Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
31126 commits 9 branches 0 tags 111 MiB
Commit graph

31126 commits

This branch
This branch
All branches
Author SHA1 Message Date
Clement Verna
8f742beaac bodhi: update stg instance to fedora 32 
Signed-off-by: Clement Verna <cverna@tutanota.com>
 2020-05-08 11:40:24 +02:00
Adam Williamson
d667aba2f7 Revert "openqa: test minimal-shrink createhdds branch on staging" 
We merged the branch down so master is fine now.

This reverts commit 74c879faba.
 2020-05-07 19:33:59 -07:00
Kevin Fenzi
6e43547520 iad2: add host vars for other vmhosts to allow clevis role to work 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-07 19:09:58 -07:00
Kevin Fenzi
3fc79913d0 iad2: add a clevis role to adjust virthosts for clevis/tang 
clevis needs to bring up a interface to talk to the tang server
at initramfs time. This is fine, but dracut then "helpfully" writes
out any network config you pass it to ifcfg- files and messes
up the hosts normal networking. If you have bridge devices this is
even more pronounced as the device clevis used keeps the main
bridge ip and doesnt enslave to the bridge, breaking everything.

In order to work around this we:

* tell dracut to not save ifcfg- files from it's passed network config.
* tell dracut to use the first bridge device at initramfs time to
talk to tang
* run a systemd unit after boot to wipe any dract network config out,
allowing NM to start with a clean slate.

Note that you still need to run a dracut -f --regenerate-all

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-07 17:09:17 -07:00
Kevin Fenzi
1871d44c90 iad2: add tang01/02 servers to iad2. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-07 13:42:27 -07:00
Kevin Fenzi
83052d421b iad2: add vmhost-x86-07 to the iad party 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-07 13:28:22 -07:00
Stephen Smoogen
4e9b4e9b12 BIND: rethink having a seperate dns zone for build and qa 2020-05-07 15:27:28 -04:00
Pierre-Yves Chibon
0db6035454 packager_alias: Allow for sporadic failures in retrieving info from dist-git 
Basically, if we fail to retrieve data from pagure or we fail to
convert from JSON, wait for 30 seconds and retry.
If after two minutes (4 attempts) it still hasn't worked, bail.

Fixes https://pagure.io/fedora-infrastructure/issue/7603

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-07 16:52:42 +00:00
Tomas Hrcka
5fd5b37321 Add Fedora Minimal Compose to openshift-apps 
Signed-off-by: Tomas Hrcka <thrcka@redhat.com>
 2020-05-07 16:00:49 +00:00
Pierre-Yves Chibon
45163f66af Add pingou to the app owner of ipsilon 
This will help him figure out if the config change pushed
yesterday was successfully deployed.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-07 17:56:09 +02:00
Stephen Smoogen
b6d37e4e68 Add a variable which should stop having these servers added to nagios 
for the meant time. It may need more fixes.
 2020-05-07 11:30:39 -04:00
Pavel Raiskup
5d26e6c7d4 copr-be: don't re-define alrady defined vm_name 
Ie define vm_name only if the playbook is _not_ run from resalloc
server.
 2020-05-07 14:41:43 +02:00
Pavel Raiskup
a38bea22b1 copr-be-dev: vm-aws-new needs copr_task.vm_name, too 2020-05-07 14:28:56 +02:00
Pavel Raiskup
63d66a3311 copr-be-dev: correct path to aws terminate playbook 2020-05-07 14:24:25 +02:00
Pavel Raiskup
bbcc370de7 copr-be-dev: fixup resalloc+aws config 2020-05-07 14:17:07 +02:00
Pavel Raiskup
d4865aca5d copr-be-dev: first attempt to allocate AWS VMs by resalloc 2020-05-07 14:08:35 +02:00
Kevin Fenzi
a9d3483554 iad2: add in vmhost-x86-02 to 06. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 21:31:59 -07:00
Kevin Fenzi
a2136ce2a2 iad2: set iad2 datacenter on vmhost-x86-01.iad2 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 17:00:14 -07:00
Kevin Fenzi
29a4145466 iad2: add a iad2 resolv.conf file. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 16:54:48 -07:00
Kevin Fenzi
6d595ddf74 dns / iad2: add a IAD2 view to dns 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 16:39:41 -07:00
Kevin Fenzi
2c31e220fb dns: drop libsemanage-pythong and policycoreutils-python from dns since they are not in rhel8 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 16:07:28 -07:00
Adam Williamson
a720ccac18 openqa/worker: correct scratchrepo cleanup filename 
Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2020-05-06 15:08:54 -07:00
Adam Williamson
74c879faba openqa: test minimal-shrink createhdds branch on staging 
Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2020-05-06 14:44:58 -07:00
Adam Williamson
1b87504450 openqa/worker: make createhdds git branch to use configurable 
So we can test non-master branches on stg easier. May extend this
design to other repos (like the tests...) later.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2020-05-06 14:43:33 -07:00
Adam Williamson
32f9933aad openqa/server: drop createhdds stuff 
This was disabled due to a bug for some time now. Originally I
meant to turn it back on, but now I don't think I do: it makes
more sense to just keep letting the worker hosts handle disk
image building, it doesn't make any sense to have the server do
it for x86_64 but worker hosts do it for other arches. If the
server can't do it *all*, we may as well be consistent across
arches and always have the worker hosts do it.

