Forge Home

simp_nfs

A SIMP Puppet Profile for common NFS configurations

10,437 downloads

746 latest version

4.7 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 1.1.0 (latest)
  • 1.0.1
  • 1.0.0
  • 0.2.0
  • 0.1.0
  • 0.0.5
  • 0.0.4
  • 0.0.3
  • 0.0.2
released Jul 23rd 2021
This version is compatible with:
  • Puppet Enterprise 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x
  • Puppet >= 6.22.1 < 8.0.0
  • , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'simp-simp_nfs', '1.1.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add simp-simp_nfs
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install simp-simp_nfs --version 1.1.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download
Tags: simp, nfs

Documentation

simp/simp_nfs — version 1.1.0 Jul 23rd 2021

License CII Best Practices Puppet Forge Puppet Forge Downloads Build Status

Table of Contents

Description

This module is a SIMP Puppet profile for setting up common NFS configurations as supported by the SIMP ecosystem

This is a SIMP module

This module is a component of the System Integrity Management Platform, a compliance-management framework built on Puppet.

If you find any issues, they may be submitted to our bug tracker.

This module is optimally designed for use within a larger SIMP ecosystem, but it can be used independently:

  • When included within the SIMP ecosystem, security compliance settings will be managed from the Puppet server.
  • If used independently, all SIMP-managed security subsystems are disabled by default and must be explicitly opted into by administrators. Please review the parameters in simp/simp_options for details.

Setup

What simp_nfs affects

This module provides commonly used configurations for NFS server and client systems.

Usage

Serve NFS Home Directories over Stunnel

To export home directories for your users, over an Stunnel encrypted connection, use the following code and Hiera data:

include 'simp_nfs'
---
simp_options::stunnel: true
simp_nfs::export_home_dirs: true

Mount NFS Home Directories

To mount your exported home directories, over an Stunnel encrypted connection, use the following code and Hiera data:

include 'simp_nfs'
---
simp_options::stunnel: true
simp_nfs::home_dir_server : <your NFS server IP>

Mount Home NFS Directories on another NFS server

To mount home directories on another NFS server do not include the simp_nfs class. This will try to call the nfs class a second time. Instead create a site manifest and call the simp_nfs::mount::home class directly. Note: Use the port parameter if you are using stunnel and set it to a different port then the one the local NFS server is using.

class  mounthome {
  class { simp_nfs::mount::home:
    nfs_server        => $home_server,
    port              => 12049,
    autodetect_remote => false
  }
}
include mounthome

Reference

See REFERENCE.md for details.

Known Issues

The autofs package that was released with CentOS 7.3 (5.0.7-56) worked properly over a stunnel connection.

The release shipped with with CentOS 7.4 (5.0.7-69) prevents any connection from happening to the local stunnel process and breaks mounts to remote systems over stunnel connections.

The release that ship with CentOS 7.6 (5.0.7-99) has fixed the issue.

To use NFS over stunnel and automount directories with old CentOS 7 releases, you must use the appropriate autofs package.

To determine what version of autofs is installed, run automount -V.

To force the package to the desired version:

  • Make sure the package is available via your package-management facility then set the package version in Hiera data:
   autofs::autofs_package_ensure: '5.0.7-99'
  • Alternatively, ensure that the latest packages are available and set the following:
   autofs::autofs_package_ensure: 'latest'

The associated bug reports can be found at:

Limitations

This is a SIMP Profile. It will not expose all options of the underlying modules, only the ones that are conducive to a supported SIMP infrastructure. If you need to do things that this module does not cover, you may need to create your own profile or inherit this profile and extend it to meet your needs.

SIMP Puppet modules are generally intended for use on Red Hat Enterprise Linux and compatible distributions, such as CentOS. Please see the metadata.json file for the most up-to-date list of supported operating systems, Puppet versions, and module dependencies.

Development

Please read our Contribution Guide.

Acceptance tests

This module includes Beaker acceptance tests using the SIMP Beaker Helpers. By default the tests use Vagrant with VirtualBox as a back-end; Vagrant and VirtualBox must both be installed to run these tests without modification. To execute the tests run the following:

bundle install
bundle exec rake beaker:suites

Please refer to the SIMP Beaker Helpers documentation for more information.