38961a4236
At random, some hosts within Rackspace refuse to send IPv6 packets with DSCP marker 0x10 (lowdelay). This is the default behavior of recent OpenSSH servers and clients, and results in SSH sessions hanging on these hosts. When static.openstack.org was rebuilt a few months ago, we did not immediately realize it suffered from this problem as Rackspace thought they'd fixed the issue previously. We have an open trouble ticket with them for the past several months to get it addressed properly, but have no resolution yet. In the meantime, we have this lovely workaround... * modules/releasestatus/files/ssh_config: New SSH config file forces IPv4 when connecting to review.openstack.org from the releasestatus account. * modules/releasestatus/manifests/init.pp: Installs the new SSH config file. Change-Id: I2968fc00750e3a5a23c08a3007318fd2e336b251 Reviewed-on: https://review.openstack.org/30944 Reviewed-by: Clark Boylan <clark.boylan@gmail.com> Reviewed-by: Elizabeth Krumbach Joseph <lyz@princessleia.com> Reviewed-by: James E. Blair <corvus@inaugust.com> Approved: James E. Blair <corvus@inaugust.com> Tested-by: Jenkins
121 lines
3.3 KiB
Puppet
121 lines
3.3 KiB
Puppet
# Copyright 2013 Thierry Carrez
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
#
|
|
# Class: releasestatus
|
|
#
|
|
class releasestatus (
|
|
$releasestatus_prvkey_contents = '',
|
|
$releasestatus_pubkey_contents = '',
|
|
$releasestatus_gerrit_ssh_key = '',
|
|
) {
|
|
if ! defined(Package['python-launchpadlib']) {
|
|
package { 'python-launchpadlib':
|
|
ensure => present,
|
|
}
|
|
}
|
|
|
|
if ! defined(Package['python-jinja2']) {
|
|
package { 'python-jinja2':
|
|
ensure => present,
|
|
}
|
|
}
|
|
|
|
if ! defined(Package['python-yaml']) {
|
|
package { 'python-yaml':
|
|
ensure => present,
|
|
}
|
|
}
|
|
|
|
group { 'releasestatus':
|
|
ensure => present,
|
|
}
|
|
|
|
user { 'releasestatus':
|
|
ensure => present,
|
|
home => '/var/lib/releasestatus',
|
|
shell => '/bin/bash',
|
|
gid => 'releasestatus',
|
|
managehome => true,
|
|
require => Group['releasestatus'],
|
|
}
|
|
|
|
file { '/var/lib/releasestatus':
|
|
ensure => directory,
|
|
owner => 'releasestatus',
|
|
group => 'releasestatus',
|
|
mode => '0755',
|
|
require => User['releasestatus'],
|
|
}
|
|
|
|
file { '/var/lib/releasestatus/.ssh/':
|
|
ensure => directory,
|
|
owner => 'releasestatus',
|
|
group => 'releasestatus',
|
|
mode => '0700',
|
|
require => File['/var/lib/releasestatus'],
|
|
}
|
|
|
|
if $releasestatus_prvkey_contents != '' {
|
|
file { '/var/lib/releasestatus/.ssh/id_rsa':
|
|
owner => 'releasestatus',
|
|
group => 'releasestatus',
|
|
mode => '0600',
|
|
content => $releasestatus_prvkey_contents,
|
|
replace => true,
|
|
require => File['/var/lib/releasestatus/.ssh/']
|
|
}
|
|
}
|
|
|
|
if $releasestatus_pubkey_contents != '' {
|
|
file { '/var/lib/releasestatus/.ssh/id_rsa.pub':
|
|
owner => 'releasestatus',
|
|
group => 'releasestatus',
|
|
mode => '0600',
|
|
content => $releasestatus_pubkey_contents,
|
|
replace => true,
|
|
require => File['/var/lib/releasestatus/.ssh/']
|
|
}
|
|
}
|
|
|
|
if $releasestatus_gerrit_ssh_key != '' {
|
|
file { '/var/lib/releasestatus/.ssh/known_hosts':
|
|
owner => 'releasestatus',
|
|
group => 'releasestatus',
|
|
mode => '0600',
|
|
content => "review.openstack.org ${releasestatus_gerrit_ssh_key}",
|
|
replace => true,
|
|
require => File['/var/lib/releasestatus/.ssh/']
|
|
}
|
|
}
|
|
|
|
file { '/var/lib/releasestatus/.ssh/config':
|
|
owner => 'releasestatus',
|
|
group => 'releasestatus',
|
|
mode => '0600',
|
|
source => 'puppet:///modules/releasestatus/ssh_config',
|
|
replace => true,
|
|
require => File['/var/lib/releasestatus/.ssh/']
|
|
}
|
|
|
|
vcsrepo { '/var/lib/releasestatus/releasestatus':
|
|
ensure => latest,
|
|
provider => git,
|
|
source => 'https://github.com/openstack-infra/releasestatus.git',
|
|
revision => 'master',
|
|
require => File['/var/lib/releasestatus'],
|
|
}
|
|
}
|
|
|
|
# vim:sw=2:ts=2:expandtab:textwidth=79
|