Puppet proposal

Ewoud Kohl van Wijngaarden ewoud+ovirt at kohlvanwijngaarden.nl
Tue Aug 14 10:11:20 UTC 2012


On Tue, Aug 14, 2012 at 03:35:22AM -0400, Eyal Edri wrote:
> Ewoud Kohl van Wijngaarden wrote:
> > As promised and hopefully in time for tomorrows meeting I present to
> > you
> > some basic puppet classes and modules to help us manage our infra. I
> > created a github repo[1] with some very basic classes.
> >
> > Some things I'm unsure about:
> > - I'm not sure if a dash ('-') is allowed in the class name. It works
> >   but github highlights it weird.
> > - I think publishing the public key is no problem (they're public
> > after
> >   all), but if something like the debian SSH fiasco[2] would happen
> >   again we might be at risk.
> > - It's very basic, just ensure users exist and sudo is set up. We can
> > do
> >   much more, but what do we want?
>
> for starts we need to able to install a jenkins slave with all it's deps, this means:
>
> 1. installing all packages for making rpms (autoconf,make,gcc,python-*,etc...)
I'll add these, but please expand python-*
> 2. installing the jenkins-slave deamon (for running jnlp)
I'll look into this.
> 3. jenkins user + home dir..
check
> 4. openjdk-1.7.0-java-devel
check
> 5. selinux settings.. .
Right now vdsm unit tests have sudo permission to call setenforce. Not
what we want in the long term, but I was told the unit tests need this.

> and basically every thing we stumble upon when installing a new slave.
>
> other things might be installing system services on all vms like:
>  - log collector
>  - backup
>  - cleanup
>  - monitoring
I think we'll add these as they come along.



More information about the Infra mailing list