ocp / proxies: add ocp4 to staging proxies
We first add a website to proxies-websites, then information to proxies-reverseproxy about the load-balancer/site, then finally vars about which hosts are in which blanacer. We still need to get ssl certs issued, which we can do via dns challenge and certbot. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi
parent
25dd467819
commit
786bf4e138
3 changed files with 56 additions and 0 deletions
|
|
@ -100,3 +100,13 @@ openshift_nodes:
|
||||||
- os-node02.stg.iad2.fedoraproject.org
|
- os-node02.stg.iad2.fedoraproject.org
|
||||||
- os-node03.stg.iad2.fedoraproject.org
|
- os-node03.stg.iad2.fedoraproject.org
|
||||||
- os-node04.stg.iad2.fedoraproject.org
|
- os-node04.stg.iad2.fedoraproject.org
|
||||||
|
|
||||||
|
ocp_masters:
|
||||||
|
- ocp01.ocp.stg.iad2.fedoraproject.org
|
||||||
|
- ocp02.ocp.stg.iad2.fedoraproject.org
|
||||||
|
- ocp03.ocp.stg.iad2.fedoraproject.org
|
||||||
|
|
||||||
|
ocp_nodes:
|
||||||
|
- worker01.ocp.stg.iad2.fedoraproject.org
|
||||||
|
- worker02.ocp.stg.iad2.fedoraproject.org
|
||||||
|
- worker03.ocp.stg.iad2.fedoraproject.org
|
||||||
|
|
|
||||||
|
|
@ -608,6 +608,28 @@
|
||||||
tags:
|
tags:
|
||||||
- app.os.fedoraproject.org
|
- app.os.fedoraproject.org
|
||||||
|
|
||||||
|
- role: httpd/reverseproxy
|
||||||
|
website: "ocp{{ env_suffix }}.fedoraproject.org"
|
||||||
|
destname: ocp
|
||||||
|
balancer_name: ocp
|
||||||
|
targettype: openshift
|
||||||
|
balancer_members: "{{ ocp_masters }}"
|
||||||
|
keephost: true
|
||||||
|
tags:
|
||||||
|
- ocp.fedoraproject.org
|
||||||
|
when: env == "staging"
|
||||||
|
|
||||||
|
- role: httpd/reverseproxy
|
||||||
|
website: "app.ocp{{ env_suffix }}.fedoraproject.org"
|
||||||
|
destname: app.ocp
|
||||||
|
balancer_name: app-ocp
|
||||||
|
targettype: openshift
|
||||||
|
balancer_members: "{{ ocp_nodes }}"
|
||||||
|
keephost: true
|
||||||
|
tags:
|
||||||
|
- app.ocp.fedoraproject.org
|
||||||
|
when: env == "staging"
|
||||||
|
|
||||||
- role: httpd/reverseproxy
|
- role: httpd/reverseproxy
|
||||||
website: "provision{{ env_suffix }}.fedoraproject.org"
|
website: "provision{{ env_suffix }}.fedoraproject.org"
|
||||||
destname: zezere
|
destname: zezere
|
||||||
|
|
|
||||||
|
|
@ -682,6 +682,30 @@
|
||||||
tags:
|
tags:
|
||||||
- app.os.stg.fedoraproject.org
|
- app.os.stg.fedoraproject.org
|
||||||
|
|
||||||
|
- role: httpd/website
|
||||||
|
site_name: ocp.stg.fedoraproject.org
|
||||||
|
sslonly: true
|
||||||
|
cert_name: "{{wildcard_cert_name}}"
|
||||||
|
# The Connection and Upgrade headers don't work for h2
|
||||||
|
# So non-h2 is needed to fix websockets.
|
||||||
|
use_h2: false
|
||||||
|
tags:
|
||||||
|
- ocp.stg.fedoraproject.org
|
||||||
|
when: env == "staging"
|
||||||
|
|
||||||
|
- role: httpd/website
|
||||||
|
site_name: app.ocp.stg.fedoraproject.org
|
||||||
|
server_aliases: ["*.app.ocp.stg.fedoraproject.org"]
|
||||||
|
sslonly: true
|
||||||
|
cert_name: "{{os_wildcard_cert_name}}"
|
||||||
|
SSLCertificateChainFile: "{{os_wildcard_int_file}}"
|
||||||
|
# The Connection and Upgrade headers don't work for h2
|
||||||
|
# So non-h2 is needed to fix websockets.
|
||||||
|
use_h2: false
|
||||||
|
tags:
|
||||||
|
- app.ocp.stg.fedoraproject.org
|
||||||
|
when: env == "staging"
|
||||||
|
|
||||||
- role: httpd/website
|
- role: httpd/website
|
||||||
site_name: registry.fedoraproject.org
|
site_name: registry.fedoraproject.org
|
||||||
server_aliases: [registry.stg.fedoraproject.org registry-no-cdn.fedoraproject.org]
|
server_aliases: [registry.stg.fedoraproject.org registry-no-cdn.fedoraproject.org]
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue