More roles cleanup

2015-04-06 14:00:21 +02:00 · 2015-04-06 14:00:21 +02:00 · 2c82bfee21
commit 2c82bfee21
parent 6ea1d02c76
12 changed files with 34 additions and 196 deletions
--- a/roles/bootstrap/configure_puppetmaster/files/puppetmaster.pp
+++ b/roles/bootstrap/configure_puppetmaster/files/puppetmaster.pp
@ -1,196 +0,0 @@
-# == Class: openstack_project::puppetmaster
-#
-class openstack_project::puppetmaster (
-  $root_rsa_key = 'xxx',
-  $sysadmins = [],
-  $version   = '3.',
-  $ca_server = undef,
-  $puppetdb = true,
-  $puppetdb_server = 'puppetdb.openstack.org',
-  $puppetmaster_server = undef,
-) {
-  include logrotate
-  include openstack_project::params
-
-  class { 'openstack_project::server':
-    iptables_public_tcp_ports => [4505, 4506, 8140],
-    sysadmins                 => $sysadmins,
-    pin_puppet                => $version,
-    ca_server                 => $ca_server,
-    puppetmaster_server       => $puppetmaster_server,
-  }
-
-  file {'/etc/puppet/environments':
-    ensure => directory,
-    owner  => 'root',
-    group  => 'root',
-    mode   => '0755',
-  }
-  file {'/etc/puppet/environments/production':
-    ensure => directory,
-    owner  => 'root',
-    group  => 'root',
-    mode   => '0755',
-  }
-  file {'/etc/puppet/environments/production/environment.conf':
-    ensure => file,
-    owner  => 'root',
-    group  => 'root',
-    mode   => '0644',
-    source => 'puppet:///modules/openstack_project/puppetmaster/production_environment.conf',
-  }
-
-  include ansible
-
-  file { '/etc/ansible/hostfile':
-    ensure  => present,
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0644',
-    require => Class['ansible'],
-  }
-
-  cron { 'updatepuppetmaster':
-    user        => 'root',
-    minute      => '*/15',
-    command     => 'flock -n /var/run/puppet/puppet_run_all.lock bash /opt/system-config/production/run_all.sh',
-    environment => 'PATH=/var/lib/gems/1.8/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin',
-  }
-
-  logrotate::file { 'updatepuppetmaster':
-    ensure  => present,
-    log     => '/var/log/puppet_run_all.log',
-    options => ['compress',
-      'copytruncate',
-      'delaycompress',
-      'missingok',
-      'rotate 7',
-      'daily',
-      'notifempty',
-    ],
-    require => Cron['updatepuppetmaster'],
-  }
-
-  cron { 'deleteoldreports':
-    user        => 'root',
-    hour        => '3',
-    minute      => '0',
-    command     => 'sleep $((RANDOM\%600)) && find /var/lib/puppet/reports -name \'*.yaml\' -mtime +7 -execdir rm {} \;',
-    environment => 'PATH=/var/lib/gems/1.8/bin:/usr/bin:/bin:/usr/sbin:/sbin',
-  }
-
-  file { '/etc/puppet/hiera.yaml':
-    ensure  => present,
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0555',
-    source  => 'puppet:///modules/openstack_project/puppetmaster/hiera.yaml',
-    replace => true,
-    require => Class['openstack_project::server'],
-  }
-
-  file { '/var/lib/puppet/reports':
-    ensure => directory,
-    owner  => 'puppet',
-    group  => 'puppet',
-    mode   => '0750',
-    }
-
-  if ! defined(File['/root/.ssh']) {
-    file { '/root/.ssh':
-      ensure => directory,
-      mode   => '0700',
-    }
-  }
-
-  file { '/root/.ssh/id_rsa':
-    ensure  => present,
-    mode    => '0400',
-    content => $root_rsa_key,
-  }
-
-# Cloud credentials are stored in this directory for launch-node.py.
-  file { '/root/ci-launch':
-    ensure => directory,
-    owner  => 'root',
-    group  => 'admin',
-    mode   => '0750',
-    }
-
-# For puppet master apache serving.
-  package { 'puppetmaster-passenger':
-    ensure => present,
-  }
-
-  file { '/etc/apache2/sites-available/puppetmaster.conf':
-    ensure  => present,
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0600',
-    content => template('openstack_project/puppetmaster/puppetmaster_vhost.conf.erb'),
-    require => Package['puppetmaster-passenger'],
-  }
-
-# To set LANG to utf8, otherwise we get charset errors on manifests
-# with non-ascii chars
-  file { '/etc/apache2/envvars':
-    ensure  => present,
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0444',
-    source  => 'puppet:///modules/openstack_project/puppetmaster/envvars.debian',
-    require => Package['puppetmaster-passenger'],
-  }
-
-# For launch/launch-node.py.
-  package { ['python-cinderclient', 'python-novaclient']:
-    ensure   => latest,
-    provider => pip,
-    require  => [Package['python-lxml'], Package['libxslt1-dev']],
-  }
-  package { 'python-paramiko':
-    ensure => present,
-  }
-  package { 'python-lxml':
-    ensure => present,
-  }
-  package { 'libxslt1-dev':
-    ensure => present,
-  }
-
-# Enable puppetdb
-
-  if $puppetdb {
-    class { 'puppetdb::master::config':
-      puppetdb_server              => $puppetdb_server,
-      puppet_service_name          => 'apache2',
-      puppetdb_soft_write_failure  => true,
-      manage_storeconfigs          => false,
-    }
-  }
-
-# Playbooks
-#
-  file { '/etc/ansible/playbooks':
-    ensure  => directory,
-    recurse => true,
-    source  => 'puppet:///modules/openstack_project/ansible/playbooks',
-    require => Class[ansible],
-  }
-
-  file { '/etc/ansible/remote_puppet.yaml':
-    ensure => absent,
-  }
-  file { '/etc/ansible/remote_puppet_afs.yaml':
-    ensure => absent,
-  }
-  file { '/etc/ansible/remote_puppet_else.yaml':
-    ensure => absent,
-  }
-  file { '/etc/ansible/remote_puppet_git.yaml':
-    ensure => absent,
-  }
-  file { '/etc/ansible/clean_workspaces.yaml':
-    ensure => absent,
-  }
-}
--- a/roles/bootstrap/clone_system_config/defaults/main.yaml
+++ b/roles/bootstrap/clone_system_config/defaults/main.yaml
--- a/roles/bootstrap/branch_system_config/tasks/main.yml
+++ b/roles/bootstrap/branch_system_config/tasks/main.yml
--- a/roles/bootstrap/tasks/branch_system_config/tasks/main.yml
+++ b/roles/bootstrap/tasks/branch_system_config/tasks/main.yml
@ -0,0 +1,26 @@
+---
+# Check checked-out branch
+- command: git rev-parse --abbrev-ref HEAD
+  args:
+    chdir: /opt/system-config/production
+  register: checked_out_branch
+  ignore_errors: True
+
+# Check whether "infra_config" branch exists or not
+- command: git show-ref "infra_config"
+  args:
+    chdir: /opt/system-config/production
+  register: infra_config_branch 
+  ignore_errors: True
+
+# If "infra_config" branch exists, switch to it
+- command: git checkout infra_config
+  args:
+    chdir: /opt/system-config/production
+  when: checked_out_branch.stdout != "infra_config" and infra_config_branch.rc == 0
+
+# Create and switch to "infra_config" branch to put non-upstream fixes and values
+- command: git checkout -b infra_config
+  args:
+    chdir: /opt/system-config/production
+  when: infra_config_branch.rc != 0
--- a/roles/bootstrap/clone_system_config/tasks/main.yml
+++ b/roles/bootstrap/clone_system_config/tasks/main.yml
--- a/roles/bootstrap/tasks/clone_system_config/defaults/main.yaml
+++ b/roles/bootstrap/tasks/clone_system_config/defaults/main.yaml
@ -0,0 +1,2 @@
+---
+system_config_repo_url: https://git.openstack.org/openstack-infra/system-config
--- a/roles/bootstrap/tasks/clone_system_config/tasks/main.yml
+++ b/roles/bootstrap/tasks/clone_system_config/tasks/main.yml
@ -0,0 +1,6 @@
+---
+# Clone system-config 
+- git: repo="{{ system_config_repo_url }}"
+       dest=/opt/system-config/production
+       version=master
+  tags: clone_system_config
--- a/roles/bootstrap/configure_puppetdb/tasks/main.yml
+++ b/roles/bootstrap/configure_puppetdb/tasks/main.yml
--- a/roles/bootstrap/configure_puppetmaster/tasks/main.yml
+++ b/roles/bootstrap/configure_puppetmaster/tasks/main.yml
--- a/roles/bootstrap/generate_puppet_certificates/tasks/main.yml
+++ b/roles/bootstrap/generate_puppet_certificates/tasks/main.yml
--- a/roles/bootstrap/install_puppet_and_modules/tasks/main.yml
+++ b/roles/bootstrap/install_puppet_and_modules/tasks/main.yml
--- a/roles/bootstrap/install_required_packages/tasks/main.yml
+++ b/roles/bootstrap/install_required_packages/tasks/main.yml