Allow site.pp to manage ca and ca_sever in puppet.conf
This allows us to set ca = false and ca_server = <fqdn> on the new puppet 3 master. Change-Id: Iba189bdc4bfb22fd23052f2570f52133ea184126
This commit is contained in:
parent
6adda92be8
commit
b65a2d3afc
@ -160,11 +160,12 @@ node 'ci-puppetmaster.openstack.org' {
|
|||||||
|
|
||||||
node 'puppetmaster.openstack.org' {
|
node 'puppetmaster.openstack.org' {
|
||||||
class { 'openstack_project::puppetmaster':
|
class { 'openstack_project::puppetmaster':
|
||||||
root_rsa_key => hiera('puppetmaster_root_rsa_key'),
|
root_rsa_key => hiera('puppetmaster_root_rsa_key'),
|
||||||
salt => false,
|
salt => false,
|
||||||
update_slave => false,
|
update_slave => false,
|
||||||
sysadmins => hiera('sysadmins'),
|
sysadmins => hiera('sysadmins'),
|
||||||
version => '3.4.',
|
version => '3.4.',
|
||||||
|
ca_server => 'ci-puppetmaster.openstack.org',
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -5,6 +5,7 @@ class openstack_project::base(
|
|||||||
$install_users = true,
|
$install_users = true,
|
||||||
$pin_puppet = '2.7.',
|
$pin_puppet = '2.7.',
|
||||||
$pin_facter = '1.',
|
$pin_facter = '1.',
|
||||||
|
$ca_server = undef,
|
||||||
) {
|
) {
|
||||||
if ($::osfamily == 'Debian') {
|
if ($::osfamily == 'Debian') {
|
||||||
include apt
|
include apt
|
||||||
|
@ -7,6 +7,7 @@ class openstack_project::puppetmaster (
|
|||||||
$update_slave = true,
|
$update_slave = true,
|
||||||
$sysadmins = [],
|
$sysadmins = [],
|
||||||
$version = '2.7.',
|
$version = '2.7.',
|
||||||
|
$ca_server = undef,
|
||||||
) {
|
) {
|
||||||
include logrotate
|
include logrotate
|
||||||
include openstack_project::params
|
include openstack_project::params
|
||||||
@ -15,6 +16,7 @@ class openstack_project::puppetmaster (
|
|||||||
iptables_public_tcp_ports => [4505, 4506, 8140],
|
iptables_public_tcp_ports => [4505, 4506, 8140],
|
||||||
sysadmins => $sysadmins,
|
sysadmins => $sysadmins,
|
||||||
pin_puppet => $version,
|
pin_puppet => $version,
|
||||||
|
ca_server => $ca_server,
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($salt) {
|
if ($salt) {
|
||||||
|
@ -9,6 +9,7 @@ class openstack_project::server (
|
|||||||
$sysadmins = [],
|
$sysadmins = [],
|
||||||
$certname = $::fqdn,
|
$certname = $::fqdn,
|
||||||
$pin_puppet = '2.7.',
|
$pin_puppet = '2.7.',
|
||||||
|
$ca_server = undef,
|
||||||
) {
|
) {
|
||||||
class { 'openstack_project::template':
|
class { 'openstack_project::template':
|
||||||
iptables_public_tcp_ports => $iptables_public_tcp_ports,
|
iptables_public_tcp_ports => $iptables_public_tcp_ports,
|
||||||
@ -17,6 +18,7 @@ class openstack_project::server (
|
|||||||
iptables_rules6 => $iptables_rules6,
|
iptables_rules6 => $iptables_rules6,
|
||||||
certname => $certname,
|
certname => $certname,
|
||||||
pin_puppet => $pin_puppet,
|
pin_puppet => $pin_puppet,
|
||||||
|
ca_server => $ca_server,
|
||||||
}
|
}
|
||||||
class { 'exim':
|
class { 'exim':
|
||||||
sysadmin => $sysadmins,
|
sysadmin => $sysadmins,
|
||||||
|
@ -8,10 +8,11 @@ class openstack_project::template (
|
|||||||
$iptables_rules4 = [],
|
$iptables_rules4 = [],
|
||||||
$iptables_rules6 = [],
|
$iptables_rules6 = [],
|
||||||
$pin_puppet = '2.7.',
|
$pin_puppet = '2.7.',
|
||||||
$install_users = true,
|
$install_users = true,
|
||||||
$install_resolv_conf = true,
|
$install_resolv_conf = true,
|
||||||
$automatic_upgrades = true,
|
$automatic_upgrades = true,
|
||||||
$certname = $::fqdn
|
$certname = $::fqdn,
|
||||||
|
$ca_server = undef,
|
||||||
) {
|
) {
|
||||||
include ssh
|
include ssh
|
||||||
include snmpd
|
include snmpd
|
||||||
@ -32,6 +33,7 @@ class openstack_project::template (
|
|||||||
install_users => $install_users,
|
install_users => $install_users,
|
||||||
certname => $certname,
|
certname => $certname,
|
||||||
pin_puppet => $pin_puppet,
|
pin_puppet => $pin_puppet,
|
||||||
|
ca_server => $ca_server,
|
||||||
}
|
}
|
||||||
|
|
||||||
package { 'lvm2':
|
package { 'lvm2':
|
||||||
|
@ -18,6 +18,10 @@ manifestdir=/opt/config/$environment/manifests
|
|||||||
modulepath=/opt/config/$environment/modules:/etc/puppet/modules
|
modulepath=/opt/config/$environment/modules:/etc/puppet/modules
|
||||||
manifest=$manifestdir/site.pp
|
manifest=$manifestdir/site.pp
|
||||||
reports=store,puppetdb
|
reports=store,puppetdb
|
||||||
|
<% if @ca_server -%>
|
||||||
|
ca = false
|
||||||
|
ca_server = <%= @ca_server %>
|
||||||
|
<% end -%>
|
||||||
|
|
||||||
[agent]
|
[agent]
|
||||||
report=true
|
report=true
|
||||||
|
Loading…
Reference in New Issue
Block a user