diff options
| author |   Yolanda Robla Mota <yroblamo@redhat.com> | 2016-09-20 16:58:20 +0200 |
|---|---|---|
| committer |   Trevor Bramwell <tbramwell@linuxfoundation.org> | 2017-08-11 12:56:12 -0700 |
| commit | d221dcac953aeda017ae0cee922244b613ceafe7 (patch) | |
| tree | ef827e7621fc0c100723b1b582e8665f1558f18f /puppet-infracloud | |
| parent | 6aa36ec5d1622101e3c89052c4f66d7bbe4d3c50 (diff) | |
Stop using sudoers on all servers defined
Insteaf of that, add only on compute and controller that
are going to be fully automated, but avoid running that on
jumphosts, as this may mess with exiting config.
Change-Id: I79f1fa05d3e6da49a7f78b2efecb791022f5b11d
Signed-Off-By: Yolanda Robla <yroblamo@redhat.com>
Diffstat (limited to 'puppet-infracloud')
| -rw-r--r-- | puppet-infracloud/manifests/site.pp | 4 | ||||
| -rw-r--r-- | puppet-infracloud/modules/opnfv/manifests/server.pp | 1 |
2 files changed, 4 insertions, 1 deletions
diff --git a/puppet-infracloud/manifests/site.pp b/puppet-infracloud/manifests/site.pp index 2cb12a3c..31c45767 100644 --- a/puppet-infracloud/manifests/site.pp +++ b/puppet-infracloud/manifests/site.pp @@ -8,6 +8,8 @@ ############################################################################## node 'controller00.opnfvlocal' { $group = 'infracloud' + include ::sudoers + class { 'opnfv::server': iptables_public_tcp_ports => [80,5000,5671,8774,9292,9696,35357], # logs,keystone,rabbit,nova,glance,neutron,keystone sysadmins => hiera('sysadmins', []), @@ -43,6 +45,8 @@ node 'controller00.opnfvlocal' { node 'compute00.opnfvlocal' { $group = 'infracloud' + include ::sudoers + class { 'opnfv::server': sysadmins => hiera('sysadmins', []), enable_unbound => false, diff --git a/puppet-infracloud/modules/opnfv/manifests/server.pp b/puppet-infracloud/modules/opnfv/manifests/server.pp index 5bbcd750..4113c50e 100644 --- a/puppet-infracloud/modules/opnfv/manifests/server.pp +++ b/puppet-infracloud/modules/opnfv/manifests/server.pp @@ -19,7 +19,6 @@ class opnfv::server ( # Classes for all hosts include snmpd - include sudoers class { 'iptables': public_tcp_ports => $iptables_public_tcp_ports, |