From 6000c580abcdccd871cfc4ccfc9818e22624cdeb Mon Sep 17 00:00:00 2001 From: George Peristerakis Date: Fri, 22 May 2015 11:41:31 -0400 Subject: [PATCH] Moved the server class out from the logstash and logstash_worker class Change-Id: I96df327f278714fb393dca887b8db1e01ca7504d Story: 2000172 Spec: http://specs.openstack.org/openstack-infra/infra-specs/specs/server_base_template_refactor.html --- manifests/site.pp | 39 +++++++++++++------ .../openstack_project/manifests/logstash.pp | 13 ------- .../manifests/logstash_worker.pp | 11 ------ 3 files changed, 28 insertions(+), 35 deletions(-) diff --git a/manifests/site.pp b/manifests/site.pp index 9f26a6e91a..97b363c7b2 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -315,11 +315,21 @@ node 'wiki.openstack.org' { # Node-OS: precise node 'logstash.openstack.org' { + $iptables_es_rule = regsubst($elasticsearch_nodes, + '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 9200:9400 -s \1 -j ACCEPT') + $iptables_gm_rule = regsubst($elasticsearch_clients, + '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 4730 -s \1 -j ACCEPT') + $logstash_iptables_rule = flatten([$iptables_es_rule, $iptables_gm_rule]) + + class { 'openstack_project::server': + iptables_public_tcp_ports => [22, 80, 3306], + iptables_rules6 => $logstash_iptables_rule, + iptables_rules4 => $logstash_iptables_rule, + sysadmins => hiera('sysadmins', []), + } + class { 'openstack_project::logstash': - sysadmins => hiera('sysadmins', []), - elasticsearch_nodes => $elasticsearch_nodes, - gearman_workers => $elasticsearch_clients, - discover_nodes => [ + discover_nodes => [ 'elasticsearch02.openstack.org:9200', 'elasticsearch03.openstack.org:9200', 'elasticsearch04.openstack.org:9200', @@ -327,18 +337,25 @@ node 'logstash.openstack.org' { 'elasticsearch06.openstack.org:9200', 'elasticsearch07.openstack.org:9200', ], - subunit2sql_db_host => hiera('subunit2sql_db_host', ''), - subunit2sql_db_pass => hiera('subunit2sql_db_password', ''), + subunit2sql_db_host => hiera('subunit2sql_db_host', ''), + subunit2sql_db_pass => hiera('subunit2sql_db_password', ''), } } # Node-OS: precise node /^logstash-worker\d+\.openstack\.org$/ { - $group = "logstash-worker" + $logstash_worker_iptables_rule = regsubst(flatten([$elasticsearch_nodes, $elasticsearch_clients]), + '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 9200:9400 -s \1 -j ACCEPT') + $group = 'logstash-worker' + + class { 'openstack_project::server': + iptables_public_tcp_ports => [22], + iptables_rules6 => $logstash_worker_iptables_rule, + iptables_rules4 => $logstash_worker_iptables_rule, + sysadmins => hiera('sysadmins', []), + } + class { 'openstack_project::logstash_worker': - sysadmins => hiera('sysadmins', []), - elasticsearch_nodes => $elasticsearch_nodes, - elasticsearch_clients => $elasticsearch_clients, discover_node => 'elasticsearch02.openstack.org', } } @@ -347,7 +364,7 @@ node /^logstash-worker\d+\.openstack\.org$/ { node /^subunit-worker\d+\.openstack\.org$/ { $group = "subunit-worker" class { 'openstack_project::subunit_worker': - sysadmins => hiera('sysadmins', []), + sysadmins => hiera('sysadmins', []), subunit2sql_db_host => hiera('subunit2sql_db_host', ''), subunit2sql_db_pass => hiera('subunit2sql_db_password', ''), } diff --git a/modules/openstack_project/manifests/logstash.pp b/modules/openstack_project/manifests/logstash.pp index 4584515d4e..19bcf13296 100644 --- a/modules/openstack_project/manifests/logstash.pp +++ b/modules/openstack_project/manifests/logstash.pp @@ -15,24 +15,11 @@ # Logstash web frontend glue class. # class openstack_project::logstash ( - $elasticsearch_nodes = [], - $gearman_workers = [], $discover_nodes = ['elasticsearch01.openstack.org:9200'], $statsd_host = 'graphite.openstack.org', - $sysadmins = [], $subunit2sql_db_host, $subunit2sql_db_pass, ) { - $iptables_es_rule = regsubst ($elasticsearch_nodes, '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 9200:9400 -s \1 -j ACCEPT') - $iptables_gm_rule = regsubst ($gearman_workers, '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 4730 -s \1 -j ACCEPT') - $iptables_rule = flatten([$iptables_es_rule, $iptables_gm_rule]) - class { 'openstack_project::server': - iptables_public_tcp_ports => [22, 80, 3306], - iptables_rules6 => $iptables_rule, - iptables_rules4 => $iptables_rule, - sysadmins => $sysadmins, - } - class { 'logstash::web': frontend => 'kibana', discover_nodes => $discover_nodes, diff --git a/modules/openstack_project/manifests/logstash_worker.pp b/modules/openstack_project/manifests/logstash_worker.pp index 17fc6933ea..6c80998a13 100644 --- a/modules/openstack_project/manifests/logstash_worker.pp +++ b/modules/openstack_project/manifests/logstash_worker.pp @@ -15,19 +15,8 @@ # Logstash indexer worker glue class. # class openstack_project::logstash_worker ( - $elasticsearch_nodes = [], - $elasticsearch_clients = [], $discover_node = 'elasticsearch01.openstack.org', - $sysadmins = [] ) { - $iptables_rule = regsubst (flatten([$elasticsearch_nodes, $elasticsearch_clients]) , '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 9200:9400 -s \1 -j ACCEPT') - class { 'openstack_project::server': - iptables_public_tcp_ports => [22], - iptables_rules6 => $iptables_rule, - iptables_rules4 => $iptables_rule, - sysadmins => $sysadmins, - } - file { '/etc/default/logstash-indexer': ensure => present, owner => 'root',