diff options
Diffstat (limited to 'puppet-infracloud/modules/opnfv/manifests/server.pp')
-rw-r--r-- | puppet-infracloud/modules/opnfv/manifests/server.pp | 244 |
1 files changed, 0 insertions, 244 deletions
diff --git a/puppet-infracloud/modules/opnfv/manifests/server.pp b/puppet-infracloud/modules/opnfv/manifests/server.pp deleted file mode 100644 index d167973c..00000000 --- a/puppet-infracloud/modules/opnfv/manifests/server.pp +++ /dev/null @@ -1,244 +0,0 @@ -# SPDX-license-identifier: Apache-2.0 -############################################################################## -# Copyright (c) 2016 RedHat and others. -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -class opnfv::server ( - $iptables_public_tcp_ports = [], - $iptables_public_udp_ports = [], - $iptables_rules4 = [], - $iptables_rules6 = [], - $sysadmins = [], - $enable_unbound = true, - $purge_apt_sources = true, -) { - ########################################################### - # Classes for all hosts - - include snmpd - - class { 'iptables': - public_tcp_ports => $iptables_public_tcp_ports, - public_udp_ports => $iptables_public_udp_ports, - rules4 => $iptables_rules4, - rules6 => $iptables_rules6, - } - - class { 'timezone': - timezone => 'Etc/UTC', - } - - if ($enable_unbound) { - class { 'unbound': - install_resolv_conf => $install_resolv_conf - } - } - - if ($::in_chroot) { - notify { 'rsyslog in chroot': - message => 'rsyslog not refreshed, running in chroot', - } - $rsyslog_notify = [] - } else { - service { 'rsyslog': - ensure => running, - enable => true, - hasrestart => true, - require => Package['rsyslog'], - } - $rsyslog_notify = [ Service['rsyslog'] ] - } - - ########################################################### - # System tweaks - - # Increase syslog message size in order to capture - # python tracebacks with syslog. - file { '/etc/rsyslog.d/99-maxsize.conf': - ensure => present, - # Note MaxMessageSize is not a puppet variable. - content => '$MaxMessageSize 6k', - owner => 'root', - group => 'root', - mode => '0644', - notify => $rsyslog_notify, - require => Package['rsyslog'], - } - - # We don't like byobu - file { '/etc/profile.d/Z98-byobu.sh': - ensure => absent, - } - - if $::osfamily == 'Debian' { - - # Ubuntu installs their whoopsie package by default, but it eats through - # memory and we don't need it on servers - package { 'whoopsie': - ensure => absent, - } - - package { 'popularity-contest': - ensure => absent, - } - } - - ########################################################### - # Package resources for all operating systems - - package { 'at': - ensure => present, - } - - package { 'lvm2': - ensure => present, - } - - package { 'strace': - ensure => present, - } - - package { 'tcpdump': - ensure => present, - } - - package { 'rsyslog': - ensure => present, - } - - package { 'git': - ensure => present, - } - - package { 'rsync': - ensure => present, - } - - case $::osfamily { - 'RedHat': { - $packages = ['parted', 'puppet', 'wget', 'iputils'] - $user_packages = ['emacs-nox', 'vim-enhanced'] - $update_pkg_list_cmd = '' - } - 'Debian': { - $packages = ['parted', 'puppet', 'wget', 'iputils-ping'] - case $::operatingsystemrelease { - /^(12|14)\.(04|10)$/: { - $user_packages = ['emacs23-nox', 'vim-nox', 'iftop', - 'sysstat', 'iotop'] - } - default: { - $user_packages = ['emacs-nox', 'vim-nox'] - } - } - $update_pkg_list_cmd = 'apt-get update >/dev/null 2>&1;' - } - default: { - fail("Unsupported osfamily: ${::osfamily} The 'openstack_project' module only supports osfamily Debian or RedHat (slaves only).") - } - } - package { $packages: - ensure => present - } - - ########################################################### - # Package resources for specific operating systems - - case $::osfamily { - 'Debian': { - # Purge and augment existing /etc/apt/sources.list if requested, and make - # sure apt-get update is run before any packages are installed - class { '::apt': - purge => { 'sources.list' => $purge_apt_sources } - } - - # Make sure dig is installed - package { 'dnsutils': - ensure => present, - } - } - 'RedHat': { - # Make sure dig is installed - package { 'bind-utils': - ensure => present, - } - } - } - - ########################################################### - # Manage ntp - - include '::ntp' - - if ($::osfamily == "RedHat") { - # Utils in ntp-perl are included in Debian's ntp package; we - # add it here for consistency. See also - # https://tickets.puppetlabs.com/browse/MODULES-3660 - package { 'ntp-perl': - ensure => present - } - # NOTE(pabelanger): We need to ensure ntpdate service starts on boot for - # centos-7. Currently, ntpd explicitly require ntpdate to be running before - # the sync process can happen in ntpd. As a result, if ntpdate is not - # running, ntpd will start but fail to sync because of DNS is not properly - # setup. - package { 'ntpdate': - ensure => present, - } - service { 'ntpdate': - enable => true, - require => Package['ntpdate'], - } - } - - ########################################################### - # Manage python/pip - - $desired_virtualenv = '13.1.0' - class { '::pip': - optional_settings => { - 'extra-index-url' => '', - }, - manage_pip_conf => true, - } - - if (( versioncmp($::virtualenv_version, $desired_virtualenv) < 0 )) { - $virtualenv_ensure = $desired_virtualenv - } else { - $virtualenv_ensure = present - } - package { 'virtualenv': - ensure => $virtualenv_ensure, - provider => openstack_pip, - require => Class['pip'], - } - - # manage root ssh - if ! defined(File['/root/.ssh']) { - file { '/root/.ssh': - ensure => directory, - mode => '0700', - } - } - - # ensure that we have non-pass sudo, and - # not require tty - file_line { 'sudo_rule_no_pw': - path => '/etc/sudoers', - line => '%wheel ALL=(ALL) NOPASSWD: ALL', - } - file_line { 'sudo_rule_notty': - path => '/etc/sudoers', - line => 'Defaults requiretty', - match => '.*requiretty.*', - match_for_absence => true, - ensure => absent, - multiple => true, - } - - # update hosts - create_resources('host', hiera_hash('hosts')) -} |