Add a sign-bridge01 and move around some sign stuff

This commit is contained in:
Kevin Fenzi 2014-07-15 17:13:55 +00:00
parent f21c4c004f
commit d2b53039fd
5 changed files with 76 additions and 4 deletions

View file

@ -2,3 +2,12 @@
freezes: true freezes: true
postfix_group: sign postfix_group: sign
host_group: sign host_group: sign
# Define resources for this group of hosts here.
lvm_size: 10000
mem_size: 4096
num_cpus: 4
tcp_ports: [ 44333, 44334 ]
fas_client_groups: sysadmin-releng

View file

@ -0,0 +1,12 @@
---
nm: 255.255.255.0
gw: 10.5.125.254
dns: 10.5.126.21
ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7
ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/
volgroup: /dev/vg_bvirthost06
vmhost: bvirthost06.phx2.fedoraproject.org
datacenter: phx2
eth0_ip: 10.5.125.71

View file

@ -207,8 +207,10 @@ releng04.phx2.fedoraproject.org
relepel01.phx2.fedoraproject.org relepel01.phx2.fedoraproject.org
# sign servers don't listen to ssh by default. # sign servers don't listen to ssh by default.
#[sign] [sign-bridge]
#sign-bridge02.phx2.fedoraproject.org sign-bridge01.phx2.fedoraproject.org
#
#[sign-vault]
#sign-vault03.phx2.fedoraproject.org #sign-vault03.phx2.fedoraproject.org
#sign-vault04.phx2.fedoraproject.org #sign-vault04.phx2.fedoraproject.org

View file

@ -0,0 +1,49 @@
# provision a new sign server.
# NOTE: this assumes the boxes are already up and are accessible
# NOTE: most of these vars_path come from group_vars/sign or from hostvars
#
# FURTHER NOTE: some of These machines run day to day with sshd disabled/off.
# Access is via management interface only. This playbook does initial setup.
# Please check with rel-eng before doing anything here.
- name: make sign-bridge server vm
hosts: sign-bridge
user: root
gather_facts: False
accelerate: "{{ accelerated }}"
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "{{ private }}/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
tasks:
- include: "{{ tasks }}/virt_instance_create.yml"
- include: "{{ tasks }}/accelerate_prep.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"
- name: configure sign bridge server
hosts: sign-bridge
user: root
gather_facts: true
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "{{ private }}/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
roles:
- base
- rkhunter
- hosts
- fas_client
- sudo
tasks:
- include: "{{ tasks }}/motd.yml"
- include: "{{ tasks }}/sign_setup.yml"
handlers:
- include: "{{ handlers }}/restart_services.yml"

View file

@ -6,8 +6,8 @@
# Access is via management interface only. This playbook does initial setup. # Access is via management interface only. This playbook does initial setup.
# Please check with rel-eng before doing anything here. # Please check with rel-eng before doing anything here.
- name: make sign server - name: make sign vault server
hosts: sign hosts: sign-vault
user: root user: root
gather_facts: true gather_facts: true