Puppet Class: profile::dns::auth::discovery

Defined in:
modules/profile/manifests/dns/auth/discovery.pp

Overview

DNS Service Discovery Config

Parameters:

  • conftool_prefix (String) (defaults to: lookup('conftool_prefix'))


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# File 'modules/profile/manifests/dns/auth/discovery.pp', line 2

class profile::dns::auth::discovery(
    String $conftool_prefix = lookup('conftool_prefix'),
) {
    # Create a list of all available discovery services.
    $discovery_services = wmflib::service::fetch().filter |$n, $svc| { 'discovery' in $svc  and $svc['state'] == 'production' }
        .map|$n, $svc| { $svc['discovery'].map |$record| {$record + {'ip' => $svc['ip']}}}
        .flatten()
        .unique()

    file { '/etc/gdnsd/discovery-geo-resources':
        ensure  => 'present',
        owner   => 'root',
        group   => 'root',
        mode    => '0444',
        content => template('profile/dns/auth/discovery-geo-resources.erb'),
        notify  => Service['gdnsd'],
        before  => Exec['authdns-local-update'],
    }

    file { '/etc/gdnsd/discovery-metafo-resources':
        ensure  => 'present',
        owner   => 'root',
        group   => 'root',
        mode    => '0444',
        content => template('profile/dns/auth/discovery-metafo-resources.erb'),
        notify  => Service['gdnsd'],
        before  => Exec['authdns-local-update'],
    }

    file { '/etc/gdnsd/discovery-states':
        ensure  => 'present',
        owner   => 'root',
        group   => 'root',
        mode    => '0444',
        content => template('profile/dns/auth/discovery-states.erb'),
        notify  => Service['gdnsd'],
        before  => Exec['authdns-local-update'],
    }

    file { '/etc/gdnsd/discovery-map':
        ensure => 'present',
        mode   => '0444',
        owner  => 'root',
        group  => 'root',
        source => 'puppet:///modules/profile/dns/auth/discovery-map',
        notify => Service['gdnsd'],
        before => Exec['authdns-local-update'],
    }

    file { '/usr/local/bin/authdns-check-active-passive':
        ensure => 'present',
        mode   => '0555',
        owner  => 'root',
        group  => 'root',
        source => 'puppet:///modules/profile/dns/auth/authdns-check-active-passive',
    }

    class { 'confd':
        prefix => $conftool_prefix,
    }

    $discovery_services.each |$svc_data| {
        $keyspace = '/discovery'
        $svc_name = $svc_data['dnsdisc']
        $check = $svc_data['active_active'] ? {
            false => '/usr/local/bin/authdns-check-active-passive',
            true  => undef,
        }
        confd::file { "/var/lib/gdnsd/discovery-${svc_name}.state":
            uid        => '0',
            gid        => '0',
            mode       => '0444',
            content    => template('profile/dns/auth/discovery-statefile.tpl.erb'),
            watch_keys => ["${keyspace}/${svc_name}"],
            check      => $check,
        }
    }
}