Giuseppe Lavagetto has submitted this change and it was merged. ( https://gerrit.wikimedia.org/r/402789 )
Change subject: site.pp: rationalize prometheus, puppetmaster frontends ...................................................................... site.pp: rationalize prometheus, puppetmaster frontends * Created a compound role for prometheus * Incorporated the additional roles inside role::puppetmaster::frontend Change-Id: Icd70ef861dcadeeae7df0415a5c2779679c5e144 --- R hieradata/role/codfw/prometheus.yaml R hieradata/role/eqiad/prometheus.yaml M manifests/site.pp R modules/profile/manifests/access_new_install.pp A modules/profile/manifests/ipmi/mgmt.pp D modules/role/manifests/ipmi/mgmt.pp A modules/role/manifests/prometheus.pp M modules/role/manifests/puppetmaster/frontend.pp 8 files changed, 29 insertions(+), 31 deletions(-) Approvals: Giuseppe Lavagetto: Looks good to me, approved jenkins-bot: Verified diff --git a/hieradata/role/common/prometheus/ops.yaml b/hieradata/role/codfw/prometheus.yaml similarity index 100% rename from hieradata/role/common/prometheus/ops.yaml rename to hieradata/role/codfw/prometheus.yaml diff --git a/hieradata/role/eqiad/prometheus/ops.yaml b/hieradata/role/eqiad/prometheus.yaml similarity index 100% rename from hieradata/role/eqiad/prometheus/ops.yaml rename to hieradata/role/eqiad/prometheus.yaml diff --git a/manifests/site.pp b/manifests/site.pp index 812fe74..9706cb2 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -1056,7 +1056,6 @@ } interface::add_ip6_mapped { 'main': } role(bastionhost::twofa) - include ::role::access_new_install } # The host is going to be decom as part of T181518 @@ -1825,14 +1824,8 @@ } node /^prometheus200[34]\.codfw\.wmnet$/ { - role(prometheus::ops, prometheus::global, prometheus::services, prometheus::analytics, - prometheus::k8s) - + role(prometheus) include ::base::firewall - include ::standard - include ::lvs::realserver - - interface::add_ip6_mapped { 'main': } } node 'puppetcompiler1001.eqiad.wmnet' { @@ -1841,21 +1834,11 @@ } node /^prometheus100[34]\.eqiad\.wmnet$/ { - role(prometheus::ops, prometheus::global, prometheus::services, prometheus::analytics, - prometheus::k8s) - - include ::lvs::realserver - - interface::add_ip6_mapped { 'main': } + role(prometheus) } node /^puppetmaster[12]001\.(codfw|eqiad)\.wmnet$/ { - role( - ipmi::mgmt, access_new_install, - puppetmaster::frontend, - ) - include ::standard - interface::add_ip6_mapped { 'main': } + role(puppetmaster::frontend) } node /^puppetmaster[12]002\.(codfw|eqiad)\.wmnet$/ { diff --git a/modules/role/manifests/access_new_install.pp b/modules/profile/manifests/access_new_install.pp similarity index 96% rename from modules/role/manifests/access_new_install.pp rename to modules/profile/manifests/access_new_install.pp index 4a80193..af6339f 100644 --- a/modules/role/manifests/access_new_install.pp +++ b/modules/profile/manifests/access_new_install.pp @@ -2,7 +2,7 @@ # to set up the initial puppet run. # This key is dangerous, do not deploy widely! # Also install a convenience script to ssh in using this key -class role::access_new_install { +class profile::access_new_install { file { '/root/.ssh/new_install': owner => 'root', group => 'root', diff --git a/modules/profile/manifests/ipmi/mgmt.pp b/modules/profile/manifests/ipmi/mgmt.pp new file mode 100644 index 0000000..0c9b1a3 --- /dev/null +++ b/modules/profile/manifests/ipmi/mgmt.pp @@ -0,0 +1,4 @@ +# IPMItool mgmt hosts +class profile::ipmi::mgmt { + class { '::ipmi::mgmt': } +} diff --git a/modules/role/manifests/ipmi/mgmt.pp b/modules/role/manifests/ipmi/mgmt.pp deleted file mode 100644 index 176ab45..0000000 --- a/modules/role/manifests/ipmi/mgmt.pp +++ /dev/null @@ -1,10 +0,0 @@ -# IPMItool mgmt hosts -class role::ipmi::mgmt { - - system::role { 'ipmi::mgmt': - description => 'IPMI Management' - } - - include ::ipmi::mgmt - -} diff --git a/modules/role/manifests/prometheus.pp b/modules/role/manifests/prometheus.pp new file mode 100644 index 0000000..f475c21 --- /dev/null +++ b/modules/role/manifests/prometheus.pp @@ -0,0 +1,14 @@ +class role::prometheus { + system::role { 'prometheus::server': } + include ::role::prometheus::ops + include ::role::prometheus::global + include ::role::prometheus::services + include ::role::prometheus::analytics + include ::role::prometheus::k8s + + include ::standard + # TODO: use role::lvs::realserver instead + include ::lvs::realserver + + interface::add_ip6_mapped { 'main': } +} diff --git a/modules/role/manifests/puppetmaster/frontend.pp b/modules/role/manifests/puppetmaster/frontend.pp index f6ee73d..33b6be6 100644 --- a/modules/role/manifests/puppetmaster/frontend.pp +++ b/modules/role/manifests/puppetmaster/frontend.pp @@ -5,6 +5,7 @@ description => 'Puppetmaster frontend' } + include ::standard include ::base::firewall include ::profile::backup::host @@ -17,4 +18,10 @@ # config-master.wikimedia.org include ::profile::configmaster include ::profile::discovery::client + + # IPMI management + include ::profile::ipmi::mgmt + include ::profile::access_new_install + + interface::add_ip6_mapped { 'main': } } -- To view, visit https://gerrit.wikimedia.org/r/402789 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: Icd70ef861dcadeeae7df0415a5c2779679c5e144 Gerrit-PatchSet: 3 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Giuseppe Lavagetto <glavage...@wikimedia.org> Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits