diff --git a/inventory/group_vars/freshmaker-backend b/inventory/group_vars/freshmaker-backend new file mode 100644 index 0000000000..fa0c4d5368 --- /dev/null +++ b/inventory/group_vars/freshmaker-backend @@ -0,0 +1,47 @@ +--- +lvm_size: 20000 +mem_size: 4096 +num_cpus: 2 + +# Set this to True for the F28 release and onwards. +freezes: false + +tcp_ports: [ 3000, 3001, 3002, 3003, + 3004, 3005, 3006, 3007 ] + +# These people get told when something goes wrong. +fedmsg_error_recipients: +- ralph@fedoraproject.org +- jkaluza@fedoraproject.org +- cqi@fedoraproject.org +- qwan@fedoraproject.org + +# Neeed for rsync from log01 for logs. +custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] + +fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs,sysadmin-veteran + +# These are consumed by a task in roles/fedmsg/base/main.yml +fedmsg_certs: +- service: freshmaker + owner: fedmsg + group: fedmsg + can_send: [] + +# For the MOTD +csi_security_category: High +csi_primary_contact: Factory 2 factory2-members@fedoraproject.org +csi_purpose: Run the on-demand-compose-service backend scheduler. +csi_relationship: | + The freshmaker backend runs as a fedmsg-hub process here. + + It listens to events from fedmsg and requests rebuilds of compound + artifacts, mediated by some policy in the config. + + This host: + + - relies on db01 for its database of activity (what has been rebuilt?) + - Will need access to commit to the modules namespace of dist-git. + - Will need token-based access to ODCS to request repos. + - Will need token-based access to MBS to request module builds. + - Will need a kerberos principle to request container builds from koji/osbs. diff --git a/inventory/group_vars/freshmaker-backend-stg b/inventory/group_vars/freshmaker-backend-stg new file mode 100644 index 0000000000..4749f7e6ca --- /dev/null +++ b/inventory/group_vars/freshmaker-backend-stg @@ -0,0 +1,47 @@ +--- +lvm_size: 20000 +mem_size: 2048 +num_cpus: 2 + +# Set this to True for the F28 release and onwards. +freezes: false + +tcp_ports: [ 3000, 3001, 3002, 3003, + 3004, 3005, 3006, 3007 ] + +# These people get told when something goes wrong. +fedmsg_error_recipients: +- ralph@fedoraproject.org +- jkaluza@fedoraproject.org +- cqi@fedoraproject.org +- qwan@fedoraproject.org + +# Neeed for rsync from log01 for logs. +custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] + +fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs,sysadmin-veteran + +# These are consumed by a task in roles/fedmsg/base/main.yml +fedmsg_certs: +- service: freshmaker + owner: fedmsg + group: fedmsg + can_send: [] + +# For the MOTD +csi_security_category: High +csi_primary_contact: Factory 2 factory2-members@fedoraproject.org +csi_purpose: Run the on-demand-compose-service backend scheduler. +csi_relationship: | + The freshmaker backend runs as a fedmsg-hub process here. + + It listens to events from fedmsg and requests rebuilds of compound + artifacts, mediated by some policy in the config. + + This host: + + - relies on db01 for its database of activity (what has been rebuilt?) + - Will need access to commit to the modules namespace of dist-git. + - Will need token-based access to ODCS to request repos. + - Will need token-based access to MBS to request module builds. + - Will need a kerberos principle to request container builds from koji/osbs. diff --git a/inventory/group_vars/freshmaker-frontend b/inventory/group_vars/freshmaker-frontend new file mode 100644 index 0000000000..4fe7cfe21c --- /dev/null +++ b/inventory/group_vars/freshmaker-frontend @@ -0,0 +1,45 @@ +--- +lvm_size: 20000 +mem_size: 2048 +num_cpus: 2 + +# Set this to True for the F28 release and onwards. +freezes: false + +# Definining these vars has a number of effects +# 1) mod_wsgi is configured to use the vars for its own setup +# 2) iptables opens enough ports for all threads for fedmsg +# 3) roles/fedmsg/base/ declares enough fedmsg endpoints for all threads +wsgi_fedmsg_service: freshmaker +wsgi_procs: 2 +wsgi_threads: 2 + +tcp_ports: [ 80 ] + +# Neeed for rsync from log01 for logs. +custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] + +fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs,sysadmin-veteran + +# These are consumed by a task in roles/fedmsg/base/main.yml +fedmsg_certs: +- service: freshmaker + owner: fedmsg + group: fedmsg + can_send: [] + +# For the MOTD +csi_security_category: Moderate +csi_primary_contact: Factory 2 factory2-members@fedoraproject.org +csi_purpose: Run the freshmaker frontend API. +csi_relationship: | + The apache/mod_wsgi app is the only thing really running here + + It should only be used to report status on what's happening with the + freshmaker backend. The freshmaker frontend doesn't receive requests for + activity. + + This host: + + - relies on db01 for its database of activity (what rebuilds are in + progress, and why?) diff --git a/inventory/group_vars/freshmaker-frontend-stg b/inventory/group_vars/freshmaker-frontend-stg new file mode 100644 index 0000000000..d1547a1710 --- /dev/null +++ b/inventory/group_vars/freshmaker-frontend-stg @@ -0,0 +1,45 @@ +--- +lvm_size: 20000 +mem_size: 2048 +num_cpus: 1 + +# Set this to True for the F28 release and onwards. +freezes: false + +# Definining these vars has a number of effects +# 1) mod_wsgi is configured to use the vars for its own setup +# 2) iptables opens enough ports for all threads for fedmsg +# 3) roles/fedmsg/base/ declares enough fedmsg endpoints for all threads +wsgi_fedmsg_service: freshmaker +wsgi_procs: 2 +wsgi_threads: 2 + +tcp_ports: [ 80 ] + +# Neeed for rsync from log01 for logs. +custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] + +fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs,sysadmin-veteran + +# These are consumed by a task in roles/fedmsg/base/main.yml +fedmsg_certs: +- service: freshmaker + owner: fedmsg + group: fedmsg + can_send: [] + +# For the MOTD +csi_security_category: Moderate +csi_primary_contact: Factory 2 factory2-members@fedoraproject.org +csi_purpose: Run the freshmaker frontend API. +csi_relationship: | + The apache/mod_wsgi app is the only thing really running here + + It should only be used to report status on what's happening with the + freshmaker backend. The freshmaker frontend doesn't receive requests for + activity. + + This host: + + - relies on db01 for its database of activity (what rebuilds are in + progress, and why?) diff --git a/inventory/group_vars/odcs-backend b/inventory/group_vars/odcs-backend new file mode 100644 index 0000000000..6b2cb855f4 --- /dev/null +++ b/inventory/group_vars/odcs-backend @@ -0,0 +1,43 @@ +--- +lvm_size: 200000 +mem_size: 4096 +num_cpus: 2 + +# Set this to True for the F28 release and onwards. +freezes: false + +tcp_ports: [ 3000, 3001, 3002, 3003, + 3004, 3005, 3006, 3007 ] + +# These people get told when something goes wrong. +fedmsg_error_recipients: +- ralph@fedoraproject.org +- jkaluza@fedoraproject.org +- cqi@fedoraproject.org +- qwan@fedoraproject.org + +# Neeed for rsync from log01 for logs. +custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] + +fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs,sysadmin-veteran + +# These are consumed by a task in roles/fedmsg/base/main.yml +fedmsg_certs: +- service: odcs + owner: fedmsg + group: fedmsg + can_send: [] + +# For the MOTD +csi_security_category: Low +csi_primary_contact: Factory 2 factory2-members@fedoraproject.org +csi_purpose: Run the on-demand-compose-service backend scheduler. +csi_relationship: | + There is an odcs backend process running here. + + This host: + + - relies on db01 for its database of activity (what composes have been + requested and what state are they in?) + - Uses pungi to compose repos of content. + - It also *provides* an nfs share used by odcs-frontend01. diff --git a/inventory/group_vars/odcs-backend-stg b/inventory/group_vars/odcs-backend-stg new file mode 100644 index 0000000000..c4bfc4bb08 --- /dev/null +++ b/inventory/group_vars/odcs-backend-stg @@ -0,0 +1,43 @@ +--- +lvm_size: 40000 +mem_size: 2048 +num_cpus: 2 + +# Set this to True for the F28 release and onwards. +freezes: false + +tcp_ports: [ 3000, 3001, 3002, 3003, + 3004, 3005, 3006, 3007 ] + +# These people get told when something goes wrong. +fedmsg_error_recipients: +- ralph@fedoraproject.org +- jkaluza@fedoraproject.org +- cqi@fedoraproject.org +- qwan@fedoraproject.org + +# Neeed for rsync from log01 for logs. +custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] + +fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs,sysadmin-veteran + +# These are consumed by a task in roles/fedmsg/base/main.yml +fedmsg_certs: +- service: odcs + owner: fedmsg + group: fedmsg + can_send: [] + +# For the MOTD +csi_security_category: Low +csi_primary_contact: Factory 2 factory2-members@fedoraproject.org +csi_purpose: Run the on-demand-compose-service backend scheduler. +csi_relationship: | + There is an odcs backend process running here. + + This host: + + - relies on db01 for its database of activity (what composes have been + requested and what state are they in?) + - Uses pungi to compose repos of content. + - It also *provides* an nfs share used by odcs-frontend01. diff --git a/inventory/group_vars/odcs-frontend b/inventory/group_vars/odcs-frontend new file mode 100644 index 0000000000..fb2dba96b9 --- /dev/null +++ b/inventory/group_vars/odcs-frontend @@ -0,0 +1,44 @@ +--- +lvm_size: 20000 +mem_size: 2048 +num_cpus: 2 + +# Set this to True for the F28 release and onwards. +freezes: false + +# Definining these vars has a number of effects +# 1) mod_wsgi is configured to use the vars for its own setup +# 2) iptables opens enough ports for all threads for fedmsg +# 3) roles/fedmsg/base/ declares enough fedmsg endpoints for all threads +wsgi_fedmsg_service: odcs +wsgi_procs: 2 +wsgi_threads: 2 + +tcp_ports: [ 80 ] + +# Neeed for rsync from log01 for logs. +custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] + +fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs,sysadmin-veteran + +# These are consumed by a task in roles/fedmsg/base/main.yml +fedmsg_certs: +- service: odcs + owner: fedmsg + group: fedmsg + can_send: [] + +# For the MOTD +csi_security_category: Low +csi_primary_contact: Factory 2 factory2-members@fedoraproject.org +csi_purpose: Run the on-demand-compose-service frontend API. +csi_relationship: | + The apache/mod_wsgi app is the only thing really running here + + This host: + + - relies on db01 for its database of activity (what composes have been + requested and what state are they in?) + - It also mounts an nfs shared provided by odcs-backend01. + - It provides http access to the compose contents on that nfs share. + diff --git a/inventory/group_vars/odcs-frontend-stg b/inventory/group_vars/odcs-frontend-stg new file mode 100644 index 0000000000..fb2dba96b9 --- /dev/null +++ b/inventory/group_vars/odcs-frontend-stg @@ -0,0 +1,44 @@ +--- +lvm_size: 20000 +mem_size: 2048 +num_cpus: 2 + +# Set this to True for the F28 release and onwards. +freezes: false + +# Definining these vars has a number of effects +# 1) mod_wsgi is configured to use the vars for its own setup +# 2) iptables opens enough ports for all threads for fedmsg +# 3) roles/fedmsg/base/ declares enough fedmsg endpoints for all threads +wsgi_fedmsg_service: odcs +wsgi_procs: 2 +wsgi_threads: 2 + +tcp_ports: [ 80 ] + +# Neeed for rsync from log01 for logs. +custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] + +fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-mbs,sysadmin-veteran + +# These are consumed by a task in roles/fedmsg/base/main.yml +fedmsg_certs: +- service: odcs + owner: fedmsg + group: fedmsg + can_send: [] + +# For the MOTD +csi_security_category: Low +csi_primary_contact: Factory 2 factory2-members@fedoraproject.org +csi_purpose: Run the on-demand-compose-service frontend API. +csi_relationship: | + The apache/mod_wsgi app is the only thing really running here + + This host: + + - relies on db01 for its database of activity (what composes have been + requested and what state are they in?) + - It also mounts an nfs shared provided by odcs-backend01. + - It provides http access to the compose contents on that nfs share. + diff --git a/inventory/host_vars/freshmaker-backend01.phx2.fedoraproject.org b/inventory/host_vars/freshmaker-backend01.phx2.fedoraproject.org new file mode 100644 index 0000000000..a960a4d80c --- /dev/null +++ b/inventory/host_vars/freshmaker-backend01.phx2.fedoraproject.org @@ -0,0 +1,14 @@ +--- +nm: 255.255.255.0 +gw: 10.5.126.254 +dns: 10.5.126.21 + +ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7 +ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/ + +eth0_ip: 10.5.126.130 + +volgroup: /dev/vg_guests +vmhost: virthost19.phx2.fedoraproject.org + +datacenter: phx2 diff --git a/inventory/host_vars/freshmaker-backend01.stg.phx2.fedoraproject.org b/inventory/host_vars/freshmaker-backend01.stg.phx2.fedoraproject.org new file mode 100644 index 0000000000..0561a9d86d --- /dev/null +++ b/inventory/host_vars/freshmaker-backend01.stg.phx2.fedoraproject.org @@ -0,0 +1,14 @@ +--- +nm: 255.255.255.0 +gw: 10.5.126.254 +dns: 10.5.126.21 + +ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7 +ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/ + +eth0_ip: 10.5.126.138 + +volgroup: /dev/vg_guests +vmhost: virthost20.phx2.fedoraproject.org + +datacenter: phx2 diff --git a/inventory/host_vars/freshmaker-frontend01.phx2.fedoraproject.org b/inventory/host_vars/freshmaker-frontend01.phx2.fedoraproject.org new file mode 100644 index 0000000000..a0f89fabf7 --- /dev/null +++ b/inventory/host_vars/freshmaker-frontend01.phx2.fedoraproject.org @@ -0,0 +1,14 @@ +--- +nm: 255.255.255.0 +gw: 10.5.126.254 +dns: 10.5.126.21 + +ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7 +ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/ + +eth0_ip: 10.5.126.68 + +volgroup: /dev/vg_guests +vmhost: virthost22.phx2.fedoraproject.org + +datacenter: phx2 diff --git a/inventory/host_vars/freshmaker-frontend01.stg.phx2.fedoraproject.org b/inventory/host_vars/freshmaker-frontend01.stg.phx2.fedoraproject.org new file mode 100644 index 0000000000..b94a355ddf --- /dev/null +++ b/inventory/host_vars/freshmaker-frontend01.stg.phx2.fedoraproject.org @@ -0,0 +1,14 @@ +--- +nm: 255.255.255.0 +gw: 10.5.126.254 +dns: 10.5.126.21 + +ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7 +ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/ + +eth0_ip: 10.5.126.80 + +volgroup: /dev/vg_guests +vmhost: virthost20.phx2.fedoraproject.org + +datacenter: phx2 diff --git a/inventory/host_vars/odcs-backend01.phx2.fedoraproject.org b/inventory/host_vars/odcs-backend01.phx2.fedoraproject.org new file mode 100644 index 0000000000..228e8d64c6 --- /dev/null +++ b/inventory/host_vars/odcs-backend01.phx2.fedoraproject.org @@ -0,0 +1,14 @@ +--- +nm: 255.255.255.0 +gw: 10.5.126.254 +dns: 10.5.126.21 + +ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7 +ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/ + +eth0_ip: 10.5.126.65 + +volgroup: /dev/vg_guests +vmhost: virthost19.phx2.fedoraproject.org + +datacenter: phx2 diff --git a/inventory/host_vars/odcs-backend01.stg.phx2.fedoraproject.org b/inventory/host_vars/odcs-backend01.stg.phx2.fedoraproject.org new file mode 100644 index 0000000000..3636d0625f --- /dev/null +++ b/inventory/host_vars/odcs-backend01.stg.phx2.fedoraproject.org @@ -0,0 +1,14 @@ +--- +nm: 255.255.255.0 +gw: 10.5.126.254 +dns: 10.5.126.21 + +ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7 +ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/ + +eth0_ip: 10.5.126.67 + +volgroup: /dev/vg_guests +vmhost: virthost20.phx2.fedoraproject.org + +datacenter: phx2 diff --git a/inventory/host_vars/odcs-frontend01.phx2.fedoraproject.org b/inventory/host_vars/odcs-frontend01.phx2.fedoraproject.org new file mode 100644 index 0000000000..5a5e3dc644 --- /dev/null +++ b/inventory/host_vars/odcs-frontend01.phx2.fedoraproject.org @@ -0,0 +1,14 @@ +--- +nm: 255.255.255.0 +gw: 10.5.126.254 +dns: 10.5.126.21 + +ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7 +ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/ + +eth0_ip: 10.5.126.29 + +volgroup: /dev/vg_guests +vmhost: virthost22.phx2.fedoraproject.org + +datacenter: phx2 diff --git a/inventory/host_vars/odcs-frontend01.stg.phx2.fedoraproject.org b/inventory/host_vars/odcs-frontend01.stg.phx2.fedoraproject.org new file mode 100644 index 0000000000..f51e2ed7c9 --- /dev/null +++ b/inventory/host_vars/odcs-frontend01.stg.phx2.fedoraproject.org @@ -0,0 +1,14 @@ +--- +nm: 255.255.255.0 +gw: 10.5.126.254 +dns: 10.5.126.21 + +ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7 +ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/ + +eth0_ip: 10.5.126.45 + +volgroup: /dev/vg_guests +vmhost: virthost20.phx2.fedoraproject.org + +datacenter: phx2 diff --git a/inventory/inventory b/inventory/inventory index 337c95a58d..425380787b 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -47,6 +47,26 @@ retrace01.stg.phx2.fedoraproject.org [faf-stg] faf01.stg.phx2.fedoraproject.org +[freshmaker-frontend] +freshmaker-frontend01.phx2.fedoraproject.org + +[freshmaker-frontend-stg] +freshmaker-frontend01.stg.phx2.fedoraproject.org + +[freshmaker-backend] +freshmaker-backend01.phx2.fedoraproject.org + +[freshmaker-backend-stg] +freshmaker-backend01.stg.phx2.fedoraproject.org + +[freshmaker-stg:children] +freshmaker-frontend-stg +freshmaker-backend-stg + +[freshmaker:children] +freshmaker-frontend +freshmaker-backend + [ask] ask01.phx2.fedoraproject.org ask02.phx2.fedoraproject.org @@ -561,6 +581,26 @@ ns02.fedoraproject.org ns04.phx2.fedoraproject.org ns05.fedoraproject.org +[odcs-frontend] +odcs-frontend01.phx2.fedoraproject.org + +[odcs-frontend-stg] +odcs-frontend01.stg.phx2.fedoraproject.org + +[odcs-backend] +odcs-backend01.phx2.fedoraproject.org + +[odcs-backend-stg] +odcs-backend01.stg.phx2.fedoraproject.org + +[odcs-stg:children] +odcs-frontend-stg +odcs-backend-stg + +[odcs:children] +odcs-frontend +odcs-backend + [openqa] openqa01.qa.fedoraproject.org @@ -723,6 +763,8 @@ fas01.stg.phx2.fedoraproject.org fas3-01.stg.phx2.fedoraproject.org fedimg01.stg.phx2.fedoraproject.org fedocal01.stg.phx2.fedoraproject.org +freshmaker-frontend01.stg.phx2.fedoraproject.org +freshmaker-backend01.stg.phx2.fedoraproject.org github2fedmsg01.stg.phx2.fedoraproject.org hotness01.stg.phx2.fedoraproject.org kerneltest01.stg.phx2.fedoraproject.org @@ -774,6 +816,8 @@ mm-backend01.stg.phx2.fedoraproject.org mm-crawler01.stg.phx2.fedoraproject.org beaker-stg01.qa.fedoraproject.org zanata2fedmsg01.stg.phx2.fedoraproject.org +odcs-frontend01.stg.phx2.fedoraproject.org +odcs-backend01.stg.phx2.fedoraproject.org osbs-control01.stg.phx2.fedoraproject.org osbs-master01.stg.phx2.fedoraproject.org osbs-node01.stg.phx2.fedoraproject.org @@ -953,6 +997,7 @@ badges-backend busgateway bugyou fedimg +freshmaker-backend hotness mbs-backend notifs-backend @@ -967,6 +1012,7 @@ badges-backend-stg busgateway-stg bugyou-stg fedimg-stg +freshmaker-backend-stg hotness-stg mbs-backend-stg notifs-backend-stg