Closed
Bug 938629
Opened 11 years ago
Closed 11 years ago
apply network::aws in the network class, if the host is in AWS
Categories
(Infrastructure & Operations :: RelOps: Puppet, task)
Infrastructure & Operations
RelOps: Puppet
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: dustin, Assigned: dustin)
References
Details
Attachments
(3 files, 1 obsolete file)
3.41 KB,
patch
|
rail
:
review+
dustin
:
checked-in+
|
Details | Diff | Splinter Review |
2.21 KB,
patch
|
rail
:
review+
dustin
:
checked-in+
|
Details | Diff | Splinter Review |
1.08 KB,
patch
|
rail
:
review+
dustin
:
checked-in+
|
Details | Diff | Splinter Review |
This will save a good bit of noise in the node definitions.
Assignee | ||
Comment 1•11 years ago
|
||
We could probably get rid of this class, actually:
* add puppet.$domain and repos.$domain to every domain in aws
* add $domain to 'search' in /etc/resolv.conf
However, I'll just move it for now.
Assignee | ||
Comment 2•11 years ago
|
||
Attachment #8367383 -
Flags: review?(rail)
Comment 3•11 years ago
|
||
Comment on attachment 8367383 [details] [diff] [review]
bug938629.patch
Review of attachment 8367383 [details] [diff] [review]:
-----------------------------------------------------------------
::: modules/network/manifests/init.pp
@@ +58,5 @@
> }
> }
> +
> + # enable network:aws on moco AWS nodes
> + if $::config::org == 'moco' and $virtual == 'xenhvm' {
I'm not quite sure what is the best way to figure out whether we are in AWS or not... Using xen may introduce some issues in the future if we decide to use other cloud providers (or in-house!). Also, some of VMS report "xenhvm" ad some only "xen" depending on the virtualization type (HVM vs PV I think). Can you use something like
if $::config::org == 'moco' and $virtual =~ /^xen/ { ...
Attachment #8367383 -
Flags: review?(rail) → review+
Assignee | ||
Comment 4•11 years ago
|
||
Actually, I'll just block this on upgrading and getting the proper AWS facts working again.
Blocks: 946872
Assignee | ||
Updated•11 years ago
|
Assignee | ||
Comment 5•11 years ago
|
||
It occurs to me that this is probably causing uneven load among the AWS puppet masters. Consider that when a puppet master is down or overloaded, nodes fall back to other puppetmasters. When they do so, they point their 'puppet' alias to that new master, and will prefer it until *it* breaks.
We should probably just remove this altogether..
Assignee | ||
Comment 6•11 years ago
|
||
Once this is in place, we can remove the hosts manually from a few instances, and if nothing fails, add a temporary ensure => absent to make them disappear everywhere.
Attachment #8367383 -
Attachment is obsolete: true
Attachment #8393698 -
Flags: review?(rail)
Updated•11 years ago
|
Attachment #8393698 -
Flags: review?(rail) → review+
Assignee | ||
Updated•11 years ago
|
Attachment #8393698 -
Flags: checked-in+
Assignee | ||
Comment 7•11 years ago
|
||
This seems to have prompted bug 938629, where mock configs are using an unqualified 'repos' to access the yum repositories:
config_opts['yum.conf'] = """
[main]
cachedir=/var/cache/yum
debuglevel=1
reposdir=/dev/null
logfile=/var/log/yum.log
retries=20
obsoletes=1
gpgcheck=0
assumeyes=1
syslog_ident=mock
syslog_device=
# repos
[centos6]
name=centos6
baseurl=http://repos/repos/yum/mirrors/centos/6/latest/os/i386
failovermethod=priority
[centos6-updates]
name=updates
baseurl=http://repos/repos/yum/mirrors/centos/6/latest/updates/i386
failovermethod=priority
[releng-centos6-i386]
name=releng-centos6-i386
baseurl=http://repos/repos/yum/releng/public/CentOS/6/i386
[releng-centos6-noarch]
name=releng-centos6-noarch
baseurl=http://repos/repos/yum/releng/public/CentOS/6/noarch
"""
Rather than revert this change, I think we should create the relevant DNS CNAMEs like we do for onsite VLANs, and also configure /etc/resolv.conf to contain a proper search path:
[root@b-linux64-ix-0001.build.releng.scl3.mozilla.com ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script
search build.releng.scl3.mozilla.com. releng.scl3.mozilla.com. scl3.mozilla.com. mozilla.com. mozilla.org. mozilla.net.
nameserver 10.26.75.40
nameserver 10.26.75.41
but
[root@bld-linux64-spot-398.build.releng.usw2.mozilla.com ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script
nameserver 10.26.75.40
nameserver 10.26.75.41
Assignee | ||
Comment 8•11 years ago
|
||
I have added the necessary CNAMEs to all of the AWS subdomains.
Assignee | ||
Comment 9•11 years ago
|
||
This will fight with dhclient a little bit, but it should work. With this change, 'repos' and 'puppet' will continue to resolve, even when they're not in /etc/hosts.
Attachment #8394869 -
Flags: review?(rail)
Updated•11 years ago
|
Attachment #8394869 -
Flags: review?(rail) → review+
Assignee | ||
Updated•11 years ago
|
Attachment #8394869 -
Flags: checked-in+
Assignee | ||
Comment 10•11 years ago
|
||
Seems successful - I'll get a patch up to ensure 'puppet' and 'repos' aren't in /etc/hosts in a day or two.
Assignee | ||
Comment 11•11 years ago
|
||
The CNAMEs I added weren't in DNS, as I hadn't checked the "private" box. I did that now, and it's propagated.
[root@tst-linux32-spot-309.test.releng.usw2.mozilla.com ~]# host repos
repos.test.releng.usw2.mozilla.com is an alias for releng-puppet1.srv.releng.usw2.mozilla.com.
releng-puppet1.srv.releng.usw2.mozilla.com has address 10.132.48.212
[root@tst-linux32-spot-309.test.releng.usw2.mozilla.com ~]# host puppet
puppet.test.releng.usw2.mozilla.com is an alias for releng-puppet1.srv.releng.usw2.mozilla.com.
releng-puppet1.srv.releng.usw2.mozilla.com has address 10.132.48.212
Assignee | ||
Comment 12•11 years ago
|
||
Attachment #8410504 -
Flags: review?(rail)
Comment 13•11 years ago
|
||
Comment on attachment 8410504 [details] [diff] [review]
bug938629-p2.patch
Review of attachment 8410504 [details] [diff] [review]:
-----------------------------------------------------------------
woot!
Comment 14•11 years ago
|
||
Attachment #8410504 -
Flags: review?(rail) → review+
Assignee | ||
Comment 15•11 years ago
|
||
Attachment #8410504 -
Flags: checked-in+
Assignee | ||
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•