This does mean that on initial deployment using these plays there
is a time where the server is up and running but any jobs run
that need the base disk images will fail because the worker play
won't have built them yet. But I think that's not a big problem,
and it was already the case for non-x86_64 arches anyhow.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2020-05-06 14:27:37 -07:00
Kevin Fenzi
2b511fa419 iad2: no vpn for ns01.iad2 either 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 14:17:40 -07:00
Kevin Fenzi
9edbfa6a39 iad2: only install the default PROD prompt in non iad2 datacenters 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 13:56:02 -07:00
Kevin Fenzi
9b49971cae iad2: set prompt in iad2 to avoid confusion 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 13:51:16 -07:00
Kevin Fenzi
3749cf4a3b iad2: ns01: lets try rhel8 here and see if its easy 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 13:27:29 -07:00
Kevin Fenzi
f6d3301708 iad2: add a ns01 nameserver vm 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 13:25:07 -07:00
Kevin Fenzi
ffcf517a4f iad2: add hosts file for bastion01.iad2 for now 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 12:49:24 -07:00
Kevin Fenzi
ffec570006 iad2: Move vmhost-x86-01.iad2.fedoraproject.org to correct group 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 12:12:13 -07:00
Kevin Fenzi
d23ee83c2f iad2: add vmhost-x86-01.iad2 and bastion01.iad2 to new iad2 datacenter. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 12:07:50 -07:00
Stephen Smoogen
97a7a51c7b Put in reverse zones for bind. 2020-05-06 12:52:59 -04:00
Stephen Smoogen
3a0208e11f Named: Add in forward zones for IAD2 zones so that dns kind of works. 2020-05-06 12:48:29 -04:00
Stephen Smoogen
b8f0e2259e Batcave: add additional RH address space for kickstarts and such 2020-05-05 18:08:46 -04:00
Pierre-Yves Chibon
fa95f7c062 mirror_pagure_ansible: sync changes from upstream 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-05 21:14:25 +02:00
Kevin Fenzi
264c02255e noc / noc02: fix path to key file, it's under private and not certs 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-05 11:43:43 -07:00
Kevin Fenzi
26edad1fbf noc / nagios-external: also add proxy for letsencrypt on https 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-05 11:13:02 -07:00
Kevin Fenzi
0a034c50d1 noc02: setup to use letsencrypt cert. Fixes ticket #8882 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-05 10:24:38 -07:00
Jan Kaluza
8ccd6841fd ODCS: Remove outdated raw_config.conf options. 2020-05-05 18:36:35 +02:00
Stephen Smoogen
fbb1563a21 Fix buildhw for ODCS: there was a mistype and /src/odcs was mounted on the systems versus /srv/odcs. Repaired 2020-05-05 07:15:45 -04:00
Stephen Smoogen
26d5acb97d Merge branch 'master' of ssh://pagure.io/fedora-infra/ansible 2020-05-04 08:49:37 -04:00
Stephen Smoogen
03a14c6db9 HOTPATCH: Fix pagure-stg email. Formal fix will need updating our postfix files to work with RHEL-8/Fedora 28+ postfix syntax. 2020-05-04 08:48:43 -04:00
Jan Kaluza
0b4ba5bdac ODCS: Fix the version in ELN periodic compose. 2020-05-04 14:22:42 +02:00
Jan Kaluza
6d3a763549 ODCS: Install odcs-client on VMs. 2020-05-04 13:53:28 +02:00
Jan Kaluza
9880d563b5 ODCS: Setup ELN periodic compose. 2020-05-04 13:39:02 +02:00
Jan Kaluza
ef4b169b40 ODCS: Grant releng-odcs@service permissions to run raw_config composes. 2020-05-04 13:08:57 +02:00
Pierre-Yves Chibon
48793d378d distgit/pagure: only show the ssh url to packager and don't allow moving git tags around 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-05-04 11:32:45 +02:00
Kevin Fenzi
4f569fff37 koji_builder: drop /srv/odcs as a default mount until we can fix perms 
We want to use /srv/odcs to write image builds as part of odcs composes,
but permissions are not correct currently, so for now, lets drop it as
a default so rawhide compose can work.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-03 15:09:43 -07:00