diff --git a/manifests/site.pp b/manifests/site.pp index 5fefb3635e..8997ad5c0a 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -156,3 +156,8 @@ node /^.*\.slave\.openstack\.org$/ { node /^driver(\d+)\.1918\.openstack\.org$/ { include openstack_jenkins_slave } + +node /^deploy(\d+)\.1918\.openstack\.org$/ { + include openstack_jenkins_slave + include orchestra +} diff --git a/modules/jenkins_slave/files/known_hosts b/modules/jenkins_slave/files/known_hosts deleted file mode 100644 index fff0053d2d..0000000000 --- a/modules/jenkins_slave/files/known_hosts +++ /dev/null @@ -1,12 +0,0 @@ -|1|OJlmbqcf6hDyGiueyGvlkVtsnbM=|gZmRc6ICJ93qm9k07K7kavNQeK8= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDtdLzDzG6qmejiZq5BxDqxkN71W08xuQWVZ+6784SpsXTUujKT49lNCXmH+IHijsRaigU9cVFkWErVez0Q+NtUe077c5s50zCrL7EwH5/aiwaYklHF566TO7ctOJBLLsoVOUlJGpUAjM4veG9XMz0KhTP9qYK3zqNOcPV++551bQu1rc3kR8R8C/etmP60zMhVkUAdgyPWFZbmKlrBv1SxIpvjSo5STZzSRS7DK5/D9BaWS3zOcl5Pqtv0FVjm83dmQJxMPEjFo8e0T4Gq/noxYafQse4811/Ucmxj8J5rlJchakfxJz827w3MWYR4Ku+X3QAy/deBuvzUn3z35Zwr -|1|ED5cPaPlxg4p6tThq+iwQw9DWzk=|hyynBHmEAf8RTalBpTfvpX1Ijek= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDtdLzDzG6qmejiZq5BxDqxkN71W08xuQWVZ+6784SpsXTUujKT49lNCXmH+IHijsRaigU9cVFkWErVez0Q+NtUe077c5s50zCrL7EwH5/aiwaYklHF566TO7ctOJBLLsoVOUlJGpUAjM4veG9XMz0KhTP9qYK3zqNOcPV++551bQu1rc3kR8R8C/etmP60zMhVkUAdgyPWFZbmKlrBv1SxIpvjSo5STZzSRS7DK5/D9BaWS3zOcl5Pqtv0FVjm83dmQJxMPEjFo8e0T4Gq/noxYafQse4811/Ucmxj8J5rlJchakfxJz827w3MWYR4Ku+X3QAy/deBuvzUn3z35Zwr -|1|d48JkTFKcmd4eghssuYGuEWY6FQ=|/4kjP4ZiLs77IR4pXcv2XNPRfK8= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfTQI130c6KPnRwy4KPMV+Ky9vJPSH/uwydojqcyAeKCGniGuF0Cyrye+UUvM0+KjOJ2H+Ekhy+A0Mg3v06W3PXbNCwxwvvS81tfJMse0rR1s0cjz77bWGuGeGxli6GP/HPlbjP0arGf0hkze1U9z/IyXrawoiVuWQUcQKelJtAqbloT1LheZUY35BPkC84W79hnhB3yRt6WrSjoxeUFaWVvWwZPpD7jMd2/0GED3pqofGz2Y4DS1/TqFFr5euoHe7iIQ/ihC0SyDDVbL9lqHxjsCtNzAwfu48mUCikA6lLGZJNFGGBFQNCvF2WZZLFXpzEsneqE+9pDpHIel/uqAd -|1|ZFufFQSCH/y6vuXL8ybMHMScEnM=|JAiydwN4g2Ombg70QCLJS/iJRJA= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfTQI130c6KPnRwy4KPMV+Ky9vJPSH/uwydojqcyAeKCGniGuF0Cyrye+UUvM0+KjOJ2H+Ekhy+A0Mg3v06W3PXbNCwxwvvS81tfJMse0rR1s0cjz77bWGuGeGxli6GP/HPlbjP0arGf0hkze1U9z/IyXrawoiVuWQUcQKelJtAqbloT1LheZUY35BPkC84W79hnhB3yRt6WrSjoxeUFaWVvWwZPpD7jMd2/0GED3pqofGz2Y4DS1/TqFFr5euoHe7iIQ/ihC0SyDDVbL9lqHxjsCtNzAwfu48mUCikA6lLGZJNFGGBFQNCvF2WZZLFXpzEsneqE+9pDpHIel/uqAd -|1|Ry9u6UxPjjoPBUxNiZGz6my7tHw=|A0GH7yoL1kIQkoYnqBlFgZuZtG0= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEApuXd4MHTfr1qLXWeClxTTQYZQblCA+nHvbjAjowkEd2Y4kpvntJOVewoSwa22zTbiYSmmssCuCkFHwcpnZBZN5qMWewjizav30WfeyLR5Kng5qucxmFAEkNJjCJiu194wRNKu0cD99Uk/6X/AfsWGLgmL5pa5UFk62aW+iZLUQ8= -|1|vwunqZw+G2e5xwtXILhLOz6pjb8=|qEULUEPyFkTeryerpNeBUI/QnhI= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEApuXd4MHTfr1qLXWeClxTTQYZQblCA+nHvbjAjowkEd2Y4kpvntJOVewoSwa22zTbiYSmmssCuCkFHwcpnZBZN5qMWewjizav30WfeyLR5Kng5qucxmFAEkNJjCJiu194wRNKu0cD99Uk/6X/AfsWGLgmL5pa5UFk62aW+iZLUQ8= -|1|ytXkA4wWSyLrZZD6D7V3Smo/PPc=|M8aG/CqJpLxigEzjvlelwYqCSdY= ssh-rsa -AAAAB3NzaC1yc2EAAAABIwAAAQEA2IRFQLSdatUw9Ecev8CCB5yUfINcn/QIt9mZ1TSiLqBM2MDJKS8XRCsIp7jevWBGEZQjW2Mu5M5s6+1dDHlwy77hr+dmUM0YFvDs/En3f/QbB+HCn0nNNGmAcw0S9GLyNVyGjFbvkxwe/V7b+TiNKrX+Z2mZSeytCHDcb8QUYgdrEINRbjg0LpUdANL8kp/1krz1r1y4fsjl28PceYLn9qZEJxmz0mUPS5MDAMvHy3Q4nTfGQiEAm6sG42W41I8TU/FU0/YvMZ3ylWTesAgStQr16R3SLxHjbkrOK87agnJvEDIo6mHFFYvdnNWB5TqMHB8k9J/IUYYBc7r4YCutMw== -|1|3z9pqCTiW3ULR7/46LAvFkfc/gY=|qG2wIrr1VyupSYUyMFEK5Zl8DBI= ssh-rsa -AAAAB3NzaC1yc2EAAAABIwAAAQEA2IRFQLSdatUw9Ecev8CCB5yUfINcn/QIt9mZ1TSiLqBM2MDJKS8XRCsIp7jevWBGEZQjW2Mu5M5s6+1dDHlwy77hr+dmUM0YFvDs/En3f/QbB+HCn0nNNGmAcw0S9GLyNVyGjFbvkxwe/V7b+TiNKrX+Z2mZSeytCHDcb8QUYgdrEINRbjg0LpUdANL8kp/1krz1r1y4fsjl28PceYLn9qZEJxmz0mUPS5MDAMvHy3Q4nTfGQiEAm6sG42W41I8TU/FU0/YvMZ3ylWTesAgStQr16R3SLxHjbkrOK87agnJvEDIo6mHFFYvdnNWB5TqMHB8k9J/IUYYBc7r4YCutMw== -|1|bsQTFPPGPVkpa+nblTNYl11Cxl0=|sC7XEp28VJ/tlnLGq4m6XNTjgNk= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2IRFQLSdatUw9Ecev8CCB5yUfINcn/QIt9mZ1TSiLqBM2MDJKS8XRCsIp7jevWBGEZQjW2Mu5M5s6+1dDHlwy77hr+dmUM0YFvDs/En3f/QbB+HCn0nNNGmAcw0S9GLyNVyGjFbvkxwe/V7b+TiNKrX+Z2mZSeytCHDcb8QUYgdrEINRbjg0LpUdANL8kp/1krz1r1y4fsjl28PceYLn9qZEJxmz0mUPS5MDAMvHy3Q4nTfGQiEAm6sG42W41I8TU/FU0/YvMZ3ylWTesAgStQr16R3SLxHjbkrOK87agnJvEDIo6mHFFYvdnNWB5TqMHB8k9J/IUYYBc7r4YCutMw== -|1|HenNrBbEm/2XlEXSblgTan10DJQ=|ZgegoeenOwfY/SsHbhYkDjGlM4E= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2IRFQLSdatUw9Ecev8CCB5yUfINcn/QIt9mZ1TSiLqBM2MDJKS8XRCsIp7jevWBGEZQjW2Mu5M5s6+1dDHlwy77hr+dmUM0YFvDs/En3f/QbB+HCn0nNNGmAcw0S9GLyNVyGjFbvkxwe/V7b+TiNKrX+Z2mZSeytCHDcb8QUYgdrEINRbjg0LpUdANL8kp/1krz1r1y4fsjl28PceYLn9qZEJxmz0mUPS5MDAMvHy3Q4nTfGQiEAm6sG42W41I8TU/FU0/YvMZ3ylWTesAgStQr16R3SLxHjbkrOK87agnJvEDIo6mHFFYvdnNWB5TqMHB8k9J/IUYYBc7r4YCutMw== diff --git a/modules/jenkins_slave/files/ssh_config b/modules/jenkins_slave/files/ssh_config new file mode 100644 index 0000000000..bccc9c965a --- /dev/null +++ b/modules/jenkins_slave/files/ssh_config @@ -0,0 +1,3 @@ +UserKnownHostsFile=/dev/null +StrictHostKeyChecking=no +LogLevel=ERROR diff --git a/modules/jenkins_slave/manifests/devstackrepo.pp b/modules/jenkins_slave/manifests/devstackrepo.pp new file mode 100644 index 0000000000..c1b3713aed --- /dev/null +++ b/modules/jenkins_slave/manifests/devstackrepo.pp @@ -0,0 +1,51 @@ +define devstackrepo($ensure = present) { + $repo_there = "test -d /home/jenkins/devstack" + $mysql_pass = $orchestra::mysql_pass + $rabbit_pass = generate('/usr/bin/openssl', 'rand', '-hex', '12') + case $ensure { + present: { + exec { "Clone devstack git repo": + path => "/usr/sbin:/usr/bin:/sbin:/bin", + environment => "HOME=/home/jenkins", + command => "sudo -H -u jenkins -i git clone git://github.com/jeblair/devstack.git /home/jenkins/devstack", + user => "root", + group => "root", + unless => "$repo_there", + logoutput => on_failure, + } + file { '/home/jenkins/devstack/localrc': + owner => 'root', + group => 'root', + mode => 444, + ensure => 'present', + content => template('jenkins_slave/localrc.erb'), + replace => 'false', + require => [Exec["Clone devstack git repo"], + File["/var/lib/cobbler/snippets/openstack_mysql_password"], + ] + } + exec { "Update devstack git repo": + path => "/usr/sbin:/usr/bin:/sbin:/bin", + environment => "HOME=/home/jenkins", + command => "sudo -H -u jenkins -i bash -c 'cd /home/jenkins/devstack && git pull'", + user => "root", + group => "root", + onlyif => "$repo_there", + logoutput => on_failure, + } + } + absent: { + exec { "Remove OpenStack git repo": + path => "/usr/sbin:/usr/bin:/sbin:/bin", + environment => "HOME=/root", + command => "rm -rf /home/jenkins/devstack", + user => "root", + group => "root", + onlyif => "$repo_there", + } + } + default: { + fail "Invalid 'ensure' value '$ensure' for devstackrepo" + } + } +} diff --git a/modules/jenkins_slave/manifests/init.pp b/modules/jenkins_slave/manifests/init.pp index fda2b240ff..cfe5110f95 100644 --- a/modules/jenkins_slave/manifests/init.pp +++ b/modules/jenkins_slave/manifests/init.pp @@ -9,6 +9,11 @@ class jenkins_slave { require => [ Package[git], Jenkinsuser[jenkins] ], } + devstackrepo { "devstack": + ensure => present, + require => [ Package[git], Jenkinsuser[jenkins] ], + } + apt::ppa { "ppa:openstack-ci/build-depends": ensure => present } diff --git a/modules/jenkins_slave/manifests/jenkinsuser.pp b/modules/jenkins_slave/manifests/jenkinsuser.pp index 0254726fc5..2ba9fc3edb 100644 --- a/modules/jenkins_slave/manifests/jenkinsuser.pp +++ b/modules/jenkins_slave/manifests/jenkinsuser.pp @@ -104,15 +104,15 @@ define jenkinsuser($ensure = present) { ], } - file { 'jenkinsknownhosts': - name => '/home/jenkins/.ssh/known_hosts', + file { 'jenkinssshconfig': + name => '/home/jenkins/.ssh/config', owner => 'jenkins', group => 'jenkins', mode => 640, ensure => 'present', require => File['jenkinssshdir'], source => [ - "puppet:///modules/jenkins_slave/known_hosts", + "puppet:///modules/jenkins_slave/ssh_config", ], } diff --git a/modules/jenkins_slave/templates/localrc.erb b/modules/jenkins_slave/templates/localrc.erb new file mode 100644 index 0000000000..ef0b11d280 --- /dev/null +++ b/modules/jenkins_slave/templates/localrc.erb @@ -0,0 +1,5 @@ +# This file is managed by puppet. + +MYSQL_PASS=<%= mysql_pass -%> +RABBIT_PASSWORD=secret +ADMIN_PASSWORD=secret \ No newline at end of file diff --git a/modules/orchestra/files/99-orchestra.conf b/modules/orchestra/files/99-orchestra.conf new file mode 100644 index 0000000000..f35b3b6d1a --- /dev/null +++ b/modules/orchestra/files/99-orchestra.conf @@ -0,0 +1,19 @@ +# Enable the udp server for installation logging +$ModLoad imudp +$UDPServerRun 514 + +$ModLoad imtcp # load TCP listener +$InputTCPMaxSessions 500 +$InputTCPServerRun 10514 # start up listener at port 10514 +$MaxMessageSize 32k + +# Message templating +$template DYNsyslog,"/var/log/orchestra/rsyslog/%FROMHOST%/syslog" +$FileCreateMode 0644 + +if \ + $fromhost-ip != '127.0.0.1' \ +then ?DYNsyslog +& ~ +$FileCreateMode 0640 + diff --git a/modules/orchestra/files/dnsmasq.template b/modules/orchestra/files/dnsmasq.template new file mode 100644 index 0000000000..1c683e63fc --- /dev/null +++ b/modules/orchestra/files/dnsmasq.template @@ -0,0 +1,22 @@ +# Cobbler generated configuration file for dnsmasq +# $date +# + +# resolve.conf .. ? +#no-poll +#enable-dbus +read-ethers +addn-hosts = /var/lib/cobbler/cobbler_hosts +#domain= +dhcp-ignore=tag:!known + +dhcp-range=10.14.247.42,10.14.247.45 +dhcp-option=3,10.14.247.33 +dhcp-lease-max=1000 +dhcp-authoritative +dhcp-boot=pxelinux.0 +dhcp-boot=net:normalarch,pxelinux.0 +dhcp-boot=net:ia64,$elilo + +$insert_cobbler_system_definitions + diff --git a/modules/orchestra/files/openstack-test.preseed b/modules/orchestra/files/openstack-test.preseed new file mode 100644 index 0000000000..8ea21dfec2 --- /dev/null +++ b/modules/orchestra/files/openstack-test.preseed @@ -0,0 +1,146 @@ +# Orchestra - Ubuntu Server Installation +# * Minimal install +# * Cloud-init for bare-metal +# * Grab meta-data and user-data from cobbler server in a late command + +# d-i debian-installer/add-kernel-opts string --verbose + +# Locale +d-i debian-installer/locale string en_US.UTF-8 + +# No splash +d-i debian-installer/splash boolean false + +# Keyboard layout +d-i console-setup/ask_detect boolean false +d-i console-setup/layoutcode string us +d-i console-setup/variantcode string + +# Network configuration +d-i netcfg/get_nameservers string +d-i netcfg/get_ipaddress string +d-i netcfg/get_netmask string 255.255.255.0 +d-i netcfg/get_gateway string +d-i netcfg/confirm_static boolean true + +# Local clock (set to UTC and use ntp) +d-i clock-setup/utc boolean true +d-i clock-setup/ntp boolean true +d-i clock-setup/ntp-server string ntp.ubuntu.com + +# Partitioning +d-i partman-auto/method string lvm +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-md/device_remove_md boolean true +d-i partman-lvm/confirm boolean true +d-i partman-auto-lvm/guided_size string 20GB +d-i partman-auto-lvm/new_vg_name string main +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true +d-i partman-lvm/confirm_nooverwrite boolean true +d-i partman-md/confirm boolean true +d-i partman/default_filesystem string ext4 + +d-i partman-auto/expert_recipe string \ + boot-root :: \ + 40 300 300 ext3 \ + $primary{ } \ + $bootable{ } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext3 } \ + mountpoint{ /boot } \ + . \ + 2000 10000 1000000000 ext4 \ + $lvmok{ } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ / } \ + . \ + 8000 8000 200% linux-swap \ + $lvmok{ } \ + method{ swap } format{ } \ + . + + +# Use server kernel +d-i base-installer/kernel/image string linux-server + +# User Setup +d-i passwd/root-login boolean false +d-i passwd/make-user boolean true +d-i passwd/user-fullname string ubuntu +d-i passwd/username string ubuntu +d-i passwd/user-password-crypted password $6$.1eHH0iY$ArGzKX2YeQ3G6U.mlOO3A.NaL22Ewgz8Fi4qqz.Ns7EMKjEJRIW2Pm/TikDptZpuu7I92frytmk5YeL.9fRY4. +d-i passwd/user-uid string +d-i user-setup/allow-password-weak boolean false +d-i user-setup/encrypt-home boolean false +d-i passwd/user-default-groups string adm cdrom dialout lpadmin plugdev sambashare + +# APT +$SNIPPET('orchestra_proxy') + +# By default the installer requires that repositories be authenticated +# using a known gpg key. This setting can be used to disable that +# authentication. Warning: Insecure, not recommended. +d-i debian-installer/allow_unauthenticated string false + +# Lang +d-i pkgsel/language-packs multiselect en +d-i