Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

repospanner/ansible: Move back to the old cluster setup on new ports

Browse source 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2019-04-04 18:47:12 +00:00
parent 196531940c
commit 1180728939
6 changed files with 41 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

2
inventory/group_vars/batcave
View file

@ -3,7 +3,7 @@ lvm_size: 500000
mem_size: 24576 mem_size: 24576
num_cpus: 10 num_cpus: 10
tcp_ports: [ 80, 443, 8443, 8444 ] tcp_ports: [ 80, 443, 8442, 8443 ]
# Neeed for rsync from log01 for logs. # Neeed for rsync from log01 for logs.
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]

2
inventory/group_vars/pagure
View file

@ -8,7 +8,7 @@ num_cpus: 12
# the host_vars/$hostname file # the host_vars/$hostname file
tcp_ports: [ 22, 25, 80, 443, 9418, tcp_ports: [ 22, 25, 80, 443, 9418,
8443, 8444, 8442, 8443,
# Used for the eventsource # Used for the eventsource
8088, 8088,
# This is for the pagure public fedmsg relay # This is for the pagure public fedmsg relay

2
inventory/group_vars/repospanner
View file

@ -19,5 +19,7 @@ custom_rules: [ '-A INPUT -p tcp -m tcp -s 8.43.84.211 --dport 8443:8445 -j ACCE
'-A INPUT -p tcp -m tcp -s 192.168.1.184 --dport 8443:8445 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.184 --dport 8443:8445 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 192.168.1.185 --dport 8443:8445 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.185 --dport 8443:8445 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 10.5.126.23 --dport 8443:8445 -j ACCEPT'] '-A INPUT -p tcp -m tcp -s 10.5.126.23 --dport 8443:8445 -j ACCEPT']
'-A INPUT -p tcp -m tcp -s 192.168.1.41 --dport 8442:8443 -j ACCEPT']
'-A INPUT -p tcp -m tcp -s 192.168.100.8 --dport 8442:8443 -j ACCEPT']
## End of file ## End of file

10
playbooks/groups/batcave.yml
View file

@ -31,7 +31,15 @@
SSLCertificateChainFile: "{{wildcard_int_file}}" SSLCertificateChainFile: "{{wildcard_int_file}}"
- openvpn/client - openvpn/client
- batcave - batcave
- { role: repospanner/server, when: inventory_hostname.startswith('batcave01'), node: batcave01, region: ansible, spawn_repospanner_node: false, join_repospanner_node: repospanner01.ansible.fedoraproject.org } - { role: repospanner/server,
node: batcave01,
region: ansible,
spawn_repospanner_node: false,
join_repospanner_node: repospanner01.ansible.fedoraproject.org
rpc_port: 8442,
http_port: 8443,
when: inventory_hostname == 'batcave01.phx2.fedoraproject.org'
}
- { role: nfs/client, when: inventory_hostname.startswith('batcave'), mnt_dir: '/srv/web/pub', nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub' } - { role: nfs/client, when: inventory_hostname.startswith('batcave'), mnt_dir: '/srv/web/pub', nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub' }
- { role: nfs/client, when: inventory_hostname.startswith('batcave01'), mnt_dir: '/mnt/fedora/app', nfs_src_dir: 'fedora_app/app' } - { role: nfs/client, when: inventory_hostname.startswith('batcave01'), mnt_dir: '/mnt/fedora/app', nfs_src_dir: 'fedora_app/app' }

11
playbooks/groups/pagure.yml
View file

@ -56,7 +56,16 @@
roles: roles:
- pagure/frontend - pagure/frontend
- pagure/fedmsg - pagure/fedmsg
- { role: repospanner/server, when: inventory_hostname.startswith('pagure01'), node: pagure01, region: ansible, spawn_repospanner_node: false, join_repospanner_node: repospanner01.ansible.fedoraproject.org } - { role: repospanner/server,
node: pagure01,
region: ansible,
spawn_repospanner_node: false,
join_repospanner_node: repospanner01.ansible.fedoraproject.org
rpc_port: 8442,
http_port: 8443,
when: inventory_hostname == 'pagure01.fedoraproject.org'
}
handlers: handlers:
- import_tasks: "{{ handlers_path }}/restart_services.yml" - import_tasks: "{{ handlers_path }}/restart_services.yml"

36
playbooks/groups/repospanner.yml
View file

@ -32,24 +32,24 @@
http_port: 8443, http_port: 8443,
when: inventory_hostname == 'repospanner01.phx2.fedoraproject.org' when: inventory_hostname == 'repospanner01.phx2.fedoraproject.org'
} }
- { role: repospanner/server, # - { role: repospanner/server,
node: repospanner02, # node: repospanner02,
region: ansible, # region: ansible,
spawn_repospanner_node: false, # spawn_repospanner_node: false,
join_repospanner_node: repospanner01.ansible.fedoraproject.org, # join_repospanner_node: repospanner01.ansible.fedoraproject.org,
rpc_port: 8442, # rpc_port: 8442,
http_port: 8443, # http_port: 8443,
when: inventory_hostname == 'repospanner-cc-rdu01.fedoraproject.org' # when: inventory_hostname == 'repospanner-cc-rdu01.fedoraproject.org'
} # }
- { role: repospanner/server, # - { role: repospanner/server,
node: repospanner03, # node: repospanner03,
region: ansible, # region: ansible,
spawn_repospanner_node: false, # spawn_repospanner_node: false,
join_repospanner_node: repospanner01.ansible.fedoraproject.org, # join_repospanner_node: repospanner01.ansible.fedoraproject.org,
rpc_port: 8442, # rpc_port: 8442,
http_port: 8443, # http_port: 8443,
when: inventory_hostname == 'repospanner-osuosl01.fedoraproject.org' # when: inventory_hostname == 'repospanner-osuosl01.fedoraproject.org'
} # }
## The RPMs region is used to sync up pkgs from Fedora and CentOS. The ## The RPMs region is used to sync up pkgs from Fedora and CentOS. The
## CentOS nodes are the spawn leaders for this as they are getting data ## CentOS nodes are the spawn leaders for this as they are getting data