[MediaWiki-commits] [Gerrit] Replace many references to virt1000 and labcontrol2001 with ... - change (operations/puppet)

Mon, 25 May 2015 05:28:07 -0700 

Andrew Bogott has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/213543

Change subject: Replace many references to virt1000 and labcontrol2001 with 
hiera lookups
......................................................................

Replace many references to virt1000 and labcontrol2001 with hiera lookups

Change-Id: Ic2b08ef592719a4d4cbefe47f34b65a85cad8f13
---
M hieradata/codfw.yaml
M hieradata/eqiad.yaml
M manifests/role/designate.pp
M manifests/role/dns.pp
M manifests/role/glance.pp
M manifests/role/keystone.pp
M manifests/role/neutron.pp
M manifests/role/nova.pp
M manifests/role/salt.pp
M modules/base/manifests/init.pp
M modules/openstack/manifests/firewall.pp
M modules/puppetmaster/manifests/labs.pp
12 files changed, 67 insertions(+), 28 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/43/213543/1

diff --git a/hieradata/codfw.yaml b/hieradata/codfw.yaml
index c23a88a..0a41df8 100644
--- a/hieradata/codfw.yaml
+++ b/hieradata/codfw.yaml
@@ -26,3 +26,11 @@
 jobrunner_state: 'stopped'
 ganglia_class: "new"
 ganglia_aggregators: install2001.wikimedia.org:10649
+
+labs_nova_controller: "labcontrol2001.wikimedia.org"
+labs_glance_controller: "labcontrol2001.wikimedia.org"
+labs_puppet_master: "labcontrol2001.wikimedia.org"
+labs_puppet_master_secondary: "virt1000.wikimedia.org"
+labs_keystone_host: "labcontrol2001.wikimedia.org"
+labs_ldap_dns_host: "labcontrol2001.wikimedia.org"
+labs_ldap_dns_host_secondary: "virt1000.wikimedia.org"
diff --git a/hieradata/eqiad.yaml b/hieradata/eqiad.yaml
index 39fe083..336aedc 100644
--- a/hieradata/eqiad.yaml
+++ b/hieradata/eqiad.yaml
@@ -18,3 +18,11 @@
   - '10.64.48.95:11211:1 "shard17"'
   - '10.64.48.96:11211:1 "shard18"'
 ganglia_class: "old"
+
+labs_nova_controller: "virt1000.wikimedia.org"
+labs_glance_controller: "virt1000.wikimedia.org"
+labs_puppet_master: "virt1000.wikimedia.org"
+labs_puppet_master_secondary: "labcontrol2001.wikimedia.org"
+labs_keystone_host: "virt1000.wikimedia.org"
+labs_ldap_dns_host: "virt1000.wikimedia.org"
+labs_ldap_dns_host_secondary: "labcontrol2001.wikimedia.org"
diff --git a/manifests/role/designate.pp b/manifests/role/designate.pp
index cd1307a..5540879 100644
--- a/manifests/role/designate.pp
+++ b/manifests/role/designate.pp
@@ -21,8 +21,10 @@
 class role::designate::config::eqiad inherits role::designate::config {
     include role::keystone::config::eqiad
 
+    $nova_controller = hiera('labs_nova_controller')
+
     $controller_hostname = $::realm ? {
-        'production' => 'virt1000.wikimedia.org',
+        'production' => $nova_controller,
         'labs'       => $nova_controller_hostname ? {
             undef   => $::ipaddress_eth0,
             default => $nova_controller_hostname,
@@ -42,7 +44,7 @@
     }
 
     $auth_uri = $::realm ? {
-        'production' => 'http://virt1000.wikimedia.org:5000',
+        'production' => "${nova_controller}:5000',
         'labs'       => "http://$::ipaddress_eth0:5000";,
     }
 
@@ -82,7 +84,7 @@
     # Firewall
     $wikitech = '208.80.154.136'
     $horizon = '208.80.154.147'
-    $controller = '208.80.154.18'
+    $controller = ipresolve($nova_controller, 4)
 
     # Poke a firewall hole for the designate api
     ferm::rule { 'designate-api':
diff --git a/manifests/role/dns.pp b/manifests/role/dns.pp
index 81c2c32..08c8f8d 100644
--- a/manifests/role/dns.pp
+++ b/manifests/role/dns.pp
@@ -5,7 +5,11 @@
 
     $ldapconfig = $ldap::role::config::labs::ldapconfig
 
+    $primary_ldap_dns = ipresolve(hiera('labs_ldap_dns_host'),4)
+    $secondary_ldap_dns = ipresolve(hiera('labs_ldap_dns_host_secondary'),4)
+
     if $::site == 'eqiad' {
+
         interface::ip { 'role::dns::ldap':
             interface => 'eth0',
             address   => '208.80.154.19'
@@ -13,8 +17,8 @@
 
         # FIXME: turn these settings into a hash that can be included somewhere
         class { '::labs_ldap_dns':
-            dns_auth_ipaddress     => '208.80.154.19 208.80.154.18',
-            dns_auth_query_address => '208.80.154.19',
+            dns_auth_ipaddress     => "{$primary_ldap_dns} 
${secondary_ldap_dns}",
+            dns_auth_query_address => $primary_ldap_dns,
             dns_auth_soa_name      => 'labs-ns0.wikimedia.org',
             ldap_hosts             => $ldapconfig['servernames'],
             ldap_base_dn           => $ldapconfig['basedn'],
@@ -30,8 +34,8 @@
 
         # FIXME: turn these settings into a hash that can be included somewhere
         class { '::labs_ldap_dns':
-            dns_auth_ipaddress     => '208.80.153.15 208.80.153.14',
-            dns_auth_query_address => '208.80.153.15',
+            dns_auth_ipaddress     => "{$primary_ldap_dns} 
${secondary_ldap_dns}",
+            dns_auth_query_address => $primary_ldap_dns,
             dns_auth_soa_name      => 'labs-ns1.wikimedia.org',
             ldap_hosts             => $ldapconfig['servernames'],
             ldap_base_dn           => $ldapconfig['basedn'],
diff --git a/manifests/role/glance.pp b/manifests/role/glance.pp
index 26be2a1..1f470d6 100644
--- a/manifests/role/glance.pp
+++ b/manifests/role/glance.pp
@@ -14,6 +14,8 @@
 class role::glance::config::eqiad inherits role::glance::config {
     include role::keystone::config::eqiad
 
+    $glance_controller = hiera('labs_glance_controller')
+
     $keystoneconfig = $role::keystone::config::eqiad::keystoneconfig
 
     $db_host = $::realm ? {
@@ -22,12 +24,12 @@
     }
 
     $bind_ip = $::realm ? {
-        'production' => '208.80.154.18',
+        'production' => ipresolve($glance_controller, 4),
         'labs'       => $::ipaddress_eth0,
     }
 
     $auth_uri = $::realm ? {
-        'production' => 'http://virt1000.wikimedia.org:5000',
+        'production' => "${glance_controller}:5000',
         'labs'       => "http://$::ipaddress_eth0:5000";,
     }
 
diff --git a/manifests/role/keystone.pp b/manifests/role/keystone.pp
index 29eeae2..03b5960 100644
--- a/manifests/role/keystone.pp
+++ b/manifests/role/keystone.pp
@@ -22,6 +22,9 @@
 }
 
 class role::keystone::config::eqiad inherits role::keystone::config {
+
+    $keystone_host = hiera('labs_keystone_host')
+
     $eqiadkeystoneconfig = {
         db_host      => $::realm ? {
             'production' => 'm5-master.eqiad.wmnet',
@@ -38,7 +41,7 @@
             }
         },
         bind_ip      => $::realm ? {
-            'production' => '208.80.154.18',
+            'production' => ip_resolve($keystone_host,4),
             'labs'       => $nova_controller_ip ? {
                 undef   => $::ipaddress_eth0,
                 default => $nova_controller_ip,
@@ -74,9 +77,11 @@
 class role::keystone::redis {
     include passwords::openstack::keystone
 
+    $nova_controller = hiera('labs_nova_controller')
+
     if ($::realm == 'production') {
         $replication = {
-            'labcontrol2001' => 'virt1000.wikimedia.org'
+            'labcontrol2001' => $nova_controller
         }
     } else {
         $replication = {
diff --git a/manifests/role/neutron.pp b/manifests/role/neutron.pp
index 74ed3ad..8542637 100644
--- a/manifests/role/neutron.pp
+++ b/manifests/role/neutron.pp
@@ -16,6 +16,8 @@
 class role::neutron::config::eqiad inherits role::neutron::config {
     include role::keystone::config::eqiad
 
+    $nova_controller = hiera('labs_nova_controller')
+
     $keystoneconfig = $role::keystone::config::eqiad::keystoneconfig
 
     $eqiadneutronconfig = {
@@ -24,15 +26,15 @@
             'labs'       => 'localhost',
         },
         rabbit_host => $::realm ? {
-            'production' => 'virt1000.wikimedia.org',
+            'production' => $nova_controller,
             'labs'       => 'localhost',
         },
         auth_uri => $::realm ? {
-            'production' => 'http://virt1000.wikimedia.org:5000',
+            'production' => "${nova_controller}:5000",
             'labs'       => 'http://localhost:5000',
         },
         bind_ip => $::realm ? {
-            'production' => '208.80.154.18',
+            'production' => ipresolve($nova_controller,4)
             'labs'       => '127.0.0.1',
         },
         keystone_admin_token   => $keystoneconfig['admin_token'],
diff --git a/manifests/role/nova.pp b/manifests/role/nova.pp
index 0a09a54..4c4d5c4 100644
--- a/manifests/role/nova.pp
+++ b/manifests/role/nova.pp
@@ -59,16 +59,18 @@
 class role::nova::config::codfw inherits role::nova::config::common {
     include role::keystone::config::eqiad
 
+    $nova_controller = hiera('labs_nova_controller')
+
     $keystoneconfig = $role::keystone::config::eqiad::keystoneconfig
     $controller_hostname = $::realm ? {
-        'production' => 'labcontrol2001.wikimedia.org',
+        'production' => $nova_controller,
         'labs'       => $nova_controller_hostname ? {
-            undef   => $::ipaddress_eth0,
+            undef   => $:ipaddress_eth0,
             default => $nova_controller_hostname,
         }
     }
     $controller_address = $::realm ? {
-        'production' => '208.80.153.14',
+        'production' => ipresolve($nova_controller, 4),
         'labs'       => $nova_controller_ip ? {
             undef   => $::ipaddress_eth0,
             default => $nova_controller_ip,
@@ -141,7 +143,7 @@
             'labs'       => '10.4.0.0/21',
         },
         auth_uri => $::realm ? {
-            'production' => 'http://virt1000.wikimedia.org:5000',
+            'production' => "http://${nova_controller}:5000";,
             'labs'       => 'http://localhost:5000',
         },
         controller_hostname    => $controller_hostname,
@@ -163,9 +165,11 @@
 class role::nova::config::eqiad inherits role::nova::config::common {
     include role::keystone::config::eqiad
 
+    $nova_controller = hiera('labs_nova_controller')
+
     $keystoneconfig = $role::keystone::config::eqiad::keystoneconfig
     $controller_hostname = $::realm ? {
-        'production' => 'virt1000.wikimedia.org',
+        'production' => $nova_controller,
         'labs'       => $nova_controller_hostname ? {
             undef   => $::ipaddress_eth0,
             default => $nova_controller_hostname,
@@ -179,7 +183,7 @@
         }
     }
     $controller_address = $::realm ? {
-        'production' => '208.80.154.18',
+        'production' => ipresolve($nova_controller,4),
         'labs'       => $nova_controller_ip ? {
             undef   => $::ipaddress_eth0,
             default => $nova_controller_ip,
@@ -245,7 +249,7 @@
             'labs'       => '10.4.0.0/21',
         },
         auth_uri => $::realm ? {
-            'production' => 'http://virt1000.wikimedia.org:5000',
+            'production' => "${nova_controller}:5000',
             'labs'       => 'http://localhost:5000',
         },
         controller_hostname    => $controller_hostname,
diff --git a/manifests/role/salt.pp b/manifests/role/salt.pp
index 9300cf9..4b0dc86 100644
--- a/manifests/role/salt.pp
+++ b/manifests/role/salt.pp
@@ -25,6 +25,8 @@
 # A salt master that manages all labs minions
 class role::salt::masters::labs {
 
+    $puppet_master = hiera('labs_puppet_master')
+
     $salt_state_roots    = { 'base' =>['/srv/salt']}
     $salt_file_roots     = { 'base' =>['/srv/salt']}
     $salt_pillar_roots   = { 'base' =>['/srv/pillars']}
@@ -42,7 +44,7 @@
     }
 
     class { 'salt::reactors':
-        salt_reactor_options => { 'puppet_server' => 'virt1000.wikimedia.org' 
},
+        salt_reactor_options => { 'puppet_server' => $puppet_master },
     }
 
 
@@ -89,7 +91,10 @@
     $salt_master_key = $::salt_master_key,
 ) {
     if $::realm == 'labs' {
-        $labs_masters  = [ 'virt1000.wikimedia.org', 
'labcontrol2001.wikimedia.org' ]
+        $puppet_master = hiera('labs_puppet_master')
+        $puppet_master_secondary = hiera('labs_puppet_master_secondary')
+
+        $labs_masters  = [ $puppet_master, $puppet_master_secondary ]
         $labs_finger   = 'c5:b1:35:45:3e:0a:19:70:aa:5f:3a:cf:bf:a0:61:dd'
         $master        = pick($salt_master, $labs_masters)
         $master_finger = pick($salt_finger, $labs_finger)
diff --git a/modules/base/manifests/init.pp b/modules/base/manifests/init.pp
index d898181..9a85398 100644
--- a/modules/base/manifests/init.pp
+++ b/modules/base/manifests/init.pp
@@ -47,7 +47,7 @@
     }
 
     $puppetmaster =  $::realm ? {
-        'labs'  => 'virt1000.wikimedia.org',
+        'labs'  => hiera('labs_puppet_master'),
         default => 'puppet',
     }
 
diff --git a/modules/openstack/manifests/firewall.pp 
b/modules/openstack/manifests/firewall.pp
index 9e073fb..530f446 100644
--- a/modules/openstack/manifests/firewall.pp
+++ b/modules/openstack/manifests/firewall.pp
@@ -4,16 +4,14 @@
     $labs_private_net = '10.0.0.0/0'
     $wikitech = '208.80.154.136'
     $horizon = '208.80.154.147'
+    $other_master = ipresolve(hiera('labs_nova_controller'),4)
     if ($::site == 'codfw') {
         # TODO!  codfw will need something
         # like this when the ip range is assigned.
         # $labs_nodes = '10.4.16.0/24'
-        # virt1000
-        $other_master = '208.80.154.18'
         $designate = '208.80.154.12'
     } elsif ($::site == 'eqiad') {
         $labs_nodes = '10.64.20.0/24'
-        $other_master = '208.80.153.14'
         $designate = '208.80.154.12'
     }
 
diff --git a/modules/puppetmaster/manifests/labs.pp 
b/modules/puppetmaster/manifests/labs.pp
index 47ce07a..f32c59d 100644
--- a/modules/puppetmaster/manifests/labs.pp
+++ b/modules/puppetmaster/manifests/labs.pp
@@ -26,7 +26,8 @@
     $labsstatus_password = 
$passwords::openstack::keystone::keystone_ldap_user_pass
     $labsstatus_username = 'novaadmin'
     $labsstatus_region = $::site
-    $labsstatus_auth_url = 'http://virt1000.wikimedia.org:35357/v2.0'
+    $keystone_host = hiera('labs_keystone_host')
+    $labsstatus_auth_url = "${keystone_host}:35357/v2.0'
 
     file { '/etc/labsstatus.cfg':
         ensure  => present,

-- 
To view, visit https://gerrit.wikimedia.org/r/213543
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ic2b08ef592719a4d4cbefe47f34b65a85cad8f13
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott <abog...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to