opendev/system-config
Code Issues Proposed changes
af48c6d986
system-config/manifests/site.pp
James E. Blair 9a46708515 Close pll rqs fr cinder, python-openstackclient. 
Change-Id: Icddf659ca4646a6d3eb0698855b0475e0467b62c
2012-04-28 15:44:21 -07:00

322 lines
10 KiB
Puppet
Raw Blame History

import "openstack"
class openstack_cron {
cron { "updatepuppet":
user => root,
minute => "*/15",
command => 'apt-get update >/dev/null 2>&1 ; sleep $((RANDOM\%600)) && cd /root/openstack-ci-puppet && /usr/bin/git pull -q && puppet apply -l /tmp/manifest.log --modulepath=/root/openstack-ci-puppet/modules manifests/site.pp',
environment => "PATH=/var/lib/gems/1.8/bin:/usr/bin:/bin:/usr/sbin:/sbin",
}
}
class openstack_jenkins_slave {
include openstack_cron
include tmpreaper
class { 'openstack_server':
iptables_public_tcp_ports => []
}
class { 'jenkins_slave':
ssh_key => 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtioTW2wh3mBRuj+R0Jyb/mLt5sjJ8dEvYyA8zfur1dnqEt5uQNLacW4fHBDFWJoLHfhdfbvray5wWMAcIuGEiAA2WEH23YzgIbyArCSI+z7gB3SET8zgff25ukXlN+1mBSrKWxIza+tB3NU62WbtO6hmelwvSkZ3d7SDfHxrc4zEpmHDuMhxALl8e1idqYzNA+1EhZpbcaf720mX+KD3oszmY2lqD1OkKMquRSD0USXPGlH3HK11MTeCArKRHMgTdIlVeqvYH0v0Wd1w/8mbXgHxfGzMYS1Ej0fzzJ0PC5z5rOqsMqY1X2aC1KlHIFLAeSf4Cx0JNlSpYSrlZ/RoiQ== hudson@hudson'
}
}
#
# Default: should at least behave like an openstack server
#
node default {
include openstack_cron
class { 'openstack_server':
iptables_public_tcp_ports => []
}
}
#
# Long lived servers:
#
node "gerrit.openstack.org", "review.openstack.org" {
include openstack_cron
class { 'openstack_server':
iptables_public_tcp_ports => [80, 443, 29418]
}
class { 'gerrit':
virtual_hostname => 'review.openstack.org',
canonicalweburl => "https://review.openstack.org/",
ssl_cert_file => '/etc/ssl/certs/review.openstack.org.pem',
ssl_key_file => '/etc/ssl/private/review.openstack.org.key',
ssl_chain_file => '/etc/ssl/certs/intermediate.pem',
email => "review@openstack.org",
github_projects => [ {
name => 'openstack/keystone',
close_pull => 'true'
}, {
name => 'openstack/glance',
close_pull => 'true'
}, {
name => 'openstack/swift',
close_pull => 'true'
}, {
name => 'openstack/nova',
close_pull => 'true'
}, {
name => 'openstack/horizon',
close_pull => 'true'
}, {
name => 'openstack/quantum',
close_pull => 'true'
}, {
name => 'openstack/melange',
close_pull => 'true'
}, {
name => 'openstack/tempest',
close_pull => 'true'
}, {
name => 'openstack/openstack-ci',
close_pull => 'true'
}, {
name => 'openstack/openstack-ci-puppet',
close_pull => 'true'
}, {
name => 'openstack/openstack-puppet',
close_pull => 'true'
}, {
name => 'openstack/openstack-chef',
close_pull => 'true'
}, {
name => 'openstack/openstack-manuals',
close_pull => 'true'
}, {
name => 'openstack/compute-api',
close_pull => 'true'
}, {
name => 'openstack/image-api',
close_pull => 'true'
}, {
name => 'openstack/identity-api',
close_pull => 'true'
}, {
name => 'openstack/object-api',
close_pull => 'true'
}, {
name => 'openstack/netconn-api',
close_pull => 'true'
}, {
name => 'openstack-dev/devstack',
close_pull => 'true'
}, {
name => 'openstack-dev/openstack-qa',
close_pull => 'true'
}, {
name => 'openstack/python-novaclient',
close_pull => 'true'
}, {
name => 'openstack/python-glanceclient',
close_pull => 'true'
}, {
name => 'openstack-ci/git-review',
close_pull => 'true'
}, {
name => 'openstack-ci/lodgeit',
close_pull => 'true'
}, {
name => 'openstack-ci/meetbot',
close_pull => 'true'
}, {
name => 'openstack/openstack-common',
close_pull => 'true'
}, {
name => 'openstack/cinder',
close_pull => 'true'
}, {
name => 'openstack/python-openstackclient',
close_pull => 'true'
}, {
name => 'openstack-dev/openstack-nose',
close_pull => 'true'
} ],
logo => 'openstack.png',
war => 'http://ci.openstack.org/tarballs/gerrit-2.3-7-g1f029ab.war',
}
}
node "gerrit-dev.openstack.org", "review-dev.openstack.org" {
include openstack_cron
class { 'openstack_server':
iptables_public_tcp_ports => [80, 443, 29418]
}
class { 'gerrit':
virtual_hostname => 'review-dev.openstack.org',
canonicalweburl => "https://review-dev.openstack.org/",
ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem',
ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key',
ssl_chain_file => '',
email => "review-dev@openstack.org",
github_projects => [ {
name => 'gtest-org/test',
close_pull => 'true'
} ],
logo => 'openstack.png',
war => 'http://ci.openstack.org/tarballs/gerrit-2.3-7-g1f029ab.war',
}
}
node "jenkins.openstack.org" {
include openstack_cron
class { 'openstack_server':
iptables_public_tcp_ports => [80, 443, 4155]
}
class { 'jenkins_master':
site => 'jenkins.openstack.org',
serveradmin => 'webmaster@openstack.org',
logo => 'openstack.png',
ssl_cert_file => '/etc/ssl/certs/jenkins.openstack.org.pem',
ssl_key_file => '/etc/ssl/private/jenkins.openstack.org.key',
ssl_chain_file => '/etc/ssl/certs/intermediate.pem',
}
class { "jenkins_jobs":
site => "openstack",
}
}
node "jenkins-dev.openstack.org" {
include openstack_cron
class { 'openstack_server':
iptables_public_tcp_ports => [80, 443, 4155]
}
class { 'jenkins_master':
site => 'openstack',
serveradmin => 'webmaster@openstack.org',
logo => 'openstack.png',
ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem',
ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key',
ssl_chain_file => '',
}
}
node "community.openstack.org" {
include openstack_cron
class { 'openstack_server':
iptables_public_tcp_ports => [80, 443, 8099, 8080]
}
realize (
User::Virtual::Localuser["smaffulli"],
)
}
node "lists.openstack.org" {
include openstack_cron
# Using openstack_template instead of openstack_server
# because the exim config on this machine is almost certainly
# going to be more complicated than normal.
class { 'openstack_template':
iptables_public_tcp_ports => [25, 465]
}
# class { 'exim':
# sysadmin => ['corvus@inaugust.com',
# 'mordred@inaugust.com',
# 'andrew@linuxjedi.co.uk',
# 'devananda.vdv@gmail.com',
# 'duncan@dreamhost.com']
# }
realize (
User::Virtual::Localuser["oubiwann"],
)
}
node "docs.openstack.org" {
include openstack_cron
class { 'openstack_server':
iptables_public_tcp_ports => []
}
include doc_server
}
node "paste.openstack.org" {
include openstack_cron
class { 'openstack_server':
iptables_public_tcp_ports => [80]
}
include lodgeit
lodgeit::site { "openstack":
port => "5000",
image => "header-bg2.png"
}
lodgeit::site { "drizzle":
port => "5001"
}
}
node "planet.openstack.org" {
include openstack_cron
class { 'openstack_server':
iptables_public_tcp_ports => [80]
}
include planet
planet::site { "openstack":
git_url => "https://github.com/openstack/openstack-planet.git"
}
}
node "eavesdrop.openstack.org" {
include openstack_cron
class { 'openstack_server':
iptables_public_tcp_ports => [80]
}
include meetbot
meetbot::site { "openstack":
nick => "openstack",
network => "FreeNode",
server => "chat.us.freenode.net:7000",
url => "eavesdrop.openstack.org",
channels => "#openstack #openstack-dev #openstack-meeting",
use_ssl => "True"
}
}
# A bare machine, but with a jenkins user
node /^.*\.template\.openstack\.org$/ {
class { 'openstack_template':
iptables_public_tcp_ports => []
}
# This sets up a user with jenkins ssh key and adds it to the sudo group.
# Don't do that on regular jenkins slaves, only on lowest-privilege test
# hosts, such as the devstack hosts.
realize(
User::Virtual::Localuser["jenkins"],
)
}
#
# Jenkins slaves:
#
node /^build.*\.slave\.openstack\.org$/ {
include openstack_cron
include openstack_jenkins_slave
}
node /^dev.*\.slave\.openstack\.org$/ {
include openstack_cron
include openstack_jenkins_slave
}
node /^oneiric.*\.slave\.openstack\.org$/ {
include openstack_cron
include openstack_jenkins_slave
package { "tox":
ensure => latest,
provider => pip,
require => Package[python-pip],
}
}
View Git Blame Copy Permalink