Puppet Class: profile::acme_chief::cloud

Defined in:
modules/profile/manifests/acme_chief/cloud.pp

Overview

Parameters:

  • active_host (String) (defaults to: hiera('profile::acme_chief::active'))
  • passive_host (String) (defaults to: hiera('profile::acme_chief::passive'))
  • designate_sync_auth_url (String) (defaults to: hiera('profile::acme_chief::cloud::designate_sync_auth_url'))
  • designate_sync_username (String) (defaults to: hiera('profile::acme_chief::cloud::designate_sync_username'))
  • designate_sync_password (String) (defaults to: hiera('profile::acme_chief::cloud::designate_sync_password'))
  • designate_sync_project_names (Array[String]) (defaults to: hiera('profile::acme_chief::cloud::designate_sync_project_names'))
  • designate_sync_region_name (String) (defaults to: hiera('profile::acme_chief::cloud::designate_sync_region_name'))
  • designate_sync_tidyup_enabled (Boolean) (defaults to: hiera('profile::acme_chief::cloud::designate_sync_tidyup_enabled'))


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
# File 'modules/profile/manifests/acme_chief/cloud.pp', line 1

class profile::acme_chief::cloud (
    String $active_host = hiera('profile::acme_chief::active'),
    String $passive_host = hiera('profile::acme_chief::passive'),
    String $designate_sync_auth_url = hiera('profile::acme_chief::cloud::designate_sync_auth_url'),
    String $designate_sync_username = hiera('profile::acme_chief::cloud::designate_sync_username'),
    String $designate_sync_password = hiera('profile::acme_chief::cloud::designate_sync_password'),
    Array[String] $designate_sync_project_names = hiera('profile::acme_chief::cloud::designate_sync_project_names'),
    String $designate_sync_region_name = hiera('profile::acme_chief::cloud::designate_sync_region_name'),
    Boolean $designate_sync_tidyup_enabled = hiera('profile::acme_chief::cloud::designate_sync_tidyup_enabled'),
) {
    if $::fqdn == $passive_host {
        $active_host_ip = ipresolve($active_host, 4, $::nameservers[0])
        security::access::config { 'acme-chief':
            content  => "+ : acme-chief : ${active_host_ip}\n",
            priority => 60,
        }
    }

    require_package('python3-keystoneauth1', 'python3-designateclient')

    file { '/usr/local/bin/acme-chief-designate-sync.py':
        ensure  => present,
        owner   => 'acme-chief',
        group   => 'acme-chief',
        mode    => '0544',
        require => [
            Package['acme-chief'],
            Package['python3-keystoneauth1'],
            Package['python3-designateclient'],
        ],
        source  => 'puppet:///modules/acme_chief/designate-sync.py'
    }

    file { '/usr/local/bin/acme-chief-designate-tidyup.py':
        ensure  => present,
        owner   => 'acme-chief',
        group   => 'acme-chief',
        mode    => '0544',
        require => [
            Package['acme-chief'],
            Package['python3-keystoneauth1'],
            Package['python3-designateclient'],
        ],
        source  => 'puppet:///modules/acme_chief/designate-tidyup.py'
    }
    $ensure_tidyup = ($designate_sync_tidyup_enabled and $::fqdn == $active_host)? {
        true    => present,
        default => absent,
    }
    cron { 'acme-chief-designate-tidyup':
        ensure   => $ensure_tidyup,
        command  => '/usr/local/bin/acme-chief-designate-tidyup.py | logger -t acme-chief-designate-tidyup',
        user     => 'acme-chief',
        minute   => '0',
        hour     => '*',
        weekday  => '*',
        month    => '*',
        monthday => '*',
        require  => File['/usr/local/bin/acme-chief-designate-tidyup.py'],
    }

    file { '/etc/acme-chief/designate-sync-config.yaml':
        ensure  => present,
        owner   => 'acme-chief',
        group   => 'acme-chief',
        mode    => '0400',
        content => ordered_yaml({
            'OS_AUTH_URL'      => $designate_sync_auth_url,
            'OS_USERNAME'      => $designate_sync_username,
            'OS_PASSWORD'      => $designate_sync_password,
            'OS_PROJECT_NAMES' => $designate_sync_project_names,
            'OS_REGION_NAME'   => $designate_sync_region_name
        })
    }
}