Closed Bug 938629 Opened 11 years ago Closed 11 years ago

apply network::aws in the network class, if the host is in AWS

Categories

(Infrastructure & Operations :: RelOps: Puppet, task)

task
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: dustin, Assigned: dustin)

References

Details

Attachments

(3 files, 1 obsolete file)

This will save a good bit of noise in the node definitions.
We could probably get rid of this class, actually: * add puppet.$domain and repos.$domain to every domain in aws * add $domain to 'search' in /etc/resolv.conf However, I'll just move it for now.
Attached patch bug938629.patch (obsolete) — Splinter Review
Attachment #8367383 - Flags: review?(rail)
Comment on attachment 8367383 [details] [diff] [review] bug938629.patch Review of attachment 8367383 [details] [diff] [review]: ----------------------------------------------------------------- ::: modules/network/manifests/init.pp @@ +58,5 @@ > } > } > + > + # enable network:aws on moco AWS nodes > + if $::config::org == 'moco' and $virtual == 'xenhvm' { I'm not quite sure what is the best way to figure out whether we are in AWS or not... Using xen may introduce some issues in the future if we decide to use other cloud providers (or in-house!). Also, some of VMS report "xenhvm" ad some only "xen" depending on the virtualization type (HVM vs PV I think). Can you use something like if $::config::org == 'moco' and $virtual =~ /^xen/ { ...
Attachment #8367383 - Flags: review?(rail) → review+
Actually, I'll just block this on upgrading and getting the proper AWS facts working again.
Blocks: 946872
No longer blocks: 946872
Depends on: 946872
It occurs to me that this is probably causing uneven load among the AWS puppet masters. Consider that when a puppet master is down or overloaded, nodes fall back to other puppetmasters. When they do so, they point their 'puppet' alias to that new master, and will prefer it until *it* breaks. We should probably just remove this altogether..
Attached patch bug938629.patchSplinter Review
Once this is in place, we can remove the hosts manually from a few instances, and if nothing fails, add a temporary ensure => absent to make them disappear everywhere.
Attachment #8367383 - Attachment is obsolete: true
Attachment #8393698 - Flags: review?(rail)
Attachment #8393698 - Flags: review?(rail) → review+
Attachment #8393698 - Flags: checked-in+
This seems to have prompted bug 938629, where mock configs are using an unqualified 'repos' to access the yum repositories: config_opts['yum.conf'] = """ [main] cachedir=/var/cache/yum debuglevel=1 reposdir=/dev/null logfile=/var/log/yum.log retries=20 obsoletes=1 gpgcheck=0 assumeyes=1 syslog_ident=mock syslog_device= # repos [centos6] name=centos6 baseurl=http://repos/repos/yum/mirrors/centos/6/latest/os/i386 failovermethod=priority [centos6-updates] name=updates baseurl=http://repos/repos/yum/mirrors/centos/6/latest/updates/i386 failovermethod=priority [releng-centos6-i386] name=releng-centos6-i386 baseurl=http://repos/repos/yum/releng/public/CentOS/6/i386 [releng-centos6-noarch] name=releng-centos6-noarch baseurl=http://repos/repos/yum/releng/public/CentOS/6/noarch """ Rather than revert this change, I think we should create the relevant DNS CNAMEs like we do for onsite VLANs, and also configure /etc/resolv.conf to contain a proper search path: [root@b-linux64-ix-0001.build.releng.scl3.mozilla.com ~]# cat /etc/resolv.conf ; generated by /sbin/dhclient-script search build.releng.scl3.mozilla.com. releng.scl3.mozilla.com. scl3.mozilla.com. mozilla.com. mozilla.org. mozilla.net. nameserver 10.26.75.40 nameserver 10.26.75.41 but [root@bld-linux64-spot-398.build.releng.usw2.mozilla.com ~]# cat /etc/resolv.conf ; generated by /sbin/dhclient-script nameserver 10.26.75.40 nameserver 10.26.75.41
I have added the necessary CNAMEs to all of the AWS subdomains.
This will fight with dhclient a little bit, but it should work. With this change, 'repos' and 'puppet' will continue to resolve, even when they're not in /etc/hosts.
Attachment #8394869 - Flags: review?(rail)
Attachment #8394869 - Flags: review?(rail) → review+
Attachment #8394869 - Flags: checked-in+
Seems successful - I'll get a patch up to ensure 'puppet' and 'repos' aren't in /etc/hosts in a day or two.
The CNAMEs I added weren't in DNS, as I hadn't checked the "private" box. I did that now, and it's propagated. [root@tst-linux32-spot-309.test.releng.usw2.mozilla.com ~]# host repos repos.test.releng.usw2.mozilla.com is an alias for releng-puppet1.srv.releng.usw2.mozilla.com. releng-puppet1.srv.releng.usw2.mozilla.com has address 10.132.48.212 [root@tst-linux32-spot-309.test.releng.usw2.mozilla.com ~]# host puppet puppet.test.releng.usw2.mozilla.com is an alias for releng-puppet1.srv.releng.usw2.mozilla.com. releng-puppet1.srv.releng.usw2.mozilla.com has address 10.132.48.212
Attachment #8410504 - Flags: review?(rail)
Comment on attachment 8410504 [details] [diff] [review] bug938629-p2.patch Review of attachment 8410504 [details] [diff] [review]: ----------------------------------------------------------------- woot!
Comment on attachment 8410504 [details] [diff] [review] bug938629-p2.patch I mean r+!
Attachment #8410504 - Flags: review?(rail) → review+
Comment on attachment 8410504 [details] [diff] [review] bug938629-p2.patch merged to prod
Attachment #8410504 - Flags: checked-in+
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: