Skip to content

Latest commit

 

History

History
1643 lines (920 loc) · 34.2 KB

REFERENCE.md

File metadata and controls

1643 lines (920 loc) · 34.2 KB
Raw

Reference

Table of Contents

Classes

Public Classes

Private Classes

  • osg::cacerts: Manage OSG CA certs
  • osg::ce::config: Manage OSG CE configs
  • osg::ce::install: Install OSG CE
  • osg::ce::service: Manage OSG CE Services
  • osg::ce::users: Manage OSG CE Users
  • osg::client::config: Manage OSG client configs
  • osg::client::install: Install OSG client
  • osg::client::service: Manage OSG client services
  • osg::configure: Manage osg-configure
  • osg::configure::misc: Manage osg-configure-misc
  • osg::configure::site_info: Manage OSG configuration site info
  • osg::cvmfs::config: Manage OSG CVMFS configs
  • osg::cvmfs::install: Install CVMFS
  • osg::cvmfs::service: Manage CVMFS service
  • osg::cvmfs::user: Manage CVMFS users
  • osg::gridftp::config: Manage GridFTP configs
  • osg::gridftp::install: Install GridFTP
  • osg::gridftp::service: Manage GridFTP service
  • osg::lcmaps_voms::config: Manage lcmaps voms configs
  • osg::lcmaps_voms::install: Install lcmaps voms support
  • osg::repos: Manage OSG repos

Defined types

Resource types

Classes

osg

Class for common OSG parameters and common resources

Parameters

The following parameters are available in the osg class:

osg_release

Data type: Enum['3.5']

OSG release

Default value: '3.5'

repo_baseurl_bit

Data type: Optional[String]

Base URL for osg repo, eg: https://repo.opensciencegrid.org

Default value: 'https://repo.opensciencegrid.org'

repo_development_baseurl_bit

Data type: Optional[String]

Base URL for osg-development repo, default: https://repo.opensciencegrid.org

Default value: undef

repo_testing_baseurl_bit

Data type: Optional[String]

Base URL for osg-testubg repo, default: https://repo.opensciencegrid.org

Default value: undef

repo_upcoming_baseurl_bit

Data type: Optional[String]

Base URL for osg-upcoming repo, default: https://repo.opensciencegrid.org

Default value: undef

repo_use_mirrors

Data type: Boolean

Sets if repos should use mirrors

Default value: true

repo_gpgkey

Data type: Optional[String]

Path to repo GPG key

Default value: undef

enable_osg

Data type: Boolean

Enable the osg repo

Default value: true

enable_osg_empty

Data type: Boolean

Enable the osg-empty repo

Default value: true

enable_osg_contrib

Data type: Boolean

Enable the osg-contrib repo

Default value: false

manage_epel

Data type: Boolean

Manage the EPEL repo

Default value: true

auth_type

Data type: Enum['lcmaps_voms']

Grid authentication type

Default value: 'lcmaps_voms'

cacerts_package_name

Data type: Enum['osg-ca-certs', 'igtf-ca-certs', 'empty-ca-certs']

Package name for osg-ca-certs

Default value: 'osg-ca-certs'

cacerts_package_ensure

Data type: String

CA certs package ensure

Default value: 'installed'

shared_certs_path

Data type: String

Path to location of shared certs, for example if storing certs on NFS

Default value: '/opt/grid-certificates'

globus_tcp_port_range_min

Data type: Integer[0, 65535]

Min for GLOBUS_TCP_PORT_RANGE

Default value: 40000

globus_tcp_port_range_max

Data type: Integer[0, 65535]

Max for GLOBUS_TCP_PORT_RANGE

Default value: 41999

globus_tcp_source_range_min

Data type: Integer[0, 65535]

Min for GLOBUS_TCP_SOURCE_RANGE

Default value: 40000

globus_tcp_source_range_max

Data type: Integer[0, 65535]

Max for GLOBUS_TCP_SOURCE_RANGE

Default value: 41999

enable_exported_resources

Data type: Boolean

Enable exported resources, useful when services like Squid and CE live on different hosts

Default value: false

exported_resources_export_tag

Data type: String

Exported resources export tag

Default value: $facts['domain']

exported_resource_collect_tag

Data type: String

Exported resources collect tag

Default value: $facts['domain']

site_info_group

Data type: String

osg-configure Site Information/group

Default value: 'OSG'

site_info_host_name

Data type: String

osg-configure Site Information/host_name

Default value: $::fqdn

site_info_resource

Data type: String

osg-configure Site Information/resource

Default value: 'UNAVAILABLE'

site_info_resource_group

Data type: String

osg-configure Site Information/resource_group

Default value: 'UNAVAILABLE'

site_info_sponsor

Data type: String

osg-configure Site Information/sponsor

Default value: 'UNAVAILABLE'

site_info_site_policy

Data type: String

osg-configure Site Information/site_policy

Default value: 'UNAVAILABLE'

site_info_contact

Data type: String

osg-configure Site Information/contact

Default value: 'UNAVAILABLE'

site_info_email

Data type: String

osg-configure Site Information/email

Default value: 'UNAVAILABLE'

site_info_city

Data type: String

osg-configure Site Information/city

Default value: 'UNAVAILABLE'

site_info_country

Data type: String

osg-configure Site Information/country

Default value: 'UNAVAILABLE'

site_info_longitude

Data type: String

osg-configure Site Information/longitude

Default value: 'UNAVAILABLE'

site_info_latitude

Data type: String

osg-configure Site Information/latitude

Default value: 'UNAVAILABLE'

squid_location

Data type: Optional[String]

osg-confgiure Squid/location

Default value: undef

purge_local_site_settings

Data type: Boolean

Purge unmanaged osg_local_site_settings resources

Default value: true

purge_gip_config

Data type: Boolean

Purge unmanaged osg_gip_config

Default value: true

osg::cacerts::updater

Manage OSG CA certs updater

Parameters

The following parameters are available in the osg::cacerts::updater class:

ensure

Data type: Enum['present', 'absent', 'disabled']

State of the resources managed by this class disabled will install the necessary packages but disable the service

Default value: 'present'

min_age

Data type: Integer

Min time between running updater

Default value: 23

max_age

Data type: Integer

Max time between running updater

Default value: 72

random_wait

Data type: Integer

Random wait time

Default value: 30

quiet

Data type: Boolean

Only display errors

Default value: true

logfile

Data type: Variant[Boolean,Undef,String]

Path to logfile

Default value: false

package_name

Data type: String

Package name

Default value: 'osg-ca-certs-updater'

package_ensure

Data type: String

Package ensure value

Default value: 'UNSET'

service_name

Data type: String

Service name

Default value: 'osg-ca-certs-updater-cron'

service_ensure

Data type: String

Service ensure value

Default value: 'UNSET'

service_enable

Data type: String

Service enable value

Default value: 'UNSET'

config_replace

Data type: Boolean

Should the cron config be replaced

Default value: true

osg::ce

Manage OSG CE

Parameters

The following parameters are available in the osg::ce class:

storage_grid_dir

Data type: String

osg-configure Storage/grid_dir

Default value: '/etc/osg/wn-client/'

storage_app_dir

Data type: String

osg-configure Storage/app_dir

Default value: 'UNAVAILABLE'

storage_data_dir

Data type: String

osg-configure Storage/data_dir

Default value: 'UNAVAILABLE'

storage_worker_node_temp

Data type: String

osg-configure Storage/worker_node_temp

Default value: 'UNAVAILABLE'

storage_site_read

Data type: String

osg-configure Storage/site_read

Default value: 'UNAVAILABLE'

storage_site_write

Data type: String

osg-configure Storage/site_write

Default value: 'UNAVAILABLE'

batch_system

Data type: Enum['torque', 'pbs', 'slurm']

