summaryrefslogtreecommitdiffstats
path: root/puppet-infracloud/modules/opnfv/manifests/server.pp
diff options
context:
space:
mode:
Diffstat (limited to 'puppet-infracloud/modules/opnfv/manifests/server.pp')
-rw-r--r--puppet-infracloud/modules/opnfv/manifests/server.pp244
1 files changed, 0 insertions, 244 deletions
diff --git a/puppet-infracloud/modules/opnfv/manifests/server.pp b/puppet-infracloud/modules/opnfv/manifests/server.pp
deleted file mode 100644
index d167973c..00000000
--- a/puppet-infracloud/modules/opnfv/manifests/server.pp
+++ /dev/null
@@ -1,244 +0,0 @@
-# SPDX-license-identifier: Apache-2.0
-##############################################################################
-# Copyright (c) 2016 RedHat and others.
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
-class opnfv::server (
- $iptables_public_tcp_ports = [],
- $iptables_public_udp_ports = [],
- $iptables_rules4 = [],
- $iptables_rules6 = [],
- $sysadmins = [],
- $enable_unbound = true,
- $purge_apt_sources = true,
-) {
- ###########################################################
- # Classes for all hosts
-
- include snmpd
-
- class { 'iptables':
- public_tcp_ports => $iptables_public_tcp_ports,
- public_udp_ports => $iptables_public_udp_ports,
- rules4 => $iptables_rules4,
- rules6 => $iptables_rules6,
- }
-
- class { 'timezone':
- timezone => 'Etc/UTC',
- }
-
- if ($enable_unbound) {
- class { 'unbound':
- install_resolv_conf => $install_resolv_conf
- }
- }
-
- if ($::in_chroot) {
- notify { 'rsyslog in chroot':
- message => 'rsyslog not refreshed, running in chroot',
- }
- $rsyslog_notify = []
- } else {
- service { 'rsyslog':
- ensure => running,
- enable => true,
- hasrestart => true,
- require => Package['rsyslog'],
- }
- $rsyslog_notify = [ Service['rsyslog'] ]
- }
-
- ###########################################################
- # System tweaks
-
- # Increase syslog message size in order to capture
- # python tracebacks with syslog.
- file { '/etc/rsyslog.d/99-maxsize.conf':
- ensure => present,
- # Note MaxMessageSize is not a puppet variable.
- content => '$MaxMessageSize 6k',
- owner => 'root',
- group => 'root',
- mode => '0644',
- notify => $rsyslog_notify,
- require => Package['rsyslog'],
- }
-
- # We don't like byobu
- file { '/etc/profile.d/Z98-byobu.sh':
- ensure => absent,
- }
-
- if $::osfamily == 'Debian' {
-
- # Ubuntu installs their whoopsie package by default, but it eats through
- # memory and we don't need it on servers
- package { 'whoopsie':
- ensure => absent,
- }
-
- package { 'popularity-contest':
- ensure => absent,
- }
- }
-
- ###########################################################
- # Package resources for all operating systems
-
- package { 'at':
- ensure => present,
- }
-
- package { 'lvm2':
- ensure => present,
- }
-
- package { 'strace':
- ensure => present,
- }
-
- package { 'tcpdump':
- ensure => present,
- }
-
- package { 'rsyslog':
- ensure => present,
- }
-
- package { 'git':
- ensure => present,
- }
-
- package { 'rsync':
- ensure => present,
- }
-
- case $::osfamily {
- 'RedHat': {
- $packages = ['parted', 'puppet', 'wget', 'iputils']
- $user_packages = ['emacs-nox', 'vim-enhanced']
- $update_pkg_list_cmd = ''
- }
- 'Debian': {
- $packages = ['parted', 'puppet', 'wget', 'iputils-ping']
- case $::operatingsystemrelease {
- /^(12|14)\.(04|10)$/: {
- $user_packages = ['emacs23-nox', 'vim-nox', 'iftop',
- 'sysstat', 'iotop']
- }
- default: {
- $user_packages = ['emacs-nox', 'vim-nox']
- }
- }
- $update_pkg_list_cmd = 'apt-get update >/dev/null 2>&1;'
- }
- default: {
- fail("Unsupported osfamily: ${::osfamily} The 'openstack_project' module only supports osfamily Debian or RedHat (slaves only).")
- }
- }
- package { $packages:
- ensure => present
- }
-
- ###########################################################
- # Package resources for specific operating systems
-
- case $::osfamily {
- 'Debian': {
- # Purge and augment existing /etc/apt/sources.list if requested, and make
- # sure apt-get update is run before any packages are installed
- class { '::apt':
- purge => { 'sources.list' => $purge_apt_sources }
- }
-
- # Make sure dig is installed
- package { 'dnsutils':
- ensure => present,
- }
- }
- 'RedHat': {
- # Make sure dig is installed
- package { 'bind-utils':
- ensure => present,
- }
- }
- }
-
- ###########################################################
- # Manage ntp
-
- include '::ntp'
-
- if ($::osfamily == "RedHat") {
- # Utils in ntp-perl are included in Debian's ntp package; we
- # add it here for consistency. See also
- # https://tickets.puppetlabs.com/browse/MODULES-3660
- package { 'ntp-perl':
- ensure => present
- }
- # NOTE(pabelanger): We need to ensure ntpdate service starts on boot for
- # centos-7. Currently, ntpd explicitly require ntpdate to be running before
- # the sync process can happen in ntpd. As a result, if ntpdate is not
- # running, ntpd will start but fail to sync because of DNS is not properly
- # setup.
- package { 'ntpdate':
- ensure => present,
- }
- service { 'ntpdate':
- enable => true,
- require => Package['ntpdate'],
- }
- }
-
- ###########################################################
- # Manage python/pip
-
- $desired_virtualenv = '13.1.0'
- class { '::pip':
- optional_settings => {
- 'extra-index-url' => '',
- },
- manage_pip_conf => true,
- }
-
- if (( versioncmp($::virtualenv_version, $desired_virtualenv) < 0 )) {
- $virtualenv_ensure = $desired_virtualenv
- } else {
- $virtualenv_ensure = present
- }
- package { 'virtualenv':
- ensure => $virtualenv_ensure,
- provider => openstack_pip,
- require => Class['pip'],
- }
-
- # manage root ssh
- if ! defined(File['/root/.ssh']) {
- file { '/root/.ssh':
- ensure => directory,
- mode => '0700',
- }
- }
-
- # ensure that we have non-pass sudo, and
- # not require tty
- file_line { 'sudo_rule_no_pw':
- path => '/etc/sudoers',
- line => '%wheel ALL=(ALL) NOPASSWD: ALL',
- }
- file_line { 'sudo_rule_notty':
- path => '/etc/sudoers',
- line => 'Defaults requiretty',
- match => '.*requiretty.*',
- match_for_absence => true,
- ensure => absent,
- multiple => true,
- }
-
- # update hosts
- create_resources('host', hiera_hash('hosts'))
-}