Rush has uploaded a new change for review.
https://gerrit.wikimedia.org/r/253909
Change subject: Remove old "openstack on labs" configuration
......................................................................
Remove old "openstack on labs" configuration
There was a time where the best testing option for openstack
itself was within a labs project. This has been defunct for
awhile. This cleans so we can move forward.
Change-Id: Ie15d5502e423bad7ec24deded56c02a6f7403f21
---
M manifests/role/labs/openstack/designate.pp
M manifests/role/labs/openstack/glance.pp
M manifests/role/labs/openstack/keystone.pp
M manifests/role/labs/openstack/nova.pp
M manifests/role/labs/puppetmaster.pp
M modules/openstack/manifests/common.pp
6 files changed, 159 insertions(+), 356 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/09/253909/1
diff --git a/manifests/role/labs/openstack/designate.pp
b/manifests/role/labs/openstack/designate.pp
index 1e7b811..b598d36 100644
--- a/manifests/role/labs/openstack/designate.pp
+++ b/manifests/role/labs/openstack/designate.pp
@@ -1,4 +1,5 @@
class role::labs::openstack::designate::config {
+
include openstack
include passwords::designate
include passwords::pdns
@@ -23,31 +24,12 @@
include role::labs::openstack::keystone::config::eqiad
$nova_controller = hiera('labs_nova_controller')
-
- $controller_hostname = $::realm ? {
- 'production' => $nova_controller,
- 'labs' => $nova_controller_hostname ? {
- undef => $::ipaddress_eth0,
- default => $nova_controller_hostname,
- }
- }
-
$keystoneconfig =
$role::labs::openstack::keystone::config::eqiad::keystoneconfig
- $db_host = $::realm ? {
- 'production' => 'm5-master.eqiad.wmnet',
- 'labs' => $::ipaddress_eth0,
- }
-
- $pdns_db_host = $::realm ? {
- 'production' => 'm5-master.eqiad.wmnet',
- 'labs' => $::ipaddress_eth0,
- }
-
- $auth_uri = $::realm ? {
- 'production' => "http://${nova_controller}:5000";,
- 'labs' => "http://${::ipaddress_eth0}:5000";,
- }
+ $controller_hostname = $nova_controller,
+ $db_host = 'm5-master.eqiad.wmnet',
+ $pdns_db_host = 'm5-master.eqiad.wmnet',
+ $auth_uri = "http://${nova_controller}:5000";,
$eqiaddesignateconfig = {
db_host => $db_host,
@@ -65,27 +47,20 @@
}
class role::labs::openstack::designate::server {
- include role::labs::openstack::designate::config::eqiad
- if $::realm == 'labs' and $::openstack_site_override != undef {
- $designateconfig = $::openstack_site_override ? {
- 'eqiad' =>
$role::labs::openstack::designate::config::eqiad::designateconfig,
- }
- } else {
- $designateconfig = $::site ? {
- 'eqiad' =>
$role::labs::openstack::designate::config::eqiad::designateconfig,
- }
+ include role::labs::openstack::designate::config::eqiad
+ # Firewall
+ $wikitech = ipresolve('wikitech.wikimedia.org',4)
+ $horizon = ipresolve('horizon.wikimedia.org',4)
+ $controller = ipresolve(hiera('labs_nova_controller'),4)
+
+ $designateconfig = $::site ? {
+ 'eqiad' =>
$role::labs::openstack::designate::config::eqiad::designateconfig,
}
class { 'openstack::designate::service':
designateconfig => $designateconfig,
}
-
-
- # Firewall
- $wikitech = ipresolve('wikitech.wikimedia.org',4)
- $horizon = ipresolve('horizon.wikimedia.org',4)
- $controller = ipresolve(hiera('labs_nova_controller'),4)
# Poke a firewall hole for the designate api
ferm::rule { 'designate-api':
diff --git a/manifests/role/labs/openstack/glance.pp
b/manifests/role/labs/openstack/glance.pp
index 7b5b44c..ce6e8cc 100644
--- a/manifests/role/labs/openstack/glance.pp
+++ b/manifests/role/labs/openstack/glance.pp
@@ -1,4 +1,5 @@
class role::labs::openstack::glance::config {
+
include passwords::openstack::glance
include passwords::labs::rabbitmq
@@ -12,21 +13,14 @@
}
class role::labs::openstack::glance::config::eqiad inherits
role::labs::openstack::glance::config {
+
include role::labs::openstack::keystone::config::eqiad
+
$keystoneconfig =
$role::labs::openstack::keystone::config::eqiad::keystoneconfig
- $keystone_host = hiera('labs_keystone_host')
-
- $db_host = $::realm ? {
- 'production' => 'm5-master.eqiad.wmnet',
- 'labs' => $::ipaddress_eth0,
- }
-
- $bind_ip = $::ipaddress_eth0
-
- $auth_uri = $::realm ? {
- 'production' => "http://${keystone_host}:5000";,
- 'labs' => "http://${::ipaddress_eth0}:5000";,
- }
+ $keystone_host = hiera('labs_keystone_host')
+ $db_host = 'm5-master.eqiad.wmnet',
+ $bind_ip = $::ipaddress_eth0
+ $auth_uri = "http://${keystone_host}:5000";,
$eqiadglanceconfig = {
db_host => $db_host,
@@ -41,16 +35,11 @@
}
class role::labs::openstack::glance::server {
+
include role::labs::openstack::glance::config::eqiad
- if $::realm == 'labs' and $::openstack_site_override != undef {
- $glanceconfig = $::openstack_site_override ? {
- 'eqiad' =>
$role::labs::openstack::glance::config::eqiad::glanceconfig,
- }
- } else {
- $glanceconfig = $::site ? {
- 'eqiad' =>
$role::labs::openstack::glance::config::eqiad::glanceconfig,
- }
+ $glanceconfig = $::site ? {
+ 'eqiad' => $role::labs::openstack::glance::config::eqiad::glanceconfig,
}
class { 'openstack::glance::service':
diff --git a/manifests/role/labs/openstack/keystone.pp
b/manifests/role/labs/openstack/keystone.pp
index 4f6fa3b..507fe36 100644
--- a/manifests/role/labs/openstack/keystone.pp
+++ b/manifests/role/labs/openstack/keystone.pp
@@ -1,4 +1,5 @@
class role::labs::openstack::keystone::config {
+
include passwords::openstack::keystone
$commonkeystoneconfig = {
diff --git a/manifests/role/labs/openstack/nova.pp
b/manifests/role/labs/openstack/nova.pp
index b54dc6d..5703512 100644
--- a/manifests/role/labs/openstack/nova.pp
+++ b/manifests/role/labs/openstack/nova.pp
@@ -1,21 +1,16 @@
class role::labs::openstack::nova::config {
+
include role::labs::openstack::nova::config::eqiad
include role::labs::openstack::nova::config::codfw
- if $::realm == 'labs' and $::openstack_site_override != undef {
- $novaconfig = $::openstack_site_override ? {
- 'eqiad' => $role::labs::openstack::nova::config::eqiad::novaconfig,
- 'codfw' => $role::labs::openstack::nova::config::codfw::novaconfig,
- }
- } else {
- $novaconfig = $::site ? {
- 'eqiad' => $role::labs::openstack::nova::config::eqiad::novaconfig,
- 'codfw' => $role::labs::openstack::nova::config::codfw::novaconfig,
- }
+ $novaconfig = $::site ? {
+ 'eqiad' => $role::labs::openstack::nova::config::eqiad::novaconfig,
+ 'codfw' => $role::labs::openstack::nova::config::codfw::novaconfig,
}
}
class role::labs::openstack::nova::config::common {
+
require openstack
include passwords::openstack::nova
include passwords::openstack::ceilometer
@@ -46,221 +41,99 @@
# let users have network admin rights, for firewall rules and such,
and can
# give them public ips by increasing their quota
quota_floating_ips => '0',
- libvirt_type => $::realm ? {
- 'production' => 'kvm',
- 'labs' => 'qemu',
- },
+ libvirt_type => 'kvm',
}
}
class role::labs::openstack::nova::config::codfw inherits
role::labs::openstack::nova::config::common {
+
include role::labs::openstack::keystone::config::eqiad
- $nova_controller = hiera('labs_nova_controller')
-
- $keystoneconfig =
$role::labs::openstack::keystone::config::eqiad::keystoneconfig
- $controller_hostname = $::realm ? {
- 'production' => $nova_controller,
- 'labs' => $nova_controller_hostname ? {
- undef => $::ipaddress_eth0,
- default => $nova_controller_hostname,
- }
- }
- $controller_address = $::realm ? {
- 'production' => ipresolve($nova_controller, 4),
- 'labs' => $nova_controller_ip ? {
- undef => $::ipaddress_eth0,
- default => $nova_controller_ip,
- }
- }
- $designate_hostname = $::realm ? {
- 'production' => 'holmium.wikimedia.org',
- 'labs' => $nova_controller_hostname ? {
- undef => $::ipaddress_eth0,
- default => $nova_controller_hostname,
- }
- }
+ $nova_controller = hiera('labs_nova_controller')
+ $keystoneconfig =
$role::labs::openstack::keystone::config::eqiad::keystoneconfig
+ $controller_hostname = $nova_controller
+ $controller_address = ipresolve($nova_controller, 4)
+ $designate_hostname = 'holmium.wikimedia.org'
$codfwnovaconfig = {
- db_host => $controller_hostname,
- dhcp_domain => 'codfw.wmflabs',
- glance_host => $controller_hostname,
- rabbit_host => $controller_hostname,
- cc_host => $controller_hostname,
- designate_hostname => $designate_hostname,
- network_flat_interface => $::realm ? {
- 'production' => 'eth1.1102',
- 'labs' => 'eth0.1118',
- },
- network_flat_tagged_base_interface => $::realm ? {
- 'production' => 'eth1',
- 'labs' => 'eth0',
- },
- network_flat_interface_vlan => '1102',
- flat_network_bridge => 'br1102',
- network_public_interface => 'eth0',
- network_host => $::realm ? {
- 'production' => hiera('labs_nova_network_ip'),
- 'labs' => $nova_network_hostname ? {
- undef => $::ipaddress_eth0,
- default => $nova_network_hostname,
- }
- },
- api_host => $::realm ? {
- 'production' => hiera('labs_nova_api_host'),
- 'labs' => $nova_controller_hostname ? {
- undef => $::ipaddress_eth0,
- default => $nova_controller_hostname,
- }
- },
- api_ip => $::realm ? {
- 'production' => ipresolve(hiera('labs_nova_api_host'),4),
- 'labs' => $nova_controller_ip ? {
- undef => $::ipaddress_eth0,
- default => $nova_controller_ip,
- }
- },
- fixed_range => $::realm ? {
- 'production' => '10.68.16.0/21',
- 'labs' => '192.168.0.0/21',
- },
- dhcp_start => $::realm ? {
- 'production' => '10.68.16.4',
- 'labs' => '192.168.0.4',
- },
- network_public_ip => $::realm ? {
- 'production' => '208.80.155.255',
- 'labs' => $nova_network_ip ? {
- undef => $::ipaddress_eth0,
- default => $nova_network_ip,
- }
- },
- dmz_cidr => $::realm ? {
- 'production' => '208.80.155.0/22,10.0.0.0/8',
- 'labs' => '10.4.0.0/21',
- },
- auth_uri => $::realm ? {
- 'production' => "http://${nova_controller}:5000";,
- 'labs' => 'http://localhost:5000',
- },
- controller_hostname => $controller_hostname,
- controller_address => $controller_address,
- ldap_host => $controller_hostname,
- puppet_host => $controller_hostname,
- puppet_db_host => $controller_hostname,
- live_migration_uri =>
'qemu://%s.codfw.wmnet/system?pkipath=/var/lib/nova',
- zone => 'codfw',
- keystone_admin_token => $keystoneconfig['admin_token'],
- keystone_auth_host => $keystoneconfig['bind_ip'],
- keystone_auth_protocol => $keystoneconfig['auth_protocol'],
- keystone_auth_port => $keystoneconfig['auth_port'],
+ db_host => $controller_hostname,
+ dhcp_domain => 'codfw.wmflabs',
+ glance_host => $controller_hostname,
+ rabbit_host => $controller_hostname,
+ cc_host => $controller_hostname,
+ designate_hostname => $designate_hostname,
+ network_flat_interface => 'eth1.1102',
+ network_flat_tagged_base_interface => 'eth1',
+ network_flat_interface_vlan => '1102',
+ flat_network_bridge => 'br1102',
+ network_public_interface => 'eth0',
+ network_host => hiera('labs_nova_network_ip'),
+ api_host => hiera('labs_nova_api_host'),
+ api_ip =>
ipresolve(hiera('labs_nova_api_host'),4),
+ fixed_range => '10.68.16.0/21',
+ dhcp_start => '10.68.16.4',
+ network_public_ip => '208.80.155.255',
+ dmz_cidr => '208.80.155.0/22,10.0.0.0/8',
+ auth_uri => http://${nova_controller}:5000";,
+ controller_hostname => $controller_hostname,
+ controller_address => $controller_address,
+ ldap_host => $controller_hostname,
+ puppet_host => $controller_hostname,
+ puppet_db_host => $controller_hostname,
+ live_migration_uri =>
'qemu://%s.codfw.wmnet/system?pkipath=/var/lib/nova',
+ zone => 'codfw',
+ keystone_admin_token => $keystoneconfig['admin_token'],
+ keystone_auth_host => $keystoneconfig['bind_ip'],
+ keystone_auth_protocol => $keystoneconfig['auth_protocol'],
+ keystone_auth_port => $keystoneconfig['auth_port'],
}
$novaconfig = merge( $codfwnovaconfig, $commonnovaconfig )
}
class role::labs::openstack::nova::config::eqiad inherits
role::labs::openstack::nova::config::common {
+
include role::labs::openstack::keystone::config::eqiad
- $nova_controller = hiera('labs_nova_controller')
-
- $keystoneconfig =
$role::labs::openstack::keystone::config::eqiad::keystoneconfig
- $controller_hostname = $::realm ? {
- 'production' => $nova_controller,
- 'labs' => $nova_controller_hostname ? {
- undef => $::ipaddress_eth0,
- default => $nova_controller_hostname,
- }
- }
- $designate_hostname = $::realm ? {
- 'production' => 'holmium.wikimedia.org',
- 'labs' => $nova_controller_hostname ? {
- undef => $::ipaddress_eth0,
- default => $nova_controller_hostname,
- }
- }
- $controller_address = $::realm ? {
- 'production' => ipresolve($nova_controller,4),
- 'labs' => $nova_controller_ip ? {
- undef => $::ipaddress_eth0,
- default => $nova_controller_ip,
- }
- }
+ $nova_controller = hiera('labs_nova_controller')
+ $keystoneconfig =
$role::labs::openstack::keystone::config::eqiad::keystoneconfig
+ $controller_hostname = $nova_controller,
+ $designate_hostname ='holmium.wikimedia.org',
+ $controller_address = ipresolve($nova_controller,4),
$eqiadnovaconfig = {
- db_host => 'm5-master.eqiad.wmnet',
- dhcp_domain => 'eqiad.wmflabs',
- glance_host => $controller_hostname,
- rabbit_host => $controller_hostname,
- cc_host => $controller_hostname,
- designate_hostname => $designate_hostname,
- network_flat_interface => $::realm ? {
- 'production' => 'eth1.1102',
- 'labs' => 'eth0.1118',
- },
- network_flat_tagged_base_interface => $::realm ? {
- 'production' => 'eth1',
- 'labs' => 'eth0',
- },
- network_flat_interface_vlan => '1102',
- flat_network_bridge => 'br1102',
- network_public_interface => 'eth0',
- network_host => $::realm ? {
- 'production' => hiera('labs_nova_network_ip'),
- 'labs' => $nova_network_hostname ? {
- undef => $::ipaddress_eth0,
- default => $nova_network_hostname,
- }
- },
- api_host => $::realm ? {
- 'production' => hiera('labs_nova_api_host'),
- 'labs' => $nova_controller_hostname ? {
- undef => $::ipaddress_eth0,
- default => $nova_controller_hostname,
- }
- },
- api_ip => $::realm ? {
- 'production' => ipresolve(hiera('labs_nova_api_host'),4),
- 'labs' => $nova_controller_ip ? {
- undef => $::ipaddress_eth0,
- default => $nova_controller_ip,
- }
- },
- fixed_range => $::realm ? {
- 'production' => '10.68.16.0/21',
- 'labs' => '192.168.0.0/21',
- },
- dhcp_start => $::realm ? {
- 'production' => '10.68.16.4',
- 'labs' => '192.168.0.4',
- },
- network_public_ip => $::realm ? {
- 'production' => '208.80.155.255',
- 'labs' => $nova_network_ip ? {
- undef => $::ipaddress_eth0,
- default => $nova_network_ip,
- }
- },
- dmz_cidr => $::realm ? {
- 'production' => '208.80.155.0/22,10.0.0.0/8',
- 'labs' => '10.4.0.0/21',
- },
- auth_uri => $::realm ? {
- 'production' => "http://${nova_controller}:5000";,
- 'labs' => 'http://localhost:5000',
- },
- controller_hostname => $controller_hostname,
- controller_address => $controller_address,
- ldap_host => $controller_hostname,
- puppet_host => $controller_hostname,
- puppet_db_host => $controller_hostname,
- live_migration_uri =>
'qemu://%s.eqiad.wmnet/system?pkipath=/var/lib/nova',
- zone => 'eqiad',
- keystone_admin_token => $keystoneconfig['admin_token'],
- keystone_auth_host => $keystoneconfig['bind_ip'],
- keystone_auth_protocol => $keystoneconfig['auth_protocol'],
- keystone_auth_port => $keystoneconfig['auth_port'],
+ db_host => 'm5-master.eqiad.wmnet',
+ dhcp_domain => 'eqiad.wmflabs',
+ glance_host => $controller_hostname,
+ rabbit_host => $controller_hostname,
+ cc_host => $controller_hostname,
+ designate_hostname => $designate_hostname,
+ network_flat_interface => 'eth1.1102',
+ network_flat_tagged_base_interface => 'eth1',
+ network_flat_interface_vlan => '1102',
+ flat_network_bridge => 'br1102',
+ network_public_interface => 'eth0',
+ network_host => hiera('labs_nova_network_ip'),
+ api_host => hiera('labs_nova_api_host'),
+ api_ip =>
ipresolve(hiera('labs_nova_api_host'),4),
+ fixed_range => '10.68.16.0/21',
+ dhcp_start => '10.68.16.4',
+ network_public_ip => '208.80.155.255',
+ dmz_cidr => '208.80.155.0/22,10.0.0.0/8',
+ auth_uri => "http://${nova_controller}:5000";,
+ controller_hostname => $controller_hostname,
+ controller_address => $controller_address,
+ ldap_host => $controller_hostname,
+ puppet_host => $controller_hostname,
+ puppet_db_host => $controller_hostname,
+ live_migration_uri =>
'qemu://%s.eqiad.wmnet/system?pkipath=/var/lib/nova',
+ zone => 'eqiad',
+ keystone_admin_token => $keystoneconfig['admin_token'],
+ keystone_auth_host => $keystoneconfig['bind_ip'],
+ keystone_auth_protocol => $keystoneconfig['auth_protocol'],
+ keystone_auth_port => $keystoneconfig['auth_port'],
}
+
if ( $::hostname == hiera('labs_nova_network_host') ) {
$networkconfig = {
network_flat_interface => 'eth1.1102',
@@ -273,15 +146,12 @@
}
class role::labs::openstack::nova::common {
- include role::labs::openstack::nova::config
- $novaconfig = $role::labs::openstack::nova::config::novaconfig
include passwords::misc::scripts
+ include role::labs::openstack::nova::config
- $status_wiki_host_master = $::realm ? {
- 'production' => 'wikitech.wikimedia.org',
- 'labs' => $::osm_hostname,
- }
+ $status_wiki_host_master = 'wikitech.wikimedia.org',
+ $novaconfig = $role::labs::openstack::nova::config::novaconfig
class { '::openstack::common':
novaconfig => $novaconfig,
@@ -299,18 +169,17 @@
# This is the wikitech UI
class role::labs::openstack::nova::manager {
+
include role::labs::openstack::nova::config
+
$novaconfig = $role::labs::openstack::nova::config::novaconfig
case $::realm {
- 'labs': {
- $certificate = 'star.wmflabs'
- }
'production': {
$certificate = 'wikitech.wikimedia.org'
}
default: {
- fail('unknown realm, should be labs or production')
+ fail('unknown realm')
}
}
@@ -373,31 +242,23 @@
# This is nova controller stuff
class role::labs::openstack::nova::controller {
+
require openstack
include role::labs::openstack::nova::config
- $novaconfig = $role::labs::openstack::nova::config::novaconfig
-
+ include role::labs::puppetmaster
include role::labs::openstack::keystone::config::eqiad
include role::labs::openstack::glance::config::eqiad
include role::labs::openstack::nova::wikiupdates
-
- if $::realm == 'labs' and $::openstack_site_override != undef {
- $glanceconfig = $::openstack_site_override ? {
- 'eqiad' =>
$role::labs::openstack::glance::config::eqiad::glanceconfig,
- }
- $keystoneconfig = $::openstack_site_override ? {
- 'eqiad' =>
$role::labs::openstack::keystone::config::eqiad::keystoneconfig,
- }
- } else {
- $glanceconfig = $::site ? {
- 'eqiad' =>
$role::labs::openstack::glance::config::eqiad::glanceconfig,
- }
- $keystoneconfig = $::site ? {
- 'eqiad' =>
$role::labs::openstack::keystone::config::eqiad::keystoneconfig,
- }
- }
-
include role::labs::openstack::nova::common
+
+ $novaconfig = $role::labs::openstack::nova::config::novaconfig
+
+ $glanceconfig = $::site ? {
+ 'eqiad' => $role::labs::openstack::glance::config::eqiad::glanceconfig,
+ }
+ $keystoneconfig = $::site ? {
+ 'eqiad' =>
$role::labs::openstack::keystone::config::eqiad::keystoneconfig,
+ }
class { '::openstack::nova::conductor':
novaconfig => $novaconfig,
@@ -415,10 +276,7 @@
glanceconfig => $glanceconfig,
}
- if $::realm == 'production' {
- class { '::openstack::controller_firewall': }
- include role::labs::puppetmaster
- }
+ class { '::openstack::controller_firewall': }
class { '::openstack::adminscripts':
novaconfig => $novaconfig
@@ -427,18 +285,15 @@
class { '::openstack::spreadcheck':
novaconfig => $novaconfig
}
-
- package { 'python-openstackclient':
- ensure => present,
- }
}
class role::labs::openstack::nova::api {
+
require openstack
include role::labs::openstack::nova::config
- $novaconfig = $role::labs::openstack::nova::config::novaconfig
-
include role::labs::openstack::nova::common
+
+ $novaconfig = $role::labs::openstack::nova::config::novaconfig
class { '::openstack::nova::api':
novaconfig => $novaconfig,
@@ -453,22 +308,21 @@
}
class role::labs::openstack::nova::network {
+
require openstack
include role::labs::openstack::nova::config
- $novaconfig = $role::labs::openstack::nova::config::novaconfig
-
include role::labs::openstack::nova::common
include role::labs::openstack::nova::wikiupdates
- if ($::realm == production) {
- $site_address = $::site ? {
- 'eqiad' => '208.80.155.255',
- }
+ $novaconfig = $role::labs::openstack::nova::config::novaconfig
- interface::ip { 'openstack::network_service_public_dynamic_snat':
- interface => 'lo',
- address => $site_address,
- }
+ $site_address = $::site ? {
+ 'eqiad' => '208.80.155.255',
+ }
+
+ interface::ip { 'openstack::network_service_public_dynamic_snat':
+ interface => 'lo',
+ address => $site_address,
}
interface::tagged { $novaconfig['network_flat_interface']:
@@ -486,11 +340,9 @@
class role::labs::openstack::nova::wikiupdates {
require openstack
- if $::realm == 'production' {
- if ! defined(Package['python-mwclient']) {
- package { 'python-mwclient':
- ensure => latest,
- }
+ if ! defined(Package['python-mwclient']) {
+ package { 'python-mwclient':
+ ensure => latest,
}
}
@@ -498,30 +350,21 @@
ensure => installed,
require => Package['python-mwclient'],
}
-
- # Cleanup. Can be removed by the time you are reading this.
- file { '/usr/local/lib/python2.6/dist-packages/wikinotifier.py':
- ensure => absent,
- }
-
- # Cleanup. Can be removed by the time you are reading this.
- file { '/usr/local/lib/python2.7/dist-packages/wikinotifier.py':
- ensure => absent,
- }
}
class role::labs::openstack::nova::compute($instance_dev='/dev/md1') {
- require openstack
- include role::labs::openstack::nova::config
- $novaconfig = $role::labs::openstack::nova::config::novaconfig
-
- include role::labs::openstack::nova::common
- ganglia::plugin::python {'diskstat': }
system::role { 'role::labs::openstack::nova::compute':
ensure => 'present',
description => 'openstack nova compute node',
}
+
+ require openstack
+ include role::labs::openstack::nova::config
+ include role::labs::openstack::nova::common
+ $novaconfig = $role::labs::openstack::nova::config::novaconfig
+
+ ganglia::plugin::python {'diskstat': }
interface::tagged { $novaconfig['network_flat_interface']:
base_interface => $novaconfig['network_flat_tagged_base_interface'],
@@ -535,20 +378,18 @@
novaconfig => $novaconfig,
}
- if $::realm == 'production' {
- mount { '/var/lib/nova/instances':
- ensure => mounted,
- device => $instance_dev,
- fstype => 'xfs',
- options => 'defaults',
- }
+ mount { '/var/lib/nova/instances':
+ ensure => mounted,
+ device => $instance_dev,
+ fstype => 'xfs',
+ options => 'defaults',
+ }
- file { '/var/lib/nova/instances':
- ensure => directory,
- owner => 'nova',
- group => 'nova',
- require => Mount['/var/lib/nova/instances'],
- }
+ file { '/var/lib/nova/instances':
+ ensure => directory,
+ owner => 'nova',
+ group => 'nova',
+ require => Mount['/var/lib/nova/instances'],
}
if os_version('debian >= jessie || ubuntu >= trusty') {
@@ -566,6 +407,4 @@
# global icinga hostgroups for virt/labs hosts
@monitoring::group { 'virt_eqiad': description => 'eqiad virt servers' }
-@monitoring::group { 'virt_esams': description => 'esams virt servers' }
@monitoring::group { 'virt_codfw': description => 'codfw virt servers' }
-@monitoring::group { 'virt_ulsfo': description => 'ulsfo virt servers' }
diff --git a/manifests/role/labs/puppetmaster.pp
b/manifests/role/labs/puppetmaster.pp
index 124416a..c587a55 100644
--- a/manifests/role/labs/puppetmaster.pp
+++ b/manifests/role/labs/puppetmaster.pp
@@ -1,7 +1,9 @@
# vim: set tabstop=4 shiftwidth=4 softtabstop=4 expandtab textwidth=80 smarttab
class role::labs::puppetmaster {
+
include network::constants
+ include ldap::role::config::labs
$labs_ranges = [
$network::constants::all_network_subnets['production']['eqiad']['private']['labs-instances1-a-eqiad']['ipv4'],
@@ -9,16 +11,12 @@
$network::constants::all_network_subnets['production']['eqiad']['private']['labs-instances1-c-eqiad']['ipv4'],
$network::constants::all_network_subnets['production']['eqiad']['private']['labs-instances1-d-eqiad']['ipv4'],
]
-
- include ldap::role::config::labs
$ldapconfig = $ldap::role::config::labs::ldapconfig
$basedn = $ldapconfig['basedn']
+
# Only allow puppet access from the instances
- $allow_from = $::realm ? {
- 'production' => flatten([$labs_ranges, '208.80.154.14']),
- 'labs' => [ '192.168.0.0/21' ],
- }
+ $allow_from = flatten([$labs_ranges, '208.80.154.14']),
class { '::puppetmaster':
server_name => hiera('labs_puppet_master'),
diff --git a/modules/openstack/manifests/common.pp
b/modules/openstack/manifests/common.pp
index 861f92f..f6beae5 100644
--- a/modules/openstack/manifests/common.pp
+++ b/modules/openstack/manifests/common.pp
@@ -25,6 +25,7 @@
'python-netaddr',
'python-keystone',
'python-novaclient',
+ 'python-openstackclient',
'radvd',
]:
ensure => present,
--
To view, visit https://gerrit.wikimedia.org/r/253909
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ie15d5502e423bad7ec24deded56c02a6f7403f21
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Rush <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
