Terminate Koschei VMs

2019-09-30 13:51:17 +02:00 · 2019-09-30 13:51:17 +02:00 · 864ad59307
commit 864ad59307
parent 12fe7f7871
8 changed files with 0 additions and 218 deletions
--- a/inventory/group_vars/koschei_backend
+++ b/inventory/group_vars/koschei_backend
@ -1,64 +0,0 @@
 ---
 # Define resources for this group of hosts here.
 lvm_size: 60000
 mem_size: 8192
 num_cpus: 4
 # for systems that do not match the above - specify the same parameter in
 # the host_vars/$hostname file
 koschei_topurl: https://apps.fedoraproject.org/koschei
 koschei_pgsql_hostname: db01.phx2.fedoraproject.org
 koschei_koji_hub: koji.fedoraproject.org
 koschei_kojipkgs: kojipkgs.fedoraproject.org
 koschei_koji_web: koji.fedoraproject.org
 koschei_copr_url: http://copr-fe.cloud.fedoraproject.org
 koschei_copr_login: NOT-USED-YET
 koschei_copr_token: NOT-USED-YET
 host_group: koschei-backend
 tcp_ports: [
    # These 4 are for fedmsg.  See also /etc/fedmsg.d/endpoints.py
    3000, 3001, 3002, 3003,
 ]
 custom_rules: [
    # Need for rsync from log01 for logs.
    '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT',
    '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 ]
 fas_client_groups: sysadmin-koschei,fi-apprentice,sysadmin-noc,sysadmin-veteran
 freezes: false
 # These are consumed by a task in roles/fedmsg/base/main.yml
 fedmsg_certs:
 - service: shell
  owner: root
  group: sysadmin
  can_send:
  - logger.log
 - service: koschei
  owner: root
  group: koschei
  can_send:
  - koschei.collection.state.change
  - koschei.package.state.change
  - koschei.update
 # For the MOTD
 csi_security_category: Low
 csi_primary_contact: Fedora admins - admin@fedoraproject.org
 csi_purpose: Koschei continuous integration system
 csi_relationship: |
    This machine depends on:
    - PostgreSQL DB server
    - Koji hub and kojipkgs
    - fedmsg hub
    - bastion (for mail relay)
    - memcached01
 koschei_backend_services: []
--- a/inventory/group_vars/koschei_web
+++ b/inventory/group_vars/koschei_web
@ -1,41 +0,0 @@
 ---
 # Define resources for this group of hosts here.
 lvm_size: 8000
 mem_size: 2048
 num_cpus: 1
 # for systems that do not match the above - specify the same parameter in
 # the host_vars/$hostname file
 koschei_topurl: https://apps.fedoraproject.org/koschei
 koschei_pgsql_hostname: db01.phx2.fedoraproject.org
 koschei_kojipkgs: kojipkgs.fedoraproject.org
 koschei_koji_web: koji.fedoraproject.org
 koschei_oidc_provider: id.fedoraproject.org
 koschei_bugzilla: bugzilla.redhat.com
 koschei_oidc_client_secret: "{{ koschei_oidc_client_secret_prod }}"
 koschei_oidc_crypto_secret: "{{ koschei_oidc_crypto_secret_prod }}"
 tcp_ports: [ 80, 443 ]
 custom_rules: [
    # Need for rsync from log01 for logs.
    '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT',
    '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 ]
 fas_client_groups: sysadmin-koschei,fi-apprentice,sysadmin-noc,sysadmin-veteran
 freezes: false
 # For the MOTD
 csi_security_category: Low
 csi_primary_contact: Fedora admins - admin@fedoraproject.org
 csi_purpose: Koschei continuous integration system
 csi_relationship: |
    This machine depends on:
    - PostgreSQL DB server
    - Pagure API on dist-git
    - bastion (for mail relay)
    - memcached01
--- a/inventory/host_vars/koschei-backend01.phx2.fedoraproject.org
+++ b/inventory/host_vars/koschei-backend01.phx2.fedoraproject.org
@ -1,12 +0,0 @@
 ---
 nm: 255.255.255.0
 gw: 10.5.125.254
 dns: 10.5.126.21
 ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-29
 ks_repo: http://10.5.126.23/pub/fedora/linux/releases/29/Server/x86_64/os/
 volgroup: /dev/vg_guests
 eth0_ip: 10.5.125.49
 vmhost: bvirthost13.phx2.fedoraproject.org
 datacenter: phx2
--- a/inventory/host_vars/koschei-web01.phx2.fedoraproject.org
+++ b/inventory/host_vars/koschei-web01.phx2.fedoraproject.org
@ -1,12 +0,0 @@
 ---
 nm: 255.255.255.0
 gw: 10.5.125.254
 dns: 10.5.126.21
 ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-29
 ks_repo: http://10.5.126.23/pub/fedora/linux/releases/29/Server/x86_64/os/
 volgroup: /dev/vg_guests
 eth0_ip: 10.5.126.140
 vmhost: virthost19.phx2.fedoraproject.org
 datacenter: phx2
--- a/inventory/host_vars/koschei-web02.phx2.fedoraproject.org
+++ b/inventory/host_vars/koschei-web02.phx2.fedoraproject.org
@ -1,12 +0,0 @@
 ---
 nm: 255.255.255.0
 gw: 10.5.125.254
 dns: 10.5.126.21
 ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-29
 ks_repo: http://10.5.126.23/pub/fedora/linux/releases/29/Server/x86_64/os/
 volgroup: /dev/vg_virthost
 eth0_ip: 10.5.126.139
 vmhost: virthost18.phx2.fedoraproject.org
 datacenter: phx2
--- a/inventory/inventory
+++ b/inventory/inventory
@ -401,13 +401,6 @@ koji01.stg.phx2.fedoraproject.org
 kojipkgs01.phx2.fedoraproject.org
 kojipkgs02.phx2.fedoraproject.org
 [koschei_backend]
 koschei-backend01.phx2.fedoraproject.org
 [koschei_web]
 koschei-web01.phx2.fedoraproject.org
 koschei-web02.phx2.fedoraproject.org
 [infracore]
 batcave01.phx2.fedoraproject.org
 log01.phx2.fedoraproject.org
--- a/playbooks/groups/koschei-backend.yml
+++ b/playbooks/groups/koschei-backend.yml
@ -1,37 +0,0 @@
 - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=koschei_backend:koschei_backend_stg"
 - name: install koschei
  hosts: koschei_backend
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - fas_client
  - builder_repo
  - collectd/base
  - { role: sudo, sudoers: "{{ private }}/files/sudo/koschei01-sudoers" }
  - role: keytab/service
    owner_user: koschei
    owner_group: koschei
    service: koschei
    host: "{{inventory_hostname}}"
  - fedmsg/base
  tasks:
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
--- a/playbooks/groups/koschei-web.yml
+++ b/playbooks/groups/koschei-web.yml
@ -1,33 +0,0 @@
 ---
 - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=koschei_web:koschei_web_stg"
 - name: install koschei-frontend
  hosts: koschei_web
  user: root
  gather_facts: True
  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - fas_client
  - collectd/base
  - { role: sudo, sudoers: "{{ private }}/files/sudo/koschei01-sudoers" }
  - { role: openvpn/client, when: env != "staging" }
  - { role: mod_wsgi, when: env != "staging" }
  tasks:
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"