Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
8872 commits 9 branches 0 tags 111 MiB
Commit graph

8872 commits

This branch
This branch
All branches
Author SHA1 Message Date
Kevin Fenzi
18d5a50a55 Install the default bodhi.cfg only on frontends. The backends install it in their specific role. 2015-06-01 18:50:18 +00:00
Kevin Fenzi
e390bd1212 Tweak the openstack cloud playbook some to be more idempotent. 2015-06-01 17:22:10 +00:00
Ralph Bean
aa0d5e17b8 Loop the pagure fedmsg bus into the FI bus. 2015-06-01 17:16:00 +00:00
Kevin Fenzi
f938d7df5e Try lowering it some more, as mm-frontend01 keeps hitting OOM. 2015-06-01 16:32:08 +00:00
Valentin Gologuzov
9e61b9c788 [copr/base] removed fail2ban since it's unusable 2015-06-01 18:28:59 +02:00
Valentin Gologuzov
b01370a431 [copr] parametirize frontend for config option INTRANET_IPS 2015-06-01 17:56:54 +02:00
Miroslav Suchý
74069292e5 use tmpfs for mock chroot's 
as outlined here:
http://miroslav.suchy.cz/blog/archives/2015/05/28/increase_mock_performance_-_build_packages_in_memory/index.html
 2015-06-01 17:53:41 +02:00
Kevin Fenzi
696ac2ea09 Try swapping this around and doing more processes with less threads. 2015-06-01 14:41:58 +00:00
Kevin Fenzi
c2e1a61476 Adjust the cloud resolv.conf. 2015-06-01 13:30:37 +00:00
Kevin Fenzi
423d76183d Try moving this down to 5 2015-06-01 13:08:53 +00:00
Kevin Fenzi
ed69abc4c0 Try upping threads here on mirrormanager frontend to see if it can cope with request spikes better. 2015-06-01 12:17:58 +00:00
Kevin Fenzi
e99e500763 Revert this hosts change too. 2015-05-31 20:26:18 +00:00
Kevin Fenzi
939b98397b Revert this also back to the http check method 2015-05-31 19:44:42 +00:00
Kevin Fenzi
c48a72d3be Revert things and ponder a better solution for the https issues 2015-05-31 19:31:54 +00:00
Kevin Fenzi
d41b5354f2 Move all these to https 2015-05-31 18:45:40 +00:00
Kevin Fenzi
2dd5438901 Make this a fedoraproject.org address so ssl is happy. 2015-05-31 18:37:54 +00:00
Kevin Fenzi
553da4b213 Switch haproxy to prefer a local mirrorlist server if available. 
Allow port 443 connections from those proxies on mirrorlists.
Add hosts entries for proxy10 and proxy01 that should allow ssl to work right.
Will test this on one proxy/mirrorlist and move on to the others.
 2015-05-31 17:17:41 +00:00
Kevin Fenzi
c1120c4657 Move the mirrorlist entry from all stg hosts to proxy01.stg specific one. 2015-05-31 17:16:29 +00:00
Kevin Fenzi
7da9eee02a Allow port 443 in mirrorlist stg firewalls and add a hosts entry for mirrorlist-phx2.stg in stg. 2015-05-31 17:07:45 +00:00
Kevin Fenzi
ed684cccfd Try explicitly setting the cert names here. 2015-05-31 16:54:27 +00:00
Kevin Fenzi
d1621a6f3b Need to actually listen on 443 somewhere, this is as good a place as any 2015-05-31 16:44:12 +00:00
Kevin Fenzi
474c68009d A bit more adjustment to get the staging ssl certs setup right. 2015-05-31 16:38:14 +00:00
Kevin Fenzi
eb0c65f995 Use the right ssl cert for staging. 2015-05-31 16:31:33 +00:00
Kevin Fenzi
2fc8221d26 Need some pretasks here, in particular the /srv/web directory needs to exist 2015-05-31 16:25:51 +00:00
Kevin Fenzi
b22685d524 See if we can easily enable https on mirrorlists (test in staging) 2015-05-31 16:21:30 +00:00
Kevin Fenzi
2f84d57e46 Add some more epylog weeding. 2015-05-31 15:30:26 +00:00
Adrian Reber
9a90bb869f Re-enable /mirrormanager without slash at the end 
The mirrormanager application and the publiclist re-write used to work
without a slash at the end. Re-enable /mirrormanager without a slash at
the end of the URL.
 2015-05-31 09:27:54 +00:00
Adrian Reber
af9462caab Reduce number of parallel crawlers from 38 to 35 
To avoid regular nagios memory warnings the number of parallel crawlers
is reduced from 38 to 35 to reduce the required memory.
 2015-05-31 08:11:04 +00:00
Kevin Fenzi
492db6878a Rename darkserver-dev to the host instead of IP. 
Add darkserver-dev and devpi playbooks to master.
 2015-05-30 21:31:33 +00:00
Kevin Fenzi
ccdf8d95f5 Update freemedia form to say Fedora 22. Fixes ticket 4767 2015-05-30 16:50:11 +00:00
Mathieu Bridon
c166eadb79 distgit: Actually hardlink over the existing source at the old path 
Without this, the file could exist at both the old and new path, taking
the space on the disk twice.

