[MediaWiki-commits] [Gerrit] operations/puppet[production]: site.pp: rationalize prometheus, puppetmaster frontends
Giuseppe Lavagetto has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/402789 )
Change subject: site.pp: rationalize prometheus, puppetmaster frontends
..
site.pp: rationalize prometheus, puppetmaster frontends
* Created a compound role for prometheus
* Incorporated the additional roles inside role::puppetmaster::frontend
Change-Id: Icd70ef861dcadeeae7df0415a5c2779679c5e144
---
R hieradata/role/codfw/prometheus.yaml
R hieradata/role/eqiad/prometheus.yaml
M manifests/site.pp
R modules/profile/manifests/access_new_install.pp
A modules/profile/manifests/ipmi/mgmt.pp
D modules/role/manifests/ipmi/mgmt.pp
A modules/role/manifests/prometheus.pp
M modules/role/manifests/puppetmaster/frontend.pp
8 files changed, 29 insertions(+), 31 deletions(-)
Approvals:
Giuseppe Lavagetto: Looks good to me, approved
jenkins-bot: Verified
diff --git a/hieradata/role/common/prometheus/ops.yaml
b/hieradata/role/codfw/prometheus.yaml
similarity index 100%
rename from hieradata/role/common/prometheus/ops.yaml
rename to hieradata/role/codfw/prometheus.yaml
diff --git a/hieradata/role/eqiad/prometheus/ops.yaml
b/hieradata/role/eqiad/prometheus.yaml
similarity index 100%
rename from hieradata/role/eqiad/prometheus/ops.yaml
rename to hieradata/role/eqiad/prometheus.yaml
diff --git a/manifests/site.pp b/manifests/site.pp
index 812fe74..9706cb2 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -1056,7 +1056,6 @@
}
interface::add_ip6_mapped { 'main': }
role(bastionhost::twofa)
-include ::role::access_new_install
}
# The host is going to be decom as part of T181518
@@ -1825,14 +1824,8 @@
}
node /^prometheus200[34]\.codfw\.wmnet$/ {
-role(prometheus::ops, prometheus::global, prometheus::services,
prometheus::analytics,
- prometheus::k8s)
-
+role(prometheus)
include ::base::firewall
-include ::standard
-include ::lvs::realserver
-
-interface::add_ip6_mapped { 'main': }
}
node 'puppetcompiler1001.eqiad.wmnet' {
@@ -1841,21 +1834,11 @@
}
node /^prometheus100[34]\.eqiad\.wmnet$/ {
-role(prometheus::ops, prometheus::global, prometheus::services,
prometheus::analytics,
- prometheus::k8s)
-
-include ::lvs::realserver
-
-interface::add_ip6_mapped { 'main': }
+role(prometheus)
}
node /^puppetmaster[12]001\.(codfw|eqiad)\.wmnet$/ {
-role(
-ipmi::mgmt, access_new_install,
-puppetmaster::frontend,
-)
-include ::standard
-interface::add_ip6_mapped { 'main': }
+role(puppetmaster::frontend)
}
node /^puppetmaster[12]002\.(codfw|eqiad)\.wmnet$/ {
diff --git a/modules/role/manifests/access_new_install.pp
b/modules/profile/manifests/access_new_install.pp
similarity index 96%
rename from modules/role/manifests/access_new_install.pp
rename to modules/profile/manifests/access_new_install.pp
index 4a80193..af6339f 100644
--- a/modules/role/manifests/access_new_install.pp
+++ b/modules/profile/manifests/access_new_install.pp
@@ -2,7 +2,7 @@
# to set up the initial puppet run.
# This key is dangerous, do not deploy widely!
# Also install a convenience script to ssh in using this key
-class role::access_new_install {
+class profile::access_new_install {
file { '/root/.ssh/new_install':
owner => 'root',
group => 'root',
diff --git a/modules/profile/manifests/ipmi/mgmt.pp
b/modules/profile/manifests/ipmi/mgmt.pp
new file mode 100644
index 000..0c9b1a3
--- /dev/null
+++ b/modules/profile/manifests/ipmi/mgmt.pp
@@ -0,0 +1,4 @@
+# IPMItool mgmt hosts
+class profile::ipmi::mgmt {
+class { '::ipmi::mgmt': }
+}
diff --git a/modules/role/manifests/ipmi/mgmt.pp
b/modules/role/manifests/ipmi/mgmt.pp
deleted file mode 100644
index 176ab45..000
--- a/modules/role/manifests/ipmi/mgmt.pp
+++ /dev/null
@@ -1,10 +0,0 @@
-# IPMItool mgmt hosts
-class role::ipmi::mgmt {
-
-system::role { 'ipmi::mgmt':
-description => 'IPMI Management'
-}
-
-include ::ipmi::mgmt
-
-}
diff --git a/modules/role/manifests/prometheus.pp
b/modules/role/manifests/prometheus.pp
new file mode 100644
index 000..f475c21
--- /dev/null
+++ b/modules/role/manifests/prometheus.pp
@@ -0,0 +1,14 @@
+class role::prometheus {
+system::role { 'prometheus::server': }
+include ::role::prometheus::ops
+include ::role::prometheus::global
+include ::role::prometheus::services
+include ::role::prometheus::analytics
+include ::role::prometheus::k8s
+
+include ::standard
+# TODO: use role::lvs::realserver instead
+include ::lvs::realserver
+
+interface::add_ip6_mapped { 'main': }
+}
diff --git a/modules/role/manifests/puppetmaster/frontend.pp
b/modules/role/manifests/puppetmaster/frontend.pp
index f6ee73d..33b6be6 100644
--- a/modules/role/manifests/puppetmaster/frontend.pp
+++ b/modules/role/manifests/puppetmaster/frontend.pp
@@ -5,6 +5,7 @@
description =>
[MediaWiki-commits] [Gerrit] operations/puppet[production]: site.pp: rationalize prometheus, puppetmaster frontends
Giuseppe Lavagetto has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/402789 )
Change subject: site.pp: rationalize prometheus, puppetmaster frontends
..
site.pp: rationalize prometheus, puppetmaster frontends
* Created a compound role for prometheus
* Incorporated the additional roles inside role::puppetmaster::frontend
Change-Id: Icd70ef861dcadeeae7df0415a5c2779679c5e144
---
R hieradata/role/codfw/prometheus.yaml
R hieradata/role/eqiad/prometheus.yaml
M manifests/site.pp
R modules/profile/manifests/access_new_install.pp
A modules/profile/manifests/ipmi/mgmt.pp
D modules/role/manifests/ipmi/mgmt.pp
A modules/role/manifests/prometheus.pp
M modules/role/manifests/puppetmaster/frontend.pp
8 files changed, 29 insertions(+), 30 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/89/402789/1
diff --git a/hieradata/role/common/prometheus/ops.yaml
b/hieradata/role/codfw/prometheus.yaml
similarity index 100%
rename from hieradata/role/common/prometheus/ops.yaml
rename to hieradata/role/codfw/prometheus.yaml
diff --git a/hieradata/role/eqiad/prometheus/ops.yaml
b/hieradata/role/eqiad/prometheus.yaml
similarity index 100%
rename from hieradata/role/eqiad/prometheus/ops.yaml
rename to hieradata/role/eqiad/prometheus.yaml
diff --git a/manifests/site.pp b/manifests/site.pp
index 812fe74..f5fb926 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -1825,14 +1825,8 @@
}
node /^prometheus200[34]\.codfw\.wmnet$/ {
-role(prometheus::ops, prometheus::global, prometheus::services,
prometheus::analytics,
- prometheus::k8s)
-
+role(prometheus)
include ::base::firewall
-include ::standard
-include ::lvs::realserver
-
-interface::add_ip6_mapped { 'main': }
}
node 'puppetcompiler1001.eqiad.wmnet' {
@@ -1841,21 +1835,11 @@
}
node /^prometheus100[34]\.eqiad\.wmnet$/ {
-role(prometheus::ops, prometheus::global, prometheus::services,
prometheus::analytics,
- prometheus::k8s)
-
-include ::lvs::realserver
-
-interface::add_ip6_mapped { 'main': }
+role(prometheus)
}
node /^puppetmaster[12]001\.(codfw|eqiad)\.wmnet$/ {
-role(
-ipmi::mgmt, access_new_install,
-puppetmaster::frontend,
-)
-include ::standard
-interface::add_ip6_mapped { 'main': }
+role(puppetmaster::frontend)
}
node /^puppetmaster[12]002\.(codfw|eqiad)\.wmnet$/ {
diff --git a/modules/role/manifests/access_new_install.pp
b/modules/profile/manifests/access_new_install.pp
similarity index 96%
rename from modules/role/manifests/access_new_install.pp
rename to modules/profile/manifests/access_new_install.pp
index 4a80193..af6339f 100644
--- a/modules/role/manifests/access_new_install.pp
+++ b/modules/profile/manifests/access_new_install.pp
@@ -2,7 +2,7 @@
# to set up the initial puppet run.
# This key is dangerous, do not deploy widely!
# Also install a convenience script to ssh in using this key
-class role::access_new_install {
+class profile::access_new_install {
file { '/root/.ssh/new_install':
owner => 'root',
group => 'root',
diff --git a/modules/profile/manifests/ipmi/mgmt.pp
b/modules/profile/manifests/ipmi/mgmt.pp
new file mode 100644
index 000..0c9b1a3
--- /dev/null
+++ b/modules/profile/manifests/ipmi/mgmt.pp
@@ -0,0 +1,4 @@
+# IPMItool mgmt hosts
+class profile::ipmi::mgmt {
+class { '::ipmi::mgmt': }
+}
diff --git a/modules/role/manifests/ipmi/mgmt.pp
b/modules/role/manifests/ipmi/mgmt.pp
deleted file mode 100644
index 176ab45..000
--- a/modules/role/manifests/ipmi/mgmt.pp
+++ /dev/null
@@ -1,10 +0,0 @@
-# IPMItool mgmt hosts
-class role::ipmi::mgmt {
-
-system::role { 'ipmi::mgmt':
-description => 'IPMI Management'
-}
-
-include ::ipmi::mgmt
-
-}
diff --git a/modules/role/manifests/prometheus.pp
b/modules/role/manifests/prometheus.pp
new file mode 100644
index 000..f475c21
--- /dev/null
+++ b/modules/role/manifests/prometheus.pp
@@ -0,0 +1,14 @@
+class role::prometheus {
+system::role { 'prometheus::server': }
+include ::role::prometheus::ops
+include ::role::prometheus::global
+include ::role::prometheus::services
+include ::role::prometheus::analytics
+include ::role::prometheus::k8s
+
+include ::standard
+# TODO: use role::lvs::realserver instead
+include ::lvs::realserver
+
+interface::add_ip6_mapped { 'main': }
+}
diff --git a/modules/role/manifests/puppetmaster/frontend.pp
b/modules/role/manifests/puppetmaster/frontend.pp
index f6ee73d..33b6be6 100644
--- a/modules/role/manifests/puppetmaster/frontend.pp
+++ b/modules/role/manifests/puppetmaster/frontend.pp
@@ -5,6 +5,7 @@
description => 'Puppetmaster frontend'
}
+include ::standard
include ::base::firewall
include ::profile::backup::host
@@ -17,4 +18,10 @@
# config-master.wikimedia.org
include
