I've been trying to figure out which Riak resources would make sense to model using types and providers rather than managing config files. I've mocked up what some resources might look like. Do these look useful? Missing obvious things? Doing it wrong? These will basically wrap a bunch of riak-admin commands.
My goal would be to allow use of the puppet resource command line tool to use these to describe a running riak system and capture the current state in puppet, to facilitate puppetizing an existing manual install.
riak_node { $::fqdn:
ensure => 'join', # [ join | leave ]
replace => 'riak@oldnode.example.com',
autocommit => false, # commit plan change immediately?
plan_change_quorum => 3, # wait for 3 nodes to have staged plan changes before committing
max_plan_wait => 300, # how long to wait (in seconds) for the plan to be ready
join_target => 'riak@existing.example.com',
}
riak_user { 'example':
username => 'daniel', # defaults to resource name, this is just to show it can be different
groups => ['admins', 'developers'],
password => 'hunter2',
options => {
'name' => 'lucius',
'fav_color' => 'red',
},
permissions => {
bucket_type => '*',
bucket => '*',
grants => [ 'riak_kv.get', 'riak_kv.delete', 'riak_kv.put']
},
}
riak_group { 'admins':
name => 'admins',
permissions => {
type => '*',
bucket => '*',
grants => [ 'riak_kv.get', 'riak_kv.delete', 'riak_kv.put']
},
groups => 'everybody',
}
riak_security_source { 'localhost':
users => all,
type => 'trust',
cidr => '127.0.0.1/32',
options => []
}
riak_security_source { 'private network':
users => all,
type => 'password',
cidr => '10.0.0.0/24',
options => []
}
riak_security_source { 'WAN':
users => ['riakuser', 'daniel']
type => 'certificate',
cidr => '10.1.0.0/24',
options => []
}
riak_bucket_type {'n_equals_1':
ensure => 'activated',
props => {
'n_val' => '1',
'allow_mult' => true,
'precommit' => ["syntax_check"],
'postcommit' => ["welcome_email", "update_registry"]
},
max_propagation_wait => 30,
}
riak_cluster_settings { 'arbitrary cluster name':
ciphers => 'DHE-RSA-AES256-SHA:AES128-GCM-SHA256',
purge_users => true, # delete riak security users puppet didn't create? (false by default)
purge_groups => true, # delete riak security groups puppet didn't create? (false by default)
# probably more purge settings
# what other settings?
}
I've been trying to figure out which Riak resources would make sense to model using types and providers rather than managing config files. I've mocked up what some resources might look like. Do these look useful? Missing obvious things? Doing it wrong? These will basically wrap a bunch of riak-admin commands.
My goal would be to allow use of the
puppet resourcecommand line tool to use these to describe a running riak system and capture the current state in puppet, to facilitate puppetizing an existing manual install.