summaryrefslogtreecommitdiff
path: root/global/overlay/etc/puppet/manifests/cosmos-site.pp
diff options
context:
space:
mode:
Diffstat (limited to 'global/overlay/etc/puppet/manifests/cosmos-site.pp')
-rw-r--r--global/overlay/etc/puppet/manifests/cosmos-site.pp83
1 files changed, 43 insertions, 40 deletions
diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp
index 2713ea3..b7b1601 100644
--- a/global/overlay/etc/puppet/manifests/cosmos-site.pp
+++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp
@@ -128,6 +128,7 @@ node 'datasets.sunet.se' {
}
node 'docker.sunet.se' {
+ class { 'sunet::nagios': }
docker::image {'registry': }
docker::image {'leifj/pound': }
docker::run {'sunetregistry':
@@ -375,7 +376,7 @@ class sunet-dhcp-hosts {
dhcp::host { 'mq-tug-3': mac => "52:54:00:03:00:22", ip => "130.242.130.22"; }
dhcp::host { 'worker-tug-3': mac => "52:54:00:03:00:23", ip => "130.242.130.23"; }
dhcp::host { 'signup-tug-3': mac => "52:54:00:03:00:24", ip => "130.242.130.24"; }
- dhcp::host { 'helpdesk-tug-3': mac => "52:54:00:03:00:25", ip => "130.242.130.25"; }
+ dhcp::host { 'dashboard-tug-3': mac => "52:54:00:03:00:25", ip => "130.242.130.25"; }
dhcp::host { 'www-tug-3': mac => "52:54:00:03:00:26", ip => "130.242.130.26"; }
dhcp::host { 'monitor-tug-3': mac => "52:54:00:03:00:27", ip => "130.242.130.27"; }
@@ -536,7 +537,6 @@ class sunet-dhcp-hosts {
dhcp::host { 'registry.swamid': mac => "52:54:00:52:53:0b", ip => "130.242.125.90" }
dhcp::host { 'mdx1.swamid': mac => "52:54:00:fe:bc:09", ip => "130.242.125.91" }
dhcp::host { 'mdx2.swamid': mac => "52:54:00:30:be:dd", ip => "130.242.125.92" }
-
}
class sshaccess {
@@ -697,7 +697,7 @@ node 'cdr1.sunet.se' {
}
node 'sto-tug-kvm2.swamid.se' {
- #class { 'fail2ban': }
+ class { 'sunet::nagios': }
file {'/var/docker':
ensure => 'directory',
} ->
@@ -713,6 +713,10 @@ node 'sto-tug-kvm2.swamid.se' {
username => 'www-data',
group => 'www-data',
} ->
+ sunet::system_user {'memcache-system-user':
+ username => 'memcache',
+ group => 'memcache',
+ } ->
file {'/var/docker/postgresql_data':
ensure => 'directory',
owner => 'postgres',
@@ -751,10 +755,13 @@ node 'sto-tug-kvm2.swamid.se' {
image => 'docker.sunet.se/flog/flog_app',
volumes => ['/opt/flog/dotenv:/opt/flog/.env','/var/log/flog/:/opt/flog/logs/'],
} ->
+ sunet::docker_run {'memcached':
+ image => 'docker.sunet.se/library/memcached',
+ } ->
sunet::docker_run {'flog_nginx':
- image => 'docker.sunet.se/flog/nginx',
- ports => ['80:80', '443:443'],
- volumes => ['/opt/flog/nginx/sites-enabled/:/etc/nginx/sites-enabled/','/opt/flog/nginx/certs/:/etc/nginx/certs', '/var/log/flog_nginx/:/var/log/nginx'],
+ image => 'docker.sunet.se/flog/nginx',
+ ports => ['80:80', '443:443'],
+ volumes => ['/opt/flog/nginx/sites-enabled/:/etc/nginx/sites-enabled/','/opt/flog/nginx/certs/:/etc/nginx/certs', '/var/log/flog_nginx/:/var/log/nginx'],
}
}
@@ -806,54 +813,50 @@ class entropyserver {
}
}
-class fail2ban {
-
- include augeas
-
- package {'fail2ban': ensure => 'latest'}
- augeas { "fail2ban_defaults":
- incl => "/etc/fail2ban/jail.conf",
- lens => "Shellvars.lns",
- changes => [
- 'set bantime "604800"',
- ],
- notify => Service['fail2ban'],
- }
-}
-
-define etcd_node($peers_file=undef,$cluster_name="etcd") {
- file { ["/data","/data/${cluster_name}","/data/${cluster_name}/${name}"]: ensure => 'directory' }
- sunet::docker_run { 'etcd_${name}':
- image => 'quay.io/coreos/etcd',
- extra_parameters => ["-initial-advertise-peer-urls http://${::ipaddress_eth1}:8001",
- "-listen-peer-urls http://${::ipaddress_eth1}:8001",
- "-advertise-client-urls http://${::ipaddress_eth1}:5001",
- "-listen-client-urls http://${::ipaddress_eth1}:5001",
- "-name ${::hostname}",
- "-data-dir /data/${cluster_name}/${name}",
- "-initial-cluster-token ${cluster_name}",
- "-peers-file ${peers_file}"],
- ports => ["8001:8001","5001:5001"]
-
-
- }
-}
-
class quantis {
apt::ppa {'ppa:ndn/quantispci': }
package {'quantispci-dkms': }
}
class webcommon {
+ file {"/data": ensure => directory }
+ sunet::docker_run{"web_registrator":
+ image => "gliderlabs/registrator",
+ imagetag => "latest",
+ hostname => "${::fqdn}",
+ volumes => ["/var/run/docker.sock:/tmp/docker.sock"],
+ command => "etcd://etcd_sunetweb.docker:4001/services"
+ }
}
class webfrontend {
class { 'webcommon': }
docker::image {'docker.sunet.se/pound': }
- docker::image {'docker.sunet.se/varnish': }
+ sunet::etcd_node {'sunetweb':
+ disco_url => 'https://discovery.etcd.io/877f25988ea1e8bb8c9a49f2ad5f5f6a',
+ proxy => true
+ } ->
+ sunet::docker_run{"varnish":
+ image => "docker.sunet.se/varnish-auto",
+ imagetag => "latest",
+ env => ["ETCD_URL=http://etcd_sunetweb.docker:4001"],
+ ports => ["80:80"],
+ }
}
class webappserver {
+ sunet::etcd_node {'sunetweb':
+ disco_url => 'https://discovery.etcd.io/877f25988ea1e8bb8c9a49f2ad5f5f6a',
+ proxy => true
+ }
+ class { 'webcommon': }
+}
+
+class webbackend {
+ sunet::etcd_node {'sunetweb':
+ disco_url => 'https://discovery.etcd.io/877f25988ea1e8bb8c9a49f2ad5f5f6a',
+ proxy => false
+ }
class { 'webcommon': }
}