opendev
/
puppet-nodepool
Code Issues Proposed changes
puppet-nodepool/manifests/init.pp

337 lines
8.6 KiB
Puppet
Raw Blame History

# Copyright 2012-2013 Hewlett-Packard Development Company, L.P.
# Copyright 2012 Antoine "hashar" Musso
# Copyright 2012 Wikimedia Foundation Inc.
# Copyright 2013 OpenStack Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# == Class: nodepool
#
class nodepool (
$mysql_root_password,
$mysql_password,
$nodepool_ssh_private_key,
$nodepool_ssh_public_key = undef,
$git_source_repo = 'https://git.openstack.org/openstack-infra/nodepool',
$revision = 'master',
$statsd_host = undef,
$vhost_name = $::fqdn,
$image_log_document_root = '/var/log/nodepool/image',
$image_log_periodic_cleanup = false,
$enable_image_log_via_http = false,
$environment = {},
# enable sudo for nodepool user. Useful for using dib with nodepool
$sudo = true,
$scripts_dir = undef,
$elements_dir = undef,
$logging_conf_template = 'nodepool/nodepool.logging.conf.erb',
$builder_logging_conf_template = 'nodepool/nodepool-builder.logging.conf.erb',
$jenkins_masters = [],
$build_workers = '1',
$upload_workers = '4',
$install_mysql = true,
$mysql_db_name = 'nodepool',
$mysql_host = 'localhost',
$mysql_user_name = 'nodepool',
) {
if($install_mysql) {
class { '::nodepool::mysql' :
mysql_db_name => $mysql_db_name,
mysql_root_password => $mysql_root_password,
mysql_user_host => $mysql_host,
mysql_user_name => $mysql_user_name,
mysql_password => $mysql_password,
}
}
$packages = [
'libffi-dev',
'libssl-dev',
'libgmp-dev', # transitive dep of paramiko
# xml2 and xslt are needed to build python lxml.
'libxml2-dev',
'libxslt-dev',
]
ensure_packages($packages, {'ensure' => 'present'})
if ! defined(Package['build-essential']) {
package { 'build-essential':
ensure => present,
}
}
file { '/etc/mysql/conf.d/max_connections.cnf':
ensure => present,
content => "[server]\nmax_connections = 8192\n",
mode => '0444',
owner => 'root',
group => 'root',
}
user { 'nodepool':
ensure => present,
home => '/home/nodepool',
shell => '/bin/bash',
gid => 'nodepool',
managehome => true,
require => Group['nodepool'],
}
group { 'nodepool':
ensure => present,
}
vcsrepo { '/opt/nodepool':
ensure => latest,
provider => git,
revision => $revision,
source => $git_source_repo,
}
include ::diskimage_builder
include ::pip
exec { 'install_nodepool' :
command => 'pip install -U /opt/nodepool',
path => '/usr/local/bin:/usr/bin:/bin/',
refreshonly => true,
subscribe => Vcsrepo['/opt/nodepool'],
require => [
Class['pip'],
Package['build-essential'],
Package['libffi-dev'],
Package['libssl-dev'],
Package['libxml2-dev'],
Package['libxslt-dev'],
Package['libgmp-dev'],
],
}
file { '/etc/nodepool':
ensure => directory,
}
if ($scripts_dir != undef) {
file { '/etc/nodepool/scripts':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
recurse => true,
purge => true,
force => true,
require => File['/etc/nodepool'],
source => $scripts_dir,
}
}
if ($elements_dir != undef) {
file { '/etc/nodepool/elements':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
recurse => true,
purge => true,
force => true,
require => File['/etc/nodepool'],
source => $elements_dir
}
}
file { '/etc/default/nodepool':
ensure => present,
content => template('nodepool/nodepool.default.erb'),
mode => '0444',
owner => 'root',
group => 'root',
}
# used for storage of d-i-b images in non-ephemeral partition
file { '/opt/nodepool_dib':
ensure => directory,
mode => '0755',
owner => 'nodepool',
group => 'nodepool',
require => User['nodepool'],
}
# used for storage of d-i-b cached data
file { '/opt/dib_cache':
ensure => directory,
mode => '0755',
owner => 'nodepool',
group => 'nodepool',
require => User['nodepool'],
}
# used as TMPDIR during d-i-b image builds
file { '/opt/dib_tmp':
ensure => directory,
mode => '0755',
owner => 'nodepool',
group => 'nodepool',
require => User['nodepool'],
}
file { '/var/log/nodepool':
ensure => directory,
mode => '0755',
owner => 'nodepool',
group => 'nodepool',
require => User['nodepool'],
}
file { '/var/run/nodepool':
ensure => directory,
mode => '0755',
owner => 'nodepool',
group => 'nodepool',
require => User['nodepool'],
}
file { '/home/nodepool/.ssh':
ensure => directory,
mode => '0500',
owner => 'nodepool',
group => 'nodepool',
require => User['nodepool'],
}
file { '/home/nodepool/.ssh/id_rsa':
ensure => present,
content => $nodepool_ssh_private_key,
mode => '0400',
owner => 'nodepool',
group => 'nodepool',
require => File['/home/nodepool/.ssh'],
}
if ($nodepool_ssh_public_key != undef) {
file { '/home/nodepool/.ssh/id_rsa.pub':
ensure => present,
content => $nodepool_ssh_public_key,
mode => '0644',
owner => 'nodepool',
group => 'nodepool',
require => File['/home/nodepool/.ssh'],
}
}
file { '/home/nodepool/.ssh/config':
ensure => present,
source => 'puppet:///modules/nodepool/ssh.config',
mode => '0440',
owner => 'nodepool',
group => 'nodepool',
require => File['/home/nodepool/.ssh'],
}
file { '/etc/nodepool/logging.conf':
ensure => present,
mode => '0444',
owner => 'root',
group => 'root',
content => template($logging_conf_template),
}
validate_array($jenkins_masters)
file { '/etc/nodepool/secure.conf':
ensure => present,
owner => 'nodepool',
group => 'root',
mode => '0400',
content => template('nodepool/secure.conf.erb'),
require => [
File['/etc/nodepool'],
User['nodepool'],
],
}
file { '/etc/init.d/nodepool':
ensure => present,
mode => '0555',
owner => 'root',
group => 'root',
source => 'puppet:///modules/nodepool/nodepool.init',
}
service { 'nodepool':
name => 'nodepool',
enable => true,
hasrestart => true,
require => File['/etc/init.d/nodepool'],
}
if $enable_image_log_via_http == true {
# Setup apache for image log access
include ::httpd
::httpd::vhost { $vhost_name:
port => 80,
priority => '50',
docroot => 'MEANINGLESS_ARGUMENT',
template => 'nodepool/nodepool-log.vhost.erb',
}
}
if $image_log_document_root != '/var/log/nodepool' {
file { $image_log_document_root:
ensure => directory,
mode => '0755',
owner => 'nodepool',
group => 'nodepool',
require => [
User['nodepool'],
File['/var/log/nodepool'],
],
}
}
# run a cleanup on the image log directory to cleanup logs for
# images that are no longer being built
if $image_log_periodic_cleanup == true {
cron { 'image_log_cleanup':
user => 'nodepool',
hour => '1',
minute => '0',
command => "find ${image_log_document_root} \\( -name '*.log' -o -name '*.log.*' \\) -mtime +7 -execdir rm {} \\;",
environment => 'PATH=/usr/bin:/bin:/usr/sbin:/sbin',
}
}
if $sudo == true {
$sudo_file_ensure = present
}
else {
$sudo_file_ensure = absent
}
file { '/etc/sudoers.d/nodepool-sudo':
ensure => $sudo_file_ensure,
source => 'puppet:///modules/nodepool/nodepool-sudo.sudo',
owner => 'root',
group => 'root',
mode => '0440',
}
class { '::nodepool::builder':
statsd_host => $statsd_host,
environment => $environment,
builder_logging_conf_template => $builder_logging_conf_template,
build_workers => $build_workers,
upload_workers => $upload_workers,
}
}
View Git Blame Copy Permalink