Rush has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/386386 )
Change subject: puppetmaster: make hiera lookups class params
......................................................................
puppetmaster: make hiera lookups class params
I need to use these profiles for labpuppetmaster*
and labtestpuppetmaster* and set these values
per deployment. Make these lookups class params.
I believe this follows the currently accepted
best practice.
Bug: T171494
Change-Id: I3b04358c177d3d89057854b50186df15124f8dd8
---
M modules/profile/manifests/puppetmaster/backend.pp
M modules/profile/manifests/puppetmaster/frontend.pp
2 files changed, 5 insertions(+), 6 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/86/386386/1
diff --git a/modules/profile/manifests/puppetmaster/backend.pp
b/modules/profile/manifests/puppetmaster/backend.pp
index 825e023..775fe49 100644
--- a/modules/profile/manifests/puppetmaster/backend.pp
+++ b/modules/profile/manifests/puppetmaster/backend.pp
@@ -4,6 +4,8 @@
$config = hiera('profile::puppetmaster::backend::config', {}),
$secure_private = hiera('profile::puppetmaster::backend::config', true),
$prevent_cherrypicks =
hiera('profile::puppetmaster::backend::prevent_cherrypicks', true),
+ $ca_server = hiera('puppetmaster::ca_server',
'puppetmaster1001.eqiad.wmnet'),
+ $puppetmasters = hiera('puppetmaster::servers'),
$allow_from = [
'*.wikimedia.org',
'*.eqiad.wmnet',
@@ -12,7 +14,6 @@
'*.codfw.wmnet'],
$extra_auth_rules = '',
) {
- $ca_server = hiera('puppetmaster::ca_server',
'puppetmaster1001.eqiad.wmnet')
$common_config = {
'ca' => false,
@@ -34,7 +35,7 @@
extra_auth_rules => $extra_auth_rules,
}
- $puppetmaster_frontend_ferm = join(keys(hiera('puppetmaster::servers')), '
')
+ $puppetmaster_frontend_ferm = join(keys($puppetmasters), ' ')
ferm::service { 'ssh_puppet_merge':
proto => 'tcp',
port => '22',
diff --git a/modules/profile/manifests/puppetmaster/frontend.pp
b/modules/profile/manifests/puppetmaster/frontend.pp
index ee86a8c..d153d25 100644
--- a/modules/profile/manifests/puppetmaster/frontend.pp
+++ b/modules/profile/manifests/puppetmaster/frontend.pp
@@ -5,6 +5,8 @@
$secure_private = hiera('profile::puppetmaster::frontend::config', true),
$web_hostname = hiera('profile::puppetmaster::frontend::web_hostname',
'puppet'),
$prevent_cherrypicks =
hiera('profile::puppetmaster::frontend::prevent_cherrypicks', true),
+ $ca_server = hiera('puppetmaster::ca_server',
'puppetmaster1001.eqiad.wmnet'),
+ $servers = hiera('puppetmaster::servers', {}),
$allow_from = [
'*.wikimedia.org',
'*.eqiad.wmnet',
@@ -17,9 +19,6 @@
backup::set { 'var-lib-puppet-volatile': }
# Puppet frontends are git masters at least for their datacenter
-
- $ca_server = hiera('puppetmaster::ca_server',
'puppetmaster1001.eqiad.wmnet')
-
if $ca_server == $::fqdn {
$ca = true
$cron = 'absent'
@@ -29,7 +28,6 @@
}
## Configuration
- $servers = hiera('puppetmaster::servers', {})
$workers = $servers[$::fqdn]
$common_config = {
--
To view, visit https://gerrit.wikimedia.org/r/386386
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I3b04358c177d3d89057854b50186df15124f8dd8
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Rush <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
