Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
42473 commits 9 branches 0 tags 111 MiB
Commit graph

163 commits

Author SHA1 Message Date
Brian Stinson
c497b17e19 Add a centos-koji user in rabbitmq that corresponds to the certs 
generated for us

Note: this is indeed a different user from the one listed before it.
koji-centos is used for mbbox.

Relates to: https://pagure.io/fedora-infrastructure/issue/9603
 2021-01-28 09:17:53 -06:00
Kevin Fenzi
af302f46e0 rabbitmq / centos-odcs: more adjustments to user creation 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-01-07 15:59:53 -08:00
Kevin Fenzi
88cae583c6 rabbitmq / centos-odcs: specify correct vhost 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-01-07 15:56:22 -08:00
Kevin Fenzi
c60c1fbaf8 rabbitmq / centos-odcs: we need a centos-odcs user 
This was hidden away in the odcs playbook in fedora infra, so I missed
that we didn't make it in the odcs role, which is where we copied the
things for the centos odcs application. So, add it in there so it makes
a centos-odcs user.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-01-07 15:45:09 -08:00
Mohan Boddu
fd8e2f238d Use underscore instead of dashes 
Signed-off-by: Mohan Boddu <mboddu@bhujji.com>
 2020-12-16 10:11:57 -05:00
Mohan Boddu
11db5b4cfa Adding centos-odcs/centos-odcs-private-queue queue and user 
Signed-off-by: Mohan Boddu <mboddu@bhujji.com>
 2020-12-15 10:47:36 -05:00
lrossett
f09d005563 adding centos-koji mq user 2020-12-14 08:16:01 +00:00
Pierre-Yves Chibon
6ce858af4c rabbitmq: fix some more the creation of the user and queue for gitlab-centos 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-12-08 10:12:48 +01:00
Pierre-Yves Chibon
cdbf639f69 rabbitmq: drop an extra . where we defined the gitlab-centos queue 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-12-08 10:05:36 +01:00
lrossett
aa73555871 changing topic name to match centos source 2020-11-18 08:42:30 +00:00
lrossett
806b6bfbdc adding gitlab-centos queue and user 2020-11-10 17:26:05 +00:00
Siteshwar Vashisht
5118b6817d Update roles/rabbitmq_cluster/tasks/apps.yml 
Add `alt-src` user and queue for `sync2git` service for CentOS Streams
 2020-09-15 07:55:04 +00:00
Pierre-Yves Chibon
4bc6749fad rabbitmq_cluster: Remove the rpminspect queue from the server 
The Fedora CI folks are apparently no longer using it

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-09-04 21:18:07 +02:00
Pierre-Yves Chibon
4a93e4f1e0 rabbitmq_cluster: add a tags for the task on the osci-pipelines 
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
 2020-07-23 10:03:31 +02:00
Michal Srb
079119927f Lower TTL for OSCI queues 
Not all OSCI queues are actively used all the time -- no need to keep messages for 10 days in them. 5 days TTL should be plenty of time even for actively used queues.
 2020-07-23 07:31:19 +00:00
Jonathan Lebon
a51feef5bd Revert "rabbitmq: add coreos queue" 
This reverts commit 42335b7370.

We only need the `coreos` user, so that we can publish messages. We
don't need the `coreos` queue.

See https://pagure.io/fedora-infrastructure/issue/9085#comment-663345
 2020-07-08 07:56:24 +00:00
Kevin Fenzi
2290817ace inventory: drop more autosign01 and bastion-comm01 rabbitmq: add monitoring plugin now. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-30 17:10:32 -07:00
Kevin Fenzi
a9beef0b8d rabbitmq / osci: define the loop var in loop_control 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-22 10:37:39 -07:00
Kevin Fenzi
331272c043 fix typo in last commit 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-22 10:27:34 -07:00
Kevin Fenzi
10e4307204 rabbitmq / osci: try and set loop variable here to avoid clash with rabbit/queue role 
The default loop var is 'item' but it's already being used in
rabbit/queue so if we use it here also it causes clashing and a invalid
binding. So, change this one to something else and see if it fixes the
issue.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-22 10:20:59 -07:00
Andrei Stepanov
2296847061 Add osci client+queues to RabbitMQ 
Signed-off-by: Andrei Stepanov <astepano@redhat.com>
 2020-06-10 23:10:27 +00:00
Kevin Fenzi
05f2b9366d iad2: make copr and faf rabbitmq users 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-08 10:46:30 -07:00
Kevin Fenzi
5351aa704e iad2 move: setup rabbitmq to be ready for moving. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-08 07:49:28 -07:00
Kevin Fenzi
5f626eb145 iad2: have rabbitmq instances use rhos16 instead of rhos13, which was/is rhel7 based 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-31 13:35:43 -07:00
Aurélien Bompard
044c88e68b Set the TTL to 10 days on the centos-ci queue 
Fixes #8939

