53b0e624e0
Now that we are running puppet in masterless mode, we don't need to tell nodes where the puppetmaster is, or what their certname is, nor do we need to keep running the puppetmaster in Apache. This patch cleans those things up. Change-Id: I663af0d9948f2ce3a47cc22ada47c3bbbbf316fa
123 lines
3.1 KiB
Puppet
123 lines
3.1 KiB
Puppet
# == Class: openstack_project::slave
|
|
#
|
|
class openstack_project::slave (
|
|
$thin = false,
|
|
$ssh_key = '',
|
|
$sysadmins = [],
|
|
$jenkins_gitfullname = 'OpenStack Jenkins',
|
|
$jenkins_gitemail = 'jenkins@openstack.org',
|
|
$jenkins_gitpgpkey = 'jenkins@openstack.org',
|
|
$jenkins_gerrituser = 'jenkins',
|
|
$jenkins_gerritkey = undef,
|
|
$project_config_repo = 'https://git.openstack.org/openstack-infra/project-config',
|
|
$afs = false,
|
|
) {
|
|
|
|
include openstack_project
|
|
include openstack_project::tmpcleanup
|
|
|
|
class { 'openstack_project::server':
|
|
iptables_public_tcp_ports => [19885],
|
|
iptables_public_udp_ports => [],
|
|
sysadmins => $sysadmins,
|
|
afs => $afs
|
|
}
|
|
|
|
class { 'jenkins::slave':
|
|
ssh_key => $ssh_key,
|
|
gitfullname => $jenkins_gitfullname,
|
|
gitemail => $jenkins_gitemail,
|
|
gitpgpkey => $jenkins_gitpgpkey,
|
|
gerrituser => $jenkins_gerrituser,
|
|
gerritkey => $jenkins_gerritkey,
|
|
}
|
|
|
|
file { '/etc/sudoers.d/jenkins-sudo-grep':
|
|
ensure => present,
|
|
source => 'puppet:///modules/openstack_project/jenkins-sudo-grep.sudo',
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0440',
|
|
}
|
|
|
|
include jenkins::cgroups
|
|
include ulimit
|
|
ulimit::conf { 'limit_jenkins_procs':
|
|
limit_domain => 'jenkins',
|
|
limit_type => 'hard',
|
|
limit_item => 'nproc',
|
|
limit_value => '256'
|
|
}
|
|
|
|
class { 'project_config':
|
|
url => $project_config_repo,
|
|
}
|
|
|
|
file { '/usr/local/jenkins/common_data':
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
recurse => true,
|
|
purge => true,
|
|
force => true,
|
|
require => [File['/usr/local/jenkins'],
|
|
$::project_config::config_dir],
|
|
source => $::project_config::jenkins_data_dir,
|
|
}
|
|
|
|
file { '/usr/local/jenkins/slave_scripts':
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
recurse => true,
|
|
purge => true,
|
|
force => true,
|
|
require => [File['/usr/local/jenkins'],
|
|
$::project_config::config_dir],
|
|
source => $::project_config::jenkins_scripts_dir,
|
|
}
|
|
|
|
# needed by jenkins/jobs
|
|
if ! defined(Package['curl']) {
|
|
package { 'curl':
|
|
ensure => present,
|
|
}
|
|
}
|
|
|
|
file { '/home/jenkins/.pydistutils.cfg':
|
|
ensure => present,
|
|
owner => 'jenkins',
|
|
group => 'jenkins',
|
|
mode => '0644',
|
|
source => 'puppet:///modules/openstack_project/pydistutils.cfg',
|
|
require => Class['jenkins::jenkinsuser'],
|
|
}
|
|
|
|
if (! $thin) {
|
|
include openstack_project::thick_slave
|
|
}
|
|
|
|
vcsrepo { '/opt/zuul':
|
|
ensure => latest,
|
|
provider => git,
|
|
revision => 'master',
|
|
source => 'https://git.openstack.org/openstack-infra/zuul.git',
|
|
}
|
|
|
|
python::virtualenv { '/usr/zuul-env':
|
|
ensure => present,
|
|
owner => 'root',
|
|
group => 'root',
|
|
timeout => 0,
|
|
}
|
|
|
|
exec { 'zuul-env-update':
|
|
command => '/usr/zuul-env/bin/pip --log /usr/zuul-env/pip.log install /opt/zuul',
|
|
refreshonly => true,
|
|
subscribe => Vcsrepo['/opt/zuul'],
|
|
require => Python::Virtualenv['/usr/zuul-env'],
|
|
}
|
|
}
|