Giuseppe Lavagetto has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/402789 )
Change subject: site.pp: rationalize prometheus, puppetmaster frontends
......................................................................
site.pp: rationalize prometheus, puppetmaster frontends
* Created a compound role for prometheus
* Incorporated the additional roles inside role::puppetmaster::frontend
Change-Id: Icd70ef861dcadeeae7df0415a5c2779679c5e144
---
R hieradata/role/codfw/prometheus.yaml
R hieradata/role/eqiad/prometheus.yaml
M manifests/site.pp
R modules/profile/manifests/access_new_install.pp
A modules/profile/manifests/ipmi/mgmt.pp
D modules/role/manifests/ipmi/mgmt.pp
A modules/role/manifests/prometheus.pp
M modules/role/manifests/puppetmaster/frontend.pp
8 files changed, 29 insertions(+), 31 deletions(-)
Approvals:
Giuseppe Lavagetto: Looks good to me, approved
jenkins-bot: Verified
diff --git a/hieradata/role/common/prometheus/ops.yaml
b/hieradata/role/codfw/prometheus.yaml
similarity index 100%
rename from hieradata/role/common/prometheus/ops.yaml
rename to hieradata/role/codfw/prometheus.yaml
diff --git a/hieradata/role/eqiad/prometheus/ops.yaml
b/hieradata/role/eqiad/prometheus.yaml
similarity index 100%
rename from hieradata/role/eqiad/prometheus/ops.yaml
rename to hieradata/role/eqiad/prometheus.yaml
diff --git a/manifests/site.pp b/manifests/site.pp
index 812fe74..9706cb2 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -1056,7 +1056,6 @@
}
interface::add_ip6_mapped { 'main': }
role(bastionhost::twofa)
- include ::role::access_new_install
}
# The host is going to be decom as part of T181518
@@ -1825,14 +1824,8 @@
}
node /^prometheus200[34]\.codfw\.wmnet$/ {
- role(prometheus::ops, prometheus::global, prometheus::services,
prometheus::analytics,
- prometheus::k8s)
-
+ role(prometheus)
include ::base::firewall
- include ::standard
- include ::lvs::realserver
-
- interface::add_ip6_mapped { 'main': }
}
node 'puppetcompiler1001.eqiad.wmnet' {
@@ -1841,21 +1834,11 @@
}
node /^prometheus100[34]\.eqiad\.wmnet$/ {
- role(prometheus::ops, prometheus::global, prometheus::services,
prometheus::analytics,
- prometheus::k8s)
-
- include ::lvs::realserver
-
- interface::add_ip6_mapped { 'main': }
+ role(prometheus)
}
node /^puppetmaster[12]001\.(codfw|eqiad)\.wmnet$/ {
- role(
- ipmi::mgmt, access_new_install,
- puppetmaster::frontend,
- )
- include ::standard
- interface::add_ip6_mapped { 'main': }
+ role(puppetmaster::frontend)
}
node /^puppetmaster[12]002\.(codfw|eqiad)\.wmnet$/ {
diff --git a/modules/role/manifests/access_new_install.pp
b/modules/profile/manifests/access_new_install.pp
similarity index 96%
rename from modules/role/manifests/access_new_install.pp
rename to modules/profile/manifests/access_new_install.pp
index 4a80193..af6339f 100644
--- a/modules/role/manifests/access_new_install.pp
+++ b/modules/profile/manifests/access_new_install.pp
@@ -2,7 +2,7 @@
# to set up the initial puppet run.
# This key is dangerous, do not deploy widely!
# Also install a convenience script to ssh in using this key
-class role::access_new_install {
+class profile::access_new_install {
file { '/root/.ssh/new_install':
owner => 'root',
group => 'root',
diff --git a/modules/profile/manifests/ipmi/mgmt.pp
b/modules/profile/manifests/ipmi/mgmt.pp
new file mode 100644
index 0000000..0c9b1a3
--- /dev/null
+++ b/modules/profile/manifests/ipmi/mgmt.pp
@@ -0,0 +1,4 @@
+# IPMItool mgmt hosts
+class profile::ipmi::mgmt {
+ class { '::ipmi::mgmt': }
+}
diff --git a/modules/role/manifests/ipmi/mgmt.pp
b/modules/role/manifests/ipmi/mgmt.pp
deleted file mode 100644
index 176ab45..0000000
--- a/modules/role/manifests/ipmi/mgmt.pp
+++ /dev/null
@@ -1,10 +0,0 @@
-# IPMItool mgmt hosts
-class role::ipmi::mgmt {
-
- system::role { 'ipmi::mgmt':
- description => 'IPMI Management'
- }
-
- include ::ipmi::mgmt
-
-}
diff --git a/modules/role/manifests/prometheus.pp
b/modules/role/manifests/prometheus.pp
new file mode 100644
index 0000000..f475c21
--- /dev/null
+++ b/modules/role/manifests/prometheus.pp
@@ -0,0 +1,14 @@
+class role::prometheus {
+ system::role { 'prometheus::server': }
+ include ::role::prometheus::ops
+ include ::role::prometheus::global
+ include ::role::prometheus::services
+ include ::role::prometheus::analytics
+ include ::role::prometheus::k8s
+
+ include ::standard
+ # TODO: use role::lvs::realserver instead
+ include ::lvs::realserver
+
+ interface::add_ip6_mapped { 'main': }
+}
diff --git a/modules/role/manifests/puppetmaster/frontend.pp
b/modules/role/manifests/puppetmaster/frontend.pp
index f6ee73d..33b6be6 100644
--- a/modules/role/manifests/puppetmaster/frontend.pp
+++ b/modules/role/manifests/puppetmaster/frontend.pp
@@ -5,6 +5,7 @@
description => 'Puppetmaster frontend'
}
+ include ::standard
include ::base::firewall
include ::profile::backup::host
@@ -17,4 +18,10 @@
# config-master.wikimedia.org
include ::profile::configmaster
include ::profile::discovery::client
+
+ # IPMI management
+ include ::profile::ipmi::mgmt
+ include ::profile::access_new_install
+
+ interface::add_ip6_mapped { 'main': }
}
--
To view, visit https://gerrit.wikimedia.org/r/402789
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Icd70ef861dcadeeae7df0415a5c2779679c5e144
Gerrit-PatchSet: 3
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Giuseppe Lavagetto <glavage...@wikimedia.org>
Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
