infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions
36566 commits 9 branches 0 tags 110 MiB
Commit graph

36566 commits

This branch
This branch
All branches
Author SHA1 Message Date
Pavel Raiskup
022cbd9589 copr: drop old configuration for aarch64 hypervisor 
This is not used nowadays (we have no aarch64 machine ATM), but even if
we had one we would use the roles/copr/hypervisor role instead.
 2022-02-03 09:43:46 +01:00
Pavel Raiskup
00cd33b3c2 copr-builders: allow installing mock from infra-tags 2022-02-03 09:39:17 +01:00
Pavel Raiskup
74d86b0011 copr-builders: the DNS hack is still needed 
Without this, it takes 5+ minutes to get the Red Hat subscription.

Revert "copr-builders: remove OSUOSL DNS hack"

This reverts commit 685ceae405.
 2022-02-03 07:42:18 +01:00
Pavel Raiskup
685ceae405 copr-builders: remove OSUOSL DNS hack 
We were informed that the broken DNS server was removed from the DHCP
configuration.
 2022-02-03 07:18:04 +01:00
Kevin Fenzi
b388a003b4 nagios: add checks for ssl certs on fcos and ocp4 endpoints, change to just checking proxy01 
Add checks for ssl certs on fcos openshift endpoints.
Add checks for ocp4 wildcard certs.
Change check to only use proxy01/proxy01.stg instead of all proxies.
Ideally we really do want to check all proxies, but in practice this
results in like 70 alerts anytime the cert is going to expire.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-02-02 15:47:23 -08:00
Kevin Fenzi
5633b66ad0 koji_hub: increase number of wsgi processes 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-02-02 15:47:23 -08:00
Mark O Brien
b30cf64111 ocp: certs updated for 2022 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 21:23:07 +00:00
Pavel Raiskup
9070b6eed7 copr/certbot: fixup synchronize sources 2022-02-02 21:54:53 +01:00
Pavel Raiskup
26f68acac5 copr/certbot: fix c&p issues from the previous experiment, #2 2022-02-02 21:42:45 +01:00
Pavel Raiskup
ccc039b325 copr/certbot: fix c&p issues from the previous experiment 2022-02-02 21:41:06 +01:00
Pavel Raiskup
01adf1cbd2 copr/certbot: typo in operator priority 2022-02-02 21:38:12 +01:00
Pavel Raiskup
a6585dc6ed copr/certbot: restore certs from a batcave dir 
https://pagure.io/fedora-infrastructure/issue/10512
 2022-02-02 21:29:18 +01:00
František Zatloukal
ffaaf2e74c Blockerbugs: add blank client_secrets.json for now 2022-02-02 21:26:44 +01:00
Mark O Brien
8a8dc07b72 blockerbugs: inherit group vars correctly for openshift app database 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 20:16:20 +00:00
Mark O Brien
87a2e19ade blockerbugs: inherit group vars correctly for openshift app 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 20:13:39 +00:00
Mark O Brien
5d906f9b8c openshift: undo uneccesary changes 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 18:01:22 +00:00
Mark O Brien
2d9b23d066 openshift: change shell to command 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 17:20:57 +00:00
Filip Valder
d9b3af9c26 Add configuration for modular obsoletes 
Signed-off-by: Filip Valder <fvalder@redhat.com>
 2022-02-02 15:37:14 +00:00
Mark O Brien
cebd4ce05f openshift: check return code instead of stderr 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 11:51:40 +00:00
Mark O Brien
baf4fb0812 openshift: remove temp debug command 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 11:49:34 +00:00
Mark O Brien
dc2c941c49 openshift: fix yaml indentation 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 11:42:26 +00:00
Mark O Brien
45fb1e6af1 openshift: add temp debug statement 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-02 11:41:11 +00:00
František Zatloukal
eb214ec436 Blockerbugs: fix typo 2022-02-02 12:28:31 +01:00
František Zatloukal
3d1d2910fb Blockerbugs: Fixup ansible syntax for conditional include_vars 2022-02-02 12:24:51 +01:00
František Zatloukal
edd4d6c380 Blockerbugs: try to include group_vars explicitly 2022-02-02 12:20:10 +01:00
František Zatloukal
21dbe39c33 Blockerbugs: OpenShift 2022-02-02 12:00:54 +01:00
Pavel Raiskup
080b72887b copr-builders: prefer in-house P08 builders over OSUOSL 2022-02-02 11:21:35 +01:00
Kevin Fenzi
b05ae8252d download-rdu01: fix network config 
We need eth1 here in order to reach the netapp for nfs mounts, and we
need it to not have a gateway as eth0 is the primary gw address.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-02-01 12:17:33 -08:00
Mark O Brien
c826345ade ocp4: remove conflicting dhcp entry 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-01 16:47:05 +00:00
Mark O Brien
aad8ed6be7 ocp4: add worker04 prod node 
Signed-off-by: Mark O Brien <markobri@redhat.com>
 2022-02-01 14:57:45 +00:00
Pavel Raiskup
9a158eec6a copr-builders: osuosl: drop too slow DNS resolver 2022-02-01 13:16:10 +01:00
Pavel Raiskup
2bbe33769e copr-be: enable Power9 machines in production 
They start very slowly (getting RH subscription takes 5 minutes there),
but it should be OK to use them (it should help, ppc64le is overloaded
now because we lost one of the hypervisors, issue#10515)
 2022-02-01 12:54:00 +01:00
Adam Williamson
71d4c525fa Greenwave: separate upgrade tests in openQA update gating policy 
The upgrade tests are not run on updates for the oldest stable
release, because we don't want to maintain base images for EOL
releases. So we can't gate the oldest stable release (currently
F34) on those tests as we don't run them. To handle this let's
split the policy in two and have the policy for the upgrade tests
apply only to the release(s) they're actually run on.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2022-01-31 16:51:39 -08:00
Kevin Fenzi
4430178b29 Revert "wildcard-2022.fedoraproject.org cert" 
This reverts commit 57f0d4fdb6.

For an anoying reason, armv7 image builds come up with the time as 10
days ago, which makes this cert invalid. So, move back to the old cert
for a week or so and then switch to the new one again. ;(
 2022-01-31 12:39:49 -08:00
Kevin Fenzi
99479542bd nagios: stop checking swap on more hosts 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-31 11:25:33 -08:00
Kevin Fenzi
4dda088136 nagios: remove duplicate variable check 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-31 10:29:21 -08:00
Silvie Chlupova
194a5503f3 copr: comment define service for copr backend, it doesn't work 2022-01-31 14:13:12 +01:00
Silvie Chlupova
5011e6a2dc copr: remove -f follow from nagios check 2022-01-31 11:51:31 +01:00
Silvie Chlupova
db6dc98940 copr: fix nagios service for checking Copr CDN 
Fixes: https://pagure.io/fedora-infrastructure/issue/10508
 2022-01-31 10:34:43 +01:00
Kevin Fenzi
7504296db8 db-koji01/pkgs01: stop monitoring swap, just causing noise 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-01-30 17:44:07 -08:00
Pavel Raiskup
7c75eee9b3 copr/certbot: drop one leftover typo 2022-01-30 23:21:11 +01:00
Pavel Raiskup
47f1841494 copr/certbot: revert the automatic backup/restore of certs 
For synchronizing from host A to host B we would have to have SSH
configured from A to B or from B to A (which we don't, and we don't even
want to).  The slurp solution would work, but certbot is pretty picky
WRT the restored /etc/letsencrypt directory (structure, filenames,
symlinks..).
 2022-01-30 23:02:51 +01:00
Pavel Raiskup
38d6b8cc89 copr/certbot: missing tags/conditions 2022-01-30 22:13:45 +01:00
Pavel Raiskup
4044e7e518 copr/certbot: use rsync for copying the files 
And copy the whole directory structure.
 2022-01-30 22:09:42 +01:00
Pavel Raiskup
d257b20d2b copr/certbot: fixup prefix (it matters) 2022-01-30 21:13:21 +01:00
Pavel Raiskup
8d81803886 copr/certbot: combined.pem might be a symlink 2022-01-30 21:08:03 +01:00
Pavel Raiskup
9a49c2f1b4 copr/certbot: typo #2 2022-01-30 21:05:57 +01:00
Pavel Raiskup
0053ecf583 copr/certbot: typo 2022-01-30 21:02:55 +01:00
Pavel Raiskup
af11469b14 copr/certbot: better restoration 
Certbot expects that the files in live/ directory are symlinks.
 2022-01-30 21:00:43 +01:00
Pavel Raiskup
43ee0392b4 copr/certbot: fixup cert restoration 
- no need to create another live/ sub-directory
- don't run the reload script when restored from backups
 2022-01-30 20:08:40 +01:00