Manage unbound on zuul workers in DIB
Currently, some parts of unbound are configured on zuul workers via puppet and other parts are configured via dib elements. As part of reducing the nodepool image builds' dependency on puppet, this patch moves the rest of what was done in the unbound puppet module to the nodepool-base DIB element. Note that while the puppet module explicitly calls for the defaults file to exist before the package is installed[1], this does not apply for an image built in a chroot where the service won't be started, so we can stick that file in with the rest of the configuration. [1] http://git.openstack.org/cgit/openstack-infra/puppet-unbound/tree/manifests/init.pp#n34 Change-Id: I3905be12acd85581a608d87ba5159cc883343a37
This commit is contained in:
Colleen Murphy
Colleen Murphy
parent
e94c80b91e
commit
371263322e
@ -1,2 +1,3 @@
|
|||||||
|
package-installs
|
||||||
puppet
|
puppet
|
||||||
zuul-worker
|
zuul-worker
|
||||||
|
|||||||
@ -86,3 +86,54 @@ EOF
|
|||||||
chmod a+x /etc/rc.local
|
chmod a+x /etc/rc.local
|
||||||
|
|
||||||
echo 'include: /etc/unbound/forwarding.conf' >> /etc/unbound/unbound.conf
|
echo 'include: /etc/unbound/forwarding.conf' >> /etc/unbound/unbound.conf
|
||||||
|
|
||||||
|
# This defaults file must be in place to work around this bug:
|
||||||
|
# https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/988513
|
||||||
|
# The issue is fixed for Xenial so this is only required for Trusty.
|
||||||
|
if [ "$DIB_RELEASE" == "trusty" ] ; then
|
||||||
|
cat > /etc/default/unbound <<EOF
|
||||||
|
UNBOUND_ENABLE=true
|
||||||
|
ROOT_TRUST_ANCHOR_UPDATE=true
|
||||||
|
ROOT_TRUST_ANCHOR_FILE=/var/lib/unbound/root.key
|
||||||
|
RESOLVCONF=true
|
||||||
|
RESOLVCONF_FORWARDERS=false
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Tripleo uses dhcp
|
||||||
|
dhcp_file=''
|
||||||
|
if [[ "$DISTRO_NAME" =~ (centos|rhel7|fedora) ]] ; then
|
||||||
|
dhcp_file=/etc/dhcp/dhclient-eth0.conf
|
||||||
|
elif [[ "$DISTRO_NAME" =~ (debian|ubuntu) ]] ; then
|
||||||
|
dhcp_file=/etc/dhcp/dhclient.conf
|
||||||
|
fi
|
||||||
|
if [ -n "$dhcp_file" ] ; then
|
||||||
|
cat > $dhcp_file <<EOF
|
||||||
|
option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
|
||||||
|
send host-name "<hostname>";
|
||||||
|
request subnet-mask, broadcast-address, routers,
|
||||||
|
interface-mtu, rfc3442-classless-static-routes;
|
||||||
|
supersede domain-name-servers 127.0.0.1;
|
||||||
|
supersede domain-search "";
|
||||||
|
supersede domain-name "";
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
|
||||||
|
case "$DIB_INIT_SYSTEM" in
|
||||||
|
upstart)
|
||||||
|
# nothing to do
|
||||||
|
;;
|
||||||
|
systemd)
|
||||||
|
systemctl enable unbound.service
|
||||||
|
;;
|
||||||
|
openrc)
|
||||||
|
# let dib-init-system's postinstall handle enabling init scripts
|
||||||
|
;;
|
||||||
|
sysv)
|
||||||
|
# nothing to do
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Unsupported init system $DIB_INIT_SYSTEM"
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|||||||
1
nodepool/elements/nodepool-base/package-installs.yaml
Normal file
1
nodepool/elements/nodepool-base/package-installs.yaml
Normal file
@ -0,0 +1 @@
|
|||||||
|
unbound:
|
||||||
Loading…
Reference in New Issue
Block a user