +# to provide a release. # -# @param seed_password -# If set to true, Manage the contents of splunk.secret and user-seed.conf. +# Should you not specify a release but Splunk is installed, the +# splunkforwarder['version'] and splunkforwarder['build'] facts will be +# used to assume the version of Splunk. # # @param reset_seed_password # If set to true, deletes `password_config_file` to trigger Splunk's password # import process on restart of the Splunk services. # -# @param password_config_file -# Which file to put the password in i.e. in linux it would be -# `/opt/splunkforwarder/etc/passwd`. +# @param secret +# The secret used to salt the splunk password. +# +# @param secret_file +# Which file we should put the secret in. # # @param seed_config_file # Which file to place the admin password hash in so its imported by Splunk on # restart. # -# @param password_content -# The hashed password username/details for the user. +# @param seed_password +# If set to true, Manage the contents of splunk.secret and user-seed.conf. # -# @param password_hash -# The hashed password for the admin user. +# @param server +# The fqdn or IP address of the Splunk server # -# @param secret_file -# Which file we should put the secret in. +# @param service_ensure +# Ensure passed to the splunk service resource. # -# @param secret -# The secret used to salt the splunk password. +# @param service_file +# Optional. The path to the Splunk Forwarder service file. # -# @param addons -# Manage a splunk addons, see `splunk::addons`. +# @param service_name +# Optional. The name of the Splunk Forwarder service. +# +# @param splunk_user +# The user to run Splunk as. +# +# @param splunkd_listen +# The address on which splunkd should listen. +# +# @param splunkd_port +# The management port for Splunk. +# +# @param src_root +# The root of the splunk package source directory. +# +# @param staging_dir +# Root of the archive path to host the Splunk package. +# +# @param unmanaged_package_source +# Optional. The source URL for the splunk installation media (typically an +# RPM, MSI, etc). +# +# If `managed_package_source` parameter is set, and `manage_package_source` +# is true, this will be automatically supplied. Otherwise it is required. +# +# The URL can be of any protocol supported by the puppet/archive +# module. On Windows, this can be a UNC path to the MSI. +# +# @param use_default_config +# Whether or not the module should manage a default set of Splunk Forwarder +# configuration parameters. # class splunk::forwarder( - String[1] $server = $splunk::params::server, - String[1] $version = $splunk::params::version, - String[1] $package_name = $splunk::params::forwarder_package_name, - String[1] $package_ensure = $splunk::params::forwarder_package_ensure, - String[1] $staging_dir = $splunk::params::staging_dir, - String[1] $path_delimiter = $splunk::params::path_delimiter, - String[1] $forwarder_package_src = $splunk::params::forwarder_package_src, - Optional[String[1]] $package_provider = $splunk::params::package_provider, - Boolean $manage_package_source = true, - Optional[String[1]] $package_source = undef, - Splunk::Fwdinstalloptions $install_options = $splunk::params::forwarder_install_options, - String[1] $splunk_user = $splunk::params::splunk_user, - Stdlib::Absolutepath $forwarder_homedir = $splunk::params::forwarder_homedir, - Stdlib::Absolutepath $forwarder_confdir = $splunk::params::forwarder_confdir, - String[1] $service_name = $splunk::params::forwarder_service, - Stdlib::Absolutepath $service_file = $splunk::params::forwarder_service_file, - Boolean $boot_start = $splunk::params::boot_start, - Boolean $use_default_config = true, - Stdlib::IP::Address $splunkd_listen = '127.0.0.1', - Stdlib::Port $splunkd_port = $splunk::params::splunkd_port, - Stdlib::Port $logging_port = $splunk::params::logging_port, - Boolean $purge_deploymentclient = false, - Boolean $purge_outputs = false, - Boolean $purge_inputs = false, - Boolean $purge_props = false, - Boolean $purge_transforms = false, - Boolean $purge_web = false, - Hash $forwarder_output = $splunk::params::forwarder_output, - Hash $forwarder_input = $splunk::params::forwarder_input, - Boolean $manage_password = $splunk::params::manage_password, - Boolean $seed_password = $splunk::params::seed_password, - Boolean $reset_seeded_password = $splunk::params::reset_seeded_password, - Stdlib::Absolutepath $password_config_file = $splunk::params::forwarder_password_config_file, - Stdlib::Absolutepath $seed_config_file = $splunk::params::forwarder_seed_config_file, - String[1] $password_content = $splunk::params::password_content, - String[1] $password_hash = $splunk::params::password_hash, - Stdlib::Absolutepath $secret_file = $splunk::params::forwarder_secret_file, - String[1] $secret = $splunk::params::secret, - Hash $addons = {}, -) inherits splunk { + Hash $addons, + Boolean $boot_start, + Stdlib::Absolutepath $confdir, + Stdlib::Absolutepath $homedir, + Splunk::Fwdinstalloptions $install_options, + Stdlib::Port $logging_port, + Boolean $manage_package_source, + Boolean $manage_password, + String[1] $package_name, + Optional[String[1]] $package_provider, + Stdlib::Absolutepath $password_config_file, + String[1] $password_content, + String[1] $password_hash, + String[1] $path_delimiter, + Boolean $purge_deploymentclient, + Boolean $purge_outputs, + Boolean $purge_inputs, + Boolean $purge_props, + Boolean $purge_transforms, + Boolean $purge_web, + Boolean $reset_seeded_password, + String[1] $secret, + Stdlib::Absolutepath $secret_file, + Stdlib::Absolutepath $seed_config_file, + Boolean $seed_password, + String[1] $server, + String[1] $service_ensure, + String[1] $splunk_user, + Stdlib::IP::Address $splunkd_listen, + Stdlib::Port $splunkd_port, + String[1] $src_root, + String[1] $src_subdir, + String[1] $staging_dir, + Boolean $use_default_config, + Optional[String[1]] $managed_package_source = undef, + Optional[String[1]] $package_ensure = undef, + Optional[Splunk::Release] $release = undef, + Optional[Stdlib::Absolutepath] $service_file = undef, + Optional[String[1]] $service_name = undef, + Optional[String[1]] $unmanaged_package_source = undef, +) { if (defined(Class['splunk::enterprise'])) { fail('Splunk Universal Forwarder provides a subset of Splunk Enterprise capabilities, and has potentially conflicting resources when included with Splunk Enterprise on the same node. Do not include splunk::forwarder on the same node as splunk::enterprise. Configure Splunk Enterprise to meet your forwarding needs.' @@ -210,6 +227,45 @@ info("The setting \"reset_seeded_password\" will delete ${password_config_file} on each run of Puppet and generate a corrective change event, the file must be absent for Splunk's admin password seeding process to be triggered so this setting should only be used temporarily as it'll also cause a resart of the Splunk service") } + # Determine the Splunk version to ensure + if $release { + $_version = split($release,'-')[0] + $_build = split($release,'-')[1] + + if $package_ensure and $package_ensure =~ /^\d/ { + warning("Setting `splunk::forwarder::package_ensure` and `splunk::forwarder::release` to specific versions could result in unwanted behavior. It is recommended you specify the splunk version with `splunk::forwarder::release` only, in the form `version-build`, eg. 7.2.4.2-fb30470262e3'") + } + } + elsif has_key($facts['splunkforwarder'],'version') and has_key($facts['splunkforwarder'],'build') { + $_version = $facts['splunkforwarder']['version'] + $_build = $facts['splunkforwarder']['build'] + } + else { + fail('No splunk version detected (installed), you need to specify `$splunk::forwarder::release` in the form `version-build`, eg. 7.2.4.2-fb30470262e3') + } + + # Determine the Splunk service name and service file path + case $facts['kernel'] { + /^(Linux|SunOS)$/ : { + if $facts['service_provider'] == 'systemd' and versioncmp($_version, '7.2.2') >= 0 { + $_splunk_service_name = 'SplunkForwarder' + $_splunk_service_file = '/etc/systemd/system/multi-user.target.wants/SplunkForwarder.service' + } + else { + $_splunk_service_name = 'splunk' + $_splunk_service_file = '/etc/init.d/splunk' + } + } + 'windows': { + $_splunk_service_name = 'splunkd' + $_splunk_service_file = "${homedir}\\dummy" + } + default : { fail("splunk module does not support kernel ${facts['kernel']}") } + } + $_service_name = pick($service_name, $_splunk_service_name) + $_service_file = pick($service_file, $_splunk_service_file) + + contain 'splunk::forwarder::install' contain 'splunk::forwarder::config' contain 'splunk::forwarder::service' @@ -218,8 +274,9 @@ -> Class['splunk::forwarder::config'] ~> Class['splunk::forwarder::service'] - Splunk_config['splunk'] { - forwarder_confdir => $forwarder_confdir, + splunk_config { 'splunk': + forwarder_installdir => $homedir, + forwarder_confdir => $confdir, purge_forwarder_deploymentclient => $purge_deploymentclient, purge_forwarder_outputs => $purge_outputs, purge_forwarder_inputs => $purge_inputs, diff --git a/manifests/forwarder/config.pp b/manifests/forwarder/config.pp index 1b742841..7487fd16 100644 --- a/manifests/forwarder/config.pp +++ b/manifests/forwarder/config.pp @@ -4,6 +4,7 @@ # Forwarder # class splunk::forwarder::config { + assert_private() if $splunk::forwarder::seed_password { class { 'splunk::forwarder::password::seed': @@ -31,26 +32,25 @@ } # Remove init.d file if the service provider is systemd - if $facts['service_provider'] == 'systemd' and versioncmp($splunk::forwarder::version, '7.2.2') >= 0 { + if $facts['service_provider'] == 'systemd' and versioncmp($splunk::forwarder::_version, '7.2.2') >= 0 { file { '/etc/init.d/splunk': ensure => 'absent', } } - $_forwarder_file_mode = $facts['kernel'] ? { 'windows' => undef, default => '0600', } - file { ["${splunk::forwarder::forwarder_homedir}/etc/system/local/deploymentclient.conf", - "${splunk::forwarder::forwarder_homedir}/etc/system/local/outputs.conf", - "${splunk::forwarder::forwarder_homedir}/etc/system/local/inputs.conf", - "${splunk::forwarder::forwarder_homedir}/etc/system/local/props.conf", - "${splunk::forwarder::forwarder_homedir}/etc/system/local/transforms.conf", - "${splunk::forwarder::forwarder_homedir}/etc/system/local/web.conf", - "${splunk::forwarder::forwarder_homedir}/etc/system/local/limits.conf", - "${splunk::forwarder::forwarder_homedir}/etc/system/local/server.conf"]: + file { ["${splunk::forwarder::homedir}/etc/system/local/deploymentclient.conf", + "${splunk::forwarder::homedir}/etc/system/local/outputs.conf", + "${splunk::forwarder::homedir}/etc/system/local/inputs.conf", + "${splunk::forwarder::homedir}/etc/system/local/props.conf", + "${splunk::forwarder::homedir}/etc/system/local/transforms.conf", + "${splunk::forwarder::homedir}/etc/system/local/web.conf", + "${splunk::forwarder::homedir}/etc/system/local/limits.conf", + "${splunk::forwarder::homedir}/etc/system/local/server.conf"]: ensure => file, tag => 'splunk_forwarder', owner => $splunk::forwarder::splunk_user, @@ -66,21 +66,25 @@ tag => 'splunk_forwarder', } - $splunk::forwarder::forwarder_input.each | String $name, Hash $options| { - splunkforwarder_input { $name: - section => $options['section'], - setting => $options['setting'], - value => $options['value'], - tag => 'splunk_forwarder', - } + splunkforwarder_output { 'tcpout_defaultgroup': + section => 'default', + setting => 'defaultGroup', + value => "${splunk::forwarder::server}_${splunk::forwarder::logging_port}", + tag => 'splunk_forwarder', } - $splunk::forwarder::forwarder_output.each | String $name, Hash $options| { - splunkforwarder_output { $name: - section => $options['section'], - setting => $options['setting'], - value => $options['value'], - tag => 'splunk_forwarder', - } + + splunkforwarder_output { 'defaultgroup_server': + section => "tcpout:${splunk::forwarder::server}_${splunk::forwarder::logging_port}", + setting => 'server', + value => "${splunk::forwarder::server}:${splunk::forwarder::logging_port}", + tag => 'splunk_forwarder', + } + + splunkforwarder_input { 'default_host': + section => 'default', + setting => 'host', + value => $facts['clientcert'], + tag => 'splunk_forwarder', } } diff --git a/manifests/forwarder/install.pp b/manifests/forwarder/install.pp index d1f5fdc1..8017b6bd 100644 --- a/manifests/forwarder/install.pp +++ b/manifests/forwarder/install.pp @@ -4,10 +4,25 @@ # for successfully installing the Splunk Universal Forwarder # class splunk::forwarder::install { + assert_private() + + # Determine the managed Splunk package_source + case "${facts['os']['family']} ${facts['architecture']}" { + 'RedHat i386' : { $_package_suffix = "${splunk::forwarder::_version}-${splunk::forwarder::_build}.i386.rpm" } + 'RedHat x86_64' : { $_package_suffix = "${splunk::forwarder::_version}-${splunk::forwarder::_build}-linux-2.6-x86_64.rpm" } + 'Debian i386' : { $_package_suffix = "${splunk::forwarder::_version}-${splunk::forwarder::_build}-linux-2.6-intel.deb" } + 'Debian amd64' : { $_package_suffix = "${splunk::forwarder::_version}-${splunk::forwarder::_build}-linux-2.6-amd64.deb" } + /^(W|w)indows (x86|i386)$/ : { $_package_suffix = "${splunk::forwarder::_version}-${splunk::forwarder::_build}-x86-release.msi" } + /^(W|w)indows (x64|x86_64)$/ : { $_package_suffix = "${splunk::forwarder::_version}-${splunk::forwarder::_build}-x64-release.msi" } + 'Solaris i86pc' : { $_package_suffix = "${splunk::forwarder::_version}-${splunk::forwarder::_build}-solaris-10-intel.pkg" } + 'Solaris sun4v' : { $_package_suffix = "${splunk::forwarder::_version}-${splunk::forwarder::_build}-solaris-8-sparc.pkg" } + default : { fail("unsupported osfamily/arch ${facts['os']['family']}/${facts['architecture']}") } + } + $_managed_package_source = pick($splunk::forwarder::managed_package_source,"${splunk::forwarder::src_root}/products/splunk/releases/${splunk::forwarder::_version}/${splunk::forwarder::src_subdir}/${splunk::forwarder::package_name}-${_package_suffix}") $_package_source = $splunk::forwarder::manage_package_source ? { - true => $splunk::forwarder::forwarder_package_src, - false => $splunk::forwarder::package_source + true => $_managed_package_source, + false => $splunk::forwarder::unmanaged_package_source } if $splunk::forwarder::package_provider and !($splunk::forwarder::package_provider in ['apt','chocolatey','yum']) { @@ -18,7 +33,7 @@ archive { $_staged_package: source => $_package_source, extract => false, - before => Package[$splunk::forwarder::forwarder_package_name], + before => Package[$splunk::forwarder::package_name], } } else { $_staged_package = undef @@ -62,15 +77,24 @@ } # Required for splunk 7.2.4.2 - if ($facts['kernel'] == 'Linux' or $facts['kernel'] == 'SunOS') and (versioncmp($splunk::forwarder::version, '7.2.4.2') >= 0) { + if ($facts['kernel'] == 'Linux' or $facts['kernel'] == 'SunOS') and (versioncmp($splunk::forwarder::_version, '7.2.4.2') >= 0) { ensure_packages(['net-tools'], { 'ensure' => 'present', before => Package[$splunk::forwarder::package_name] }) } + # Dpkg and sun are not versionable, and will utilize the source as the + # version + if $splunk::forwarder::package_provider in ['dpkg','sun'] { + $_package_ensure = pick($splunk::forwarder::package_ensure, 'installed') + } + else { + $_package_ensure = pick($splunk::forwarder::package_ensure, "${splunk::forwarder::_version}-${splunk::forwarder::_build}") + } + package { $splunk::forwarder::package_name: - ensure => $splunk::forwarder::package_ensure, + ensure => $_package_ensure, provider => $splunk::forwarder::package_provider, install_options => $splunk::forwarder::install_options, } diff --git a/manifests/forwarder/password/manage.pp b/manifests/forwarder/password/manage.pp index e62ef23c..4a4a809b 100644 --- a/manifests/forwarder/password/manage.pp +++ b/manifests/forwarder/password/manage.pp @@ -21,11 +21,11 @@ # @param secret # The secret used to salt the splunk password. # -# @params service +# @param service # Name of the Splunk Enterprise service that needs to be restarted after files # are updated, not applicable when running in agent mode. # -# @params mode +# @param mode # The class is designed to work in two ways, as a helper that is called by # Class[splunk::forwarder::config] or leveraged independently from with in a # Bolt Plan. The value defaults to "bolt" implicitly assuming that anytime it @@ -33,15 +33,19 @@ # Bolt # class splunk::forwarder::password::manage( - Boolean $manage_password = $splunk::params::manage_password, - Stdlib::Absolutepath $password_config_file = $splunk::params::enterprise_password_config_file, - String[1] $password_content = $splunk::params::password_content, - Stdlib::Absolutepath $secret_file = $splunk::params::enterprise_secret_file, - String[1] $secret = $splunk::params::secret, - String[1] $splunk_user = $splunk::params::splunk_user, - String[1] $service = $splunk::params::forwarder_service, + Boolean $manage_password = lookup($splunk::forwarder::manage_password), + Stdlib::Absolutepath $password_config_file = lookup($splunk::forwarder::password_config_file), + String[1] $password_content = lookup($splunk::forwarder::password_content), + Stdlib::Absolutepath $secret_file = lookup($splunk::forwarder::secret_file), + String[1] $secret = lookup($splunk::forwarder::secret), + String[1] $splunk_user = lookup($splunk::forwarder::splunk_user), Enum['agent', 'bolt'] $mode = 'bolt', -) inherits splunk::params { + Optional[String[1]] $service = undef, +) { + + if $mode == 'bolt' and !$service { + fail('You must specify `$splunk::forwarder::password::manage::service` for Bolt') + } file { $secret_file: ensure => file, diff --git a/manifests/forwarder/password/seed.pp b/manifests/forwarder/password/seed.pp index 1aea8cc3..77a466f9 100644 --- a/manifests/forwarder/password/seed.pp +++ b/manifests/forwarder/password/seed.pp @@ -27,11 +27,11 @@ # @param secret # The secret used to salt the splunk password. # -# @params service +# @param service # Name of the Splunk Forwarder service that needs to be restarted after files # are updated, not applicable when running in agent mode. # -# @params mode +# @param mode # The class is designed to work in two ways, as a helper that is called by # Class[splunk::forwarder::config] or leveraged independently from with in a # Bolt Plan. The value defaults to "bolt" implicitly assuming that anytime it @@ -39,16 +39,20 @@ # Bolt # class splunk::forwarder::password::seed( - Boolean $reset_seeded_password = $splunk::params::reset_seeded_password, - Stdlib::Absolutepath $password_config_file = $splunk::params::forwarder_password_config_file, - Stdlib::Absolutepath $seed_config_file = $splunk::params::forwarder_seed_config_file, - String[1] $password_hash = $splunk::params::password_hash, - Stdlib::Absolutepath $secret_file = $splunk::params::forwarder_secret_file, - String[1] $secret = $splunk::params::secret, - String[1] $splunk_user = $splunk::params::splunk_user, - String[1] $service = $splunk::params::forwarder_service, + Boolean $reset_seeded_password = lookup($splunk::forwarder::reset_seeded_password), + Stdlib::Absolutepath $password_config_file = lookup($splunk::forwarder::forwarder_password_config_file), + Stdlib::Absolutepath $seed_config_file = lookup($splunk::forwarder::forwarder_seed_config_file), + String[1] $password_hash = lookup($splunk::forwarder::password_hash), + Stdlib::Absolutepath $secret_file = lookup($splunk::forwarder::forwarder_secret_file), + String[1] $secret = lookup($splunk::forwarder::secret), + String[1] $splunk_user = lookup($splunk::forwarder::splunk_user), Enum['agent', 'bolt'] $mode = 'bolt', -) inherits splunk::params { + Optional[String[1]] $service = undef, +) { + + if $mode == 'bolt' and !$service { + fail('You must specify `$splunk::forwarder::password::seed::service` for Bolt') + } file { $secret_file: ensure => file, @@ -57,7 +61,7 @@ content => $secret, } - if $reset_seeded_password or $facts['splunk_version'].empty { + if $reset_seeded_password or $facts['splunkforwarder']['version'].empty { file { $password_config_file: ensure => absent, before => File[$seed_config_file], diff --git a/manifests/forwarder/service.pp b/manifests/forwarder/service.pp index 0fba9438..39a5d263 100644 --- a/manifests/forwarder/service.pp +++ b/manifests/forwarder/service.pp @@ -4,6 +4,7 @@ # sub-classes # class splunk::forwarder::service { + assert_private() # This is a module that supports multiple platforms. For some platforms # there is non-generic configuration that needs to be declared in addition @@ -12,8 +13,8 @@ include splunk::forwarder::service::nix } - service { $splunk::forwarder::service_name: - ensure => running, + service { $splunk::forwarder::_service_name: + ensure => $splunk::forwarder::service_ensure, enable => true, hasstatus => true, hasrestart => true, diff --git a/manifests/forwarder/service/nix.pp b/manifests/forwarder/service/nix.pp index faf1c2ad..3550d22e 100644 --- a/manifests/forwarder/service/nix.pp +++ b/manifests/forwarder/service/nix.pp @@ -3,6 +3,7 @@ # platform specific service management on Linux or Unix type systems. # class splunk::forwarder::service::nix inherits splunk::forwarder::service { + assert_private() if $splunk::forwarder::boot_start { # Ensure splunk services *not* managed by the system service file are @@ -11,9 +12,9 @@ # will no longer be able to control the binary-managed services # (start/stop/restart). exec { 'stop_splunkforwarder': - command => "${splunk::forwarder::forwarder_homedir}/bin/splunk stop", + command => "${splunk::forwarder::homedir}/bin/splunk stop", user => $splunk::forwarder::splunk_user, - creates => $splunk::forwarder::forwarder_service_file, + creates => $splunk::forwarder::_service_file, timeout => 0, notify => Exec['enable_splunkforwarder'], } @@ -21,10 +22,10 @@ # unit files during uninstallation, so you may be required to manually # remove existing unit files before re-installing and enabling boot-start. exec { 'enable_splunkforwarder': - command => "${splunk::forwarder::forwarder_homedir}/bin/splunk enable boot-start -user ${splunk::forwarder::splunk_user} --accept-license --answer-yes --no-prompt", + command => "${splunk::forwarder::homedir}/bin/splunk enable boot-start -user ${splunk::forwarder::splunk_user} --accept-license --answer-yes --no-prompt", tag => 'splunk_forwarder', refreshonly => true, - before => Service[$splunk::forwarder::service_name], + before => Service[$splunk::forwarder::_service_name], require => Exec['stop_splunkforwarder'], } } @@ -35,34 +36,34 @@ # present before installing splunk. The splunk package does not remove the # service files when uninstalled. exec { 'disable_splunkforwarder': - command => "${splunk::forwarder::forwarder_homedir}/bin/splunk disable boot-start -user ${splunk::forwarder::splunk_user} --accept-license --answer-yes --no-prompt", - onlyif => "/usr/bin/test -f ${splunk::forwarder::forwarder_service_file}", + command => "${splunk::forwarder::homedir}/bin/splunk disable boot-start -user ${splunk::forwarder::splunk_user} --accept-license --answer-yes --no-prompt", + onlyif => "/usr/bin/test -f ${splunk::forwarder::_service_file}", } exec { 'license_splunkforwarder': - command => "${splunk::forwarder::forwarder_homedir}/bin/splunk ftr --accept-license --answer-yes --no-prompt", + command => "${splunk::forwarder::homedir}/bin/splunk ftr --accept-license --answer-yes --no-prompt", user => $splunk::forwarder::splunk_user, - onlyif => "/usr/bin/test -f ${splunk::forwarder::forwarder_homedir}/ftr", + onlyif => "/usr/bin/test -f ${splunk::forwarder::homedir}/ftr", timeout => 0, - before => Service[$splunk::forwarder::service_name], + before => Service[$splunk::forwarder::_service_name], require => Exec['disable_splunkforwarder'], } if $facts['kernel'] == 'Linux' { - Service[$splunk::forwarder::service_name] { + Service[$splunk::forwarder::_service_name] { provider => 'base', } } else { - Service[$splunk::forwarder::service_name] { + Service[$splunk::forwarder::_service_name] { provider => 'init', } } - Service[$splunk::forwarder::service_name] { - restart => "/usr/sbin/runuser -l ${splunk::forwarder::splunk_user} -c '${splunk::forwarder::forwarder_homedir}/bin/splunk restart'", - start => "/usr/sbin/runuser -l ${splunk::forwarder::splunk_user} -c '${splunk::forwarder::forwarder_homedir}/bin/splunk start'", - stop => "/usr/sbin/runuser -l ${splunk::forwarder::splunk_user} -c '${splunk::forwarder::forwarder_homedir}/bin/splunk stop'", - status => "/usr/sbin/runuser -l ${splunk::forwarder::splunk_user} -c '${splunk::forwarder::forwarder_homedir}/bin/splunk status'", + Service[$splunk::forwarder::_service_name] { + restart => "/usr/sbin/runuser -l ${splunk::forwarder::splunk_user} -c '${splunk::forwarder::homedir}/bin/splunk restart'", + start => "/usr/sbin/runuser -l ${splunk::forwarder::splunk_user} -c '${splunk::forwarder::homedir}/bin/splunk start'", + stop => "/usr/sbin/runuser -l ${splunk::forwarder::splunk_user} -c '${splunk::forwarder::homedir}/bin/splunk stop'", + status => "/usr/sbin/runuser -l ${splunk::forwarder::splunk_user} -c '${splunk::forwarder::homedir}/bin/splunk status'", pattern => "splunkd -p ${splunk::forwarder::splunkd_port} (restart|start)", } } diff --git a/manifests/init.pp b/manifests/init.pp deleted file mode 100644 index 2628d4bc..00000000 --- a/manifests/init.pp +++ /dev/null @@ -1,9 +0,0 @@ -# @summary -# This class is unused and doesn't do anything but make default data -# accessible -# -# @note -# If you were expecting this class to setup an instance of Splunk -# Enterprise then please look to Class[splunk::enterprise]. -# -class splunk() inherits splunk::params { } diff --git a/manifests/params.pp b/manifests/params.pp deleted file mode 100644 index 4a1780de..00000000 --- a/manifests/params.pp +++ /dev/null @@ -1,321 +0,0 @@ -# @summary -# This class takes a small number of arguments (can be set through Hiera) and -# generates sane default values installation media names and locations. -# Default ports can also be specified here. This is a parameters class, and -# contributes no resources to the graph. Rather, it only sets values for -# parameters to be consumed by child classes. -# -# @param version -# The version of Splunk to install. This will be in the form x.y.z; e.g. -# "4.3.2". -# -# @param build -# Splunk packages are typically named based on the platform, architecture, -# version, and build. Puppet can determine the platform information -# automatically but a build number must be supplied in order to correctly -# construct the path to the packages. A build number will be six digits; -# e.g. "123586". -# -# @param splunkd_port -# The splunkd port. -# -# @param logging_port -# The port on which to send logs, and listen for logs. -# -# @param server -# Optional fqdn or IP of the Splunk Enterprise server. Used for setting up -# the default TCP output and input. -# -# @param splunk_user -# The user that splunk runs as. -# -# @param src_root -# The root URL at which to find the splunk packages. The sane-default logic -# assumes that the packages are located under this URL in the same way that -# they are placed on download.splunk.com. The URL can be any protocol that -# the puppet/archive module supports. This includes both puppet:// and -# http://. -# -# The expected directory structure is: -# -# ``` -# $root_url/ -# └── products/ -# ├── universalforwarder/ -# │ └── releases/ -# | └── $version/ -# | └── $platform/ -# | └── splunkforwarder-${version}-${build}-${additl} -# └── splunk/ -# └── releases/ -# └── $version/ -# └── $platform/ -# └── splunk-${version}-${build}-${additl} -# ``` -# -# A semi-populated example of `src_root` contains: -# -# ``` -# $root_url/ -# └── products/ -# ├── universalforwarder/ -# │ └── releases/ -# | └── 7.2.4.2/ -# | ├── linux/ -# | | ├── splunkforwarder-7.2.4.2-fb30470262e3-linux-2.6-amd64.deb -# | | ├── splunkforwarder-7.2.4.2-fb30470262e3-linux-2.6-intel.deb -# | | └── splunkforwarder-7.2.4.2-fb30470262e3-linux-2.6-x86_64.rpm -# | ├── solaris/ -# | └── windows/ -# | └── splunkforwarder-7.2.4.2-fb30470262e3-x64-release.msi -# └── splunk/ -# └── releases/ -# └── 7.2.4.2/ -# └── linux/ -# ├── splunk-7.2.4.2-fb30470262e3-linux-2.6-amd64.deb -# ├── splunk-7.2.4.2-fb30470262e3-linux-2.6-intel.deb -# └── splunk-7.2.4.2-fb30470262e3-linux-2.6-x86_64.rpm -# ``` -# -# @param boot_start -# Enable Splunk to start at boot, create a system service file. -# -# WARNING: Toggling `boot_start` from `false` to `true` will cause a restart of -# Splunk Enterprise and Forwarder services. -# -# @param forwarder_installdir -# Optional directory in which to install and manage Splunk Forwarder -# -# @param enterprise_installdir -# Optional directory in which to install and manage Splunk Enterprise -# -class splunk::params ( - String[1] $version = '7.2.4.2', - String[1] $build = 'fb30470262e3', - String[1] $src_root = 'https://download.splunk.com', - Stdlib::Port $splunkd_port = 8089, - Stdlib::Port $logging_port = 9997, - String[1] $server = 'splunk', - Optional[String[1]] $forwarder_installdir = undef, - Optional[String[1]] $enterprise_installdir = undef, - Boolean $boot_start = true, - String[1] $splunk_user = $facts['os']['family'] ? { - 'windows' => 'Administrator', - default => 'root' - }, -) { - - # Based on the small number of inputs above, we can construct sane defaults - # for pretty much everything else. - - # To generate password_content, change the password on enterprise or - # forwarder, then distribute the contents of the splunk.secret and passwd - # files accross all nodes. - # By default the parameters provided are for admin/changeme password. - $manage_password = false - $seed_password = false - $reset_seeded_password = false - $secret = 'hhy9DOGqli4.aZWCuGvz8stcqT2/OSJUZuyWHKc4wnJtQ6IZu2bfjeElgYmGHN9RWIT3zs5hRJcX1wGerpMNObWhFue78jZMALs3c3Mzc6CzM98/yGYdfcvWMo1HRdKn82LVeBJI5dNznlZWfzg6xdywWbeUVQZcOZtODi10hdxSJ4I3wmCv0nmkSWMVOEKHxti6QLgjfuj/MOoh8.2pM0/CqF5u6ORAzqFZ8Qf3c27uVEahy7ShxSv2K4K41z' - $password_hash = '$6$pIE/xAyP9mvBaewv$4GYFxC0SqonT6/x8qGcZXVCRLUVKODj9drDjdu/JJQ/Iw0Gg.aTkFzCjNAbaK4zcCHbphFz1g1HK18Z2bI92M0' - $password_content = ":admin:${password_hash}::Administrator:admin:changeme@example.com::" - - if $facts['os']['family'] == 'windows' { - $staging_dir = "${facts['archive_windir']}\\splunk" - $enterprise_homedir = pick($enterprise_installdir, 'C:\\Program Files\\Splunk') - $forwarder_homedir = pick($forwarder_installdir, 'C:\\Program Files\\SplunkUniversalForwarder') - } else { - $staging_dir = '/opt/staging/splunk' - $enterprise_homedir = pick($enterprise_installdir, '/opt/splunk') - $forwarder_homedir = pick($forwarder_installdir, '/opt/splunkforwarder') - } - - # Settings common to a kernel - case $facts['kernel'] { - 'Linux': { - $path_delimiter = '/' - $forwarder_src_subdir = 'linux' - $forwarder_seed_config_file = "${forwarder_homedir}/etc/system/local/user-seed.conf" - $enterprise_seed_config_file = "${enterprise_homedir}/etc/system/local/user-seed.conf" - $forwarder_password_config_file = "${forwarder_homedir}/etc/passwd" - $enterprise_password_config_file = "${enterprise_homedir}/etc/passwd" - $forwarder_secret_file = "${forwarder_homedir}/etc/splunk.secret" - $enterprise_secret_file = "${enterprise_homedir}/etc/splunk.secret" - $forwarder_confdir = "${forwarder_homedir}/etc" - $enterprise_src_subdir = 'linux' - $enterprise_confdir = "${enterprise_homedir}/etc" - $forwarder_install_options = [] - $enterprise_install_options = [] - # Systemd not supported until Splunk 7.2.2 - if $facts['service_provider'] == 'systemd' and versioncmp($version, '7.2.2') >= 0 { - $enterprise_service = 'Splunkd' - $forwarder_service = 'SplunkForwarder' - $enterprise_service_file = '/etc/systemd/system/multi-user.target.wants/Splunkd.service' - $forwarder_service_file = '/etc/systemd/system/multi-user.target.wants/SplunkForwarder.service' - } - else { - $enterprise_service = 'splunk' - $forwarder_service = 'splunk' - $enterprise_service_file = '/etc/init.d/splunk' - $forwarder_service_file = '/etc/init.d/splunk' - } - } - 'SunOS': { - $path_delimiter = '/' - $forwarder_src_subdir = 'solaris' - $forwarder_seed_config_file = "${forwarder_homedir}/etc/system/local/user-seed.conf" - $enterprise_seed_config_file = "${enterprise_homedir}/etc/system/local/user-seed.conf" - $forwarder_password_config_file = "${forwarder_homedir}/etc/passwd" - $enterprise_password_config_file = "${enterprise_homedir}/etc/passwd" - $forwarder_secret_file = "${forwarder_homedir}/etc/splunk.secret" - $enterprise_secret_file = "${enterprise_homedir}/etc/splunk.secret" - $forwarder_confdir = "${forwarder_homedir}/etc" - $enterprise_src_subdir = 'solaris' - $enterprise_confdir = "${enterprise_homedir}/etc" - $forwarder_install_options = [] - $enterprise_install_options = [] - # Systemd not supported until Splunk 7.2.2 - if $facts['service_provider'] == 'systemd' and versioncmp($version, '7.2.2') >= 0 { - $enterprise_service = 'Splunkd' - $forwarder_service = 'SplunkForwarder' - $enterprise_service_file = '/etc/systemd/system/multi-user.target.wants/Splunkd.service' - $forwarder_service_file = '/etc/systemd/system/multi-user.target.wants/SplunkForwarder.service' - } - else { - $enterprise_service = 'splunk' - $forwarder_service = 'splunk' - $enterprise_service_file = '/etc/init.d/splunk' - $forwarder_service_file = '/etc/init.d/splunk' - } - } - 'windows': { - $path_delimiter = '\\' - $forwarder_src_subdir = 'windows' - $forwarder_seed_config_file = "${forwarder_homedir}\\etc\\system\\local\\user-seed.conf" - $enterprise_seed_config_file = "${enterprise_homedir}\\etc\\system\\local\\user-seed.conf" - $forwarder_password_config_file = "${forwarder_homedir}\\etc\\passwd" - $enterprise_password_config_file = "${enterprise_homedir}\\etc\\passwd" - $forwarder_secret_file = "${forwarder_homedir}\\etc\\splunk.secret" - $enterprise_secret_file = "${enterprise_homedir}\\etc\\splunk.secret" - $forwarder_service = 'SplunkForwarder' - $forwarder_service_file = "${forwarder_homedir}\\dummy" # Not used in Windows, but attribute must be defined with a valid path - $forwarder_confdir = "${forwarder_homedir}\\etc" - $enterprise_src_subdir = 'windows' - $enterprise_service = 'splunkd' # Not validated - $enterprise_service_file = "${enterprise_homedir}\\dummy" # Not used in Windows, but attribute must be defined with a valid path - $enterprise_confdir = "${enterprise_homedir}\\etc" - $forwarder_install_options = [ - { 'INSTALLDIR' => $forwarder_homedir }, - 'AGREETOLICENSE=Yes', - 'LAUNCHSPLUNK=0', - 'SERVICESTARTTYPE=auto', - 'WINEVENTLOG_APP_ENABLE=1', - 'WINEVENTLOG_SEC_ENABLE=1', - 'WINEVENTLOG_SYS_ENABLE=1', - 'WINEVENTLOG_FWD_ENABLE=1', - 'WINEVENTLOG_SET_ENABLE=1', - 'ENABLEADMON=1', - ] - $enterprise_install_options = [ - { 'INSTALLDIR' => $enterprise_homedir }, - { 'SPLUNKD_PORT' => String($splunkd_port) }, - 'AGREETOLICENSE=Yes', - 'LAUNCHSPLUNK=0', - ] - } - default: { fail("splunk module does not support kernel ${facts['kernel']}") } - } - # default splunk agent settings in a hash so that the cya be easily parsed to other classes - - $forwarder_output = { - 'tcpout_defaultgroup' => { - section => 'default', - setting => 'defaultGroup', - value => "${server}_${logging_port}", - tag => 'splunk_forwarder', - }, - 'defaultgroup_server' => { - section => "tcpout:${server}_${logging_port}", - setting => 'server', - value => "${server}:${logging_port}", - tag => 'splunk_forwarder', - }, - } - $forwarder_input = { - 'default_host' => { - section => 'default', - setting => 'host', - value => $facts['clientcert'], - tag => 'splunk_forwarder', - }, - } - # Settings common to an OS family - case $facts['os']['family'] { - 'RedHat': { $package_provider = 'rpm' } - 'Debian': { $package_provider = 'dpkg' } - 'Solaris': { $package_provider = 'sun' } - 'windows': { $package_provider = 'windows' } - default: { $package_provider = undef } # Don't define a $package_provider - } - - # Settings specific to an architecture as well as an OS family - case "${facts['os']['family']} ${facts['architecture']}" { - 'RedHat i386': { - $package_suffix = "${version}-${build}.i386.rpm" - $forwarder_package_name = 'splunkforwarder' - $enterprise_package_name = 'splunk' - } - 'RedHat x86_64': { - $package_suffix = "${version}-${build}-linux-2.6-x86_64.rpm" - $forwarder_package_name = 'splunkforwarder' - $enterprise_package_name = 'splunk' - } - 'Debian i386': { - $package_suffix = "${version}-${build}-linux-2.6-intel.deb" - $forwarder_package_name = 'splunkforwarder' - $enterprise_package_name = 'splunk' - } - 'Debian amd64': { - $package_suffix = "${version}-${build}-linux-2.6-amd64.deb" - $forwarder_package_name = 'splunkforwarder' - $enterprise_package_name = 'splunk' - } - /^(W|w)indows (x86|i386)$/: { - $package_suffix = "${version}-${build}-x86-release.msi" - $forwarder_package_name = 'UniversalForwarder' - $enterprise_package_name = 'Splunk Enterprise' - } - /^(W|w)indows (x64|x86_64)$/: { - $package_suffix = "${version}-${build}-x64-release.msi" - $forwarder_package_name = 'UniversalForwarder' - $enterprise_package_name = 'Splunk Enterprise' - } - 'Solaris i86pc': { - $package_suffix = "${version}-${build}-solaris-10-intel.pkg" - $forwarder_package_name = 'splunkforwarder' - $enterprise_package_name = 'splunk' - } - 'Solaris sun4v': { - $package_suffix = "${version}-${build}-solaris-8-sparc.pkg" - $forwarder_package_name = 'splunkforwarder' - $enterprise_package_name = 'splunk' - } - default: { fail("unsupported osfamily/arch ${facts['os']['family']}/${facts['architecture']}") } - } - - $forwarder_src_package = "splunkforwarder-${package_suffix}" - $enterprise_src_package = "splunk-${package_suffix}" - - $enterprise_package_ensure = 'installed' - $enterprise_package_src = "${src_root}/products/splunk/releases/${version}/${enterprise_src_subdir}/${enterprise_src_package}" - $forwarder_package_ensure = 'installed' - $forwarder_package_src = "${src_root}/products/universalforwarder/releases/${version}/${forwarder_src_subdir}/${forwarder_src_package}" - - - # A meta resource so providers know where splunk is installed: - splunk_config { 'splunk': - forwarder_installdir => $forwarder_homedir, - forwarder_confdir => $forwarder_confdir, - server_installdir => $enterprise_homedir, - server_confdir => $enterprise_confdir, - } -} diff --git a/spec/acceptance/splunk_enterprise_spec.rb b/spec/acceptance/splunk_enterprise_spec.rb index 22863751..06a6c3a0 100644 --- a/spec/acceptance/splunk_enterprise_spec.rb +++ b/spec/acceptance/splunk_enterprise_spec.rb @@ -8,11 +8,13 @@ 'splunk' end - context 'default parameters' do + context 'specifying a release' do # Using puppet_apply as a helper it 'works idempotently with no errors' do pp = <<-EOS - class { 'splunk::enterprise': } + class { 'splunk::enterprise': + release => '7.2.4.2-fb30470262e3', + } EOS # Run it twice and test for idempotency @@ -45,6 +47,7 @@ class { 'splunk::enterprise': } it 'works with no errors' do pp = <<-EOS class { 'splunk::enterprise': + release => '7.2.4.2-fb30470262e3', seed_password => true, reset_seeded_password => true, password_hash => '$6$not4r3alh45h', @@ -57,6 +60,7 @@ class { 'splunk::enterprise': it 'works idempotently with no errors' do pp = <<-EOS class { 'splunk::enterprise': + release => '7.2.4.2-fb30470262e3', seed_password => true, password_hash => '$6$not4r3alh45h', } diff --git a/spec/acceptance/splunk_forwarder_spec.rb b/spec/acceptance/splunk_forwarder_spec.rb index 953ecd68..ef811f52 100644 --- a/spec/acceptance/splunk_forwarder_spec.rb +++ b/spec/acceptance/splunk_forwarder_spec.rb @@ -5,9 +5,8 @@ # Using puppet_apply as a helper it 'works idempotently with no errors' do pp = <<-EOS - class { 'splunk::params': - } class { 'splunk::forwarder': + release => '7.2.4.2-fb30470262e3', splunkd_port => 8090, } splunkforwarder_output { 'tcpout:splunkcloud/sslPassword': @@ -46,12 +45,11 @@ class { 'splunk::forwarder': context 'purge_outputs => false' do it 'works idempotently with no errors' do pp = <<-eos - class { 'splunk::params': - } - class { 'splunk::forwarder': - splunkd_port => 8090, - purge_outputs => false, - } + class { 'splunk::forwarder': + release => '7.2.4.2-fb30470262e3', + splunkd_port => 8090, + purge_outputs => false, + } eos # run it twice and test for idempotency @@ -67,12 +65,11 @@ class { 'splunk::forwarder': context 'purge_outputs => true' do it 'works idempotently with no errors' do pp = <<-eos - class { 'splunk::params': - } - class { 'splunk::forwarder': - splunkd_port => 8090, - purge_outputs => true, - } + class { 'splunk::forwarder': + release => '7.2.4.2-fb30470262e3', + splunkd_port => 8090, + purge_outputs => true, + } eos # run it twice and test for idempotency diff --git a/spec/classes/enterprise_spec.rb b/spec/classes/enterprise_spec.rb index 0f9bd94b..c5843766 100644 --- a/spec/classes/enterprise_spec.rb +++ b/spec/classes/enterprise_spec.rb @@ -2,8 +2,6 @@ shared_examples_for 'splunk enterprise nix defaults' do it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_class('splunk') } - it { is_expected.to contain_class('splunk::params') } it { is_expected.to contain_class('splunk::enterprise') } it { is_expected.to contain_class('splunk::enterprise::install') } it { is_expected.to contain_class('splunk::enterprise::install::nix') } @@ -11,7 +9,6 @@ it { is_expected.to contain_class('splunk::enterprise::service') } it { is_expected.to contain_class('splunk::enterprise::service::nix') } it { is_expected.to contain_splunk_config('splunk') } - it { is_expected.to contain_package('splunk').with(ensure: 'installed') } it { is_expected.to contain_file('/opt/splunk/etc/system/local/alert_actions.conf') } it { is_expected.to contain_file('/opt/splunk/etc/system/local/authentication.conf') } it { is_expected.to contain_file('/opt/splunk/etc/system/local/authorize.conf') } @@ -44,49 +41,93 @@ else context "on #{os}" do let(:facts) do - facts + facts.merge(splunkenterprise: {}, splunkforwarder: {}) end - context 'splunk when including forwarder and enterprise' do + # + # Test the default parameters, and the version, build, and package_ensure logic + # + + context 'when including both splunk::forwarder and splunk::enterprise' do let(:pre_condition) do - 'include splunk::forwarder' + "class { splunk::forwarder: release => '7.2.4.2-fb30470262e3' }" end + let(:params) { { 'release' => '7.2.4.2-fb30470262e3' } } it { expect { is_expected.to contain_class('splunk::enterprise') }.to raise_error(Puppet::Error, %r{Do not include splunk::forwarder on the same node as splunk::enterprise}) } end - context 'when manage_password = true' do + context 'with default parmeters and the splunkenterprise[version] fact is undefined' do + it { expect { is_expected.to contain_class('splunk::enterprise') }.to raise_error(Puppet::Error, %r{No splunk version detected}) } + end + + context 'with default parameters and the splunkenterprise[version] fact is defined' do + let(:facts) do + facts.merge(splunkenterprise: { 'version' => '7.2.4.2', 'build' => 'fb30470262e3' }) + end + + it { is_expected.to compile.with_all_deps } if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' - let(:params) { { 'manage_password' => true } } + it_behaves_like 'splunk enterprise nix defaults' + end + if %w[sun dpkg].include? facts[:package_provider] + it { is_expected.to contain_package('splunk').with(ensure: 'installed', source: %r{\/opt\/staging\/splunk\/splunk-7.2.4.2-fb30470262e3}) } + else + it { is_expected.to contain_package('splunk').with(ensure: '7.2.4.2-fb30470262e3', source: %r{\/opt\/staging\/splunk\/splunk-7.2.4.2-fb30470262e3}) } + end + end - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_file('/opt/splunk/etc/splunk.secret') } - it { is_expected.to contain_file('/opt/splunk/etc/passwd') } + context 'when $splunk::enterprise::release is specified and $splunk::enterprise::package_ensure is undefined' do + let(:params) { { 'release' => '7.2.4.2-fb30470262e3' } } + + it { is_expected.to compile.with_all_deps } + if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' + it_behaves_like 'splunk enterprise nix defaults' + end + if %w[sun dpkg].include? facts[:package_provider] + it { is_expected.to contain_package('splunk').with(ensure: 'installed', source: %r{\/opt\/staging\/splunk\/splunk-7.2.4.2-fb30470262e3}) } + else + it { is_expected.to contain_package('splunk').with(ensure: '7.2.4.2-fb30470262e3', source: %r{\/opt\/staging\/splunk\/splunk-7.2.4.2-fb30470262e3}) } end end - context 'when package_provider = yum' do + context 'when $splunk::enterprise::release is specified and $splunk::enterprise::package_ensure is `absent`' do + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'package_ensure' => 'absent' } } + if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' - let(:params) { { 'package_provider' => 'yum' } } + it_behaves_like 'splunk enterprise nix defaults' + end + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_package('splunk').with(ensure: 'absent') } + end - it { is_expected.to contain_package('splunk').with(provider: 'yum') } + context 'when $splunk::enterprise::package_ensure and $splunk::enterprise::release are both set to specific versions' do + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'package_ensure' => '6.0.0-fb30470262e3' } } + + # TODO: Test for warning + # it { expect { is_expected.to contain_class('splunk::enterprise') }.to raise_warning(Puppet::Warning, %r{It is recommended you specify the splunk version}) } + if %w[sun dpkg].include? facts[:package_provider] + it { is_expected.to compile.and_raise_error(%r{Provider.*must have features 'versionable' to set 'ensure'}) } + else + it { is_expected.to compile.with_all_deps } end end + # + # Test the boot_start logic + # + context 'with $boot_start = true (defaults)' do if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' - context 'with $facts[service_provider] == init and $splunk::params::version >= 7.2.2' do + context 'with $facts[service_provider] == init and $splunk::enterprise::release >= 7.2.2' do let(:facts) do facts.merge(service_provider: 'init') end - let(:pre_condition) do - "class { 'splunk::params': version => '7.2.4.2' }" - end + let(:params) { { 'release' => '7.2.4.2-fb30470262e3' } } - it_behaves_like 'splunk enterprise nix defaults' + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_package('net-tools').with(ensure: 'present') } - it { is_expected.to contain_class('splunk::enterprise').with(service_name: 'splunk') } it { is_expected.not_to contain_file('/etc/init.d/splunk').with(ensure: 'absent') } it { is_expected.to contain_exec('stop_splunk').with(command: '/opt/splunk/bin/splunk stop') } it { is_expected.to contain_exec('enable_splunk').with(command: '/opt/splunk/bin/splunk enable boot-start -user root --accept-license --answer-yes --no-prompt') } @@ -95,17 +136,14 @@ it { is_expected.to contain_service('splunk').with(ensure: 'running', enable: true, status: nil, restart: nil, start: nil, stop: nil) } end - context 'with $facts[service_provider] == init and $splunk::params::version < 7.2.2' do + context 'with $facts[service_provider] == init and $splunk::enterprise::release < 7.2.2' do let(:facts) do facts.merge(service_provider: 'init') end - let(:pre_condition) do - "class { 'splunk::params': version => '6.0.0' }" - end + let(:params) { { 'release' => '6.0.0-fb30470262e3' } } - it_behaves_like 'splunk enterprise nix defaults' + it { is_expected.to compile.with_all_deps } it { is_expected.not_to contain_package('net-tools').with(ensure: 'present') } - it { is_expected.to contain_class('splunk::enterprise').with(service_name: 'splunk') } it { is_expected.not_to contain_file('/etc/init.d/splunk').with(ensure: 'absent') } it { is_expected.to contain_exec('stop_splunk').with(command: '/opt/splunk/bin/splunk stop') } it { is_expected.to contain_exec('enable_splunk').with(command: '/opt/splunk/bin/splunk enable boot-start -user root --accept-license --answer-yes --no-prompt') } @@ -114,17 +152,14 @@ it { is_expected.to contain_service('splunk').with(ensure: 'running', enable: true, status: nil, restart: nil, start: nil, stop: nil) } end - context 'with $facts[service_provider] == systemd and $splunk::params::version >= 7.2.2' do + context 'with $facts[service_provider] == systemd and $splunk::enterprise::release >= 7.2.2' do let(:facts) do facts.merge(service_provider: 'systemd') end - let(:pre_condition) do - "class { 'splunk::params': version => '7.2.4.2' }" - end + let(:params) { { 'release' => '7.2.4.2-fb30470262e3' } } - it_behaves_like 'splunk enterprise nix defaults' + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_package('net-tools').with(ensure: 'present') } - it { is_expected.to contain_class('splunk::enterprise').with(service_name: 'Splunkd') } it { is_expected.to contain_file('/etc/init.d/splunk').with(ensure: 'absent') } it { is_expected.to contain_exec('stop_splunk').with(command: '/opt/splunk/bin/splunk stop') } it { is_expected.to contain_exec('enable_splunk').with(command: '/opt/splunk/bin/splunk enable boot-start -user root --accept-license --answer-yes --no-prompt') } @@ -133,17 +168,14 @@ it { is_expected.to contain_service('Splunkd').with(ensure: 'running', enable: true, status: nil, restart: nil, start: nil, stop: nil) } end - context 'with $facts[service_provider] == systemd and $splunk::params::version < 7.2.2' do + context 'with $facts[service_provider] == systemd and $splunk::enterprise::release < 7.2.2' do let(:facts) do facts.merge(service_provider: 'systemd') end - let(:pre_condition) do - "class { 'splunk::params': version => '6.0.0' }" - end + let(:params) { { 'release' => '6.0.0-fb30470262e3' } } - it_behaves_like 'splunk enterprise nix defaults' + it { is_expected.to compile.with_all_deps } it { is_expected.not_to contain_package('net-tools').with(ensure: 'present') } - it { is_expected.to contain_class('splunk::enterprise').with(service_name: 'splunk') } it { is_expected.not_to contain_file('/etc/init.d/splunk').with(ensure: 'absent') } it { is_expected.to contain_exec('stop_splunk').with(command: '/opt/splunk/bin/splunk stop') } it { is_expected.to contain_exec('enable_splunk').with(command: '/opt/splunk/bin/splunk enable boot-start -user root --accept-license --answer-yes --no-prompt') } @@ -158,17 +190,14 @@ context 'with $boot_start = false' do if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' - context 'with $facts[service_provider] == init and $splunk::params::version >= 7.2.2' do + context 'with $facts[service_provider] == init and $splunk::enterprise::release >= 7.2.2' do let(:facts) do facts.merge(service_provider: 'init') end - let(:pre_condition) do - "class { 'splunk::params': version => '7.2.4.2', boot_start => false }" - end + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'boot_start' => false } } - it_behaves_like 'splunk enterprise nix defaults' + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_package('net-tools').with(ensure: 'present') } - it { is_expected.to contain_class('splunk::enterprise').with(service_name: 'splunk') } it { is_expected.not_to contain_file('/etc/init.d/splunk').with(ensure: 'absent') } it { is_expected.not_to contain_exec('stop_splunk') } it { is_expected.not_to contain_exec('enable_splunk') } @@ -177,17 +206,14 @@ it { is_expected.to contain_service('splunk').with(restart: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk restart'", start: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk start'", stop: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk stop'", status: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk status'") } end - context 'with $facts[service_provider] == init and $splunk::params::version < 7.2.2' do + context 'with $facts[service_provider] == init and $splunk::enterprise::release < 7.2.2' do let(:facts) do facts.merge(service_provider: 'init') end - let(:pre_condition) do - "class { 'splunk::params': version => '6.0.0', boot_start => false }" - end + let(:params) { { 'release' => '6.0.0-fb30470262e3', 'boot_start' => false } } - it_behaves_like 'splunk enterprise nix defaults' + it { is_expected.to compile.with_all_deps } it { is_expected.not_to contain_package('net-tools').with(ensure: 'present') } - it { is_expected.to contain_class('splunk::enterprise').with(service_name: 'splunk') } it { is_expected.not_to contain_file('/etc/init.d/splunk').with(ensure: 'absent') } it { is_expected.not_to contain_exec('stop_splunk') } it { is_expected.not_to contain_exec('enable_splunk') } @@ -196,17 +222,14 @@ it { is_expected.to contain_service('splunk').with(restart: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk restart'", start: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk start'", stop: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk stop'", status: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk status'") } end - context 'with $facts[service_provider] == systemd and $splunk::params::version >= 7.2.2' do + context 'with $facts[service_provider] == systemd and $splunk::enterprise::release >= 7.2.2' do let(:facts) do facts.merge(service_provider: 'systemd') end - let(:pre_condition) do - "class { 'splunk::params': version => '7.2.4.2', boot_start => false }" - end + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'boot_start' => false } } - it_behaves_like 'splunk enterprise nix defaults' + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_package('net-tools').with(ensure: 'present') } - it { is_expected.to contain_class('splunk::enterprise').with(service_name: 'Splunkd') } it { is_expected.to contain_file('/etc/init.d/splunk').with(ensure: 'absent') } it { is_expected.not_to contain_exec('stop_splunk') } it { is_expected.not_to contain_exec('enable_splunk') } @@ -215,17 +238,14 @@ it { is_expected.to contain_service('Splunkd').with(restart: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk restart'", start: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk start'", stop: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk stop'", status: "/usr/sbin/runuser -l root -c '/opt/splunk/bin/splunk status'") } end - context 'with $facts[service_provider] == systemd and $splunk::params::version < 7.2.2' do + context 'with $facts[service_provider] == systemd and $splunk::enterprise::release < 7.2.2' do let(:facts) do facts.merge(service_provider: 'systemd') end - let(:pre_condition) do - "class { 'splunk::params': version => '6.0.0', boot_start => false }" - end + let(:params) { { 'release' => '6.0.0-fb30470262e3', 'boot_start' => false } } - it_behaves_like 'splunk enterprise nix defaults' + it { is_expected.to compile.with_all_deps } it { is_expected.not_to contain_package('net-tools').with(ensure: 'present') } - it { is_expected.to contain_class('splunk::enterprise').with(service_name: 'splunk') } it { is_expected.not_to contain_file('/etc/init.d/splunk').with(ensure: 'absent') } it { is_expected.not_to contain_exec('stop_splunk') } it { is_expected.not_to contain_exec('enable_splunk') } @@ -236,6 +256,39 @@ end end + + # + # Test miscellaneous parameter logic + # + + context 'when manage_password = true' do + if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'manage_password' => true } } + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_file('/opt/splunk/etc/splunk.secret') } + it { is_expected.to contain_file('/opt/splunk/etc/passwd') } + end + end + + context 'when package_provider = yum' do + if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'package_provider' => 'yum' } } + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_package('splunk').with(provider: 'yum') } + end + end + + context 'when service_ensure is stopped' do + let(:facts) do + facts.merge(service_provider: 'systemd') + end + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'service_ensure' => 'stopped' } } + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_service('Splunkd').with(ensure: 'stopped') } + end end end end diff --git a/spec/classes/forwarder_spec.rb b/spec/classes/forwarder_spec.rb index 0861e2c2..52333ac3 100644 --- a/spec/classes/forwarder_spec.rb +++ b/spec/classes/forwarder_spec.rb @@ -1,15 +1,13 @@ require 'spec_helper' -shared_examples_for 'splunk forwarder' do +shared_examples_for 'splunk forwarder nix defaults' do it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_class('splunk') } - it { is_expected.to contain_class('splunk::params') } it { is_expected.to contain_class('splunk::forwarder') } it { is_expected.to contain_class('splunk::forwarder::install') } it { is_expected.to contain_class('splunk::forwarder::config') } it { is_expected.to contain_class('splunk::forwarder::service') } + it { is_expected.to contain_class('splunk::forwarder::service::nix') } it { is_expected.to contain_splunk_config('splunk') } - it { is_expected.to contain_package('splunkforwarder').with(ensure: 'installed') } it { is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/deploymentclient.conf') } it { is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/outputs.conf') } it { is_expected.to contain_file('/opt/splunkforwarder/etc/system/local/inputs.conf') } @@ -32,49 +30,92 @@ else context "on #{os}" do let(:facts) do - facts + facts.merge(splunkenterprise: {}, splunkforwarder: {}) end - context 'splunk when including forwarder and enterprise' do + # + # Test the default parameters, and the version, build, and package_ensure logic + # + + context 'when including both splunk::forwarder and splunk::enterprise' do let(:pre_condition) do - 'include splunk::enterprise' + "class { splunk::enterprise: release => '7.2.4.2-fb30470262e3', }" end + let(:params) { { 'release' => '7.2.4.2-fb30470262e3' } } it { expect { is_expected.to contain_class('splunk::forwarder') }.to raise_error(Puppet::Error, %r{Do not include splunk::forwarder on the same node as splunk::enterprise}) } end - context 'when manage_password = true' do + context 'with default parmeters and the splunkforwarder[version] fact is undefined' do + it { expect { is_expected.to contain_class('splunk::forwarder') }.to raise_error(Puppet::Error, %r{No splunk version detected}) } + end + + context 'with default parameters and the splunkforwarder[version] fact is defined' do + let(:facts) do + facts.merge(splunkforwarder: { 'version' => '7.2.4.2', 'build' => 'fb30470262e3' }) + end + + it { is_expected.to compile.with_all_deps } if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' - let(:params) { { 'manage_password' => true } } + it_behaves_like 'splunk forwarder nix defaults' + end + if %w[sun dpkg].include? facts[:package_provider] + it { is_expected.to contain_package('splunkforwarder').with(ensure: 'installed', source: %r{\/opt\/staging\/splunk\/splunkforwarder-7.2.4.2-fb30470262e3}) } + else + it { is_expected.to contain_package('splunkforwarder').with(ensure: '7.2.4.2-fb30470262e3', source: %r{\/opt\/staging\/splunk\/splunkforwarder-7.2.4.2-fb30470262e3}) } + end + end - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_file('/opt/splunkforwarder/etc/splunk.secret') } - it { is_expected.to contain_file('/opt/splunkforwarder/etc/passwd') } + context 'when $splunk::forwarder::release is specified and $splunk::forwarder::package_ensure is undefined' do + let(:params) { { 'release' => '7.2.4.2-fb30470262e3' } } + + it { is_expected.to compile.with_all_deps } + if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' + it_behaves_like 'splunk forwarder nix defaults' + end + if %w[sun dpkg].include? facts[:package_provider] + it { is_expected.to contain_package('splunkforwarder').with(ensure: 'installed', source: %r{\/opt\/staging\/splunk\/splunkforwarder-7.2.4.2-fb30470262e3}) } + else + it { is_expected.to contain_package('splunkforwarder').with(ensure: '7.2.4.2-fb30470262e3', source: %r{\/opt\/staging\/splunk\/splunkforwarder-7.2.4.2-fb30470262e3}) } end end - context 'when package_provider = yum' do + context 'when $splunk::forwarder::release is specified and $splunk::forwarder::package_ensure is `absent`' do + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'package_ensure' => 'absent' } } + if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' - let(:params) { { 'package_provider' => 'yum' } } + it_behaves_like 'splunk forwarder nix defaults' + end + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_package('splunkforwarder').with(ensure: 'absent') } + end - it { is_expected.to contain_package('splunkforwarder').with(provider: 'yum') } + context 'when $splunk::forwarder::package_ensure and $splunk::forwarder::release are both set to specific versions' do + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'package_ensure' => '6.0.0-fb30470262e3' } } + + # TODO: Test for warning + # it { expect { is_expected.to contain_class('splunk::forwarder') }.to raise_warning(Puppet::Warning, %r{It is recommended you specify the splunk version}) } + if %w[sun dpkg].include? facts[:package_provider] + it { is_expected.to compile.and_raise_error(%r{Provider.*must have features 'versionable' to set 'ensure'}) } + else + it { is_expected.to compile.with_all_deps } end end + # + # Test the boot_start logic + # + context 'with $boot_start = true (defaults)' do if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' - context 'with $facts[service_provider] == init and $splunk::params::version >= 7.2.2' do + context 'with $facts[service_provider] == init and $splunk::forwarder::release >= 7.2.2' do let(:facts) do facts.merge(service_provider: 'init') end - let(:pre_condition) do - "class { 'splunk::params': version => '7.2.2' }" - end + let(:params) { { 'release' => '7.2.4.2-fb30470262e3' } } - it_behaves_like 'splunk forwarder' - it { is_expected.to contain_class('splunk::forwarder::service::nix') } - it { is_expected.to contain_class('splunk::forwarder').with(service_name: 'splunk') } + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_exec('stop_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk stop') } it { is_expected.to contain_exec('enable_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk enable boot-start -user root --accept-license --answer-yes --no-prompt') } it { is_expected.not_to contain_exec('disable_splunkforwarder') } @@ -82,17 +123,13 @@ it { is_expected.to contain_service('splunk').with(ensure: 'running', enable: true, status: nil, restart: nil, start: nil, stop: nil) } end - context 'with $facts[service_provider] == init and $splunk::params::version < 7.2.2' do + context 'with $facts[service_provider] == init and $splunk::forwarder::version < 7.2.2' do let(:facts) do facts.merge(service_provider: 'init') end - let(:pre_condition) do - "class { 'splunk::params': version => '6.0.0' }" - end + let(:params) { { 'release' => '6.0.0-fb30470262e3' } } - it_behaves_like 'splunk forwarder' - it { is_expected.to contain_class('splunk::forwarder::service::nix') } - it { is_expected.to contain_class('splunk::forwarder').with(service_name: 'splunk') } + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_exec('stop_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk stop') } it { is_expected.to contain_exec('enable_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk enable boot-start -user root --accept-license --answer-yes --no-prompt') } it { is_expected.not_to contain_exec('disable_splunkforwarder') } @@ -100,17 +137,13 @@ it { is_expected.to contain_service('splunk').with(ensure: 'running', enable: true, status: nil, restart: nil, start: nil, stop: nil) } end - context 'with $facts[service_provider] == systemd and $splunk::params::version >= 7.2.2' do + context 'with $facts[service_provider] == systemd and $splunk::forwarder::release >= 7.2.2' do let(:facts) do facts.merge(service_provider: 'systemd') end - let(:pre_condition) do - "class { 'splunk::params': version => '7.2.2' }" - end + let(:params) { { 'release' => '7.2.4.2-fb30470262e3' } } - it_behaves_like 'splunk forwarder' - it { is_expected.to contain_class('splunk::forwarder::service::nix') } - it { is_expected.to contain_class('splunk::forwarder').with(service_name: 'SplunkForwarder') } + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_exec('stop_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk stop') } it { is_expected.to contain_exec('enable_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk enable boot-start -user root --accept-license --answer-yes --no-prompt') } it { is_expected.not_to contain_exec('disable_splunkforwarder') } @@ -118,17 +151,13 @@ it { is_expected.to contain_service('SplunkForwarder').with(ensure: 'running', enable: true, status: nil, restart: nil, start: nil, stop: nil) } end - context 'with $facts[service_provider] == systemd and $splunk::params::version < 7.2.2' do + context 'with $facts[service_provider] == systemd and $splunk::forwarder::release < 7.2.2' do let(:facts) do facts.merge(service_provider: 'systemd') end - let(:pre_condition) do - "class { 'splunk::params': version => '6.0.0' }" - end + let(:params) { { 'release' => '6.0.0-fb30470262e3' } } - it_behaves_like 'splunk forwarder' - it { is_expected.to contain_class('splunk::forwarder::service::nix') } - it { is_expected.to contain_class('splunk::forwarder').with(service_name: 'splunk') } + it { is_expected.to compile.with_all_deps } it { is_expected.to contain_exec('stop_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk stop') } it { is_expected.to contain_exec('enable_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk enable boot-start -user root --accept-license --answer-yes --no-prompt') } it { is_expected.not_to contain_exec('disable_splunkforwarder') } @@ -142,17 +171,13 @@ context 'with $boot_start = false' do if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' - context 'with $facts[service_provider] == init and $splunk::params::version >= 7.2.2' do + context 'with $facts[service_provider] == init and $splunk::forwarder::release >= 7.2.2' do let(:facts) do facts.merge(service_provider: 'init') end - let(:pre_condition) do - "class { 'splunk::params': version => '7.2.2', boot_start => false }" - end + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'boot_start' => false } } - it_behaves_like 'splunk forwarder' - it { is_expected.to contain_class('splunk::forwarder::service::nix') } - it { is_expected.to contain_class('splunk::forwarder').with(service_name: 'splunk') } + it { is_expected.to compile.with_all_deps } it { is_expected.not_to contain_exec('stop_splunkforwarder') } it { is_expected.not_to contain_exec('enable_splunkforwarder') } it { is_expected.to contain_exec('disable_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk disable boot-start -user root --accept-license --answer-yes --no-prompt') } @@ -160,17 +185,13 @@ it { is_expected.to contain_service('splunk').with(restart: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk restart'", start: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk start'", stop: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk stop'", status: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk status'") } end - context 'with $facts[service_provider] == init and $splunk::params::version < 7.2.2' do + context 'with $facts[service_provider] == init and $splunk::forwarder::release < 7.2.2' do let(:facts) do facts.merge(service_provider: 'init') end - let(:pre_condition) do - "class { 'splunk::params': version => '6.0.0', boot_start => false }" - end + let(:params) { { 'release' => '6.0.0-fb30470262e3', 'boot_start' => false } } - it_behaves_like 'splunk forwarder' - it { is_expected.to contain_class('splunk::forwarder::service::nix') } - it { is_expected.to contain_class('splunk::forwarder').with(service_name: 'splunk') } + it { is_expected.to compile.with_all_deps } it { is_expected.not_to contain_exec('stop_splunkforwarder') } it { is_expected.not_to contain_exec('enable_splunkforwarder') } it { is_expected.to contain_exec('disable_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk disable boot-start -user root --accept-license --answer-yes --no-prompt') } @@ -178,17 +199,13 @@ it { is_expected.to contain_service('splunk').with(restart: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk restart'", start: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk start'", stop: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk stop'", status: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk status'") } end - context 'with $facts[service_provider] == systemd and $splunk::params::version >= 7.2.2' do + context 'with $facts[service_provider] == systemd and $splunk::forwarder::release >= 7.2.2' do let(:facts) do facts.merge(service_provider: 'systemd') end - let(:pre_condition) do - "class { 'splunk::params': version => '7.2.2', boot_start => false }" - end + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'boot_start' => false } } - it_behaves_like 'splunk forwarder' - it { is_expected.to contain_class('splunk::forwarder::service::nix') } - it { is_expected.to contain_class('splunk::forwarder').with(service_name: 'SplunkForwarder') } + it { is_expected.to compile.with_all_deps } it { is_expected.not_to contain_exec('stop_splunkforwarder') } it { is_expected.not_to contain_exec('enable_splunkforwarder') } it { is_expected.to contain_exec('disable_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk disable boot-start -user root --accept-license --answer-yes --no-prompt') } @@ -196,17 +213,13 @@ it { is_expected.to contain_service('SplunkForwarder').with(restart: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk restart'", start: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk start'", stop: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk stop'", status: "/usr/sbin/runuser -l root -c '/opt/splunkforwarder/bin/splunk status'") } end - context 'with $facts[service_provider] == systemd and $splunk::params::version < 7.2.2' do + context 'with $facts[service_provider] == systemd and $splunk::forwarder::release < 7.2.2' do let(:facts) do facts.merge(service_provider: 'systemd') end - let(:pre_condition) do - "class { 'splunk::params': version => '6.0.0', boot_start => false }" - end + let(:params) { { 'release' => '6.0.0-fb30470262e3', 'boot_start' => false } } - it_behaves_like 'splunk forwarder' - it { is_expected.to contain_class('splunk::forwarder::service::nix') } - it { is_expected.to contain_class('splunk::forwarder').with(service_name: 'splunk') } + it { is_expected.to compile.with_all_deps } it { is_expected.not_to contain_exec('stop_splunkforwarder') } it { is_expected.not_to contain_exec('enable_splunkforwarder') } it { is_expected.to contain_exec('disable_splunkforwarder').with(command: '/opt/splunkforwarder/bin/splunk disable boot-start -user root --accept-license --answer-yes --no-prompt') } @@ -216,6 +229,29 @@ end end + + # + # Test miscellaneous parameter logic + # + + context 'when manage_password = true' do + if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'manage_password' => true } } + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_file('/opt/splunkforwarder/etc/splunk.secret') } + it { is_expected.to contain_file('/opt/splunkforwarder/etc/passwd') } + end + end + + context 'when package_provider = yum' do + if facts[:kernel] == 'Linux' || facts[:kernel] == 'SunOS' + let(:params) { { 'release' => '7.2.4.2-fb30470262e3', 'package_provider' => 'yum' } } + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_package('splunkforwarder').with(provider: 'yum') } + end + end end end end diff --git a/spec/classes/splunk_spec.rb b/spec/classes/splunk_spec.rb deleted file mode 100644 index c05c42c5..00000000 --- a/spec/classes/splunk_spec.rb +++ /dev/null @@ -1,22 +0,0 @@ -require 'spec_helper' - -describe 'splunk' do - context 'supported operating systems' do - on_supported_os.each do |os, facts| - if os.start_with?('windows') - # Splunk Server not used supported on windows - else - context "on #{os}" do - let(:facts) do - facts - end - - context 'splunk class without any parameters' do - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_class('splunk') } - end - end - end - end - end -end diff --git a/spec/defines/addon_spec.rb b/spec/defines/addon_spec.rb index 60839d71..77bd2ae5 100644 --- a/spec/defines/addon_spec.rb +++ b/spec/defines/addon_spec.rb @@ -21,7 +21,7 @@ context 'supported operating systems' do let(:pre_condition) do - 'include splunk::forwarder' + "class { 'splunk::forwarder': release => '7.2.4.2-abcdefg', }" end on_supported_os.each do |os, facts| diff --git a/spec/unit/facter/splunk_version_spec.rb b/spec/unit/facter/splunkenterprise_spec.rb similarity index 74% rename from spec/unit/facter/splunk_version_spec.rb rename to spec/unit/facter/splunkenterprise_spec.rb index aabd8a69..15a6b846 100644 --- a/spec/unit/facter/splunk_version_spec.rb +++ b/spec/unit/facter/splunkenterprise_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper' -describe 'splunk_version Fact' do +describe 'splunkenterprise Fact' do before do Facter.clear end @@ -8,19 +8,19 @@ it 'returns version for Windows' do allow(File).to receive(:exist?).with('C:/Program Files/Splunk/bin/splunk.exe').and_return(true) allow(Facter::Util::Resolution).to receive(:exec).with('"C:/Program Files/Splunk/bin/splunk.exe" --version').and_return('Splunk 6.6.8 (build 6c27a8439c1e)') - expect(Facter.fact(:splunk_version).value).to eq('6.6.8') + expect(Facter.fact(:splunkenterprise).value).to eq({'version' => '6.6.8','build' => '6c27a8439c1e'}) end it 'returns version for Linux' do allow(File).to receive(:exist?).with('C:/Program Files/Splunk/bin/splunk.exe').and_return(false) allow(File).to receive(:exist?).with('/opt/splunk/bin/splunk').and_return(true) allow(Facter::Util::Resolution).to receive(:exec).with('/opt/splunk/bin/splunk --version').and_return('Splunk 6.6.8 (build 6c27a8439c1e)') - expect(Facter.fact(:splunk_version).value).to eq('6.6.8') + expect(Facter.fact(:splunkenterprise).value).to eq({'version' => '6.6.8','build' => '6c27a8439c1e'}) end - it 'returns nil' do + it 'returns {}' do allow(File).to receive(:exist?).with('C:/Program Files/Splunk/bin/splunk.exe').and_return(false) allow(File).to receive(:exist?).with('/opt/splunk/bin/splunk').and_return(false) - expect(Facter.fact(:splunk_version).value).to be_nil + expect(Facter.fact(:splunkenterprise).value).to eq({}) end end diff --git a/spec/unit/facter/splunkforwarder_version_spec.rb b/spec/unit/facter/splunkforwarder_spec.rb similarity index 76% rename from spec/unit/facter/splunkforwarder_version_spec.rb rename to spec/unit/facter/splunkforwarder_spec.rb index e816475b..4f0137e4 100644 --- a/spec/unit/facter/splunkforwarder_version_spec.rb +++ b/spec/unit/facter/splunkforwarder_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper' -describe 'splunkforwarder_version Fact' do +describe 'splunkforwarder Fact' do before do Facter.clear end @@ -8,19 +8,20 @@ it 'returns version for Windows' do allow(File).to receive(:exist?).with('C:/Program Files/SplunkUniversalForwarder/bin/splunk.exe').and_return(true) allow(Facter::Util::Resolution).to receive(:exec).with('"C:/Program Files/SplunkUniversalForwarder/bin/splunk.exe" --version').and_return('Splunk Universal Forwarder 7.0.2 (build 03bbabbd5c0f)') - expect(Facter.fact(:splunkforwarder_version).value).to eq('7.0.2') + expect(Facter.fact(:splunkforwarder).value).to eq({'version' => '7.0.2','build' => '03bbabbd5c0f'}) + end it 'returns version for Linux' do allow(File).to receive(:exist?).with('C:/Program Files/SplunkUniversalForwarder/bin/splunk.exe').and_return(false) allow(File).to receive(:exist?).with('/opt/splunkforwarder/bin/splunk').and_return(true) allow(Facter::Util::Resolution).to receive(:exec).with('/opt/splunkforwarder/bin/splunk --version').and_return('Splunk Universal Forwarder 7.0.2 (build 03bbabbd5c0f)') - expect(Facter.fact(:splunkforwarder_version).value).to eq('7.0.2') + expect(Facter.fact(:splunkforwarder).value).to eq({'version' => '7.0.2','build' => '03bbabbd5c0f'}) end - it 'returns nil' do + it 'returns {}' do allow(File).to receive(:exist?).with('C:/Program Files/SplunkUniversalForwarder/bin/splunk.exe').and_return(false) allow(File).to receive(:exist?).with('/opt/splunkforwarder/bin/splunk').and_return(false) - expect(Facter.fact(:splunkforwarder_version).value).to be_nil + expect(Facter.fact(:splunkforwarder).value).to eq({}) end end diff --git a/types/release.pp b/types/release.pp new file mode 100644 index 00000000..3cd521a3 --- /dev/null +++ b/types/release.pp @@ -0,0 +1 @@ +type Splunk::Release = Pattern[/^(\d+\.)+\d+-([^-|\s]+$)/]