infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions

Revert "add koji-containerbuild plugin"

Browse source 
This reverts commit 8cf392b838.
This commit is contained in:
Adam Miller 2016-02-22 21:11:35 +00:00
parent 37b3cc3776
commit 745fdb76d7
10 changed files with 28 additions and 157 deletions
Download patch file Download diff file Expand all files Collapse all files

13
inventory/group_vars/buildhw
View file

@ -19,16 +19,3 @@ csi_relationship: |
* Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
* Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
* Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
# These variables are for koji-containerbuild/osbs
{% if env == "staging" %}
osbs_fqdn: "osbs-dev.fedorainfracloud.org"
docker_registry: "osbs-dev.fedorainfracloud.org"
koji_root: "koji.stg.fedoraproject.org/koji"
koji_hub: "koji.stg.fedoraproject.org/kojihub"
{% else %}
osbs_fqdn: "osbs.fedorainfracloud.org"
docker_registry: "registry.fedoraproject.org"
koji_root: "koji.fedoraproject.org/koji"
koji_hub: "koji.fedoraproject.org/kojihub"
{% endif %}

13
inventory/group_vars/buildvm
View file

@ -30,16 +30,3 @@ csi_relationship: |
* Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
* Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
* Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
# These variables are for koji-containerbuild/osbs
{% if env == "staging" %}
osbs_fqdn: "osbs-dev.fedorainfracloud.org"
docker_registry: "osbs-dev.fedorainfracloud.org"
koji_root: "koji.stg.fedoraproject.org/koji"
koji_hub: "koji.stg.fedoraproject.org/kojihub"
{% else %}
osbs_fqdn: "osbs.fedorainfracloud.org"
docker_registry: "registry.fedoraproject.org"
koji_root: "koji.fedoraproject.org/koji"
koji_hub: "koji.fedoraproject.org/kojihub"
{% endif %}

13
inventory/group_vars/koji-hub
View file

@ -1,13 +0,0 @@
---
# These variables are for koji-containerbuild/osbs
{% if env == "staging" %}
osbs_fqdn: "osbs-dev.fedorainfracloud.org"
docker_registry: "osbs-dev.fedorainfracloud.org"
koji_root: "koji.stg.fedoraproject.org/koji"
koji_hub: "koji.stg.fedoraproject.org/kojihub"
{% else %}
osbs_fqdn: "osbs.fedorainfracloud.org"
docker_registry: "registry.fedoraproject.org"
koji_root: "koji.fedoraproject.org/koji"
koji_hub: "koji.fedoraproject.org/kojihub"
{% endif %}

29
playbooks/groups/buildhw.yml
View file

@ -7,7 +7,7 @@
remote_user: root
gather_facts: True
vars_files:
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
@ -29,33 +29,6 @@
- hosts
- { role: fas_client, when: not inventory_hostname.startswith('bkernel') }
- { role: sudo, when: not inventory_hostname.startswith('bkernel') }
- {
role: osbs-client,
general: {
verbose: 0,
build_json_dir: '/usr/share/osbs/',
openshift_required_version: 1.1.0,
},
default: {
openshift_url: 'https://{{ osbs_fqdn }}:8443/',
registry_uri: 'https://{{ docker_registry }}:5000/v2',
source_registry_uri: 'https://{{ docker_registry }}:5000/v2',
build_host: '{{ osbs_fqdn }}',
koji_root: 'http://{{ koji_root }}',
koji_hub: 'http://{{ koji_hub }}',
sources_command: 'fedpkg sources',
build_type: 'prod',
authoritative_registry: 'registry.example.com',
vendor: 'Fedora Project',
verify_ssl: false,
use_auth: false,
builder_use_auth: true,
distribution_scope: 'private',
registry_api_versions: 'v2',
builder_openshift_url: 'https://172.17.0.1:8443/'
}
}
tasks:
- include: "{{ tasks }}/2fa_client.yml"

45
playbooks/groups/buildvm.yml
View file

@ -1,4 +1,4 @@
# create a new koji builder
# create a new koji builder
# NOTE: should be used with --limit most of the time
# NOTE: make sure there is room/space for this builder on the buildvmhost
# NOTE: most of these vars_path come from group_vars/buildvm or from hostvars
@ -10,7 +10,7 @@
user: root
gather_facts: True
vars_files:
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
@ -22,47 +22,20 @@
- base
- hosts
- apache
- { role: nfs/client,
when: ( ansible_architecture == 'x86_64' or ansible_architecture == 'ppc64le' or ansible_architecture == 'ppc64' ) and not inventory_hostname.startswith('buildvm-ppc64'),
- { role: nfs/client,
when: ( ansible_architecture == 'x86_64' or ansible_architecture == 'ppc64le' or ansible_architecture == 'ppc64' ) and not inventory_hostname.startswith('buildvm-ppc64'),
mnt_dir: '/mnt/fedora_koji', nfs_src_dir: 'fedora_koji' }
- { role: nfs/client,
when: inventory_hostname.startswith('aarch64') ,
- { role: nfs/client,
when: inventory_hostname.startswith('aarch64') ,
mnt_dir: '/mnt/fedora_koji', nfs_src_dir: 'fedora_arm/data' }
- { role: nfs/client,
when: inventory_hostname.startswith('buildvm-ppc64') ,
- { role: nfs/client,
when: inventory_hostname.startswith('buildvm-ppc64') ,
mnt_dir: '/mnt/fedora_koji', nfs_src_dir: 'fedora_ppc/data' }
- { role: nfs/client,
- { role: nfs/client,
when: datacenter == 'staging', mnt_dir: '/mnt/fedora_koji', nfs_src_dir: 'fedora_koji' }
- { role: fas_client, when: not inventory_hostname.startswith('bkernel') }
- { role: sudo, when: not inventory_hostname.startswith('bkernel') }
- koji_builder
- {
role: osbs-client,
when: env == "staging",
general: {
verbose: 0,
build_json_dir: '/usr/share/osbs/',
openshift_required_version: 1.1.0,
},
default: {
openshift_url: 'https://{{ osbs_fqdn }}:8443/',
registry_uri: 'https://{{ docker_registry }}:5000/v2',
source_registry_uri: 'https://{{ docker_registry }}:5000/v2',
build_host: '{{ osbs_fqdn }}',
koji_root: 'http://{{ koji_root }}',
koji_hub: 'http://{{ koji_hub }}',
sources_command: 'fedpkg sources',
build_type: 'prod',
authoritative_registry: 'registry.example.com',
vendor: 'Fedora Project',
verify_ssl: false,
use_auth: false,
builder_use_auth: true,
distribution_scope: 'private',
registry_api_versions: 'v2',
builder_openshift_url: 'https://172.17.0.1:8443/'
}
}
tasks:
- include: "{{ tasks }}/2fa_client.yml"

32
playbooks/groups/koji-hub.yml
View file

@ -4,14 +4,14 @@
- include: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=koji-stg:koji01.phx2.fedoraproject.org:koji02.phx2.fedoraproject.org:s390-koji01.qa.fedoraproject.org:arm-koji01.qa.fedoraproject.org"
# Once the instance exists, configure it.
# Once the instance exists, configure it.
- name: make koji_hub server system
hosts: koji-stg:koji01.phx2.fedoraproject.org:koji02.phx2.fedoraproject.org:s390-koji01.qa.fedoraproject.org:arm-koji01.qa.fedoraproject.org
user: root
gather_facts: True
vars_files:
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
@ -29,34 +29,6 @@
- koji_hub
- { role: rsyncd, when: not inventory_hostname.startswith('koji') }
- { role: koji_builder, when: env == "staging" or inventory_hostname.startswith('s390') or inventory_hostname.startswith('arm') }
- {
role: osbs-client,
when: env == "staging",
general: {
verbose: 0,
build_json_dir: '/usr/share/osbs/',
openshift_required_version: 1.1.0,
},
default: {
openshift_url: 'https://{{ osbs_fqdn }}:8443/',
registry_uri: 'https://{{ docker_registry }}:5000/v2',
source_registry_uri: 'https://{{ docker_registry }}:5000/v2',
build_host: '{{ osbs_fqdn }}',
koji_root: 'http://{{ koji_root }}',
koji_hub: 'http://{{ koji_hub }}',
sources_command: 'fedpkg sources',
build_type: 'prod',
authoritative_registry: 'registry.example.com',
vendor: 'Fedora Project',
verify_ssl: false,
use_auth: false,
builder_use_auth: true,
distribution_scope: 'private',
registry_api_versions: 'v2',
builder_openshift_url: 'https://172.17.0.1:8443/'
}
}
- { role: nfs/server, when: env == "staging" }
- { role: keepalived, when: env == "production" and inventory_hostname.startswith('koji') }
- role: nfs/client

