[MediaWiki-commits] [Gerrit] operations/puppet[production]: librenms: convert role to profile, variables to params
Dzahn has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/399966 )
Change subject: librenms: convert role to profile, variables to params
..
librenms: convert role to profile, variables to params
Change-Id: I208253b00783d62888c3db2e778518cadc14e25f
---
A hieradata/role/common/librenms.yaml
A modules/profile/manifests/librenms.pp
M modules/role/manifests/librenms.pp
3 files changed, 177 insertions(+), 169 deletions(-)
Approvals:
jenkins-bot: Verified
Dzahn: Looks good to me, approved
diff --git a/hieradata/role/common/librenms.yaml
b/hieradata/role/common/librenms.yaml
new file mode 100644
index 000..98b7ac5
--- /dev/null
+++ b/hieradata/role/common/librenms.yaml
@@ -0,0 +1,2 @@
+profile::librenms::sitename: 'librenms.wikimedia.org'
+profile::librenms::install_dir: '/srv/deployment/librenms/librenms'
diff --git a/modules/profile/manifests/librenms.pp
b/modules/profile/manifests/librenms.pp
new file mode 100644
index 000..abe440a
--- /dev/null
+++ b/modules/profile/manifests/librenms.pp
@@ -0,0 +1,174 @@
+# http://www.librenms.org/ | https://github.com/librenms/librenms
+
+# $active_server
+# Which of the netmon servers should actually poll data and
+# have active cron jobs. We don't want both to do it at the same time.
+# Switch it in hieradata/common.yaml, the default is just a fallback.
+#
+class profile::librenms (
+$sitename = hiera('profile::librenms::sitename'),
+$install_dir = hiera('profile::librenms::install_dir'),
+$active_server = hiera('netmon_server'),
+$graphite_host = hiera('graphite_host', 'graphite-in.eqiad.wmnet'),
+$graphite_prefix = hiera('graphite_prefix', 'librenms')
+){
+
+include ::network::constants
+include ::passwords::librenms
+include ::passwords::network
+
+# NOTE: scap will manage the deploy user
+scap::target { 'librenms/librenms':
+deploy_user => 'deploy-librenms',
+before => Class['::librenms'],
+}
+
+$config = {
+'title_image' =>
'//upload.wikimedia.org/wikipedia/commons/thumb/0/0c/Wikimedia_Foundation_logo_-_horizontal_%282012-2016%29.svg/140px-Wikimedia_Foundation_logo_-_horizontal_%282012-2016%29.svg.png',
+
+# disable evil daily auto-git pull
+'update' => 0,
+
+'db_host' => 'm1-master.eqiad.wmnet',
+'db_user' => $passwords::librenms::db_user,
+'db_pass' => $passwords::librenms::db_pass,
+'db_name' => 'librenms',
+'db' => {
+'extension' => 'mysqli',
+},
+
+'snmp' => {
+'community' => [ $passwords::network::snmp_ro_community ],
+},
+'irc_host' => 'irc.freenode.org',
+'irc_chan' => '#wikimedia-netops-test,#wikimedia-netops',
+'irc_alert'=> true,
+'irc_debug'=> false,
+'irc_alert_chan' => '#wikimedia-netops-test',
+'irc_alert_utf8' => true,
+'irc_nick' => 'librenms-wmf',
+
+'autodiscovery'=> {
+'xdp' => true,
+'ospf' => true,
+'bgp' => false,
+'snmpscan' => false,
+},
+'geoloc' => {
+'latlng' => true,
+'engine' => 'google',
+},
+'location_map' => {
+'eqiad' => 'Equinix, Ashburn, Virginia, USA',
+'codfw' => 'CyrusOne, Carrollton, Texas, USA',
+'eqdfw' => 'Equinix, Carrollton, Texas, USA',
+'ulsfo' => 'United Layer, San Francisco, California, USA',
+'eqord' => 'Equinix, Chicago, Illinois, USA',
+'knams' => 'Vancis, Amsterdam, The Netherlands',
+'esams' => 'EvoSwitch, Amsterdam, The Netherlands',
+'eqsin' => 'Equinix, Singapore',
+},
+'astext' => {
+'64600' => 'PyBal',
+'64601' => 'Kubernetes',
+'64602' => 'Kubernetes',
+'64603' => 'Kubernetes',
+'64700' => 'frack-eqiad',
+'64701' => 'frack-codfw',
+'65001' => 'confed-eqiad-eqord',
+'65002' => 'confed-eqdfw-codfw',
+'65003' => 'confed-esams',
+'65004' => 'confed-ulsfo',
+'65005' => 'confed-eqsin',
+'65517' => 'Equinix',
+},
+'email_from' => 'librenms',
+'twofactor' => true,
+'twofactor_lock' => 300,
+'rancid_configs' => ['/var/lib/rancid/core/configs/'],
+'rancid_ignorecomments' => 1,
+'enable_inventory' => 1,
+'enable_syslog'=> 1,
+'enable_billing' => 1,
+'syslog_filter'=> [
+'message repeated',
+'Connection from UDP: [',
+'CMD ( /usr/libexec/atrun)',
+'CMD (newsyslog)',
+'CMD (adjkerntz -a)',
+
[MediaWiki-commits] [Gerrit] operations/puppet[production]: librenms: convert role to profile, variables to params
Dzahn has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/399966 )
Change subject: librenms: convert role to profile, variables to params
..
librenms: convert role to profile, variables to params
Change-Id: I208253b00783d62888c3db2e778518cadc14e25f
---
A modules/profile/manifests/librenms.pp
M modules/role/manifests/librenms.pp
2 files changed, 174 insertions(+), 169 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/66/399966/1
diff --git a/modules/profile/manifests/librenms.pp
b/modules/profile/manifests/librenms.pp
new file mode 100644
index 000..870fb67
--- /dev/null
+++ b/modules/profile/manifests/librenms.pp
@@ -0,0 +1,170 @@
+# http://www.librenms.org/ | https://github.com/librenms/librenms
+
+# $active_server
+# Which of the netmon servers should actually poll data and
+# have active cron jobs. We don't want both to do it at the same time.
+# Switch it in hieradata/common.yaml, the default is just a fallback.
+#
+class profile::librenms (
+$sitename = 'librenms.wikimedia.org'
+$install_dir = '/srv/deployment/librenms/librenms'
+$active_server = hiera('netmon_server')
+$graphite_host = hiera('graphite_host', 'graphite-in.eqiad.wmnet')
+$graphite_prefix = hiera('graphite_prefix', 'librenms')
+){
+
+# NOTE: scap will manage the deploy user
+scap::target { 'librenms/librenms':
+deploy_user => 'deploy-librenms',
+before => Class['::librenms'],
+}
+
+$config = {
+'title_image' =>
'//upload.wikimedia.org/wikipedia/commons/thumb/0/0c/Wikimedia_Foundation_logo_-_horizontal_%282012-2016%29.svg/140px-Wikimedia_Foundation_logo_-_horizontal_%282012-2016%29.svg.png',
+
+# disable evil daily auto-git pull
+'update' => 0,
+
+'db_host' => 'm1-master.eqiad.wmnet',
+'db_user' => $passwords::librenms::db_user,
+'db_pass' => $passwords::librenms::db_pass,
+'db_name' => 'librenms',
+'db' => {
+'extension' => 'mysqli',
+},
+
+'snmp' => {
+'community' => [ $passwords::network::snmp_ro_community ],
+},
+'irc_host' => 'irc.freenode.org',
+'irc_chan' => '#wikimedia-netops-test,#wikimedia-netops',
+'irc_alert'=> true,
+'irc_debug'=> false,
+'irc_alert_chan' => '#wikimedia-netops-test',
+'irc_alert_utf8' => true,
+'irc_nick' => 'librenms-wmf',
+
+'autodiscovery'=> {
+'xdp' => true,
+'ospf' => true,
+'bgp' => false,
+'snmpscan' => false,
+},
+'geoloc' => {
+'latlng' => true,
+'engine' => 'google',
+},
+'location_map' => {
+'eqiad' => 'Equinix, Ashburn, Virginia, USA',
+'codfw' => 'CyrusOne, Carrollton, Texas, USA',
+'eqdfw' => 'Equinix, Carrollton, Texas, USA',
+'ulsfo' => 'United Layer, San Francisco, California, USA',
+'eqord' => 'Equinix, Chicago, Illinois, USA',
+'knams' => 'Vancis, Amsterdam, The Netherlands',
+'esams' => 'EvoSwitch, Amsterdam, The Netherlands',
+'eqsin' => 'Equinix, Singapore',
+},
+'astext' => {
+'64600' => 'PyBal',
+'64601' => 'Kubernetes',
+'64602' => 'Kubernetes',
+'64603' => 'Kubernetes',
+'64700' => 'frack-eqiad',
+'64701' => 'frack-codfw',
+'65001' => 'confed-eqiad-eqord',
+'65002' => 'confed-eqdfw-codfw',
+'65003' => 'confed-esams',
+'65004' => 'confed-ulsfo',
+'65005' => 'confed-eqsin',
+'65517' => 'Equinix',
+},
+'email_from' => 'librenms',
+'twofactor' => true,
+'twofactor_lock' => 300,
+'rancid_configs' => ['/var/lib/rancid/core/configs/'],
+'rancid_ignorecomments' => 1,
+'enable_inventory' => 1,
+'enable_syslog'=> 1,
+'enable_billing' => 1,
+'syslog_filter'=> [
+'message repeated',
+'Connection from UDP: [',
+'CMD ( /usr/libexec/atrun)',
+'CMD (newsyslog)',
+'CMD (adjkerntz -a)',
+'kernel time sync enabled',
+'preauth',
+],
+
+'auth_mechanism' => 'ldap',
+'auth_ldap_server' => 'ldap://ldap-labs.eqiad.wikimedia.org
ldap://ldap-labs.codfw.wikimedia.org',
+'auth_ldap_starttls' => 'require',
+'auth_ldap_port' => 389,
+
+# This is dumb -- the code requires us to specify the dn rather
+# than doing a search, so logins will require 'shell name' rather
+# than the
