Hello Andrew Bogott, Giuseppe Lavagetto, Chasemp, jenkins-bot, Jcrespo,
I'd like you to do a code review. Please visit
https://gerrit.wikimedia.org/r/378959
to review the following change.
Change subject: Revert "mariadb: add firewall exceptions for m5 and cloud
services"
......................................................................
Revert "mariadb: add firewall exceptions for m5 and cloud services"
This reverts commit 59b1763abbcedfe4af5ac42916bf6f3d19d92c1c.
Change-Id: I8da08f57f9c3801e3f2942535f1c56f85dfbc6e2
---
M manifests/site.pp
D modules/role/manifests/mariadb/ferm_wmcs.pp
2 files changed, 0 insertions(+), 51 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/59/378959/1
diff --git a/manifests/site.pp b/manifests/site.pp
index ba77b51..e730442 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -634,7 +634,6 @@
# m5 shard
node 'db1009.eqiad.wmnet' {
- role(mariadb::ferm_wmcs)
class { '::role::mariadb::misc':
shard => 'm5',
master => true,
@@ -642,7 +641,6 @@
}
node 'db2030.codfw.wmnet' {
- role(mariadb::ferm_wmcs)
class { '::role::mariadb::misc':
shard => 'm5',
}
@@ -732,7 +730,6 @@
}
node 'dbproxy1005.eqiad.wmnet' {
- role(mariadb::ferm_wmcs)
class { '::role::mariadb::proxy::master':
shard => 'm5',
primary_name => 'db1009',
diff --git a/modules/role/manifests/mariadb/ferm_wmcs.pp
b/modules/role/manifests/mariadb/ferm_wmcs.pp
deleted file mode 100644
index 9e88739..0000000
--- a/modules/role/manifests/mariadb/ferm_wmcs.pp
+++ /dev/null
@@ -1,48 +0,0 @@
-# Firewall rules for the misc db host used by wmcs.
-# We need special rules to allow access for openstack services (which
typically
-# run on hosts with public IPs)
-
-class role::mariadb::ferm_wmcs(
- $nova_controller = hiera('profile::openstack::main::nova_controller'),
- $nova_controller_standby =
hiera('profile::openstack::main::nova_controller_standby'),
- $designate_host = hiera('profile::openstack::main::designate_host'),
- $designate_host_standby =
hiera('profile::openstack::main::designate_host_standby'),
- $horizon_host = hiera('profile::openstack::main::horizon_host'),
- $osm_host = hiera('profile::openstack::main::osm_host'),
- ) {
-
- ferm::service{ 'nova_controller':
- proto => 'tcp',
- port => '3306',
- notrack => true,
- srange => "@resolve(${nova_controller})
@resolve(${nova_controller_standby})",
- }
-
- ferm::service{ 'designate':
- proto => 'tcp',
- port => '3306',
- notrack => true,
- srange => "@resolve(${designate_host})
@resolve(${designate_host_standby})",
- }
-
- ferm::service{ 'wmcs_puppetmasters':
- proto => 'tcp',
- port => '3306',
- notrack => true,
- srange => '@resolve(labpuppetmaster1001.wikimedia.org)
@resolve(labpuppetmaster1002.wikimedia.org)',
- }
-
- ferm::service{ 'horizon_and_striker':
- proto => 'tcp',
- port => '3306',
- notrack => true,
- srange => "@resolve(${horizon_host})",
- }
-
- ferm::service{ 'wikitech':
- proto => 'tcp',
- port => '3306',
- notrack => true,
- srange => "@resolve(${osm_host})",
- }
-}
--
To view, visit https://gerrit.wikimedia.org/r/378959
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I8da08f57f9c3801e3f2942535f1c56f85dfbc6e2
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Rush <r...@wikimedia.org>
Gerrit-Reviewer: Andrew Bogott <abog...@wikimedia.org>
Gerrit-Reviewer: Chasemp <r...@wikimedia.org>
Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org>
Gerrit-Reviewer: Jcrespo <jcre...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
