Move openstack-specific config out of ::jenkins

The ::jenkins::slave class contained a lot of openstack-specific
configuration rather than configuration of a generic jenkins slave.

The term "bare slave" is overloaded and confusing: create simple_slave
and thick_slave to differentiate between the two meanings of "bare".
Some portions of ::jenkins::slave will move to simple_slave, some
portions to thick_slave, and some portions to slave_common (all in the
openstack_project module).

Change-Id: I5281a03a7f6da3f98714bcc59ae840ace8435578
This commit is contained in:
K Jonathan Harker 2014-04-22 15:16:18 -07:00
parent 422af9a5f4
commit 8e7f9e3458
62 changed files with 478 additions and 389 deletions

View File

@ -48,4 +48,4 @@ fi
git clone https://git.openstack.org/openstack-infra/config git clone https://git.openstack.org/openstack-infra/config
bash config/install_modules.sh bash config/install_modules.sh
puppet apply --modulepath=`pwd`/config/modules:/etc/puppet/modules -e 'node default {class { "openstack_project::bare_slave": install_users => false }}' puppet apply --modulepath=`pwd`/config/modules:/etc/puppet/modules -e 'node default {class { "openstack_project::simple_slave": install_users => false }}'

View File

@ -11,57 +11,8 @@ class jenkins::params {
$ccache_package = 'ccache' $ccache_package = 'ccache'
$python_netaddr_package = 'python-netaddr' $python_netaddr_package = 'python-netaddr'
$haveged_package = 'haveged' $haveged_package = 'haveged'
# packages needed by slaves
$ant_package = 'ant'
$awk_package = 'gawk'
$asciidoc_package = 'asciidoc'
$curl_package = 'curl'
$docbook_xml_package = 'docbook-style-xsl'
$docbook5_xml_package = 'docbook5-schemas'
$docbook5_xsl_package = 'docbook5-style-xsl'
$firefox_package = 'firefox'
$graphviz_package = 'graphviz'
$mod_wsgi_package = 'mod_wsgi'
$libcurl_dev_package = 'libcurl-devel'
$ldap_dev_package = 'openldap-devel'
$librrd_dev_package = 'rrdtool-devel'
# packages needed by document translation
$gnome_doc_package = 'gnome-doc-utils'
$libtidy_package = 'libtidy'
$gettext_package = 'gettext'
$language_fonts_packages = []
# for keystone ldap auth integration
$libsasl_dev = 'cyrus-sasl-devel'
$nspr_dev_package = 'nspr-devel'
$sqlite_dev_package = 'sqlite-devel'
$libvirt_dev_package = 'libvirt-devel'
$libxml2_package = 'libxml2'
$libxml2_dev_package = 'libxml2-devel'
$libxslt_dev_package = 'libxslt-devel'
$libffi_dev_package = 'libffi-devel'
# FIXME: No Maven packages on RHEL # FIXME: No Maven packages on RHEL
#$maven_package = 'maven' #$maven_package = 'maven'
# For tooz unit tests
$memcached_package = 'memcached'
# For Ceilometer unit tests
$mongodb_package = 'mongodb-server'
$pandoc_package = 'pandoc'
$pkgconfig_package = 'pkgconfig'
$python_libvirt_package = 'libvirt-python'
$python_lxml_package = 'python-lxml'
$python_magic_package = 'python-magic'
$python_requests_package = 'python-requests'
$python_zmq_package = 'python-zmq'
$rubygems_package = 'rubygems'
# Common Lisp interpreter, used for cl-openstack-client
$sbcl_package = 'sbcl'
$sqlite_package = 'sqlite'
$unzip_package = 'unzip'
$zip_package = 'zip'
$xslt_package = 'libxslt'
$xvfb_package = 'xorg-x11-server-Xvfb'
# PHP package, used for community portal
$php5_cli_package = 'php-cli'
# FIXME: No php mcrypt package on RHEL, used for openstackid # FIXME: No php mcrypt package on RHEL, used for openstackid
#$php5_mcrypt_package = '' #$php5_mcrypt_package = ''
# For Tooz unit tests # For Tooz unit tests
@ -99,60 +50,12 @@ class jenkins::params {
$ccache_package = 'ccache' $ccache_package = 'ccache'
$python_netaddr_package = 'python-netaddr' $python_netaddr_package = 'python-netaddr'
$haveged_package = 'haveged' $haveged_package = 'haveged'
# packages needed by slaves
$ant_package = 'ant'
$awk_package = 'gawk'
$asciidoc_package = 'asciidoc'
$curl_package = 'curl'
$docbook_xml_package = 'docbook-xml'
$docbook5_xml_package = 'docbook5-xml'
$docbook5_xsl_package = 'docbook-xsl'
$firefox_package = 'firefox'
$graphviz_package = 'graphviz'
$mod_wsgi_package = 'libapache2-mod-wsgi'
$libcurl_dev_package = 'libcurl4-gnutls-dev'
$ldap_dev_package = 'libldap2-dev'
$librrd_dev_package = 'librrd-dev'
# packages needed by document translation
$gnome_doc_package = 'gnome-doc-utils'
$libtidy_package = 'libtidy-0.99-0'
$gettext_package = 'gettext'
$language_fonts_packages = ['fonts-takao', 'fonts-nanum']
# for keystone ldap auth integration
$libsasl_dev = 'libsasl2-dev'
$mysql_dev_package = 'libmysqlclient-dev'
$nspr_dev_package = 'libnspr4-dev'
$sqlite_dev_package = 'libsqlite3-dev'
$libvirt_dev_package = 'libvirt-dev'
$libxml2_package = 'libxml2-utils'
$libxml2_dev_package = 'libxml2-dev'
$libxslt_dev_package = 'libxslt1-dev'
$libffi_dev_package = 'libffi-dev'
$maven_package = 'maven2' $maven_package = 'maven2'
# For tooz unit tests # For tooz unit tests
$memcached_package = 'memcached' $memcached_package = 'memcached'
# For Ceilometer unit tests
$mongodb_package = 'mongodb'
$pandoc_package = 'pandoc'
$pkgconfig_package = 'pkg-config'
$python_libvirt_package = 'python-libvirt'
$python_lxml_package = 'python-lxml'
$python_magic_package = 'python-magic'
$python_requests_package = 'python-requests'
$python_zmq_package = 'python-zmq'
$rubygems_package = 'rubygems'
$ruby1_9_1_package = 'ruby1.9.1' $ruby1_9_1_package = 'ruby1.9.1'
$ruby1_9_1_dev_package = 'ruby1.9.1-dev' $ruby1_9_1_dev_package = 'ruby1.9.1-dev'
$ruby_bundler_package = 'ruby-bundler' $ruby_bundler_package = 'ruby-bundler'
# Common Lisp interpreter, used for cl-openstack-client
$sbcl_package = 'sbcl'
$sqlite_package = 'sqlite3'
$unzip_package = 'unzip'
$zip_package = 'zip'
$xslt_package = 'xsltproc'
$xvfb_package = 'xvfb'
# PHP package, used for community portal
$php5_cli_package = 'php5-cli'
$php5_mcrypt_package = 'php5-mcrypt' $php5_mcrypt_package = 'php5-mcrypt'
# For [tooz, taskflow, nova] using zookeeper in unit tests # For [tooz, taskflow, nova] using zookeeper in unit tests
$zookeeper_package = 'zookeeperd' $zookeeper_package = 'zookeeperd'

View File

@ -3,11 +3,8 @@
class jenkins::slave( class jenkins::slave(
$ssh_key = '', $ssh_key = '',
$sudo = false, $sudo = false,
$bare = false,
$user = true, $user = true,
$python3 = false, $python3 = false,
$include_pypy = false,
$all_mysql_privs = false,
) { ) {
include pip include pip
@ -23,66 +20,13 @@ class jenkins::slave(
anchor { 'jenkins::slave::update-java-alternatives': } anchor { 'jenkins::slave::update-java-alternatives': }
# Packages that all jenkins slaves need # Packages that all jenkins slaves need
$common_packages = [ $packages = [
$::jenkins::params::jdk_package, # jdk for building java jobs $::jenkins::params::jdk_package, # jdk for building java jobs
$::jenkins::params::ccache_package, $::jenkins::params::ccache_package,
$::jenkins::params::python_netaddr_package, # Needed for devstack address_in_net() $::jenkins::params::python_netaddr_package, # Needed for devstack address_in_net()
$::jenkins::params::haveged_package, # entropy is useful to have $::jenkins::params::haveged_package, # entropy is useful to have
] ]
# Packages that most jenkins slaves (eg, unit test runners) need
$standard_packages = [
$::jenkins::params::ant_package, # for building buck
$::jenkins::params::awk_package, # for building extract_docs.awk to work correctly
$::jenkins::params::asciidoc_package, # for building gerrit/building openstack docs
$::jenkins::params::curl_package,
$::jenkins::params::docbook_xml_package, # for building openstack docs
$::jenkins::params::docbook5_xml_package, # for building openstack docs
$::jenkins::params::docbook5_xsl_package, # for building openstack docs
$::jenkins::params::gettext_package, # for msgfmt, used in translating manuals
$::jenkins::params::gnome_doc_package, # for generating translation files for docs
$::jenkins::params::graphviz_package, # for generating graphs in docs
$::jenkins::params::firefox_package, # for selenium tests
$::jenkins::params::mod_wsgi_package,
$::jenkins::params::language_fonts_packages,
$::jenkins::params::libcurl_dev_package,
$::jenkins::params::ldap_dev_package,
$::jenkins::params::librrd_dev_package, # for python-rrdtool, used by kwapi
$::jenkins::params::libtidy_package, # for python-tidy, used by sphinxcontrib-docbookrestapi
$::jenkins::params::libsasl_dev, # for keystone ldap auth integration
$::jenkins::params::memcached_package, # for tooz unit tests
$::jenkins::params::mongodb_package, # for ceilometer unit tests
$::jenkins::params::mysql_dev_package,
$::jenkins::params::nspr_dev_package, # for spidermonkey, used by ceilometer
$::jenkins::params::sqlite_dev_package,
$::jenkins::params::libvirt_dev_package,
$::jenkins::params::libxml2_package,
$::jenkins::params::libxml2_dev_package, # for xmllint, need for wadl
$::jenkins::params::libxslt_dev_package,
$::jenkins::params::libffi_dev_package, # xattr's cffi dependency
$::jenkins::params::pandoc_package, #for docs, markdown->docbook, bug 924507
$::jenkins::params::pkgconfig_package, # for spidermonkey, used by ceilometer
$::jenkins::params::python_libvirt_package,
$::jenkins::params::python_lxml_package, # for validating openstack manuals
$::jenkins::params::python_magic_package, # for pushing files to swift
$::jenkins::params::python_requests_package, # for pushing files to swift
$::jenkins::params::python_zmq_package, # zeromq unittests (not pip installable)
$::jenkins::params::rubygems_package,
$::jenkins::params::sbcl_package, # cl-openstack-client testing
$::jenkins::params::sqlite_package,
$::jenkins::params::unzip_package,
$::jenkins::params::zip_package,
$::jenkins::params::xslt_package, # for building openstack docs
$::jenkins::params::xvfb_package, # for selenium tests
$::jenkins::params::php5_cli_package, # for community portal build
]
if ($bare == false) {
$packages = [$common_packages, $standard_packages]
} else {
$packages = $common_packages
}
file { '/etc/apt/sources.list.d/cloudarchive.list': file { '/etc/apt/sources.list.d/cloudarchive.list':
ensure => absent, ensure => absent,
} }
@ -169,29 +113,6 @@ class jenkins::slave(
} }
} }
if ($bare == false) {
# pin to a release of rake which works with ruby 1.8.x
# before PSH tries to pull in a newer one which isn't
package { 'rake':
ensure => '10.1.1',
provider => gem,
before => Package['puppetlabs_spec_helper'],
require => Package['rubygems'],
}
$gem_packages = [
'bundler',
'puppet-lint',
'puppetlabs_spec_helper',
]
package { $gem_packages:
ensure => latest,
provider => gem,
require => Package['rubygems'],
}
}
if $python3 { if $python3 {
if ($::lsbdistcodename == 'precise') { if ($::lsbdistcodename == 'precise') {
apt::ppa { 'ppa:zulcss/py3k': apt::ppa { 'ppa:zulcss/py3k':
@ -252,145 +173,6 @@ class jenkins::slave(
require => Package['ccache'], require => Package['ccache'],
} }
if ($bare == false) {
if ($::operatingsystem == 'Fedora') and ($::operatingsystemrelease >= 19) {
class {'mysql::server':
config_hash => {
'root_password' => 'insecure_slave',
'default_engine' => 'MyISAM',
'bind_address' => '127.0.0.1',
},
