[MediaWiki-commits] [Gerrit] operations/puppet[production]: tcpircbot: convert role to profile
Alexandros Kosiaris has submitted this change and it was merged. ( https://gerrit.wikimedia.org/r/400250 ) Change subject: tcpircbot: convert role to profile .. tcpircbot: convert role to profile Change-Id: I8aeb27f380c71ba090247b22ac6fa01135166f68 --- A modules/profile/manifests/tcpircbot.pp M modules/role/manifests/tcpircbot.pp 2 files changed, 61 insertions(+), 51 deletions(-) Approvals: Alexandros Kosiaris: Looks good to me, approved jenkins-bot: Verified diff --git a/modules/profile/manifests/tcpircbot.pp b/modules/profile/manifests/tcpircbot.pp new file mode 100644 index 000..6e33d0d --- /dev/null +++ b/modules/profile/manifests/tcpircbot.pp @@ -0,0 +1,57 @@ +class profile::tcpircbot( +$ensure='present', +){ + +include passwords::logmsgbot + +tcpircbot::instance { 'logmsgbot': +ensure => $ensure, +channels => '#wikimedia-operations', +password => $passwords::logmsgbot::logmsgbot_password, +cidr => [ +':::127.0.0.1/128', # loopback +':::10.64.32.167/128', # logging: eventlog1001 +':::10.64.0.196/128', # deployment eqiad v4: tin +'2620:0:861:101:10:64:0:196/128', # deployment eqiad v6: tin +':::10.192.32.22/128', # deployment codfw v4: naos +'2620:0:860:103:10:192:32:22/128', # deployment codfw v6: naos +':::10.64.32.13/128', # maintenance eqiad v4: terbium +'2620:0:861:103:10:64:32:13/64',# maintenance eqiad v6: terbium +':::10.192.48.45/128', # maintenance codfw v4: wasat +'2620:0:860:104:10:192:48:45/64', # maintenance codfw v6: wasat +':::10.64.16.73/128', # puppetmaster1001.eqiad.wmnet +'2620:0:861:102:10:64:16:73/128', # puppetmaster1001.eqiad.wmnet +':::10.192.0.27/128', # puppetmaster2001.codfw.wmnet +'2620:0:860:101:10:192:0:27/128', # puppetmaster2001.codfw.wmnet +':::10.64.32.20/128', # neodymium.eqiad.wmnet +'2620:0:861:103:10:64:32:20/64',# neodymium.eqiad.wmnet +':::10.192.0.140/128', # sarin.codfw.wmnet +'2620:0:860:101:10:192:0:140/64', # sarin.codfw.wmnet +], +} +if $ensure == 'present' { +nrpe::monitor_service { 'tcpircbot': +description => 'tcpircbot_service_running', +nrpe_command => '/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -C python -a tcpircbot.py', +} +} + +$allowed_hosts = [ +'eventlog1001.eqiad.wmnet', # logging eqiad +'tin.eqiad.wmnet', # deployment eqiad +'naos.codfw.wmnet', # deployment codfw +'puppetmaster1001.eqiad.wmnet', # puppet eqiad +'puppetmaster2001.codfw.wmnet', # puppet codfw +'terbium.eqiad.wmnet', # maintenance eqiad +'wasat.codfw.wmnet',# maintenance codfw +'neodymium.eqiad.wmnet',# cluster mgmt eqiad +'sarin.codfw.wmnet',# cluster mgmt codfw +] + +$allowed_hosts_ferm = join($allowed_hosts, ' ') +ferm::service { 'tcpircbot_allowed': +proto => 'tcp', +port => '9200', +srange => "(@resolve((${allowed_hosts_ferm})) @resolve((${allowed_hosts_ferm}), ))", +} +} diff --git a/modules/role/manifests/tcpircbot.pp b/modules/role/manifests/tcpircbot.pp index b1f1da4..8a4799f 100644 --- a/modules/role/manifests/tcpircbot.pp +++ b/modules/role/manifests/tcpircbot.pp @@ -1,59 +1,12 @@ -class role::tcpircbot($ensure='present') { -include ::tcpircbot -include passwords::logmsgbot +class role::tcpircbot { system::role { 'tcpircbot': description => 'tcpircbot server', } -tcpircbot::instance { 'logmsgbot': -ensure => $ensure, -channels => '#wikimedia-operations', -password => $passwords::logmsgbot::logmsgbot_password, -cidr => [ -':::127.0.0.1/128', # loopback -':::10.64.32.167/128', # logging: eventlog1001 -':::10.64.0.196/128', # deployment eqiad v4: tin -'2620:0:861:101:10:64:0:196/128', # deployment eqiad v6: tin -':::10.192.32.22/128', # deployment codfw v4: naos -'2620:0:860:103:10:192:32:22/128', # deployment codfw v6: naos -':::10.64.32.13/128', # maintenance eqiad v4: terbium -'2620:0:861:103:10:64:32:13/64',# maintenance eqiad v6: terbium -':::10.192.48.45/128', # maintenance codfw v4: wasat -'2620:0:860:104:10:192:48:45/64', # maintenance codfw v6: wasat -':::10.64.16.73/128', #
