Version information
This version is compatible with:
- Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x
- Puppet >= 7.0.0 < 9.0.0
- , , , , ,
Tasks:
- maintenance
- nginx_stage
- announce
Start using this module
Add this module to your Puppetfile:
mod 'osc-openondemand', '7.1.0'
Learn more about managing modules with a PuppetfileDocumentation
puppet-module-openondemand
Table of Contents
- Overview
- Usage - Configuration options
- Reference - Parameter and detailed reference to all options
- Limitations - OS compatibility, etc.
Overview
Manage Open OnDemand installation and configuration.
Supported Versions of Open OnDemand
The following are the versions of this module and the supported versions of Open OnDemand:
- Module 7.x supports OnDemand 4.0 and 3.1
- Module 5.x and 6.x supports Open OnDemand 3.1 and 3.0
- Module 3.x and 4.x supports Open OnDemand 3.0
- Module 2.x supports Open OnDemand 2.x
- Module 1.x supports Open OnDemand 1.18.x
- Module <= 0.12.0 supports Open OnDemand <= 1.7
Usage
All configuration can be done through the openondemand
class. Example configurations will be done in Hiera format.
include openondemand
Install specific versions of OnDemand from 3.1 repo with OpenID Connect support.
openondemand::repo_release: '3.1'
openondemand::ondemand_package_ensure: "3.1.0-1.el9"
openondemand::mod_auth_openidc_ensure: "3.4.5-1.el9"
Configure OnDemand SSL certs
openondemand::servername: ondemand.osc.edu
openondemand::ssl:
- "SSLCertificateFile /etc/pki/tls/certs/%{lookup('openondemand::servername')}.crt"
- "SSLCertificateKeyFile /etc/pki/tls/private/%{lookup('openondemand::servername')}.key"
- "SSLCertificateChainFile /etc/pki/tls/certs/%{lookup('openondemand::servername')}-interm.crt"
If you already declare the apache class you may wish to only include apache in this module:
openondemand::declare_apache: false
apache::default_vhost: false
Add support for interactive apps
openondemand::host_regex: '[\w.-]+\.osc\.edu'
openondemand::node_uri: '/node'
openondemand::rnode_uri: '/rnode'
Setup OnDemand to use default Dex authentication against LDAP.
openondemand::servername: ondemand.example.org
openondemand::auth_type: dex
openondemand::dex_config:
connectors:
- type: ldap
id: ldap
name: LDAP
config:
host: ldap.example.org:636
insecureSkipVerify: true
bindDN: cn=admin,dc=example,dc=org
bindPW: admin
userSearch:
baseDN: ou=People,dc=example,dc=org
filter: "(objectClass=posixAccount)"
username: uid
idAttr: uid
emailAttr: mail
nameAttr: gecos
preferredUsernameAttr: uid
groupSearch:
baseDN: ou=Groups,dc=example,dc=org
filter: "(objectClass=posixGroup)"
userMatchers:
- userAttr: DN
groupAttr: member
nameAttr: cn
Setup OnDemand to authenticate with OpenID Connect system, in these examples the IdP is Keycloak.
openondemand::servername: ondemand.osc.edu
openondemand::auth_type: 'openid-connect'
openondemand::auth_configs:
- 'Require valid-user'
openondemand::user_map_match: '.*'
openondemand::logout_redirect: "/oidc?logout=https%3A%2F%2F%{lookup('openondemand::servername')}"
openondemand::oidc_uri: '/oidc'
openondemand::oidc_provider_metadata_url: 'https://idp.osc.edu/auth/realms/osc/.well-known/openid-configuration'
openondemand::oidc_scope: 'openid profile email groups'
openondemand::oidc_client_id: ondemand.osc.edu
openondemand::oidc_client_secret: 'SUPERSECRET'
openondemand::oidc_settings:
OIDCPassIDTokenAs: 'serialized'
OIDCPassRefreshToken: 'On'
OIDCPassClaimsAs: environment
OIDCStripCookies: 'mod_auth_openidc_session mod_auth_openidc_session_chunks mod_auth_openidc_session_0 mod_auth_openidc_session_1'
Configure OnDemand via git repo that contains app configs, locales, public, and annoucement files
openondemand::servername: ondemand.osc.edu
openondemand::apps_config_repo: https://github.com/OSC/osc-ood-config.git
openondemand::apps_config_revision: v30
openondemand::apps_config_repo_path: "%{lookup('openondemand::servername')}/apps"
openondemand::locales_config_repo_path: "%{lookup('openondemand::servername')}/locales"
openondemand::public_files_repo_paths:
- "%{lookup('openondemand::servername')}/public/logo.png"
- "%{lookup('openondemand::servername')}/public/favicon.ico"
openondemand::announcements_config_repo_path: "%{lookup('openondemand::servername')}/announcements"
Define a SLURM cluster:
openondemand::clusters:
pitzer-exp:
cluster_title: 'Pitzer Expansion'
url: https://www.osc.edu/supercomputing/computing/pitzer
acls:
- adapter: group
groups:
- oscall
type: whitelist
login_host: pitzer-exp.osc.edu
job_adapter: slurm
job_host: pitzer-slurm01.ten.osc.edu
job_cluster: pitzer
job_bin: /usr/bin
job_lib: /usr/lib64
job_conf: /etc/slurm/slurm.conf
Define a Torque cluster. The following example is based on a cluster at OSC using Torque
openondemand::clusters:
owens:
cluster_title: 'Owens'
url: 'https://www.osc.edu/supercomputing/computing/owens'
login_host: 'owens.osc.edu'
job_adapter: torque
job_host: 'owens-batch.ten.osc.edu'
job_bin: /opt/torque/bin
job_lib: /opt/torque/lib64
job_version: '6.0.1'
batch_connect:
basic:
script_wrapper: |
module restore
%s
vnc:
script_wrapper: |
module restore
module load ondemand-vnc
%s
Define a Linux Host Adapter cluster:
openondemand::clusters:
pitzer-login:
cluster_title: 'Pitzer Login'
url: https://www.osc.edu/supercomputing/computing/pitzer
hidden: true
job_adapter: linux_host
job_submit_host: pitzer.osc.edu
job_ssh_hosts:
- pitzer-login01.hpc.osc.edu
- pitzer-login02.hpc.osc.edu
- pitzer-login03.hpc.osc.edu
job_site_timeout: 7200
job_debug: true
job_singularity_bin: /usr/bin/singularity
job_singularity_bindpath: /etc,/media,/mnt,/run,/srv,/usr,/var,/users,/opt
job_singularity_image: /path/to/custom/image.sif
job_strict_host_checking: false
job_tmux_bin: /usr/bin/tmux
batch_connect:
vnc:
script_wrapper: |
module restore
module load ondemand-vnc
%s
Define a Kubernetes cluster:
openondemand::clusters:
kubernetes:
cluster_title: Kubernetes
hidden: true
job_adapter: kubernetes
job_bin: /usr/local/bin/kubectl
job_cluster: ood-prod
job_username_prefix: prod
job_namespace_prefix: 'user-'
job_server:
endpoint: "https://k8controler.example.com:6443"
cert_authority_file: /etc/pki/tls/kubernetes-ca.crt
job_mounts:
- name: home
destination_path: /users
path: /users
host_type: Directory
type: host
job_auth:
type: oidc
Add XDMoD support
Ensure the cluster definition has xdmod_resource_id
set to resource_id
of the cluster in XDMoD. Also must do something like the following to set the appropriate environment variable:
openondemand::nginx_stage_pun_custom_env:
OOD_XDMOD_HOST: http://xdmod.osc.edu
Add Support Ticket configuration:
openondemand::confs:
support_ticket:
data:
support_ticket:
email:
from: noreply@example.com
to: support@example.com
The above example will create /etc/ood/config/ondemand.d/support_ticket.yml
with the YAML defined in data
parameter.
Install additional apps of specific versions as well as hide some apps
openondemand::install_apps:
bc_osc_rstudio_server:
ensure: "0.8.2-1.el7"
bc_desktop:
mode: '0700'
Install additional apps from Git repos:
openondemand::install_apps:
bc_osc_rstudio_server:
ensure: latest
git_repo: https://github.com/OSC/bc_osc_rstudio_server.git
bc_osc_jupyter:
ensure: present
git_repo: https://github.com/OSC/bc_osc_jupyter
git_revision: v0.20.0
Install additional apps from Puppet sources:
openondemand::install_apps:
bc_osc_rstudio_server:
source: puppet:///modules/profile/bc_osc_rstudio_server
Add usr apps with a default group
openondemand::usr_app_defaults:
group: staff
openondemand::usr_apps:
user1:
gateway_src: /home/user1/ondemand/share
user2:
group: faculty
gateway_src: /home/user2/ondemand/share
Add dev app users
openondemand::dev_app_users:
- user1
- user2
Define some pinned apps and dashboard layout:
openondemand::pinned_apps:
- 'usr/*'
- 'sys/jupyter'
- type: dev
category: system
openondemand::pinned_apps_menu_length: 10
openondemand::pinned_apps_group_by: category
openondemand::dashboard_layout:
rows:
- columns:
- width: 8
widgets:
- pinned_apps
- motd
- width: 4
widgets:
- xdmod_widget_job_efficiency
- xdmod_widget_jobs
Define some configurations for /etc/ood/config/ondemand.d
.
This will generate /etc/ood/config/ondemand.d/pinned_apps.yml.erb
based on the source file as well as
/etc/ood/config/ondemand.d/dashboard_layout.yml
from a template file. The example for foobar
will generate the YAML file using data defined in Hiera.
openondemand::confs:
pinned_apps:
source: 'puppet:///modules/profile/openondemand/pinned_apps.yml.erb'
template: true
dashboard_layout:
content_template: 'profile/openondemand/dashboard_layout.yml.erb'
foobar:
data:
...hash of configuration data here...
Reference
http://osc.github.io/puppet-module-openondemand/
Limitations
This module has been tested on:
- RedHat/CentOS 7 x86_64
- RedHat/Rocky Linux/Alma Linux 8
- RedHat/Rocky Linux/Alma Linux 9
- Amazon Linux 2023
- Ubuntu 20.04
- Ubuntu 22.04
- Debian 12
Reference
Table of Contents
Classes
Public Classes
openondemand
: Manage Open OnDemand
Private Classes
openondemand::apache
: Manage Open OnDemand Apacheopenondemand::config
: Manage Open OnDemand configsopenondemand::install
: Manage Open OnDemand installopenondemand::repo::apt
: Manage Open OnDemand APT reposopenondemand::repo::rpm
: Manage Open OnDemand RPM reposopenondemand::service
: Manage Open OnDemand service
Defined types
openondemand::app::dev
: Manage Open OnDemand dev appopenondemand::app::usr
: Manage Open OnDemand user appopenondemand::cluster
: Manage Open OnDemand cluster definitionopenondemand::conf
: Manage Open OnDemand configuration file in /etc/ood/config/ondemand.dopenondemand::install::app
: Manage Open OnDemand app
Data types
Openondemand::Acl
: OnDemand cluster ACLOpenondemand::Batch_connect
: Defines cluster config batch_connect valuesOpenondemand::Dashboard_layout
: Dashboard layoutOpenondemand::Dashboard_layout_column
: Dashboard layout columnOpenondemand::Dex_config
: ondemand-dex configOpenondemand::K8_auth
: OnDemand cluster Kubernetes authOpenondemand::K8_mount
: OnDemand cluster Kubernetes mountOpenondemand::K8_server
: OnDemand cluster Kubernetes mountOpenondemand::Nginx_stage_namespace_config
: nginx_stage.yml namespace_config
Tasks
announce
: Install Open OnDemand announcement filemaintenance
: Put OnDemand into maintenance modenginx_stage
: Run nginx_stage commands
Classes
openondemand
Manage Open OnDemand
Parameters
The following parameters are available in the openondemand
class:
repo_release
repo_baseurl_prefix
repo_gpgkey
repo_gpgcheck
repo_repogpgcheck
repo_proxy
repo_priority
repo_module_hotfixes
repo_exclude
manage_dependency_repos
manage_epel
repo_nightly
selinux
ondemand_package_ensure
ondemand_dex_package_ensure
mod_auth_openidc_ensure
install_apps
declare_apache
apache_user
generator_insecure
listen_addr_port
servername
server_aliases
ssl
disable_logs
logroot
use_rewrites
http_redirect_host
use_maintenance
maintenance_ip_allowlist
maintenance_source
maintenance_content
maintenance_enabled
security_csp_frame_ancestors
security_strict_transport
lua_root
lua_log_level
user_map_match
user_map_cmd
user_env
map_fail_uri
auth_type
auth_configs
custom_vhost_directives
custom_location_directives
root_uri
analytics
public_uri
public_root
logout_uri
logout_redirect
host_regex
node_uri
rnode_uri
nginx_uri
pun_uri
pun_socket_root
pun_max_retries
pun_pre_hook_root_cmd
pun_pre_hook_exports
oidc_uri
oidc_discover_uri
oidc_discover_root
register_uri
register_root
oidc_provider_metadata_url
oidc_client_id
oidc_client_secret
oidc_remote_user_claim
oidc_scope
oidc_crypto_passphrase
oidc_session_inactivity_timeout
oidc_session_max_duration
oidc_state_max_number_of_cookies
oidc_settings
dex_uri
dex_config
web_directory
nginx_log_group
nginx_stage_clean_cron_schedule
nginx_stage_ondemand_portal
nginx_stage_ondemand_title
nginx_stage_pun_custom_env
nginx_stage_app_root
nginx_stage_app_request_regex
nginx_stage_min_uid
nginx_stage_passenger_pool_idle_time
nginx_stage_passenger_options
nginx_stage_nginx_file_upload_max
nginx_stage_configs
config_dir_purge
config_source
config_content
confs
pinned_apps
pinned_apps_menu_length
pinned_apps_group_by
dashboard_layout
hook_env
hook_env_path
hook_env_config
kubectl_path
clusters
clusters_hiera_merge
usr_apps
usr_app_defaults
dev_apps
dev_app_users
dev_app_defaults
apps_config_repo
apps_config_revision
apps_config_repo_path
locales_config_repo_path
announcements_config_repo_path
apps_config_source
locales_config_source
announcements_config_source
public_files_repo_paths
public_files_source_paths
manage_logrotate
repo_release
Data type: String
The release of OnDemand repo
Default value: '4.0'
repo_baseurl_prefix
Data type: Variant[Stdlib::HTTPSUrl, Stdlib::HTTPUrl]
The baseurl prefix for OnDemand repo
Default value: 'https://yum.osc.edu/ondemand'
repo_gpgkey
Data type: Variant[Stdlib::HTTPSUrl, Stdlib::HTTPUrl, Stdlib::Absolutepath]
The URL for OnDemand repo GPG key
Default value: 'https://yum.osc.edu/ondemand/RPM-GPG-KEY-ondemand-SHA512'
repo_gpgcheck
Data type: Variant[Boolean, Enum['1','0', 'yes', 'no']]
Boolean to enable or disable the GPG check for the OnDemand repo. Defaults to enabled
Default value: '1'
repo_repogpgcheck
Data type: Variant[Boolean, Enum['1','0', 'yes', 'no']]
Boolean to enable or disable the repo GPG check for the OnDemand repo. Defaults to enabled
Default value: '1'
repo_proxy
Data type: Optional[String[1]]
The URL for proxy for OnDemand repo
Default value: undef
repo_priority
Data type: Integer[1,99]
The priority of the OnDemand repo
Default value: 99
repo_module_hotfixes
Data type: Optional[Boolean]
The module_hotfixes of the OnDemand repo
Default value: undef
repo_exclude
Data type: String
Exclusion for OnDemand repo
Default value: 'absent'
manage_dependency_repos
Data type: Boolean
Boolean that determines if managing repos for package dependencies
Default value: true
