osbs: staging ip tables

files/osbs/fedora-dnsmasq.conf.staging

@@ -1,2 +1,2 @@
-server=/fedoraproject.org/10.5.126.21
-server=/fedoraproject.org/10.5.126.22
+server=/fedoraproject.org/10.3.163.33
+server=/fedoraproject.org/10.3.163.34

files/osbs/fix-docker-iptables.staging

@@ -30,45 +30,45 @@ iptables -A FILTER_FORWARD --src 10.1.0.0/16 --dst 10.1.0.0/16 -j ACCEPT
 
 # Now insert access to allowed boxes
 # osbs
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.128.177 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.166.74 --dport 443 -j ACCEPT
 
 # docker-registry
 iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.128.123 --dport 443 -j ACCEPT
 iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.128.124 --dport 443 -j ACCEPT
 
 #koji.fp.o
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.128.139 --dport 80 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.128.139 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.167.64 --dport 80 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.167.64 --dport 443 -j ACCEPT
 
 # pkgs.stg
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.128.175 --dport 80 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.128.175 --dport 443 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.128.175 --dport 9418 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.167.74 --dport 80 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.167.74 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.167.74 --dport 9418 -j ACCEPT
 
 # DNS
-iptables -A FILTER_FORWARD -p udp -m udp -d 10.5.126.21 --dport 53 -j ACCEPT
-iptables -A FILTER_FORWARD -p udp -m udp -d 10.5.126.22 --dport 53 -j ACCEPT
+iptables -A FILTER_FORWARD -p udp -m udp -d 10.3.163.33 --dport 53 -j ACCEPT
+iptables -A FILTER_FORWARD -p udp -m udp -d 10.3.163.34 --dport 53 -j ACCEPT
 
 # mirrors.fp.o
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.8 --dport 443 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.9 --dport 443 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.51 --dport 443 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.52 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.76 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.77 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.75 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.167.74 --dport 443 -j ACCEPT
 
 # infrastructure.fp.o (infra repos)
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.23 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.35 --dport 443 -j ACCEPT
 
 # dl.phx2
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.93 --dport 80 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.93 --dport 443 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.94 --dport 80 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.94 --dport 443 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.95 --dport 80 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.95 --dport 443 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.96 --dport 80 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.96 --dport 443 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.97 --dport 80 -j ACCEPT
-iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.126.97 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.49 --dport 80 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.49 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.50 --dport 80 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.50 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.51 --dport 80 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.51 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.85 --dport 80 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.85 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.84 --dport 80 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.163.84 --dport 443 -j ACCEPT
 
 
 # Docker is CRAZY and forces Google DNS upon us.....
@@ -76,10 +76,10 @@ iptables -A FILTER_FORWARD -p udp -m udp -d 8.8.8.8 --dport 53 -j ACCEPT
 iptables -A FILTER_FORWARD -p udp -m udp -d 8.8.4.4 --dport 53 -j ACCEPT
 
 # proxy
-iptables -A FILTER_FORWARD -p tcp --dst 10.5.128.177 --dport 443 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp --dst 10.3.166.74 --dport 443 -j ACCEPT
 
 # Kerberos
-iptables -A FILTER_FORWARD -p tcp --dst 10.5.128.177 --dport 1088 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp --dst 10.3.166.74 --dport 1088 -j ACCEPT
 
 
 iptables -A FILTER_FORWARD -j REJECT --reject-with icmp-host-prohibited

inventory/group_vars/osbs_masters_stg

@@ -47,13 +47,13 @@ osbs_conf_worker_clusters:
   x86_64:
   - name: x86_64
     max_concurrent_builds: 2
-    openshift_url: "https://osbs-master01.stg.phx2.fedoraproject.org:8443"
+    openshift_url: "https://osbs-master01.stg.iad2.fedoraproject.org:8443"
     verify_ssl: 'false'
 
   aarch64:
   - name: aarch64
     max_concurrent_builds: 1
-    openshift_url: "https://osbs-aarch64-master01.stg.phx2.fedoraproject.org:8443/"
+    openshift_url: "https://osbs-aarch64-master01.stg.iad2.fedoraproject.org:8443/"
     verify_ssl: 'false'
 
 osbs_platform_descriptors: