Alexandros Kosiaris has uploaded a new change for review. https://gerrit.wikimedia.org/r/308502
Change subject: puppetmasters: Allow ssh puppet-merge from all frontends ...................................................................... puppetmasters: Allow ssh puppet-merge from all frontends All frontends should be able to connect to all frontends and all backends. This can probably be limited a bit more (as in per DC) but for now this is good enough Change-Id: I6cfecef02baa8486726376b69be0eca4672f2e54 --- M modules/role/manifests/puppetmaster/backend.pp M modules/role/manifests/puppetmaster/frontend.pp 2 files changed, 9 insertions(+), 2 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/02/308502/1 diff --git a/modules/role/manifests/puppetmaster/backend.pp b/modules/role/manifests/puppetmaster/backend.pp index 33b65f0..56d1549 100644 --- a/modules/role/manifests/puppetmaster/backend.pp +++ b/modules/role/manifests/puppetmaster/backend.pp @@ -33,10 +33,10 @@ port => 8141, } - $puppetmaster_hostname = hiera('puppetmaster') + $puppetmaster_frontend_ferm = join(keys(hiera('puppetmaster::servers')), ' ') ferm::service { 'ssh_puppet_merge': proto => 'tcp', port => '22', - srange => "@resolve(${puppetmaster_hostname})" + srange => "@resolve((${puppetmaster_frontend_ferm}))" } } diff --git a/modules/role/manifests/puppetmaster/frontend.pp b/modules/role/manifests/puppetmaster/frontend.pp index c1fb629..10fe5d7 100644 --- a/modules/role/manifests/puppetmaster/frontend.pp +++ b/modules/role/manifests/puppetmaster/frontend.pp @@ -70,4 +70,11 @@ proto => 'tcp', port => 8140, } + + $puppetmaster_frontend_ferm = join(keys(hiera('puppetmaster::servers')), ' ') + ferm::service { 'ssh_puppet_merge': + proto => 'tcp', + port => '22', + srange => "@resolve((${puppetmaster_frontend_ferm}))" + } } -- To view, visit https://gerrit.wikimedia.org/r/308502 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I6cfecef02baa8486726376b69be0eca4672f2e54 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Alexandros Kosiaris <akosia...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits