opendev/system-config
Code Issues Proposed changes
system-config/modules/openstack_project/manifests/template.pp
James E. Blair e96c2e7c84 Use unbound 
On all machines, set up unbound as a caching recursive resolver.
On single-use slaves, set it up to forward cache misses to the
DNS servers obtained by the template host on boot.

Change-Id: I8505f5a277f20b1328900a9a515cd84db77b2b3b
2014-03-18 09:23:38 -07:00

86 lines
2.0 KiB
Puppet
Raw Blame History

# == Class: openstack_project::template
#
# A template host with no running services
#
class openstack_project::template (
$iptables_public_tcp_ports = [],
$iptables_public_udp_ports = [],
$iptables_rules4 = [],
$iptables_rules6 = [],
$install_users = true,
$automatic_upgrades = true,
$certname = $::fqdn
) {
include ssh
include snmpd
if $automatic_upgrades == true {
include openstack_project::automatic_upgrades
}
class { 'iptables':
public_tcp_ports => $iptables_public_tcp_ports,
public_udp_ports => $iptables_public_udp_ports,
rules4 => $iptables_rules4,
rules6 => $iptables_rules6,
}
class { 'ntp': }
class { 'openstack_project::base':
install_users => $install_users,
certname => $certname,
}
package { 'lvm2':
ensure => present,
}
package { 'strace':
ensure => present,
}
package { 'tcpdump':
ensure => present,
}
class { 'unbound': }
if $::osfamily == 'Debian' {
# Custom rsyslog config to disable /dev/xconsole noise on Debuntu servers
file { '/etc/rsyslog.d/50-default.conf':
ensure => present,
owner => 'root',
group => 'root',
mode => '0644',
source =>
'puppet:///modules/openstack_project/rsyslog.d_50-default.conf',
replace => true,
notify => Service['rsyslog'],
}
# Ubuntu installs their whoopsie package by default, but it eats through
# memory and we don't need it on servers
package { 'whoopsie':
ensure => absent,
}
}
# Increase syslog message size in order to capture
# python tracebacks with syslog.
file { '/etc/rsyslog.d/99-maxsize.conf':
ensure => present,
# Note MaxMessageSize is not a puppet variable.
content => '$MaxMessageSize 6k',
owner => 'root',
group => 'root',
mode => '0644',
notify => Service['rsyslog'],
}
service { 'rsyslog':
ensure => running,
enable => true,
hasrestart => true,
}
}
View Git Blame Copy Permalink