package_name => 'community-mysql-server',
}
} else {
class {'mysql::server':
config_hash => {
'root_password' => 'insecure_slave',
'default_engine' => 'MyISAM',
'bind_address' => '127.0.0.1',
}
}
}
include mysql::server::account_security
mysql::db { 'openstack_citest':
user => 'openstack_citest',
password => 'openstack_citest',
host => 'localhost',
grant => ['all'],
require => [
Class['mysql::server'],
Class['mysql::server::account_security'],
],
}
# mysql::db is too dumb to realize that the same user can have
# access to multiple databases and will fail if you try creating
# a second DB with the same user. Create the DB directly as mysql::db
# above is creating the user for us.
database { 'openstack_baremetal_citest':
ensure => present,
charset => 'utf8',
provider => 'mysql',
require => [
Class['mysql::server'],
Class['mysql::server::account_security'],
],
}
database_grant { 'openstack_citest@localhost/openstack_baremetal_citest':
privileges => ['all'],
provider => 'mysql',
require => Database_user['openstack_citest@localhost'],
}
if ($all_mysql_privs == true) {
database_grant { 'openstack_citest@localhost':
privileges => ['all'],
provider => 'mysql',
require => Database_user['openstack_citest@localhost'],
}
}
# The puppetlabs postgres module does not manage the postgres user
# and group for us. Create them here to ensure concat can create
# dirs and files owned by this user and group.
user { 'postgres':
ensure => present,
gid => 'postgres',
system => true,
require => Group['postgres'],
}
group { 'postgres':
ensure => present,
system => true,
}
class { 'postgresql::server':
postgres_password => 'insecure_slave',
manage_firewall => false,
# The puppetlabs postgres module incorrectly quotes ip addresses
# in the postgres server config. Use localhost instead.
listen_addresses => ['localhost'],
require => [
User['postgres'],
Class['postgresql::params'],
],
}
class { 'postgresql::lib::devel':
require => Class['postgresql::params'],
}
# Create DB user and explicitly make it non superuser
# that can create databases.
postgresql::server::role { 'openstack_citest':
password_hash => postgresql_password('openstack_citest', 'openstack_citest'),
createdb => true,
superuser => false,
require => Class['postgresql::server'],
}
postgresql::server::db { 'openstack_citest':
user => 'openstack_citest',
password => postgresql_password('openstack_citest', 'openstack_citest'),
grant => 'all',
require => [
Class['postgresql::server'],
Postgresql::Server::Role['openstack_citest'],
],
}
# Alter the new database giving the test DB user ownership of the DB.
# This is necessary to make the nova unittests run properly.
postgresql_psql { 'ALTER DATABASE openstack_citest OWNER TO openstack_citest':
db => 'postgres',
refreshonly => true,
subscribe => Postgresql::Server::Db['openstack_citest'],
}
postgresql::server::db { 'openstack_baremetal_citest':
user => 'openstack_citest',
password => postgresql_password('openstack_citest', 'openstack_citest'),
grant => 'all',
require => [
Class['postgresql::server'],
Postgresql::Server::Role['openstack_citest'],
],
}
# Alter the new database giving the test DB user ownership of the DB.
# This is necessary to make the nova unittests run properly.
postgresql_psql { 'ALTER DATABASE openstack_baremetal_citest OWNER TO
openstack_citest':
db => 'postgres',
refreshonly => true,
subscribe => Postgresql::Server::Db['openstack_baremetal_citest'],
}
}
file { '/usr/local/jenkins': file { '/usr/local/jenkins':
ensure => directory, ensure => directory,
owner => 'root', owner => 'root',
@ -398,18 +180,6 @@ class jenkins::slave(
mode => '0755', mode => '0755',
} }
file { '/usr/local/jenkins/slave_scripts':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
recurse => true,
purge => true,
force => true,
require => File['/usr/local/jenkins'],
source => 'puppet:///modules/jenkins/slave_scripts',
}
if ($sudo == true) { if ($sudo == true) {
file { '/etc/sudoers.d/jenkins-sudo': file { '/etc/sudoers.d/jenkins-sudo':
ensure => present, ensure => present,
@ -427,43 +197,4 @@ class jenkins::slave(
group => 'root', group => 'root',
mode => '0440', mode => '0440',
} }
vcsrepo { '/opt/requirements':
ensure => latest,
provider => git,
revision => 'master',
source => 'https://git.openstack.org/openstack/requirements',
}
# Temporary for debugging glance launch problem
# https://lists.launchpad.net/openstack/msg13381.html
# NOTE(dprince): ubuntu only as RHEL6 doesn't have sysctl.d yet
if ($::osfamily == 'Debian') {
file { '/etc/sysctl.d/10-ptrace.conf':
ensure => present,
source => 'puppet:///modules/jenkins/10-ptrace.conf',
owner => 'root',
group => 'root',
mode => '0444',
}
exec { 'ptrace sysctl':
subscribe => File['/etc/sysctl.d/10-ptrace.conf'],
refreshonly => true,
command => '/sbin/sysctl -p /etc/sysctl.d/10-ptrace.conf',
}
if $include_pypy {
apt::ppa { 'ppa:pypy/ppa': }
package { 'pypy':
ensure => present,
require => Apt::Ppa['ppa:pypy/ppa']
}
package { 'pypy-dev':
ensure => present,
require => Apt::Ppa['ppa:pypy/ppa']
}
}
}
} }

View File

@ -18,7 +18,7 @@
HOSTNAME=$1 HOSTNAME=$1
SUDO=$2 SUDO=$2
BARE=$3 THIN=$3
PYTHON3=${4:-false} PYTHON3=${4:-false}
PYPY=${5:-false} PYPY=${5:-false}
ALL_MYSQL_PRIVS=${6:-false} ALL_MYSQL_PRIVS=${6:-false}
@ -42,10 +42,10 @@ sudo git clone --depth=1 git://git.openstack.org/openstack-infra/config.git \
sudo /bin/bash /root/config/install_modules.sh sudo /bin/bash /root/config/install_modules.sh
if [ -z "$NODEPOOL_SSH_KEY" ] ; then if [ -z "$NODEPOOL_SSH_KEY" ] ; then
sudo puppet apply --modulepath=/root/config/modules:/etc/puppet/modules \ sudo puppet apply --modulepath=/root/config/modules:/etc/puppet/modules \
-e "class {'openstack_project::single_use_slave': sudo => $SUDO, bare => $BARE, python3 => $PYTHON3, include_pypy => $PYPY, all_mysql_privs => $ALL_MYSQL_PRIVS, }" -e "class {'openstack_project::single_use_slave': sudo => $SUDO, thin => $THIN, python3 => $PYTHON3, include_pypy => $PYPY, all_mysql_privs => $ALL_MYSQL_PRIVS, }"
else else
sudo puppet apply --modulepath=/root/config/modules:/etc/puppet/modules \ sudo puppet apply --modulepath=/root/config/modules:/etc/puppet/modules \
-e "class {'openstack_project::single_use_slave': install_users => false, sudo => $SUDO, bare => $BARE, python3 => $PYTHON3, include_pypy => $PYPY, all_mysql_privs => $ALL_MYSQL_PRIVS, ssh_key => '$NODEPOOL_SSH_KEY', }" -e "class {'openstack_project::single_use_slave': install_users => false, sudo => $SUDO, thin => $THIN, python3 => $PYTHON3, include_pypy => $PYPY, all_mysql_privs => $ALL_MYSQL_PRIVS, ssh_key => '$NODEPOOL_SSH_KEY', }"
fi fi
# The puppet modules should install unbound. Take the nameservers # The puppet modules should install unbound. Take the nameservers

View File

@ -18,11 +18,11 @@
HOSTNAME=$1 HOSTNAME=$1
SUDO='true' SUDO='true'
BARE='false' THIN='false'
PYTHON3='false' PYTHON3='false'
PYPY='false' PYPY='false'
ALL_MYSQL_PRIVS='true' ALL_MYSQL_PRIVS='true'
./prepare_node.sh "$HOSTNAME" "$SUDO" "$BARE" "$PYTHON3" "$PYPY" "$ALL_MYSQL_PRIVS" ./prepare_node.sh "$HOSTNAME" "$SUDO" "$THIN" "$PYTHON3" "$PYPY" "$ALL_MYSQL_PRIVS"
./restrict_memory.sh ./restrict_memory.sh

View File

@ -18,9 +18,9 @@
HOSTNAME=$1 HOSTNAME=$1
SUDO='true' SUDO='true'
BARE='true' THIN='true'
./prepare_node.sh "$HOSTNAME" "$SUDO" "$BARE" ./prepare_node.sh "$HOSTNAME" "$SUDO" "$THIN"
sudo -u jenkins -i /opt/nodepool-scripts/prepare_devstack.sh $HOSTNAME sudo -u jenkins -i /opt/nodepool-scripts/prepare_devstack.sh $HOSTNAME
./restrict_memory.sh ./restrict_memory.sh

View File

@ -18,9 +18,9 @@
HOSTNAME=$1 HOSTNAME=$1
SUDO='true' SUDO='true'
BARE='true' THIN='true'
./prepare_node.sh "$HOSTNAME" "$SUDO" "$BARE" ./prepare_node.sh "$HOSTNAME" "$SUDO" "$THIN"
sudo -u jenkins -i /opt/nodepool-scripts/prepare_devstack_new_kernel.sh $HOSTNAME sudo -u jenkins -i /opt/nodepool-scripts/prepare_devstack_new_kernel.sh $HOSTNAME
./restrict_memory.sh ./restrict_memory.sh

View File

@ -18,11 +18,11 @@
HOSTNAME=$1 HOSTNAME=$1
SUDO='false' SUDO='false'
BARE='false' THIN='false'
PYTHON3='true' PYTHON3='true'
PYPY='true' PYPY='true'
ALL_MYSQL_PRIVS='true' ALL_MYSQL_PRIVS='true'
./prepare_node.sh "$HOSTNAME" "$SUDO" "$BARE" "$PYTHON3" "$PYPY" "$ALL_MYSQL_PRIVS" ./prepare_node.sh "$HOSTNAME" "$SUDO" "$THIN" "$PYTHON3" "$PYPY" "$ALL_MYSQL_PRIVS"
./fix_pip.sh ./fix_pip.sh
./restrict_memory.sh ./restrict_memory.sh

View File

@ -18,11 +18,11 @@
HOSTNAME=$1 HOSTNAME=$1
SUDO='true' SUDO='true'
BARE='true' THIN='true'
# Workaround bug 1270646 during node bootstrapping. # Workaround bug 1270646 during node bootstrapping.
sudo ip link set mtu 1458 dev eth0 sudo ip link set mtu 1458 dev eth0
./prepare_node.sh "$HOSTNAME" "$SUDO" "$BARE" ./prepare_node.sh "$HOSTNAME" "$SUDO" "$THIN"
sudo -u jenkins -i /opt/nodepool-scripts/prepare_tripleo.sh $HOSTNAME sudo -u jenkins -i /opt/nodepool-scripts/prepare_tripleo.sh $HOSTNAME
sync sync

View File

@ -0,0 +1,159 @@
# Class: openstack_project::jenkins_params
#
# This class holds parameters that need to be
# accessed by other classes.
class openstack_project::jenkins_params {
case $::osfamily {
'RedHat': {
#yum groupinstall "Development Tools"
# packages needed by slaves
$ant_package = 'ant'
$awk_package = 'gawk'
$asciidoc_package = 'asciidoc'
$curl_package = 'curl'
$docbook_xml_package = 'docbook-style-xsl'
$docbook5_xml_package = 'docbook5-schemas'
$docbook5_xsl_package = 'docbook5-style-xsl'
$firefox_package = 'firefox'
$graphviz_package = 'graphviz'
$mod_wsgi_package = 'mod_wsgi'
$libcurl_dev_package = 'libcurl-devel'
$ldap_dev_package = 'openldap-devel'
$librrd_dev_package = 'rrdtool-devel'
# packages needed by document translation
$gnome_doc_package = 'gnome-doc-utils'
$libtidy_package = 'libtidy'
$gettext_package = 'gettext'
$language_fonts_packages = []
# for keystone ldap auth integration
$libsasl_dev = 'cyrus-sasl-devel'
$nspr_dev_package = 'nspr-devel'
$sqlite_dev_package = 'sqlite-devel'
$libvirt_dev_package = 'libvirt-devel'
$libxml2_package = 'libxml2'
$libxml2_dev_package = 'libxml2-devel'
$libxslt_dev_package = 'libxslt-devel'
$libffi_dev_package = 'libffi-devel'
# FIXME: No Maven packages on RHEL
#$maven_package = 'maven'
# For tooz unit tests
$memcached_package = 'memcached'
# For Ceilometer unit tests
$mongodb_package = 'mongodb-server'
$pandoc_package = 'pandoc'
$pkgconfig_package = 'pkgconfig'
$python_libvirt_package = 'libvirt-python'
$python_lxml_package = 'python-lxml'
$python_magic_package = 'python-magic'
$python_requests_package = 'python-requests'
$python_zmq_package = 'python-zmq'
$rubygems_package = 'rubygems'
# Common Lisp interpreter, used for cl-openstack-client
$sbcl_package = 'sbcl'
$sqlite_package = 'sqlite'
$unzip_package = 'unzip'
$zip_package = 'zip'
$xslt_package = 'libxslt'
$xvfb_package = 'xorg-x11-server-Xvfb'
# PHP package, used for community portal
$php5_cli_package = 'php-cli'
# FIXME: No zookeeper packages on RHEL
#$zookeeper_package = 'zookeeper-server'
$cgroups_package = 'libcgroup'
if ($::operatingsystem == 'Fedora') and ($::operatingsystemrelease >= 19) {
# From Fedora 19 and onwards there's no longer
# support to mysql-devel.
# Only community-mysql-devel. If you try to
# install mysql-devel you get a conflict with
# mariadb packages.
$mysql_dev_package = 'community-mysql-devel'
$cgroups_tools_package = 'libcgroup-tools'
$cgconfig_require = [
Package['cgroups'],
Package['cgroups-tools'],
]
$cgred_require = [
Package['cgroups'],
Package['cgroups-tools'],
]
} else {
$mysql_dev_package = 'mysql-devel'
$cgroups_tools_package = ''
$cgconfig_require = Package['cgroups']
$cgred_require = Package['cgroups']
}
}
'Debian': {
# packages needed by slaves
$ant_package = 'ant'
$awk_package = 'gawk'
$asciidoc_package = 'asciidoc'
$curl_package = 'curl'
$docbook_xml_package = 'docbook-xml'
$docbook5_xml_package = 'docbook5-xml'
$docbook5_xsl_package = 'docbook-xsl'
$firefox_package = 'firefox'
$graphviz_package = 'graphviz'
$mod_wsgi_package = 'libapache2-mod-wsgi'
$libcurl_dev_package = 'libcurl4-gnutls-dev'
$ldap_dev_package = 'libldap2-dev'
$librrd_dev_package = 'librrd-dev'
# packages needed by document translation
$gnome_doc_package = 'gnome-doc-utils'
$libtidy_package = 'libtidy-0.99-0'
$gettext_package = 'gettext'
$language_fonts_packages = ['fonts-takao', 'fonts-nanum']
# for keystone ldap auth integration
$libsasl_dev = 'libsasl2-dev'
$mysql_dev_package = 'libmysqlclient-dev'
$nspr_dev_package = 'libnspr4-dev'
$sqlite_dev_package = 'libsqlite3-dev'
$libvirt_dev_package = 'libvirt-dev'
$libxml2_package = 'libxml2-utils'
$libxml2_dev_package = 'libxml2-dev'
$libxslt_dev_package = 'libxslt1-dev'
$libffi_dev_package = 'libffi-dev'
$maven_package = 'maven2'
# For tooz unit tests
$memcached_package = 'memcached'
# For Ceilometer unit tests
$mongodb_package = 'mongodb'
$pandoc_package = 'pandoc'
$pkgconfig_package = 'pkg-config'
$python_libvirt_package = 'python-libvirt'
$python_lxml_package = 'python-lxml'
$python_magic_package = 'python-magic'
$python_requests_package = 'python-requests'
$python_zmq_package = 'python-zmq'
$rubygems_package = 'rubygems'
$ruby1_9_1_package = 'ruby1.9.1'
$ruby1_9_1_dev_package = 'ruby1.9.1-dev'
$ruby_bundler_package = 'ruby-bundler'
# Common Lisp interpreter, used for cl-openstack-client
$sbcl_package = 'sbcl'
$sqlite_package = 'sqlite3'
$unzip_package = 'unzip'
$zip_package = 'zip'
$xslt_package = 'xsltproc'
$xvfb_package = 'xvfb'
# PHP package, used for community portal
$php5_cli_package = 'php5-cli'
$php5_mcrypt_package = 'php5-mcrypt'
# For [tooz, taskflow, nova] using zookeeper in unit tests
$zookeeper_package = 'zookeeperd'
$cgroups_package = 'cgroup-bin'
$cgroups_tools_package = ''
$cgconfig_require = [
Package['cgroups'],
File['/etc/init/cgconfig.conf'],
]
$cgred_require = [
Package['cgroups'],
File['/etc/init/cgred.conf'],
]
}
default: {
fail("Unsupported osfamily: ${::osfamily} The 'jenkins' module only supports osfamily Debian or RedHat (slaves only).")
}
}
}

View File

@ -2,7 +2,7 @@
# similar to an OpenStack Jenkins slave but does not need to # similar to an OpenStack Jenkins slave but does not need to
# have services managed like firewall, ntp, automatic upgrades, # have services managed like firewall, ntp, automatic upgrades,
# and so on. # and so on.
class openstack_project::bare_slave( class openstack_project::simple_slave(
$certname = $::fqdn, $certname = $::fqdn,
$install_users = true $install_users = true
) { ) {

View File

@ -10,7 +10,7 @@ class openstack_project::single_use_slave (
$certname = $::fqdn, $certname = $::fqdn,
$install_users = true, $install_users = true,
$sudo = false, $sudo = false,
$bare = true, $thin = true,
$python3 = false, $python3 = false,
$include_pypy = false, $include_pypy = false,
$automatic_upgrades = false, $automatic_upgrades = false,
@ -37,9 +37,17 @@ class openstack_project::single_use_slave (
class { 'jenkins::slave': class { 'jenkins::slave':
ssh_key => $ssh_key, ssh_key => $ssh_key,
sudo => $sudo, sudo => $sudo,
bare => $bare,
python3 => $python3, python3 => $python3,
}
class { 'openstack_project::slave_common':
include_pypy => $include_pypy, include_pypy => $include_pypy,
}
if (! $thin) {
class { 'openstack_project::thick_slave':
all_mysql_privs => $all_mysql_privs, all_mysql_privs => $all_mysql_privs,
} }
}
} }

View File

@ -1,32 +1,36 @@
# == Class: openstack_project::slave # == Class: openstack_project::slave
# #
class openstack_project::slave ( class openstack_project::slave (
$bare = false, $thin = false,
$certname = $::fqdn, $certname = $::fqdn,
$ssh_key = '', $ssh_key = '',
$sysadmins = [], $sysadmins = [],
$python3 = false, $python3 = false,
$include_pypy = false $include_pypy = false
) { ) {
include openstack_project include openstack_project
include openstack_project::tmpcleanup include openstack_project::tmpcleanup
class { 'openstack_project::automatic_upgrades': class { 'openstack_project::automatic_upgrades':
origins => ['LP-PPA-saltstack-salt precise'], origins => ['LP-PPA-saltstack-salt precise'],
} }
class { 'openstack_project::server': class { 'openstack_project::server':
iptables_public_tcp_ports => [], iptables_public_tcp_ports => [],
certname => $certname, certname => $certname,
sysadmins => $sysadmins, sysadmins => $sysadmins,
} }
class { 'jenkins::slave': class { 'jenkins::slave':
bare => $bare,
ssh_key => $ssh_key, ssh_key => $ssh_key,
python3 => $python3, python3 => $python3,
include_pypy => $include_pypy,
} }
class { 'salt': class { 'salt':
salt_master => 'ci-puppetmaster.openstack.org', salt_master => 'ci-puppetmaster.openstack.org',
} }
include jenkins::cgroups include jenkins::cgroups
include ulimit include ulimit
ulimit::conf { 'limit_jenkins_procs': ulimit::conf { 'limit_jenkins_procs':
@ -35,4 +39,13 @@ class openstack_project::slave (
limit_item => 'nproc', limit_item => 'nproc',
limit_value => '256' limit_value => '256'
} }
class { 'openstack_project::slave_common':
include_pypy => $include_pypy,
}
if (! $thin) {
include openstack_project::thick_slave
}
} }

View File

@ -0,0 +1,58 @@
# == Class: openstack_project::slave_common
#
# Common configuration between openstack_project::slave and
# openstack_project::single_use_slave
class openstack_project::slave_common(
$include_pypy = false,
){
vcsrepo { '/opt/requirements':
ensure => latest,
provider => git,
revision => 'master',
source => 'https://git.openstack.org/openstack/requirements',
}
file { '/usr/local/jenkins/slave_scripts':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
recurse => true,
purge => true,
force => true,
require => File['/usr/local/jenkins'],
source => 'puppet:///modules/openstack_project/slave_scripts',
}
# Temporary for debugging glance launch problem
# https://lists.launchpad.net/openstack/msg13381.html
# NOTE(dprince): ubuntu only as RHEL6 doesn't have sysctl.d yet
if ($::osfamily == 'Debian') {
file { '/etc/sysctl.d/10-ptrace.conf':
ensure => present,
source => 'puppet:///modules/jenkins/10-ptrace.conf',
owner => 'root',
group => 'root',
mode => '0444',
}
exec { 'ptrace sysctl':
subscribe => File['/etc/sysctl.d/10-ptrace.conf'],
refreshonly => true,
command => '/sbin/sysctl -p /etc/sysctl.d/10-ptrace.conf',
}
if $include_pypy {
apt::ppa { 'ppa:pypy/ppa': }
package { 'pypy':
ensure => present,
require => Apt::Ppa['ppa:pypy/ppa']
}
package { 'pypy-dev':
ensure => present,
require => Apt::Ppa['ppa:pypy/ppa']
}
}
}
}

