opendev/system-config
Code Issues Proposed changes
system-config/modules/openstack_project/manifests/puppetmaster.pp
Monty Taylor edaa31ebbd Add keys and script for puppet over ssh 
In anticipation of driving puppet over ssh, we need keys on the hosts
and the scripts on the master. Don't turn them on yet, because we want
to be able to do some by-hand testing of the mechanism.

Change-Id: I2c353777e2f8fb5a2e733ce405ba40427ce901e5
2014-04-15 20:24:16 -07:00

96 lines
2.4 KiB
Puppet
Raw Blame History

# == Class: openstack_project::puppetmaster
#
class openstack_project::puppetmaster (
$root_rsa_key,
$override_list = [],
$sysadmins = []
) {
include openstack_project::params
class { 'openstack_project::server':
iptables_public_tcp_ports => [4505, 4506, 8140],
sysadmins => $sysadmins,
}
class { 'salt':
salt_master => 'ci-puppetmaster.openstack.org',
}
class { 'salt::master': }
cron { 'updatepuppetmaster':
user => 'root',
minute => '*/15',
command => 'sleep $((RANDOM\%600)) && cd /opt/config/production && git fetch -q && git reset -q --hard @{u} && ./install_modules.sh && touch manifests/site.pp',
environment => 'PATH=/var/lib/gems/1.8/bin:/usr/bin:/bin:/usr/sbin:/sbin',
}
cron { 'deleteoldreports':
user => 'root',
hour => '3',
minute => '0',
command => 'sleep $((RANDOM\%600)) && find /var/lib/puppet/reports -name \'*.yaml\' -mtime +7 -execdir rm {} \;',
environment => 'PATH=/var/lib/gems/1.8/bin:/usr/bin:/bin:/usr/sbin:/sbin',
}
file { '/etc/puppet/hiera.yaml':
ensure => present,
owner => 'root',
group => 'root',
mode => '0555',
source => 'puppet:///modules/openstack_project/puppetmaster/hiera.yaml',
replace => true,
require => Class['openstack_project::server'],
}
file { '/var/lib/puppet/reports':
ensure => directory,
owner => 'puppet',
group => 'puppet',
mode => '0750',
}
file { '/usr/local/bin/run_remote_puppet':
ensure => present,
mode => '0700',
content => template('openstack_project/run_remote_puppet.sh.erb'),
}
if ! defined(File['/root/.ssh']) {
file { '/root/.ssh':
ensure => directory,
mode => '0700',
}
}
file { '/root/.ssh/id_rsa':
ensure => present,
mode => '0400',
content => $root_rsa_key,
}
# Cloud credentials are stored in this directory for launch-node.py.
file { '/root/ci-launch':
ensure => directory,
owner => 'root',
group => 'admin',
mode => '0750',
}
# For launch/launch-node.py.
package { ['python-cinderclient', 'python-novaclient']:
ensure => latest,
provider => pip,
}
package { 'python-paramiko':
ensure => present,
}
# Enable puppetdb
class { 'puppetdb::master::config':
puppetdb_server => 'puppetdb.openstack.org',
puppet_service_name => 'apache2',
}
}
View Git Blame Copy Permalink