Make ansible speak to appropriate puppetmaster

With split puppet master infrastructure ansible needs to be told which puppetmaster to talk to. Do this by making puppetmaster a required argument to the puppet ansible playbook. Since we can't rely on the cert listing while this is happening also add puppet master specific host list files which can be used to specify which hosts talk to which puppetmaster via the new ansible playbook feature. Change-Id: I412c2bd6cb390d00d1b9d0e4630e75776edabbb9
2014-09-10 13:46:17 -07:00 · 2014-09-10 13:46:17 -07:00 · 07d8b0ff24
commit 07d8b0ff24
parent e6775bd7b5
6 changed files with 49 additions and 9 deletions
--- a/modules/ansible/files/library/config_management/puppet
+++ b/modules/ansible/files/library/config_management/puppet
@ -53,6 +53,7 @@ def main():
    module = AnsibleModule(
        argument_spec=dict(
            timeout=dict(default="30m"),
+            puppetmaster=dict(required=True),
            show_diff=dict(
                default=False, aliases=['show-diff'], type='bool'),
        ),
@ -67,9 +68,11 @@ def main():
            msg="Could not find puppet. Please ensure it is installed.")

    cmd = ("timeout -s 9 %(timeout)s %(puppet_cmd)s agent --onetime"
+           " --server %(puppetmaster)s"
           " --ignorecache --no-daemonize --no-usecacheonfailure --no-splay"
           " --detailed-exitcodes --verbose") % dict(
-               timeout=pipes.quote(p['timeout']), puppet_cmd=PUPPET_CMD)
+               timeout=pipes.quote(p['timeout']), puppet_cmd=PUPPET_CMD,
+               puppetmaster=pipes.quote(p['puppetmaster']))
    if p['show_diff']:
        cmd += " --show-diff"
    rc, stdout, stderr = module.run_command(cmd)
--- a/modules/ansible/manifests/init.pp
+++ b/modules/ansible/manifests/init.pp
@ -1,6 +1,8 @@
 # == Class: ansible
 #
-class ansible {
+class ansible (
+  $ansible_hostfile = '/usr/local/bin/puppet-inventory'
+) {

  include logrotate
  include pip
@ -18,7 +20,10 @@ class ansible {

  file { '/etc/ansible/ansible.cfg':
    ensure  => present,
-    source  => 'puppet:///modules/ansible/ansible.cfg',
+    mode   => '0644',
+    owner  => 'root',
+    group  => 'root',
+    content => template('ansible/ansible.cfg.erb'),
    require => File['/etc/ansible'],
  }

--- a/modules/ansible/templates/ansible.cfg.erb
+++ b/modules/ansible/templates/ansible.cfg.erb
@ -1,4 +1,4 @@
 [defaults]
-hostfile=/usr/local/bin/puppet-inventory
+hostfile=<%= @ansible_hostfile %>
 library=/usr/share/ansible:/etc/ansible/library
 log_path=/var/log/ansible.log
--- a/modules/openstack_project/files/ansible/remote_puppet2.yaml
+++ b/modules/openstack_project/files/ansible/remote_puppet2.yaml
@ -0,0 +1,14 @@
+---
+- hosts: git0*
+  gather_facts: false
+  max_fail_percentage: 1
+  roles:
+    - { role: puppet, puppetmaster: ci-puppetmaster.openstack.org }
+- hosts: review.openstack.org
+  gather_facts: false
+  roles:
+    - { role: puppet, puppetmaster: ci-puppetmaster.openstack.org }
+- hosts: "!review.openstack.org:!git0*"
+  gather_facts: false
+  roles:
+    - { role: puppet, puppetmaster: ci-puppetmaster.openstack.org }
--- a/modules/openstack_project/files/ansible/remote_puppet3.yaml
+++ b/modules/openstack_project/files/ansible/remote_puppet3.yaml
@ -3,12 +3,12 @@
  gather_facts: false
  max_fail_percentage: 1
  roles:
-    - puppet
+    - { role: puppet, puppetmaster: puppetmaster.openstack.org }
 - hosts: review.openstack.org
  gather_facts: false
  roles:
-    - puppet
+    - { role: puppet, puppetmaster: puppetmaster.openstack.org }
 - hosts: "!review.openstack.org:!git0*"
  gather_facts: false
  roles:
-    - puppet
+    - { role: puppet, puppetmaster: puppetmaster.openstack.org }
--- a/modules/openstack_project/manifests/puppetmaster.pp
+++ b/modules/openstack_project/manifests/puppetmaster.pp
@ -9,7 +9,6 @@ class openstack_project::puppetmaster (
  $puppetdb = true,
  $puppetdb_server = 'puppetdb.openstack.org',
 ) {
-  include ansible
  include logrotate
  include openstack_project::params

@ -20,6 +19,25 @@ class openstack_project::puppetmaster (
    ca_server                 => $ca_server,
  }

+  if ($version == '2.7.'){
+    $ansible_remote_puppet_source = 'puppet:///modules/openstack_project/ansible/remote_puppet2.yaml'
+  }
+  else {
+    $ansible_remote_puppet_source = 'puppet:///modules/openstack_project/ansible/remote_puppet3.yaml'
+  }
+
+  class { 'ansible':
+    ansible_hostfile => '/etc/ansible/hostfile',
+  }
+
+  file { '/etc/ansible/hostfile':
+    ensure  => present,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0644',
+    require => Class['ansible'],
+  }
+
  if ($update_slave) {
    $cron_command = 'bash /opt/config/production/run_all.sh'
    logrotate::file { 'updatepuppetmaster':
@ -123,7 +141,7 @@ class openstack_project::puppetmaster (
 #
  file { '/etc/ansible/remote_puppet.yaml':
    ensure  => present,
-    source  => 'puppet:///modules/openstack_project/ansible/remote_puppet.yaml',
+    source  => $ansible_remote_puppet_source,
    require => Class[ansible],
  }