Move OpenStack classes to openstack_project module

Change-Id: Iafcd2e06c5b62e4cde5eccaab3173a20bb08a78d

manifests/site.pp

@@ -1,88 +1,9 @@
-import "openstack"
-
-$jenkins_ssh_key = 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtioTW2wh3mBRuj+R0Jyb/mLt5sjJ8dEvYyA8zfur1dnqEt5uQNLacW4fHBDFWJoLHfhdfbvray5wWMAcIuGEiAA2WEH23YzgIbyArCSI+z7gB3SET8zgff25ukXlN+1mBSrKWxIza+tB3NU62WbtO6hmelwvSkZ3d7SDfHxrc4zEpmHDuMhxALl8e1idqYzNA+1EhZpbcaf720mX+KD3oszmY2lqD1OkKMquRSD0USXPGlH3HK11MTeCArKRHMgTdIlVeqvYH0v0Wd1w/8mbXgHxfGzMYS1Ej0fzzJ0PC5z5rOqsMqY1X2aC1KlHIFLAeSf4Cx0JNlSpYSrlZ/RoiQ== hudson@hudson'
-
-class openstack_cron {
-  include logrotate
-  include puppetboot
-  cron { "updatepuppet":
-    user => root,
-    minute => "*/15",
-    command => 'apt-get update >/dev/null 2>&1 ; sleep $((RANDOM\%600)) && cd /root/openstack-ci-puppet && /usr/bin/git pull -q && puppet apply -l /var/log/manifest.log --modulepath=/root/openstack-ci-puppet/modules manifests/site.pp',
-    environment => "PATH=/var/lib/gems/1.8/bin:/usr/bin:/bin:/usr/sbin:/sbin",
-  }
-  logrotate::file { 'updatepuppet':
-    log => '/var/log/manifest.log',
-    options => ['compress', 'delaycompress', 'missingok', 'rotate 7', 'daily', 'notifempty'],
-    require => Cron['updatepuppet'],
-  }
-}
-
-class backup ($backup_user) {
-  package { "bup":
-    ensure => present
-  }
-
-  file { "/etc/bup-excludes":
-    ensure => present,
-    content => "/proc/*
-/sys/*
-/dev/*
-/tmp/*
-/floppy/*
-/cdrom/*
-/var/spool/squid/*
-/var/spool/exim/*
-/media/*
-/mnt/*
-/var/agentx/*
-/run/*
-"
-  }
-
-  cron { "bup-rs-ord":
-    user => root,
-    hour => "5",
-    minute => "37",
-    command => "tar -X /etc/bup-excludes -cPf - / | bup split -r $backup_user@ci-backup-rs-ord.openstack.org: -n root -q",
-  }
-}
-
-class remove_openstack_cron {
-  cron { "updatepuppet":
-    ensure => absent
-  }
-
-  file { '/etc/init/puppetboot.conf':
-    ensure => absent
-  }
-
-  file { "/etc/logrotate.d/updatepuppet":
-    ensure => absent
-  }
-}
-
-class openstack_jenkins_slave {
-  include openstack_cron
-  include tmpreaper
-  include apt::unattended-upgrades
-  class { 'openstack_server':
-    iptables_public_tcp_ports => []
-  }
-  class { 'jenkins_slave':
-    ssh_key => $jenkins_ssh_key
-  }
-}
-
 #
 # Default: should at least behave like an openstack server
 #
-
 node default {
-  include openstack_cron
-  class { 'openstack_server':
-    iptables_public_tcp_ports => []
-  }
+  include openstack_project::puppet_cron
+  include openstack_project::server
 }
 
 #
@@ -117,8 +38,8 @@ node default {
 # thus, set it to 5000minutes until the bug is fixed.
 
 node "review.openstack.org" {
-  include remove_openstack_cron
-  class { 'openstack_server':
+  include openstack_project::remove_cron
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [80, 443, 29418]
   }
   class { 'gerrit':
@@ -135,7 +56,7 @@ node "review.openstack.org" {
     core_packedgitwindowsize => '16k',
     sshd_threads => '100',
     httpd_maxwait => '5000min',
-    github_projects => $openstack_project_list,
+    github_projects => $openstack_project::project_list,
     upstream_projects => [ {
                          name => 'openstack-ci/gerrit',
                          remote => 'https://gerrit.googlesource.com/gerrit'
@@ -159,8 +80,8 @@ node "review.openstack.org" {
 }
 
 node "gerrit-dev.openstack.org", "review-dev.openstack.org" {
-  include remove_openstack_cron
-  class { 'openstack_server':
+  include openstack_project::remove_cron
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [80, 443, 29418]
   }
 
@@ -194,8 +115,8 @@ node "gerrit-dev.openstack.org", "review-dev.openstack.org" {
 }
 
 node "jenkins.openstack.org" {
-  include remove_openstack_cron
-  class { 'openstack_server':
+  include openstack_project::remove_cron
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [80, 443, 4155]
   }
   class { 'jenkins_master':
@@ -212,32 +133,17 @@ node "jenkins.openstack.org" {
     password => hiera('jenkins_jobs_password'),
     site => "openstack",
   }
-  class { 'zuul': }
-  file { "/etc/zuul/layout.yaml":
-    ensure => 'present',
-    source => 'puppet:///modules/openstack-ci-config/zuul/layout.yaml'
-  }
-  file { "/etc/zuul/openstack_functions.py":
-    ensure => 'present',
-    source => 'puppet:///modules/openstack-ci-config/zuul/openstack_functions.py'
-  }
-  file { "/etc/zuul/logging.conf":
-    ensure => 'present',
-    source => 'puppet:///modules/openstack-ci-config/zuul/logging.conf'
-  }
-  file { "/etc/default/jenkins":
-    ensure => 'present',
-    source => 'puppet:///modules/openstack-ci-config/jenkins/jenkins.default'
-  }
+  class { "openstack_project::zuul": }
 }
 
 node "jenkins-dev.openstack.org" {
-  include remove_openstack_cron
-  class { 'openstack_server':
+  include openstack_project::remove_cron
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [80, 443, 4155]
   } 
   class { 'backup':
-    backup_user => 'bup-jenkins-dev'
+    backup_user => 'bup-jenkins-dev',
+    backup_server => 'ci-backup-rs-ord.openstack.org'
   }
   class { 'jenkins_master':
     site => 'jenkins-dev.openstack.org',
@@ -250,8 +156,8 @@ node "jenkins-dev.openstack.org" {
 }
 
 node "community.openstack.org" {
-  include remove_openstack_cron
-  class { 'openstack_server':
+  include openstack_project::remove_cron
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [80, 443, 8099, 8080]
   }
 
@@ -261,7 +167,7 @@ node "community.openstack.org" {
 }
 
 node "ci-puppetmaster.openstack.org" {
-  class { 'openstack_server':
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [8140]
   }
   cron { "updatepuppetmaster":
@@ -273,22 +179,21 @@ node "ci-puppetmaster.openstack.org" {
 
 }
 
-node "lists.openstack.org" {
-  include remove_openstack_cron
+$sysadmins = $openstack_project::sysadmins
 
-  # Using openstack_template instead of openstack_server
+node "lists.openstack.org" {
+  include openstack_project::remove_cron
+
+  # Using openstack_project::template instead of openstack_project::server
   # because the exim config on this machine is almost certainly
   # going to be more complicated than normal.
-  class { 'openstack_template':
+  class { 'openstack_project::template':
     iptables_public_tcp_ports => [25, 80, 465]
   }
 
+  $sysadmins += ['duncan@dreamhost.com']
   class { 'exim':
-    sysadmin => ['corvus@inaugust.com',
-                 'mordred@inaugust.com',
-                 'andrew@linuxjedi.co.uk',
-                 'devananda.vdv@gmail.com',
-                 'duncan@dreamhost.com'],
+    sysadmin => $sysadmins,
     mailman_domains => ['lists.openstack.org'],
   }
 
@@ -302,16 +207,14 @@ node "lists.openstack.org" {
 }
 
 node "docs.openstack.org" {
-  include remove_openstack_cron
-  class { 'openstack_server':
-    iptables_public_tcp_ports => []
-  }
+  include openstack_project::remove_cron
+  include openstack_project::server
   include doc_server
 }
 
 node "paste.openstack.org" {
-  include remove_openstack_cron
-  class { 'openstack_server':
+  include openstack_project::remove_cron
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [80]
   }
   include lodgeit
@@ -327,8 +230,8 @@ node "paste.openstack.org" {
 }
 
 node "planet.openstack.org" {
-  include remove_openstack_cron
-  class { 'openstack_server':
+  include openstack_project::remove_cron
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [80]
   }
   include planet
@@ -339,8 +242,8 @@ node "planet.openstack.org" {
 }
 
 node "eavesdrop.openstack.org" {
-  include remove_openstack_cron
-  class { 'openstack_server':
+  include openstack_project::remove_cron
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [80]
   }
   include meetbot
@@ -357,7 +260,7 @@ node "eavesdrop.openstack.org" {
 }
 
 node "pypi.openstack.org" {
-  include remove_openstack_cron
+  include openstack_project::remove_cron
 
   # include jenkins slave so that build deps are there for the pip download
   class { 'jenkins_slave':
@@ -365,19 +268,19 @@ node "pypi.openstack.org" {
     user => false
   }
 
-  class { 'openstack_server':
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [80]
   }
 
   class { "pypimirror":
     base_url => "http://pypi.openstack.org",
-    projects => $openstack_project_list,
+    projects => $openstack_project::project_list,
   }
 }
 
 node 'etherpad.openstack.org' {
-  include remove_openstack_cron
-  class { 'openstack_server':
+  include openstack_project::remove_cron
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [22, 80, 443]
   }
 
@@ -396,8 +299,8 @@ node 'etherpad.openstack.org' {
 }
 
 node 'wiki.openstack.org' {
-  include remove_openstack_cron
-  class { 'openstack_server':
+  include openstack_project::remove_cron
+  class { 'openstack_project::server':
     iptables_public_tcp_ports => [80, 443]
   }
 
@@ -408,11 +311,11 @@ node 'wiki.openstack.org' {
 
 # A bare machine, but with a jenkins user
 node /^.*\.template\.openstack\.org$/ {
-  class { 'openstack_template':
+  class { 'openstack_project::template':
     iptables_public_tcp_ports => []
   }
   class { 'jenkins_slave':
-    ssh_key => $jenkins_ssh_key,
+    ssh_key => $openstack_project::jenkins_ssh_key,
     sudo => true,
     bare => true
   }
@@ -420,7 +323,7 @@ node /^.*\.template\.openstack\.org$/ {
 
 # A backup machine.  Don't run cron or puppet agent on it.
 node /^ci-backup-.*\.openstack\.org$/ {
-  class { 'openstack_template':
+  class { 'openstack_project::template':
     iptables_public_tcp_ports => []
   }
 }
@@ -431,8 +334,8 @@ node /^ci-backup-.*\.openstack\.org$/ {
 
 # Test cgroups and ulimits on precise8
 node 'precise8.slave.openstack.org' {
-  include openstack_cron
-  include openstack_jenkins_slave
+  include openstack_project::puppet_cron
+  include openstack_project::jenkins_slave
 
   include ulimit
   ulimit::conf { 'limit_jenkins_procs':
@@ -445,16 +348,15 @@ node 'precise8.slave.openstack.org' {
 }
 
 node /^.*\.slave\.openstack\.org$/ {
-  include openstack_cron
-  include openstack_jenkins_slave
-
+  include openstack_project::puppet_cron
+  include openstack_project::jenkins_slave
 }
 
 # bare-bones slaves spun up by jclouds. Specifically need to not set ssh
 # login limits, because it screws up jclouds provisioning
 node /^.*\.jclouds\.openstack\.org$/ {
 
-  include openstack_base
+  include openstack_project::base
 
   class { 'jenkins_slave':
     ssh_key => "",

modules/backup/manifests/init.pp

@@ -0,0 +1,29 @@
+class backup ($backup_user, $backup_server) {
+  package { "bup":
+    ensure => present
+  }
+
+  file { "/etc/bup-excludes":
+    ensure => present,
+    content => "/proc/*
+/sys/*
+/dev/*
+/tmp/*
+/floppy/*
+/cdrom/*
+/var/spool/squid/*
+/var/spool/exim/*
+/media/*
+/mnt/*
+/var/agentx/*
+/run/*
+"
+  }
+
+  cron { "bup-rs-ord":
+    user => root,
+    hour => "5",
+    minute => "37",
+    command => "tar -X /etc/bup-excludes -cPf - / | bup split -r $backup_user@$backup_server: -n root -q",
+  }
+}

modules/openstack_project/manifests/base.pp

@@ -0,0 +1,31 @@
+class openstack_project::base {
+  include openstack_project::users
+  include sudoers
+
+  file { '/etc/profile.d/Z98-byobu.sh':
+    ensure => 'absent'
+  }
+
+  package { "popularity-contest":
+    ensure => purged
+  }
+
+  $packages = ["puppet",
+               "git",
+               "python-setuptools",
+               "python-virtualenv",
+               "python-software-properties",
+               "bzr",
+               "byobu",
+               "emacs23-nox"]
+  package { $packages: ensure => "present" }
+
+  realize (
+    User::Virtual::Localuser["mordred"],
+    User::Virtual::Localuser["corvus"],
+    User::Virtual::Localuser["soren"],
+    User::Virtual::Localuser["linuxjedi"],
+    User::Virtual::Localuser["devananda"],
+    User::Virtual::Localuser["clarkb"],
+  )
+}

modules/openstack_project/manifests/init.pp

@@ -1,6 +1,14 @@
-import "users"
+class openstack_project {
 
-$openstack_project_list = [ {
+  $jenkins_ssh_key = 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtioTW2wh3mBRuj+R0Jyb/mLt5sjJ8dEvYyA8zfur1dnqEt5uQNLacW4fHBDFWJoLHfhdfbvray5wWMAcIuGEiAA2WEH23YzgIbyArCSI+z7gB3SET8zgff25ukXlN+1mBSrKWxIza+tB3NU62WbtO6hmelwvSkZ3d7SDfHxrc4zEpmHDuMhxALl8e1idqYzNA+1EhZpbcaf720mX+KD3oszmY2lqD1OkKMquRSD0USXPGlH3HK11MTeCArKRHMgTdIlVeqvYH0v0Wd1w/8mbXgHxfGzMYS1Ej0fzzJ0PC5z5rOqsMqY1X2aC1KlHIFLAeSf4Cx0JNlSpYSrlZ/RoiQ== hudson@hudson'
+
+  $sysadmin = ['corvus@inaugust.com',
+               'mordred@inaugust.com',
+               'andrew@linuxjedi.co.uk',
+               'devananda.vdv@gmail.com',
+               'clark.boylan@gmail.com']
+
+  $project_list = [ {
      name => 'openstack/keystone',
      close_pull => 'true'
      }, {
@@ -116,76 +124,4 @@ $openstack_project_list = [ {
      close_pull => 'true'
      }
   ]
-
-#
-# Abstract classes:
-#
-class openstack_base {
-  include openstack_project::users
-  include sudoers
-
-  file { '/etc/profile.d/Z98-byobu.sh':
-    ensure => 'absent'
-  }
-
-  package { "popularity-contest":
-    ensure => purged
-  }
-
-  $packages = ["puppet",
-               "git",
-               "python-setuptools",
-               "python-virtualenv",
-               "python-software-properties",
-               "bzr",
-               "byobu",
-               "emacs23-nox"]
-  package { $packages: ensure => "present" }
-
-  realize (
-    User::Virtual::Localuser["mordred"],
-    User::Virtual::Localuser["corvus"],
-    User::Virtual::Localuser["soren"],
-    User::Virtual::Localuser["linuxjedi"],
-    User::Virtual::Localuser["devananda"],
-    User::Virtual::Localuser["clarkb"],
-  )
-}
-
-# A template host with no running services
-class openstack_template ($iptables_public_tcp_ports) {
-  include openstack_base
-  include ssh
-  include snmpd
-  include apt::unattended-upgrades
-  
-  class { 'iptables':
-    public_tcp_ports => $iptables_public_tcp_ports,
-  }
-
-  package { "ntp":
-    ensure => installed
-  }
-
-  service { 'ntpd':
-    name       => 'ntp',
-    ensure     => running,
-    enable     => true,
-    hasrestart => true,
-    require => Package['ntp'],
-  }
-}
-
-# A server that we expect to run for some time
-class openstack_server ($iptables_public_tcp_ports) {
-  class { 'openstack_template':
-    iptables_public_tcp_ports => $iptables_public_tcp_ports
-  }
-  class { 'exim':
-    sysadmin => ['corvus@inaugust.com',
-                 'mordred@inaugust.com',
-                 'andrew@linuxjedi.co.uk',
-                 'devananda.vdv@gmail.com',
-                 'clark.boylan@gmail.com']
-  }
 }

modules/openstack_project/manifests/jenkins_slave.pp

@@ -0,0 +1,12 @@
+class openstack_project::jenkins_slave {
+  include tmpreaper
+  include apt::unattended-upgrades
+  class { 'openstack_server':
+    iptables_public_tcp_ports => []
+  }
+  class { 'jenkins_slave':
+    ssh_key => $openstack_project::jenkins_ssh_key
+  }
+}
+
+

modules/openstack_project/manifests/puppet_cron.pp

@@ -0,0 +1,16 @@
+class openstack_project::puppet_cron {
+  include logrotate
+  include puppetboot
+  cron { "updatepuppet":
+    user => root,
+    minute => "*/15",
+    command => 'apt-get update >/dev/null 2>&1 ; sleep $((RANDOM\%600)) && cd /root/openstack-ci-puppet && /usr/bin/git pull -q && puppet apply -l /var/log/manifest.log --modulepath=/root/openstack-ci-puppet/modules manifests/site.pp',
+    environment => "PATH=/var/lib/gems/1.8/bin:/usr/bin:/bin:/usr/sbin:/sbin",
+  }
+  logrotate::file { 'updatepuppet':
+    log => '/var/log/manifest.log',
+    options => ['compress', 'delaycompress', 'missingok', 'rotate 7', 'daily', 'notifempty'],
+    require => Cron['updatepuppet'],
+  }
+}
+

modules/openstack_project/manifests/remove_cron.pp

@@ -0,0 +1,14 @@
+class openstack_project::remove_cron {
+  cron { "updatepuppet":
+    ensure => absent
+  }
+
+  file { '/etc/init/puppetboot.conf':
+    ensure => absent
+  }
+
+  file { "/etc/logrotate.d/updatepuppet":
+    ensure => absent
+  }
+}
+

modules/openstack_project/manifests/server.pp

@@ -0,0 +1,9 @@
+# A server that we expect to run for some time
+class openstack_project::server ($iptables_public_tcp_ports = []) {
+  class { 'openstack_project::template':
+    iptables_public_tcp_ports => $iptables_public_tcp_ports
+  }
+  class { 'exim':
+    sysadmin => $openstack_project::sysadmins
+  }
+}

modules/openstack_project/manifests/template.pp

@@ -0,0 +1,23 @@
+# A template host with no running services
+class openstack_project::template ($iptables_public_tcp_ports) {
+  include openstack_project::base
+  include ssh
+  include snmpd
+  include apt::unattended-upgrades
+  
+  class { 'iptables':
+    public_tcp_ports => $iptables_public_tcp_ports,
+  }
+
+  package { "ntp":
+    ensure => installed
+  }
+
+  service { 'ntpd':
+    name       => 'ntp',
+    ensure     => running,
+    enable     => true,
+    hasrestart => true,
+    require => Package['ntp'],
+  }
+}

modules/openstack_project/manifests/zuul.pp

@@ -0,0 +1,19 @@
+class openstack_project::zuul {
+  class { 'zuul': }
+  file { "/etc/zuul/layout.yaml":
+    ensure => 'present',
+    source => 'puppet:///modules/openstack_ci/zuul/layout.yaml'
+  }
+  file { "/etc/zuul/openstack_functions.py":
+    ensure => 'present',
+    source => 'puppet:///modules/openstack_ci/zuul/openstack_functions.py'
+  }
+  file { "/etc/zuul/logging.conf":
+    ensure => 'present',
+    source => 'puppet:///modules/openstack_ci/zuul/logging.conf'
+  }
+  file { "/etc/default/jenkins":
+    ensure => 'present',
+    source => 'puppet:///modules/openstack_ci/jenkins/jenkins.default'
+  }
+}