kerberos: switch servers to Ansible control

This is a follow-on to I60b40897486b29beafc76025790c501b5055313d to switch the KDC servers to Ansible control and remove any related puppet configuration. Change-Id: Ib8f6ec657ca10a3ba648bd154a035fc3d8da4be5
2021-03-11 13:32:03 +11:00 · 2021-03-11 13:32:03 +11:00 · 2254b6e43d
commit 2254b6e43d
parent c1aff2ed38
3 changed files with 7 additions and 37 deletions
--- a/inventory/service/groups.yaml
+++ b/inventory/service/groups.yaml
@ -72,8 +72,13 @@ groups:
    - health[0-9]*.openstack.org
  jvb:
    - jvb[0-9]*.opendev.org
-  kdc:
-    - kdc[0-9]*.open*.org
+  kerberos-kdc:
+    - kdc03.openstack.org
+    - kdc04.openstack.org
+  kerberos-kdc-primary:
+    - kdc03.openstack.org
+  kerberos-kdc-replica:
+    - kdc04.openstack.org
  letsencrypt:
    - codesearch[0-9]*.opendev.org
    - etherpad[0-9]*.opendev.org
@ -130,7 +135,6 @@ groups:
    - ethercalc[0-9]*.open*.org
    - firehose[0-9]*.open*.org
    - health[0-9]*.openstack.org
-    - kdc[0-9]*.open*.org
    - lists*.katacontainers.io
    - lists*.open*.org
    - logstash-worker[0-9]*.open*.org
@ -161,7 +165,6 @@ groups:
    - ethercalc[0-9]*.open*.org
    - firehose[0-9]*.open*.org
    - health[0-9]*.openstack.org
-    - kdc[0-9]*.open*.org
    - lists*.katacontainers.io
    - lists*.open*.org
    - lists-dev[0-9]*.open*.org
--- a/manifests/site.pp
+++ b/manifests/site.pp
@ -458,22 +458,6 @@ node /^openstackid-dev\d*\.openstack\.org$/ {
  }
 }

-# Node-OS: xenial
-node /^kdc03\.open.*\.org$/ {
-  class { 'openstack_project::server': }
-
-  class { 'openstack_project::kdc': }
-}
-
-# Node-OS: xenial
-node /^kdc04\.open.*\.org$/ {
-  class { 'openstack_project::server': }
-
-  class { 'openstack_project::kdc':
-    slave => true,
-  }
-}
-
 # Node-OS: xenial
 node /^ask\d*\.open.*\.org$/ {

--- a/modules/openstack_project/manifests/kdc.pp
+++ b/modules/openstack_project/manifests/kdc.pp
@ -1,17 +0,0 @@
-# kerberos kdc servers
-class openstack_project::kdc (
-  $slave = false,
-) {
-  class { 'kerberos::server':
-    realm        => 'OPENSTACK.ORG',
-    kdcs         => [
-      'kdc03.openstack.org',
-      'kdc04.openstack.org',
-    ],
-    admin_server => 'kdc.openstack.org',
-    slaves       => [
-      'kdc04.openstack.org',
-    ],
-    slave        => $slave,
-  }
-}