[MediaWiki-commits] [Gerrit] diamond: Add openldap collector - change (operations/puppet)

Alexandros Kosiaris (Code Review) Fri, 11 Dec 2015 10:41:01 -0800

Alexandros Kosiaris has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/258491


Change subject: diamond: Add openldap collector
......................................................................

diamond: Add openldap collector

Add an openldap collector allowing to query cn=Monitor stats from
diamond and store them. This assumes we get a new user in both ldap and
OIT ldap servers named diamond that has read only access to cn=monitor.
The access part is done in this patch but the user needs to be created
before it is merged

Change-Id: Ia9fe25e5e6e6516e63bb452454fd883d7b72f5d9
---
M modules/openldap/templates/slapd.erb
M modules/role/manifests/openldap/corp.pp
M modules/role/manifests/openldap/labs.pp
3 files changed, 23 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/91/258491/1

diff --git a/modules/openldap/templates/slapd.erb 
b/modules/openldap/templates/slapd.erb
index dd36c95..d1a6bd3 100644
--- a/modules/openldap/templates/slapd.erb
+++ b/modules/openldap/templates/slapd.erb
@@ -69,6 +69,7 @@
 
 access to dn="cn=monitor"
        by dn="cn=admin,<%= @suffix %>" write
+       by dn="cn=diamond,<%= @suffix %>" read
        by self write
        by * none
 
diff --git a/modules/role/manifests/openldap/corp.pp 
b/modules/role/manifests/openldap/corp.pp
index 77b39da..a38b51d 100644
--- a/modules/role/manifests/openldap/corp.pp
+++ b/modules/role/manifests/openldap/corp.pp
@@ -41,4 +41,15 @@
         check_command => 'check_ldap!dc=corp,dc=wikimedia,dc=org',
         critical      => true,
     }
+
+    # Diamond config
+    package { 'python-ldap':
+        ensure => installed,
+    }
+    diamond::collector { 'OpenLDAP':
+        settings => {
+            'username' => 'cn=diamond,dc=corp,dc=wikimedia,dc=org',
+            'password' => $passwords::openldap::corp::diamond_pass,
+        }
+    }
 }
diff --git a/modules/role/manifests/openldap/labs.pp 
b/modules/role/manifests/openldap/labs.pp
index 412551d..e561956 100644
--- a/modules/role/manifests/openldap/labs.pp
+++ b/modules/role/manifests/openldap/labs.pp
@@ -41,4 +41,15 @@
         check_command => 'check_ldap!dc=wikimedia,dc=org',
         critical      => false,
     }
+
+    # Diamond config
+    package { 'python-ldap':
+        ensure => installed,
+    }
+    diamond::collector { 'OpenLDAP':
+        settings => {
+            'username' => 'cn=diamond,dc=wikimedia,dc=org',
+            'password' => $passwords::openldap::labs::diamond_pass,
+        }
+    }
 }

-- 
To view, visit https://gerrit.wikimedia.org/r/258491
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia9fe25e5e6e6516e63bb452454fd883d7b72f5d9
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Alexandros Kosiaris <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] diamond: Add openldap collector - change (operations/puppet)

Reply via email to