Rush has submitted this change and it was merged. Change subject: labtestcontrol install changes ......................................................................
labtestcontrol install changes * glance /srv/glance/images cannot be created as /srv/glance isn't handled * puppetmaster role for controller should be a top level role keyword item * hiera lookup files are specified by realm * secret lookup by realm needs to be added Change-Id: I9615c1198e21a7c026f7d90fc08c4dcb0d08d153 --- M manifests/site.pp M modules/openstack/manifests/adminscripts.pp M modules/openstack/manifests/glance/service.pp A modules/puppetmaster/files/labtest.hiera.yaml M modules/puppetmaster/files/production.hiera.yaml M modules/role/manifests/labs/openstack/nova.pp 6 files changed, 49 insertions(+), 13 deletions(-) Approvals: Rush: Looks good to me, approved jenkins-bot: Verified diff --git a/manifests/site.pp b/manifests/site.pp index 7470539..32c2a52 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -1051,7 +1051,8 @@ #$is_labs_puppet_master = true include standard - role labs::openstack::nova::controller + role labs::openstack::nova::controller, + labs::puppetmaster #role labs::openstack::nova::controller, # salt::masters::labs, @@ -1164,6 +1165,7 @@ $is_labs_puppet_master = true role labs::openstack::nova::controller, + labs::puppetmaster, salt::masters::labs, deployment::salt_masters, dns::ldap @@ -1186,6 +1188,7 @@ $is_labs_puppet_master = true role labs::openstack::nova::controller, + labs::puppetmaster, salt::masters::labs, deployment::salt_masters, dns::ldap diff --git a/modules/openstack/manifests/adminscripts.pp b/modules/openstack/manifests/adminscripts.pp index 470b9c7..0836128 100644 --- a/modules/openstack/manifests/adminscripts.pp +++ b/modules/openstack/manifests/adminscripts.pp @@ -2,12 +2,19 @@ class openstack::adminscripts( $novaconfig, $openstack_version = $::openstack::version, + $nova_region = $::site, ) { include passwords::openstack::nova $wikitech_nova_ldap_user_pass = $passwords::openstack::nova::nova_ldap_user_pass $nova_controller_hostname = $novaconfig['controller_hostname'] - $nova_region = $::site + + # Installing this package ensures that we have all the UIDs that + # are used to store an instance volume. That's important for + # when we rsync files via this host. + package { 'libvirt-bin': + ensure => present, + } # Handy script to set up environment for commandline nova magic file { '/root/novaenv.sh': @@ -87,14 +94,9 @@ owner => 'nova', group => 'nova', mode => '0600', + require => Package['nova-common'] } - # Installing this package ensures that we have all the UIDs that - # are used to store an instance volume. That's important for - # when we rsync files via this host. - package { 'libvirt-bin': - ensure => present, - } # Script to rsync shutoff instances between compute nodes. # This ignores most nova facilities so is a good last resort # when nova is misbehaving. diff --git a/modules/openstack/manifests/glance/service.pp b/modules/openstack/manifests/glance/service.pp index 544713c..90d48ab 100644 --- a/modules/openstack/manifests/glance/service.pp +++ b/modules/openstack/manifests/glance/service.pp @@ -1,6 +1,6 @@ class openstack::glance::service( $openstack_version=$::openstack::version, - $image_datadir = '/srv/glance/images', + $glance_data = '/srv/glance/', $active_server, $standby_server, $keystone_host, @@ -9,6 +9,7 @@ ) { include openstack::repo + $glance_images_dir = "${glance_data}/images" $keystone_host_ip = ipresolve($keystone_host,4) $keystone_auth_uri = "http://${active_server}:5000/v2.0" @@ -35,8 +36,17 @@ require => Class['openstack::repo'], } + # This is 775 so that the glancesync user can rsync to it. - file { $image_datadir: + file { $glance_data: + ensure => directory, + owner => 'glance', + group => 'glance', + require => Package['glance'], + mode => '0775', + } + + file { $glance_images_dir: ensure => directory, owner => 'glance', group => 'glance', @@ -90,7 +100,7 @@ if $spandby_server != $active_server { cron { 'rsync_glance_images': - command => "/usr/bin/rsync -aS ${image_datadir}/* ${standby_server}:${image_datadir}/", + command => "/usr/bin/rsync -aS ${glance_images_dir}/* ${standby_server}:${glance_images_dir}/", minute => 15, user => 'glancesync', require => User['glancesync'], @@ -112,7 +122,7 @@ require => Package['glance'], } cron { 'rsync_chown_images': - command => "chown -R glance ${image_datadir}/*", + command => "chown -R glance ${glance_images_dir}/*", minute => 30, user => 'root', } diff --git a/modules/puppetmaster/files/labtest.hiera.yaml b/modules/puppetmaster/files/labtest.hiera.yaml new file mode 100644 index 0000000..85c5d13 --- /dev/null +++ b/modules/puppetmaster/files/labtest.hiera.yaml @@ -0,0 +1,21 @@ +:backends: + - mwyaml + - nuyaml +:nuyaml: + :datadir: /etc/puppet/hieradata +:mwyaml: + :host: https://wikitech.wikimedia.org + :cache_ttl: 120 +:private: + :datadir: /etc/puppet/private/hieradata +:secret: + :datadir: /etc/puppet/secret/hieradata +:hierarchy: + - "labs/%{::labsproject}/host/%{::hostname}" + - "labs/%{::labsproject}/common" + - "labs" + - "secret/%{::labsproject}" + - "private/%{::labsproject}" + - common + - "secret/common" + - "private/common" diff --git a/modules/puppetmaster/files/production.hiera.yaml b/modules/puppetmaster/files/production.hiera.yaml index 015501d..5287346 100644 --- a/modules/puppetmaster/files/production.hiera.yaml +++ b/modules/puppetmaster/files/production.hiera.yaml @@ -15,6 +15,7 @@ - "regex/%{::fqdn}" - "%{::site}/%{::realm}" - "%{::site}" + - "private/%{::site}/%{::realm}" - "private/%{::site}" - "common" - "private/common" diff --git a/modules/role/manifests/labs/openstack/nova.pp b/modules/role/manifests/labs/openstack/nova.pp index db00ec0..2bdac0d 100644 --- a/modules/role/manifests/labs/openstack/nova.pp +++ b/modules/role/manifests/labs/openstack/nova.pp @@ -110,7 +110,6 @@ system::role { $name: } require openstack - include role::labs::puppetmaster include role::labs::openstack::nova::wikiupdates include role::labs::openstack::glance::server include role::labs::openstack::keystone::server -- To view, visit https://gerrit.wikimedia.org/r/256435 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I9615c1198e21a7c026f7d90fc08c4dcb0d08d153 Gerrit-PatchSet: 2 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Rush <r...@wikimedia.org> Gerrit-Reviewer: Rush <r...@wikimedia.org> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits