feat: update puppetdb_api for multi-zone
- wait for the enc_role fact to be updated and match - move puppetdb db/api host values to common.yaml - add vault cert altnames for consul query/service addresses - add consul services/rules/checks
This commit is contained in:
@@ -6,37 +6,40 @@ class profiles::puppet::puppetdb_api (
|
||||
Hash $java_args = {},
|
||||
) {
|
||||
|
||||
class { 'java':
|
||||
package => 'java-11-openjdk-devel',
|
||||
before => Class['puppetdb::server'],
|
||||
}
|
||||
# wait for enc_role to match the required role
|
||||
if $facts['enc_role'] == 'roles::infra::puppetdb::api' {
|
||||
class { 'java':
|
||||
package => 'java-11-openjdk-devel',
|
||||
before => Class['puppetdb::server'],
|
||||
}
|
||||
|
||||
class { 'puppetdb::server':
|
||||
database_host => $postgres_host,
|
||||
manage_firewall => false,
|
||||
ssl_listen_address => $listen_address,
|
||||
listen_address => $listen_address,
|
||||
java_bin => $java_bin,
|
||||
java_args => $java_args,
|
||||
}
|
||||
class { 'puppetdb::server':
|
||||
database_host => $postgres_host,
|
||||
manage_firewall => false,
|
||||
ssl_listen_address => $listen_address,
|
||||
listen_address => $listen_address,
|
||||
java_bin => $java_bin,
|
||||
java_args => $java_args,
|
||||
}
|
||||
|
||||
contain ::puppetdb::server
|
||||
contain ::puppetdb::server
|
||||
|
||||
class { 'prometheus::puppetdb_exporter':
|
||||
puppetdb_url => "http://${listen_address}:8080/pdb/query",
|
||||
export_scrape_job => true,
|
||||
}
|
||||
class { 'prometheus::puppetdb_exporter':
|
||||
puppetdb_url => "http://${listen_address}:8080/pdb/query",
|
||||
export_scrape_job => true,
|
||||
}
|
||||
|
||||
# export haproxy balancemember
|
||||
profiles::haproxy::balancemember { "${facts['networking']['fqdn']}_8080":
|
||||
service => 'be_puppetdbapi',
|
||||
ports => [8080],
|
||||
options => [
|
||||
"cookie ${facts['networking']['hostname']}",
|
||||
'check',
|
||||
'inter 2s',
|
||||
'rise 3',
|
||||
'fall 2',
|
||||
]
|
||||
# export haproxy balancemember
|
||||
profiles::haproxy::balancemember { "${facts['networking']['fqdn']}_8080":
|
||||
service => 'be_puppetdbapi',
|
||||
ports => [8080],
|
||||
options => [
|
||||
"cookie ${facts['networking']['hostname']}",
|
||||
'check',
|
||||
'inter 2s',
|
||||
'rise 3',
|
||||
'fall 2',
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user