opendev/system-config
Code Issues Proposed changes
system-config/modules/openstack_project/manifests/template.pp
Monty Taylor e1eb830560 Add flag for unbound's resolv.conf 
diskimage-builder does not run services that it installs, but this
is a problem when we lay down the resolv.conf file in puppet with
the service not running. So, put in a flag which defaults to true
(which is current behavior) that a dib invocation of the puppet
can turn off and then dib can plop the file down at the end of the
process.

Change-Id: I05d89ffacfdaf3563b8cb1460af12f114e1a0340
2014-05-30 22:41:07 -07:00

101 lines
2.3 KiB
Puppet
Raw Blame History

# == Class: openstack_project::template
#
# A template host with no running services
#
class openstack_project::template (
$iptables_public_tcp_ports = [],
$iptables_public_udp_ports = [],
$iptables_rules4 = [],
$iptables_rules6 = [],
$install_users = true,
$install_resolv_conf = true,
$automatic_upgrades = true,
$certname = $::fqdn
) {
include ssh
include snmpd
if $automatic_upgrades == true {
include openstack_project::automatic_upgrades
}
class { 'iptables':
public_tcp_ports => $iptables_public_tcp_ports,
public_udp_ports => $iptables_public_udp_ports,
rules4 => $iptables_rules4,
rules6 => $iptables_rules6,
}
class { 'ntp': }
class { 'openstack_project::base':
install_users => $install_users,
certname => $certname,
}
package { 'lvm2':
ensure => present,
}
package { 'strace':
ensure => present,
}
package { 'tcpdump':
ensure => present,
}
class { 'unbound':
install_resolv_conf => $install_resolv_conf
}
if $::osfamily == 'Debian' {
# Make sure dig is installed
package { 'dnsutils':
ensure => present,
}
# Custom rsyslog config to disable /dev/xconsole noise on Debuntu servers
file { '/etc/rsyslog.d/50-default.conf':
ensure => present,
owner => 'root',
group => 'root',
mode => '0644',
source =>
'puppet:///modules/openstack_project/rsyslog.d_50-default.conf',
replace => true,
notify => Service['rsyslog'],
}
# Ubuntu installs their whoopsie package by default, but it eats through
# memory and we don't need it on servers
package { 'whoopsie':
ensure => absent,
}
}
# Increase syslog message size in order to capture
# python tracebacks with syslog.
file { '/etc/rsyslog.d/99-maxsize.conf':
ensure => present,
# Note MaxMessageSize is not a puppet variable.
content => '$MaxMessageSize 6k',
owner => 'root',
group => 'root',
mode => '0644',
notify => Service['rsyslog'],
}
service { 'rsyslog':
ensure => running,
enable => true,
hasrestart => true,
}
if ($::osfamily == 'RedHat') {
# Make sure dig is installed
package { 'bind-utils':
ensure => present,
}
}
}
View Git Blame Copy Permalink