Batch system used to submit jobs

Default value: 'torque'

batch_system_prefix

Data type: String

Prefix of where batch system commands are installed

Default value: '/usr'

pbs_server

Data type: String

PBS server address when batch_system is torque or pbs

Default value: 'UNAVAILABLE'

manage_hostcert

Data type: Boolean

Boolean that determines if hostcert is managed

Default value: true

hostcert_source

Data type: Optional[String]

The source of the hostcert

Default value: undef

hostkey_source

Data type: Optional[String]

The source of the hostkey

Default value: undef

htcondor_ce_port

Data type: Integer[0, 65535]

HTCondor CE port

Default value: 9619

htcondor_ce_shared_port

Data type: Integer[0, 65535]

HTCondor CE shared port

Default value: 9620

manage_firewall

Data type: Boolean

Boolean taht determines if firewall rules should be managed

Default value: true

osg_local_site_settings

Data type: Hash

Extra configs for osg-configure local site settings Example: { 'Local Settings/PATH' => { 'value' => '/opt/singularity/bin:$PATH' } }

Default value: {}

osg_gip_configs

Data type: Hash

Extra configs for osg-configure GIP configs Example: { 'Subcluster owens/ram_mb' => { 'value' => 128000 } }

Default value: {}

manage_users

Data type: Boolean

Boolean of whether to manage users and groups

Default value: true

condor_uid

Data type: Optional[Integer]

The UID of condor user

Default value: undef

condor_gid

Data type: Optional[Integer]

The GID of condor group

Default value: undef

gratia_uid

Data type: Optional[Integer]

The UID of gratia user

Default value: undef

gratia_gid

Data type: Optional[Integer]

The GID of gratia group

Default value: undef

condor_ce_config_content

Data type: Optional[String]

Content for /etc/condor-ce/config.d/99-local.conf

Default value: undef

condor_ce_config_source

Data type: Optional[String]

Source for /etc/condor-ce/config.d/99-local.conf

Default value: undef

blahp_local_submit_content

Data type: Optional[String]

Content for blahp local submit attributes

Default value: undef

blahp_local_submit_source

Data type: Optional[String]

Source for blahp local submit attributes

Default value: undef

include_view

Data type: Boolean

Boolean to determine if adding Condor CE View

Default value: false

view_port

Data type: Integer[0, 65535]

Port for Condor CE View

Default value: 8080

per_job_history_dir

Data type: Stdlib::Absolutepath

Path used for Gratia probe DataFolder

Default value: '/var/lib/gratia/data'

gratia_probes_cron_service_ensure

Data type: String

Service ensure for gratia-probes-cron service

Default value: 'running'

gratia_probes_cron_service_enable

Data type: Boolean

Service enable for gratia-probes-cron service

Default value: true

osg::client

Manage OSG client

Parameters

The following parameters are available in the osg::client class:

with_condor

Data type: Boolean

Include Condor support

Default value: true

with_condor_ce

Data type: Boolean

Include Condor CE support

Default value: true

condor_lowport

Data type: Integer[0, 65535]

Condor lowport

Default value: 40000

condor_highport

Data type: Integer[0, 65535]

Condor highport

Default value: 41999

condor_schedd_host

Data type: Optional[String]

Condor schedd host

Default value: undef

condor_collector_host

Data type: Optional[String]

Condor collector host

Default value: undef

manage_firewall

Data type: Boolean

Manage the firewall rules

Default value: true

enable_condor_service

Data type: Boolean

Enable Condor service

Default value: false

enable_condor_ce_service

Data type: Boolean

Enable Condor CE service

Default value: false

condor_configs_override

Data type: Hash

Config overrides for Condor

Default value: {}

condor_ce_configs_override

Data type: Hash

Config overrides for Condor CE

Default value: {}

osg::cvmfs

Manage OSG CVMFS

Parameters

The following parameters are available in the osg::cvmfs class:

manage_user

Data type: Boolean

Boolean to set if CVMFS user is managed

Default value: true

user_name

Data type: String

CVMFS user name

Default value: 'cvmfs'

user_uid

Data type: Optional[Integer]

CVMFS user UID

Default value: undef

user_home

Data type: String

CVMFS user home

Default value: '/var/lib/cvmfs'

user_shell

Data type: String

CVMFS user shell

Default value: '/sbin/nologin'

user_system

Data type: Boolean

Sets if CVMFS user is a system account

Default value: true

user_comment

Data type: String

CVMFS user comment

Default value: 'CernVM-FS service account'

user_managehome

Data type: Boolean

Sets if CVMFS user home is managed

Default value: false

manage_group

Data type: Boolean

Boolean to set if CVMFS group is managed

Default value: true

group_name

Data type: String

CVMFS group name

Default value: 'cvmfs'

group_gid

Data type: Optional[Integer]

CVMFS group GID

Default value: undef

group_system

Data type: Boolean

Sets if CVMFS group is a system account

Default value: true

manage_fuse_group

Data type: Boolean

Manage FUSE group

Default value: true

fuse_group_name

Data type: String

FUSE group name

Default value: 'fuse'

fuse_group_gid

Data type: Optional[Integer]

FUSE group GID

Default value: undef

fuse_group_system

Data type: Boolean

Sets if FUSE group is a system account

Default value: true

package_ensure

Data type: String

Ensure property for CVMFS package

Default value: 'installed'

repositories

Data type: Optional[Array]

CVMFS repositories to enable, eg: grid.cern.ch

Default value: undef

strict_mount

Data type: Boolean

Enable CVMFS strict mount, only allow mounting repositories from repositories parameter

Default value: false

cache_base

Data type: String

Base directory for CVMFS cache

Default value: '/var/cache/cvmfs'

quota_limit

Data type: Integer

Quota limit for CVMFS cache

Default value: 20000

http_proxies

Data type: Array

Squid HTTP proxies for CVMFS

Default value: ["http://squid.${facts['networking']['domain']}:3128"]

cern_server_urls

Data type: Array

Value for CVMFS_SERVER_URL

Default value: []

glite_version

Data type: String

glite version

Default value: ''

cms_local_site

Data type: Optional[String]

Value for CMS_LOCAL_SITE

Default value: undef

osg::fetchcrl

Manage OSG fetchcrl

Parameters

The following parameters are available in the osg::fetchcrl class:

ensure

Data type: Enum['present', 'absent', 'disabled']

State of OSG fetchcrl disabled will install but disable service

Default value: 'present'

crl_package_name

Data type: String

fetch-crl package name

Default value: 'fetch-crl'

crl_package_ensure

Data type: String

Ensure property for fetch-crl package

Default value: 'UNSET'

crl_boot_service_name

Data type: String

fetch-crl-boot package name

Default value: 'fetch-crl-boot'

crl_boot_service_ensure

Data type: String

fetch-crl-boot service ensure

Default value: 'stopped'

crl_boot_service_enable

Data type: Boolean

fetch-crl-boot service enable

Default value: false

crl_cron_service_name

Data type: String

fetch-crl-cron service name

Default value: 'fetch-crl-cron'

crl_cron_service_ensure

Data type: String

fetch-crl-cron service ensure

Default value: 'UNSET'

crl_cron_service_enable

Data type: Variant[Boolean, Enum['UNSET']]

fetch-crl-cron service enable

Default value: 'UNSET'

use_syslog

Data type: Boolean

Boolean to set if syslog should be used

Default value: true

osg::gridftp

Manage OSG GridFTP.

Parameters

The following parameters are available in the osg::gridftp class:

manage_hostcert

Data type: Boolean

Boolean to set if hostcert should be managed

Default value: true

hostcert_source

Data type: Optional[String]

Source for hostcert

Default value: undef

hostkey_source

Data type: Optional[String]

Source for hostkey

Default value: undef

manage_firewall

Data type: Boolean

Boolean to set if the firewall resources should be managed

Default value: true

standalone

Data type: Boolean

Sets if the GridFTP server is standalone. This parameter is considered private. This parameter is intended for when installing GridFTP on a CE and is handled by osg::ce class

Default value: true

osg::lcmaps_voms

Manage lcmaps VOMs

Parameters

The following parameters are available in the osg::lcmaps_voms class:

ban_voms

Data type: Array

VOMs to ban

Default value: []

ban_users

Data type: Array

Users to ban

Default value: []

vos

Data type: Hash[String, Variant[String, Array, Hash]]

Define osg::lcmaps_voms::vo resources Example: { 'vo' => '/DN' } Example: { 'vo' => { 'dn' => '/DN' } }

Default value: {}

users

Data type: Hash[String, Variant[String, Array, Hash]]

Define osg::lcmaps_voms::user resources Example: { 'user' => '/DN' } Example: { 'user' => { 'dn' => '/DN' } }

Default value: {}

osg::squid

Manage OSG squid

Parameters

The following parameters are available in the osg::squid class:

customize_template

Data type: String

Path to template used to customize squid

Default value: 'osg/squid/customize.sh.erb'

net_local

Data type: Array

Local networks

Default value: ['10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16']

monitor_addresses

Data type: Array

Monitor addresses

Default value: ['128.142.0.0/16', '188.184.128.0/17', '188.185.128.0/17']

allow_major_cvmfs

Data type: Boolean

Enables and allows MAJOR_CVMFS

Default value: true

max_filedescriptors

Data type: Integer

Sets max_filedescriptors

Default value: 0

manage_firewall

Data type: Boolean

Manage firewall resources

Default value: true

squid_firewall_ensure

Data type: Enum['present', 'absent']

Ensure property for squid firewall

Default value: 'present'

monitoring_firewall_ensure

Data type: Enum['present', 'absent']

Ensure property for monitoring firewall

Default value: 'present'

private_interface

Data type: Optional[String]

Private interface, used by firewall rules to allow squid access

Default value: undef

public_interface

Data type: Optional[String]

Public interface, used by firewall rules to allow monitor addresses

Default value: undef

osg::utils

Manage OSG utils

Parameters

The following parameters are available in the osg::utils class:

packages

Data type: Array

Packages to install

Default value: [ 'globus-proxy-utils', 'osg-pki-tools', ]

osg::wn

Manage OSG worker node resources

Defined types

osg::lcmaps_voms::user

Manage lcmaps VOMs user

Parameters

The following parameters are available in the osg::lcmaps_voms::user defined type:

dn

Data type: Variant[Array, String]

DN of the user

user

Data type: String

Name of the user

Default value: $name

order

Data type: Integer

Order in the grid-mapfile

Default value: 50

osg::lcmaps_voms::vo

Manage lcmaps VOMs VO entry

Parameters

The following parameters are available in the osg::lcmaps_voms::vo defined type:

dn

Data type: Variant[Array, String]

DN of the VO

user

Data type: String

User name

Default value: $name

order

Data type: Integer

Order in voms-mapfile

Default value: 50

Resource types

osg_gip_config

This type writes values to /etc/osg/config.d/30-gip.ini

Properties

The following properties are available in the osg_gip_config type.

ensure

Valid values: present, absent

The basic property that the resource should be in.

Default value: present

value

The value to assign. A value of true is converted to the string True. A value of false is converted to the string False. All other values are converted to a string.

Parameters

The following parameters are available in the osg_gip_config type.

name

namevar

The name must be in the format of SECTION/SETTING

[GIP]
batch = slurm

The above would have the name GIP/batch.

provider

The specific backend to use for this osg_gip_config resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform.

osg_local_site_settings

This type writes values to /etc/osg/config.d/99-local-site-settings.ini.

Properties

The following properties are available in the osg_local_site_settings type.

ensure

Valid values: present, absent

The basic property that the resource should be in.

Default value: present

value

The value to assign. A value of true is converted to the string True. A value of false is converted to the string False. All other values are converted to a string.

Parameters

The following parameters are available in the osg_local_site_settings type.

name

namevar

The name must be in the format of SECTION/SETTING

[Squid]
location = squid.example.tld

The above would have the name Squid/location.

provider

The specific backend to use for this osg_local_site_settings resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform.