Skip to content

Latest commit

 

History

History
419 lines (250 loc) · 9.62 KB

REFERENCE.md

File metadata and controls

419 lines (250 loc) · 9.62 KB

Reference

Table of Contents

Classes

Public Classes

  • etcd: This module manages etcd (https://etcd.io) It uses a package-based install, and does not download binaries from a release page.

Private Classes

  • etcd::auth: This class manages auth-related stuff
  • etcd::config: This class handles the etcd configuration file
  • etcd::install: This class handles the etcd installation using the operating system's package manager
  • etcd::service: This class manages the etcd systemd service
  • etcd::snapshot: This class manages a systemd timer to create snapshots

Resource types

  • etcd_role: @summary Manage an etcd role
  • etcd_role_permission: @summary Manage an etcd role permissions
  • etcd_user: @summary Manage etcd users. This resource does not manage user passwords, since etcd doesn't provide the necessary endpoints to do this clean

Functions

  • etcd::prefix_range_end: Calculates the range-end for a given prefix. Can be used for the range_end parameter of etcd_role_permission, to grant prefix.

Classes

etcd

This module manages etcd (https://etcd.io) It uses a package-based install, and does not download binaries from a release page.

Parameters

The following parameters are available in the etcd class:

package_names

Data type: Array[String]

A list of packages to install. Empty list will not install any packages. Default: ['etcd']

Default value: ['etcd']

config

Data type: Variant[Hash, String]

Either a hash or a string containing etcd's config. Hash will be converted to yaml, string will be expected to already be in yaml format and will be used as-is. Default: {name: $facts['networking']['fqdn'], data-dir: '/var/lib/etcd'}

Default value:

{
    'name'     => $facts['networking']['fqdn'],
    'data-dir' => '/var/lib/etcd',
  }
config_dir

Data type: Stdlib::Unixpath

Unixpath to the configuration directory Default: '/etc/etcd'

Default value: '/etc/etcd'

config_file

Data type: String

Filename of the configfile. Will be combined with $config_dir Default: 'config.yaml'

Default value: 'config.yaml'

manage_config_dir

Data type: Boolean

Wether to manage the config directory or not. Default: false if $config_dir is '/etc' else true

Default value: ($config_dir != '/etc'

purge_config_dir

Data type: Boolean

Wether to purge the config directory or not. Default: same as $manage_config_dir

Default value: $manage_config_dir

manage_service

Data type: Boolean

Wether to manage (run and enable) the service or not. Default: true

Default value: true

service_name

Data type: String

The name of the service Default: 'etcd'

Default value: 'etcd'

etcdctl_env

Data type: Hash[String, String]

Environment variables to use for etcdctl Also used for the custom providers Default: {}

Example for etcd with auth and TLS enabled:

{
  'ETCDCTL_INSECURE_TRANSPORT': 'false',
  'ETCDCTL_USER': 'root',
  'ETCDCTL_PASSWORD': 'Root123!',
}

Default value: {}

manage_etcdctl_profile

Data type: Boolean

Wether to manage /etc/profile.d/etcdctl.sh, containing the env vars from $etcdctl_env. Default: true

Default value: true

auth

Data type: Boolean

Enable/disable auth. Must add credentials to $etcdctl_env when enabled, to keep using types/providers. Default: false

Default value: false

roles

Data type: Hash[String, Hash]

etcd_role resources to create. Default: {}

Default value: {}

purge_roles

Data type: Boolean

Wether to purge unmanaged roles or not Default: true

Default value: true

role_permissions

Data type: Hash[String, Hash]

etcd_role_permission resources to create. Default: {}

Default value: {}

purge_role_permissions

Data type: Boolean

Wether to purge unmanaged role permissions or not Default: true

Default value: true

users

Data type: Hash[String, Hash]

etcd_user resources to create. Default: {}

Default value: {}

purge_users

Data type: Boolean

Wether to purge unmanaged users or not Default: true

Default value: true

snapshot

Data type: Boolean

Add systemd timer to create snapshots in $snapshot_path Default: false

Default value: false

snapshot_path

Data type: Stdlib::Unixpath

The path to save snapshots to, if $snapshot is enabled Default: /var/lib/etcd/snapshot.db

Default value: '/var/lib/etcd/snapshot.db'

snapshot_oncalendar

Data type: String

The systemd OnCalendar timestamp to run snapshotting Default: --* 00:00:00

Default value: '*-*-* 00:00:00'

Resource types

etcd_role

@summary Manage an etcd role

Properties

The following properties are available in the etcd_role type.

ensure

Valid values: present, absent

The basic property that the resource should be in.

Default value: present

Parameters

The following parameters are available in the etcd_role type.

name

namevar

The name of the role.

provider

The specific backend to use for this etcd_role resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform.

etcd_role_permission

@summary Manage an etcd role permissions

Properties

The following properties are available in the etcd_role_permission type.

ensure

Valid values: present, absent

The basic property that the resource should be in.

Default value: present

key

The key to grant permission on. (required)

permission

The permission type, must be one of (read|write|readwrite).

range_end

Optional range end to grant permission on. Use etcd::prefix_range_end($key) if you want to grant prefix.

role

The name of the role to grant to. (required)

Parameters

The following parameters are available in the etcd_role_permission type.

name

namevar

The name of the role permission. Must be of ${role}:${key} format.

provider

The specific backend to use for this etcd_role_permission resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform.

etcd_user

@summary Manage etcd users. This resource does not manage user passwords, since etcd doesn't provide the necessary endpoints to do this cleanly. Users will be created without password (aka: only cert auth allowed), and manually configured passwords will be ignored.

Properties

The following properties are available in the etcd_user type.

ensure

Valid values: present, absent

The basic property that the resource should be in.

Default value: present

roles

The list of roles to grant to the users.

Parameters

The following parameters are available in the etcd_user type.

name

namevar

The name of the user.

provider

The specific backend to use for this etcd_user resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform.

Functions

etcd::prefix_range_end

Type: Ruby 4.x API

Calculates the range-end for a given prefix. Can be used for the range_end parameter of etcd_role_permission, to grant prefix.

etcd::prefix_range_end(String $prefix)

The etcd::prefix_range_end function.

Returns: Any The range-end for the given prefix.

prefix

Data type: String

The prefix key to calculate the range-end for