Add some new db servers to migrate things to: db02, db-datanommer01, db-fas02

We will add these with these names, sync content to them and then change
names and ip's next week when we have an outage to swap them in.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>

inventory/host_vars/db-datanommer01.iad2.fedoraproject.org

@@ -0,0 +1,35 @@
+---
+# This is a generic list, monitored by collectd
+databases:
+  - datanommer
+datacenter: iad2
+db_backup_dir: ['/backups']
+# This is a more strict list, to be made publicly available
+dbs_to_backup:
+  - datanommer2
+effective_cache_size: "12GB"
+eth0_ipv4: "{{eth0_ip}}"
+eth0_ipv4_gw: "10.3.163.254"
+eth0_ipv4_ip: 10.3.163.43
+# kernel SHMMAX value
+kernel_shmmax: 68719476736
+ks_repo: http://10.3.163.35/repo/rhel/RHEL9-x86_64/
+ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel
+# These are normally group variables, but in this case db servers are often different
+lvm_size: 2000g
+max_parallel_workers: 6
+max_parallel_workers_per_gather: 4
+max_worker_processes: 8
+mem_size: 65536
+nagios_Check_Services:
+  swap: false
+num_cpus: 16 
+sar_huge: true
+sar_output_file: datagrepper.csv
+# GDPR SAR variables - datanommer/datagrepper
+sar_script: /usr/local/bin/datagrepper_sar.py
+sar_script_user: root
+shared_buffers: "4GB"
+tcp_ports: [5432, 443]
+vmhost: vmhost-x86-08.iad2.fedoraproject.org
+volgroup: /dev/vg_guests

inventory/host_vars/db-fas02.iad2.fedoraproject.org

@@ -0,0 +1,40 @@
+---
+#
+# Only allow postgresql access from the frontend nodes and hosted.
+#
+custom_rules: [
+  # Openshift nodes (egress policy will block connection from non-authorized projects)
+  '-A INPUT -p tcp -m tcp -s 10.3.163.69   --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.70   --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.71   --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.72   --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.73   --dport 5432 -j ACCEPT',
+  # noc01 needs to connect to check the db
+  '-A INPUT -p tcp -m tcp -s 10.3.163.10   --dport 5432 -j ACCEPT',
+  # Ipsilon VMs
+  '-A INPUT -p tcp -m tcp -s 10.3.163.105  --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.106  --dport 5432 -j ACCEPT']
+# This is a generic list, monitored by collectd
+databases:
+  - fas2
+  - ipsilon
+datacenter: iad2
+db_backup_dir: ['/backups']
+# This is a more strict list, to be made publicly available
+dbs_to_backup:
+  - fas2
+  - ipsilon
+effective_cache_size: "6GB"
+eth0_ipv4_gw: 10.3.163.254
+eth0_ipv4_ip: 10.3.163.115
+ks_repo: http://38.145.60.16/repo/rhel/RHEL9-x86_64/
+ks_url: http://38.145.60.16/repo/rhel/ks/kvm-rhel
+# These are normally group variables, but in this case db servers are often different
+lvm_size: 100000
+max_stack_depth: "4MB"
+mem_size: 16384
+nrpe_procs_crit: 800
+#
+# Large updates pushes cause lots of db threads doing the tag moves, so up this from default.
+#
+nrpe_procs_warn: 600
+num_cpus: 8
+shared_buffers: "2GB"
+temp_buffers: "8MB"
+vmhost: vmhost-x86-08.iad2.fedoraproject.org
+volgroup: /dev/vg_guests

inventory/host_vars/db02.iad2.fedoraproject.org

@@ -0,0 +1,74 @@
+---
+#
+# We should narrow this down at some point
+#
+custom_rules: ['-A INPUT -p tcp -m tcp --dport 5432 -j ACCEPT']
+# This is a generic list, monitored by collectd
+databases:
+  - anitya
+  - blockerbugs
+  - bodhi2
+  - elections
+  - fedocal
+  - hyperkitty
+  - kerneltest
+  - koschei
+  - mailman
+  - mbs
+  - mirrormanager2
+  - notifications
+  - odcs
+  - pagure
+  - pdc
+  - tahrir
+  - waiverdb
+  - transtats
+  - resultsdb
+  - zezere
+datacenter: iad2
+db_backup_dir: ['/backups']
+# This is a more strict list of databases to backup every day
+dbs_to_backup:
+  - anitya
+  - blockerbugs
+  - bodhi2
+  - elections
+  - fedocal
+  - hyperkitty
+  - kerneltest
+  - koschei
+  - mailman
+  - mbs
+  - mirrormanager2
+  - notifications
+  - odcs
+  - pagure
+  - pdc
+  - tahrir
+  - waiverdb
+  - transtats
+  - resultsdb
+  - zezere
+# Should be 0.80 of memory
+effective_cache_size: "50GB"
+eth0_ipv4_gw: 10.3.163.254
+eth0_ipv4_ip: 10.3.163.114
+ks_repo: http://38.145.60.16/repo/rhel/RHEL9-x86_64/
+ks_url: http://38.145.60.16/repo/rhel/ks/kvm-rhel
+# These are normally group variables, but in this case db servers are often different
+lvm_size: 1500000
+max_stack_depth: "6MB"
+max_worker_processes: 12
+mem_size: 65536
+nagios_Check_Services:
+  swap: false
+nrpe_procs_crit: 900
+#
+# db01 handles lots of apps, could have many procs if they are busy.
+#
+nrpe_procs_warn: 800
+num_cpus: 32
+# Should be 0.25 of memory
+shared_buffers: "24GB"
+vmhost: vmhost-x86-08.iad2.fedoraproject.org
+volgroup: /dev/vg_guests

inventory/inventory

@@ -158,8 +158,10 @@ autosign01.stg.iad2.fedoraproject.org
 
 [dbserver]
 db01.iad2.fedoraproject.org
+db02.iad2.fedoraproject.org
 db03.iad2.fedoraproject.org
 db-fas01.iad2.fedoraproject.org
+db-datanommer01.iad2.fedoraproject.org
 db-datanommer02.iad2.fedoraproject.org
 db-koji01.iad2.fedoraproject.org
 db-openqa01.iad2.fedoraproject.org
@@ -173,6 +175,7 @@ db-koji01.stg.iad2.fedoraproject.org
 #copr-db-stg.aws.fedoraproject.org
 
 [datanommer_dbserver]
+db-datanommer01.iad2.fedoraproject.org
 db-datanommer02.iad2.fedoraproject.org
 
 [datanommer_dbserver_stg]

playbooks/groups/postgresql-server.yml

@@ -4,12 +4,12 @@
 
 - import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml"
   vars:
-    myhosts: "db-fas01.stg.iad2.fedoraproject.org:db01.stg.iad2.fedoraproject.org:db-koji01.stg.iad2.fedoraproject.org:db-fas01.iad2.fedoraproject.org:db01.iad2.fedoraproject.org:db-datanommer01.iad2.fedoraproject.org:db-koji01.iad2.fedoraproject.org:db-openqa01.iad2.fedoraproject.org:db-datanommer01.stg.iad2.fedoraproject.org:db-datanommer02.iad2.fedoraproject.org"
+    myhosts: "db-fas01.stg.iad2.fedoraproject.org:db01.stg.iad2.fedoraproject.org:db-koji01.stg.iad2.fedoraproject.org:db-fas01.iad2.fedoraproject.org:db01.iad2.fedoraproject.org:db-datanommer01.iad2.fedoraproject.org:db-koji01.iad2.fedoraproject.org:db-openqa01.iad2.fedoraproject.org:db-datanommer01.stg.iad2.fedoraproject.org:db-datanommer02.iad2.fedoraproject.org:db02.iad2.fedoraproject.org:db-fas02.iad2.fedoraproject.org"
 
 # Once the instance exists, configure it.
 
 - name: configure postgresql server system
-  hosts: db-fas01.stg.iad2.fedoraproject.org:db01.stg.iad2.fedoraproject.org:db-koji01.stg.iad2.fedoraproject.org:db-fas01.iad2.fedoraproject.org:db01.iad2.fedoraproject.org:db-datanommer01.iad2.fedoraproject.org:db-koji01.iad2.fedoraproject.org:db-openqa01.iad2.fedoraproject.org:db-datanommer01.stg.iad2.fedoraproject.org:db-datanommer02.iad2.fedoraproject.org
+  hosts: db-fas01.stg.iad2.fedoraproject.org:db01.stg.iad2.fedoraproject.org:db-koji01.stg.iad2.fedoraproject.org:db-fas01.iad2.fedoraproject.org:db01.iad2.fedoraproject.org:db-datanommer01.iad2.fedoraproject.org:db-koji01.iad2.fedoraproject.org:db-openqa01.iad2.fedoraproject.org:db-datanommer01.stg.iad2.fedoraproject.org:db-datanommer02.iad2.fedoraproject.org:db02.iad2.fedoraproject.org:db-fas02.iad2.fedoraproject.org
   user: root
   gather_facts: True