[MediaWiki-commits] [Gerrit] operations/puppet[production]: public_dumps: Add puppet class to set up NFS for dumps servers

Madhuvishy (Code Review) Mon, 27 Nov 2017 16:34:32 -0800

Madhuvishy has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/393695 )


Change subject: public_dumps: Add puppet class to set up NFS for dumps servers
......................................................................

public_dumps: Add puppet class to set up NFS for dumps servers

Bug: T181431
Change-Id: I068f639e3b5a544af288408d90558a85c8287f72
---
M modules/profile/manifests/dumps/public_server.pp
A modules/public_dumps/files/nfs-common
A modules/public_dumps/files/nfs-kernel-server
A modules/public_dumps/manifests/nfs.pp
4 files changed, 78 insertions(+), 1 deletion(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/95/393695/1

diff --git a/modules/profile/manifests/dumps/public_server.pp 
b/modules/profile/manifests/dumps/public_server.pp
index f841c39..f0e95d9 100644
--- a/modules/profile/manifests/dumps/public_server.pp
+++ b/modules/profile/manifests/dumps/public_server.pp
@@ -5,5 +5,5 @@
 class profile::dumps::public_server {
 
     class {'::public_dumps::server':}
-    class {'::labstore':}
+    class {'::public_dumps::nfs':}
 }
diff --git a/modules/public_dumps/files/nfs-common 
b/modules/public_dumps/files/nfs-common
new file mode 100644
index 0000000..cd91678
--- /dev/null
+++ b/modules/public_dumps/files/nfs-common
@@ -0,0 +1,17 @@
+# If you do not set values for the NEED_ options, they will be attempted
+# autodetected; this should be sufficient for most people. Valid alternatives
+# for the NEED_ options are "yes" and "no".
+
+# Do you want to start the statd daemon? It is not needed for NFSv4.
+NEED_STATD=yes
+
+# Options for rpc.statd.
+#   Should rpc.statd listen on a specific port? This is especially useful
+#   when you have a port-based firewall. To use a fixed port, set this
+#   this variable to a statd argument like: "--port 4000 --outgoing-port 4001".
+#   For more information, see rpc.statd(8) or 
http://wiki.debian.org/SecuringNFS
+STATDOPTS='--port 55659 --outgoing-port 44153'
+
+# Do you want to start the gssd daemon? It is required for Kerberos mounts.
+NEED_GSSD=
+NEED_LOCKD=no
diff --git a/modules/public_dumps/files/nfs-kernel-server 
b/modules/public_dumps/files/nfs-kernel-server
new file mode 100644
index 0000000..bfb4950
--- /dev/null
+++ b/modules/public_dumps/files/nfs-kernel-server
@@ -0,0 +1,23 @@
+# Number of servers to start up
+# To disable nfsv4 on the server, specify '--no-nfs-version 4' here
+
+# Best as max concurrently connected clients.  We currently hover around
+# 250-280 connected clients as of 1/25/2016
+RPCNFSDCOUNT=192
+
+# Runtime priority of server (see nice(1))
+RPCNFSDPRIORITY=0
+
+# Options for rpc.mountd.
+# If you have a port-based firewall, you might want to set up
+# a fixed port here using the --port option. For more information,
+# see rpc.mountd(8) or http://wiki.debian.org/SecuringNFS
+# To disable NFSv4 on the server, specify '--no-nfs-version 4' here
+RPCMOUNTDOPTS='--manage-gids --port 38466 --no-nfs-version 2,3'
+
+# Do you want to start the svcgssd daemon? It is only required for Kerberos
+# exports. Valid alternatives are "yes" and "no"; the default is "no".
+NEED_SVCGSSD=
+
+# Options for rpc.svcgssd.
+RPCSVCGSSDOPTS=
diff --git a/modules/public_dumps/manifests/nfs.pp 
b/modules/public_dumps/manifests/nfs.pp
new file mode 100644
index 0000000..3586906
--- /dev/null
+++ b/modules/public_dumps/manifests/nfs.pp
@@ -0,0 +1,37 @@
+# Set up NFS Server for the public dumps servers
+# Firewall rules are managed separately through profile::wmcs::nfs::ferm
+
+class public_dumps::nfs {
+
+    require_package('nfs-kernel-server', 'nfs-common', 'rpcbind')
+
+    file { '/etc/default/nfs-common':
+        ensure => present,
+        owner  => 'root',
+        group  => 'root',
+        mode   => '0555',
+        source => 'puppet:///modules/public_dumps/nfs-common',
+    }
+
+    file { '/etc/default/nfs-kernel-server':
+        ensure => present,
+        owner  => 'root',
+        group  => 'root',
+        mode   => '0555',
+        source => 'puppet:///modules/public_dumps/nfs-kernel-server',
+    }
+
+    file { '/etc/modprobe.d/nfs-lockd.conf':
+        ensure  => present,
+        owner   => 'root',
+        group   => 'root',
+        mode    => '0644',
+        content => 'options lockd nlm_udpport=32768 nlm_tcpport=32769',
+    }
+
+    # Manage state manually
+    service { 'nfs-kernel-server':
+        enable => false,
+    }
+
+}

-- 
To view, visit https://gerrit.wikimedia.org/r/393695
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I068f639e3b5a544af288408d90558a85c8287f72
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Madhuvishy <mviswanat...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] operations/puppet[production]: public_dumps: Add puppet class to set up NFS for dumps servers

Reply via email to