This forces a hardlink if the file already existed at the old path.
 2015-05-29 19:07:47 +02:00
Mathieu Bridon
1de198612a distgit: And so does os.makedirs 2015-05-29 18:05:04 +02:00
Mathieu Bridon
015c24618c distgit: os.link fails if the dest already exists 2015-05-29 18:00:31 +02:00
Tim Flink
8b12100a83 fixing path for f22 in taskotron yumrepoinfo.conf 2015-05-29 13:24:30 +00:00
Tim Flink
46bbb507d3 hotfixing yumrepoinfo.conf on taskotron clients until package is updated 2015-05-29 12:56:17 +00:00
Mathieu Bridon
2e35fa64a3 distgit: Ensure the folder exists 
We can't hard link the file if the folder containing the link
destination does not exist.

Hurray for testing in staging!
 2015-05-29 11:59:57 +02:00
Mathieu Bridon
e570c2f271 distgit: Upload files to both the new and old path 
Currently, the CGI script is set to upload files:
- to the old path if the upload uses md5
- to the new path if the upload uses sha512

The old path is as follows:
    /%(srpmname)s/%(filename)s/%(hash)s/%(filename)s

The new path is:
    /%(srpmname)s/%(filename)s/%(hashtype)s/%(hash)s/%(filename)s

This was meant to ensure compatibility with current fedpkg which
always downloads from the old path, but will eventually download from
the new path when we move to sha512.

However, working more on this, I now think it would make for a smoother
transition if we instead always stored the files at the new path, but
just hardlinked to the old path if the upload is using md5.

This is what this patch achieves.

With this deployed in production, fedpkg could be patched to try
downloading from the new path, and fallback to the old one if necessary,
which decouples the migration to the new path from the migration to the
new hash.
 2015-05-29 11:24:24 +02:00
Kevin Fenzi
4c4ef28acc This is sysadmin-dba, not sysadmin-db. 2015-05-28 20:28:05 +00:00
Kevin Fenzi
65638ef274 Drop the removing of ssh host keys. The persistent playbook should now handle this on reprovision cleanly. 2015-05-28 20:20:56 +00:00
Kevin Fenzi
e015807e72 Add the same logic as for virt hosts to cloud spin up. When new instance is made it gathers the key automatically. 2015-05-28 19:58:02 +00:00
Kevin Fenzi
b62619e9d3 Duh. Need to quote this because it's multiline 2015-05-28 19:42:53 +00:00
Kevin Fenzi
5b77fe91d2 Try |string 2015-05-28 19:23:46 +00:00
Kevin Fenzi
c495f031d3 ok, lets try |str filter here. 2015-05-28 19:05:46 +00:00
Kevin Fenzi
aed8829f96 I'm sure it can't be this easy, but will try adding a join filter here. 2015-05-28 18:19:54 +00:00
Ricky Elrod
3d4129dd78 install libsemanage-python to set an sebool for collectd 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2015-05-28 18:09:03 +00:00
Kevin Fenzi
6ba003e4ea Need this local keyscan action to be a command. 2015-05-28 17:49:23 +00:00
Kevin Fenzi
c1bb97974b This is an attempt to gather initial ssh_host_key from new vms when they are made. 
This avoids having to accept the key manually and allows playbooks making new
instances to complete without human intervention.
(If it works as desired)
 2015-05-28 17:35:25 +00:00
Ricky Elrod
67ef59bdfa Merge branch 'master' of /git/ansible 2015-05-28 16:56:58 +00:00
Ricky Elrod
a7e9f1dfbe move nuancier01.stg and gallery01.stg to vh11 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2015-05-28 16:56:55 +00:00
Kevin Fenzi
906093d009 Merge branch 'master' of /git/ansible 2015-05-28 16:54:45 +00:00