The Marionette Collective
This repository holds legacy code related to The Marionette Collective project. That project has been deprecated by Puppet Inc and the code donated to the Choria Project.
Please review the Choria Project Website and specifically the MCollective Deprecation Notice for further information and details about the future of the MCollective project.
The Marionette Collective aka. mcollective is a framework to build server orchestration or parallel job execution systems.
For documentation please see https://docs.puppet.com/mcollective
The documentation above details how MCollective works and many of its extension points.
To run spec tests
bundle install bundle exec rake test
To run acceptance tests, see [this][acceptance].
Setup ActiveMQ using acceptance config:
brew install activemq cp acceptance/files/activemq.* /usr/local/opt/activemq/libexec/conf activemq start
ActiveMQ can later by stopped with
activemq stop. ActiveMQ logs are located at
/usr/local/opt/activemq/libexec/data/activemq.log.
Setup MCollective with acceptance config:
mkdir -p ~/.puppetlabs/etc/mcollective/ssl-clients cp acceptance/files/client.* ~/.puppetlabs/etc/mcollective cp acceptance/files/server.* ~/.puppetlabs/etc/mcollective cp acceptance/files/ca_crt.pem ~/.puppetlabs/etc/mcollective cp acceptance/files/client.crt ~/.puppetlabs/etc/mcollective/ssl-clients/client.pem ln -s ~/.puppetlabs/etc/mcollective/client.cfg ~/.mcollective
Modify
client.cfgto work on the local machine: * Change the
ssl_server_public,
ssl_client_private,
ssl_client_publicpaths to point to
~/.puppetlabs/etc/mcollective/{server.crt,client.key,client.pem}. * Change the
activemq.pool.1.ssl.{ca,cert,key}paths to
~/.puppetlabs/etc/mcollective/{ca_crt.pem,client.crt,client.key}. Note that
~needs to be expanded to the full path. Also, that
client.pemdoesn't point to an actual file is intentional (I don't fully understand why).
Create
server.cfg, updating : ``` maincollective = mcollective collectives = mcollective loggertype = console loglevel = info daemonize = 0
securityprovider = ssl plugin.sslserverprivate = /Users//.puppetlabs/etc/mcollective/server.key plugin.sslserverpublic = /Users//.puppetlabs/etc/mcollective/server.crt plugin.sslclientcert_dir = /Users//.puppetlabs/etc/mcollective/ssl-clients
connector = activemq plugin.activemq.pool.size = 1 plugin.activemq.pool.1.host = activemq plugin.activemq.pool.1.port = 61613 plugin.activemq.pool.1.user = mcollective plugin.activemq.pool.1.password = marionette plugin.activemq.pool.1.ssl = true plugin.activemq.pool.1.ssl.ca = /Users//.puppetlabs/etc/mcollective/ca_crt.pem plugin.activemq.pool.1.ssl.cert = /Users//.puppetlabs/etc/mcollective/server.crt plugin.activemq.pool.1.ssl.key = /Users//.puppetlabs/etc/mcollective/server.key ```
The configuration above uses
activemqas the name of the ActiveMQ broker. MCollective will enforce that the SSL certificate presented by the server matches the name it's trying to connect to. To use the configuration above, traffic to
activemqmust be redirected to the local host. On most machines, that can be accomplished with
sudo echo "127.0.0.1 activemq" >> /etc/hosts
From the root of this repository, test the setup by running a server
RUBYLIB=lib bundle exec bin/mcollectived --config ~/.puppetlabs/etc/mcollective/server.cfgand client
RUBYLIB=lib bundle exec bin/mco ping
Note that it may be useful to change the
loglevelin
client.cfgto debug issues with
mco ping.
To enable specific plugins, you may need to set
libdirin
server.cfgand add plugin-specific configuration.