From 3776f952dc3560ce1c0b94b98c71af9764a69187 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Fri, 20 Jul 2012 18:56:35 -0700 Subject: [PATCH] Move OpenStack classes to openstack_project module Change-Id: Iafcd2e06c5b62e4cde5eccaab3173a20bb08a78d --- manifests/site.pp | 194 +++++------------- modules/backup/manifests/init.pp | 29 +++ .../README | 0 .../files/jenkins/jenkins.default | 0 .../files/zuul/layout.yaml | 0 .../files/zuul/logging.conf | 0 .../files/zuul/openstack_functions.py | 0 modules/openstack_project/manifests/base.pp | 31 +++ .../openstack_project/manifests/init.pp | 84 +------- .../manifests/jenkins_slave.pp | 12 ++ .../manifests/puppet_cron.pp | 16 ++ .../manifests/remove_cron.pp | 14 ++ modules/openstack_project/manifests/server.pp | 9 + .../openstack_project/manifests/template.pp | 23 +++ .../openstack_project/manifests}/users.pp | 0 modules/openstack_project/manifests/zuul.pp | 19 ++ 16 files changed, 211 insertions(+), 220 deletions(-) create mode 100644 modules/backup/manifests/init.pp rename modules/{openstack-ci-config => openstack_project}/README (100%) rename modules/{openstack-ci-config => openstack_project}/files/jenkins/jenkins.default (100%) rename modules/{openstack-ci-config => openstack_project}/files/zuul/layout.yaml (100%) rename modules/{openstack-ci-config => openstack_project}/files/zuul/logging.conf (100%) rename modules/{openstack-ci-config => openstack_project}/files/zuul/openstack_functions.py (100%) create mode 100644 modules/openstack_project/manifests/base.pp rename manifests/openstack.pp => modules/openstack_project/manifests/init.pp (62%) create mode 100644 modules/openstack_project/manifests/jenkins_slave.pp create mode 100644 modules/openstack_project/manifests/puppet_cron.pp create mode 100644 modules/openstack_project/manifests/remove_cron.pp create mode 100644 modules/openstack_project/manifests/server.pp create mode 100644 modules/openstack_project/manifests/template.pp rename {manifests => modules/openstack_project/manifests}/users.pp (100%) create mode 100644 modules/openstack_project/manifests/zuul.pp diff --git a/manifests/site.pp b/manifests/site.pp index 4e5258e4d3..ea81a8f00a 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -1,88 +1,9 @@ -import "openstack" - -$jenkins_ssh_key = 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtioTW2wh3mBRuj+R0Jyb/mLt5sjJ8dEvYyA8zfur1dnqEt5uQNLacW4fHBDFWJoLHfhdfbvray5wWMAcIuGEiAA2WEH23YzgIbyArCSI+z7gB3SET8zgff25ukXlN+1mBSrKWxIza+tB3NU62WbtO6hmelwvSkZ3d7SDfHxrc4zEpmHDuMhxALl8e1idqYzNA+1EhZpbcaf720mX+KD3oszmY2lqD1OkKMquRSD0USXPGlH3HK11MTeCArKRHMgTdIlVeqvYH0v0Wd1w/8mbXgHxfGzMYS1Ej0fzzJ0PC5z5rOqsMqY1X2aC1KlHIFLAeSf4Cx0JNlSpYSrlZ/RoiQ== hudson@hudson' - -class openstack_cron { - include logrotate - include puppetboot - cron { "updatepuppet": - user => root, - minute => "*/15", - command => 'apt-get update >/dev/null 2>&1 ; sleep $((RANDOM\%600)) && cd /root/openstack-ci-puppet && /usr/bin/git pull -q && puppet apply -l /var/log/manifest.log --modulepath=/root/openstack-ci-puppet/modules manifests/site.pp', - environment => "PATH=/var/lib/gems/1.8/bin:/usr/bin:/bin:/usr/sbin:/sbin", - } - logrotate::file { 'updatepuppet': - log => '/var/log/manifest.log', - options => ['compress', 'delaycompress', 'missingok', 'rotate 7', 'daily', 'notifempty'], - require => Cron['updatepuppet'], - } -} - -class backup ($backup_user) { - package { "bup": - ensure => present - } - - file { "/etc/bup-excludes": - ensure => present, - content => "/proc/* -/sys/* -/dev/* -/tmp/* -/floppy/* -/cdrom/* -/var/spool/squid/* -/var/spool/exim/* -/media/* -/mnt/* -/var/agentx/* -/run/* -" - } - - cron { "bup-rs-ord": - user => root, - hour => "5", - minute => "37", - command => "tar -X /etc/bup-excludes -cPf - / | bup split -r $backup_user@ci-backup-rs-ord.openstack.org: -n root -q", - } -} - -class remove_openstack_cron { - cron { "updatepuppet": - ensure => absent - } - - file { '/etc/init/puppetboot.conf': - ensure => absent - } - - file { "/etc/logrotate.d/updatepuppet": - ensure => absent - } -} - -class openstack_jenkins_slave { - include openstack_cron - include tmpreaper - include apt::unattended-upgrades - class { 'openstack_server': - iptables_public_tcp_ports => [] - } - class { 'jenkins_slave': - ssh_key => $jenkins_ssh_key - } -} - # # Default: should at least behave like an openstack server # - node default { - include openstack_cron - class { 'openstack_server': - iptables_public_tcp_ports => [] - } + include openstack_project::puppet_cron + include openstack_project::server } # @@ -117,8 +38,8 @@ node default { # thus, set it to 5000minutes until the bug is fixed. node "review.openstack.org" { - include remove_openstack_cron - class { 'openstack_server': + include openstack_project::remove_cron + class { 'openstack_project::server': iptables_public_tcp_ports => [80, 443, 29418] } class { 'gerrit': @@ -135,7 +56,7 @@ node "review.openstack.org" { core_packedgitwindowsize => '16k', sshd_threads => '100', httpd_maxwait => '5000min', - github_projects => $openstack_project_list, + github_projects => $openstack_project::project_list, upstream_projects => [ { name => 'openstack-ci/gerrit', remote => 'https://gerrit.googlesource.com/gerrit' @@ -159,8 +80,8 @@ node "review.openstack.org" { } node "gerrit-dev.openstack.org", "review-dev.openstack.org" { - include remove_openstack_cron - class { 'openstack_server': + include openstack_project::remove_cron + class { 'openstack_project::server': iptables_public_tcp_ports => [80, 443, 29418] } @@ -194,8 +115,8 @@ node "gerrit-dev.openstack.org", "review-dev.openstack.org" { } node "jenkins.openstack.org" { - include remove_openstack_cron - class { 'openstack_server': + include openstack_project::remove_cron + class { 'openstack_project::server': iptables_public_tcp_ports => [80, 443, 4155] } class { 'jenkins_master': @@ -212,32 +133,17 @@ node "jenkins.openstack.org" { password => hiera('jenkins_jobs_password'), site => "openstack", } - class { 'zuul': } - file { "/etc/zuul/layout.yaml": - ensure => 'present', - source => 'puppet:///modules/openstack-ci-config/zuul/layout.yaml' - } - file { "/etc/zuul/openstack_functions.py": - ensure => 'present', - source => 'puppet:///modules/openstack-ci-config/zuul/openstack_functions.py' - } - file { "/etc/zuul/logging.conf": - ensure => 'present', - source => 'puppet:///modules/openstack-ci-config/zuul/logging.conf' - } - file { "/etc/default/jenkins": - ensure => 'present', - source => 'puppet:///modules/openstack-ci-config/jenkins/jenkins.default' - } + class { "openstack_project::zuul": } } node "jenkins-dev.openstack.org" { - include remove_openstack_cron - class { 'openstack_server': + include openstack_project::remove_cron + class { 'openstack_project::server': iptables_public_tcp_ports => [80, 443, 4155] } class { 'backup': - backup_user => 'bup-jenkins-dev' + backup_user => 'bup-jenkins-dev', + backup_server => 'ci-backup-rs-ord.openstack.org' } class { 'jenkins_master': site => 'jenkins-dev.openstack.org', @@ -250,8 +156,8 @@ node "jenkins-dev.openstack.org" { } node "community.openstack.org" { - include remove_openstack_cron - class { 'openstack_server': + include openstack_project::remove_cron + class { 