From 0111ccfe2d82600c8efee4a9dd77d8bf726ccb12 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Mon, 22 May 2023 10:09:34 -0700 Subject: [PATCH] Retire old rdu2 space. This space was in a networking cage thats going away and all the machines there are old and out of warentee. This space was intended for disaster recovery purposes. For that now we have a internal vm that can access our mirrored netapp storage, so we can sync anything off it we need to when iad2 is down. I will be resetting up a batcave13 in another datacenter to allow us a backup ansible/dns control host. bastion13/ns13/proxy13 will likely just go away forever. download-rdu01 should be replaced by the new download-cc-rdu01 once we have the new hardware in place for that. Signed-off-by: Kevin Fenzi --- inventory/hardware | 4 -- .../host_vars/bastion13.fedoraproject.org | 23 -------- .../batcave13.rdu2.fedoraproject.org | 39 -------------- .../download-rdu01.fedoraproject.org | 52 ------------------- .../host_vars/ns13.rdu2.fedoraproject.org | 25 --------- inventory/host_vars/proxy13.fedoraproject.org | 23 -------- inventory/inventory | 13 ++--- playbooks/include/proxies-websites.yml | 1 - .../epylog/files/merged/modules.d/rsyncd.conf | 2 +- .../templates/LocalSettings.php.fp.j2 | 4 -- .../templates/sync-http-logs.yaml.j2 | 7 +-- 11 files changed, 7 insertions(+), 186 deletions(-) delete mode 100644 inventory/host_vars/bastion13.fedoraproject.org delete mode 100644 inventory/host_vars/batcave13.rdu2.fedoraproject.org delete mode 100644 inventory/host_vars/download-rdu01.fedoraproject.org delete mode 100644 inventory/host_vars/ns13.rdu2.fedoraproject.org delete mode 100644 inventory/host_vars/proxy13.fedoraproject.org diff --git a/inventory/hardware b/inventory/hardware index c7e00fce6f..61bb293cb3 100644 --- a/inventory/hardware +++ b/inventory/hardware @@ -86,10 +86,6 @@ worker03.ocp.stg.iad2.fedoraproject.org worker04.ocp.stg.iad2.fedoraproject.org worker05.ocp.stg.iad2.fedoraproject.org -[ibms] -#virthost-cc-rdu03.fedoraproject.org -download-rdu01.fedoraproject.org - [powerpc] bvmhost-p09-01.iad2.fedoraproject.org bvmhost-p09-01.stg.iad2.fedoraproject.org diff --git a/inventory/host_vars/bastion13.fedoraproject.org b/inventory/host_vars/bastion13.fedoraproject.org deleted file mode 100644 index 5832c7836b..0000000000 --- a/inventory/host_vars/bastion13.fedoraproject.org +++ /dev/null @@ -1,23 +0,0 @@ ---- -datacenter: rdu -dns: 172.31.2.24 -dns1: 172.31.2.24 -#dns2: 8.8.4.4 - -eth0_ipv4_gw: 172.31.2.254 -eth0_ipv4_ip: 172.31.2.21 -eth0_nm: 255.255.255.0 -ks_repo: http://38.145.60.16/repo/rhel/RHEL8-x86_64/ -ks_url: http://38.145.60.16/repo/rhel/ks/kvm-rhel-8-ext -max_mem_size: 32768 -mem_size: 16384 -nrpe_procs_crit: 1400 -nrpe_procs_warn: 1200 -num_cpus: 8 -postfix_group: vpn -public_ip: 209.132.190.1 -# This is consumed by the roles/fedora-web/main role -sponsor: redhat -vmhost: virthost-rdu01.fedoraproject.org -volgroup: /dev/vg_guests -vpn: true diff --git a/inventory/host_vars/batcave13.rdu2.fedoraproject.org b/inventory/host_vars/batcave13.rdu2.fedoraproject.org deleted file mode 100644 index 1b6d250522..0000000000 --- a/inventory/host_vars/batcave13.rdu2.fedoraproject.org +++ /dev/null @@ -1,39 +0,0 @@ ---- -ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q root@bastion13.fedoraproject.org"' -datacenter: rdu -dns: 172.31.2.24 -dns1: 172.31.2.24 -#dns2: 8.8.4.4 - -eth0_ipv4_gw: 172.31.2.254 -eth0_ipv4_ip: 172.31.2.25 -eth0_nm: 255.255.255.0 -eth1_ip: 172.31.1.3 -eth1_nm: 255.255.255.0 -ks_repo: http://38.145.60.16/repo/rhel/RHEL8-x86_64/ -ks_url: http://38.145.60.16/repo/rhel/ks/kvm-rhel-8-ext -max_mem_size: 32768 -mem_size: 16384 -nagios_Can_Connect: false -nagios_Check_Services: - mail: false - nrpe: false - ping: false - sshd: false - swap: false -nrpe_procs_crit: 1400 -nrpe_procs_warn: 1200 -num_cpus: 8 -postfix_group: vpn -#public_ip: 209.132.190.2 - -# This is consumed by the roles/fedora-web/main role -sponsor: redhat -# Add VPN host name as alt namefor SSH cert. Useful when you need to -# SSH into batcave through VPN, like from bastion in a different DC. -ssh_hostnames: - - batcave13.vpn.fedoraproject.org -virt_install_command: "{{ virt_install_command_two_nic }}" -vmhost: virthost-rdu01.fedoraproject.org -volgroup: /dev/vg_guests -vpn: true diff --git a/inventory/host_vars/download-rdu01.fedoraproject.org b/inventory/host_vars/download-rdu01.fedoraproject.org deleted file mode 100644 index 295f338496..0000000000 --- a/inventory/host_vars/download-rdu01.fedoraproject.org +++ /dev/null @@ -1,52 +0,0 @@ ---- -datacenter: rdu -dns1: 172.31.2.24 -dns_search1: "vpn.fedoraproject.org" -dns_search2: "rdu2.fedoraproject.org" -dns_search3: "fedoraproject.org" -eth0_ipv4: 172.31.2.31 -eth0_ipv4_gw: 172.31.2.254 -eth1_ipv4: 172.31.1.1 -eth1_ipv4_nm: 24 -has_ipv4: yes -eth0_mac: e4:1f:13:6a:e3:a0 -nagios_Check_Services: - mail: false - nrpe: false - ping: true -network_connections: - - autoconnect: yes - ip: - address: - - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}" - dhcp4: no - dns: - - "{{ dns1 }}" - dns_search: - - "{{ dns_search1 }}" - - "{{ dns_search2 }}" - - "{{ dns_search3 }}" - gateway4: "{{ eth0_ipv4_gw }}" - mac: "{{ eth0_mac }}" - name: eth0 - state: up - type: ethernet - - ip: - address: - - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}" - dhcp4: no - dns: - - "{{ dns1 }}" - dns_search: - - "{{ dns_search1 }}" - - "{{ dns_search2 }}" - - "{{ dns_search3 }}" - name: eth1 - state: up - type: ethernet -nrpe_procs_crit: 1000 -nrpe_procs_warn: 900 -postfix_group: vpn -public_hostname: download-rdu01.fedoraproject.org -public_ip: 209.132.190.4 -vpn: true diff --git a/inventory/host_vars/ns13.rdu2.fedoraproject.org b/inventory/host_vars/ns13.rdu2.fedoraproject.org deleted file mode 100644 index 48a0345068..0000000000 --- a/inventory/host_vars/ns13.rdu2.fedoraproject.org +++ /dev/null @@ -1,25 +0,0 @@ ---- -ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q root@bastion13.fedoraproject.org"' -datacenter: rdu -dns1: 8.8.8.8 -dns2: 8.8.4.4 -eth0_ipv4_gw: 172.31.2.254 -eth0_ipv4_ip: 172.31.2.24 -eth0_nm: 255.255.255.0 -ks_repo: http://38.145.60.16/repo/rhel/RHEL9-x86_64/ -ks_url: http://38.145.60.16/repo/rhel/ks/kvm-rhel -nagios_Can_Connect: false -nagios_Check_Services: - mail: false - nrpe: false - ping: false - sshd: false - swap: false -nrpe_procs_crit: 1400 -nrpe_procs_warn: 1200 -public_ip: 209.132.190.1 -# This is consumed by the roles/fedora-web/main role -sponsor: redhat -vmhost: virthost-rdu01.fedoraproject.org -volgroup: /dev/vg_guests -vpn: true diff --git a/inventory/host_vars/proxy13.fedoraproject.org b/inventory/host_vars/proxy13.fedoraproject.org deleted file mode 100644 index 02564d7c14..0000000000 --- a/inventory/host_vars/proxy13.fedoraproject.org +++ /dev/null @@ -1,23 +0,0 @@ ---- -datacenter: rdu -dns1: 8.8.8.8 -dns2: 8.8.4.4 -dns_search1: "vpn.fedoraproject.org" -dns_search2: "fedoraproject.org" -eth0_ipv4_gw: 172.31.2.254 -eth0_ipv4_ip: 172.31.2.22 -eth0_nm: 255.255.255.0 -ks_repo: http://38.145.60.16/pub/fedora/linux/releases/38/Server/x86_64/os/ -ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora -max_mem_size: 32768 -mem_size: 16384 -nrpe_procs_crit: 1400 -nrpe_procs_warn: 1200 -num_cpus: 8 -postfix_group: vpn -public_ip: 209.132.190.2 -# This is consumed by the roles/fedora-web/main role -sponsor: redhat -vmhost: virthost-rdu01.fedoraproject.org -volgroup: /dev/vg_guests -vpn: true diff --git a/inventory/inventory b/inventory/inventory index 34b5570d07..a0d4de90d6 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -56,7 +56,6 @@ badges-web01.stg.iad2.fedoraproject.org [bastion] bastion01.iad2.fedoraproject.org bastion02.iad2.fedoraproject.org -bastion13.fedoraproject.org [bastion_stg] # bastion01.stg.iad2.fedoraproject.org @@ -213,9 +212,6 @@ dl05.iad2.fedoraproject.org [download_ibiblio] download-ib01.fedoraproject.org -[download_rdu2] -download-rdu01.fedoraproject.org - [download_cc_rdu] #download-cc-rdu01.fedoraproject.org @@ -225,7 +221,6 @@ dl05.iad2.fedoraproject.org [download:children] download_ibiblio -download_rdu2 download_cc_rdu download_iad2 @@ -267,7 +262,7 @@ log01.iad2.fedoraproject.org [batcave] batcave01.iad2.fedoraproject.org batcave02.iad2.fedoraproject.org -batcave13.rdu2.fedoraproject.org +#batcave13.rdu2.fedoraproject.org [batcave_iad2] batcave01.iad2.fedoraproject.org @@ -346,7 +341,7 @@ proxy09.fedoraproject.org proxy10.iad2.fedoraproject.org proxy11.fedoraproject.org proxy12.fedoraproject.org -proxy13.fedoraproject.org +#proxy13.fedoraproject.org proxy14.fedoraproject.org proxy30.fedoraproject.org proxy31.fedoraproject.org @@ -412,7 +407,7 @@ ns01.iad2.fedoraproject.org ns02.iad2.fedoraproject.org ns02.fedoraproject.org ns05.fedoraproject.org -ns13.rdu2.fedoraproject.org +#ns13.rdu2.fedoraproject.org [dns_iad2] ns01.iad2.fedoraproject.org @@ -557,7 +552,7 @@ proxy09.fedoraproject.org proxy10.iad2.fedoraproject.org proxy11.fedoraproject.org proxy12.fedoraproject.org -proxy13.fedoraproject.org +#proxy13.fedoraproject.org proxy14.fedoraproject.org proxy30.fedoraproject.org proxy31.fedoraproject.org diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml index e8e979a434..94fedb515c 100644 --- a/playbooks/include/proxies-websites.yml +++ b/playbooks/include/proxies-websites.yml @@ -189,7 +189,6 @@ - download08.fedoraproject.org - download09.fedoraproject.org - download10.fedoraproject.org - - download-rdu01.fedoraproject.org - download.stg.fedoraproject.org cert_name: "{{wildcard_cert_name}}" diff --git a/roles/epylog/files/merged/modules.d/rsyncd.conf b/roles/epylog/files/merged/modules.d/rsyncd.conf index 1bffa387ad..944d939032 100644 --- a/roles/epylog/files/merged/modules.d/rsyncd.conf +++ b/roles/epylog/files/merged/modules.d/rsyncd.conf @@ -12,5 +12,5 @@ priority = 7 # Report this many "top ranking hosts" # report_top = 10 -ignore_hosts = log01.vpn.fedoraproject.org log01.phx2.fedoraproject.org proxy01.phx2.fedoraproject.org proxy02.vpn.fedoraproject.org proxy03.vpn.fedoraproject.org proxy04.vpn.fedoraproject.org proxy05.vpn.fedoraproject.org proxy06.vpn.fedoraproject.org proxy07.vpn.fedoraproject.org proxy08.vpn.fedoraproject.org proxy09.vpn.fedoraproject.org proxy10.phx2.fedoraproject.org proxy11.phx2.fedoraproject.org proxy12.vpn.fedoraproject.org proxy13.vpn.fedoraproject.org proxy14.vpn.fedoraproject.org collab04.fedoraproject.org hosted04.fedoraproject.org admin.fedoraproject.org proxy01.stg.phx2.fedoraproject.org proxy30.vpn.fedoraproject.org proxy31.vpn.fedoraproject.org +ignore_hosts = log01.vpn.fedoraproject.org log01.phx2.fedoraproject.org proxy01.phx2.fedoraproject.org proxy02.vpn.fedoraproject.org proxy03.vpn.fedoraproject.org proxy04.vpn.fedoraproject.org proxy05.vpn.fedoraproject.org proxy06.vpn.fedoraproject.org proxy07.vpn.fedoraproject.org proxy08.vpn.fedoraproject.org proxy09.vpn.fedoraproject.org proxy10.phx2.fedoraproject.org proxy11.phx2.fedoraproject.org proxy12.vpn.fedoraproject.org proxy14.vpn.fedoraproject.org collab04.fedoraproject.org hosted04.fedoraproject.org admin.fedoraproject.org proxy01.stg.phx2.fedoraproject.org proxy30.vpn.fedoraproject.org proxy31.vpn.fedoraproject.org diff --git a/roles/mediawiki/templates/LocalSettings.php.fp.j2 b/roles/mediawiki/templates/LocalSettings.php.fp.j2 index 0d7682ab25..b43e51a493 100644 --- a/roles/mediawiki/templates/LocalSettings.php.fp.j2 +++ b/roles/mediawiki/templates/LocalSettings.php.fp.j2 @@ -403,10 +403,6 @@ $wgSquidServersNoPurge = array( "2600:2701:4000:5211:dead:beef:da:bbd8", "192.168.1.13", - # proxy13 - "209.132.190.2", - "192.168.1.158", - # proxy14 "8.43.85.67", "2620:52:3:1:dead:beef:cafe:fed7", diff --git a/roles/web-data-analysis/templates/sync-http-logs.yaml.j2 b/roles/web-data-analysis/templates/sync-http-logs.yaml.j2 index ef4fcbf091..8170b31520 100644 --- a/roles/web-data-analysis/templates/sync-http-logs.yaml.j2 +++ b/roles/web-data-analysis/templates/sync-http-logs.yaml.j2 @@ -6,13 +6,11 @@ synced_hosts: - proxy04.vpn.fedoraproject.org - proxy05.vpn.fedoraproject.org - proxy06.vpn.fedoraproject.org - # - proxy08.vpn.fedoraproject.org - # proxy09 is acting up + - proxy09.vpn.fedoraproject.org - proxy09.vpn.fedoraproject.org - proxy10.iad2.fedoraproject.org - proxy11.vpn.fedoraproject.org - proxy12.vpn.fedoraproject.org - - proxy13.vpn.fedoraproject.org - proxy14.vpn.fedoraproject.org - proxy30.vpn.fedoraproject.org - proxy31.vpn.fedoraproject.org @@ -48,9 +46,8 @@ synced_hosts: - dl03.iad2.fedoraproject.org - dl04.iad2.fedoraproject.org - dl05.iad2.fedoraproject.org - # - download-rdu01.vpn.fedoraproject.org - download-ib01.vpn.fedoraproject.org - - download-cc-rdu01.vpn.fedoraproject.org + #- download-cc-rdu01.vpn.fedoraproject.org - sundries01.iad2.fedoraproject.org # - sundries02.iad2.fedoraproject.org # - sundries01.stg.iad2.fedoraproject.org