Add rsyncd to a bunch of app servers so we can archive their logs.

2014-03-17 16:31:27 +00:00 · 2014-03-17 16:31:27 +00:00 · 5c0005b7c4
commit 5c0005b7c4
parent 38f0c628ba
25 changed files with 58 additions and 0 deletions
--- a/inventory/group_vars/ask
+++ b/inventory/group_vars/ask
@ -8,6 +8,9 @@ tcp_ports: [ 80, 443,
    # These 8 ports are used by fedmsg.  One for each wsgi thread.
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc,sysadmin-ask,fi-apprentice

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/inventory/group_vars/ask-stg
+++ b/inventory/group_vars/ask-stg
@ -8,6 +8,9 @@ tcp_ports: [ 80, 443,
    # These 8 ports are used by fedmsg.  One for each wsgi thread.
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc,sysadmin-ask,fi-apprentice

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/inventory/group_vars/badges-web
+++ b/inventory/group_vars/badges-web
@ -12,6 +12,9 @@ tcp_ports: [ 80, 443,
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
    3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc,sysadmin-badges

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/inventory/group_vars/badges-web-stg
+++ b/inventory/group_vars/badges-web-stg
@ -12,6 +12,9 @@ tcp_ports: [ 80, 443,
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
    3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc,sysadmin-badges

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/inventory/group_vars/bodhi
+++ b/inventory/group_vars/bodhi
@ -15,6 +15,9 @@ tcp_ports: [ 80, 443,
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
    3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/inventory/group_vars/bodhi-stg
+++ b/inventory/group_vars/bodhi-stg
@ -15,6 +15,9 @@ tcp_ports: [ 80, 443,
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
    3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/inventory/group_vars/elections
+++ b/inventory/group_vars/elections
@ -6,4 +6,7 @@ num_cpus: 2

 tcp_ports: [ 443 ]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc,sysadmin-web,fi-apprentice
--- a/inventory/group_vars/elections-stg
+++ b/inventory/group_vars/elections-stg
@ -6,4 +6,7 @@ num_cpus: 2

 tcp_ports: [ 443 ]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc,sysadmin-web,fi-apprentice
--- a/inventory/group_vars/fedoauth
+++ b/inventory/group_vars/fedoauth
@ -9,4 +9,7 @@ num_cpus: 2

 tcp_ports: [ 80, 443 ]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-main,sysadmin-accounts
--- a/inventory/group_vars/fedoauth-stg
+++ b/inventory/group_vars/fedoauth-stg
@ -9,4 +9,7 @@ num_cpus: 2

 tcp_ports: [ 80, 443 ]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-main,sysadmin-accounts
--- a/inventory/group_vars/fedocal
+++ b/inventory/group_vars/fedocal
@ -12,6 +12,9 @@ tcp_ports: [ 80, 443,
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
    3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc,sysadmin-web

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/inventory/group_vars/fedocal-stg
+++ b/inventory/group_vars/fedocal-stg
@ -12,6 +12,9 @@ tcp_ports: [ 80, 443,
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
    3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc,sysadmin-web

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/inventory/group_vars/packages
+++ b/inventory/group_vars/packages
@ -14,6 +14,9 @@ tcp_ports: [ 80, 443,
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
    3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc,sysadmin-web

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/inventory/group_vars/packages-stg
+++ b/inventory/group_vars/packages-stg
@ -12,6 +12,9 @@ tcp_ports: [ 80, 443,
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
    3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc,sysadmin-web

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/inventory/group_vars/paste
+++ b/inventory/group_vars/paste
@ -8,6 +8,8 @@ num_cpus: 2
 # the host_vars/$hostname file

 tcp_ports: [ 80, 443, 8888 ]
+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]

 fas_client_groups: sysadmin-noc,sysadmin-paste,fi-apprentice
 # This host doesn't freeze
--- a/inventory/group_vars/tagger
+++ b/inventory/group_vars/tagger
@ -12,6 +12,9 @@ tcp_ports: [ 80, 443,
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
    3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/inventory/group_vars/tagger-stg
+++ b/inventory/group_vars/tagger-stg
@ -12,6 +12,9 @@ tcp_ports: [ 80, 443,
    3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
    3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

+# Neeed for rsync from log02 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.29 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.56 --dport 873 -j ACCEPT' ]
+
 fas_client_groups: sysadmin-noc

 # These are consumed by a task in roles/fedmsg/base/main.yml
--- a/playbooks/groups/ask.yml
+++ b/playbooks/groups/ask.yml
@ -36,6 +36,7 @@
  - collectd
  - ask
  - fedmsg/base
+  - rsyncd

  tasks:
  - include: "{{ tasks }}/hosts.yml"
--- a/playbooks/groups/badges-web.yml
+++ b/playbooks/groups/badges-web.yml
@ -39,6 +39,7 @@
  - fas_client
  - badges/frontend
  - fedmsg/base
+  - rsyncd

  tasks:
  - include: "{{ tasks }}/hosts.yml"
--- a/playbooks/groups/bodhi.yml
+++ b/playbooks/groups/bodhi.yml
@ -35,6 +35,7 @@
  - { role: bodhi/masher, jobrunner: true, when: "inventory_hostname.startswith('releng04')" }
  - { role: bodhi/masher, epelmasher: true, when: "inventory_hostname.startswith('relepel01')" }
  - fedmsg/base
+  - rsyncd

  tasks:
  - include: "{{ tasks }}/hosts.yml"
--- a/playbooks/groups/elections.yml
+++ b/playbooks/groups/elections.yml
@ -32,6 +32,7 @@
  - denyhosts
  - nagios_client
  - fas_client
+  - rsyncd

  tasks:
  - include: "{{ tasks }}/hosts.yml"
--- a/playbooks/groups/fedoauth.yml
+++ b/playbooks/groups/fedoauth.yml
@ -37,6 +37,7 @@
  - denyhosts
  - nagios_client
  - fas_client
+  - rsyncd

  tasks:
  - include: "{{ tasks }}/hosts.yml"
--- a/playbooks/groups/fedocal.yml
+++ b/playbooks/groups/fedocal.yml
@ -37,6 +37,7 @@
  - denyhosts
  - nagios_client
  - fas_client
+  - rsyncd

  tasks:
  - include: "{{ tasks }}/hosts.yml"
--- a/playbooks/groups/packages.yml
+++ b/playbooks/groups/packages.yml
@ -37,6 +37,7 @@
  - denyhosts
  - nagios_client
  - fas_client
+  - rsyncd

  tasks:
  - include: "{{ tasks }}/hosts.yml"
--- a/playbooks/groups/tagger.yml
+++ b/playbooks/groups/tagger.yml
@ -37,6 +37,7 @@
  - denyhosts
  - nagios_client
  - fas_client
+  - rsyncd

  tasks:
  - include: "{{ tasks }}/hosts.yml"