Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
34576 commits 9 branches 0 tags 111 MiB
Commit graph

34576 commits

This branch
This branch
All branches
Author SHA1 Message Date
Kevin Fenzi
55cc28c3b1 base / iptables: Add rules to block staging networks on prod hosts 
In IAD2 the prod and stg hosts are on different VLANs, so we thought we
didn't need this. However, we are still seeing some odd mixing of prod
and stg fedmsgs, so likely some fedmsg port has become enabled accross
all the VLANS. In any case this should do no harm, it just adds 2
subnets on all prod hosts to block staging, except for a small number of
staging_friendly hosts (in the staging_friendly ansible group).

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-03-19 20:08:05 +00:00
Nick Bebout
e1615eb72a Add manual/update-aliases.yml script 2021-03-19 13:19:25 -05:00
Francois Andrieu
ac93b011a8 languages: set volumeName for PVC 2021-03-19 18:47:12 +01:00
Francois Andrieu
5b8316be12 languages: initial deployment on staging 2021-03-19 17:28:21 +00:00
Mohan Boddu
23d38a61fa Unfreeze releng 
Now that we got a GOLD compose for F34 beta, we can unfreeze now and
start pushing updates as usual

Signed-off-by: Mohan Boddu <mboddu@bhujji.com>
 2021-03-19 12:13:07 -04:00
Nils Philippsen
1747e9f53a Fedora 31 has been EOL for a while 
Signed-off-by: Nils Philippsen <nils@redhat.com>
 2021-03-19 15:22:21 +00:00
Nils Philippsen
280eebdcee tasks/yumrepos: cope with archived Fedora releases 
We have some hosts that run on archived/EOL Fedora releases, their
repository URLs need to reflect that.

Signed-off-by: Nils Philippsen <nils@redhat.com>
 2021-03-19 15:22:21 +00:00
Nils Philippsen
baee0c839f ipa/client: add vars for people.fedoraproject.org 
Signed-off-by: Nils Philippsen <nils@redhat.com>
 2021-03-19 11:37:17 +00:00
Nils Philippsen
a1ad2f07c6 Don't flag tasks checking things as changed 
Signed-off-by: Nils Philippsen <nils@redhat.com>
 2021-03-19 11:29:31 +00:00
Nils Philippsen
3abcb2d011 ipa/client: clean sss caches on changes 
SSSD caches information, some types for hours by default. When changing
anything in IPA pertaining to a host this role is applied to, clean out
the caches on the host so the changes are effective immediately.

Signed-off-by: Nils Philippsen <nils@redhat.com>
 2021-03-19 09:27:51 +00:00
Michael Scherer
7118984b64 Fix traceback when the creation date is exactly at 0 ms 
nb found that one user was blocking the cronjob from running.
After looking closely, the problem was the creation date is
similar to 2017-02-01 09:10:20+00:00 , so without any dot,
as it was created at the exact microsecond the second started.

The usual format is 2017-02-01 09:10:20.012+00:00, where
split('.') work fine.

Since the traceback stop the whole cronjob, this prevented all
people whose login was after m from having the lifecycle badges.
 2021-03-19 08:14:02 +00:00
T.C. Williams
6613c97d71 Remove phx2 entries from inventory/cloud 2021-03-18 23:47:01 +00:00
Kevin Fenzi
4fbfe6de26 retrace: oops, its home 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-03-18 12:30:52 -07:00
Kevin Fenzi
ab618af4de retrace: see if moving the homedir setting fixes issues 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-03-18 12:21:50 -07:00
Mark O'Brien
4a9cb0316c fix typo on fpca 2021-03-18 11:54:49 +00:00
Stephen Coady
5db769751c add rollback playbook 
Signed-off-by: Stephen Coady <scoady@redhat.com>
 2021-03-18 11:48:07 +00:00
Mark O'Brien
78b504b204 change become method for postgres 2021-03-18 11:34:12 +00:00
Stephen Coady
063efdde0e add playbook and script for readonly FAS permission 
Signed-off-by: Stephen Coady <scoady@redhat.com>
 2021-03-18 11:19:19 +00:00
Aurélien Bompard
979e09ab65
Master branch has been renamed to main 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-03-18 11:43:02 +01:00
Pierre-Yves Chibon
25ff2bea69 haproxy: let's assume zabbix is up for now 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-18 10:11:12 +01:00
Stephen Smoogen
a242509f6d clean up tftp files for external servers. 2021-03-17 16:27:27 -04:00
Stephen Smoogen
341f0c6287 change rdu internal network 
looked at the network data on tcpdump and
realized these systems were on the same network and were on the
172.23.1.0 network. Fix files which mention old network.

Signed-off-by: Stephen Smoogen <smooge@smoogespace.com>
 2021-03-17 15:38:21 -04:00
Pierre-Yves Chibon
7d1fbba00d haproxy: be more flexible for zabbix 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 17:04:21 +01:00
Pierre-Yves Chibon
23c7ef8c20 haproxy: zabbix returns either 200 or 401 - maybe this way? 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 16:49:43 +01:00
Pierre-Yves Chibon
36de1196e1 haproxy: zabbix returns either 200 or 401 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 16:45:58 +01:00
Pierre-Yves Chibon
ea9d107ef8 haproxy: zabbix now returns 401 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 16:40:32 +01:00
Stephen Smoogen
d9d198d347 mv dhcpd config to correct file 2021-03-17 11:14:50 -04:00
Pierre-Yves Chibon
b3a0df510d haproxy: fix the path where haproxy check for zabbix 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 15:58:50 +01:00
Stephen Smoogen
b89408dc87 try to get the kickstart to work with the correct command. 2021-03-17 10:44:56 -04:00
Stephen Smoogen
a0a13f33cc make sure system installs with 2 nic kickstart and correct unknown variable for dns 2021-03-17 10:25:14 -04:00
Pierre-Yves Chibon
fd285a23ea proxies: we move zabbix to / directly 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 14:42:29 +01:00
Adam Saleh
fac52a1f1f Changed the service name and added even more permissions. 2021-03-17 14:38:17 +01:00
Stephen Smoogen
725fcf76ce fix the volume group for the host. Problem with building without kickstats is that volume names are set to odd things. 2021-03-17 09:23:45 -04:00
Pierre-Yves Chibon
f8d45fd78e proxies: Add the header_scheme for zabbix 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 14:15:17 +01:00
Stephen Smoogen
0e2fca5f95 correct the arch name to be x86 versus x64 2021-03-17 09:13:52 -04:00
Stephen Smoogen
2fdcb62a1c add cloud-noc-os01 to infracore to build 2021-03-17 09:08:21 -04:00
Stephen Smoogen
d938107466 make sure that the mac addresses are used in the kickstart. TODO: clean up variables so they are the same 2021-03-17 09:03:44 -04:00
Pierre-Yves Chibon
2ee77518a4 proxies: add a trailing / for zabbix 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 13:40:46 +01:00
Pierre-Yves Chibon
a58926a29e proxies: let's try keephost for zabbix 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 11:55:44 +01:00
Adam Saleh
fac2e43e3c Had to change the monitor to reapply servicemonitor. 2021-03-17 11:33:39 +01:00
Pierre-Yves Chibon
8e768ffcd1 Revert "proxies: update the proxyurl for zabbix - this time to varnish" 
This reverts commit 2b53aa3951.
 2021-03-17 11:31:59 +01:00
Pierre-Yves Chibon
2b53aa3951 proxies: update the proxyurl for zabbix - this time to varnish 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 11:23:45 +01:00
Pierre-Yves Chibon
d5454095ef proxies: update the proxyurl for zabbix - again typi typo 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 11:21:42 +01:00
Adam Saleh
d5183979c3 Add wildcard urls to prometheus clusterrole. 2021-03-17 11:19:54 +01:00
Pierre-Yves Chibon
43f2248de8 proxies: update the proxyurl for zabbix - again 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 11:19:13 +01:00
Pierre-Yves Chibon
c4ab25f363 proxies: update the proxyurl for zabbix 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 11:17:26 +01:00
Adam Saleh
32771b4f92 Added named port bodhi-web to staging. 2021-03-17 11:07:17 +01:00
Pierre-Yves Chibon
d7cc7b3d02 proxies: only speak about zabbix.stg for now 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2021-03-17 10:57:15 +01:00
Adam Saleh
c430685141 Prometheus monitoring for Bodhi should only be enabled in staging 2021-03-17 10:54:40 +01:00
Adam Saleh
19786a9757 Added the correct monitoring-key label to bodhi-web. 2021-03-17 10:52:37 +01:00