'openstack_project::server': iptables_public_tcp_ports => [80, 443, 8099, 8080] } @@ -261,7 +167,7 @@ node "community.openstack.org" { } node "ci-puppetmaster.openstack.org" { - class { 'openstack_server': + class { 'openstack_project::server': iptables_public_tcp_ports => [8140] } cron { "updatepuppetmaster": @@ -273,22 +179,21 @@ node "ci-puppetmaster.openstack.org" { } -node "lists.openstack.org" { - include remove_openstack_cron +$sysadmins = $openstack_project::sysadmins - # Using openstack_template instead of openstack_server +node "lists.openstack.org" { + include openstack_project::remove_cron + + # Using openstack_project::template instead of openstack_project::server # because the exim config on this machine is almost certainly # going to be more complicated than normal. - class { 'openstack_template': + class { 'openstack_project::template': iptables_public_tcp_ports => [25, 80, 465] } + $sysadmins += ['duncan@dreamhost.com'] class { 'exim': - sysadmin => ['corvus@inaugust.com', - 'mordred@inaugust.com', - 'andrew@linuxjedi.co.uk', - 'devananda.vdv@gmail.com', - 'duncan@dreamhost.com'], + sysadmin => $sysadmins, mailman_domains => ['lists.openstack.org'], } @@ -302,16 +207,14 @@ node "lists.openstack.org" { } node "docs.openstack.org" { - include remove_openstack_cron - class { 'openstack_server': - iptables_public_tcp_ports => [] - } + include openstack_project::remove_cron + include openstack_project::server include doc_server } node "paste.openstack.org" { - include remove_openstack_cron - class { 'openstack_server': + include openstack_project::remove_cron + class { 'openstack_project::server': iptables_public_tcp_ports => [80] } include lodgeit @@ -327,8 +230,8 @@ node "paste.openstack.org" { } node "planet.openstack.org" { - include remove_openstack_cron - class { 'openstack_server': + include openstack_project::remove_cron + class { 'openstack_project::server': iptables_public_tcp_ports => [80] } include planet @@ -339,8 +242,8 @@ node "planet.openstack.org" { } node "eavesdrop.openstack.org" { - include remove_openstack_cron - class { 'openstack_server': + include openstack_project::remove_cron + class { 'openstack_project::server': iptables_public_tcp_ports => [80] } include meetbot @@ -357,7 +260,7 @@ node "eavesdrop.openstack.org" { } node "pypi.openstack.org" { - include remove_openstack_cron + include openstack_project::remove_cron # include jenkins slave so that build deps are there for the pip download class { 'jenkins_slave': @@ -365,19 +268,19 @@ node "pypi.openstack.org" { user => false } - class { 'openstack_server': + class { 'openstack_project::server': iptables_public_tcp_ports => [80] } class { "pypimirror": base_url => "http://pypi.openstack.org", - projects => $openstack_project_list, + projects => $openstack_project::project_list, } } node 'etherpad.openstack.org' { - include remove_openstack_cron - class { 'openstack_server': + include openstack_project::remove_cron + class { 'openstack_project::server': iptables_public_tcp_ports => [22, 80, 443] } @@ -396,8 +299,8 @@ node 'etherpad.openstack.org' { } node 'wiki.openstack.org' { - include remove_openstack_cron - class { 'openstack_server': + include openstack_project::remove_cron + class { 'openstack_project::server': iptables_public_tcp_ports => [80, 443] } @@ -408,11 +311,11 @@ node 'wiki.openstack.org' { # A bare machine, but with a jenkins user node /^.*\.template\.openstack\.org$/ { - class { 'openstack_template': + class { 'openstack_project::template': iptables_public_tcp_ports => [] } class { 'jenkins_slave': - ssh_key => $jenkins_ssh_key, + ssh_key => $openstack_project::jenkins_ssh_key, sudo => true, bare => true } @@ -420,7 +323,7 @@ node /^.