[MediaWiki-commits] [Gerrit] operations/puppet[production]: tcpircbot: convert role to profile
Dzahn has uploaded a new change for review. ( https://gerrit.wikimedia.org/r/400250 ) Change subject: tcpircbot: convert role to profile .. tcpircbot: convert role to profile Change-Id: I8aeb27f380c71ba090247b22ac6fa01135166f68 --- A modules/profile/manifests/tcpircbot.pp M modules/role/manifests/tcpircbot.pp 2 files changed, 61 insertions(+), 52 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/50/400250/1 diff --git a/modules/profile/manifests/tcpircbot.pp b/modules/profile/manifests/tcpircbot.pp new file mode 100644 index 000..85a3bf5 --- /dev/null +++ b/modules/profile/manifests/tcpircbot.pp @@ -0,0 +1,55 @@ +class profile::tcpircbot( +$ensure='present', +){ + +tcpircbot::instance { 'logmsgbot': +ensure => $ensure, +channels => '#wikimedia-operations', +password => $passwords::logmsgbot::logmsgbot_password, +cidr => [ +':::127.0.0.1/128', # loopback +':::10.64.32.167/128', # logging: eventlog1001 +':::10.64.0.196/128', # deployment eqiad v4: tin +'2620:0:861:101:10:64:0:196/128', # deployment eqiad v6: tin +':::10.192.32.22/128', # deployment codfw v4: naos +'2620:0:860:103:10:192:32:22/128', # deployment codfw v6: naos +':::10.64.32.13/128', # maintenance eqiad v4: terbium +'2620:0:861:103:10:64:32:13/64',# maintenance eqiad v6: terbium +':::10.192.48.45/128', # maintenance codfw v4: wasat +'2620:0:860:104:10:192:48:45/64', # maintenance codfw v6: wasat +':::10.64.16.73/128', # puppetmaster1001.eqiad.wmnet +'2620:0:861:102:10:64:16:73/128', # puppetmaster1001.eqiad.wmnet +':::10.192.0.27/128', # puppetmaster2001.codfw.wmnet +'2620:0:860:101:10:192:0:27/128', # puppetmaster2001.codfw.wmnet +':::10.64.32.20/128', # neodymium.eqiad.wmnet +'2620:0:861:103:10:64:32:20/64',# neodymium.eqiad.wmnet +':::10.192.0.140/128', # sarin.codfw.wmnet +'2620:0:860:101:10:192:0:140/64', # sarin.codfw.wmnet +], +} +if $ensure == 'present' { +nrpe::monitor_service { 'tcpircbot': +description => 'tcpircbot_service_running', +nrpe_command => '/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -C python -a tcpircbot.py', +} +} + +$allowed_hosts = [ +'eventlog1001.eqiad.wmnet', # logging eqiad +'tin.eqiad.wmnet', # deployment eqiad +'naos.codfw.wmnet', # deployment codfw +'puppetmaster1001.eqiad.wmnet', # puppet eqiad +'puppetmaster2001.codfw.wmnet', # puppet codfw +'terbium.eqiad.wmnet', # maintenance eqiad +'wasat.codfw.wmnet',# maintenance codfw +'neodymium.eqiad.wmnet',# cluster mgmt eqiad +'sarin.codfw.wmnet',# cluster mgmt codfw +] + +$allowed_hosts_ferm = join($allowed_hosts, ' ') +ferm::service { 'tcpircbot_allowed': +proto => 'tcp', +port => '9200', +srange => "(@resolve((${allowed_hosts_ferm})) @resolve((${allowed_hosts_ferm}), ))", +} +} diff --git a/modules/role/manifests/tcpircbot.pp b/modules/role/manifests/tcpircbot.pp index b1f1da4..a5ed221 100644 --- a/modules/role/manifests/tcpircbot.pp +++ b/modules/role/manifests/tcpircbot.pp @@ -1,59 +1,13 @@ -class role::tcpircbot($ensure='present') { -include ::tcpircbot -include passwords::logmsgbot +class role::tcpircbot { system::role { 'tcpircbot': description => 'tcpircbot server', } -tcpircbot::instance { 'logmsgbot': -ensure => $ensure, -channels => '#wikimedia-operations', -password => $passwords::logmsgbot::logmsgbot_password, -cidr => [ -':::127.0.0.1/128', # loopback -':::10.64.32.167/128', # logging: eventlog1001 -':::10.64.0.196/128', # deployment eqiad v4: tin -'2620:0:861:101:10:64:0:196/128', # deployment eqiad v6: tin -':::10.192.32.22/128', # deployment codfw v4: naos -'2620:0:860:103:10:192:32:22/128', # deployment codfw v6: naos -':::10.64.32.13/128', # maintenance eqiad v4: terbium -'2620:0:861:103:10:64:32:13/64',# maintenance eqiad v6: terbium -':::10.192.48.45/128', # maintenance codfw v4: wasat -'2620:0:860:104:10:192:48:45/64', # maintenance codfw v6: wasat -':::10.64.16.73/128', # puppetmaster1001.eqiad.wmnet -'2620:0:861:102:10:64:16:73/128', #