Muehlenhoff has submitted this change and it was merged.
Change subject: Provide override file for base::service_unit
......................................................................
Provide override file for base::service_unit
systemd implements a two-stage lookup for unit files:
/lib/systemd/system/foo.service is meant for distro-shipped units
and /etc/systemd/system/foo.service takes precedence over that.
base::service_unit writes puppet-generated systemd units to
/lib/systemd, because the "systemctl mask" command adds a symlink
to /dev/null in /etc/systemd, which fails if we have a puppet-generated
unit present. We need this functionality to allow service owners to
prevent services from starting without disabling puppet entirely.
On the other hand, this creates a problem for packages which ship
a systemd unit as part of their Debian package, but which we need
to customise. In particular HHVM: It ships a native hhvm.service
unit, but we're extending it heavily to apply site-specific resource
limits, restart behaviour and handling of environment variables.
That means that after an upgrade HHVM, is running with incorrect
settings until the next Puppet run.
This patch provides support for passing an override file to
base::service_unit; the settings made in override files amend /
extend the ones provided by the Debian package.
There are some notable gotchas for override files:
- Dependencies cannot be overridden
- To wipe an existing setting from a vendor file, it needs to be
reset in the override with a blank line, e.g
ExecStart=
ExecStart=/bin/foo --daemon
Change-Id: I101b5f817bc429d9c252e3b4c485bb3515b006e0
---
M modules/base/lib/puppet/parser/functions/pick_initscript.rb
M modules/base/manifests/service_unit.pp
2 files changed, 27 insertions(+), 6 deletions(-)
Approvals:
Giuseppe Lavagetto: Looks good to me, but someone else must approve
Muehlenhoff: Looks good to me, approved
jenkins-bot: Verified
diff --git a/modules/base/lib/puppet/parser/functions/pick_initscript.rb
b/modules/base/lib/puppet/parser/functions/pick_initscript.rb
index b433e39..02db052 100644
--- a/modules/base/lib/puppet/parser/functions/pick_initscript.rb
+++ b/modules/base/lib/puppet/parser/functions/pick_initscript.rb
@@ -2,18 +2,19 @@
Puppet::Parser::Functions.newfunction(:pick_initscript,
:type => :rvalue,
- :arity => 6,
+ :arity => 7,
:doc => <<-'HEREDOC'
Takes as an input the init system currently installed, the
available init scripts, and returns the chosen one.
HEREDOC
) do |vals|
- name, init_system, has_systemd, has_upstart, has_sysvinit, strict = vals
+ name, init_system, has_systemd, has_systemd_override, has_upstart,
has_sysvinit, strict = vals
has_custom = (has_systemd || has_upstart || has_sysvinit)
# if we don't have custom scripts, we use the system defaults
return false unless has_custom
case init_system
when 'systemd'
+ return 'systemd_override' if has_systemd_override
return 'systemd' if has_systemd
return 'sysvinit' if has_sysvinit
return false unless strict
diff --git a/modules/base/manifests/service_unit.pp
b/modules/base/manifests/service_unit.pp
index 1f21805..c60b8d9 100644
--- a/modules/base/manifests/service_unit.pp
+++ b/modules/base/manifests/service_unit.pp
@@ -26,6 +26,13 @@
# $module/initscripts/$template_name.systemd.erb for systemd (and
# similarly for other init systems)
#
+# [*systemd_override*]
+# Boolean - if enabled, make the resource use a systemd unit provided
+# by a Debian package, while applying an override file with site-
+# specific changes.
+# You are expected to place the override file in specific subdirectory of
+# the current module: $module/initscripts/$template_name.systemd_override.erb
+#
# [*upstart*]
# As the preceding param, but for upstart scripts
#
@@ -67,6 +74,7 @@
define base::service_unit (
$ensure = present,
$systemd = false,
+ $systemd_override = false,
$upstart = false,
$sysvinit = false,
$strict = true,
@@ -80,7 +88,7 @@
# Validates the service name, and picks the valid init script
$initscript = pick_initscript(
- $name, $::initsystem, $systemd, $upstart, $sysvinit, $strict)
+ $name, $::initsystem, $systemd, $systemd_override, $upstart,
$sysvinit, $strict)
# we assume init scripts are templated
if $initscript {
@@ -91,9 +99,10 @@
}
$path = $initscript ? {
- 'systemd' => "/lib/systemd/system/${name}.service",
- 'upstart' => "/etc/init/${name}.conf",
- default => "/etc/init.d/${name}"
+ 'systemd' => "/lib/systemd/system/${name}.service",
+ 'systemd_override' =>
"/etc/systemd/system/${name}.service.d/puppet-override.conf",
+ 'upstart' => "/etc/init/${name}.conf",
+ default => "/etc/init.d/${name}"
}
# systemd complains if unit files are executable
@@ -103,6 +112,17 @@
$i_mode = '0544'
}
+
+ if $systemd_override {
+ file { "/etc/systemd/system/${name}.service.d":
+ ensure => directory,
+ owner => 'root',
+ group => 'root',
+ mode => '0555',
+ before => File[$path]
+ }
+ }
+
file { $path:
ensure => $ensure,
content => template($template),
--
To view, visit https://gerrit.wikimedia.org/r/305635
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I101b5f817bc429d9c252e3b4c485bb3515b006e0
Gerrit-PatchSet: 6
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Muehlenhoff <mmuhlenh...@wikimedia.org>
Gerrit-Reviewer: Gehel <gleder...@wikimedia.org>
Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org>
Gerrit-Reviewer: Muehlenhoff <mmuhlenh...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
