Andrew Bogott has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/393842 )
Change subject: labsaliaser: handle requests for the simple hostname 'puppet'
......................................................................
labsaliaser: handle requests for the simple hostname 'puppet'
This returns a hiera-specified puppetmaster cname when the recursor
is asked to resolve 'puppet'. This should simplify the initial
puppet run on new instances.
Bug: T181375
Change-Id: I153c678cdf4a6a00facb9edba801c29eefdadca9
---
M hieradata/common/profile/openstack/base.yaml
M hieradata/common/profile/openstack/labtest.yaml
M modules/dnsrecursor/files/labs-ip-alias-dump.py
M modules/dnsrecursor/manifests/labsaliaser.pp
M modules/profile/manifests/openstack/base/pdns/recursor/service.pp
M modules/profile/manifests/openstack/labtest/pdns/recursor/service.pp
6 files changed, 25 insertions(+), 8 deletions(-)
Approvals:
Andrew Bogott: Looks good to me, approved
jenkins-bot: Verified
diff --git a/hieradata/common/profile/openstack/base.yaml
b/hieradata/common/profile/openstack/base.yaml
index b85d3c1..c701317 100644
--- a/hieradata/common/profile/openstack/base.yaml
+++ b/hieradata/common/profile/openstack/base.yaml
@@ -7,3 +7,4 @@
profile::openstack::base::ldap_user_name_attribute: 'cn'
profile::openstack::base::ldap_user_dn:
'uid=novaadmin,ou=people,dc=wikimedia,dc=org'
profile::openstack::base::monitoring_host: 'labmon1001.eqiad.wmnet'
+profile::openstack::base::puppetmaster_hostname:
'labs-puppetmaster.wikimedia.org'
diff --git a/hieradata/common/profile/openstack/labtest.yaml
b/hieradata/common/profile/openstack/labtest.yaml
index 18d47d0..6a61ef4 100644
--- a/hieradata/common/profile/openstack/labtest.yaml
+++ b/hieradata/common/profile/openstack/labtest.yaml
@@ -14,3 +14,4 @@
profile::openstack::labtest::osm_host: 'labtestwikitech.wikimedia.org'
profile::openstack::labtest::ldap_hosts: ['labtestservices2001.wikimedia.org']
profile::openstack::labtest::statsd_host: 'labmon1001.eqiad.wmnet'
+profile::openstack::labtest::puppetmaster_hostname:
'labtest-puppetmaster.wikimedia.org'
diff --git a/modules/dnsrecursor/files/labs-ip-alias-dump.py
b/modules/dnsrecursor/files/labs-ip-alias-dump.py
index 98b7e65..02342b0 100644
--- a/modules/dnsrecursor/files/labs-ip-alias-dump.py
+++ b/modules/dnsrecursor/files/labs-ip-alias-dump.py
@@ -110,8 +110,10 @@
"""
+output += 'puppetmaster_hostname = \"%s\"\n' % config['puppetmaster_hostname']
+output += 'extra_records = {}\n'
+
if 'extra_records' in config:
- output += 'extra_records = {}\n'
extra_records = config['extra_records']
for q in sorted(extra_records.keys()):
@@ -122,13 +124,18 @@
comment=q
)
- output += """
+output += """
function preresolve(remoteip, domain, qtype)
if extra_records[domain]
then
return 0, {
{qtype=pdns.A, content=extra_records[domain], ttl=300, place="1"},
}
+ elseif domain == 'puppet.'
+ then
+ return 0, {
+ {qtype=pdns.CNAME, content=puppetmaster_hostname},
+ }
end
return -1, {}
end
diff --git a/modules/dnsrecursor/manifests/labsaliaser.pp
b/modules/dnsrecursor/manifests/labsaliaser.pp
index 82a05c7..7461e61 100644
--- a/modules/dnsrecursor/manifests/labsaliaser.pp
+++ b/modules/dnsrecursor/manifests/labsaliaser.pp
@@ -5,16 +5,18 @@
$extra_records,
$alias_file,
$observer_project_name,
+ $puppetmaster_hostname,
) {
require_package(['python-novaclient', 'python-keystoneclient'])
$config = {
- 'username' => $username,
- 'password' => $password,
- 'output_path' => $alias_file,
- 'nova_api_url' => $nova_api_url,
- 'extra_records' => $extra_records,
+ 'username' => $username,
+ 'password' => $password,
+ 'output_path' => $alias_file,
+ 'nova_api_url' => $nova_api_url,
+ 'extra_records' => $extra_records,
+ 'puppetmaster_hostname' => $puppetmaster_hostname,
'observer_project_name' => $observer_project_name,
}
diff --git a/modules/profile/manifests/openstack/base/pdns/recursor/service.pp
b/modules/profile/manifests/openstack/base/pdns/recursor/service.pp
index 7e66951..bc8d858 100644
--- a/modules/profile/manifests/openstack/base/pdns/recursor/service.pp
+++ b/modules/profile/manifests/openstack/base/pdns/recursor/service.pp
@@ -4,7 +4,7 @@
# via floating IP, but they often want to do DNS lookups for the
# public IP of other instances (e.g. beta.wmflabs.org).
#
-# This recursor does two useful things:
+# This recursor does three useful things:
#
# - It maintains a mapping between floating and private IPs
# for select instances. Anytime the upstream DNS server returns
@@ -13,6 +13,9 @@
#
# - It relays requests for *.wmflabs to the auth server that knows
# about such things (defined as $labs_forward)
+#
+# - It defines a cname for 'puppet' that resolves to the
deployment-appropriate
+# puppetmaster
#
# Other than that it should act like any other WMF recursor.
#
@@ -30,6 +33,7 @@
$c2_dbs = hiera('profile::openstack::base::pdns::labsdb::c2'),
$c3_dbs = hiera('profile::openstack::base::pdns::labsdb::c3'),
$aliaser_extra_records =
hiera('profile::openstack::base::pdns::recursor::aliaser_extra_records'),
+ $puppetmaster_hostname =
hiera('profile::openstack::base::puppetmaster_hostname'),
) {
include ::network::constants
@@ -81,6 +85,7 @@
password => $observer_password,
nova_api_url => "http://${nova_controller}:35357/v3";,
extra_records => $aliaser_extra_records,
+ puppetmaster_hostname => $puppetmaster_hostname,
alias_file => $alias_file,
observer_project_name => $observer_project,
}
diff --git
a/modules/profile/manifests/openstack/labtest/pdns/recursor/service.pp
b/modules/profile/manifests/openstack/labtest/pdns/recursor/service.pp
index 53967e5..45f537a 100644
--- a/modules/profile/manifests/openstack/labtest/pdns/recursor/service.pp
+++ b/modules/profile/manifests/openstack/labtest/pdns/recursor/service.pp
@@ -5,6 +5,7 @@
$pdns_recursor = hiera('profile::openstack::labtest::pdns::recursor'),
$tld = hiera('profile::openstack::labtest::pdns::tld'),
$private_reverse =
hiera('profile::openstack::labtest::pdns::private_reverse'),
+ $puppetmaster_hostname =
hiera('profile::openstack::labtest::puppetmaster_hostname'),
) {
class {'::profile::openstack::base::pdns::recursor::service':
--
To view, visit https://gerrit.wikimedia.org/r/393842
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I153c678cdf4a6a00facb9edba801c29eefdadca9
Gerrit-PatchSet: 11
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott <[email protected]>
Gerrit-Reviewer: Andrew Bogott <[email protected]>
Gerrit-Reviewer: Rush <[email protected]>
Gerrit-Reviewer: Volans <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
