From e395415d54a273b17fb4c2159ebef72c651d913a Mon Sep 17 00:00:00 2001 From: Fabien Boucher Date: Fri, 3 Apr 2015 13:11:16 +0000 Subject: [PATCH] Move server class call outside of jenkins*.pp class site.pp handles the call to the server class for jenkins* nodes. Story: 2000172 Spec: http://specs.openstack.org/openstack-infra/infra-specs/specs/server_base_template_refactor.html Change-Id: I8de21f4821a5a2458ef1a62d96dd4e6d6e294407 --- manifests/site.pp | 36 ++++++++++++++----- .../openstack_project/manifests/jenkins.pp | 10 ------ .../manifests/jenkins_dev.pp | 5 --- 3 files changed, 27 insertions(+), 24 deletions(-) diff --git a/manifests/site.pp b/manifests/site.pp index f271baeff4..696807bd14 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -118,6 +118,17 @@ node 'review-dev.openstack.org' { # Node-OS: precise node 'jenkins.openstack.org' { $group = "jenkins" + $zmq_event_receivers = ['logstash.openstack.org', + 'nodepool.openstack.org'] + $iptables_rule = regsubst ($zmq_event_receivers, + '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 8888 -s \1 -j ACCEPT') + class { 'openstack_project::server': + iptables_public_tcp_ports => [80, 443], + iptables_rules6 => $iptables_rule, + iptables_rules4 => $iptables_rule, + sysadmins => hiera('sysadmins', []), + puppetmaster_server => 'puppetmaster.openstack.org', + } class { 'openstack_project::jenkins': project_config_repo => 'https://git.openstack.org/openstack-infra/project-config', jenkins_jobs_password => hiera('jenkins_jobs_password', 'XXX'), @@ -125,34 +136,41 @@ node 'jenkins.openstack.org' { ssl_cert_file_contents => hiera('jenkins_ssl_cert_file_contents', 'XXX'), ssl_key_file_contents => hiera('jenkins_ssl_key_file_contents', 'XXX'), ssl_chain_file_contents => hiera('jenkins_ssl_chain_file_contents', 'XXX'), - sysadmins => hiera('sysadmins', []), - zmq_event_receivers => ['logstash.openstack.org', - 'nodepool.openstack.org', - ], } } # Node-OS: precise node /^jenkins\d+\.openstack\.org$/ { $group = "jenkins" + $zmq_event_receivers = ['logstash.openstack.org', + 'nodepool.openstack.org'] + $iptables_rule = regsubst ($zmq_event_receivers, + '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 8888 -s \1 -j ACCEPT') + class { 'openstack_project::server': + iptables_public_tcp_ports => [80, 443], + iptables_rules6 => $iptables_rule, + iptables_rules4 => $iptables_rule, + sysadmins => hiera('sysadmins', []), + puppetmaster_server => 'puppetmaster.openstack.org', + } class { 'openstack_project::jenkins': jenkins_jobs_password => hiera('jenkins_jobs_password', 'XXX'), jenkins_ssh_private_key => hiera('jenkins_ssh_private_key_contents', 'XXX'), ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem', ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key', ssl_chain_file => '', - sysadmins => hiera('sysadmins', []), - zmq_event_receivers => ['logstash.openstack.org', - 'nodepool.openstack.org', - ], } } # Node-OS: precise node 'jenkins-dev.openstack.org' { + class { 'openstack_project::server': + iptables_public_tcp_ports => [80, 443], + sysadmins => hiera('sysadmins', []), + puppetmaster_server => 'puppetmaster.openstack.org', + } class { 'openstack_project::jenkins_dev': jenkins_ssh_private_key => hiera('jenkins_dev_ssh_private_key_contents', 'XXX'), - sysadmins => hiera('sysadmins', []), mysql_password => hiera('nodepool_dev_mysql_password', 'XXX'), mysql_root_password => hiera('nodepool_dev_mysql_root_password', 'XXX'), nodepool_ssh_private_key => hiera('jenkins_dev_ssh_private_key_contents', 'XXX'), diff --git a/modules/openstack_project/manifests/jenkins.pp b/modules/openstack_project/manifests/jenkins.pp index ff401cebe0..1c0cc65c50 100644 --- a/modules/openstack_project/manifests/jenkins.pp +++ b/modules/openstack_project/manifests/jenkins.pp @@ -15,20 +15,10 @@ class openstack_project::jenkins ( $ssl_chain_file_contents = '', $jenkins_ssh_public_key = $openstack_project::jenkins_ssh_key, $jenkins_ssh_private_key = '', - $zmq_event_receivers = [], - $sysadmins = [], $project_config_repo = '', ) inherits openstack_project { include openstack_project - $iptables_rule = regsubst ($zmq_event_receivers, '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 8888 -s \1 -j ACCEPT') - class { 'openstack_project::server': - iptables_public_tcp_ports => [80, 443], - iptables_rules6 => $iptables_rule, - iptables_rules4 => $iptables_rule, - sysadmins => $sysadmins, - } - # Set defaults here because they evaluate variables which you cannot # do in the class parameter list. if $ssl_cert_file == '' { diff --git a/modules/openstack_project/manifests/jenkins_dev.pp b/modules/openstack_project/manifests/jenkins_dev.pp index 1231e79801..3bb89a1770 100644 --- a/modules/openstack_project/manifests/jenkins_dev.pp +++ b/modules/openstack_project/manifests/jenkins_dev.pp @@ -2,7 +2,6 @@ # class openstack_project::jenkins_dev ( $jenkins_ssh_private_key = '', - $sysadmins = [], $mysql_root_password, $mysql_password, $nodepool_ssh_private_key = '', @@ -21,10 +20,6 @@ class openstack_project::jenkins_dev ( include openstack_project - class { 'openstack_project::server': - iptables_public_tcp_ports => [80, 443], - sysadmins => $sysadmins, - } include bup bup::site { 'rs-ord': backup_user => 'bup-jenkins-dev',