unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
481 Commits 18 Branches 0 Tags 3 MiB
b00781b604
Commit Graph

481 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ben Vincent
bed0ef3c79 feat: improve first run on el8 
- change defaults for yumrepo resources
 2024-05-12 15:06:47 +10:00
Ben Vincent
9eacb9ec08 Merge pull request 'fix: cobbler host' (#205) from neoloc/cobbler_server into develop 
Reviewed-on: unkinben/puppet-prod#205
 2024-05-11 22:40:09 +09:30
Ben Vincent
4a1848db38 fix: cobbler host 
- fixed name of cobbler host in yaml
 2024-05-11 23:09:30 +10:00
Ben Vincent
5577e368e9 Merge pull request 'chore: move pxeboot to syd1 cobbler' (#204) from neoloc/dhcp_syd1_cobbler into develop 
Reviewed-on: unkinben/puppet-prod#204
 2024-05-11 21:36:23 +09:30
Ben Vincent
dca99d2716 chore: move pxeboot to syd1 cobbler 
- update nameservers for syd1 to use local dns resolvers
- update pxeserver to au-syd1 cobbler
 2024-05-11 22:05:21 +10:00
Ben Vincent
ec6e49e37a Merge pull request 'feat: change cobbler master' (#203) from neoloc/cobbler_master into develop 
Reviewed-on: unkinben/puppet-prod#203
 2024-05-11 21:20:56 +09:30
Ben Vincent
3e233ea688 feat: change cobbler master 
- promote ausyd1nxvm1017
 2024-05-11 21:50:02 +10:00
Ben Vincent
fdb02277ec Merge pull request 'neoloc/edgecache' (#202) from neoloc/edgecache into develop 
Reviewed-on: unkinben/puppet-prod#202
 2024-05-11 21:18:05 +09:30
Ben Vincent
cb54cd2dba feat: add edgecache prepared_query 
- add edgecache as a prepared_query in consul
 2024-05-11 21:47:14 +10:00
Ben Vincent
4171427e7b feat: add edgecache role 
- add edge-caching role
- add mirror for debian, almalinux and epel repositories
- export service as edgecache in consul
 2024-05-11 21:46:20 +10:00
Ben Vincent
9edd060367 feat: deep merge /etc/hosts 
- allow managing /etc/hosts on multiple levels of hiera
 2024-05-11 21:45:24 +10:00
Ben Vincent
b66615a522 Merge pull request 'fix: move selinux profile to cobbler' (#201) from neoloc/selinux_fix into develop 
Reviewed-on: unkinben/puppet-prod#201
 2024-05-11 15:01:59 +09:30
Ben Vincent
eeb21081d3 Merge branch 'develop' into neoloc/selinux_fix 2024-05-11 15:01:38 +09:30
Ben Vincent
6633f07d8b feat: install policycoreutils 
- install policycoreutils on all almalinux releases
 2024-05-11 15:30:01 +10:00
Ben Vincent
a618962d07 fix: move selinux profile to cobbler 
- only import the selinux enforce profile in cobbler
 2024-05-11 15:22:16 +10:00
Ben Vincent
911e284586 Merge pull request 'fix: export cobbler DNS if is_cobbler_master' (#200) from neoloc/cobbler_dns into develop 
Reviewed-on: unkinben/puppet-prod#200
 2024-05-11 14:13:37 +09:30
Ben Vincent
a05f81799d fix: export cobbler DNS if is_cobbler_master 
- set prodinf01n48 as primary cobbler node
- ensure the cobbler DNS record is created
 2024-05-11 14:36:28 +10:00
Ben Vincent
ce3e0f2320 Merge pull request 'neoloc/cobbler_refacter' (#199) from neoloc/cobbler_refacter into develop 
Reviewed-on: unkinben/puppet-prod#199
 2024-05-09 22:45:33 +09:30
Ben Vincent
fee0bde604 feat: complete cobbler automation 
- add facts to manage the /var/www/cobbler and /data/cobbler directories
- move /var/www/cobbler -> /data/cobbler
- create symlink from /var/www/cobbler -> /data/cobbler
- ensure that cobbler nodes are set to permissive selinux mode
 2024-05-09 22:44:55 +10:00
Ben Vincent
72077d64a2 refactor: reconfigure cobbler to module style 
- split params into class
- split class into individual functions
 2024-05-07 22:44:01 +10:00
Ben Vincent
f4de86e877 Merge pull request 'feat: dhcp wait for enc_role fact' (#198) from neoloc/dhcp_wait_for_encrole into develop 
Reviewed-on: unkinben/puppet-prod#198
 2024-05-06 21:40:40 +09:30
Ben Vincent
8de1ed9766 feat: dhcp wait for enc_role fact 2024-05-06 22:07:39 +10:00
Ben Vincent
7ae9295ce6 Merge pull request 'chore: move dhcp hieradata to hieradata/role' (#197) from neoloc/syd1_dhcp into develop 
Reviewed-on: unkinben/puppet-prod#197
 2024-05-06 21:20:30 +09:30
Ben Vincent
c2e413c0fb chore: move dhcp hieradata to hieradata/role 2024-05-06 21:49:41 +10:00
Ben Vincent
7286dfe574 Merge pull request 'neoloc/consul_wan' (#196) from neoloc/consul_wan into develop 
Reviewed-on: unkinben/puppet-prod#196
 2024-05-06 20:10:02 +09:30
Ben Vincent
e9c7fbc2b5 feat: update puppetdb_api for multi-zone 
- wait for the enc_role fact to be updated and match
- move puppetdb db/api host values to common.yaml
- add vault cert altnames for consul query/service addresses
- add consul services/rules/checks
 2024-05-06 20:38:25 +10:00
Ben Vincent
14a56a41a2 Merge branch 'develop' into neoloc/consul_wan 
Conflicts:
	hieradata/common.yaml
 2024-05-05 18:01:41 +10:00
Ben Vincent
31f670ad18 Merge pull request 'neoloc/syd1_puppet' (#195) from neoloc/syd1_puppet into develop 
Reviewed-on: unkinben/puppet-prod#195
 2024-05-05 17:13:38 +09:30
Ben Vincent
6335167e3a feat: change clients to use puppet.query.consul 
- change all clients/servers to use puppet from consul service mesh
 2024-05-05 16:47:39 +10:00
Ben Vincent
f1ff7cb736 feat: distribute eyaml pub/priv key 
- distribute the private/public pem for eyaml via eyaml
 2024-05-05 16:25:18 +10:00
Ben Vincent
ff83e28413 Merge pull request 'feat: per-datacentre consul dns' (#194) from neoloc/consul_dns into develop 
Reviewed-on: unkinben/puppet-prod#194
 2024-05-04 16:00:55 +09:30
Ben Vincent
51bd1796ad feat: per-datacentre consul dns 
- change forwarding for consul to be per-datacentre to local consul
- change domain from service.consul -> consul so query.consul can be resolved
 2024-05-04 16:27:32 +10:00
Ben Vincent
fe296d52d9 feat: manage puppet/puppetca consul services 
- add puppet service
- add puppetca service
- add ability to write to puppet/puppetca service in consul
- add puppet.(query,service).consul to dns_alt_names of all masters
- add puppetca.(query,service).consul to dns_alt_names of puppetca
 2024-05-04 16:10:32 +10:00
Ben Vincent
8a241d6b96 feat: add prepared_query capabilities to consul 
- add prepared query for:
  - vault
  - puppet
  - puppetca
 2024-05-04 15:46:47 +10:00
Ben Vincent
6020143f76 feat: consul multi-datacentre joining 
- add method to join multiple consul datacentres
- set syd1 as the primary datacentre
- use default token from au-syd1 cluster in all locations
- add replication token
 2024-05-04 00:39:18 +10:00
Ben Vincent
df8a55c3dd feat: manage puppetca 
- manage the puppet ca.cfg
- distribute the crl.pem from the puppetca to masters
 2024-05-03 21:29:25 +10:00
Ben Vincent
052b07be83 chore: remove excessive comments 
- remove the excessive comments and notes at the top of the puppet classes
 2024-05-03 20:48:20 +10:00
Ben Vincent
a429255c63 feat: puppet server agent 
- add [agent] settings for puppetservers
 2024-05-03 20:46:01 +10:00
Ben Vincent
56b23620b7 refactor: reoganise the puppetserver profile 
- manage puppetserver package
- set order for puppetserver classes
- for profiles::puppet::server class:
  - set param types using stdlib where possible
  - set default values for all params
- move configuration data to hieradata
- wait for enc_role fact to match role
- exclude puppet::client from puppermaster nodes
 2024-05-02 23:32:32 +10:00
Ben Vincent
7dc2daf48f Merge pull request 'fix: add use_backend for drw1 haproxy' (#193) from neoloc/haproxy_drw1 into develop 
Reviewed-on: unkinben/puppet-prod#193
 2024-05-01 21:50:30 +09:30
Ben Vincent
95135fb58a fix: add use_backend for drw1 haproxy 2024-05-01 21:58:10 +10:00
Ben Vincent
38ee3ec218 Merge pull request 'feat: haproxy refactor' (#192) from neoloc/haproxy_frontent_hiera into develop 
Reviewed-on: unkinben/puppet-prod#192
 2024-05-01 18:38:32 +09:30
Ben Vincent
8697492611 feat: haproxy refactor 
- configure deep merging in hiera
- move fe_http and fe_https to hiera
- configure pve backends for standard and api traffic
 2024-05-01 19:02:03 +10:00
Ben Vincent
af8763b044 Merge pull request 'feat: sydney haproxy cluster' (#191) from neoloc/haproxy_syd1 into develop 
Reviewed-on: unkinben/puppet-prod#191
 2024-04-28 20:49:32 +09:30
Ben Vincent
220ac182f4 feat: sydney haproxy cluster 
- add au-syd1 halb cluster
- add http-response to frontends
- manage haproxy after enc_role is correct
 2024-04-28 21:14:36 +10:00
Ben Vincent
a141de8b74 Merge pull request 'neoloc/consul_services' (#190) from neoloc/consul_services into develop 
Reviewed-on: unkinben/puppet-prod#190
 2024-04-28 16:40:02 +09:30
Ben Vincent
587df5309f Merge branch 'develop' into neoloc/consul_services 
Conflicts:
	hieradata/common.yaml
	site/profiles/manifests/consul/client.pp
 2024-04-28 17:09:18 +10:00
Ben Vincent
926ed24070 Merge pull request 'feat: change forwarded domain for consul' (#189) from neoloc/consul_dns into develop 
Reviewed-on: unkinben/puppet-prod#189
 2024-04-28 16:37:09 +09:30
Ben Vincent
8df927de18 feat: add node_token to agent config 
- move policy rules to hiera array[hash]
- add node_token to agent as the default token
 2024-04-28 17:06:06 +10:00
Ben Vincent
dff3f93297 feat: change forwarded domain for consul 
- change forward lookup zone for consul from consul.service.consul -> service.consul
 2024-04-28 15:45:13 +10:00