Merge branch 'master' of git.nordu.net:eid-ops

2018-05-04 17:37:29 +02:00 · 2018-05-04 17:37:29 +02:00 · 2569c7774b
commit 2569c7774b
parent ffd5fbd4f8 4a0d0e651a
9 changed files with 48 additions and 57 deletions
--- a/fe-common/overlay/etc/hiera/data/group.yaml
+++ b/fe-common/overlay/etc/hiera/data/group.yaml
@ -24,25 +24,22 @@ sunet_frontend:
        remote_ip: '2001:6b0:8:4::111'
-    websites2_disabled:
+    websites2:
      'www':
-        site_name: 'www.dev.eduid.se'
+        site_name: 'www.komreg.net'
        frontends:
-          'fe-fre-1.eduid.se':
+          'fe-fre-3.komreg.net':
-            ips: ['130.242.131.61', '2001:6b0:54:fe::61']
+            ips: ['94.176.224.180']
-          'fe-tug-1.eduid.se':
+          'fe-tug-3.komreg.net':
-            ips: ['130.242.131.62', '2001:6b0:54:fe::62']
+            ips: ['94.176.224.181']
        backends:
          default:
-            'www-fre-1.eduid.se':
+            'www-fre-1.komreg.net':
-              ips: ['130.242.130.200']
+              ips: ['94.176.224.132']
              server_args: 'ssl check verify none'
        csp_ext_src: 'https://dev.eduid.se https://www.dev.eduid.se'
        allow_ports:
          - 443
-        letsencrypt_server: 'acme-c.dev.eduid.se'
+        letsencrypt_server: 'acme-c.sunet.se'
        varnish_enabled: true
        varnish_imagetag: 'staging'
        haproxy_imagetag: 'staging'
--- a/fe-fre-3.komreg.net/overlay/etc/netplan/99-static-ipv6.yaml
+++ b/fe-fre-3.komreg.net/overlay/etc/netplan/99-static-ipv6.yaml
@ -0,0 +1,9 @@
 network:
   version: 2
   ethernets:
      eth0:
         addresses:
         - 2001:6b0:64:2::165/64
         gateway6: 2001:6b0:64:2::1
         match:
            name: eth0
--- a/global/overlay/etc/hiera/data/common.yaml
+++ b/global/overlay/etc/hiera/data/common.yaml
@ -1,6 +1,7 @@
 ---
-eid_docker_version: '18.02.0~ce-0~ubuntu'
+eid_docker_version: '18.05.0~ce~2.1.rc1-0~ubuntu'
 eid_docker_compose_version: '1.15.0'
 eid_docker_repo: 'test'
 eid_proxy_server: ""
 eid_no_proxy: true
--- a/global/overlay/etc/puppet/cosmos-db.yaml
+++ b/global/overlay/etc/puppet/cosmos-db.yaml
@ -79,7 +79,6 @@ classes:
    sunetops: null
  kvmeidas-fre-3.komreg.net:
    common: null
    eid::kvmhost: null
    entropyclient: null
    infra_ca_rp: null
    mailclient: *id001
@ -88,7 +87,6 @@ classes:
    sunetops: null
  kvmeidas-tug-3.komreg.net:
    common: null
    eid::kvmhost: null
    entropyclient: null
    infra_ca_rp: null
    mailclient: *id001
@ -97,12 +95,11 @@ classes:
    sunetops: null
  kvmfe-fre-3.komreg.net:
    common: null
-    eid::kvm_vms:
+    eid::kvmhost:
      vms:
        fe-fre-3.komreg.net: {bridge: br-fe, cpus: '4', description: eid fre frontend,
          gateway: 94.176.224.161, ip: 94.176.224.165, mac: '52:54:20:01:00:01', memory: '4096',
          netmask: 255.255.255.240}
    eid::kvmhost: null
    entropyclient: null
    infra_ca_rp: null
    mailclient: *id001
@ -111,7 +108,6 @@ classes:
    sunetops: null
  kvmfe-tug-3.komreg.net:
    common: null
    eid::kvmhost: null
    entropyclient: null
    infra_ca_rp: null
    mailclient: *id001
@ -120,7 +116,6 @@ classes:
    sunetops: null
  kvminfra-fre-3.komreg.net:
    common: null
    eid::kvmhost: null
    entropyclient: null
    infra_ca_rp: null
    mailclient: *id001
@ -129,7 +124,6 @@ classes:
    sunetops: null
  kvminfra-tug-3.komreg.net:
    common: null
    eid::kvmhost: null
    entropyclient: null
    infra_ca_rp: null
    mailclient: *id001
@ -138,7 +132,6 @@ classes:
    sunetops: null
  kvmmeta-fre-3.komreg.net:
    common: null
    eid::kvmhost: null
    entropyclient: null
    infra_ca_rp: null
    mailclient: *id001
@ -147,7 +140,6 @@ classes:
    sunetops: null
  kvmmeta-tug-3.komreg.net:
    common: null
    eid::kvmhost: null
    entropyclient: null
    infra_ca_rp: null
    mailclient: *id001
@ -277,10 +269,7 @@ members:
    md-eu1.qa.komreg.net, md1.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net,
    prid-1.qa.sveidas.se, r1.komreg.net, web-1.qa.sveidas.se]
  eid::dockerhost: [fe-fre-3.komreg.net]
-  eid::kvm_vms: [kvmfe-fre-3.komreg.net]
+  eid::kvmhost: [kvmfe-fre-3.komreg.net]
  eid::kvmhost: [kvmeidas-fre-3.komreg.net, kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net,
    kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, kvminfra-tug-3.komreg.net,
    kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net]
  eidas_connector: [eidas-node-1.qa.sveidas.se]
  eidas_proxy: [eidas-proxy-1.qa.sveidas.se]
  entropyclient: [eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, fe-fre-3.komreg.net,
--- a/global/overlay/etc/puppet/cosmos-modules.conf
+++ b/global/overlay/etc/puppet/cosmos-modules.conf
@ -1,23 +1,23 @@
 # name source (puppetlabs fq name or git url) upgrade (yes/no)
 #
-concat      git://github.com/SUNET/puppetlabs-concat.git yes sunet_dev-*
+concat      git://github.com/SUNET/puppetlabs-concat.git yes sunet_dev-2*
-stdlib      git://github.com/SUNET/puppetlabs-stdlib.git yes sunet-*
+stdlib      git://github.com/SUNET/puppetlabs-stdlib.git yes sunet-2*
-cosmos      git://github.com/SUNET/puppet-cosmos.git yes sunet-*
+cosmos      git://github.com/SUNET/puppet-cosmos.git yes sunet-2*
-ufw         git://github.com/SUNET/puppet-module-ufw.git yes sunet-*
+ufw         git://github.com/SUNET/puppet-module-ufw.git yes sunet-2*
-apt         git://github.com/SUNET/puppetlabs-apt.git yes sunet-*
+apt         git://github.com/SUNET/puppetlabs-apt.git yes sunet-2*
-vcsrepo     git://github.com/SUNET/puppetlabs-vcsrepo.git yes sunet-*
+vcsrepo     git://github.com/SUNET/puppetlabs-vcsrepo.git yes sunet-2*
-xinetd      git://github.com/SUNET/puppetlabs-xinetd.git yes sunet-*
+xinetd      git://github.com/SUNET/puppetlabs-xinetd.git yes sunet-2*
-python      git://github.com/SUNET/puppet-python.git yes sunet-*
+python      git://github.com/SUNET/puppet-python.git yes sunet-2*
-hiera-gpg   git://github.com/SUNET/hiera-gpg.git yes sunet-*
+hiera-gpg   git://github.com/SUNET/hiera-gpg.git yes sunet-2*
-pound       git://github.com/SUNET/puppet-pound.git yes sunet-*
+pound       git://github.com/SUNET/puppet-pound.git yes sunet-2*
-augeas      git://github.com/SUNET/puppet-augeas.git yes sunet-*
+augeas      git://github.com/SUNET/puppet-augeas.git yes sunet-2*
-bastion     git://github.com/SUNET/puppet-bastion.git yes sunet-*
+bastion     git://github.com/SUNET/puppet-bastion.git yes sunet-2*
 pyff        git://github.com/samlbits/puppet-pyff.git yes puppet-pyff-*
-dhcp        git://github.com/SUNET/puppetlabs-dhcp.git yes sunet_dev-*
+dhcp        git://github.com/SUNET/puppetlabs-dhcp.git yes sunet_dev-2*
 varnish     git://github.com/samlbits/puppet-varnish.git yes puppet-varnish-*
-apparmor    https://github.com/SUNET/puppet-apparmor.git yes sunet-*
+apparmor    https://github.com/SUNET/puppet-apparmor.git yes sunet-2*
-docker      git://github.com/SUNET/garethr-docker.git yes sunet-*
+docker      git://github.com/SUNET/garethr-docker.git yes sunet-2*
-network     git://github.com/SUNET/attachmentgenie-network.git yes sunet-*
+network     git://github.com/SUNET/attachmentgenie-network.git yes sunet-2*
-sunet       git://github.com/SUNET/puppet-sunet.git yes sunet-*
+sunet       git://github.com/SUNET/puppet-sunet.git yes sunet_dev-2*
-sysctl      git://github.com/SUNET/puppet-sysctl.git yes sunet-*
+sysctl      git://github.com/SUNET/puppet-sysctl.git yes sunet-2*
-nagioscfg   git://github.com/SUNET/puppet-nagioscfg.git yes sunet-*
+nagioscfg   git://github.com/SUNET/puppet-nagioscfg.git yes sunet-2*
--- a/global/overlay/etc/puppet/cosmos-rules.yaml
+++ b/global/overlay/etc/puppet/cosmos-rules.yaml
@ -8,9 +8,6 @@
      domain: sunet.se
   sunet::rsyslog:
 '^kvm.+-.+-\d+\.komreg\.net$':
   eid::kvmhost:
 jmp.komreg.net:
   konsulter:
   sunet_iaas_cloud:
@ -21,7 +18,7 @@ jmp.komreg.net:
   autoupdate:
 kvmfe-fre-3.komreg.net:
-   eid::kvm_vms:
+   eid::kvmhost:
      vms:
         fe-fre-3.komreg.net:
            mac: '52:54:20:01:00:01'
--- a/global/overlay/etc/puppet/modules/eid/manifests/dockerhost.pp
+++ b/global/overlay/etc/puppet/modules/eid/manifests/dockerhost.pp
@ -2,7 +2,7 @@
 class eid::dockerhost(
  String $version              = safe_hiera('eid_docker_version'),
  String $package_name         = hiera('eid_docker_package_name', 'docker-ce'),
-  Enum['stable', 'edge'] $docker_repo = hiera('eid_docker_repo', 'stable'),
+  Enum['stable', 'edge', 'test'] $docker_repo = hiera('eid_docker_repo', 'stable'),
  String $compose_version      = safe_hiera('eid_docker_compose_version'),
  String $docker_args          = '',
  Optional[String] $docker_dns = undef,
--- a/global/overlay/etc/puppet/modules/eid/manifests/kvm_vms.pp
+++ b/global/overlay/etc/puppet/modules/eid/manifests/kvm_vms.pp
@ -1,5 +0,0 @@
 class eid::kvm_vms(
   Hash $vms
 ) {
  create_resources('eid::cloudimage', $vms)
 }
--- a/global/overlay/etc/puppet/modules/eid/manifests/kvmhost.pp
+++ b/global/overlay/etc/puppet/modules/eid/manifests/kvmhost.pp
@ -1,6 +1,7 @@
 class eid::kvmhost(
-  $proxy_server = hiera('eid_proxy_server'),
+  String $proxy_server = hiera('eid_proxy_server'),
-  $no_proxy     = hiera('eid_no_proxy'),
+  String $no_proxy     = hiera('eid_no_proxy'),
  Hash   $vms          = [],
 ) {
  file {
    '/etc/cosmos-manual-reboot':
@ -37,4 +38,6 @@ class eid::kvmhost(
      line     => '8021q',
      ;
  }
  create_resources('eduid::cloudimage', $vms)
 }