This module can be used to install nfdump and manages sfcapd processes to capture sflow data into nfdump files. It doesn't manage nfsen or the firewall. We recommend you to be restrictive. Only allow traffic from the devices that you trust.
The following example will install nfdump and sets up a single sfcapd process.
class { '::nfdump':
$data_location = '/data/nfdump'
}
::nfdump::sfcapd { 'sw1':
port => 6343,
}
We provide a number of configuration options to change particular settings or to override our defaults when required.
Defaults to 'nfdump' on RedHat and 'nfdump-sflow' on Debian based systems.
Set the username for any sfcapd processes. Defaults to 'sflow'.
Set the location where to store nfdump data. Defaults to '/data/nfdump'.
This will set up an sflow capture daemon listener.
nfdump::sfcapd { 'device-1.location': }
This is used as an identifier to the listener. Defaults to '$title'.
This is the udp port the listener is available on. Defaults to '6343'.
Sfcapd allows you to repeat packages onto another host. Set this to an ip if you want to forward traffic. Defaults to 'undef'.
Sets the port your repeater is available on. Defaults to '6343'.
Set the buffer length. See -B in man sfcapd. Defaults to '200000'.
Set the list of accepted extensions. See -T in man sfcapd. Defaults to 'all'.
This module has been tested on:
- CentOS 7
- Ubuntu 16.04
We strongly believe in the power of open source. This module is our way of saying thanks.
This module is tested against the Ruby versions from Puppet's support matrix. Please make sure you have a supported version of Ruby installed.
If you want to contribute please:
- Fork the repository.
- Run tests. It's always good to know that you can start with a clean slate.
- Add a test for your change.
- Make sure it passes.
- Push to your fork and submit a pull request.
We can only accept pull requests with passing tests.
To install all of its dependencies please run:
bundle install --path vendor/bundle --without development
bundle exec rake test
The unit tests only verify if the code runs, not if it does exactly what we want on a real machine. For this we use Beaker. Beaker will start a new virtual machine (using Vagrant) and runs a series of simple tests.
You can run Beaker tests with:
bundle exec rake spec_prep
BEAKER_destroy=onpass bundle exec rake beaker:centos7
BEAKER_destroy=onpass bundle exec rake beaker:ubuntu1604
We recommend specifying BEAKER_destroy=onpass as it will keep the Vagrant machine running in case something fails.