subnets/vagrant: Adapt pergamon manifests
ClosedPublic
Actions

Authored by ardumont on May 20 2021, 11:00 AM.

Details

Reviewers

vsellier

Group Reviewers

System administrators

Maniphest Tasks

T3325: Vagrantify puppet master

Commits

rSPSITE858145108552: create missing apache root directories
rSPSITE2664cb658f61: vagrant: Specialize codedir according to the subnets
rSPSITE832b96db800c: Add public pergamon's fqdn
rSPSITEdb0096c64d86: swh_sysadmin: Make letsencrypt profile optional for vagrant subnet
rSPSITE5293ec68344c: vagrant: Configure puppetdb
rSPSITE234aea3ff783: subnets/vagrant: Make puppet master autosign certificates
rSPSITEd1691d3c0265: Avoid dns issues during the node initialization in vagrant
rSPSITEee28840dd55a: export_archive_counters.pp: Fix directory warning
rSPSITE4a95822d878d: Ensure the puppetdb configuration directory exists

Summary

The goal is to allow puppet agent --test runs from within vagrant vms the same way
our current deployment does. So starting the pergamon node and other nodes and let the
communication through puppet agent work.

This is now possible with the adaptations from the Vagrantfile (already landed) and the
following.

To sum up the following adapts the pergamon roles to:

Add public pergamon's fqdn (so the ip resolves correctly to the vm node)
vagrant: Configure puppetdb
swh_sysadmin: Make letsencrypt profile optional for vagrant subnet (as we already have some self-signed and generated certificates there)
Ensure the puppetdb configuration directory exists
subnets/vagrant: Make puppet master autosign certificates

This also fixes a couple of papercuts put forwards since we created the node from
scratch:

Fix missing directory warning for the export_archive_counters.pp profile
Add missing apache vhost directory creations

(there are still some but that would be dealt with a bit later)

Related to T3325

Test Plan

Vagrant tests:

Start the puppet master node:

vagrant up --provision pergamon
vagrant provision pergamon  # [1]

Start other nodes (one for production, another for staging)

vagrant up logstash0
vagrant up staging-worker0

Then connet to the nodes and trigger puppet agent

# vagrant ssh logstash0
$ puppet agent --test

it works, the node updates according to the pergamon instance ^

octocatalog:

bin/octocatalog-diff --octocatalog-diff-args --no-truncate-details --to staging pergamon
Found host pergamon.softwareheritage.org
*******************************************
+ Exec[create /srv/softwareheritage/annex/webroot] =>
   parameters =>
      "command": "mkdir -p /srv/softwareheritage/annex/webroot"
      "creates": "/srv/softwareheritage/annex/webroot"
      "path": ["/bin", "/usr/bin", "/sbin", "/usr/sbin"]
*******************************************
+ Exec[create /srv/softwareheritage/bitbucket-archive/webroot] =>
   parameters =>
      "command": "mkdir -p /srv/softwareheritage/bitbucket-archive/webroot"
      "creates": "/srv/softwareheritage/bitbucket-archive/webroot"
      "path": ["/bin", "/usr/bin", "/sbin", "/usr/sbin"]
*******************************************
+ Exec[create /srv/softwareheritage/docs/webroot] =>
   parameters =>
      "command": "mkdir -p /srv/softwareheritage/docs/webroot"
      "creates": "/srv/softwareheritage/docs/webroot"
      "path": ["/bin", "/usr/bin", "/sbin", "/usr/sbin"]
*******************************************
+ File[/usr/local/share/swh-data] =>
   parameters =>
      "ensure": "directory"
      "group": "root"
      "mode": "0755"
      "owner": "root"
*******************************************
*** End octocatalog-diff on pergamon.softwareheritage.org

[1] for some unknown reasons as of yet this needs a second provision run [1] so the
puppetdb installs finalize correctly. We kept this out of scope as we time boxed it.