opendev/system-config
Code Issues Proposed changes
system-config/modules/openstack_project/manifests/single_use_slave.pp
Monty Taylor 10b504fb95 Purge cloud-init 
Turns out that cloud-init leaves behind init scripts which still try
to do things, because they have lots of logic written in them. That's,
of course, crazy. In any case, purge to get rid of them.

Change-Id: Id32fe2eb0f0af879d69055dc7894acbe507f0513
2015-03-19 16:09:37 -04:00

61 lines
2.1 KiB
Puppet
Raw Blame History

# == Class: openstack_project::single_use_slave
#
# This class configures single use Jenkins slaves with a few
# toggleable options. Most importantly sudo rights for the Jenkins
# user are by default off but can be enabled. Also, automatic_upgrades
# are off by default as the assumption is the backing image for
# this single use slaves will be refreshed with new packages
# periodically.
class openstack_project::single_use_slave (
$certname = $::fqdn,
$install_users = true,
$install_resolv_conf = true,
$sudo = false,
$thin = true,
$automatic_upgrades = false,
$all_mysql_privs = false,
$enable_unbound = true,
$ssh_key = $openstack_project::jenkins_ssh_key,
$project_config_repo = 'https://git.openstack.org/openstack-infra/project-config',
) inherits openstack_project {
class { 'openstack_project::template':
certname => $certname,
automatic_upgrades => $automatic_upgrades,
install_users => $install_users,
install_resolv_conf => $install_resolv_conf,
enable_unbound => $enable_unbound,
iptables_rules4 =>
[
# Ports 69 and 6385 allow to allow ironic VM nodes to reach tftp and
# the ironic API from the neutron public net
'-p udp --dport 69 -s 172.24.4.0/23 -j ACCEPT',
'-p tcp --dport 6385 -s 172.24.4.0/23 -j ACCEPT',
# Ports 8000, 8003, 8004 from the devstack neutron public net to allow
# nova servers to reach heat-api-cfn, heat-api-cloudwatch, heat-api
'-p tcp --dport 8000 -s 172.24.4.0/23 -j ACCEPT',
'-p tcp --dport 8003 -s 172.24.4.0/23 -j ACCEPT',
'-p tcp --dport 8004 -s 172.24.4.0/23 -j ACCEPT',
'-m limit --limit 2/min -j LOG --log-prefix "iptables dropped: "',
],
}
class { 'jenkins::slave':
ssh_key => $ssh_key,
}
class { 'openstack_project::slave_common':
sudo => $sudo,
project_config_repo => $project_config_repo,
}
if (! $thin) {
class { 'openstack_project::thick_slave':
all_mysql_privs => $all_mysql_privs,
}
}
package { 'cloud-init':
ensure => 'purged',
}
}
View Git Blame Copy Permalink