Alexandros Kosiaris has submitted this change and it was merged.
Change subject: Citoid puppetization
......................................................................
Citoid puppetization
Mostly copied from the Mathoid puppetization, with
some improvements by Ori.
site.pp and LVS changes in subsequent commits.
Change-Id: Ib24047737e94230dd3af529f67f4cbacdeea8b4d
---
A manifests/role/citoid.pp
M manifests/role/deployment.pp
M manifests/role/mathoid.pp
M modules/admin/data/data.yaml
A modules/citoid/manifests/init.pp
A modules/citoid/templates/logrotate.erb
A modules/citoid/templates/upstart-citoid.erb
A modules/citoid/templates/upstart-zotero.erb
A modules/citoid/tests/Makefile
A modules/citoid/tests/citoid.pp
M modules/mathoid/manifests/init.pp
11 files changed, 202 insertions(+), 5 deletions(-)
Approvals:
Alexandros Kosiaris: Looks good to me, approved
jenkins-bot: Verified
diff --git a/manifests/role/citoid.pp b/manifests/role/citoid.pp
new file mode 100644
index 0000000..1da82ab
--- /dev/null
+++ b/manifests/role/citoid.pp
@@ -0,0 +1,36 @@
+# vim: set ts=4 et sw=4:
+
+class role::citoid {
+ system::role { 'role::citoid': }
+ class { '::citoid': }
+}
+
+class role::citoid::production {
+ require role::citoid
+
+ monitor_service { 'citoid':
+ description => 'citoid',
+ check_command => 'check_http_on_port!1970',
+ }
+}
+
+class role::citoid::beta {
+ require role::citoid
+
+ # Beta citoid server has some ferm DNAT rewriting rules (bug 45868) so we
+ # have to explicitly allow citoid port 1970
+ ferm::service { 'citoid':
+ proto => 'tcp',
+ port => '1970',
+ }
+
+ # Allow ssh access from the Jenkins master to the server where citoid is
+ # running
+ include contint::firewall::labs
+
+ # Instance got to be a Jenkins slave so we can update citoid whenever a
+ # change is made on mediawiki/services/citoid repository
+ include role::ci::slave::labs::common
+ # Also need the slave scripts for multi-git.sh
+ include contint::slave-scripts
+}
diff --git a/manifests/role/deployment.pp b/manifests/role/deployment.pp
index 2c3c51c..e97fcda 100644
--- a/manifests/role/deployment.pp
+++ b/manifests/role/deployment.pp
@@ -64,6 +64,12 @@
'service_name' => 'mathoid',
'checkout_submodules' => true,
},
+ 'citoid/deploy' => {
+ 'grain' => 'citoid',
+ 'upstream' =>
'https://gerrit.wikimedia.org/r/mediawiki/services/citoid/deploy',
+ 'service_name' => 'citoid',
+ 'checkout_submodules' => true,
+ },
'rcstream/rcstream' => {
'grain' => 'rcstream',
'upstream' =>
'https://gerrit.wikimedia.org/r/mediawiki/services/rcstream',
diff --git a/manifests/role/mathoid.pp b/manifests/role/mathoid.pp
index 2427c15..94c7152 100644
--- a/manifests/role/mathoid.pp
+++ b/manifests/role/mathoid.pp
@@ -1,6 +1,6 @@
# vim: set ts=4 et sw=4:
-# TODO: when other services inhabit service cluster A, move this definition in
a
+# TODO: now that other services inhabit service cluster A, move this
definition in a
# better place
@monitor_group { 'sca_eqiad': description => 'Service Cluster A servers' }
diff --git a/modules/admin/data/data.yaml b/modules/admin/data/data.yaml
index 2b8171d..23c5842 100644
--- a/modules/admin/data/data.yaml
+++ b/modules/admin/data/data.yaml
@@ -225,6 +225,19 @@
description: Full root access to labmon nodes
members: [yuvipanda]
privs: ['ALL = NOPASSWD: ALL']
+ citoid-roots:
+ gid: 735
+ description: root rights for citoid
+ members: [gwicke]
+ privs: ['ALL = (citoid) NOPASSWD: ALL']
+ citoid-admin:
+ gid: 736
+ description: group of citoid admins
+ members: [gwicke]
+ privs: ['ALL = (root) NOPASSWD: /usr/sbin/service citoid stop',
+ 'ALL = (root) NOPASSWD: /usr/sbin/service citoid start',
+ 'ALL = (root) NOPASSWD: /usr/sbin/service citoid restart',
+ 'ALL = (root) NOPASSWD: /usr/sbin/service citoid reload']
users:
rush:
ensure: present
diff --git a/modules/citoid/manifests/init.pp b/modules/citoid/manifests/init.pp
new file mode 100644
index 0000000..cce516e
--- /dev/null
+++ b/modules/citoid/manifests/init.pp
@@ -0,0 +1,75 @@
+# == Class: citoid
+#
+# citoid is a node.js backend for citation lookups.
+#
+# === Parameters
+#
+# [*port*]
+# Port where to run the citoid service. Defaults to 1970.