manage_epel
Data type: Boolean
Boolean that determines if managing EPEL repo
Default value: true
repo_nightly
Data type: Boolean
Add the OnDemand nightly repo
Default value: false
selinux
Data type: Boolean
Boolean that determines if adding SELinux support
Default value: false
ondemand_package_ensure
Data type: String
ondemand package ensure
Default value: 'present'
ondemand_dex_package_ensure
Data type: String
ondemand-dex package ensure
Default value: 'present'
mod_auth_openidc_ensure
Data type: String
mod_auth_openidc package ensure
Default value: 'present'
install_apps
Data type: Hash
Hash of apps to install, passed to ondemand::install::app
Default value: {}
declare_apache
Data type: Boolean
Boolean that determines if apache is declared or included
Default value: true
apache_user
Data type: String[1]
Name of the Apache user
Default value: 'apache'
generator_insecure
Data type: Boolean
Run ood-portal-generator with --insecure flag This is needed if you wish to use default ood@localhost user or other local users
Default value: false
listen_addr_port
Data type: Variant[Array, String, Undef]
ood_portal.yml listen_addr_port
Default value: undef
servername
Data type: Optional[String]
ood_portal.yml servername
Default value: undef
server_aliases
Data type: Optional[Array]
ood_porta.yml server_aliases
Default value: undef
ssl
Data type: Optional[Array]
ood_portal.yml ssl
Default value: undef
disable_logs
Data type: Boolean
ood_portal.yml disable_logs
Default value: false
logroot
Data type: String
ood_portal.yml logroot
Default value: 'logs'
use_rewrites
Data type: Boolean
ood_portal.yml use_rewrites
Default value: true
http_redirect_host
Data type: String
ood_portal.yml http_redirect_host
Default value: '%{HTTP_HOST}'
use_maintenance
Data type: Boolean
ood_portal.yml use_maintenance
Default value: true
maintenance_ip_allowlist
Data type: Array
ood_portal.yml maintenance_ip_allowlist
Default value: []
maintenance_source
Data type: Optional[String]
Source for maintenance index.html
Default value: undef
maintenance_content
Data type: Optional[String]
Content for maintenance index.html
Default value: undef
maintenance_enabled
Data type: Optional[Boolean]
Enable maintenance mode in OOD
Default value: undef
security_csp_frame_ancestors
Data type: Optional[Variant[String, Boolean]]
ood_portal.yml security_csp_frame_ancestors
Default value: undef
security_strict_transport
Data type: Boolean
ood_portal.yml security_strict_transport
Default value: true
lua_root
Data type: String
ood_portal.yml lua_root
Default value: '/opt/ood/mod_ood_proxy/lib'
lua_log_level
Data type: Optional[String]
ood_portal.yml lua_log_level
Default value: undef
user_map_match
Data type: String
ood_portal.yml user_map_match
Default value: '.*'
user_map_cmd
Data type: Optional[String]
ood_portal.yml user_map_cmd
Default value: undef
user_env
Data type: Optional[String]
ood_portal.yml user_env
Default value: undef
map_fail_uri
Data type: Optional[String]
ood_portal.yml map_fail_uri
Default value: undef
auth_type
Data type: Variant[Enum['CAS', 'openid-connect', 'shibboleth', 'dex'], String[1]]
ood_portal.yml auth_type
Default value: 'dex'
auth_configs
Data type: Optional[Array]
ood_portal.yml auth_configs
Default value: undef
custom_vhost_directives
Data type: Array
ood_portal.yml custom_vhost_directives
Default value: []
custom_location_directives
Data type: Array
ood_portal.yml custom_location_directives
Default value: []
root_uri
Data type: String
ood_portal.yml root_uri
Default value: '/pun/sys/dashboard'
analytics
Data type: Optional[Struct[{ url => String, id => String }]]
ood_portal.yml analytics
Default value: undef
public_uri
Data type: String
ood_portal.yml public_uri
Default value: '/public'
public_root
Data type: String
ood_portal.yml public_root
Default value: '/var/www/ood/public'
logout_uri
Data type: Variant[String[1], Undef]
ood_portal.yml logout_uri
Default value: '/logout'
logout_redirect
Data type: Variant[String[1], Undef]
ood_portal.yml logout_redirect
Default value: '/pun/sys/dashboard/logout'
host_regex
Data type: String
ood_portal.yml host_regex
Default value: '[^/]+'
node_uri
Data type: Optional[String]
ood_portal.yml node_uri
Default value: undef
rnode_uri
Data type: Optional[String]
ood_portal.yml rnode_uri
Default value: undef
nginx_uri
Data type: String
ood_portal.yml nginx_uri
Default value: '/nginx'
pun_uri
Data type: String
ood_portal.yml pun_uri
Default value: '/pun'
pun_socket_root
Data type: String
ood_portal.yml pun_socket_root
Default value: '/var/run/ondemand-nginx'
pun_max_retries
Data type: Integer
ood_portal.yml pun_max_retries
Default value: 5
pun_pre_hook_root_cmd
Data type: Optional[Stdlib::Absolutepath]
ood_portal.yml pun_pre_hook_root_cmd
Default value: undef
pun_pre_hook_exports
Data type: Optional[String]
ood_porta.yml pun_pre_hook_exports
Default value: undef
oidc_uri
Data type: Optional[String]
ood_portal.yml oidc_uri
Default value: undef
oidc_discover_uri
Data type: Optional[String]
ood_portal.yml oidc_discover_uri
Default value: undef
oidc_discover_root
Data type: Optional[String]
ood_portal.yml oidc_discover_root
Default value: undef
register_uri
Data type: Optional[String]
ood_portal.yml register_uri
