Last active
January 4, 2017 23:41
-
-
Save acidprime/e29e1c44b446b115a6a46c5a3d1e7979 to your computer and use it in GitHub Desktop.
A simple script to enable JMX listener in Puppet Enterprise.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/opt/puppetlabs/puppet/bin/ruby | |
| require 'puppetclassify' | |
| require 'puppet' | |
| # Have puppet parse its config so we can call its settings | |
| Puppet.initialize_settings | |
| # Read classifier.yaml for split installation compatibility | |
| def load_classifier_config | |
| configfile = File.join Puppet.settings[:confdir], 'classifier.yaml' | |
| if File.exist?(configfile) | |
| classifier_yaml = YAML.load_file(configfile) | |
| classifier_yaml = classifier_yaml.first unless classifier_yaml.kind_of?(Hash) | |
| @classifier_url = "https://#{classifier_yaml['server']}:#{classifier_yaml['port']}/classifier-api" | |
| else | |
| Puppet.debug "Config file #{configfile} not found" | |
| puts "no config file! - wanted #{configfile}" | |
| exit 2 | |
| end | |
| end | |
| # Create classifier instance var | |
| # Uses the local hostcertificate for auth ( assume we are | |
| # running from master in whitelist entry of classifier ). | |
| def load_classifier() | |
| auth_info = { | |
| 'ca_certificate_path' => Puppet[:localcacert], | |
| 'certificate_path' => Puppet[:hostcert], | |
| 'private_key_path' => Puppet[:hostprivkey], | |
| } | |
| unless @classifier | |
| load_classifier_config | |
| @classifier = PuppetClassify.new(@classifier_url, auth_info) | |
| end | |
| end | |
| def add_java_args(java_args) | |
| puts "Adding JMX arguments to puppet_enterprise::profile::master" | |
| load_classifier | |
| groups = @classifier.groups | |
| pe_master = groups.get_groups.select { |group| group['name'] == 'PE Master'}.first | |
| classes = pe_master['classes'] | |
| puppet_enterprise_profile_master = classes['puppet_enterprise::profile::master'] | |
| java_args.merge(classes['puppet_enterprise::profile::master']['java_args']) if classes['puppet_enterprise::profile::master']['java_args'] | |
| puppet_enterprise_profile_master.update( | |
| puppet_enterprise_profile_master.merge( | |
| 'java_args' => java_args | |
| ) | |
| ) | |
| # I feel like this composition is overkill if this is truly a delta | |
| pe_master['classes']['puppet_enterprise::profile::master'] = puppet_enterprise_profile_master | |
| groups.update_group(pe_master) | |
| end | |
| def puppetserver_service(state) | |
| service = Puppet::Resource.new('service', 'pe-puppetserver', :parameters => { | |
| :ensure =>state, | |
| }) | |
| result, report = Puppet::Resource.indirection.save(service) | |
| puts result | |
| end | |
| load_classifier_config | |
| load_classifier | |
| @classifier.update_classes.update | |
| # update_group | |
| add_java_args({ | |
| "Dcom.sun.management.jmxremote=" => "true", | |
| "Dcom.sun.management.jmxremote.port=" => "9010", | |
| "Dcom.sun.management.jmxremote.authenticate=" => "false", | |
| "Dcom.sun.management.jmxremote.local.only=" => "false", | |
| "Dcom.sun.management.jmxremote.ssl=" => "false" | |
| }) | |
| system('/usr/local/bin/puppet agent -t') | |
| puppetserver_service('stopped') | |
| puppetserver_service('running') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment