All Projects → voxpupuli → Puppet Puppetboard

voxpupuli / Puppet Puppetboard

Licence: apache-2.0
Puppet module to install and manage puppetboard

Labels

Projects that are alternatives of or similar to Puppet Puppetboard

Awaseroot
http://awaseroot.wordpress.com
Stars: ✭ 28 (-33.33%)
Mutual labels:  puppet
Puppet Puppet
100% free range, organic, pesticide free Puppet module for managing Puppet
Stars: ✭ 33 (-21.43%)
Mutual labels:  puppet
Puppet Redis
Puppet Module to manage Redis
Stars: ✭ 37 (-11.9%)
Mutual labels:  puppet
Fuel Plugin Neutron Lbaas
Fuel plugin for LBaaS for Neutron
Stars: ✭ 30 (-28.57%)
Mutual labels:  puppet
Web development vm how to
Instructions and scripts to quickly set up development and production environments for PHP, Nginx, and MySQL based infrastructure.
Stars: ✭ 31 (-26.19%)
Mutual labels:  puppet
Puppet Sysctl
Puppet module to manage sysctl parameters
Stars: ✭ 35 (-16.67%)
Mutual labels:  puppet
Puppet Project config
MOVED: Now at https://opendev.org/opendev/puppet-project_config
Stars: ✭ 20 (-52.38%)
Mutual labels:  puppet
Userplex
Propagate users from Mozilla's Person API to third party systems.
Stars: ✭ 41 (-2.38%)
Mutual labels:  puppet
Percona Cluster
Percona XtraDB Cluster test
Stars: ✭ 32 (-23.81%)
Mutual labels:  puppet
Drupal8.dev
Vagrant machine for drupal 8 or any other php project
Stars: ✭ 37 (-11.9%)
Mutual labels:  puppet
Puppet Puppetexplorer
Puppet module for installing Puppet Explorer
Stars: ✭ 30 (-28.57%)
Mutual labels:  puppet
Puppet Openldap
LDAP Configuration Management Module for Puppet
Stars: ✭ 30 (-28.57%)
Mutual labels:  puppet
Mimetypes
A simple lookup from file name/extension to MIME/media type, generated from mime-db, which in turn is compiled from IANA, Apache and nginx's MIME types.
Stars: ✭ 37 (-11.9%)
Mutual labels:  puppet
Puppet Windowsfeature
Library that uses ServerAdministration api that comes with Windows Server 2008 and Windows Server 2012 to add / remove windows features
Stars: ✭ 29 (-30.95%)
Mutual labels:  puppet
Puppet Hadoop
Hadopp Module For Puppet.
Stars: ✭ 40 (-4.76%)
Mutual labels:  puppet
Puppet Gerritbot
MOVED: Now at https://opendev.org/opendev/puppet-gerritbot
Stars: ✭ 20 (-52.38%)
Mutual labels:  puppet
Puppet Mongodb
This module manages mongodb services. It provides the functions for sharding, mongod and mongos instances.
Stars: ✭ 34 (-19.05%)
Mutual labels:  puppet
Vagrant Magento Hhvm
A vagrant configuration for getting a basic version of Magento with HHVM up and running.
Stars: ✭ 41 (-2.38%)
Mutual labels:  puppet
Puppet Nginx
[UNMAINTAINED] Puppet Nginx module
Stars: ✭ 40 (-4.76%)
Mutual labels:  puppet
Puppet Zuul
MOVED: Now at https://opendev.org/opendev/puppet-zuul
Stars: ✭ 37 (-11.9%)
Mutual labels:  puppet

puppetboard

License Build Status Puppet Forge Puppet Forge downloads Puppet Forge - endorsement Puppet Forge score

Table of Contents

  1. Overview
  2. Setup
  3. Usage
  4. Number of Reports
  5. Offline Mode
  6. Set Default Environment
  7. Disable SELinux
  8. Development

Overview

This is the puppetboard puppet module.

Puppetboard is an open source puppet dashboard

https://github.com/voxpupuli/puppetboard

Setup

Installation

puppet module install puppet-puppetboard

Dependencies

Note Oracle linux 5 on puppet versions 4.6.0 to 4.7.1 has pip package problem which will cause an error trying to install puppetboard.

Note that this module no longer explicitly requires the puppetlabs apache module. If you want to use the apache functionality of this module you will have to specify that the apache module is installed with:

puppet module install puppetlabs-apache

On RedHat type systems, EPEL may also need to be configured; you can use the stahnma/epel module if you don't already have it configured.

This module also requires the git and virtualenv packages. These can be enabled in the module by:

class { 'puppetboard':
  manage_git        => true,
  manage_virtualenv => true,
}

or by:

class { 'puppetboard':
  manage_git        => 'latest',
  manage_virtualenv => 'latest',
}

Usage

Declare the base puppetboard manifest:

class { 'puppetboard': }

Number of Reports

NOTE: In order to have reports present in the dashboard, report storage must be enabled on the Puppet master node. This is not the default behavior, so it mush be enabled.

See https://docs.puppet.com/puppetdb/latest/connect_puppet_master.html#enabling-report-storage for instructions on report storage.

By default, puppetboard displays only 10 reports. This number can be controlled to set the number of reports to show.

class { 'puppetboard':
  reports_count => 40
}

Offline Mode

If you are running puppetboard in an environment which does not have network access to public CDNs, puppet board can load static assets (jquery, semantic-ui, tablesorter, etc) from the local web server instead of a CDN:

class { 'puppetboard':
  offline_mode => true,
}

Set Default Environment

by default, puppetboard defaults to "production" environment. This can be set to default to a different environment.

class { 'puppetboard':
  default_environment => 'customers',
}

or to default to "All environments":

class { 'puppetboard':
  default_environment => '*',
}

Disable SELinux

class { 'puppetboard':
  manage_selinux => false,
}

Apache

If you want puppetboard accessible through Apache and you're able to use the official puppetlabs/apache Puppet module, this module contains two classes to help configuration.

The first, puppetboard::apache::vhost, will use the apache::vhost defined-type to create a full virtual host. This is useful if you want puppetboard to be available from http://pboard.example.com:

# Configure Apache on this server
class { 'apache': }
class { 'apache::mod::wsgi': }

# Configure Puppetboard
class { 'puppetboard': }

# Access Puppetboard through pboard.example.com
class { 'puppetboard::apache::vhost':
  vhost_name => 'pboard.example.com',
  port       => 80,
}

The second, puppetboard::apache::conf, will create an entry in /etc/apache2/conf.d (or /etc/httpd/conf.d, depending on your distribution). This is useful if you simply want puppetboard accessible from http://example.com/puppetboard:

# Configure Apache
# Ensure it does *not* purge configuration files
class { 'apache':
  purge_configs => false,
  mpm_module    => 'prefork',
  default_vhost => true,
  default_mods  => false,
}

class { 'apache::mod::wsgi': }

# Configure Puppetboard
class { 'puppetboard': }

# Access Puppetboard from example.com/puppetboard
class { 'puppetboard::apache::conf': }

Apache (with Reverse Proxy)

You can also relocate puppetboard to a sub-URI of a Virtual Host. This is useful if you want to reverse-proxy puppetboard, but are not planning on dedicating a domain just for puppetboard:

class { 'puppetboard::apache::vhost':
  vhost_name => 'dashes.acme',
  wsgi_alias => '/pboard',
}

In this case puppetboard will be available (on the default) on http://dashes.acme:5000/pboard. You can then reverse-proxy to it like so:

Redirect /pboard /pboard/
ProxyPass /pboard/ http://dashes.acme:5000/pboard/
ProxyPassReverse /pboard/ http://dashes.acme:5000/pboard/

Using the puppetlabs/apache module:

apache::vhost { 'example.acme':
  port            => '80',
  docroot         => '/var/www/html',
  redirect_source => [ '/pboard' ],
  redirect_dest   => [ '/pboard/' ],
  proxy_pass      => [
    {
      'path' => '/pboard/',
      'url'  => 'http://dashes.acme:5000/pboard/',
    },
  ],
}

Redhat/CentOS

RedHat/CentOS has restrictions on the /etc/apache directory that require wsgi to be configured to use /var/run.

  class { 'apache::mod::wsgi':
    wsgi_socket_prefix => "/var/run/wsgi",
  }

Apache, RedHat/CentOS and a non-standard port

# Configure Apache on this server
class { 'apache': }
class { 'apache::mod::version': }
class { 'apache::mod::wsgi':
  wsgi_socket_prefix => "/var/run/wsgi",
}

# Configure Puppetboard
class { 'puppetboard': }

# Access Puppetboard through pboard.example.com, port 8888
class { 'puppetboard::apache::vhost':
  vhost_name => 'puppetboard.example.com',
  port => '8888',
}

Using SSL to the PuppetDB host

If you would like to use certificate auth into the PuppetDB service you must configure puppetboard to use a client certificate and private key.

You have two options for the source of the client certificate & key:

  1. Generate a new certificate, signed by the puppetmaster CA
  2. Use the existing puppet client certificate

If you choose option 1, generate the new certificates on the CA puppet master as follows:

sudo puppet cert generate puppetboard.example.com

Note: this name cannot conflict with an existing certificate name.

The new certificate and private key can be found in $certdir/.pem and $privatekeydir/.pem on the CA puppet master. If you are not running puppetboard on the CA puppet master you will need to copy the certificate and key to the node running puppetboard.

Here's an example, using new certificates:

$ssl_dir = '/var/lib/puppetboard/ssl'
$puppetboard_certname = 'puppetboard.example.com'
class { 'puppetboard':
  manage_virtualenv   => true,
  puppetdb_host       => 'puppetdb.example.com',
  puppetdb_port       => 8081,
  puppetdb_key        => "${ssl_dir}/private_keys/${puppetboard_certname}.pem",
  puppetdb_ssl_verify => "${ssl_dir}/certs/ca.pem",
  puppetdb_cert       => "${ssl_dir}/certs/${puppetboard_certname}.pem",
}

If you are re-using the existing puppet client certificates, they will already exist on the node (assuming puppet has been run and the client cert signed by the puppet master). However, the puppetboaard user will not have permission to read the private key unless you add it to the puppet group.

Here's a complete example, re-using the puppet client certs:

$ssl_dir = $::settings::ssldir
$puppetboard_certname = $::certname
class { 'puppetboard':
  groups              => 'puppet',
  manage_virtualenv   => true,
  puppetdb_host       => 'puppetdb.example.com',
  puppetdb_port       => 8081,
  puppetdb_key        => "${ssl_dir}/private_keys/${puppetboard_certname}.pem",
  puppetdb_ssl_verify => "${ssl_dir}/certs/ca.pem",
  puppetdb_cert       => "${ssl_dir}/certs/${puppetboard_certname}.pem",
}

Note that both the above approaches only work if you have the Puppet CA root certificate added to the root certificate authority file used by your operating system. If you want to specify the location to the Puppet CA file ( you probably do) you have to use the syntax below. Currently this is a bit of a gross hack, but it's an open issue to resolve it in the Puppet module:

$ssl_dir = $::settings::ssldir
$puppetboard_certname = $::certname
class { 'puppetboard':
  groups              => 'puppet',
  manage_virtualenv   => true,
  puppetdb_host       => 'puppetdb.example.com',
  puppetdb_port       => 8081,
  puppetdb_key        => "${ssl_dir}/private_keys/${puppetboard_certname}.pem",
  puppetdb_ssl_verify => "${ssl_dir}/certs/ca.pem",
  puppetdb_cert       => "${ssl_dir}/certs/${puppetboard_certname}.pem",
}

Development

This module is maintained by Vox Pupuli. Voxpupuli welcomes new contributions to this module, especially those that include documentation and rspec tests. We are happy to provide guidance if necessary.

Please see CONTRIBUTING for more details.

Please log tickets and issues on github.

Authors

  • Spencer Krum [email protected]
  • Voxpupuli Team
  • The core of this module was based on Hunter Haugen's puppetboard-vagrant repo.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].