Default value: undef
register_root
Data type: Optional[String]
ood_portal.yml register_root
Default value: undef
oidc_provider_metadata_url
Data type: Optional[String]
OIDC metadata URL
Default value: undef
oidc_client_id
Data type: Optional[String]
OIDC client ID
Default value: undef
oidc_client_secret
Data type: Optional[String]
OIDC client secret
Default value: undef
oidc_remote_user_claim
Data type: String
OIDC REMOTE_USER claim
Default value: 'preferred_username'
oidc_scope
Data type: String
OIDC scopes
Default value: 'openid profile email'
oidc_crypto_passphrase
Data type: Optional[String]
OIDC crypto passphrase
Default value: undef
oidc_session_inactivity_timeout
Data type: Integer
OIDC session inactivity timeout, see OIDCSessionInactivityTimeout
Default value: 28800
oidc_session_max_duration
Data type: Integer
OIDC session max duration, see OIDCSessionMaxDuration
Default value: 28800
oidc_state_max_number_of_cookies
Data type: String
OIDC setting that determines how to clean up cookies
Default value: '10 true'
oidc_settings
Data type: Hash
Hash of OIDC settings passsed directly to Apache config
Default value: {}
dex_uri
Data type: Variant[String[1],Boolean]
Dex URI if put behind Apache reverse proxy
Default value: '/dex'
dex_config
Data type: Openondemand::Dex_config
Dex configuration Hash
Default value: {}
web_directory
Data type: Stdlib::Absolutepath
Path to main web directory for OnDemand
Default value: '/var/www/ood'
nginx_log_group
Data type: String
Group to set for /var/log/ondemand-nginx
Default value: 'ondemand-nginx'
nginx_stage_clean_cron_schedule
Data type: String
Configure how often you want to run nginx_clean Defaults to '0 /2 * *' (every other hour)
Default value: '0 */2 * * *'
nginx_stage_ondemand_portal
Data type: String
nginx_stage.yml ondemand_portal
Default value: 'ondemand'
nginx_stage_ondemand_title
Data type: Optional[String]
nginx_stage.yml ondemand_title
Default value: undef
nginx_stage_pun_custom_env
Data type: Hash
nginx_stage.yml pun_custom_env
Default value: {}
nginx_stage_app_root
Data type: Openondemand::Nginx_stage_namespace_config
nginx_stage.yml app_root
Default value: {}
nginx_stage_app_request_regex
Data type: Optional[Openondemand::Nginx_stage_namespace_config]
nginx_stage.yml app_request_regex
Default value: undef
nginx_stage_min_uid
Data type: Integer
nginx_stage.yml min_uid
Default value: 1000
nginx_stage_passenger_pool_idle_time
Data type: Integer
nginx_stage.yml passenger_pool_idle_time
Default value: 300
nginx_stage_passenger_options
Data type: Hash[Pattern[/^passenger_.+/], Variant[String, Integer]]
nginx_stage.yml passenger_options
Default value: {}
nginx_stage_nginx_file_upload_max
Data type: Optional[Integer]
nginx_stage.yml nginx_file_upload_max
Default value: undef
nginx_stage_configs
Data type: Hash
nginx_stage.yml extra configuration options
Default value: {}
config_dir_purge
Data type: Boolean
Boolean that sets if ondemand.d should be purged of unmanaged files
Default value: true
config_source
Data type: Optional[String]
The source for /etc/ood/config/ondemand.d/ondemand.yml
Overrides config_content
as well as pinned apps and dashboard layout parameters
Default value: undef
config_content
Data type: Optional[String]
The content for /etc/ood/config/ondemand.d/ondemand.yml Overrides pinned apps and dashboard layout parameters
Default value: undef
confs
Data type: Hash
Hash to define openondemand::conf resources
Default value: {}
pinned_apps
Data type: Optional[Array[Variant[String[1], Hash]]]
Defines the OnDemand configuration for pinned_apps
Default value: undef
pinned_apps_menu_length
Data type: Optional[Integer]
Defines the OnDemand configuration for pinned_apps_menu_length
Default value: undef
pinned_apps_group_by
Data type: Optional[String[1]]
Defines the OnDemand configuration for pinned_apps_group_by
Default value: undef
dashboard_layout
Data type: Optional[Openondemand::Dashboard_layout]
Defines the OnDemand configuration for dashboard_layout
Default value: undef
hook_env
Data type: Boolean
Boolean that sets of hook.env configuration should be managed
Default value: true
hook_env_path
Data type: Stdlib::Absolutepath
Path to hook.env
Default value: '/etc/ood/config/hook.env'
hook_env_config
Data type: Hash
Configuration hash to pass into hook.env
Default value: {}
kubectl_path
Data type: Stdlib::Absolutepath
Path to kubectl
Default value: '/bin/kubectl'
clusters
Data type: Hash
Hash of resources to apss to openondemand::cluster
Default value: {}
clusters_hiera_merge
Data type: Boolean
Boolean that determines if clusters should be merged via lookup function
Default value: true
usr_apps
Data type: Variant[Array, Hash]
Resources passed to openondemand::app::usr
Default value: {}
usr_app_defaults
Data type: Hash
Defaults for usr_apps
resources
Default value: {}
dev_apps
Data type: Hash
Resources passed to openondemand::app::dev
Default value: {}
dev_app_users
Data type: Array
Users to define as having dev apps, passed to openondemand::app::dev
Default value: []
dev_app_defaults
Data type: Hash
Defaults for dev_apps
and dev_app_users
Default value: {}
apps_config_repo
Data type: Optional[String]
Git repo URL for apps config
Default value: undef
apps_config_revision
