b9b510ba6a
* manifests/site.pp: Pass both jenkins.openstack.org and jenkins-dev.openstack.org to openstack_project::zuul as the list of gearman workers for use in iptables rules. * modules/openstack_project/manifests/jenkins.pp * modules/openstack_project/manifests/jenkins_dev.pp: Remove unused 4155/tcp from public allowed ports list, previously for a bzr service which is no longer running on these servers. * modules/openstack_project/manifests/zuul.pp: Add iptables rules allowing access from gearman workers to the gearmand, and also configure gearmand to listen on all addresses including IPv6, as opposed to its IPv4-only default. * install_modules.sh: Add puppetlabs-stdlib version 3.2.0 to the list of puppet dependencies. This is required to pull in the "flatten" function used in zuul.pp above. Change-Id: I05d4abc92b3050884a7e9f3c2b6cd9dcc81bfa36 Reviewed-on: https://review.openstack.org/26245 Reviewed-by: James E. Blair <corvus@inaugust.com> Reviewed-by: Jeremy Stanley <fungi@yuggoth.org> Approved: Jeremy Stanley <fungi@yuggoth.org> Tested-by: Jenkins
107 lines
2.9 KiB
Puppet
107 lines
2.9 KiB
Puppet
# == Class: openstack_project::zuul
|
|
#
|
|
class openstack_project::zuul(
|
|
$vhost_name = $::fqdn,
|
|
$jenkins_host = '',
|
|
$jenkins_url = '',
|
|
$jenkins_user = '',
|
|
$jenkins_apikey = '',
|
|
$gerrit_server = '',
|
|
$gerrit_user = '',
|
|
$zuul_ssh_private_key = '',
|
|
$url_pattern = '',
|
|
$sysadmins = [],
|
|
$statsd_host = '',
|
|
$gearman_workers = []
|
|
) {
|
|
# Turn a list of hostnames into a list of iptables rules
|
|
$iptables_rules6 = regsubst ($gearman_workers, '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 4730 -s \1 -j ACCEPT')
|
|
$iptables_rules4 = flatten ([$iptables_rules6,
|
|
[ "-m state --state NEW -m tcp -p tcp --dport 8001 -s ${jenkins_host} -j ACCEPT" ]])
|
|
|
|
class { 'openstack_project::server':
|
|
iptables_public_tcp_ports => [80],
|
|
iptables_rules6 => $iptables_rules6,
|
|
iptables_rules4 => $iptables_rules4,
|
|
sysadmins => $sysadmins,
|
|
}
|
|
|
|
class { '::zuul':
|
|
vhost_name => $vhost_name,
|
|
jenkins_server => $jenkins_url,
|
|
jenkins_user => $jenkins_user,
|
|
jenkins_apikey => $jenkins_apikey,
|
|
gerrit_server => $gerrit_server,
|
|
gerrit_user => $gerrit_user,
|
|
zuul_ssh_private_key => $zuul_ssh_private_key,
|
|
url_pattern => $url_pattern,
|
|
push_change_refs => false,
|
|
status_url => 'http://status.openstack.org/zuul/',
|
|
statsd_host => $statsd_host,
|
|
}
|
|
|
|
file { '/etc/zuul/layout.yaml':
|
|
ensure => present,
|
|
source => 'puppet:///modules/openstack_project/zuul/layout.yaml',
|
|
notify => Exec['zuul-reload'],
|
|
}
|
|
file { '/etc/zuul/openstack_functions.py':
|
|
ensure => present,
|
|
source => 'puppet:///modules/openstack_project/zuul/openstack_functions.py',
|
|
notify => Exec['zuul-reload'],
|
|
}
|
|
file { '/etc/zuul/logging.conf':
|
|
ensure => present,
|
|
source => 'puppet:///modules/openstack_project/zuul/logging.conf',
|
|
notify => Exec['zuul-reload'],
|
|
}
|
|
|
|
class { '::recheckwatch':
|
|
gerrit_server => $gerrit_server,
|
|
gerrit_user => $gerrit_user,
|
|
recheckwatch_ssh_private_key => $zuul_ssh_private_key,
|
|
}
|
|
|
|
file { '/var/lib/recheckwatch/scoreboard.html':
|
|
ensure => present,
|
|
source => 'puppet:///modules/openstack_project/zuul/scoreboard.html',
|
|
require => File['/var/lib/recheckwatch'],
|
|
}
|
|
|
|
file { '/var/lib/zuul/www':
|
|
ensure => absent,
|
|
}
|
|
|
|
file { '/var/lib/zuul/www/index.html':
|
|
ensure => absent,
|
|
}
|
|
|
|
package { 'libjs-jquery':
|
|
ensure => absent,
|
|
}
|
|
|
|
file { '/var/lib/zuul/www/jquery.min.js':
|
|
ensure => absent,
|
|
}
|
|
|
|
file { '/var/lib/zuul/www/status.js':
|
|
ensure => absent,
|
|
}
|
|
|
|
file { '/opt/jquery-visibility':
|
|
ensure => absent,
|
|
}
|
|
|
|
file { '/var/lib/zuul/www/jquery-visibility.min.js':
|
|
ensure => absent,
|
|
}
|
|
|
|
file { '/opt/jquery-graphite':
|
|
ensure => absent,
|
|
}
|
|
|
|
file { '/var/lib/zuul/www/jquery-graphite.js':
|
|
ensure => absent,
|
|
}
|
|
}
|