diff --git a/global/overlay/etc/puppet/cosmos-db.yaml b/global/overlay/etc/puppet/cosmos-db.yaml index e83c90cc..e57b018e 100644 --- a/global/overlay/etc/puppet/cosmos-db.yaml +++ b/global/overlay/etc/puppet/cosmos-db.yaml @@ -14,6 +14,9 @@ classes: connector.eidas.swedenconnect.se: frontends: [fe-fre-3.komreg.net, fe-tug-3.komreg.net] port: '443' + sunet::ntp: &id004 + disable_pool_ntp_org: true + set_servers: [ntp.se, ntp1.nordu.net, ntp2.nordu.net] sunet::rsyslog: null sunetops: null eidas-connector-2.sveidas.se: @@ -27,6 +30,7 @@ classes: mailclient: *id002 nrpe: null sunet::frontend::register_sites: *id003 + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eidas-connector-3.sveidas.se: @@ -40,6 +44,7 @@ classes: mailclient: *id002 nrpe: null sunet::frontend::register_sites: *id003 + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eidas-connector-4.sveidas.se: @@ -53,6 +58,7 @@ classes: mailclient: *id002 nrpe: null sunet::frontend::register_sites: *id003 + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eidas-node-1.qa.sveidas.se: @@ -70,6 +76,7 @@ classes: qa.connector.eidas.swedenconnect.se: frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -89,6 +96,7 @@ classes: qa.proxy.eidas.swedenconnect.se: frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -101,6 +109,7 @@ classes: mailclient: *id002 nrpe: null redis_cluster_node: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eidas-redis-2.sveidas.se: @@ -112,6 +121,7 @@ classes: mailclient: *id002 nrpe: null redis_cluster_node: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eidas-redis-3.sveidas.se: @@ -123,6 +133,7 @@ classes: mailclient: *id002 nrpe: null redis_cluster_node: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eidas-redis-4.sveidas.se: @@ -134,6 +145,7 @@ classes: mailclient: *id002 nrpe: null redis_cluster_node: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eidas-redis-fe-1.sveidas.se: @@ -144,7 +156,8 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null - redis_frontend_node: &id004 {hostname: redis.sveidas.se} + redis_frontend_node: &id005 {hostname: redis.sveidas.se} + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eidas-redis-fe-2.sveidas.se: @@ -155,39 +168,42 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null - redis_frontend_node: *id004 + redis_frontend_node: *id005 + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eidas-test-1.sveidas.se: autoupdate: null common: null eid::dockerhost: null - eidas_sp: &id005 {hostname: test.swedenconnect.se, version: 1.0.0} + eidas_sp: &id006 {hostname: test.swedenconnect.se, version: 1.0.0} entropyclient: null infra_ca_rp: null konsulter: null mailclient: *id002 nrpe: null servicemonitor: null - sunet::frontend::register_sites: &id006 + sunet::frontend::register_sites: &id007 sites: test.swedenconnect.se: frontends: [fe-fre-3.komreg.net, fe-tug-3.komreg.net] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eidas-test-2.sveidas.se: autoupdate: null common: null eid::dockerhost: null - eidas_sp: *id005 + eidas_sp: *id006 entropyclient: null infra_ca_rp: null konsulter: null mailclient: *id002 nrpe: null servicemonitor: null - sunet::frontend::register_sites: *id006 + sunet::frontend::register_sites: *id007 + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eumd-1.komreg.net: @@ -203,6 +219,7 @@ classes: md_signer: {dest_host: eupub-1.komreg.net, name: eidas-prod} metadatamgrs: null nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eumd-2.komreg.net: @@ -218,6 +235,7 @@ classes: md_signer: {dest_host: eupub-2.komreg.net, name: eidas-prod} metadatamgrs: null nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eupub-1.komreg.net: @@ -233,6 +251,7 @@ classes: md.eidas.swedenconnect.se: frontends: [fe-fre-3.komreg.net, fe-tug-3.komreg.net] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null eupub-2.komreg.net: @@ -248,6 +267,7 @@ classes: md.eidas.swedenconnect.se: frontends: [fe-fre-3.komreg.net, fe-tug-3.komreg.net] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null fe-fre-3.komreg.net: @@ -258,6 +278,7 @@ classes: mailclient: *id002 nrpe: null sunet::frontend::load_balancer: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null fe-tug-3.komreg.net: @@ -268,6 +289,7 @@ classes: mailclient: *id002 nrpe: null sunet::frontend::load_balancer: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null jmp.komreg.net: @@ -281,6 +303,7 @@ classes: metadatamgrs: null nrpe: null sunet::auditd: null + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -294,6 +317,7 @@ classes: mailclient: *id002 metadatamgrs: null nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null jump-tug-3.komreg.net: @@ -306,6 +330,7 @@ classes: mailclient: *id002 metadatamgrs: null nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null kvmeidas-fre-3.komreg.net: @@ -386,6 +411,7 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null kvmeidas-tug-3.komreg.net: @@ -466,6 +492,7 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null kvmfe-fre-3.komreg.net: @@ -479,6 +506,7 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null kvmfe-tug-3.komreg.net: @@ -492,6 +520,7 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null kvminfra-fre-3.komreg.net: @@ -515,6 +544,7 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null kvminfra-tug-3.komreg.net: @@ -535,6 +565,7 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null kvmmeta-fre-3.komreg.net: @@ -557,6 +588,7 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null kvmmeta-tug-3.komreg.net: @@ -579,6 +611,7 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null log-1.sveidas.se: @@ -588,7 +621,8 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null - sunet::rsyslog: &id007 {udp_client: 94.176.224.0/24, udp_port: 514} + sunet::ntp: *id004 + sunet::rsyslog: &id008 {udp_client: 94.176.224.0/24, udp_port: 514} sunetops: null log-2.sveidas.se: autoupdate: null @@ -597,7 +631,8 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null - sunet::rsyslog: *id007 + sunet::ntp: *id004 + sunet::rsyslog: *id008 sunetops: null log.qa.sveidas.se: autoupdate: null @@ -606,6 +641,7 @@ classes: infra_ca_rp: null mailclient: *id002 nrpe: null + sunet::ntp: *id004 sunet::rsyslog: {udp_port: 514} sunet_iaas_cloud: null sunetops: null @@ -622,6 +658,7 @@ classes: metadatamgrs: null nrpe: null openstack_dockerhost: null + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -637,6 +674,7 @@ classes: metadatamgrs: null nrpe: null openstack_dockerhost: null + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -648,6 +686,7 @@ classes: mailclient: *id002 nagios_monitor: null nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null natmd-1.komreg.net: @@ -663,6 +702,7 @@ classes: md_signer: {dest_host: natpub-1.komreg.net, name: natmd-prod} metadatamgrs: null nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null natmd-2.komreg.net: @@ -678,6 +718,7 @@ classes: md_signer: {dest_host: natpub-2.komreg.net, name: natmd-prod} metadatamgrs: null nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null natpub-1.komreg.net: @@ -693,6 +734,7 @@ classes: md.swedenconnect.se: frontends: [fe-fre-3.komreg.net, fe-tug-3.komreg.net] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null natpub-2.komreg.net: @@ -708,6 +750,7 @@ classes: md.swedenconnect.se: frontends: [fe-fre-3.komreg.net, fe-tug-3.komreg.net] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null nic.komreg.net: @@ -719,6 +762,7 @@ classes: mailclient: *id002 nagios_monitor: null nrpe: null + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -735,6 +779,7 @@ classes: qa.md.swedenconnect.se: frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -751,6 +796,7 @@ classes: qa.md.eidas.swedenconnect.se: frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -765,6 +811,7 @@ classes: openstack_dockerhost: null prid: {clients: prid_qa_clients, version: 1.0.1} servicemonitor: null + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -777,8 +824,9 @@ classes: konsulter: null mailclient: *id002 nrpe: null - prid: &id008 {clients: prid_prod_clients, version: 1.0.1} + prid: &id009 {clients: prid_prod_clients, version: 1.0.1} servicemonitor: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null prid-2.sveidas.se: @@ -790,8 +838,9 @@ classes: konsulter: null mailclient: *id002 nrpe: null - prid: *id008 + prid: *id009 servicemonitor: null + sunet::ntp: *id004 sunet::rsyslog: null sunetops: null r1.komreg.net: @@ -804,6 +853,7 @@ classes: nrpe: null openstack_dockerhost: null sunet::dehydrated: null + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -821,6 +871,7 @@ classes: qa.test.swedenconnect.se: frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -841,6 +892,7 @@ classes: qa.test.swedenconnect.se: frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -858,6 +910,7 @@ classes: swedenconnect.se: frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se] port: '443' + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -877,6 +930,7 @@ classes: swedenconnect.se: frontends: [se-fre-lb-1.sunet.se, se-tug-lb-1.sunet.se] port: '80' + sunet::ntp: *id004 sunet::rsyslog: null sunet_iaas_cloud: null sunetops: null @@ -1032,6 +1086,20 @@ members: eupub-1.komreg.net, eupub-2.komreg.net, natpub-1.komreg.net, natpub-2.komreg.net, p1.komreg.net, p2.qa.komreg.net, refidp-1.qa.sveidas.se, test-1.qa.sveidas.se, validator-1.qa.komreg.net, web-1.qa.sveidas.se] + sunet::ntp: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se, + eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, + eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se, + eidas-redis-4.sveidas.se, eidas-redis-fe-1.sveidas.se, eidas-redis-fe-2.sveidas.se, + eidas-test-1.sveidas.se, eidas-test-2.sveidas.se, eumd-1.komreg.net, eumd-2.komreg.net, + eupub-1.komreg.net, eupub-2.komreg.net, fe-fre-3.komreg.net, fe-tug-3.komreg.net, + jmp.komreg.net, jump-fre-3.komreg.net, jump-tug-3.komreg.net, kvmeidas-fre-3.komreg.net, + kvmeidas-tug-3.komreg.net, kvmfe-fre-3.komreg.net, kvmfe-tug-3.komreg.net, kvminfra-fre-3.komreg.net, + kvminfra-tug-3.komreg.net, kvmmeta-fre-3.komreg.net, kvmmeta-tug-3.komreg.net, + log-1.sveidas.se, log-2.sveidas.se, log.qa.sveidas.se, md-eu1.qa.komreg.net, md1.komreg.net, + monitor-fre-3.komreg.net, natmd-1.komreg.net, natmd-2.komreg.net, natpub-1.komreg.net, + natpub-2.komreg.net, nic.komreg.net, p1.komreg.net, p2.qa.komreg.net, prid-1.qa.sveidas.se, + prid-1.sveidas.se, prid-2.sveidas.se, r1.komreg.net, refidp-1.qa.sveidas.se, test-1.qa.sveidas.se, + validator-1.qa.komreg.net, web-1.qa.sveidas.se] sunet::rsyslog: [eidas-connector-1.sveidas.se, eidas-connector-2.sveidas.se, eidas-connector-3.sveidas.se, eidas-connector-4.sveidas.se, eidas-node-1.qa.sveidas.se, eidas-proxy-1.qa.sveidas.se, eidas-redis-1.sveidas.se, eidas-redis-2.sveidas.se, eidas-redis-3.sveidas.se,