*\.template\.openstack\.org$/ { # A backup machine. Don't run cron or puppet agent on it. node /^ci-backup-.*\.openstack\.org$/ { - class { 'openstack_template': + class { 'openstack_project::template': iptables_public_tcp_ports => [] } } @@ -431,8 +334,8 @@ node /^ci-backup-.*\.openstack\.org$/ { # Test cgroups and ulimits on precise8 node 'precise8.slave.openstack.org' { - include openstack_cron - include openstack_jenkins_slave + include openstack_project::puppet_cron + include openstack_project::jenkins_slave include ulimit ulimit::conf { 'limit_jenkins_procs': @@ -445,16 +348,15 @@ node 'precise8.slave.openstack.org' { } node /^.*\.slave\.openstack\.org$/ { - include openstack_cron - include openstack_jenkins_slave - + include openstack_project::puppet_cron + include openstack_project::jenkins_slave } # bare-bones slaves spun up by jclouds. Specifically need to not set ssh # login limits, because it screws up jclouds provisioning node /^.*\.jclouds\.openstack\.org$/ { - include openstack_base + include openstack_project::base class { 'jenkins_slave': ssh_key => "", diff --git a/modules/backup/manifests/init.pp b/modules/backup/manifests/init.pp new file mode 100644 index 0000000000..1bcbad175b --- /dev/null +++ b/modules/backup/manifests/init.pp @@ -0,0 +1,29 @@ +class backup ($backup_user, $backup_server) { + package { "bup": + ensure => present + } + + file { "/etc/bup-excludes": + ensure => present, + content => "/proc/* +/sys/* +/dev/* +/tmp/* +/floppy/* +/cdrom/* +/var/spool/squid/* +/var/spool/exim/* +/media/* +/mnt/* +/var/agentx/* +/run/* +" + } + + cron { "bup-rs-ord": + user => root, + hour => "5", + minute => "37", + command => "tar -X /etc/bup-excludes -cPf - / | bup split -r $backup_user@$backup_server: -n root -q", + } +} diff --git a/modules/openstack-ci-config/README b/modules/openstack_project/README similarity index 100% rename from modules/openstack-ci-config/README rename to modules/openstack_project/README diff --git a/modules/openstack-ci-config/files/jenkins/jenkins.default b/modules/openstack_project/files/jenkins/jenkins.default similarity index 100% rename from modules/openstack-ci-config/files/jenkins/jenkins.default rename to modules/openstack_project/files/jenkins/jenkins.default diff --git a/modules/openstack-ci-config/files/zuul/layout.yaml b/modules/openstack_project/files/zuul/layout.yaml similarity index 100% rename from modules/openstack-ci-config/files/zuul/layout.yaml rename to modules/openstack_project/files/zuul/layout.yaml diff --git a/modules/openstack-ci-config/files/zuul/logging.conf b/modules/openstack_project/files/zuul/logging.conf similarity index 100% rename from modules/openstack-ci-config/files/zuul/logging.conf rename to modules/openstack_project/files/zuul/logging.conf diff --git a/modules/openstack-ci-config/files/zuul/openstack_functions.py b/modules/openstack_project/files/zuul/openstack_functions.py similarity index 100% rename from modules/openstack-ci-config/files/zuul/openstack_functions.py rename to modules/openstack_project/files/zuul/openstack_functions.py diff --git a/modules/openstack_project/manifests/base.pp b/modules/openstack_project/manifests/base.pp new file mode 100644 index 0000000000..31b86b0058 --- /dev/null +++ b/modules/openstack_project/manifests/base.pp @@ -0,0 +1,31 @@ +class openstack_project::base { + include openstack_project::users + include sudoers + + file { '/etc/profile.d/Z98-byobu.sh': + ensure => 'absent' + } + + package { "popularity-contest": + ensure => purged + } + + $packages = ["puppet", + "git", + "python-setuptools", + "python-virtualenv", + "python-software-properties", + "bzr", + "byobu", + "emacs23-nox"] + package { $packages: ensure => "present" } + + realize ( + User::Virtual::Localuser["mordred"], + User::Virtual::Localuser["corvus"], + User::Virtual::Localuser["soren"], + User::Virtual::Localuser["linuxjedi"], + User::Virtual::Localuser["devananda"], + User::Virtual::Localuser["clarkb"], + ) +} diff --git a/manifests/openstack.pp b/modules/openstack_project/manifests/init.pp similarity index 62% rename from manifests/openstack.pp rename to modules/openstack_project/manifests/init.pp index d69cfaca0f..eb514810a0 100644 --- a/manifests/openstack.pp +++ b/modules/openstack_project/manifests/init.pp @@ -1,6 +1,14 @@ -import "users" +class openstack_project { -$openstack_project_list = [ { + $jenkins_ssh_key = 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtioTW2wh3mBRuj+R0Jyb/mLt5sjJ8dEvYyA8zfur1dnqEt5uQNLacW4fHBDFWJoLHfhdfbvray5wWMAcIuGEiAA2WEH23YzgIbyArCSI+z7gB3SET8zgff25ukXlN+1mBSrKWxIza+tB3NU62WbtO6hmelwvSkZ3d7SDfHxrc4zEpmHDuMhxALl8e1idqYzNA+1EhZpbcaf720mX+KD3oszmY2lqD1OkKMquRSD0USXPGlH3HK11MTeCArKRHMgTdIlVeqvYH0v0Wd1w/8mbXgHxfGzMYS1Ej0fzzJ0PC5z5rOqsMqY1X2aC1KlHIFLAeSf4Cx0JNlSpYSrlZ/RoiQ== hudson@hudson' + + $sysadmin = ['corvus@inaugust.com', + 'mordred@inaugust.com', + 'andrew@linuxjedi.co.uk', + 'devananda.vdv@gmail.com', + 'clark.boylan@gmail.com'] + + $project_list = [ { name => 'openstack/keystone', close_pull => 'true' }, { @@ -116,76 +124,4 @@ $openstack_project_list = [ { close_pull => 'true' } ] - -# -# Abstract classes: -# -class openstack_base { - include openstack_project::users - include sudoers - - file { '/etc/profile.d/Z98-byobu.sh': - ensure => 'absent' - } - - package { "popularity-contest": - ensure => purged - } - - $packages = ["puppet", - "git", - "python-setuptools", - "python-virtualenv", - "python-software-properties", - "bzr", - "byobu", - "emacs23-nox"] - package { $packages: ensure => "present" } - - realize ( - User::Virtual::Localuser["mordred"], - User::Virtual::Localuser["corvus"], - User::Virtual::Localuser["soren"], - User::Virtual::Localuser["linuxjedi"], - User::Virtual::Localuser["devananda"], - User::Virtual::Localuser["clarkb"], - ) -} - -# A template host with no running services -class openstack_template ($iptables_public_tcp_ports) { - include openstack_base - include ssh - include snmpd - include apt::unattended-upgrades - - class { 'iptables': - public_tcp_ports => $iptables_public_tcp_ports, - } - - package { "ntp": - ensure => installed - } - - service { 'ntpd': - name => 'ntp', - ensure => running, - enable => true, - hasrestart => true, - require => Package['ntp'], - } -} - -# A server that we expect to run for some time -class openstack_server ($iptables_public_tcp_ports) { - class { 'openstack_template': - iptables_public_tcp_ports => $iptables_public_tcp_ports - } - class { 'exim': - sysadmin => ['corvus@inaugust.com', - 'mordred@inaugust.com', - 'andrew@linuxjedi.co.uk', - 'devananda.vdv@gmail.com', - 'clark.boylan@gmail.com'] - } } diff --git a/modules/openstack_project/manifests/jenkins_slave.pp b/modules/openstack_project/manifests/jenkins_slave.pp new file mode 100644 index 0000000000..d933af693e --- /dev/null +++ b/modules/openstack_project/manifests/jenkins_slave.pp @@ -0,0 +1,12 @@ +class openstack_project::jenkins_slave { + include tmpreaper + include apt::unattended-upgrades + class { 'openstack_server': + iptables_public_tcp_ports => [] + } + class { 'jenkins_slave': + ssh_key => $openstack_project::jenkins_ssh_key + } +} + + diff --git