pkgsel/update-policy select none +d-i pkgsel/updatedb boolean true + +# Boot-loader +d-i grub-installer/skip boolean false +d-i lilo-installer/skip boolean false +d-i grub-installer/only_debian boolean true +d-i grub-installer/with_other_os boolean true +d-i finish-install/keep-consoles boolean false +d-i finish-install/reboot_in_progress note + +# Eject cdrom +d-i cdrom-detect/eject boolean true + +# Do not halt/poweroff after install +d-i debian-installer/exit/halt boolean false +d-i debian-installer/exit/poweroff boolean false + +d-i pkgsel/include string debconf byobu capistrano cloud-init openssh-server \ + python-software-properties vim \ + apache2 libapache2-mod-wsgi python-dateutil python-anyjson pep8 pylint \ + python-pip screen unzip wget psmisc git-core lsof openssh-server \ + vim-nox locate python-virtualenv python-unittest2 python-eventlet \ + python-routes python-greenlet python-argparse python-sqlalchemy \ + python-wsgiref python-pastedeploy python-xattr python-setuptools \ + python-dev python-lxml python-pastescript python-pastedeploy \ + python-paste sqlite3 python-pysqlite2 python-sqlalchemy python-webob \ + python-greenlet python-routes libldap2-dev libsasl2-dev dnsmasq-base \ + kpartx mysql-server python-mysqldb kvm gawk iptables ebtables sqlite3 \ + sudo kvm libvirt-bin vlan curl rabbitmq-server socat python-mox \ + python-paste python-migrate python-gflags python-greenlet \ + python-libvirt python-libxml2 python-routes python-netaddr \ + python-pastedeploy python-eventlet python-cheetah python-carrot \ + python-tempita python-sqlalchemy python-suds python-lockfile \ + python-m2crypto python-boto python-numpy mysql-common mysql-client-5.1 \ + erlang-base erlang-ssl erlang-nox erlang-inets erlang-mnesia \ + libhtml-template-perl gettext-base libavahi-client3 libxml2-utils \ + libpciaccess0 libparted0debian1 + +mysql-server-5.1 mysql-server/root_password password $SNIPPET('openstack_mysql_password') +mysql-server-5.1 mysql-server/root_password_again password $SNIPPET('openstack_mysql_password') +mysql-server-5.1 mysql-server/start_on_boot boolean true + +# Set cloud-init data source to manual seeding +cloud-init cloud-init/datasources multiselect NoCloud + +# Set rsyslog server +$SNIPPET('orchestra_rsyslog_client_config') + +# JuJu post scripts. Executes late command and disables PXE +d-i preseed/late_command string true && \ + $SNIPPET('openstack_cloud_init') && \ + $SNIPPET('openstack_module_blacklist') && \ + $SNIPPET('orchestra_rsyslog_obtain_keys') && \ + $SNIPPET('orchestra_disable_pxe') && \ + true diff --git a/modules/orchestra/files/openstack_cloud_init b/modules/orchestra/files/openstack_cloud_init new file mode 100644 index 0000000000..036735911c --- /dev/null +++ b/modules/orchestra/files/openstack_cloud_init @@ -0,0 +1,39 @@ +#set http_server=$getVar('$http_server', 'true') +<% +import orchestra.utils.cloudinit +import base64 + +cfg = """#cloud-config +apt_update: false +apt_upgrade: false +disable_root: false +output: {all: '| tee -a /var/log/cloud-init-output.log'} +runcmd: + - echo "cloud init waiting" + - sleep 60 + - sudo apt-get -y install kexec-tools + - sudo sed -i /etc/default/kexec -e s/LOAD_KEXEC=false/LOAD_KEXEC=true/ + - sudo mkdir /var/spool/rsyslog + - sudo chown syslog.syslog /var/spool/rsyslog + - echo "\$ModLoad imuxsock" > /tmp/rsyslog.conf + - echo "\$WorkDirectory /var/spool/rsyslog" >> /tmp/rsyslog.conf + - echo "\$MaxMessageSize 32k" >> /tmp/rsyslog.conf + - echo "\$ActionQueueType LinkedList" >> /tmp/rsyslog.conf + - echo "\$ActionQueueFileName srvrfwd" >> /tmp/rsyslog.conf + - echo "\$ActionResumeRetryCount -1" >> /tmp/rsyslog.conf + - echo "\$ActionQueueSaveOnShutdown on" >> /tmp/rsyslog.conf + - echo "*.* @@%s:10514" >> /tmp/rsyslog.conf + - sudo mv /tmp/rsyslog.conf /etc/rsyslog.d/10-remote.conf + - sudo chown root.root /etc/rsyslog.d/10-remote.conf + - sudo lvrename /dev/main/root orig_root + - sudo lvcreate -L20G -s -n root /dev/main/orig_root + - reboot +ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtioTW2wh3mBRuj+R0Jyb/mLt5sjJ8dEvYyA8zfur1dnqEt5uQNLacW4fHBDFWJoLHfhdfbvray5wWMAcIuGEiAA2WEH23YzgIbyArCSI+z7gB3SET8zgff25ukXlN+1mBSrKWxIza+tB3NU62WbtO6hmelwvSkZ3d7SDfHxrc4zEpmHDuMhxALl8e1idqYzNA+1EhZpbcaf720mX+KD3oszmY2lqD1OkKMquRSD0USXPGlH3HK11MTeCArKRHMgTdIlVeqvYH0v0Wd1w/8mbXgHxfGzMYS1Ej0fzzJ0PC5z5rOqsMqY1X2aC1KlHIFLAeSf4Cx0JNlSpYSrlZ/RoiQ== hudson@hudson +""" % http_server + +user_data = orchestra.utils.cloudinit.get_user_data_late_command(base64.b64encode(cfg)) + +%> \ +$orchestra.utils.cloudinit.get_meta_data_late_command($getVar('$uid', 'true'), $getVar('$hostname', 'true')) \ && \ +$user_data \ diff --git a/modules/orchestra/files/openstack_module_blacklist b/modules/orchestra/files/openstack_module_blacklist new file mode 100644 index 0000000000..458649e9a7 --- /dev/null +++ b/modules/orchestra/files/openstack_module_blacklist @@ -0,0 +1,7 @@ +<% +import orchestra.utils.cloudinit +script = 'echo "blacklist xgifb" > /etc/modprobe.d/blacklist-xgifb.conf' + +blacklist = orchestra.utils.cloudinit._KSMETA_LATE_COMMAND_TEMPLATE % (orchestra.utils.cloudinit.base64_gzip(script), "blacklist") +%> \ +$blacklist \ \ No newline at end of file diff --git a/modules/orchestra/files/openstack_network_sleep b/modules/orchestra/files/openstack_network_sleep new file mode 100644 index 0000000000..dcd03f9a4a --- /dev/null +++ b/modules/orchestra/files/openstack_network_sleep @@ -0,0 +1,7 @@ +<% +import orchestra.utils.cloudinit +script = 'echo " pre-up sleep 60" >> /etc/network/interfaces' + +networksleep = orchestra.utils.cloudinit._KSMETA_LATE_COMMAND_TEMPLATE % (orchestra.utils.cloudinit.base64_gzip(script), "network-sleep") +%> \ +$networksleep \ \ No newline at end of file diff --git a/modules/orchestra/files/orchestra-jenkins-sudoers b/modules/orchestra/files/orchestra-jenkins-sudoers new file mode 100644 index 0000000000..8874c21e3f --- /dev/null +++ b/modules/orchestra/files/orchestra-jenkins-sudoers @@ -0,0 +1 @@ +jenkins ALL = NOPASSWD: /usr/bin/cobbler, /sbin/restart rsyslog, /bin/rm -f /var/log/orchestra/rsyslog/* diff --git a/modules/orchestra/manifests/init.pp b/modules/orchestra/manifests/init.pp new file mode 100644 index 0000000000..6b4a007432 --- /dev/null +++ b/modules/orchestra/manifests/init.pp @@ -0,0 +1,95 @@ +class orchestra { + $mysql_pass = generate('/usr/bin/openssl', 'rand', '-hex', '12') + package { ipmitool: ensure => present } + package { ubuntu-orchestra-server: ensure => present } + exec { cobbler-sync: + command => "/usr/bin/cobbler sync", + logoutput => true, + refreshonly => true, + subscribe => [ + File["/etc/cobbler/dnsmasq.template"], + File["/var/lib/cobbler/snippets/openstack_module_blacklist"], + File["/var/lib/cobbler/snippets/openstack_cloud_init"], + File["/var/lib/cobbler/snippets/openstack_network_sleep"], + File["/var/lib/cobbler/snippets/openstack_mysql_password"], + File["/var/lib/cobbler/kickstarts/openstack-test.preseed"], + ], + } + exec { rsyslog-restart: + command => "/sbin/restart rsyslog", + logoutput => true, + refreshonly => true, + subscribe => [ + File["/etc/rsyslog.d/99-orchestra.conf"], + ], + } + file { '/var/lib/cobbler/snippets/openstack_mysql_password': + owner => 'root', + group => 'root', + mode => 444, + ensure => 'present', + content => template('orchestra/openstack_mysql_password.erb'), + replace => 'false', + } + file { "/etc/cobbler/dnsmasq.template": + owner => 'root', + group => 'root', + mode => 444, + ensure => 'present', + source => "puppet:///modules/orchestra/dnsmasq.template", + replace => 'true', + require => Package["ubuntu-orchestra-server"], + } + file { "/var/lib/cobbler/snippets/openstack_module_blacklist": + owner => 'root', + group => 'root', + mode => 444, + ensure => 'present', + source => "puppet:///modules/orchestra/openstack_module_blacklist", + replace => 'true', + require => Package["ubuntu-orchestra-server"], + } + file { "/var/lib/cobbler/snippets/openstack_cloud_init": + owner => 'root', + group => 'root', + mode => 444, + ensure => 'present', + source => "puppet:///modules/orchestra/openstack_cloud_init", + replace => 'true', + require => Package["ubuntu-orchestra-server"], + } + file { "/var/lib/cobbler/snippets/openstack_network_sleep": + owner => 'root', + group => 'root', + mode => 444, + ensure => 'present', + source => "puppet:///modules/orchestra/openstack_network_sleep", + replace => 'true', + require => Package["ubuntu-orchestra-server"], + } + file { "/var/lib/cobbler/kickstarts/openstack-test.preseed": + owner => 'root', + group => 'root', + mode => 444, + ensure => 'present', + source => "puppet:///modules/orchestra/openstack-test.preseed", + replace => 'true', + require => Package["ubuntu-orchestra-server"], + } + file { "/etc/sudoers.d/orchestra-jenkins": + owner => 'root', + group => 'root', + mode => 440, + ensure => 'present', + source => "puppet:///modules/orchestra/orchestra-jenkins-sudoers", + replace => 'true', + } + file { "/etc/rsyslog.d/99-orchestra.conf": + owner => 'root', + group => 'root', + mode => 440, + ensure => 'present', + source => "puppet:///modules/orchestra/99-orchestra.conf", + replace => 'true', + } +} diff --git a/modules/orchestra/templates/openstack_mysql_password.erb b/modules/orchestra/templates/openstack_mysql_password.erb new file mode 100644 index 0000000000..74e0472ccd --- /dev/null +++ b/modules/orchestra/templates/openstack_mysql_password.erb @@ -0,0 +1 @@ +<%= mysql_pass -%>