View File

@ -0,0 +1,217 @@
# Extra configuration (like mysql) that we will want on many but not all
# slaves.
class openstack_project::thick_slave(
$all_mysql_privs = false,
){
include openstack_project::jenkins_params
# Packages that most jenkins slaves (eg, unit test runners) need
$packages = [
$::openstack_project::jenkins_params::ant_package, # for building buck
$::openstack_project::jenkins_params::awk_package, # for building extract_docs.awk to work correctly
$::openstack_project::jenkins_params::asciidoc_package, # for building gerrit/building openstack docs
$::openstack_project::jenkins_params::curl_package,
$::openstack_project::jenkins_params::docbook_xml_package, # for building openstack docs
$::openstack_project::jenkins_params::docbook5_xml_package, # for building openstack docs
$::openstack_project::jenkins_params::docbook5_xsl_package, # for building openstack docs
$::openstack_project::jenkins_params::gettext_package, # for msgfmt, used in translating manuals
$::openstack_project::jenkins_params::gnome_doc_package, # for generating translation files for docs
$::openstack_project::jenkins_params::graphviz_package, # for generating graphs in docs
$::openstack_project::jenkins_params::firefox_package, # for selenium tests
$::openstack_project::jenkins_params::mod_wsgi_package,
$::openstack_project::jenkins_params::language_fonts_packages,
$::openstack_project::jenkins_params::libcurl_dev_package,
$::openstack_project::jenkins_params::ldap_dev_package,
$::openstack_project::jenkins_params::librrd_dev_package, # for python-rrdtool, used by kwapi
$::openstack_project::jenkins_params::libtidy_package, # for python-tidy, used by sphinxcontrib-docbookrestapi
$::openstack_project::jenkins_params::libsasl_dev, # for keystone ldap auth integration
$::openstack_project::jenkins_params::memcached_package, # for tooz unit tests
$::openstack_project::jenkins_params::mongodb_package, # for ceilometer unit tests
$::openstack_project::jenkins_params::mysql_dev_package,
$::openstack_project::jenkins_params::nspr_dev_package, # for spidermonkey, used by ceilometer
$::openstack_project::jenkins_params::sqlite_dev_package,
$::openstack_project::jenkins_params::libvirt_dev_package,
$::openstack_project::jenkins_params::libxml2_package,
$::openstack_project::jenkins_params::libxml2_dev_package, # for xmllint, need for wadl
$::openstack_project::jenkins_params::libxslt_dev_package,
$::openstack_project::jenkins_params::libffi_dev_package, # xattr's cffi dependency
$::openstack_project::jenkins_params::pandoc_package, #for docs, markdown->docbook, bug 924507
$::openstack_project::jenkins_params::pkgconfig_package, # for spidermonkey, used by ceilometer
$::openstack_project::jenkins_params::python_libvirt_package,
$::openstack_project::jenkins_params::python_lxml_package, # for validating openstack manuals
$::openstack_project::jenkins_params::python_magic_package, # for pushing files to swift
$::openstack_project::jenkins_params::python_requests_package, # for pushing files to swift
$::openstack_project::jenkins_params::python_zmq_package, # zeromq unittests (not pip installable)
$::openstack_project::jenkins_params::rubygems_package,
$::openstack_project::jenkins_params::sbcl_package, # cl-openstack-client testing
$::openstack_project::jenkins_params::sqlite_package,
$::openstack_project::jenkins_params::unzip_package,
$::openstack_project::jenkins_params::zip_package,
$::openstack_project::jenkins_params::xslt_package, # for building openstack docs
$::openstack_project::jenkins_params::xvfb_package, # for selenium tests
$::openstack_project::jenkins_params::php5_cli_package, # for community portal build
]
package { $packages:
ensure => present,
}
package { 'rake':
ensure => '10.1.1',
provider => gem,
before => Package['puppetlabs_spec_helper'],
require => Package['rubygems'],
}
$gem_packages = [
'bundler',
'puppet-lint',
'puppetlabs_spec_helper',
]
package { $gem_packages:
ensure => latest,
provider => gem,
require => Package['rubygems'],
}
if ($::operatingsystem == 'Fedora') and ($::operatingsystemrelease >= 19) {
class {'mysql::server':
config_hash => {
'root_password' => 'insecure_slave',
'default_engine' => 'MyISAM',
'bind_address' => '127.0.0.1',
},
package_name => 'community-mysql-server',
}
} else {
class {'mysql::server':
config_hash => {
'root_password' => 'insecure_slave',
'default_engine' => 'MyISAM',
'bind_address' => '127.0.0.1',
}
}
}
include mysql::server::account_security
mysql::db { 'openstack_citest':
user => 'openstack_citest',
password => 'openstack_citest',
host => 'localhost',
grant => ['all'],
require => [
Class['mysql::server'],
Class['mysql::server::account_security'],
],
}
# mysql::db is too dumb to realize that the same user can have
# access to multiple databases and will fail if you try creating
# a second DB with the same user. Create the DB directly as mysql::db
# above is creating the user for us.
database { 'openstack_baremetal_citest':
ensure => present,
charset => 'utf8',
provider => 'mysql',
require => [
Class['mysql::server'],
Class['mysql::server::account_security'],
],
}
database_grant { 'openstack_citest@localhost/openstack_baremetal_citest':
privileges => ['all'],
provider => 'mysql',
require => Database_user['openstack_citest@localhost'],
}
if ($all_mysql_privs == true) {
database_grant { 'openstack_citest@localhost':
privileges => ['all'],
provider => 'mysql',
require => Database_user['openstack_citest@localhost'],
}
}
# The puppetlabs postgres module does not manage the postgres user
# and group for us. Create them here to ensure concat can create
# dirs and files owned by this user and group.
user { 'postgres':
ensure => present,
gid => 'postgres',
system => true,
require => Group['postgres'],
}
group { 'postgres':
ensure => present,
system => true,
}
class { 'postgresql::server':
postgres_password => 'insecure_slave',
manage_firewall => false,
# The puppetlabs postgres module incorrectly quotes ip addresses
# in the postgres server config. Use localhost instead.
listen_addresses => ['localhost'],
require => [
User['postgres'],
Class['postgresql::params'],
],
}
class { 'postgresql::lib::devel':
require => Class['postgresql::params'],
}
# Create DB user and explicitly make it non superuser
# that can create databases.
postgresql::server::role { 'openstack_citest':
password_hash => postgresql_password('openstack_citest', 'openstack_citest'),
createdb => true,
superuser => false,
require => Class['postgresql::server'],
}
postgresql::server::db { 'openstack_citest':
user => 'openstack_citest',
password => postgresql_password('openstack_citest', 'openstack_citest'),
grant => 'all',
require => [
Class['postgresql::server'],
Postgresql::Server::Role['openstack_citest'],
],
}
# Alter the new database giving the test DB user ownership of the DB.
# This is necessary to make the nova unittests run properly.
postgresql_psql { 'ALTER DATABASE openstack_citest OWNER TO openstack_citest':
db => 'postgres',
refreshonly => true,
subscribe => Postgresql::Server::Db['openstack_citest'],
}
postgresql::server::db { 'openstack_baremetal_citest':
user => 'openstack_citest',
password => postgresql_password('openstack_citest', 'openstack_citest'),
grant => 'all',
require => [
Class['postgresql::server'],
Postgresql::Server::Role['openstack_citest'],
],
}
# Alter the new database giving the test DB user ownership of the DB.
# This is necessary to make the nova unittests run properly.
postgresql_psql { 'ALTER DATABASE openstack_baremetal_citest OWNER TO
openstack_citest':
db => 'postgres',
refreshonly => true,
subscribe => Postgresql::Server::Db['openstack_baremetal_citest'],
}
}
# vim:sw=2:ts=2:expandtab:textwidth=79