Make ansible speak to appropriate puppetmaster
With split puppet master infrastructure ansible needs to be told which puppetmaster to talk to. Do this by making puppetmaster a required argument to the puppet ansible playbook. Since we can't rely on the cert listing while this is happening also add puppet master specific host list files which can be used to specify which hosts talk to which puppetmaster via the new ansible playbook feature. Change-Id: I412c2bd6cb390d00d1b9d0e4630e75776edabbb9
This commit is contained in:
parent
e6775bd7b5
commit
07d8b0ff24
@ -53,6 +53,7 @@ def main():
|
|||||||
module = AnsibleModule(
|
module = AnsibleModule(
|
||||||
argument_spec=dict(
|
argument_spec=dict(
|
||||||
timeout=dict(default="30m"),
|
timeout=dict(default="30m"),
|
||||||
|
puppetmaster=dict(required=True),
|
||||||
show_diff=dict(
|
show_diff=dict(
|
||||||
default=False, aliases=['show-diff'], type='bool'),
|
default=False, aliases=['show-diff'], type='bool'),
|
||||||
),
|
),
|
||||||
@ -67,9 +68,11 @@ def main():
|
|||||||
msg="Could not find puppet. Please ensure it is installed.")
|
msg="Could not find puppet. Please ensure it is installed.")
|
||||||
|
|
||||||
cmd = ("timeout -s 9 %(timeout)s %(puppet_cmd)s agent --onetime"
|
cmd = ("timeout -s 9 %(timeout)s %(puppet_cmd)s agent --onetime"
|
||||||
|
" --server %(puppetmaster)s"
|
||||||
" --ignorecache --no-daemonize --no-usecacheonfailure --no-splay"
|
" --ignorecache --no-daemonize --no-usecacheonfailure --no-splay"
|
||||||
" --detailed-exitcodes --verbose") % dict(
|
" --detailed-exitcodes --verbose") % dict(
|
||||||
timeout=pipes.quote(p['timeout']), puppet_cmd=PUPPET_CMD)
|
timeout=pipes.quote(p['timeout']), puppet_cmd=PUPPET_CMD,
|
||||||
|
puppetmaster=pipes.quote(p['puppetmaster']))
|
||||||
if p['show_diff']:
|
if p['show_diff']:
|
||||||
cmd += " --show-diff"
|
cmd += " --show-diff"
|
||||||
rc, stdout, stderr = module.run_command(cmd)
|
rc, stdout, stderr = module.run_command(cmd)
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
# == Class: ansible
|
# == Class: ansible
|
||||||
#
|
#
|
||||||
class ansible {
|
class ansible (
|
||||||
|
$ansible_hostfile = '/usr/local/bin/puppet-inventory'
|
||||||
|
) {
|
||||||
|
|
||||||
include logrotate
|
include logrotate
|
||||||
include pip
|
include pip
|
||||||
@ -18,7 +20,10 @@ class ansible {
|
|||||||
|
|
||||||
file { '/etc/ansible/ansible.cfg':
|
file { '/etc/ansible/ansible.cfg':
|
||||||
ensure => present,
|
ensure => present,
|
||||||
source => 'puppet:///modules/ansible/ansible.cfg',
|
mode => '0644',
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
content => template('ansible/ansible.cfg.erb'),
|
||||||
require => File['/etc/ansible'],
|
require => File['/etc/ansible'],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
[defaults]
|
[defaults]
|
||||||
hostfile=/usr/local/bin/puppet-inventory
|
hostfile=<%= @ansible_hostfile %>
|
||||||
library=/usr/share/ansible:/etc/ansible/library
|
library=/usr/share/ansible:/etc/ansible/library
|
||||||
log_path=/var/log/ansible.log
|
log_path=/var/log/ansible.log
|
14
modules/openstack_project/files/ansible/remote_puppet2.yaml
Normal file
14
modules/openstack_project/files/ansible/remote_puppet2.yaml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
---
|
||||||
|
- hosts: git0*
|
||||||
|
gather_facts: false
|
||||||
|
max_fail_percentage: 1
|
||||||
|
roles:
|
||||||
|
- { role: puppet, puppetmaster: ci-puppetmaster.openstack.org }
|
||||||
|
- hosts: review.openstack.org
|
||||||
|
gather_facts: false
|
||||||
|
roles:
|
||||||
|
- { role: puppet, puppetmaster: ci-puppetmaster.openstack.org }
|
||||||
|
- hosts: "!review.openstack.org:!git0*"
|
||||||
|
gather_facts: false
|
||||||
|
roles:
|
||||||
|
- { role: puppet, puppetmaster: ci-puppetmaster.openstack.org }
|
@ -3,12 +3,12 @@
|
|||||||
gather_facts: false
|
gather_facts: false
|
||||||
max_fail_percentage: 1
|
max_fail_percentage: 1
|
||||||
roles:
|
roles:
|
||||||
- puppet
|
- { role: puppet, puppetmaster: puppetmaster.openstack.org }
|
||||||
- hosts: review.openstack.org
|
- hosts: review.openstack.org
|
||||||
gather_facts: false
|
gather_facts: false
|
||||||
roles:
|
roles:
|
||||||
- puppet
|
- { role: puppet, puppetmaster: puppetmaster.openstack.org }
|
||||||
- hosts: "!review.openstack.org:!git0*"
|
- hosts: "!review.openstack.org:!git0*"
|
||||||
gather_facts: false
|
gather_facts: false
|
||||||
roles:
|
roles:
|
||||||
- puppet
|
- { role: puppet, puppetmaster: puppetmaster.openstack.org }
|
@ -9,7 +9,6 @@ class openstack_project::puppetmaster (
|
|||||||
$puppetdb = true,
|
$puppetdb = true,
|
||||||
$puppetdb_server = 'puppetdb.openstack.org',
|
$puppetdb_server = 'puppetdb.openstack.org',
|
||||||
) {
|
) {
|
||||||
include ansible
|
|
||||||
include logrotate
|
include logrotate
|
||||||
include openstack_project::params
|
include openstack_project::params
|
||||||
|
|
||||||
@ -20,6 +19,25 @@ class openstack_project::puppetmaster (
|
|||||||
ca_server => $ca_server,
|
ca_server => $ca_server,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($version == '2.7.'){
|
||||||
|
$ansible_remote_puppet_source = 'puppet:///modules/openstack_project/ansible/remote_puppet2.yaml'
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$ansible_remote_puppet_source = 'puppet:///modules/openstack_project/ansible/remote_puppet3.yaml'
|
||||||
|
}
|
||||||
|
|
||||||
|
class { 'ansible':
|
||||||
|
ansible_hostfile => '/etc/ansible/hostfile',
|
||||||
|
}
|
||||||
|
|
||||||
|
file { '/etc/ansible/hostfile':
|
||||||
|
ensure => present,
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => '0644',
|
||||||
|
require => Class['ansible'],
|
||||||
|
}
|
||||||
|
|
||||||
if ($update_slave) {
|
if ($update_slave) {
|
||||||
$cron_command = 'bash /opt/config/production/run_all.sh'
|
$cron_command = 'bash /opt/config/production/run_all.sh'
|
||||||
logrotate::file { 'updatepuppetmaster':
|
logrotate::file { 'updatepuppetmaster':
|
||||||
@ -123,7 +141,7 @@ class openstack_project::puppetmaster (
|
|||||||
#
|
#
|
||||||
file { '/etc/ansible/remote_puppet.yaml':
|
file { '/etc/ansible/remote_puppet.yaml':
|
||||||
ensure => present,
|
ensure => present,
|
||||||
source => 'puppet:///modules/openstack_project/ansible/remote_puppet.yaml',
|
source => $ansible_remote_puppet_source,
|
||||||
require => Class[ansible],
|
require => Class[ansible],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user