Data type: Optional[String]
Revision for apps config Git repo
Default value: undef
apps_config_repo_path
Data type: String
Path in apps config Git repo for app configs
Default value: ''
locales_config_repo_path
Data type: Optional[String]
Path in apps config Git repo for locales configs
Default value: undef
announcements_config_repo_path
Data type: Optional[String]
Path in apps config Git repo for announcements
Default value: undef
apps_config_source
Data type: Optional[String]
Source for apps config, not used if apps_config_repo
is defined
Default value: undef
locales_config_source
Data type: Optional[String]
Source for locales config, not used if apps_config_repo
is defined
Default value: undef
announcements_config_source
Data type: Optional[String]
Source for aouncements config, not used if apps_config_repo
is defined
Default value: undef
public_files_repo_paths
Data type: Array
Path to public files in apps config Git repo
Default value: []
public_files_source_paths
Data type: Array
Path to the source for public files
Default value: []
manage_logrotate
Data type: Boolean
Boolean that allows disabling management of logrotate
Default value: true
Defined types
openondemand::app::dev
Manage Open OnDemand dev app
Examples
openondemand::app::dev { 'user1': }
Parameters
The following parameters are available in the openondemand::app::dev
defined type:
ensure
Data type: Enum['present','absent']
Default value: 'present'
mode
Data type: Stdlib::Filemode
File mode of dev app
Default value: '0755'
owner
Data type: String
Owner of dev app
Default value: 'root'
group
Data type: String
Group owning dev app
Default value: 'root'
home_subdir
Data type: String
The subdirectory under user's home for dev app
Not used if gateway_src
is defined
Default value: 'ondemand/dev'
gateway_src
Data type: Optional[Stdlib::Absolutepath]
The path to dev app, overrides home_subdir
Default value: undef
openondemand::app::usr
Manage Open OnDemand user app
Examples
openondemand::app::usr { 'user1':
gateway_src => '/home/user1/ondemand/usr',
}
Parameters
The following parameters are available in the openondemand::app::usr
defined type:
gateway_src
Data type: Stdlib::Absolutepath
Path to source of user's apps
ensure
Data type: Enum['present','absent']
Default value: 'present'
mode
Data type: Stdlib::Filemode
The file mode for shared apps
Default value: '0750'
owner
Data type: String
The file owner of shared apps
Default value: 'root'
group
Data type: String
The file group owner of shared apps
Default value: 'root'
openondemand::cluster
Manage Open OnDemand cluster definition
Parameters
The following parameters are available in the openondemand::cluster
defined type:
cluster_title
owner
group
mode
url
hidden
acls
login_host
job_adapter
job_cluster
job_host
job_lib
job_libdir
job_bin
job_bindir
job_conf
job_envdir
job_serverdir
job_exec
sge_root
libdrmaa_path
job_version
job_bin_overrides
job_submit_host
job_ssh_hosts
job_site_timeout
job_debug
job_singularity_bin
job_singularity_bindpath
job_singularity_image
job_strict_host_checking
job_tmux_bin
job_config_file
job_username_prefix
job_namespace_prefix
job_all_namespaces
job_auto_supplemental_groups
job_server
job_mounts
job_auth
scheduler_type
scheduler_host
scheduler_bin
scheduler_version
scheduler_params
rsv_query_acls
ganglia_host
ganglia_scheme
ganglia_segments
ganglia_req_query
ganglia_opt_query
ganglia_version
grafana_host
grafana_org_id
grafana_theme
grafana_dashboard_name
grafana_dashboard_uid
grafana_dashboard_panels
grafana_labels
grafana_cluster_override
xdmod_resource_id
custom_config
batch_connect
source
cluster_title
Data type: String
Default value: $name
owner
Data type: String
Owner of the cluster YAML file
Default value: 'root'
group
Data type: String
Group of the cluster YAML file
Default value: 'root'
mode
Data type: Stdlib::Filemode
Ownership mode of the cluster YAML file
Default value: '0644'
url
Data type: Optional[Variant[Stdlib::HTTPSUrl, Stdlib::HTTPUrl]]
Default value: undef
hidden
Data type: Boolean
Default value: false
acls
Data type: Optional[Array[Openondemand::Acl]]
Default value: undef
login_host
Data type: Optional[Stdlib::Host]
Default value: undef
job_adapter
Data type: Optional[Enum['torque','slurm','lsf','pbspro','sge','linux_host','kubernetes']]
Default value: undef
job_cluster
Data type: Optional[String]
Default value: undef
job_host
Data type: Optional[Stdlib::Host]
Default value: undef
job_lib
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
job_libdir
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
job_bin
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
job_bindir
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
job_conf
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
job_envdir
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
job_serverdir
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
job_exec
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
sge_root
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
libdrmaa_path
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
job_version
Data type: Optional[String]
Default value: undef
job_bin_overrides
Data type: Optional[Hash[String, Stdlib::Absolutepath]]
Default value: undef
job_submit_host
Data type: Optional[Stdlib::Host]
Default value: undef
job_ssh_hosts
Data type: Optional[Array[Stdlib::Host]]
Default value: undef
job_site_timeout
Data type: Optional[Integer]
Default value: undef
job_debug
Data type: Optional[Boolean]
Default value: undef
job_singularity_bin
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
job_singularity_bindpath
Data type: Optional[Variant[Array[Stdlib::Absolutepath], String]]
Default value: undef
job_singularity_image
Data type: Optional[String]
Default value: undef
job_strict_host_checking
Data type: Optional[Boolean]
Default value: undef
job_tmux_bin
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
job_config_file
Data type: Optional[String[1]]
Default value: undef
job_username_prefix
Data type: Optional[String]
Default value: undef
job_namespace_prefix
Data type: Optional[String]
Default value: undef
job_all_namespaces
Data type: Boolean
Default value: false
job_auto_supplemental_groups
Data type: Boolean
Default value: false
job_server
Data type: Optional[Openondemand::K8_server]
Default value: undef
job_mounts
Data type: Optional[Array[Openondemand::K8_mount]]
Default value: undef
job_auth
Data type: Optional[Openondemand::K8_auth]
Default value: undef
scheduler_type
Data type: Optional[Enum['moab']]
Default value: undef
scheduler_host
Data type: Optional[Stdlib::Host]
Default value: undef
scheduler_bin
Data type: Optional[Stdlib::Absolutepath]
Default value: undef
scheduler_version
Data type: Optional[String]
Default value: undef
scheduler_params
Data type: Hash
Default value: {}
rsv_query_acls
Data type: Optional[Array[Openondemand::Acl]]
Default value: undef
ganglia_host
Data type: Optional[Stdlib::Host]
Default value: undef
ganglia_scheme
Data type: String
Default value: 'https://'
ganglia_segments
Data type: Array
Default value: ['gweb', 'graph.php']
ganglia_req_query
Data type: Hash
Default value: { 'c' => $name }
ganglia_opt_query
Data type: Hash
Default value: { 'h' => "%{h}.${facts['networking']['domain']}" }
ganglia_version
Data type: String
Default value: '3'
grafana_host
Data type: Optional[Variant[Stdlib::HTTPSUrl,Stdlib::HTTPUrl]]
Default value: undef
grafana_org_id
Data type: Integer
Default value: 1
grafana_theme
Data type: Optional[String]
Default value: undef
grafana_dashboard_name
Data type: Optional[String]
Default value: undef
grafana_dashboard_uid
Data type: Optional[String]
Default value: undef
grafana_dashboard_panels
Data type:
Optional[Struct[{
'cpu' => Integer,
'memory' => Integer,
}]]
Default value: undef
grafana_labels
Data type:
Optional[Struct[{
'cluster' => String,
'host' => String,
'jobid' => Optional[String],
}]]
Default value: undef
grafana_cluster_override
Data type: Optional[String]
Default value: undef
xdmod_resource_id
Data type: Optional[Integer]
Default value: undef
custom_config
Data type: Hash
Custom Hash passed to v2.custom
in cluster YAML
Default value: {}
batch_connect
Data type: Optional[Openondemand::Batch_connect]
Default value: undef
source
Data type: Optional[Stdlib::Filesource]
source file to create cluster configuration from.
Default value: undef
openondemand::conf
Manage Open OnDemand configuration file in /etc/ood/config/ondemand.d
Parameters
The following parameters are available in the openondemand::conf
defined type:
source
Data type: Optional[String]
The source of the configuration file
Default value: undef
content
Data type: Optional[String]
The content template of the configuration file
Default value: undef
content_template
Data type: Optional[String]
The template to define content
Default value: undef
data
Data type: Optional[Hash]
A hash of data to convert to YAML that defines the configuration file contents
Default value: undef
template
Data type: Boolean
If true, the file will have .yml.erb extension, otherwise the extension is .yml
Default value: false
filename
Data type: Optional[String]
Override the default filename for the configuration file
Default value: undef
openondemand::install::app
Manage Open OnDemand app
Examples
openondemand::install::app { 'bc_osc_foo':
ensure => '0.1.0-1.el7',
}
Parameters
The following parameters are available in the openondemand::install::app
defined type:
ensure
Data type: String
Package ensure property if installing from a package
Default value: 'present'
package
Data type: String
Package name for the app
Default value: "ondemand-${name}"
manage_package
Data type: Boolean
Should package be managed
Default value: true
git_repo
Data type: Optional[String]
The git repo to use to install the app If defined, no package will be installed
Default value: undef
git_revision
Data type: Optional[String]
The git revision to checkout
Default value: undef
source
Data type: Optional[String]
The Puppet source path for app
Default value: undef
path
Data type: Optional[Stdlib::Absolutepath]
Path to app, defaults to /var/www/ood/apps/sys/$name
Default value: undef
owner
Data type: String
File owner of app
Default value: 'root'
group
Data type: String
File group owner of app
Default value: 'root'
mode
Data type: String
File mode for app
Default value: '0755'
Data types
Openondemand::Acl
OnDemand cluster ACL
Alias of
Struct[{ 'adapter' => Enum['group'],
'groups' => Optional[Array],
'type' => Enum['whitelist', 'blacklist']
}]
Openondemand::Batch_connect
Defines cluster config batch_connect values
Alias of
Struct[{
Optional['basic'] => Struct[{
Optional['script_wrapper'] => String,
Optional['set_host'] => String
}],
Optional['vnc'] => Struct[{
Optional['script_wrapper'] => String,
Optional['set_host'] => String
}],
Optional['ssh_allow'] => Boolean,
}]
Openondemand::Dashboard_layout
Dashboard layout
Alias of
Struct[{
'rows' => Array[Struct[{'columns' => Array[Openondemand::Dashboard_layout_column]}]]
}]
Openondemand::Dashboard_layout_column
Dashboard layout column
Alias of
Struct[{
'width' => Integer,
'widgets' => Array[String[1]],
}]
Openondemand::Dex_config
ondemand-dex config
Alias of
Struct[{
'ssl' => Optional[Boolean],
'http_port' => Optional[Variant[String, Integer]],
'https_port' => Optional[Variant[String, Integer]],
'tls_cert' => Optional[Stdlib::Absolutepath],
'tls_key' => Optional[Stdlib::Absolutepath],
'storage_file' => Optional[Stdlib::Absolutepath],
'grpc' => Optional[Hash],
'expiry' => Optional[Hash],
'client_id' => Optional[String],
'client_redirect_uris' => Optional[Array],
'client_name' => Optional[String],
'client_secret' => Optional[String],
'static_clients' => Optional[Array[Hash]],
'connectors' => Optional[Array[Hash]],
'frontend' => Optional[Hash],
}]
Openondemand::K8_auth
OnDemand cluster Kubernetes auth
Alias of
Struct[{
'type' => String[1],
}]
Openondemand::K8_mount
OnDemand cluster Kubernetes mount
Alias of
Struct[{ 'type' => String[1],
'name' => String[1],
'host_type' => Optional[String[1]],
'host' => Optional[String[1]],
'destination_path' => Stdlib::Absolutepath,
'path' => Stdlib::Absolutepath,
}]
Openondemand::K8_server
OnDemand cluster Kubernetes mount
Alias of
Struct[{ 'endpoint' => Stdlib::HTTPSUrl,
'cert_authority_file' => Stdlib::Absolutepath,
}]
Openondemand::Nginx_stage_namespace_config
nginx_stage.yml namespace_config
Alias of
Struct[{
'dev' => Optional[String],
'usr' => Optional[String],
'sys' => Optional[String]
}]
Tasks
announce
Install Open OnDemand announcement file
Supports noop? false
Parameters
source
Data type: String[1]
Path to file to install (or purge)
maintenance
Put OnDemand into maintenance mode
Supports noop? false
Parameters
ensure
Data type: Enum['present','absent']
Set state of maintenance mode
nginx_stage
Run nginx_stage commands
Supports noop? false
Parameters
command
Data type: Enum[nginx_clean,nginx_list]
nginx_stage command to execute
user
Data type: Optional[String[1]]
Operate on specific user
skip_nginx
Data type: Optional[Boolean]
Skip execution of the per-user nginx process
force
Data type: Optional[Boolean]
Force clean ALL per-user nginx processes
What are tasks?
Modules can contain tasks that take action outside of a desired state managed by Puppet. It’s perfect for troubleshooting or deploying one-off changes, distributing scripts to run across your infrastructure, or automating changes that need to happen in a particular order as part of an application deployment.
Tasks in this module release
Change log
All notable changes to this project will be documented in this file. The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
v7.1.0 (2025-01-21)
Added
v7.0.0 (2025-01-09)
Changed
v6.1.0 (2024-12-11)
Added
v6.0.0 (2024-10-16)
Changed
v5.2.0 (2024-10-16)
Added
v5.1.0 (2024-09-06)
Added
Fixed
v5.0.1 (2024-04-17)
Fixed
v5.0.0 (2024-02-13)
Changed
v4.5.0 (2024-01-25)
Added
v4.4.1 (2024-01-25)
Fixed
v4.4.0 (2024-01-21)
Added
v4.3.1 (2023-12-01)
Fixed
v4.3.0 (2023-11-27)
Added
Fixed
v4.2.1 (2023-10-06)
Fixed
v4.2.0 (2023-09-19)
Added
v4.1.0 (2023-06-16)
Added
- Support newer stdlib and systemd modules #131 (treydock)
- Allow apps to be installed from source parameter #130 (treydock)
- Document adding support ticket configuration #126 (treydock)
Fixed
v4.0.0 (2023-05-04)
Changed
Added
v3.0.1 (2023-04-14)
Fixed
v3.0.0 (2023-04-03)
Changed
v2.15.0 (2022-11-15)
Added
v2.14.0 (2022-08-12)
Added
v2.13.0 (2022-06-10)
Added
v2.12.1 (2022-06-08)
Fixed
v2.12.0 (2022-05-20)
Added
- Avoid latest repo by default, not a stable repo #91 (treydock)
- Replace CentOS 8 with Rocky 8 and PDK sync #87 (treydock)
v2.11.0 (2022-05-06)
Added
v2.10.0 (2022-04-11)
Added
Fixed
v2.9.0 (2022-03-04)
Added
Fixed
- Use 2.0 repo for acceptance tests #80 (treydock)
- Fix when ood-portal-generator is triggered #79 (treydock)
- Ensure that validation errors for Apache config will not persist #78 (treydock)
- Skip nigntly tests until feature/ondemand-2.1 merged #74 (treydock)
v2.8.2 (2021-10-14)
Fixed
v2.8.1 (2021-10-14)
Fixed
v2.8.0 (2021-09-01)
v2.7.0 (2021-08-09)
v2.6.0 (2021-08-03)
v2.5.0 (2021-07-29)
v2.4.1 (2021-07-21)
v2.4.0 (2021-07-14)
v2.3.0 (2021-06-15)
v2.2.0 (2021-06-03)
v2.1.0 (2021-05-26)
v2.0.0 (2021-05-19)
* This Changelog was automatically generated by github_changelog_generator
Dependencies
- puppetlabs/stdlib (>= 9.0.0 < 10.0.0)
- puppetlabs/apt (>= 6.0.0 < 10.0.0)
- puppetlabs/apache (>= 5.2.0 < 13.0.0)
- puppetlabs/vcsrepo (>= 1.3.0 < 7.0.0)
- saz/sudo (>= 3.0.0 <9.0.0)
- puppet/augeasproviders_shellvar (>= 5.0.0 <7.0.0)
- puppet/logrotate (>= 3.0.0 < 8.0.0)
- puppet/systemd (>= 0.4.0 <8.0.0)
- puppet/epel (>= 4.1.0 <6.0.0)