diff options
| author |   Yolanda Robla Mota <yroblamo@redhat.com> | 2016-09-20 16:58:20 +0200 |
|---|---|---|
| committer | Yolanda Robla Mota <yroblamo@redhat.com> | 2016-09-20 17:00:57 +0200 |
| commit | e6f876639ccd52473914919123540668bbe9708a (patch) | |
| tree | 49f0d3806df57e01934b2cfa6a47c5f258561897 | |
| parent | 475b0290a9b3f8c95dba73ca25aafc483e38852c (diff) | |
Stop using sudoers on all servers defined
Insteaf of that, add only on compute and controller that
are going to be fully automated, but avoid running that on
jumphosts, as this may mess with exiting config.
Change-Id: I79f1fa05d3e6da49a7f78b2efecb791022f5b11d
Signed-Off-By: Yolanda Robla <yroblamo@redhat.com>
| -rw-r--r-- | prototypes/puppet-infracloud/manifests/site.pp | 4 | ||||
| -rw-r--r-- | prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp | 1 |
2 files changed, 4 insertions, 1 deletions
diff --git a/prototypes/puppet-infracloud/manifests/site.pp b/prototypes/puppet-infracloud/manifests/site.pp index 2cb12a3cd..31c45767f 100644 --- a/prototypes/puppet-infracloud/manifests/site.pp +++ b/prototypes/puppet-infracloud/manifests/site.pp @@ -8,6 +8,8 @@ ############################################################################## node 'controller00.opnfvlocal' { $group = 'infracloud' + include ::sudoers + class { 'opnfv::server': iptables_public_tcp_ports => [80,5000,5671,8774,9292,9696,35357], # logs,keystone,rabbit,nova,glance,neutron,keystone sysadmins => hiera('sysadmins', []), @@ -43,6 +45,8 @@ node 'controller00.opnfvlocal' { node 'compute00.opnfvlocal' { $group = 'infracloud' + include ::sudoers + class { 'opnfv::server': sysadmins => hiera('sysadmins', []), enable_unbound => false, diff --git a/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp b/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp index 5bbcd7506..4113c50e6 100644 --- a/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp +++ b/prototypes/puppet-infracloud/modules/opnfv/manifests/server.pp @@ -19,7 +19,6 @@ class opnfv::server ( # Classes for all hosts include snmpd - include sudoers class { 'iptables': public_tcp_ports => $iptables_public_tcp_ports, |