+#
+class citoid( $port = 1970 ) {
+ ensure_packages( ['nodejs'] )
+
+ package { 'citoid':
+ provider => 'trebuchet',
+ }
+
+ group { 'citoid':
+ ensure => present,
+ name => 'citoid',
+ system => true,
+ }
+
+ user { 'citoid':
+ gid => 'citoid',
+ home => '/nonexistent',
+ shell => '/bin/false',
+ system => true,
+ before => Service['citoid'],
+ }
+
+ file { '/var/log/citoid':
+ ensure => directory,
+ owner => 'citoid',
+ group => 'citoid',
+ mode => '0775',
+ before => Service['citoid'],
+ }
+
+ file { '/etc/init/citoid.conf':
+ content => template('citoid/upstart-citoid.erb'),
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ notify => Service['citoid'],
+ }
+
+ file { '/etc/logrotate.d/citoid':
+ content => template('citoid/logrotate.erb'),
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ }
+
+ service { 'citoid':
+ ensure => running,
+ hasstatus => true,
+ hasrestart => true,
+ provider => 'upstart',
+ }
+
+ file { '/etc/init/zotero.conf':
+ content => template('citoid/upstart-zotero.erb'),
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ notify => Service['zotero'],
+ }
+
+ service { 'zotero':
+ ensure => running,
+ hasstatus => true,
+ hasrestart => true,
+ provider => 'upstart',
+ }
+}
diff --git a/modules/citoid/templates/logrotate.erb
b/modules/citoid/templates/logrotate.erb
new file mode 100644
index 0000000..dc42ac1
--- /dev/null
+++ b/modules/citoid/templates/logrotate.erb
@@ -0,0 +1,11 @@
+# logrotate(8) config for Citoid
+
+/var/log/citoid/* {
+ daily
+ copytruncate
+ missingok
+ compress
+ notifempty
+ rotate 15
+ size 256M
+}
diff --git a/modules/citoid/templates/upstart-citoid.erb
b/modules/citoid/templates/upstart-citoid.erb
new file mode 100644
index 0000000..7a4fa0e
--- /dev/null
+++ b/modules/citoid/templates/upstart-citoid.erb
@@ -0,0 +1,23 @@
+# Upstart job for Citoid
+
+description "Citoid HTTP service"
+
+start on (local-filesystems and net-device-up IFACE!=lo)
+stop on runlevel [!2345]
+
+# up ulimit -n a bit
+limit nofile 10000 10000
+
+setuid "citoid"
+setgid "citoid"
+
+env NODE_PATH="/srv/deployment/citoid/deploy/node_modules"
+env CITOID_PORT="<%= @port %>"
+
+respawn
+
+# wait 60 seconds for a graceful restart before killing the master
+kill timeout 60
+
+chdir /srv/deployment/citoid/deploy
+exec /usr/bin/nodejs src/server.js -c localsettings.js >>
/var/log/citoid/main.log 2>&1
diff --git a/modules/citoid/templates/upstart-zotero.erb
b/modules/citoid/templates/upstart-zotero.erb
new file mode 100644
index 0000000..7ec994e
--- /dev/null
+++ b/modules/citoid/templates/upstart-zotero.erb
@@ -0,0 +1,20 @@
+# Upstart job for Citoid
+
+description "Zotero HTTP service for Citoid"
+
+start on (local-filesystems and net-device-up IFACE!=lo)
+stop on runlevel [!2345]
+
+# up ulimit -n a bit
+limit nofile 10000 10000
+
+setuid "citoid"
+setgid "citoid"
+
+respawn
+
+# wait 60 seconds for a graceful restart before killing the master
+kill timeout 60
+
+chdir /srv/deployment/citoid/deploy/translation-server
+exec ./run_translation-server.sh >> /var/log/citoid/zotero.log 2>&1
diff --git a/modules/citoid/tests/Makefile b/modules/citoid/tests/Makefile
new file mode 100644
index 0000000..76cd656
--- /dev/null
+++ b/modules/citoid/tests/Makefile
@@ -0,0 +1,13 @@
+MANIFESTS=$(wildcard *.pp)
+OBJS=$(MANIFESTS:.pp=.po)
+TESTS_DIR=$(dir $(CURDIR))
+MODULE_DIR=$(TESTS_DIR:/=)
+MODULES_DIR=$(dir $(MODULE_DIR))
+
+all: test
+
+test: $(OBJS)
+
+%.po: %.pp
+ puppet parser validate $<
+ puppet apply --noop --modulepath $(MODULES_DIR) $<
diff --git a/modules/citoid/tests/citoid.pp b/modules/citoid/tests/citoid.pp
new file mode 100644
index 0000000..3561979
--- /dev/null
+++ b/modules/citoid/tests/citoid.pp
@@ -0,0 +1,3 @@
+class { 'citoid':
+ port => '1970'
+}
diff --git a/modules/mathoid/manifests/init.pp
b/modules/mathoid/manifests/init.pp
index 9ca9b36..5ad6151 100644
--- a/modules/mathoid/manifests/init.pp
+++ b/modules/mathoid/manifests/init.pp
@@ -23,13 +23,10 @@
$log_dir,
$port=10042
) {
- package { ['nodejs'
+ ensure_packages( ['nodejs'] )
# TODO Add dependency to node-jsdom once
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742347
# is fixed
- ]:
- ensure => present,
- }
$log_file = "${log_dir}/main.log"
--
To view, visit https://gerrit.wikimedia.org/r/163068
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ib24047737e94230dd3af529f67f4cbacdeea8b4d
Gerrit-PatchSet: 27
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Catrope <[email protected]>
Gerrit-Reviewer: Alexandros Kosiaris <[email protected]>
Gerrit-Reviewer: Andrew Bogott <[email protected]>
Gerrit-Reviewer: BryanDavis <[email protected]>
Gerrit-Reviewer: Catrope <[email protected]>
Gerrit-Reviewer: Dzahn <[email protected]>
Gerrit-Reviewer: Ori.livneh <[email protected]>
Gerrit-Reviewer: Ottomata <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
