Skip to content
Snippets Groups Projects
Normal view Permalink
lb_bigip.pp 2.35 KiB
Newer Older
Srinivas Rao Puttagunta's avatar
lb::bigip more  
Srinivas Rao Puttagunta committed
1 2 
# Class to install required keytabs and lb::bigip module
Srinivas Rao Puttagunta's avatar
su_ldap: add lb_bigip class
Srinivas Rao Puttagunta committed
3 4 5 6 
class su_ldap::lb_bigip (
 $env  = undef,
){
Srinivas Rao Puttagunta's avatar
Add more keytabs  
Srinivas Rao Puttagunta committed
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 
  if $env == 'prod' {
    # Hardware load balancer support
    base::wallet { "ldap/ldap.stanford.edu":
      path    => '/etc/krb5.keytab',
      primary => false,
      require => Base::Wallet["ldap/$fqdn"],
      ensure  => present,
    }
    base::wallet { "ldap/ldap-lb.stanford.edu":
      path    => '/etc/krb5.keytab',
      primary => false,
      require => Base::Wallet["host/$fqdn"],
      ensure  => present,
    }
    base::wallet { "ldap/ldap-app.stanford.edu":
      path    => '/etc/krb5.keytab',
      primary => false,
      require => Base::Wallet["host/$fqdn"],
      ensure  => present,
    }
    base::wallet { "host/ldap.stanford.edu":
      path    => '/etc/krb5.keytab',
      primary => false,
      require => Base::Wallet["host/$fqdn"],
      ensure  => present,
    }
    base::wallet { "host/ldap-lb.stanford.edu":
      path    => '/etc/krb5.keytab',
      primary => false,
      require => Base::Wallet["host/$fqdn"],
      ensure  => present,
    }
    base::wallet { "host/ldap-app.stanford.edu":
      path    => '/etc/krb5.keytab',
      primary => false,
      require => Base::Wallet["host/$fqdn"],
      ensure  => present,
    }
    } else {
    # Hardware load balancer support
    base::wallet { "ldap/ldap-${env}.stanford.edu":
      path    => '/etc/krb5.keytab',
      primary => false,
      require => Base::Wallet["ldap/$fqdn"],
      ensure  => present,
    }
    base::wallet { "ldap/ldap-${env}-lb.stanford.edu":
      path    => '/etc/krb5.keytab',
      primary => false,
      require => Base::Wallet["host/$fqdn"],
      ensure  => present,
    }
    base::wallet { "host/ldap-${env}.stanford.edu":
      path    => '/etc/krb5.keytab',
      primary => false,
      require => Base::Wallet["host/$fqdn"],
      ensure  => present,
    }
    base::wallet { "host/ldap-${env}-lb.stanford.edu":
      path    => '/etc/krb5.keytab',
      primary => false,
      require => Base::Wallet["host/$fqdn"],
      ensure  => present,
     }
Srinivas Rao Puttagunta's avatar
su_ldap: add lb_bigip class
Srinivas Rao Puttagunta committed
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 
  }

  lb::bigip { 'ldap':
    ensure        => present,
    bigip_service => "ldap-${env}",
    remctl_cmd    => 'ldap-bigip',
    signal_port   => '8389',
  }
  file { '/etc/bigip/bigip.conf':
    ensure => present,
    mode   => '0664',
    source => 'puppet:///modules/su_ldap/etc/bigip/bigip.conf',
  }

}