opendev/system-config
Code Issues Proposed changes
8e7f9e3458
system-config/modules/openstack_project/manifests/single_use_slave.pp
K Jonathan Harker 8e7f9e3458 Move openstack-specific config out of ::jenkins 
The ::jenkins::slave class contained a lot of openstack-specific
configuration rather than configuration of a generic jenkins slave.

The term "bare slave" is overloaded and confusing: create simple_slave
and thick_slave to differentiate between the two meanings of "bare".
Some portions of ::jenkins::slave will move to simple_slave, some
portions to thick_slave, and some portions to slave_common (all in the
openstack_project module).

Change-Id: I5281a03a7f6da3f98714bcc59ae840ace8435578
2014-05-20 14:39:51 -07:00

54 lines
1.8 KiB
Puppet
Raw Blame History

# == Class: openstack_project::single_use_slave
#
# This class configures single use Jenkins slaves with a few
# toggleable options. Most importantly sudo rights for the Jenkins
# user are by default off but can be enabled. Also, automatic_upgrades
# are off by default as the assumption is the backing image for
# this single use slaves will be refreshed with new packages
# periodically.
class openstack_project::single_use_slave (
$certname = $::fqdn,
$install_users = true,
$sudo = false,
$thin = true,
$python3 = false,
$include_pypy = false,
$automatic_upgrades = false,
$all_mysql_privs = false,
$ssh_key = $openstack_project::jenkins_ssh_key
) inherits openstack_project {
class { 'openstack_project::template':
certname => $certname,
automatic_upgrades => $automatic_upgrades,
install_users => $install_users,
iptables_rules4 =>
[
# Ports 69 and 6385 allow to allow ironic VM nodes to reach tftp and
# the ironic API from the neutron public net
'-p udp --dport 69 -s 172.24.4.0/24 -j ACCEPT',
'-p tcp --dport 6385 -s 172.24.4.0/24 -j ACCEPT',
# Ports 8000, 8003, 8004 from the devstack neutron public net to allow
# nova servers to reach heat-api-cfn, heat-api-cloudwatch, heat-api
'-p tcp --dport 8000 -s 172.24.4.0/24 -j ACCEPT',
'-p tcp --dport 8003 -s 172.24.4.0/24 -j ACCEPT',
'-p tcp --dport 8004 -s 172.24.4.0/24 -j ACCEPT',
],
}
class { 'jenkins::slave':
ssh_key => $ssh_key,
sudo => $sudo,
python3 => $python3,
}
class { 'openstack_project::slave_common':
include_pypy => $include_pypy,
}
if (! $thin) {
class { 'openstack_project::thick_slave':
all_mysql_privs => $all_mysql_privs,
}
}
}
View Git Blame Copy Permalink