14
roles/koji_builder/tasks/main.yml
View file

@ -1,5 +1,5 @@
#
# This is a base koji_builder role.
# This is a base koji_builder role.
#
- name: set root passwd
user: name=root password={{ builder_rootpw }} state=present
@ -27,7 +27,7 @@
- koji_builder
- name: add kojibuilder
user: name=kojibuilder groups=mock
user: name=kojibuilder groups=mock
tags:
- koji_builder
@ -72,7 +72,6 @@
with_items:
- yum-utils
- koji-builder
- koji-containerbuild-builder
- strace
- mock
- kernel-firmware
@ -102,7 +101,6 @@
with_items:
- yum-utils
- koji-builder
- koji-containerbuild-builder
- strace
- mock
- kernel-firmware
@ -189,7 +187,7 @@
- koji_builder
- name: copy over builder cert to /etc/kojid/kojibuilder.pem
copy: src="{{ private }}/files/koji/buildercerts/{{ inventory_hostname }}.pem" dest=/etc/kojid/kojibuilder.pem mode=600
copy: src="{{ private }}/files/koji/buildercerts/{{ inventory_hostname }}.pem" dest=/etc/kojid/kojibuilder.pem mode=600
tags:
- koji_builder
@ -279,20 +277,20 @@
- koji_builder
- name: set kernel params for more loops
command: /sbin/grubby --update-kernel=ALL --args=max_loop=64
command: /sbin/grubby --update-kernel=ALL --args=max_loop=64
when: max_loop is defined and max_loop.stdout.find("max_loop=64") == -1
tags:
- koji_builder
#
# x86_64 builders run pungify, that needs hfs module in order to make
# The efi/mac images. This module is only needed on rhel.
# The efi/mac images. This module is only needed on rhel.
#
- name: special pkgs for the x86_64 builders
yum: state=present pkg={{ item }}
with_items:
- kmod-hfsplus
- kmod-hfsplus
when: is_rhel is defined and ansible_architecture == 'x86_64' and ansible_distribution_major_version|int == '6'
tags:
- koji_builder

7
roles/koji_builder/templates/kojid.conf
View file

@ -72,14 +72,9 @@ serverca = /etc/kojid/cacert.pem
{% if 'runroot' in group_names %}
; Config for it lives in /etc/kojid/runroot.conf
plugins = runroot builder_container
plugins = runroot
; We use the hub's plugin path since that's where
; the package installs the builder plugin.
pluginpath = /usr/lib/koji-hub-plugins
{% else %}
plugins = builder_container
{% endif %}

5
roles/koji_hub/tasks/main.yml
View file

@ -1,6 +1,6 @@
---
#
# Setup koji hub server.
# Setup koji hub server.
#
- name: install koji hub server packages
yum: name={{ item }} state=present
@ -10,7 +10,6 @@
- koji-web
- koji-utils
- koji-theme-fedora
- koji-containerbuild-hub
- mod_ssl
- mod_wsgi
- git
@ -189,7 +188,7 @@
- name: instaall fedora-ca.cert in various places
copy: src={{ private }}/files/fedora-ca.cert dest={{ item }} owner=apache
with_items:
with_items:
- /etc/kojira/extras_cacert.pem
- /etc/pki/tls/certs/extras_cacert.pem
- /etc/pki/tls/certs/extras_upload_cacert.pem

14
roles/koji_hub/templates/hub.conf.j2
View file

@ -1,8 +1,8 @@
[hub]
[hub]
## Basic options ##
DBName = koji
DBUser = koji
DBName = koji
DBUser = koji
{% if inventory_hostname.startswith('koji') %}
DBHost = db-koji01
DBPass = {{ kojiPassword }}
@ -13,7 +13,7 @@ DBPass = {{ s390kojiPassword }}
DBHost = db-arm-koji01
DBPass = {{ armkojiPassword }}
{% endif %}
KojiDir = /mnt/koji
KojiDir = /mnt/koji
MemoryWarnThreshold = 10000
MaxRequestLength = 83886080
@ -75,18 +75,18 @@ DisableNotifications = True
#Plugins = koji-disable-builds-plugin
#Plugins = darkserver-plugin
Plugins = fedmsg-koji-plugin runroot_hub hub_containerbuild
Plugins = fedmsg-koji-plugin runroot_hub
{% if inventory_hostname.startswith('koji') %}
[policy]
tag =
tag =
has_perm secure-boot && package kernel shim grub2 fedora-release fedora-repos pesign :: allow
package kernel shim grub2 fedora-release fedora-repos pesign :: deny
all :: allow
channel =
channel =
method createrepo :: use createrepo
has req_channel :: req
is_child_task :: parent