a/modules/openstack_project/manifests/puppet_cron.pp b/modules/openstack_project/manifests/puppet_cron.pp new file mode 100644 index 0000000000..9bccf8dfc0 --- /dev/null +++ b/modules/openstack_project/manifests/puppet_cron.pp @@ -0,0 +1,16 @@ +class openstack_project::puppet_cron { + include logrotate + include puppetboot + cron { "updatepuppet": + user => root, + minute => "*/15", + command => 'apt-get update >/dev/null 2>&1 ; sleep $((RANDOM\%600)) && cd /root/openstack-ci-puppet && /usr/bin/git pull -q && puppet apply -l /var/log/manifest.log --modulepath=/root/openstack-ci-puppet/modules manifests/site.pp', + environment => "PATH=/var/lib/gems/1.8/bin:/usr/bin:/bin:/usr/sbin:/sbin", + } + logrotate::file { 'updatepuppet': + log => '/var/log/manifest.log', + options => ['compress', 'delaycompress', 'missingok', 'rotate 7', 'daily', 'notifempty'], + require => Cron['updatepuppet'], + } +} + diff --git a/modules/openstack_project/manifests/remove_cron.pp b/modules/openstack_project/manifests/remove_cron.pp new file mode 100644 index 0000000000..252285abc6 --- /dev/null +++ b/modules/openstack_project/manifests/remove_cron.pp @@ -0,0 +1,14 @@ +class openstack_project::remove_cron { + cron { "updatepuppet": + ensure => absent + } + + file { '/etc/init/puppetboot.conf': + ensure => absent + } + + file { "/etc/logrotate.d/updatepuppet": + ensure => absent + } +} + diff --git a/modules/openstack_project/manifests/server.pp b/modules/openstack_project/manifests/server.pp new file mode 100644 index 0000000000..25bbbd7640 --- /dev/null +++ b/modules/openstack_project/manifests/server.pp @@ -0,0 +1,9 @@ +# A server that we expect to run for some time +class openstack_project::server ($iptables_public_tcp_ports = []) { + class { 'openstack_project::template': + iptables_public_tcp_ports => $iptables_public_tcp_ports + } + class { 'exim': + sysadmin => $openstack_project::sysadmins + } +} diff --git a/modules/openstack_project/manifests/template.pp b/modules/openstack_project/manifests/template.pp new file mode 100644 index 0000000000..5b2cb97c07 --- /dev/null +++ b/modules/openstack_project/manifests/template.pp @@ -0,0 +1,23 @@ +# A template host with no running services +class openstack_project::template ($iptables_public_tcp_ports) { + include openstack_project::base + include ssh + include snmpd + include apt::unattended-upgrades + + class { 'iptables': + public_tcp_ports => $iptables_public_tcp_ports, + } + + package { "ntp": + ensure => installed + } + + service { 'ntpd': + name => 'ntp', + ensure => running, + enable => true, + hasrestart => true, + require => Package['ntp'], + } +} diff --git a/manifests/users.pp b/modules/openstack_project/manifests/users.pp similarity index 100% rename from manifests/users.pp rename to modules/openstack_project/manifests/users.pp diff --git a/modules/openstack_project/manifests/zuul.pp b/modules/openstack_project/manifests/zuul.pp new file mode 100644 index 0000000000..681b2cf169 --- /dev/null +++ b/modules/openstack_project/manifests/zuul.pp @@ -0,0 +1,19 @@ +class openstack_project::zuul { + class { 'zuul': } + file { "/etc/zuul/layout.yaml": + ensure => 'present', + source => 'puppet:///modules/openstack_ci/zuul/layout.yaml' + } + file { "/etc/zuul/openstack_functions.py": + ensure => 'present', + source => 'puppet:///modules/openstack_ci/zuul/openstack_functions.py' + } + file { "/etc/zuul/logging.conf": + ensure => 'present', + source => 'puppet:///modules/openstack_ci/zuul/logging.conf' + } + file { "/etc/default/jenkins": + ensure => 'present', + source => 'puppet:///modules/openstack_ci/jenkins/jenkins.default' + } +}