puppet/clarified/manifests/init.pp

# Install Clarified Analyzer.
#
class clarified::analyzer {

    if ! $clarified_analyzer_package {
        if $clarified_analyzer_package_latest {
            $clarified_analyzer_package = $clarified_analyzer_package_latest
        } else {
            fail("Must define \$clarified_analyzer_package or \$clarified_analyzer_package_latest")
        }
    }

    file { "/usr/local/src/clarified-analyzer-linux.sh":
        ensure => present,
        mode   => "0755",
        owner  => "root",
        group  => "root",
        source => "puppet:///files/packages/${clarified_analyzer_package}",
        before => Exec["/usr/local/src/clarified-analyzer-linux.sh"],
    }
    exec { "rm -f /usr/local/clarified-analyzer":
        path        => "/bin:/usr/bin:/sbin:/usr/sbin",
        onlyif      => "test -h /usr/local/clarified-analyzer",
        subscribe   => File["/usr/local/src/clarified-analyzer-linux.sh"],
        before      => Exec["/usr/local/src/clarified-analyzer-linux.sh"],
        refreshonly => true,
    }
    exec { "/usr/local/src/clarified-analyzer-linux.sh":
        creates => "/usr/local/clarified-analyzer",
    }

}


# Install Clarified Recorder.
#
class clarified::recorder {

    if ! $clarified_recorder_package {
        if $clarified_recorder_package_latest {
            $clarified_recorder_package = $clarified_recorder_package_latest
        } else {
            fail("Must define \$clarified_recorder_package or \$clarified_recorder_package_latest")
        }
    }

    if $recorder_datadir {
        file { $recorder_datadir:
            ensure => directory,
            mode   => "0700",
            owner  => "root",
            group  => "root",
        }

        file { "/var/lib/recorder":
            ensure  => link,
            target  => $recorder_datadir,
            require => File[$recorder_datadir],
        }
    } else {
        file { "/var/lib/recorder":
            ensure => directory,
            mode   => "0700",
            owner  => "root",
            group  => "root",
        }
    }

    file { [ "/etc/clarified",
             "/etc/clarified/probe.d",
             "/etc/clarified/remote.d", ]:
        ensure => directory,
        mode   => "0644",
        owner  => "root",
        group  => "root",
        before => Exec["/usr/local/src/clarified-recorder-linux.sh"],
    }

    File["/etc/clarified/probe.d", "/etc/clarified/remote.d"] {
        purge   => true,
        force   => true,
        recurse => true,
        source  => "puppet:///modules/custom/empty",
    }

    file { "/usr/local/src/clarified-recorder-linux.sh":
        ensure => present,
        mode   => "0755",
        owner  => "root",
        group  => "root",
        source => "puppet:///files/packages/${clarified_recorder_package}",
        notify => Exec["rm -f /usr/local/probe"],
    }
    exec { "rm -f /usr/local/probe":
        path        => "/bin:/usr/bin:/sbin:/usr/sbin",
        onlyif      => "test -h /usr/local/probe",
        before      => Exec["/usr/local/src/clarified-recorder-linux.sh"],
        refreshonly => true,
    }
    exec { "/usr/local/src/clarified-recorder-linux.sh":
        creates => "/usr/local/probe",
    }

    exec { "clarified-functions":
        path        => "/bin:/usr/bin:/sbin:/usr/sbin",
        cwd         => "/usr/local/probe",
        command     => "sed s:@PREFIX@:/usr/local/probe: clarified-functions.in > /etc/clarified/clarified-functions",
        subscribe   => Exec["/usr/local/src/clarified-recorder-linux.sh"],
        before      => Service["clarified-probe"],
        refreshonly => true,
    }

    file { "/etc/init.d/clarified-probe":
        ensure  => present,
        mode    => "0755",
        owner   => "root",
        group   => "root",
        source  => "/usr/local/probe/probe-init.sh",
        require => Exec["/usr/local/src/clarified-recorder-linux.sh"],
        notify  => Exec["add-service-clarified-probe"],
    }
    exec { "add-service-clarified-probe":
        path        => "/bin:/usr/bin:/sbin:/usr/sbin",
        command     => $::operatingsystem ? {
            "debian" => "update-rc.d clarified-probe defaults",
            "ubuntu" => "update-rc.d clarified-probe defaults",
            default  => "chkconfig --add clarified-probe",
        },
        refreshonly => true,
        before      => Service["clarified-probe"],
    }

    service { "clarified-probe":
        enable => true,
    }

}


# Configure probe.
#
# === Parameters
#
#   $name:
#       Probe name.
#   $interface:
#       Capture interface. Defaults to probe name.
#   $snaplen:
#       Snaplen. Defaults to 65535.
#   $keeptime:
#       Amount of data to keep. Defaults to 100GB.
#   $blocksize:
#       Storage block size. Defaults to 1GB.
#   $filter:
#       Optional filter expression.
#   $remoteport:
#       Remote port. Defaults to 10000.
#   $collab:
#       List of collabs for authentication.
#   $probe:
#       Enable probe. Defaults to true.
#   $remote:
#       Enable remote. Defaults to true.
#
# === Sample usage
#
# clarified::probe { "eth0":
#     keeptime  => "500GB",
#     blocksize => "10GB",
#     filter    => "host 192.168.1.1",
#     collab    => [ "collabname:PageName" ],
# }
#
define clarified::probe(
    $interface=undef,
    $snaplen="65535",
    $keeptime="100GB",
    $blocksize="1GB",
    $filter="",
    $remoteport="10000",
    $collab=[],
    $probeopt="",
    $remoteopt="",
    $probe=true,
    $remote=true
) {

    Class["clarified::recorder"] -> Clarified::Probe[$name]

    if $interface {
        $interface_real = $interface
    } else {
        $interface_real = $name
    }

    file { "/var/lib/recorder/${name}":
        ensure => directory,
        mode   => "0700",
        owner  => "root",
        group  => "root",
    }

    file { "/etc/clarified/probe.d/${name}":
        ensure  => $probe ? {
            true  => present,
            false => absent,
        },
        mode    => "0755",
        owner   => "root",
        group   => "root",
        content => template("clarified/probe.erb"),
        require => File["/var/lib/recorder/${name}"],
        notify  => $probe ? {
            true  => Service["probe-${name}"],
            false => undef,
        },
    }

    service { "probe-${name}":
        ensure    => $probe ? {
            true  => running,
            false => stopped,
        },
        provider  => "base",
        start     => "/etc/clarified/probe.d/${name} start",
        restart   => "/etc/clarified/probe.d/${name} restart",
        stop      => "pkill -f /var/run/probe/${name}.pid",
        status    => "pgrep -f /var/run/probe/${name}.pid",
        subscribe => Exec["/usr/local/src/clarified-recorder-linux.sh"],
    }

    file { "/etc/clarified/remote.d/${name}":
        ensure  => $remote ? {
            true  => present,
            false => absent,
        },
        mode    => "0755",
        owner   => "root",
        group   => "root",
        content => template("clarified/remote.erb"),
        require => File["/var/lib/recorder/${name}"],
        notify  => $remote ? {
            true  => Service["remote-${name}"],
            false => undef,
        },
    }

    service { "remote-${name}":
        ensure    => $remote ? {
            true  => running,
            false => stopped,
        },
        provider  => "base",
        start     => "/etc/clarified/remote.d/${name} start",
        restart   => "/etc/clarified/remote.d/${name} restart",
        stop      => "pkill -f /var/run/remote/${name}.pid",
        status    => "pgrep -f /var/run/remote/${name}.pid",
        require   => Service["probe-${name}"],
        subscribe => Exec["/usr/local/src/clarified-recorder-linux.sh"],
    }

}