From 303b531da76af98b21419607f96e279a4e2baf8f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= Date: Thu, 6 Jun 2024 07:06:31 +0200 Subject: [PATCH] Mirrormanager: restore the expire-old-repo manual playbook MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurélien Bompard --- .../releng-emergency-expire-old-repo.yml | 40 ++++++++---- .../templates/cmd-emergency-expire-repo.yml | 65 +++++++++++++++++++ .../mirrormanager/templates/configmap.yml | 2 + .../templates/emergency-expire-repo.sh | 8 +++ 4 files changed, 102 insertions(+), 13 deletions(-) create mode 100644 roles/openshift-apps/mirrormanager/templates/cmd-emergency-expire-repo.yml create mode 100644 roles/openshift-apps/mirrormanager/templates/emergency-expire-repo.sh diff --git a/playbooks/manual/releng-emergency-expire-old-repo.yml b/playbooks/manual/releng-emergency-expire-old-repo.yml index 0146cc900a..c370c3def3 100644 --- a/playbooks/manual/releng-emergency-expire-old-repo.yml +++ b/playbooks/manual/releng-emergency-expire-old-repo.yml @@ -15,24 +15,38 @@ # Possible product: Fedora/EPEL/RHEL - name: Expire old repo files - hosts: mm-backend01.iad2.fedoraproject.org - become_user: mirrormanager + # hosts: os_control + # Testing for now: + hosts: os_control_stg + user: root gather_facts: False vars_files: - - /srv/web/infra/ansible/vars/global.yml - - "/srv/private/ansible/vars.yml" - - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + - /srv/web/infra/ansible/vars/apps/mirrormanager.yml + + vars: + app: mirrormanager + job_name: cmd-emergency-expire-repo-{{ product|lower|replace(" ", "-") }}-{{ version|lower|replace(" ", "-") }} tasks: - - name: Expire old files - command: /usr/bin/mm2_emergency-expire-repo {{product}} {{version}} - - name: Recreate pickle - command: /usr/bin/mm2_update-mirrorlist-server + - name: Validate parameters + assert: + that: + - product is defined + - version is defined + fail_msg: "You need to define product and version" - - name: Sync the pickle - command: /usr/local/bin/sync_pkl_to_mirrorlists.sh + - include_role: + name: openshift/object + vars: + template: cmd-emergency-expire-repo.yml - handlers: - - import_tasks: "{{ handlers_path }}/restart_services.yml" + - debug: + msg: "You can watch the logs with 'oc -n {{ app }} logs -f job/{{ job_name }}'" + + - name: Wait for the command to complete + shell: oc -n {{ app }} wait --for=condition=Complete job/{{ job_name }} diff --git a/roles/openshift-apps/mirrormanager/templates/cmd-emergency-expire-repo.yml b/roles/openshift-apps/mirrormanager/templates/cmd-emergency-expire-repo.yml new file mode 100644 index 0000000000..d7d849438f --- /dev/null +++ b/roles/openshift-apps/mirrormanager/templates/cmd-emergency-expire-repo.yml @@ -0,0 +1,65 @@ +# Manual command +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ job_name }} +spec: + parallelism: 1 + completions: 1 + activeDeadlineSeconds: 1800 + backoffLimit: 3 + template: + name: {{ job_name }} + spec: + restartPolicy: Never + containers: + - name: mirrormanager + image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest + command: + - "bash" + - "/opt/scripts/emergency-expire-repo.sh" + - "{{ product }}" + - "{{ version }}" + env: + # Defaults to 80 columns, not very readable + - name: COLUMNS + value: "160" + volumeMounts: + - name: config + mountPath: "/etc/mirrormanager" + readOnly: true + - name: scripts + mountPath: "/opt/scripts" + readOnly: true + - name: ssh-key + mountPath: /etc/mirrormanager-ssh/ssh_mirrorlist_proxies.key + subPath: ssh_mirrorlist_proxies.key + readOnly: true + - name: data + mountPath: /data + - name: var-lib + mountPath: "/var/lib/mirrormanager" + - name: logs + mountPath: "/var/log/mirrormanager" + volumes: + - name: config + configMap: + name: config + - name: scripts + configMap: + name: scripts + - name: ssh-key + secret: + secretName: ssh-mirrorlist-proxies-key + - name: data + persistentVolumeClaim: + claimName: mirrorlist-cache + - name: var-lib + persistentVolumeClaim: + claimName: data + - name: logs + persistentVolumeClaim: + claimName: logs + securityContext: + supplementalGroups: [1001280000] diff --git a/roles/openshift-apps/mirrormanager/templates/configmap.yml b/roles/openshift-apps/mirrormanager/templates/configmap.yml index b656326062..97442c952d 100644 --- a/roles/openshift-apps/mirrormanager/templates/configmap.yml +++ b/roles/openshift-apps/mirrormanager/templates/configmap.yml @@ -48,3 +48,5 @@ items: {{ load_file('update-mirrorlist-cache.sh') | indent(6) }} primary-mirror-wrapper.sh: |- {{ load_file('primary-mirror-wrapper.sh') | indent(6) }} + emergency-expire-repo.sh: |- + {{ load_file('emergency-expire-repo.sh') | indent(6) }} diff --git a/roles/openshift-apps/mirrormanager/templates/emergency-expire-repo.sh b/roles/openshift-apps/mirrormanager/templates/emergency-expire-repo.sh new file mode 100644 index 0000000000..bc1931d8c8 --- /dev/null +++ b/roles/openshift-apps/mirrormanager/templates/emergency-expire-repo.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +MM_ROOT=/opt/app-root + +set -e + +${MM_ROOT}/bin/mm2_emergency-expire-repo $@ +bash /opt/scripts/update-mirrorlist-cache.sh