From 56246a62ecd39d79893356cb519f61d71830218f Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Thu, 12 Nov 2015 11:32:41 -0800 Subject: [PATCH 01/25] set up openQA This adds openqa_server and openqa_worker roles, and applies them to the appropriate host groups. Note that servers also act as worker hosts for themselves. --- inventory/group_vars/openqa | 15 ++ inventory/group_vars/openqa-stg | 15 ++ inventory/group_vars/openqa-stg-workers | 2 + inventory/group_vars/openqa-workers | 2 + playbooks/groups/openqa-workers.yml | 47 ++---- playbooks/groups/openqa.yml | 29 +--- roles/openqa_server/files/exports | 1 + roles/openqa_server/files/openqa.ini | 12 ++ roles/openqa_server/tasks/main.yml | 148 ++++++++++++++++++ roles/openqa_server/templates/client.conf.j2 | 3 + .../templates/database.ini.pgsql.j2 | 9 ++ .../templates/openqa.conf.httpd.j2 | 4 + roles/openqa_worker/tasks/main.yml | 45 ++++++ roles/openqa_worker/tasks/nfs-client.yml | 19 +++ roles/openqa_worker/templates/client.conf.j2 | 3 + .../templates/var-lib-openqa-share.mount.j2 | 8 + roles/openqa_worker/templates/workers.ini.j2 | 2 + 17 files changed, 303 insertions(+), 61 deletions(-) create mode 100644 inventory/group_vars/openqa-stg-workers create mode 100644 inventory/group_vars/openqa-workers create mode 100644 roles/openqa_server/files/exports create mode 100644 roles/openqa_server/files/openqa.ini create mode 100644 roles/openqa_server/tasks/main.yml create mode 100644 roles/openqa_server/templates/client.conf.j2 create mode 100644 roles/openqa_server/templates/database.ini.pgsql.j2 create mode 100644 roles/openqa_server/templates/openqa.conf.httpd.j2 create mode 100644 roles/openqa_worker/tasks/main.yml create mode 100644 roles/openqa_worker/tasks/nfs-client.yml create mode 100644 roles/openqa_worker/templates/client.conf.j2 create mode 100644 roles/openqa_worker/templates/var-lib-openqa-share.mount.j2 create mode 100644 roles/openqa_worker/templates/workers.ini.j2 diff --git a/inventory/group_vars/openqa b/inventory/group_vars/openqa index e69de29bb2..2492750b33 100644 --- a/inventory/group_vars/openqa +++ b/inventory/group_vars/openqa @@ -0,0 +1,15 @@ +external_hostname: openqa.fedoraproject.org + +openqa_hostname: localhost +openqa_email: adamwill@fedoraproject.org +openqa_nickname: adamwill +openqa_fullname: Adam Williamson +openqa_userid: http://adamwill.id.fedoraproject.org/ + +openqa_dbname: openqa +openqa_dbhost: db-qa01.qa.fedoraproject.org + +openqa_workers: 3 + +# NFS +tcp_ports: 2049 diff --git a/inventory/group_vars/openqa-stg b/inventory/group_vars/openqa-stg index e69de29bb2..8b0600bed5 100644 --- a/inventory/group_vars/openqa-stg +++ b/inventory/group_vars/openqa-stg @@ -0,0 +1,15 @@ +external_hostname: openqa-stg.fedoraproject.org + +openqa_hostname: localhost +openqa_email: adamwill@fedoraproject.org +openqa_nickname: adamwill +openqa_fullname: Adam Williamson +openqa_userid: http://adamwill.id.fedoraproject.org/ + +openqa_dbname: openqa-stg +openqa_dbhost: db-qa01.qa.fedoraproject.org + +openqa_workers: 3 + +# NFS +tcp_ports: 2049 diff --git a/inventory/group_vars/openqa-stg-workers b/inventory/group_vars/openqa-stg-workers new file mode 100644 index 0000000000..0f56cd18b7 --- /dev/null +++ b/inventory/group_vars/openqa-stg-workers @@ -0,0 +1,2 @@ +openqa_workers: 4 +openqa_hostname: {{ groups['openqa-stg'][0] }} diff --git a/inventory/group_vars/openqa-workers b/inventory/group_vars/openqa-workers new file mode 100644 index 0000000000..9f8c683642 --- /dev/null +++ b/inventory/group_vars/openqa-workers @@ -0,0 +1,2 @@ +openqa_workers: 4 +openqa_hostname: {{ groups['openqa'][0] }} diff --git a/playbooks/groups/openqa-workers.yml b/playbooks/groups/openqa-workers.yml index 6425876202..5be3f43346 100644 --- a/playbooks/groups/openqa-workers.yml +++ b/playbooks/groups/openqa-workers.yml @@ -1,30 +1,23 @@ -# create a new openqa worker server system -# NOTE: should be used with --limit most of the time -# NOTE: most of these vars_path come from group_vars/backup_server or from hostvars -# This has an extra role that configures the virthost to be used with beaker for -# virtual machine clients - -- name: basic configuration +- name: configure openQA workers hosts: openqa-workers:openqa-stg-workers user: root gather_facts: True - vars_files: + vars_files: - /srv/web/infra/ansible/vars/global.yml - "/srv/private/ansible/vars.yml" - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml roles: - - base - - rkhunter - - { role: denyhosts, when: ansible_distribution_major_version|int != 7 } - - nagios_client - - hosts - - fas_client - - collectd/base - - { role: iscsi_client, when: datacenter == "phx2" } - - sudo - - { role: openvpn/client, when: datacenter != "phx2" } + - { role: base, tags: ['base'] } + - { role: rkhunter, tags: ['rkhunter'] } + - { role: nagios_client, tags: ['nagios_client'] } + - { role: hosts, tags: ['hosts']} + - { role: fas_client, tags: ['fas_client'] } + - { role: collectd/base, tags: ['collectd_base'] } + - { role: sudo, tags: ['sudo'] } + - { role: openqa_worker, tags: ['openqa_worker'] } + - apache tasks: - include: "{{ tasks }}/yumrepos.yml" @@ -32,20 +25,4 @@ - include: "{{ tasks }}/motd.yml" handlers: - - include: "{{ handlers }}/restart_services.yml" - -#- name: configure openqa workers -# hosts: openqa-workers:openqa-stg-workers -# user: root -# gather_facts: True -# -# vars_files: -# - /srv/web/infra/ansible/vars/global.yml -# - "/srv/private/ansible/vars.yml" -# - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml -# -# roles: -# - { role: openqa/something, tags: ['something'] } -# -# handlers: -# - include: "{{ handlers }}/restart_services.yml" + - include: "{{ handlers }}/restart_services.yml" diff --git a/playbooks/groups/openqa.yml b/playbooks/groups/openqa.yml index 158be787b1..9c53794394 100644 --- a/playbooks/groups/openqa.yml +++ b/playbooks/groups/openqa.yml @@ -1,11 +1,4 @@ ---- -# create a new taskotron staging server -# NOTE: make sure there is room/space for this server on the vmhost -# NOTE: most of these vars_path come from group_vars/mirrorlist or from hostvars - -- include: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=openqa:openqa-stg" - -- name: make the box be real +- name: configure openQA hosts: openqa:openqa-stg user: root gather_facts: True @@ -22,31 +15,15 @@ - { role: hosts, tags: ['hosts']} - { role: fas_client, tags: ['fas_client'] } - { role: collectd/base, tags: ['collectd_base'] } -# - { role: yum-cron, tags: ['yumcron'] } - { role: sudo, tags: ['sudo'] } + - { role: openqa_server, tags: ['openqa_server'] } + - { role: openqa_worker, tags: ['openqa_worker'] } - apache tasks: - # this is how you include other task lists - include: "{{ tasks }}/yumrepos.yml" - include: "{{ tasks }}/2fa_client.yml" - include: "{{ tasks }}/motd.yml" handlers: - include: "{{ handlers }}/restart_services.yml" - -#- name: configure openqa -# hosts: openqa:openqa-stg -# user: root -# gather_facts: True -# -# vars_files: -# - /srv/web/infra/ansible/vars/global.yml -# - "/srv/private/ansible/vars.yml" -# - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml -# -# roles: -# - { role: openqa/something, tags: ['something'] } -# -# handlers: -# - include: "{{ handlers }}/restart_services.yml" diff --git a/roles/openqa_server/files/exports b/roles/openqa_server/files/exports new file mode 100644 index 0000000000..6243cf3a67 --- /dev/null +++ b/roles/openqa_server/files/exports @@ -0,0 +1 @@ +/var/lib/openqa/share *(ro,insecure,all_squash) diff --git a/roles/openqa_server/files/openqa.ini b/roles/openqa_server/files/openqa.ini new file mode 100644 index 0000000000..58b14fe906 --- /dev/null +++ b/roles/openqa_server/files/openqa.ini @@ -0,0 +1,12 @@ +[global] +branding = plain + +[auth] +method=OpenID + +[logging] +level=info + +[openid] +provider = https://id.fedoraproject.org/ +httpsonly = 1 diff --git a/roles/openqa_server/tasks/main.yml b/roles/openqa_server/tasks/main.yml new file mode 100644 index 0000000000..1b22be178a --- /dev/null +++ b/roles/openqa_server/tasks/main.yml @@ -0,0 +1,148 @@ +# Required vars +# - openqa_email +## string - Email address of admin user +# - openqa_nickname +## string - Short name of admin user (shown in the web UI for e.g.) +# - openqa_fullname +## string - Full name of admin user +# - openqa_key +# - openqa_secret +## string - MUST be 16-character hexadecimals, and are secrets +# openqa_userid +## string - User ID of admin user: for Fedora should be a Fedora openID URL, +## http://fasname.id.fedoraproject.org + +# Required vars with defaults +# - external_hostname +## string - The public hostname for the server (will be used as ServerName) +## default - ansible_nodename + +# Optional vars +# - openqa_dbname +## string - The name of the database to use +# - openqa_dbhost +## string - The hostname of the database server +# - openqa_dbuser +## string - The database username +# - openqa_dbpassword +## string - The database password +# +# If openqa_dbhost is set, the others must be too, and the server will be +# configured to use a pgsql database accordingly. If openqa_dbhost is not +# set, the server will use a local SQLite database and the other values +# are ignored. + +- name: Ensure DNF COPR plugin is available + dnf: pkg="dnf-command(copr)" state=present + tags: + - packages + +- name: Install openQA repo if needed + command: "dnf -y copr enable adamwill/openQA" + args: + creates: /etc/yum.repos.d/_copr_adamwill-openQA.repo + tags: + - config + +- name: Install required packages + dnf: name={{ item }} state=present enablerepo=adamwill-openQA + with_items: + - libselinux-python + - openqa + - git + - libselinux-utils + - nfs-utils + - perl(Class::DBI::Pg) + - perl(DateTime::Format::Pg) + tags: + - packages + +- name: Check out the tests + git: + repo: https://bitbucket.org/rajcze/openqa_fedora + dest: /var/lib/openqa/share/tests/fedora + +- name: Create exports file + copy: src=exports dest=/etc/exports.d/openqa.exports owner=root group=root mode=0644 + tags: + - config + +- name: Enable and start NFS server + service: name=nfs-server enabled=yes state=started + +- name: Set up Apache config + template: src=openqa.conf.httpd.j2 dest=/etc/httpd/conf.d/openqa.conf owner=root group=root mode=0644 + tags: + - config + +- name: OpenQA config + copy: src=openqa.ini dest=/etc/openqa/openqa.ini owner=geekotest group=root mode=0640 + tags: + - config + +- name: Create database + delegate_to: "{{ openqa_dbhost }}" + sudo_user: postgres + sudo: true + action: postgresql_db db={{ openqa_dbname }} + when: "openqa_dbhost is defined" + +- name: Ensure db user has access to database + delegate_to: "{{ openqa_dbhost }}" + sudo_user: postgres + sudo: true + action: postgresql_user db={{ openqa_dbname }} user={{ openqa_dbuser }} password={{ openqa_dbpassword }} role_attr_flags=NOSUPERUSER + when: "openqa_dbhost is defined" + +- name: Database config + template: src=database.ini.pgsql.j2 dest=/etc/openqa/database.ini owner=geekotest group=root mode=0640 + when: "openqa_dbhost is defined" + tags: + - config + +- name: Initialize database + command: "/usr/share/openqa/script/initdb --user geekotest --init_database" + register: initdb + changed_when: "initdb.rc == 0" + failed_when: "(initdb.rc > 0) and (initdb.stderr is not defined or initdb.stderr.find('already exists') == -1)" + +- name: Enable and start services + service: name={{ item }} enabled=yes state=started + register: services + with_items: + - openqa-scheduler + - openqa-webui + - openqa-websockets + - openqa-gru + +- name: Check if SELinux policy is set + shell: "getsebool httpd_can_network_connect" + register: getsebool + always_run: true + changed_when: "1 != 1" + +# This is using a big hammer until #1277312 is resolved +- name: Allow Apache to connect to openQA + command: "setsebool -P httpd_can_network_connect on" + when: getsebool.stdout.find('--> on') == -1 + +- name: Wait for openQA to be fully started + pause: seconds=5 + when: services|changed + +- name: openQA client config + template: src=client.conf.j2 dest=/etc/openqa/client.conf owner=root group=root mode=0600 + tags: + - config + +- name: Create admin user + command: "/var/lib/openqa/script/create_admin --email {{ openqa_email }} --nickname {{ openqa_nickname }} --fullname '{{ openqa_fullname }}' --key {{ openqa_key }} --secret {{ openqa_secret }} {{ openqa_userid }}" + register: admin + changed_when: "admin.rc == 0" + failed_when: "(admin.rc > 0) and (admin.stderr is not defined or admin.stderr.find('already exists') == -1)" + +- name: Load tests + shell: "/var/lib/openqa/share/tests/fedora/templates | grep 'added => [1-9]'" + register: templates + changed_when: "templates.rc == 0" + failed_when: "1 != 1" diff --git a/roles/openqa_server/templates/client.conf.j2 b/roles/openqa_server/templates/client.conf.j2 new file mode 100644 index 0000000000..609e86a2c5 --- /dev/null +++ b/roles/openqa_server/templates/client.conf.j2 @@ -0,0 +1,3 @@ +[{{ openqa_hostname|default('localhost') }}] +key = {{ openqa_key }} +secret = {{ openqa_secret }} diff --git a/roles/openqa_server/templates/database.ini.pgsql.j2 b/roles/openqa_server/templates/database.ini.pgsql.j2 new file mode 100644 index 0000000000..05712e2c80 --- /dev/null +++ b/roles/openqa_server/templates/database.ini.pgsql.j2 @@ -0,0 +1,9 @@ +[test] +dsn = dbi:SQLite:dbname=:memory: +on_connect_call = use_foreign_keys +on_connect_do = PRAGMA synchronous = OFF + +[production] +dsn = dbi:Pg:dbname={{ openqa_dbname }};host={{ openqa_dbhost }} +user = {{ openqa_dbuser }} +password = {{ openqa_dbpassword }} diff --git a/roles/openqa_server/templates/openqa.conf.httpd.j2 b/roles/openqa_server/templates/openqa.conf.httpd.j2 new file mode 100644 index 0000000000..dd8d9e6195 --- /dev/null +++ b/roles/openqa_server/templates/openqa.conf.httpd.j2 @@ -0,0 +1,4 @@ + + ServerName {{ external_hostname|default(ansible_nodename) }} + Include conf.d/openqa-common.inc + diff --git a/roles/openqa_worker/tasks/main.yml b/roles/openqa_worker/tasks/main.yml new file mode 100644 index 0000000000..70c4c70ed9 --- /dev/null +++ b/roles/openqa_worker/tasks/main.yml @@ -0,0 +1,45 @@ +# Required vars +# - openqa_workers +## integer - number of worker instances to create/run + +# Required vars with defaults +# - openqa_hostname +## string - hostname of openQA server to run jobs for +## default - localhost + +- name: Ensure DNF COPR plugin is available + dnf: pkg="dnf-command(copr)" state=present + tags: + - packages + +- name: Install openQA repo if needed + command: "dnf -y copr enable adamwill/openQA" + args: + creates: /etc/yum.repos.d/_copr_adamwill-openQA.repo + tags: + - config + +- name: Install packages + dnf: name={{ item }} state=present enablerepo=adamwill-openQA + with_items: + - openqa-worker + - libselinux-python + tags: + - packages + +- include: nfs-client.yml + when: openqa_hostname is defined and openqa_hostname != "localhost" + +- name: openQA client config + template: src=client.conf.j2 dest=/etc/openqa/client.conf owner=_openqa-worker group=root mode=0600 + tags: + - config + +- name: openQA worker config + template: src=workers.ini.j2 dest=/etc/openqa/workers.ini owner=_openqa-worker group=root mode=0644 + tags: + - config + +- name: Worker services + service: name=openqa-worker@{{ item }} enabled=yes state=started + with_sequence: "count={{ openqa_workers }}" diff --git a/roles/openqa_worker/tasks/nfs-client.yml b/roles/openqa_worker/tasks/nfs-client.yml new file mode 100644 index 0000000000..0489e5fe64 --- /dev/null +++ b/roles/openqa_worker/tasks/nfs-client.yml @@ -0,0 +1,19 @@ +# Required vars +# - openqa_hostname +## string - hostname of the openQA server (we assume it is hosting the NFS mount) + +- name: Install NFS client + dnf: name=nfs-utils state=present + tags: + - packages + +- name: Ensure mount target exists + file: path=/var/lib/openqa/share state=directory owner=root group=root mode=0755 + +- name: Create mount unit + template: src=var-lib-openqa-share.mount.j2 dest=/etc/systemd/system/var-lib-openqa-share.mount owner=root group=root mode=0644 + tags: + - config + +- name: Enable and start mount + service: name=var-lib-openqa-share.mount enabled=yes state=started diff --git a/roles/openqa_worker/templates/client.conf.j2 b/roles/openqa_worker/templates/client.conf.j2 new file mode 100644 index 0000000000..609e86a2c5 --- /dev/null +++ b/roles/openqa_worker/templates/client.conf.j2 @@ -0,0 +1,3 @@ +[{{ openqa_hostname|default('localhost') }}] +key = {{ openqa_key }} +secret = {{ openqa_secret }} diff --git a/roles/openqa_worker/templates/var-lib-openqa-share.mount.j2 b/roles/openqa_worker/templates/var-lib-openqa-share.mount.j2 new file mode 100644 index 0000000000..11af4b3828 --- /dev/null +++ b/roles/openqa_worker/templates/var-lib-openqa-share.mount.j2 @@ -0,0 +1,8 @@ +[Unit] +Description=openQA shared assets +ConditionPathExists=/var/lib/openqa/share + +[Mount] +What={{ openqa_hostname }}:/var/lib/openqa/share +Where=/var/lib/openqa/share +Type=nfs diff --git a/roles/openqa_worker/templates/workers.ini.j2 b/roles/openqa_worker/templates/workers.ini.j2 new file mode 100644 index 0000000000..b9665bc8fc --- /dev/null +++ b/roles/openqa_worker/templates/workers.ini.j2 @@ -0,0 +1,2 @@ +[global] +HOST = http://{{ openqa_hostname|default('localhost') }} From f024b35147f8af6cd2d0dac154fe34cf6ea8d5e9 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 11 Nov 2015 21:57:24 +0000 Subject: [PATCH 02/25] Drop duplicate slave_user definitions. --- inventory/group_vars/taskotron-prod-clients | 1 - inventory/group_vars/taskotron-stg-clients | 1 - 2 files changed, 2 deletions(-) diff --git a/inventory/group_vars/taskotron-prod-clients b/inventory/group_vars/taskotron-prod-clients index 37298adfd3..fc3fc5c6cb 100644 --- a/inventory/group_vars/taskotron-prod-clients +++ b/inventory/group_vars/taskotron-prod-clients @@ -20,7 +20,6 @@ freezes: true slave_user: buildslave slave_home: /home/buildslave/ slave_dir: /home/buildslave/slave -slave_user: buildslave buildmaster: 10.5.124.206 buildslave_port: 9989 taskotron_admin_email: taskotron-admin-members@fedoraproject.org diff --git a/inventory/group_vars/taskotron-stg-clients b/inventory/group_vars/taskotron-stg-clients index bfae6784bd..ee7b55319b 100644 --- a/inventory/group_vars/taskotron-stg-clients +++ b/inventory/group_vars/taskotron-stg-clients @@ -24,7 +24,6 @@ extra_enablerepos: '' slave_user: buildslave slave_home: /home/buildslave/ slave_dir: /home/buildslave/slave -slave_user: buildslave buildmaster: 10.5.124.232 buildslave_port: 9989 taskotron_admin_email: taskotron-admin-members@fedoraproject.org From 7fd931b3895697342d4027f17ba22bbe814f5788 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 11 Nov 2015 21:58:50 +0000 Subject: [PATCH 03/25] Drop duplicate buildmaster_dir definitions --- inventory/group_vars/qa-stg | 1 - inventory/group_vars/qadevel | 1 - inventory/group_vars/taskotron-prod | 1 - 3 files changed, 3 deletions(-) diff --git a/inventory/group_vars/qa-stg b/inventory/group_vars/qa-stg index 1c1a8d6efd..e2f392e75e 100644 --- a/inventory/group_vars/qa-stg +++ b/inventory/group_vars/qa-stg @@ -63,7 +63,6 @@ buildmaster_dir: /home/buildmaster/master buildslave_dir: /home/buildslave/slave buildslave_poll_interval: 1800 buildmaster_home: /home/buildmaster -buildmaster_dir: /home/buildmaster/master buildmaster_user: buildmaster # build details diff --git a/inventory/group_vars/qadevel b/inventory/group_vars/qadevel index 7f6f21259a..41c03d0ef3 100644 --- a/inventory/group_vars/qadevel +++ b/inventory/group_vars/qadevel @@ -34,7 +34,6 @@ buildmaster_dir: /home/buildmaster/master buildslave_dir: /home/buildslave/slave buildslave_poll_interval: 1800 buildmaster_home: /home/buildmaster -buildmaster_dir: /home/buildmaster/master buildmaster_user: buildmaster external_hostname: qadevel.cloud.fedoraproject.org diff --git a/inventory/group_vars/taskotron-prod b/inventory/group_vars/taskotron-prod index 7c1e5c7cb9..2a94e23d65 100644 --- a/inventory/group_vars/taskotron-prod +++ b/inventory/group_vars/taskotron-prod @@ -16,7 +16,6 @@ cgit_root_title: "Taskotron Git Mirror" buildmaster_dir: /home/buildmaster/master buildslave_dir: /home/buildslave/slave buildmaster_home: /home/buildmaster -buildmaster_dir: /home/buildmaster/master buildmaster_user: buildmaster external_hostname: taskotron.fedoraproject.org resultsdb_url: http://resultsdb01.qa.fedoraproject.org/resultsdb_api/api/v1.0 From 0c793c35139b49e1cb4d508bc72609b4b4488505 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 11 Nov 2015 22:09:23 +0000 Subject: [PATCH 04/25] Fix a bunch of duplicate variables. --- inventory/group_vars/koji | 2 -- .../host_vars/autocloud-backend-vbox.phx2.fedoraproject.org | 1 - inventory/host_vars/jenkins.fedorainfracloud.org | 4 +--- inventory/host_vars/people01.fedoraproject.org | 1 - inventory/host_vars/proxy07.fedoraproject.org | 2 -- inventory/host_vars/testdays.fedorainfracloud.org | 4 ---- 6 files changed, 1 insertion(+), 13 deletions(-) diff --git a/inventory/group_vars/koji b/inventory/group_vars/koji index 07e948a5aa..54da467cdb 100644 --- a/inventory/group_vars/koji +++ b/inventory/group_vars/koji @@ -50,5 +50,3 @@ virt_install_command: virt-install -n {{ inventory_hostname }} -r {{ mem_size }} ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname }}-nfs:eth1:none" --network=bridge=br0,model=virtio --network=bridge=br1,model=virtio --autostart --noautoconsole - -sudoers: "{{ private }}/files/sudo/arm-releng-sudoers" diff --git a/inventory/host_vars/autocloud-backend-vbox.phx2.fedoraproject.org b/inventory/host_vars/autocloud-backend-vbox.phx2.fedoraproject.org index 438b31f398..9c66838eba 100644 --- a/inventory/host_vars/autocloud-backend-vbox.phx2.fedoraproject.org +++ b/inventory/host_vars/autocloud-backend-vbox.phx2.fedoraproject.org @@ -10,7 +10,6 @@ nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3" # general configs nrpe_procs_warn: 900 nrpe_procs_crit: 1000 -datacenter: phx2 nm: 255.255.255.0 gw: 10.5.126.254 dns: 10.5.126.21 diff --git a/inventory/host_vars/jenkins.fedorainfracloud.org b/inventory/host_vars/jenkins.fedorainfracloud.org index e470bf4ae3..61f7128a6b 100644 --- a/inventory/host_vars/jenkins.fedorainfracloud.org +++ b/inventory/host_vars/jenkins.fedorainfracloud.org @@ -4,7 +4,7 @@ instance_type: m1.small keypair: fedora-admin-20130801 security_group: ssh-anywhere-persistent,web-80-anywhere-persistent,default,all-icmp-persistent zone: nova -tcp_ports: [22, 80, 443] +tcp_ports: [22, 80, 443, 8080] inventory_tenant: persistent inventory_instance_name: jenkins @@ -21,8 +21,6 @@ cloud_networks: # persistent-net - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f" -tcp_ports: [ 8080 ] - custom_nat_rules: [ # Redirect port 80 to 8080, which is used by jenkins '-A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080', diff --git a/inventory/host_vars/people01.fedoraproject.org b/inventory/host_vars/people01.fedoraproject.org index e4cc0ce312..53d5baeed0 100644 --- a/inventory/host_vars/people01.fedoraproject.org +++ b/inventory/host_vars/people01.fedoraproject.org @@ -1,6 +1,5 @@ --- freezes: false -datacenter: ibiblio #host_backup_targets: ['/srv/web'] nm: 255.255.255.128 diff --git a/inventory/host_vars/proxy07.fedoraproject.org b/inventory/host_vars/proxy07.fedoraproject.org index 4861605072..8e391f4681 100644 --- a/inventory/host_vars/proxy07.fedoraproject.org +++ b/inventory/host_vars/proxy07.fedoraproject.org @@ -8,8 +8,6 @@ eth0_ip: 213.175.193.206 vmhost: bodhost01.fedoraproject.org datacenter: bodhost -postfix_group: vpn - ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/ diff --git a/inventory/host_vars/testdays.fedorainfracloud.org b/inventory/host_vars/testdays.fedorainfracloud.org index 0e14323d83..c62328ec77 100644 --- a/inventory/host_vars/testdays.fedorainfracloud.org +++ b/inventory/host_vars/testdays.fedorainfracloud.org @@ -46,7 +46,6 @@ resultsdb_db_host_machine: "{{ public_ip }}" resultsdb_db_host: 127.0.0.1 resultsdb_db_port: 5432 resultsdb_endpoint: 'resultsdb_api' -resultsdb_fe_endpoint: 'resultsdb' resultsdb_db_name: resultsdb_testdays resultsdb_db_user: "{{ testdays_testdays_db_user }}" @@ -56,9 +55,6 @@ resultsdb_secret_key: "{{ testdays_resultsdb_secretkey }}" allowed_hosts: - 127.0.0.1 -resultsdb_endpoint: "resultsdb-api" - - ############################################################ # resultsdb_frontend ############################################################ From 76c2f6fd352b07406e3165db10866daf6c4bd305 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 11 Nov 2015 22:13:51 +0000 Subject: [PATCH 05/25] Another duplicate variable --- inventory/host_vars/copr-fe.cloud.fedoraproject.org | 1 - 1 file changed, 1 deletion(-) diff --git a/inventory/host_vars/copr-fe.cloud.fedoraproject.org b/inventory/host_vars/copr-fe.cloud.fedoraproject.org index fc32e34789..d48ae346c9 100644 --- a/inventory/host_vars/copr-fe.cloud.fedoraproject.org +++ b/inventory/host_vars/copr-fe.cloud.fedoraproject.org @@ -11,7 +11,6 @@ hostbase: copr-fe- public_ip: 209.132.184.54 root_auth_users: ryanlerch pingou msuchy sgallagh nb asamalik vgologuz description: copr frontend server - prod instance -volumes: ['-d /dev/vdb vol-0000000f'] tcp_ports: [22, 80, 443] volumes: [ {volume_id: '8f790db7-8294-4d2b-8bae-7af5961ce0f8', device: '/dev/vdc'} ] inventory_tenant: persistent From e1582cdd56c5905c80ae5deaf1210f068eb54a2a Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 11 Nov 2015 22:16:44 +0000 Subject: [PATCH 06/25] Drop duplicate when, should be handled by the first one. --- roles/taskotron/taskotron-client/tasks/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/taskotron/taskotron-client/tasks/main.yml b/roles/taskotron/taskotron-client/tasks/main.yml index 60094559a2..d242342536 100644 --- a/roles/taskotron/taskotron-client/tasks/main.yml +++ b/roles/taskotron/taskotron-client/tasks/main.yml @@ -14,7 +14,6 @@ - PyYAML - libtaskotron - resultsdb_api - when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not defined - name: ensure packages required for taskotron tasks are installed (yum) yum: name={{ item }} state=latest enablerepo={{ extra_enablerepos }} From 92cfa47aad0e18ac867998f339accd8474099eb2 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 11 Nov 2015 22:57:31 +0000 Subject: [PATCH 07/25] Try this as inventory_hostname as it doesn't like _short --- playbooks/groups/noc.yml | 2 +- ...nagios.noc01.yml => nagios.noc01.phx2.fedoraproject.org.yml} | 0 vars/{nagios.noc02.yml => nagios.noc02.fedoraproject.org.yml} | 0 3 files changed, 1 insertion(+), 1 deletion(-) rename vars/{nagios.noc01.yml => nagios.noc01.phx2.fedoraproject.org.yml} (100%) rename vars/{nagios.noc02.yml => nagios.noc02.fedoraproject.org.yml} (100%) diff --git a/playbooks/groups/noc.yml b/playbooks/groups/noc.yml index f444407912..610b2d21c8 100644 --- a/playbooks/groups/noc.yml +++ b/playbooks/groups/noc.yml @@ -42,7 +42,7 @@ - /srv/web/infra/ansible/vars/global.yml - "/srv/private/ansible/vars.yml" - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - /srv/web/infra/ansible/vars/nagios.{{ inventory_hostname_short }}.yml + - "/srv/web/infra/ansible/vars/nagios.{{ inventory_hostname }}.yml" handlers: - include: "{{ handlers }}/restart_services.yml" diff --git a/vars/nagios.noc01.yml b/vars/nagios.noc01.phx2.fedoraproject.org.yml similarity index 100% rename from vars/nagios.noc01.yml rename to vars/nagios.noc01.phx2.fedoraproject.org.yml diff --git a/vars/nagios.noc02.yml b/vars/nagios.noc02.fedoraproject.org.yml similarity index 100% rename from vars/nagios.noc02.yml rename to vars/nagios.noc02.fedoraproject.org.yml From c775539707fb8d8cad03b360591f1018de9d76e0 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 11 Nov 2015 23:20:28 +0000 Subject: [PATCH 08/25] Switch back to inventory_hostname_short for debugging --- playbooks/groups/noc.yml | 2 +- ...nagios.noc01.phx2.fedoraproject.org.yml => nagios.noc01.yml} | 0 vars/{nagios.noc02.fedoraproject.org.yml => nagios.noc02.yml} | 0 3 files changed, 1 insertion(+), 1 deletion(-) rename vars/{nagios.noc01.phx2.fedoraproject.org.yml => nagios.noc01.yml} (100%) rename vars/{nagios.noc02.fedoraproject.org.yml => nagios.noc02.yml} (100%) diff --git a/playbooks/groups/noc.yml b/playbooks/groups/noc.yml index 610b2d21c8..115792e7f2 100644 --- a/playbooks/groups/noc.yml +++ b/playbooks/groups/noc.yml @@ -42,7 +42,7 @@ - /srv/web/infra/ansible/vars/global.yml - "/srv/private/ansible/vars.yml" - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml - - "/srv/web/infra/ansible/vars/nagios.{{ inventory_hostname }}.yml" + - "/srv/web/infra/ansible/vars/nagios.{{ inventory_hostname_short }}.yml" handlers: - include: "{{ handlers }}/restart_services.yml" diff --git a/vars/nagios.noc01.phx2.fedoraproject.org.yml b/vars/nagios.noc01.yml similarity index 100% rename from vars/nagios.noc01.phx2.fedoraproject.org.yml rename to vars/nagios.noc01.yml diff --git a/vars/nagios.noc02.fedoraproject.org.yml b/vars/nagios.noc02.yml similarity index 100% rename from vars/nagios.noc02.fedoraproject.org.yml rename to vars/nagios.noc02.yml From 7e49120c7a01086a8087586923677c475c501cc8 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Thu, 12 Nov 2015 01:55:06 +0000 Subject: [PATCH 09/25] Move yum repos to pre tasks --- playbooks/groups/buildhw.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/playbooks/groups/buildhw.yml b/playbooks/groups/buildhw.yml index 2b3f703076..ea4e6d43e8 100644 --- a/playbooks/groups/buildhw.yml +++ b/playbooks/groups/buildhw.yml @@ -12,6 +12,9 @@ - "/srv/private/ansible/vars.yml" - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + pre_tasks: + - include: "{{ tasks }}/yumrepos.yml" + roles: - base - { role: nfs/client, when: inventory_hostname.startswith('build') , mnt_dir: '/mnt/fedora_koji', nfs_src_dir: 'fedora_koji' } @@ -30,7 +33,6 @@ when: not inventory_hostname.startswith('bkernel') - include: "{{ tasks }}/motd.yml" when: not inventory_hostname.startswith('bkernel') - - include: "{{ tasks }}/yumrepos.yml" handlers: - include: "{{ handlers }}/restart_services.yml" From 3f26628ece53b0e5736569a22715fe19ae8086e4 Mon Sep 17 00:00:00 2001 From: Adrian Reber Date: Thu, 12 Nov 2015 08:15:21 +0000 Subject: [PATCH 10/25] Decrease number of parallel crawlers to 20 --- roles/mirrormanager/crawler/files/crawler.cron | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/mirrormanager/crawler/files/crawler.cron b/roles/mirrormanager/crawler/files/crawler.cron index a3691d7732..2b68c76bc5 100644 --- a/roles/mirrormanager/crawler/files/crawler.cron +++ b/roles/mirrormanager/crawler/files/crawler.cron @@ -1,8 +1,7 @@ # run the crawler twice a day # logs sent to /var/log/mirrormanager/crawler.log and crawl/* by default -# 27 threads with 32GB of RAM seems to work so far # # [ "`hostname -s`" == "mm-crawler02" ] && sleep 2h is used to start the crawl # later on the second crawler to reduce the number of parallel accesses to # the database -0 */12 * * * mirrormanager [ "`hostname -s`" == "mm-crawler02" ] && sleep 2h; /usr/bin/mm2_crawler --timeout-minutes 180 --threads 23 `/usr/local/bin/run_crawler.sh 2` > /dev/null 2>&1 +0 */12 * * * mirrormanager [ "`hostname -s`" == "mm-crawler02" ] && sleep 2h; /usr/bin/mm2_crawler --timeout-minutes 180 --threads 20 `/usr/local/bin/run_crawler.sh 2` > /dev/null 2>&1 From 6f8ff306b5c3d73f912a1dee3459f0882ffc1ff1 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Thu, 12 Nov 2015 08:53:46 +0000 Subject: [PATCH 11/25] Bump crawler memory up to 40G Signed-off-by: Patrick Uiterwijk --- inventory/host_vars/mm-crawler01.phx2.fedoraproject.org | 2 +- inventory/host_vars/mm-crawler01.stg.phx2.fedoraproject.org | 2 +- inventory/host_vars/mm-crawler02.phx2.fedoraproject.org | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/inventory/host_vars/mm-crawler01.phx2.fedoraproject.org b/inventory/host_vars/mm-crawler01.phx2.fedoraproject.org index 0f364b8ee6..6547fa7c89 100644 --- a/inventory/host_vars/mm-crawler01.phx2.fedoraproject.org +++ b/inventory/host_vars/mm-crawler01.phx2.fedoraproject.org @@ -1,6 +1,6 @@ --- lvm_size: 20000 -mem_size: 32768 +mem_size: 40960 num_cpus: 4 nm: 255.255.255.0 gw: 10.5.126.254 diff --git a/inventory/host_vars/mm-crawler01.stg.phx2.fedoraproject.org b/inventory/host_vars/mm-crawler01.stg.phx2.fedoraproject.org index 5f48fdc3fc..6eaf1f578b 100644 --- a/inventory/host_vars/mm-crawler01.stg.phx2.fedoraproject.org +++ b/inventory/host_vars/mm-crawler01.stg.phx2.fedoraproject.org @@ -1,6 +1,6 @@ --- lvm_size: 20000 -mem_size: 32768 +mem_size: 40960 num_cpus: 4 nm: 255.255.255.0 gw: 10.5.126.254 diff --git a/inventory/host_vars/mm-crawler02.phx2.fedoraproject.org b/inventory/host_vars/mm-crawler02.phx2.fedoraproject.org index 7a27f7f13a..804afa116c 100644 --- a/inventory/host_vars/mm-crawler02.phx2.fedoraproject.org +++ b/inventory/host_vars/mm-crawler02.phx2.fedoraproject.org @@ -1,6 +1,6 @@ --- lvm_size: 20000 -mem_size: 32768 +mem_size: 40960 num_cpus: 4 nm: 255.255.255.0 gw: 10.5.126.254 From 04c6a4fbf8ea8ff3b0edcccbdebe5a2d77795167 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Thu, 12 Nov 2015 08:56:51 +0000 Subject: [PATCH 12/25] stg didnt need to be bumped Signed-off-by: Patrick Uiterwijk --- inventory/host_vars/mm-crawler01.stg.phx2.fedoraproject.org | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inventory/host_vars/mm-crawler01.stg.phx2.fedoraproject.org b/inventory/host_vars/mm-crawler01.stg.phx2.fedoraproject.org index 6eaf1f578b..5f48fdc3fc 100644 --- a/inventory/host_vars/mm-crawler01.stg.phx2.fedoraproject.org +++ b/inventory/host_vars/mm-crawler01.stg.phx2.fedoraproject.org @@ -1,6 +1,6 @@ --- lvm_size: 20000 -mem_size: 40960 +mem_size: 32768 num_cpus: 4 nm: 255.255.255.0 gw: 10.5.126.254 From 8b8606a0d62d02d3d76efb501832c7e7135fff5a Mon Sep 17 00:00:00 2001 From: Adrian Reber Date: Thu, 12 Nov 2015 09:08:27 +0000 Subject: [PATCH 13/25] Enable mirrorlist-server logging With the logs from the mirrorlist-server logging it is possible to create country/repository/architecture statistics. The code which creates the actual statistics is partially already included into mirrormanager. Signed-off-by: Adrian Reber --- .../mirrorlist2/files/mirrorlist-server.service | 5 +++++ roles/mirrormanager/mirrorlist2/handlers/main.yml | 3 +++ roles/mirrormanager/mirrorlist2/tasks/main.yml | 11 +++++++++++ 3 files changed, 19 insertions(+) create mode 100644 roles/mirrormanager/mirrorlist2/files/mirrorlist-server.service create mode 100644 roles/mirrormanager/mirrorlist2/handlers/main.yml diff --git a/roles/mirrormanager/mirrorlist2/files/mirrorlist-server.service b/roles/mirrormanager/mirrorlist2/files/mirrorlist-server.service new file mode 100644 index 0000000000..f4932e18bd --- /dev/null +++ b/roles/mirrormanager/mirrorlist2/files/mirrorlist-server.service @@ -0,0 +1,5 @@ +.include /usr/lib/systemd/system/mirrorlist-server.service +[Service] +# systemd needs an empty ExecStart= to be able to overwrite ExecStart= +ExecStart= +ExecStart=/usr/bin/python2 /usr/share/mirrormanager2/mirrorlist_server.py --debug -l /var/log/mirrormanager/mirrorlist.log diff --git a/roles/mirrormanager/mirrorlist2/handlers/main.yml b/roles/mirrormanager/mirrorlist2/handlers/main.yml new file mode 100644 index 0000000000..3d8bee041e --- /dev/null +++ b/roles/mirrormanager/mirrorlist2/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: reload systemd service files + command: systemctl daemon-reload diff --git a/roles/mirrormanager/mirrorlist2/tasks/main.yml b/roles/mirrormanager/mirrorlist2/tasks/main.yml index e0dee54162..2cf504e321 100644 --- a/roles/mirrormanager/mirrorlist2/tasks/main.yml +++ b/roles/mirrormanager/mirrorlist2/tasks/main.yml @@ -80,5 +80,16 @@ owner=root group=root mode=0755 tags: - hotfix + +- name: make a /var/log/mirrormanager dir for logs + file: dest=/var/log/mirrormanager/ state=directory owner=mirrormanager group=mirrormanager mode=0755 + tags: + - mirrorlist2 + +- name: copy systemd service file in for mirrorlist-server + copy: src=mirrorlist-server.service dest=/etc/systemd/system/mirrorlist-server.service notify: + - reload systemd service files - restart mirrorlist-server + tags: + - mirrorlist2 From 209c8a9a5d2dae7c2233fb8ed5afa6fb45e41efb Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Thu, 12 Nov 2015 17:46:00 +0000 Subject: [PATCH 14/25] Switch repo2json to the new repo format we are using since the move to the batcave. --- roles/repo2json/files/rhel_to_json.py | 38 ++------------------------- 1 file changed, 2 insertions(+), 36 deletions(-) diff --git a/roles/repo2json/files/rhel_to_json.py b/roles/repo2json/files/rhel_to_json.py index 63ba2520e3..2b500b4a5a 100644 --- a/roles/repo2json/files/rhel_to_json.py +++ b/roles/repo2json/files/rhel_to_json.py @@ -65,44 +65,10 @@ PATHS = { '/mnt/fedora/app/fi-repo/rhel/rhel7/', ], 'el6': [ - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-fastrack-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-ha-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-ha-fastrack-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-lb-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-lb-fastrack-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-optional-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-optional-fastrack-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc64-server-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc64-server-fastrack-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc64-server-ha-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc64-server-ha-fastrack-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc64-server-lb-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc64-server-lb-fastrack-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc64-server-optional-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc64-server-optional-fastrack-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-fastrack-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-ha-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-ha-fastrack-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-lb-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-lb-fastrack-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-optional-6', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-optional-fastrack-6', + '/mnt/fedora/app/fi-repo/rhel/rhel6/', ], 'el5': [ - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-5/', - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-fastrack-5/', - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-productivity-5/', - '/mnt/fedora/app/fi-repo/rhel/rhel-i386-server-vt-5/', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc-server-5/', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc-server-fastrack-5/', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc-server-productivity-5/', - '/mnt/fedora/app/fi-repo/rhel/rhel-ppc-server-vt-5/', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-5/', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-fastrack-5/', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-productivity-5/', - '/mnt/fedora/app/fi-repo/rhel/rhel-x86_64-server-vt-5/', + '/mnt/fedora/app/fi-repo/rhel/rhel5/', ], } From d4750a4f553bd9879018f3e7ca940fe354921380 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Thu, 12 Nov 2015 14:42:07 -0800 Subject: [PATCH 15/25] openqa: fix NFS mount so it works on boot --- roles/openqa_worker/tasks/nfs-client.yml | 5 ++++- roles/openqa_worker/templates/var-lib-openqa-share.mount.j2 | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/roles/openqa_worker/tasks/nfs-client.yml b/roles/openqa_worker/tasks/nfs-client.yml index 0489e5fe64..700a9ce7d2 100644 --- a/roles/openqa_worker/tasks/nfs-client.yml +++ b/roles/openqa_worker/tasks/nfs-client.yml @@ -16,4 +16,7 @@ - config - name: Enable and start mount - service: name=var-lib-openqa-share.mount enabled=yes state=started + service: name={{ item }} enabled=yes state=started + with_items: + - var-lib-openqa-share.mount + - remote-fs.target diff --git a/roles/openqa_worker/templates/var-lib-openqa-share.mount.j2 b/roles/openqa_worker/templates/var-lib-openqa-share.mount.j2 index 11af4b3828..3ec823f460 100644 --- a/roles/openqa_worker/templates/var-lib-openqa-share.mount.j2 +++ b/roles/openqa_worker/templates/var-lib-openqa-share.mount.j2 @@ -6,3 +6,6 @@ ConditionPathExists=/var/lib/openqa/share What={{ openqa_hostname }}:/var/lib/openqa/share Where=/var/lib/openqa/share Type=nfs + +[Install] +WantedBy = remote-fs.target From 4b347a92141a7e9de9e8c9264d0117e395099de0 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Thu, 12 Nov 2015 15:50:21 -0800 Subject: [PATCH 16/25] openqa: don't check ownership of shared data mount after mounting it's not owned by root any more, and chowning a mount doesn't work, so if we try and check ownership it blows up --- roles/openqa_worker/tasks/nfs-client.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/openqa_worker/tasks/nfs-client.yml b/roles/openqa_worker/tasks/nfs-client.yml index 700a9ce7d2..2eedd0ec3f 100644 --- a/roles/openqa_worker/tasks/nfs-client.yml +++ b/roles/openqa_worker/tasks/nfs-client.yml @@ -7,8 +7,10 @@ tags: - packages +# We don't check ownership as, after mounting, it's owned by whatever the +# UID of geekotest is on the server - name: Ensure mount target exists - file: path=/var/lib/openqa/share state=directory owner=root group=root mode=0755 + file: path=/var/lib/openqa/share state=directory mode=0755 - name: Create mount unit template: src=var-lib-openqa-share.mount.j2 dest=/etc/systemd/system/var-lib-openqa-share.mount owner=root group=root mode=0644 From 749efbba97230aeb45212c687c48c99a7c42fc80 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Thu, 12 Nov 2015 15:51:11 -0800 Subject: [PATCH 17/25] create asset dirs, have geekotest own tests, create hdd images --- roles/openqa_server/tasks/main.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/roles/openqa_server/tasks/main.yml b/roles/openqa_server/tasks/main.yml index 1b22be178a..23e513a277 100644 --- a/roles/openqa_server/tasks/main.yml +++ b/roles/openqa_server/tasks/main.yml @@ -54,6 +54,7 @@ - nfs-utils - perl(Class::DBI::Pg) - perl(DateTime::Format::Pg) + - libguestfs-tools-c tags: - packages @@ -62,6 +63,30 @@ repo: https://bitbucket.org/rajcze/openqa_fedora dest: /var/lib/openqa/share/tests/fedora +- name: Have tests owned by geekotest + file: path=/var/lib/openqa/share/tests/fedora owner=geekotest recurse=yes + +- name: Check out openqa_fedora_tools + git: + repo: https://bitbucket.org/rajcze/openqa_fedora_tools + dest: /root/openqa_fedora_tools + +- name: Create asset directories + file: path={{ item }} state=directory owner=geekotest group=root mode=0755 + with_items: + - /var/lib/openqa/share/factory/iso + - /var/lib/openqa/share/factory/hdd + - /var/lib/openqa/share/factory/repo + +# NOTE: this is very hacky, but we can't do much better with the current +# disk creation script, I will try and make it better. We'll have to bump +# this hardcoded release number every so often. +- name: Create hard disk images (this may take a long time!) + command: "/root/openqa_fedora_tools/tools/createhdds.sh 23" + args: + creates: /var/lib/openqa/share/factory/hdd/disk_full.img + chdir: /var/lib/openqa/share/factory/hdd/ + - name: Create exports file copy: src=exports dest=/etc/exports.d/openqa.exports owner=root group=root mode=0644 tags: From d6070b9081821f8c027b0c574cfd0367677fb6fb Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Thu, 12 Nov 2015 16:09:38 -0800 Subject: [PATCH 18/25] make 'localhost' the openqa_worker default for openqa_hostname --- roles/openqa_worker/vars/main.yml | 1 + 1 file changed, 1 insertion(+) create mode 100644 roles/openqa_worker/vars/main.yml diff --git a/roles/openqa_worker/vars/main.yml b/roles/openqa_worker/vars/main.yml new file mode 100644 index 0000000000..42aacce60c --- /dev/null +++ b/roles/openqa_worker/vars/main.yml @@ -0,0 +1 @@ +openqa_hostname: localhost From b86fcfc0545a9b5ef1f78bd9feb691c0415bbc01 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Thu, 12 Nov 2015 16:22:18 -0800 Subject: [PATCH 19/25] openqa: drop some unnecessary indentation --- roles/openqa_server/tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/openqa_server/tasks/main.yml b/roles/openqa_server/tasks/main.yml index 23e513a277..72b337b3bd 100644 --- a/roles/openqa_server/tasks/main.yml +++ b/roles/openqa_server/tasks/main.yml @@ -135,10 +135,10 @@ service: name={{ item }} enabled=yes state=started register: services with_items: - - openqa-scheduler - - openqa-webui - - openqa-websockets - - openqa-gru + - openqa-scheduler + - openqa-webui + - openqa-websockets + - openqa-gru - name: Check if SELinux policy is set shell: "getsebool httpd_can_network_connect" From fb42855ea6dd6392f891d1f826d190038d36b1e4 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Thu, 12 Nov 2015 17:54:12 -0800 Subject: [PATCH 20/25] openqa: don't check ownership of client config It gets ping-ponged around depending on whether the host is a worker as well or not, if we check it here, it gets changed to root then right back to _openqa-worker when the worker play runs. --- roles/openqa_server/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openqa_server/tasks/main.yml b/roles/openqa_server/tasks/main.yml index 72b337b3bd..26fe5c9005 100644 --- a/roles/openqa_server/tasks/main.yml +++ b/roles/openqa_server/tasks/main.yml @@ -156,7 +156,7 @@ when: services|changed - name: openQA client config - template: src=client.conf.j2 dest=/etc/openqa/client.conf owner=root group=root mode=0600 + template: src=client.conf.j2 dest=/etc/openqa/client.conf mode=0600 tags: - config From 75191fdd5b3f5b3bcd565be0857ba8b61cd51710 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Thu, 12 Nov 2015 17:55:20 -0800 Subject: [PATCH 21/25] add openqa_dispatcher task to set up the scheduler This sets up the script we have for downloading ISOs and triggering openQA runs (nightly runs for Rawhide, Branched, and the post-release nightly cloud images, and the 'current' TC/RC service). Currently this role should only be deployed to the same box as the server it will schedule jobs for, but that can change in future. --- inventory/group_vars/openqa-stg | 3 + playbooks/groups/openqa.yml | 1 + roles/openqa_dispatcher/tasks/main.yml | 99 +++++++++++++++++++ .../templates/client.conf.j2 | 3 + .../templates/credentials.j2 | 1 + .../templates/schedule.conf.j2 | 6 ++ roles/openqa_dispatcher/vars/main.yml | 6 ++ 7 files changed, 119 insertions(+) create mode 100644 roles/openqa_dispatcher/tasks/main.yml create mode 100644 roles/openqa_dispatcher/templates/client.conf.j2 create mode 100644 roles/openqa_dispatcher/templates/credentials.j2 create mode 100644 roles/openqa_dispatcher/templates/schedule.conf.j2 create mode 100644 roles/openqa_dispatcher/vars/main.yml diff --git a/inventory/group_vars/openqa-stg b/inventory/group_vars/openqa-stg index 8b0600bed5..85fd11afbf 100644 --- a/inventory/group_vars/openqa-stg +++ b/inventory/group_vars/openqa-stg @@ -11,5 +11,8 @@ openqa_dbhost: db-qa01.qa.fedoraproject.org openqa_workers: 3 +# For now let's not run any scheduled jobs on stg +openqa_triggers: [] + # NFS tcp_ports: 2049 diff --git a/playbooks/groups/openqa.yml b/playbooks/groups/openqa.yml index 9c53794394..ea50c7663c 100644 --- a/playbooks/groups/openqa.yml +++ b/playbooks/groups/openqa.yml @@ -18,6 +18,7 @@ - { role: sudo, tags: ['sudo'] } - { role: openqa_server, tags: ['openqa_server'] } - { role: openqa_worker, tags: ['openqa_worker'] } + - { role: openqa_dispatcher, tags: ['openqa_dispatcher'] } - apache tasks: diff --git a/roles/openqa_dispatcher/tasks/main.yml b/roles/openqa_dispatcher/tasks/main.yml new file mode 100644 index 0000000000..a9bb067862 --- /dev/null +++ b/roles/openqa_dispatcher/tasks/main.yml @@ -0,0 +1,99 @@ +# Required vars with defaults +# - openqa_hostname +## string - hostname of openQA server to run jobs for +## default - localhost +# - openqa_triggers +## list - the timers to enable - i.e. which scheduled runs +## will actually be triggered by this dispatcher +## default - ['current', 'branched', 'rawhide', 'stable'] +# +# Optional vars +# - wikitcms_user +## string - FAS username for reporting results to wiki +# - wikitcms_password +## string - password for relval_user +# +# When both of the above are set, a wikitcms 'credentials' file will +# be created and result submission to the wiki will be enabled. +# +# NOTE: At present, as the scheduler code downloads the ISOs, it only +# really makes sense for openqa_server boxes to be their own +# openqa_dispatchers. However, this should be fixed in the scheduler +# code soon, so the roles are kept separate to give future flexibility. + +- name: Install required packages + dnf: name={{ item }} state=present + with_items: + - fedfind + - python-wikitcms + - python-requests + - python-setuptools + - python-six + tags: + - packages + +- name: Check out openQA-python-client + git: + repo: https://github.com/os-autoinst/openQA-python-client.git + dest: /root/openQA-python-client + register: gitclient + +- name: Check if python-client has ever been installed + command: "python -c 'import openqa_client'" + register: instclient + changed_when: "1 != 1" + failed_when: "1 != 1" + +- name: Install openQA-python-client + command: "python setup.py install" + args: + chdir: /root/openQA-python-client + when: "gitclient|changed or instclient.rc > 0" + +- name: Check out openqa_fedora_tools + git: + repo: https://bitbucket.org/rajcze/openqa_fedora_tools + dest: /root/openqa_fedora_tools + register: gittools + +- name: Check if openqa_fedora_tools has ever been installed + stat: path=/usr/bin/fedora-openqa-schedule + register: insttools + changed_when: "1 != 1" + failed_when: "1 != 1" + +- name: Install openqa_fedora_tools + command: "python setup.py install" + args: + chdir: /root/openqa_fedora_tools + when: "gittools|changed or not insttools.stat.exists" + +- name: Reload systemd config to pick up installed units + command: "systemctl daemon-reload" + when: "gittools|changed or not insttools.stat.exists" + +- name: openQA client config + template: src=client.conf.j2 dest=/etc/openqa/client.conf mode=0600 + tags: + - config + +- name: Create fedora-openqa-schedule config directory + file: path=/etc/fedora-qa state=directory owner=root group=root mode=0700 + +- name: Write schedule.conf + template: src=schedule.conf.j2 dest=/etc/fedora-qa/schedule.conf owner=root group=root mode=0600 + tags: + - config + +- name: Create /root/.fedora (credentials files location) + file: path=/root/.fedora state=directory owner=root group=root mode=0700 + +- name: Write wikitcms credentials file + template: src=credentials.j2 dest=/root/.fedora/credentials owner=root group=root mode=0600 + when: "wikitcms_user is defined and wikitcms_password is defined" + tags: + - config + +- name: Enable and start timers + service: name=openqa-trigger-{{ item }}.timer enabled=yes state=started + with_items: "{{ openqa_triggers }}" diff --git a/roles/openqa_dispatcher/templates/client.conf.j2 b/roles/openqa_dispatcher/templates/client.conf.j2 new file mode 100644 index 0000000000..609e86a2c5 --- /dev/null +++ b/roles/openqa_dispatcher/templates/client.conf.j2 @@ -0,0 +1,3 @@ +[{{ openqa_hostname|default('localhost') }}] +key = {{ openqa_key }} +secret = {{ openqa_secret }} diff --git a/roles/openqa_dispatcher/templates/credentials.j2 b/roles/openqa_dispatcher/templates/credentials.j2 new file mode 100644 index 0000000000..b460deaf6e --- /dev/null +++ b/roles/openqa_dispatcher/templates/credentials.j2 @@ -0,0 +1 @@ +{{ wikitcms_user }} {{ wikitcms_password }} diff --git a/roles/openqa_dispatcher/templates/schedule.conf.j2 b/roles/openqa_dispatcher/templates/schedule.conf.j2 new file mode 100644 index 0000000000..5c0c11dea2 --- /dev/null +++ b/roles/openqa_dispatcher/templates/schedule.conf.j2 @@ -0,0 +1,6 @@ +[report] +{% if wikitcms_user is defined and wikitcms_password is defined %} +submit: true +{% else %} +submit: false +{% endif %} diff --git a/roles/openqa_dispatcher/vars/main.yml b/roles/openqa_dispatcher/vars/main.yml new file mode 100644 index 0000000000..9284861122 --- /dev/null +++ b/roles/openqa_dispatcher/vars/main.yml @@ -0,0 +1,6 @@ +openqa_hostname: localhost +openqa_triggers: + - current + - branched + - rawhide + - stable From 9a233d20e5d28b4e2324a43811d36cf9271a414a Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Fri, 13 Nov 2015 09:09:28 -0800 Subject: [PATCH 22/25] openqa: add a couple of username vars --- inventory/group_vars/openqa | 3 +++ inventory/group_vars/openqa-stg | 1 + 2 files changed, 4 insertions(+) diff --git a/inventory/group_vars/openqa b/inventory/group_vars/openqa index 2492750b33..81c5faae8d 100644 --- a/inventory/group_vars/openqa +++ b/inventory/group_vars/openqa @@ -8,6 +8,9 @@ openqa_userid: http://adamwill.id.fedoraproject.org/ openqa_dbname: openqa openqa_dbhost: db-qa01.qa.fedoraproject.org +openqa_dbuser: openqa + +wikitcms_user: coconut openqa_workers: 3 diff --git a/inventory/group_vars/openqa-stg b/inventory/group_vars/openqa-stg index 85fd11afbf..7620270180 100644 --- a/inventory/group_vars/openqa-stg +++ b/inventory/group_vars/openqa-stg @@ -8,6 +8,7 @@ openqa_userid: http://adamwill.id.fedoraproject.org/ openqa_dbname: openqa-stg openqa_dbhost: db-qa01.qa.fedoraproject.org +openqa_dbuser: openqa openqa_workers: 3 From 8f8686d43d9997b504587908c6d403981a7e1457 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Fri, 13 Nov 2015 09:16:59 -0800 Subject: [PATCH 23/25] move openqa roles to a subdirectory (per puiterwijk) --- playbooks/groups/openqa.yml | 6 +++--- .../{openqa_dispatcher => openqa/dispatcher}/tasks/main.yml | 0 .../dispatcher}/templates/client.conf.j2 | 0 .../dispatcher}/templates/credentials.j2 | 0 .../dispatcher}/templates/schedule.conf.j2 | 0 .../{openqa_dispatcher => openqa/dispatcher}/vars/main.yml | 0 roles/{openqa_server => openqa/server}/files/exports | 0 roles/{openqa_server => openqa/server}/files/openqa.ini | 0 roles/{openqa_server => openqa/server}/tasks/main.yml | 0 .../server}/templates/client.conf.j2 | 0 .../server}/templates/database.ini.pgsql.j2 | 0 .../server}/templates/openqa.conf.httpd.j2 | 0 roles/{openqa_worker => openqa/worker}/tasks/main.yml | 0 roles/{openqa_worker => openqa/worker}/tasks/nfs-client.yml | 0 .../worker}/templates/client.conf.j2 | 0 .../worker}/templates/var-lib-openqa-share.mount.j2 | 0 .../worker}/templates/workers.ini.j2 | 0 roles/{openqa_worker => openqa/worker}/vars/main.yml | 0 18 files changed, 3 insertions(+), 3 deletions(-) rename roles/{openqa_dispatcher => openqa/dispatcher}/tasks/main.yml (100%) rename roles/{openqa_dispatcher => openqa/dispatcher}/templates/client.conf.j2 (100%) rename roles/{openqa_dispatcher => openqa/dispatcher}/templates/credentials.j2 (100%) rename roles/{openqa_dispatcher => openqa/dispatcher}/templates/schedule.conf.j2 (100%) rename roles/{openqa_dispatcher => openqa/dispatcher}/vars/main.yml (100%) rename roles/{openqa_server => openqa/server}/files/exports (100%) rename roles/{openqa_server => openqa/server}/files/openqa.ini (100%) rename roles/{openqa_server => openqa/server}/tasks/main.yml (100%) rename roles/{openqa_server => openqa/server}/templates/client.conf.j2 (100%) rename roles/{openqa_server => openqa/server}/templates/database.ini.pgsql.j2 (100%) rename roles/{openqa_server => openqa/server}/templates/openqa.conf.httpd.j2 (100%) rename roles/{openqa_worker => openqa/worker}/tasks/main.yml (100%) rename roles/{openqa_worker => openqa/worker}/tasks/nfs-client.yml (100%) rename roles/{openqa_worker => openqa/worker}/templates/client.conf.j2 (100%) rename roles/{openqa_worker => openqa/worker}/templates/var-lib-openqa-share.mount.j2 (100%) rename roles/{openqa_worker => openqa/worker}/templates/workers.ini.j2 (100%) rename roles/{openqa_worker => openqa/worker}/vars/main.yml (100%) diff --git a/playbooks/groups/openqa.yml b/playbooks/groups/openqa.yml index ea50c7663c..3bc34e5ae6 100644 --- a/playbooks/groups/openqa.yml +++ b/playbooks/groups/openqa.yml @@ -16,9 +16,9 @@ - { role: fas_client, tags: ['fas_client'] } - { role: collectd/base, tags: ['collectd_base'] } - { role: sudo, tags: ['sudo'] } - - { role: openqa_server, tags: ['openqa_server'] } - - { role: openqa_worker, tags: ['openqa_worker'] } - - { role: openqa_dispatcher, tags: ['openqa_dispatcher'] } + - { role: openqa/server, tags: ['openqa_server'] } + - { role: openqa/worker, tags: ['openqa_worker'] } + - { role: openqa/dispatcher, tags: ['openqa_dispatcher'] } - apache tasks: diff --git a/roles/openqa_dispatcher/tasks/main.yml b/roles/openqa/dispatcher/tasks/main.yml similarity index 100% rename from roles/openqa_dispatcher/tasks/main.yml rename to roles/openqa/dispatcher/tasks/main.yml diff --git a/roles/openqa_dispatcher/templates/client.conf.j2 b/roles/openqa/dispatcher/templates/client.conf.j2 similarity index 100% rename from roles/openqa_dispatcher/templates/client.conf.j2 rename to roles/openqa/dispatcher/templates/client.conf.j2 diff --git a/roles/openqa_dispatcher/templates/credentials.j2 b/roles/openqa/dispatcher/templates/credentials.j2 similarity index 100% rename from roles/openqa_dispatcher/templates/credentials.j2 rename to roles/openqa/dispatcher/templates/credentials.j2 diff --git a/roles/openqa_dispatcher/templates/schedule.conf.j2 b/roles/openqa/dispatcher/templates/schedule.conf.j2 similarity index 100% rename from roles/openqa_dispatcher/templates/schedule.conf.j2 rename to roles/openqa/dispatcher/templates/schedule.conf.j2 diff --git a/roles/openqa_dispatcher/vars/main.yml b/roles/openqa/dispatcher/vars/main.yml similarity index 100% rename from roles/openqa_dispatcher/vars/main.yml rename to roles/openqa/dispatcher/vars/main.yml diff --git a/roles/openqa_server/files/exports b/roles/openqa/server/files/exports similarity index 100% rename from roles/openqa_server/files/exports rename to roles/openqa/server/files/exports diff --git a/roles/openqa_server/files/openqa.ini b/roles/openqa/server/files/openqa.ini similarity index 100% rename from roles/openqa_server/files/openqa.ini rename to roles/openqa/server/files/openqa.ini diff --git a/roles/openqa_server/tasks/main.yml b/roles/openqa/server/tasks/main.yml similarity index 100% rename from roles/openqa_server/tasks/main.yml rename to roles/openqa/server/tasks/main.yml diff --git a/roles/openqa_server/templates/client.conf.j2 b/roles/openqa/server/templates/client.conf.j2 similarity index 100% rename from roles/openqa_server/templates/client.conf.j2 rename to roles/openqa/server/templates/client.conf.j2 diff --git a/roles/openqa_server/templates/database.ini.pgsql.j2 b/roles/openqa/server/templates/database.ini.pgsql.j2 similarity index 100% rename from roles/openqa_server/templates/database.ini.pgsql.j2 rename to roles/openqa/server/templates/database.ini.pgsql.j2 diff --git a/roles/openqa_server/templates/openqa.conf.httpd.j2 b/roles/openqa/server/templates/openqa.conf.httpd.j2 similarity index 100% rename from roles/openqa_server/templates/openqa.conf.httpd.j2 rename to roles/openqa/server/templates/openqa.conf.httpd.j2 diff --git a/roles/openqa_worker/tasks/main.yml b/roles/openqa/worker/tasks/main.yml similarity index 100% rename from roles/openqa_worker/tasks/main.yml rename to roles/openqa/worker/tasks/main.yml diff --git a/roles/openqa_worker/tasks/nfs-client.yml b/roles/openqa/worker/tasks/nfs-client.yml similarity index 100% rename from roles/openqa_worker/tasks/nfs-client.yml rename to roles/openqa/worker/tasks/nfs-client.yml diff --git a/roles/openqa_worker/templates/client.conf.j2 b/roles/openqa/worker/templates/client.conf.j2 similarity index 100% rename from roles/openqa_worker/templates/client.conf.j2 rename to roles/openqa/worker/templates/client.conf.j2 diff --git a/roles/openqa_worker/templates/var-lib-openqa-share.mount.j2 b/roles/openqa/worker/templates/var-lib-openqa-share.mount.j2 similarity index 100% rename from roles/openqa_worker/templates/var-lib-openqa-share.mount.j2 rename to roles/openqa/worker/templates/var-lib-openqa-share.mount.j2 diff --git a/roles/openqa_worker/templates/workers.ini.j2 b/roles/openqa/worker/templates/workers.ini.j2 similarity index 100% rename from roles/openqa_worker/templates/workers.ini.j2 rename to roles/openqa/worker/templates/workers.ini.j2 diff --git a/roles/openqa_worker/vars/main.yml b/roles/openqa/worker/vars/main.yml similarity index 100% rename from roles/openqa_worker/vars/main.yml rename to roles/openqa/worker/vars/main.yml From 9ee433830852c94af78079816d41d931a1bdf042 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Fri, 13 Nov 2015 09:36:36 -0800 Subject: [PATCH 24/25] openqa: use seboolean module instead of re-inventing it --- roles/openqa/server/tasks/main.yml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/roles/openqa/server/tasks/main.yml b/roles/openqa/server/tasks/main.yml index 26fe5c9005..d3a2324dbe 100644 --- a/roles/openqa/server/tasks/main.yml +++ b/roles/openqa/server/tasks/main.yml @@ -140,16 +140,9 @@ - openqa-websockets - openqa-gru -- name: Check if SELinux policy is set - shell: "getsebool httpd_can_network_connect" - register: getsebool - always_run: true - changed_when: "1 != 1" - # This is using a big hammer until #1277312 is resolved - name: Allow Apache to connect to openQA - command: "setsebool -P httpd_can_network_connect on" - when: getsebool.stdout.find('--> on') == -1 + seboolean: name=httpd_can_network_connect state=yes persistent=yes - name: Wait for openQA to be fully started pause: seconds=5 From 560745435a93a29c9e679757141505b940186cbb Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Fri, 13 Nov 2015 09:37:57 -0800 Subject: [PATCH 25/25] openqa: require libsemanage-python for seboolean --- roles/openqa/server/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/openqa/server/tasks/main.yml b/roles/openqa/server/tasks/main.yml index d3a2324dbe..4096d3158f 100644 --- a/roles/openqa/server/tasks/main.yml +++ b/roles/openqa/server/tasks/main.yml @@ -51,6 +51,7 @@ - openqa - git - libselinux-utils + - libsemanage-python - nfs-utils - perl(Class::DBI::Pg) - perl(DateTime::Format::Pg)