opendev/system-config
Code Issues Proposed changes
system-config/modules/openstack_project/manifests/puppetmaster.pp
Monty Taylor 7cee605a77 Add shade and openstack inventory to system 
We're not ready to move from puppet inventory to openstack inventory
just yet, so don't actually swap the dynamic inventory plugin. But, add
it to the system so that running manual tests of all of the pieces is
possible.

Add the currently administratively disabled hosts to the disabled group
so that we can verify this works.

Change-Id: I73931332b2917b71a008f9213365f7594f69c41e
2015-11-28 15:59:10 -05:00

209 lines
5.3 KiB
Puppet
Raw Blame History

# == Class: openstack_project::puppetmaster
#
class openstack_project::puppetmaster (
$jenkins_api_key,
$puppetmaster_clouds,
$jenkins_api_user = 'hudson-openstack',
$root_rsa_key = 'xxx',
$puppetdb = true,
$puppetdb_server = 'puppetdb.openstack.org',
) {
include logrotate
include openstack_project::params
class { '::ansible':
ansible_hostfile => '/etc/ansible/hosts',
}
file { '/etc/ansible/hostfile':
ensure => present,
owner => 'root',
group => 'root',
mode => '0644',
require => Class['ansible'],
}
cron { 'updatepuppetmaster':
user => 'root',
minute => '*/15',
command => 'flock -n /var/run/puppet/puppet_run_all.lock bash /opt/system-config/production/run_all.sh',
environment => 'PATH=/var/lib/gems/1.8/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin',
}
logrotate::file { 'updatepuppetmaster':
ensure => present,
log => '/var/log/puppet_run_all.log',
options => ['compress',
'copytruncate',
'delaycompress',
'missingok',
'rotate 7',
'daily',
'notifempty',
],
require => Cron['updatepuppetmaster'],
}
cron { 'deleteoldreports':
user => 'root',
hour => '3',
minute => '0',
command => 'sleep $((RANDOM\%600)) && find /var/lib/puppet/reports -name \'*.yaml\' -mtime +7 -execdir rm {} \;',
environment => 'PATH=/var/lib/gems/1.8/bin:/usr/bin:/bin:/usr/sbin:/sbin',
}
file { '/var/lib/puppet/reports':
ensure => directory,
owner => 'puppet',
group => 'puppet',
mode => '0750',
}
if ! defined(File['/root/.ssh']) {
file { '/root/.ssh':
ensure => directory,
mode => '0700',
}
}
file { '/root/.ssh/id_rsa':
ensure => present,
mode => '0400',
content => $root_rsa_key,
}
# Cloud credentials are stored in this directory for launch-node.py.
file { '/root/ci-launch':
ensure => directory,
owner => 'root',
group => 'admin',
mode => '0750',
}
file { '/etc/openstack':
ensure => directory,
owner => 'root',
group => 'admin',
mode => '0750',
}
file { '/etc/openstack/clouds.yaml':
ensure => present,
owner => 'root',
group => 'root',
mode => '0600',
content => template('openstack_project/puppetmaster/ansible-clouds.yaml.erb'),
}
# For puppet master apache serving.
package { 'puppetmaster-passenger':
ensure => present,
}
file { '/etc/apache2/sites-available/puppetmaster.conf':
ensure => present,
owner => 'root',
group => 'root',
mode => '0600',
content => template('openstack_project/puppetmaster/puppetmaster_vhost.conf.erb'),
require => Package['puppetmaster-passenger'],
}
# To set LANG to utf8, otherwise we get charset errors on manifests
# with non-ascii chars
file { '/etc/apache2/envvars':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
source => 'puppet:///modules/openstack_project/puppetmaster/envvars.debian',
require => Package['puppetmaster-passenger'],
}
# For launch/launch-node.py.
package { 'shade':
ensure => latest,
provider => pip,
}
package { 'python-paramiko':
ensure => present,
}
# No longer needed with latest client libs
package { 'python-lxml':
ensure => absent,
}
package { 'libxslt1-dev':
ensure => absent,
}
# Enable puppetdb
if $puppetdb {
class { 'puppetdb::master::config':
puppetdb_server => $puppetdb_server,
puppet_service_name => 'apache2',
puppetdb_soft_write_failure => true,
manage_storeconfigs => false,
}
}
# Jenkins master management
cron { 'restartjenkinsmasters':
user => 'root',
# Run through all masters onces a week.
weekday => '6',
hour => '0',
minute => '15',
environment => 'PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin',
command => "flock -n /var/run/puppet/restart_jenkins_masters.lock ansible-playbook -f 1 /opt/system-config/production/playbooks/restart_jenkins_masters.yaml --extra-vars 'user=${jenkins_api_user} password=${jenkins_api_key}' >> /var/log/restart_jenkins_masters.log 2>&1",
}
logrotate::file { 'restartjenkinsmasters':
ensure => present,
log => '/var/log/restart_jenkins_masters.log',
options => ['compress',
'copytruncate',
'delaycompress',
'missingok',
'rotate 7',
'daily',
'notifempty',
],
require => Cron['restartjenkinsmasters'],
}
vcsrepo { '/opt/ansible':
ensure => latest,
provider => git,
revision => 'stable-2.0',
source => 'https://github.com/ansible/ansible',
}
file { '/etc/ansible/hosts':
ensure => directory,
}
file { '/etc/ansible/hosts/puppet':
owner => 'root',
group => 'root',
mode => '0755',
subscribe => Class['::ansible'],
source => '/usr/local/bin/puppet.py',
replace => true,
}
file { '/etc/ansible/hosts/static':
owner => 'root',
group => 'root',
mode => '0444',
source => 'puppet:///modules/openstack_project/puppetmaster/static-inventory',
}
file { '/etc/ansible/hosts/emergency':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
}
}
View Git Blame Copy Permalink