f0b98b904c
Before we enable any monitoring, we should clean up app owners some so we do not spam people who arent around anymore and no longer care about the app. ;) If I removed anyone here who is still around and does care, we can easily add you back in. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
174 lines
5 KiB
YAML
174 lines
5 KiB
YAML
- name: make the app be real
|
|
hosts: os_control[0]:os_control_stg[0]
|
|
user: root
|
|
gather_facts: False
|
|
|
|
vars_files:
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
- "/srv/private/ansible/vars.yml"
|
|
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
|
|
|
vars:
|
|
- bodhi_message_queue_name: "bodhi{{ env_suffix }}"
|
|
- bodhi_message_routing_keys:
|
|
- "org.fedoraproject.*.bodhi.update.edit"
|
|
- "org.fedoraproject.*.bodhi.update.request.testing"
|
|
- "org.fedoraproject.*.buildsys.tag"
|
|
- "org.fedoraproject.*.resultsdb.result.new"
|
|
- "org.fedoraproject.*.waiverdb.waiver.new"
|
|
- ocp4: true
|
|
|
|
pre_tasks:
|
|
- include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README
|
|
- set_fact:
|
|
args:
|
|
bodhi_version: "{{ bodhi_version }}"
|
|
|
|
roles:
|
|
- role: rabbit/queue
|
|
username: "bodhi{{ env_suffix }}"
|
|
queue_name: "{{ bodhi_message_queue_name }}"
|
|
routing_keys: "{{ bodhi_message_routing_keys }}"
|
|
thresholds:
|
|
warning: 10
|
|
critical: 100
|
|
sent_topics: ^org\.fedoraproject\.{{ env_short }}\.bodhi\..*
|
|
|
|
- role: openshift/project
|
|
app: bodhi
|
|
description: bodhi
|
|
appowners:
|
|
- abompard
|
|
- mattia
|
|
- patrikp
|
|
- lenkaseg
|
|
tags:
|
|
- apply-appowners
|
|
when: env == "production"
|
|
- role: openshift/project
|
|
app: bodhi
|
|
description: bodhi
|
|
appowners:
|
|
- abompard
|
|
- ryanlerch
|
|
- mattia
|
|
- humaton
|
|
- patrikp
|
|
- lenkaseg
|
|
tags:
|
|
- apply-appowners
|
|
when: env == "staging"
|
|
- role: openshift/object
|
|
app: bodhi
|
|
file: pvc.yml
|
|
objectname: pvc.yml
|
|
- role: openshift/keytab
|
|
app: bodhi
|
|
key: koji-keytab
|
|
secret_name: bodhi-keytab
|
|
service: bodhi
|
|
host: "bodhi{{ env_suffix }}.fedoraproject.org"
|
|
- role: openshift/secret-file
|
|
app: bodhi
|
|
secret_name: bodhi-fedora-messaging-ca
|
|
key: cacert.pem
|
|
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
|
- role: openshift/secret-file
|
|
app: bodhi
|
|
secret_name: bodhi-fedora-messaging-crt
|
|
key: bodhi-cert.pem
|
|
privatefile: "rabbitmq/{{env}}/pki/issued/bodhi{{env_suffix}}.crt"
|
|
- role: openshift/secret-file
|
|
app: bodhi
|
|
secret_name: bodhi-fedora-messaging-key
|
|
key: bodhi-key.pem
|
|
privatefile: "rabbitmq/{{env}}/pki/private/bodhi{{env_suffix}}.key"
|
|
- role: openshift/object
|
|
app: bodhi
|
|
template: imagestreams-tagged.yml
|
|
objectname: imagestreams.yml
|
|
- role: openshift/imagestream
|
|
app: bodhi
|
|
imagename: bodhi-base
|
|
- role: openshift/object
|
|
app: bodhi
|
|
template: buildconfig.yml
|
|
objectname: buildconfig.yml
|
|
- role: openshift/start-build
|
|
app: bodhi
|
|
buildname: bodhi-base
|
|
- role: openshift/object
|
|
app: bodhi
|
|
template_fullpath: "{{roles_path}}/bodhi2/base/templates/configmap.yml"
|
|
objectname: configmap.yml
|
|
- role: openshift/object
|
|
app: bodhi
|
|
file: service.yml
|
|
objectname: service.yml
|
|
- role: openshift/object
|
|
app: bodhi
|
|
file: servicemonitor.yml
|
|
objectname: servicemonitor.yml
|
|
when: env != "production"
|
|
- role: openshift/object
|
|
app: bodhi
|
|
file: podmonitor.yml
|
|
objectname: podmonitor.yml
|
|
when: env != "production"
|
|
- role: openshift/route
|
|
app: bodhi
|
|
routename: bodhi-web
|
|
host: "bodhi{{ env_suffix }}.fedoraproject.org"
|
|
serviceport: web
|
|
servicename: bodhi-web
|
|
annotations:
|
|
haproxy.router.openshift.io/timeout: 180s
|
|
- role: openshift/object
|
|
app: bodhi
|
|
template: deploymentconfig.yml
|
|
objectname: deploymentconfig.yml
|
|
- role: openshift/object
|
|
app: bodhi
|
|
template: critpathcron.yml
|
|
objectname: critpathcron.yml
|
|
- role: openshift/imagestream
|
|
app: bodhi
|
|
imagename: bodhi-critpathcron
|
|
- role: openshift/rollout
|
|
app: bodhi
|
|
dcname: bodhi-web
|
|
- role: openshift/rollout
|
|
app: bodhi
|
|
dcname: bodhi-consumer
|
|
- role: openshift/rollout
|
|
app: bodhi
|
|
dcname: bodhi-celery
|
|
|
|
post_tasks:
|
|
- name: Scale up pods
|
|
command: oc -n bodhi scale dc/bodhi-consumer --replicas={{ bodhi_openshift_pods }}
|
|
when: env == "production"
|
|
- name: Scale up pods
|
|
command: oc -n bodhi scale dc/bodhi-celery --replicas={{ bodhi_openshift_pods }}
|
|
when: env == "production"
|
|
- name: Scale up pods
|
|
command: oc -n bodhi scale dc/bodhi-web --replicas={{ bodhi_openshift_pods }}
|
|
when: env == "production"
|
|
- name: Scale up pods
|
|
command: oc -n bodhi scale dc/bodhi-consumer --replicas={{ bodhi_openshift_pods }}
|
|
when: env == "staging"
|
|
- name: Scale up pods
|
|
command: oc -n bodhi scale dc/bodhi-celery --replicas={{ bodhi_openshift_pods }}
|
|
when: env == "staging"
|
|
- name: Scale up pods
|
|
command: oc -n bodhi scale dc/bodhi-web --replicas={{ bodhi_openshift_pods }}
|
|
when: env == "staging"
|
|
- name: Set the timeout to the openshift route
|
|
command: "oc -n bodhi annotate route bodhi-web --overwrite haproxy.router.openshift.io/timeout=180s"
|
|
tags:
|
|
- route-timeout
|
|
- name: trigger critpath cronjob
|
|
command: "oc -n bodhi create job critpathcron-manual-{{ lookup('pipe','date +%s') }} --from=cronjob/fedora-bodhi-critpathcron"
|
|
tags:
|
|
- never
|
|
- critpathcron
|