Giuseppe Lavagetto has uploaded a new change for review. https://gerrit.wikimedia.org/r/185912
Change subject: base::resolving: get rid of the global domain_search variable ...................................................................... base::resolving: get rid of the global domain_search variable This allows to remove it from realm.pp as well; also use role (and hiera) for bastionhosts. Change-Id: I733154aea1ab5956b32cc88692bbd050b7051d65 Signed-off-by: Giuseppe Lavagetto <[email protected]> --- A hieradata/hosts/bast1001.yaml A hieradata/hosts/hooft.yaml A hieradata/hosts/iron.yaml A hieradata/hosts/labstore1001.yaml A hieradata/hosts/labstore1002.yaml A hieradata/hosts/labstore1003.yaml A hieradata/hosts/neon.yaml A hieradata/hosts/palladium.yaml M hieradata/hosts/terbium.yaml A hieradata/hosts/tin.yaml A hieradata/role/common/bastionhost.yaml M manifests/realm.pp M manifests/site.pp M modules/base/manifests/resolving.pp 14 files changed, 72 insertions(+), 99 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/12/185912/1 diff --git a/hieradata/hosts/bast1001.yaml b/hieradata/hosts/bast1001.yaml new file mode 100644 index 0000000..ff7f3eb --- /dev/null +++ b/hieradata/hosts/bast1001.yaml @@ -0,0 +1,6 @@ +admin::groups: + - deployment + - restricted + - parsoid-admin + - ocg-render-admins + - bastiononly diff --git a/hieradata/hosts/hooft.yaml b/hieradata/hosts/hooft.yaml new file mode 100644 index 0000000..2ff883a --- /dev/null +++ b/hieradata/hosts/hooft.yaml @@ -0,0 +1,9 @@ +base::resolving::domain_search: + - esams.wikimedia.org + - wikimedia.org + - esams.wmnet + +admin::groups: + - deployment + - restricted + diff --git a/hieradata/hosts/iron.yaml b/hieradata/hosts/iron.yaml new file mode 100644 index 0000000..7159a60 --- /dev/null +++ b/hieradata/hosts/iron.yaml @@ -0,0 +1,7 @@ +base::resolving::domain_search: + - wikimedia.org + - eqiad.wmnet + - codfw.wmnet + - ulsfo.wmnet + - esams.wikimedia.org + - esams.wmnet diff --git a/hieradata/hosts/labstore1001.yaml b/hieradata/hosts/labstore1001.yaml new file mode 100644 index 0000000..1b75a62 --- /dev/null +++ b/hieradata/hosts/labstore1001.yaml @@ -0,0 +1,3 @@ +base::resolving::domain_search: + - wikimedia.org + - eqiad.wmnet diff --git a/hieradata/hosts/labstore1002.yaml b/hieradata/hosts/labstore1002.yaml new file mode 100644 index 0000000..1b75a62 --- /dev/null +++ b/hieradata/hosts/labstore1002.yaml @@ -0,0 +1,3 @@ +base::resolving::domain_search: + - wikimedia.org + - eqiad.wmnet diff --git a/hieradata/hosts/labstore1003.yaml b/hieradata/hosts/labstore1003.yaml new file mode 100644 index 0000000..1b75a62 --- /dev/null +++ b/hieradata/hosts/labstore1003.yaml @@ -0,0 +1,3 @@ +base::resolving::domain_search: + - wikimedia.org + - eqiad.wmnet diff --git a/hieradata/hosts/neon.yaml b/hieradata/hosts/neon.yaml new file mode 100644 index 0000000..451cd4c --- /dev/null +++ b/hieradata/hosts/neon.yaml @@ -0,0 +1,8 @@ +base::resolving::domain_search: + - wikimedia.org + - esams.wmnet + - eqiad.wmnet + - codfw.wmnet + - ulsfo.wmnet + - esams.wikimedia.org + diff --git a/hieradata/hosts/palladium.yaml b/hieradata/hosts/palladium.yaml new file mode 100644 index 0000000..b0587d4 --- /dev/null +++ b/hieradata/hosts/palladium.yaml @@ -0,0 +1,8 @@ +base::resolving::domain_search: + - wikimedia.org + - esams.wmnet + - eqiad.wmnet + - codfw.wmnet + - ulsfo.wmnet + - esams.wikimtedia.org + diff --git a/hieradata/hosts/terbium.yaml b/hieradata/hosts/terbium.yaml index d1ff02c..2c6138a 100644 --- a/hieradata/hosts/terbium.yaml +++ b/hieradata/hosts/terbium.yaml @@ -2,3 +2,6 @@ - restricted - deployment - ldap-admins +base::resolving::domain_search: + - wikimedia.org + - eqiad.wmnet diff --git a/hieradata/hosts/tin.yaml b/hieradata/hosts/tin.yaml new file mode 100644 index 0000000..4f68a06 --- /dev/null +++ b/hieradata/hosts/tin.yaml @@ -0,0 +1,4 @@ +base::resolving::domain_search: + - wikimedia.org + - eqiad.wmnet + - esams.wikimedia.org diff --git a/hieradata/role/common/bastionhost.yaml b/hieradata/role/common/bastionhost.yaml new file mode 100644 index 0000000..65e7951 --- /dev/null +++ b/hieradata/role/common/bastionhost.yaml @@ -0,0 +1,7 @@ +cluster: misc +base::resolving::domain_search: + - wikimedia.org + - eqiad.wmnet + - codfw.wmnet + - ulsfo.wmnet + - esams.wikimedia.org diff --git a/manifests/realm.pp b/manifests/realm.pp index 417d7ad..dc0be12 100644 --- a/manifests/realm.pp +++ b/manifests/realm.pp @@ -56,7 +56,6 @@ 'esams' => [ '91.198.174.6', '208.80.154.239' ], # esams -> esams (nescio, not LVS), eqiad default => [ '208.80.154.239', '208.80.153.254' ], # -> eqiad, codfw } -$domain_search = $domain # TODO: SMTP settings diff --git a/manifests/site.pp b/manifests/site.pp index 53b1c59..a4d6043 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -332,34 +332,15 @@ } node 'bast1001.wikimedia.org' { - $cluster = 'misc' - $domain_search = [ - 'wikimedia.org', - 'eqiad.wmnet', - 'codfw.wmnet', - 'ulsfo.wmnet', - 'esams.wikimedia.org' - ] interface::add_ip6_mapped { 'main': interface => 'eth0', } + role bastionhost + include admin include standard include subversion::client - - class { 'admin': - groups => [ - 'deployment', - 'restricted', - 'parsoid-admin', - 'ocg-render-admins', - 'bastiononly', - ], - } - - - include role::bastionhost include dsh include ssh::hostkeys-collect class { 'nfs::netapp::home': @@ -371,41 +352,23 @@ } node 'bast2001.wikimedia.org' { - $cluster = 'misc' - $domain_search = [ - 'wikimedia.org', - 'codfw.wmnet', - 'eqiad.wmnet', - 'ulsfo.wmnet', - 'esams.wikimedia.org' - ] - interface::add_ip6_mapped { 'main': interface => 'eth0', } - + role bastionhost include admin include standard - include role::bastionhost + } node 'bast4001.wikimedia.org' { - $cluster = 'misc' - $domain_search = [ - 'wikimedia.org', - 'ulsfo.wmnet', - 'eqiad.wmnet', - 'codfw.wmnet', - 'esams.wikimedia.org' - ] - interface::add_ip6_mapped { 'main': interface => 'eth0', } + role bastionhost include admin include standard - include role::bastionhost include role::ipmi include role::installserver::tftp-server } @@ -1238,25 +1201,14 @@ node 'hooft.esams.wikimedia.org' { $ganglia_aggregator = true - $domain_search = [ - 'esams.wikimedia.org', - 'wikimedia.org', - 'esams.wmnet' - ] interface::add_ip6_mapped { 'main': interface => 'eth0', } + role bastionhost - class { 'admin': - groups => [ - 'deployment', - 'restricted', - ], - } - + include admin include standard - include role::bastionhost include role::installserver::tftp-server # TODO: 2013-12-13. rsync is an unpuppetized service on hooft. Ferm is @@ -1305,26 +1257,15 @@ system::role { 'misc': description => 'Operations Bastion', } - $cluster = 'misc' - $domain_search = [ - 'wikimedia.org', - 'eqiad.wmnet', - 'codfw.wmnet', - 'ulsfo.wmnet', - 'esams.wikimedia.org', - 'esams.wmnet', - ] - interface::add_ip6_mapped { 'main': interface => 'eth0', } + role bastionhost include admin include standard - include role::bastionhost include role::ipmi include role::access_new_install - include role::backup::host backup::set {'home': } } @@ -1387,7 +1328,6 @@ $site = 'eqiad' $cluster = 'labsnfs' - $domain_search = ['wikimedia.org', 'eqiad.wmnet'] $ldapincludes = ['openldap', 'nss', 'utils'] $ganglia_aggregator = true @@ -1435,8 +1375,6 @@ node 'labstore1003.eqiad.wmnet' { $site = 'eqiad' $cluster = 'labsnfs' - $domain_search = ['wikimedia.org', 'eqiad.wmnet'] - $ganglia_aggregator = true include standard @@ -1994,14 +1932,6 @@ interface::add_ip6_mapped { 'main': interface => 'eth0' } - $domain_search = [ - 'wikimedia.org', - 'eqiad.wmnet', - 'codfw.wmnet', - 'ulsfo.wmnet', - 'esams.wikimedia.org' - ] - include standard include admin include role::icinga @@ -2098,15 +2028,6 @@ include role::puppetmaster::frontend include role::pybal_config include misc::monitoring::ori_weekend_commits - - $domain_search = [ - 'wikimedia.org', - 'eqiad.wmnet', - 'codfw.wmnet', - 'ulsfo.wmnet', - 'esams.wmnet', - 'esams.wikimedia.org' - ] } node /pc100[1-3]\.eqiad\.wmnet/ { @@ -2325,11 +2246,6 @@ include role::noc include role::mediawiki::searchmonitor - $domain_search = [ - 'wikimedia.org', - 'eqiad.wmnet', - ] - include admin include ldap::role::client::labs @@ -2389,11 +2305,6 @@ node 'tin.eqiad.wmnet' { $cluster = 'misc' - $domain_search = [ - 'wikimedia.org', - 'eqiad.wmnet', - 'esams.wikimedia.org' - ] include standard include role::deployment::deployment_servers::production diff --git a/modules/base/manifests/resolving.pp b/modules/base/manifests/resolving.pp index 4387552..435362a 100644 --- a/modules/base/manifests/resolving.pp +++ b/modules/base/manifests/resolving.pp @@ -1,4 +1,6 @@ -class base::resolving { +class base::resolving ( + $domain_search = $::domain, +){ if ! $::nameservers { error("Variable ${::nameservers} is not defined!") } -- To view, visit https://gerrit.wikimedia.org/r/185912 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I733154aea1ab5956b32cc88692bbd050b7051d65 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Giuseppe Lavagetto <[email protected]> _______________________________________________ MediaWiki-commits mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