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-05-26 13:46:53 +00:00
Kevin Fenzi
d14d971351 rabbitmq/server: fix template to cluster to the right nodes 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-20 14:31:19 -07:00
Kevin Fenzi
306252899a rabbitmq/server: drop stay leftover loop line. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-19 10:02:03 -07:00
Kevin Fenzi
661a8b54be rabbitmq / server: avoid clashing loops. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-19 09:11:54 -07:00
Kevin Fenzi
c8d2d330e2 rabbitmq/server: try this to delegate to each datacenter correctly 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-19 07:56:12 -07:00
Kevin Fenzi
3c5c8b5f2a rabbitmq/server: fix missing quote 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-18 21:52:29 -07:00
Kevin Fenzi
6bec1929e5 rabbitmq/server: fix missing quote 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-18 21:44:12 -07:00
Kevin Fenzi
13f4b3b63c rabbitmq / server: almost worked, need to hard code vaules however 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-18 21:35:19 -07:00
Kevin Fenzi
b19bf634bc rabbitmq / server: see if we can delgate correctly for iad2 vs phx2 this way 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-18 21:25:14 -07:00
Kevin Fenzi
cf517215a5 rhos13 repo: turns out we still use this for newer rabbitmq 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-13 16:10:05 -07:00
Kevin Fenzi
93cfa0134d rabbitmq: adjust things to avoid messy partitions 
We have been having the cluster fall over for still unknown reasons,
but this patch should at least help prevent them:

first we increase the net_ticktime parameter from it's default of 60 to 120.
rabbitmq sends 4 'ticks' to other cluster members over this time and if 25%
of them are lost it assumes that cluster member is down. All these vm's are
on the same net and in the same datacenter, but perhaps heavy load
from other vm's causes them to sometimes not get a tick in time?
http://www.rabbitmq.com/nettick.html

Also, set our partitioning strategy to autoheal. Currently if some cluster
member gets booted out, it gets paused, and stops processing at all.
With autoheal it will try and figure out a 'winning' partition and restart
all the nodes that are not in that partition.
https://www.rabbitmq.com/partitions.html

Hopefully the first thing will make partitions less likely and the second
will make them repair without causing massive pain to the cluster.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:26 +02:00
Aurélien Bompard
16ba6fdbff RabbitMQ: add server_name_indication to the federation parameters 
The Federation plugin uses an AMQP client that verifies that the
hostname it's connecting to is the right one. Our RabbitMQ server
TLS certificates only have the "public" name as Subject Alternative Name
and in that case apparently the client does not check the CN. Therefore
this changeset sets the client parameter to expect the "public" name in
the certificate.

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:22 +02:00
Aurélien Bompard
8f5de8c822 Also create zmq.topic in /pubsub 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:22 +02:00
Aurélien Bompard
48de31d042 RabbitMQ: leave it to apps to grant access to the nagios-monitoring user 
Because those vhosts may not be created yet when the main RabbitMQ
playbook is run.

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:22 +02:00
Aurélien Bompard
704835c2bb RabbitMQ: Don't create the nagios user before the vhost is setup 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:22 +02:00
Kevin Fenzi
135bc4418d rabbitmq_cluster / staging: nagios-plugins-rabbitmq builds, but is not installable 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:22 +02:00
Aurélien Bompard
5cae294eaa RabbitMQ: give the admin user admin privileges 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:21 +02:00
Aurélien Bompard
01da7c30b6 Restart rabbitmq when a config file changes 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:20 +02:00
Aurélien Bompard
eebab27357 RabbitMQ: handle partitions automatically 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:20 +02:00
Aurélien Bompard
b91e03d059 RabbitMQ: allow the nagios-monitoring user access to other vhosts 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:20 +02:00
Tim Flink
b03d81e48a rabbitmq_cluster: adding rpminspect queue to match rpminspect keypair 2020-04-24 21:34:20 +02:00
Tim Flink
a962b3a2ec rabbitmq: fixing syntax error I introduced 2020-04-24 21:34:19 +02:00
Tim Flink
3f15954566 rabbitmq: adding queue for fedora-build-checks 2020-04-24 21:34:19 +02:00
Aurélien Bompard
3dabb3a067 Remove useless comment 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-04-24 21:34:12 +02:00
Michal Konečný
fed409d8fc rabbitmq_cluster: Change CentOS routing key to correct format 
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
 2020-04-24 21:34:12 +02:00
Michal Konečný
190a82ac07 rabbitmq_cluster: Add testing key for CentOS 
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
 2020-04-24 21:34:12 +02:00