From 24d7d693c3692d194ac76e09c909045b7bd45855 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Fri, 5 Jan 2018 12:25:23 +0000 Subject: [PATCH 01/24] Only reboot running vms Signed-off-by: Patrick Uiterwijk --- playbooks/groups/buildhw.yml | 7 +++++++ playbooks/vhost_reboot.yml | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/playbooks/groups/buildhw.yml b/playbooks/groups/buildhw.yml index 888c4de249..a5bfe816ea 100644 --- a/playbooks/groups/buildhw.yml +++ b/playbooks/groups/buildhw.yml @@ -25,6 +25,13 @@ - role: keytab/service kt_location: /etc/kojid/kojid.keytab service: compile + - role: keytab/service + owner_user: root + owner_group: root + service: innercompose + host: "odcs{{ env_suffix }}.fedoraproject.org" + kt_location: /etc/kojid/secrets/odcs_inner.keytab + when: env == "staging" tasks: - import_tasks: "{{ tasks_path }}/2fa_client.yml" diff --git a/playbooks/vhost_reboot.yml b/playbooks/vhost_reboot.yml index 60d40994fd..0a2f1cc0c5 100644 --- a/playbooks/vhost_reboot.yml +++ b/playbooks/vhost_reboot.yml @@ -22,7 +22,7 @@ tasks: - name: get list of guests - virt: command=list_vms + virt: command=list_vms state=running register: vmlist # - name: get info on guests (prereboot) From b3f1ab651695687c67719d3b2ad2b5f1c5fe29d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20P=C3=A1ral?= Date: Fri, 5 Jan 2018 14:02:37 +0100 Subject: [PATCH 02/24] taskotron: disable PIDFile in buildmaster/buildslave.service The services now don't start correctly when PIDFile is present. See https://pagure.io/taskotron/issue/236 --- .../buildmaster-configure/templates/buildmaster.service.j2 | 3 ++- .../buildslave-configure/templates/buildslave.service.j2 | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/taskotron/buildmaster-configure/templates/buildmaster.service.j2 b/roles/taskotron/buildmaster-configure/templates/buildmaster.service.j2 index 47e16fcbe4..9f7b3e33c8 100644 --- a/roles/taskotron/buildmaster-configure/templates/buildmaster.service.j2 +++ b/roles/taskotron/buildmaster-configure/templates/buildmaster.service.j2 @@ -4,7 +4,8 @@ After=network.target [Service] Type=forking -PIDFile={{ buildmaster_dir }}/twistd.pid +# disabled because of https://pagure.io/taskotron/issue/236 +#PIDFile={{ buildmaster_dir }}/twistd.pid ExecStart=/bin/buildbot start {{ buildmaster_dir }} ExecStop=/bin/buildbot stop {{ buildmaster_dir }} ExecReload=/bin/buildbot reconfig {{ buildmaster_dir }} diff --git a/roles/taskotron/buildslave-configure/templates/buildslave.service.j2 b/roles/taskotron/buildslave-configure/templates/buildslave.service.j2 index e8d41a18e1..84e12ffcdc 100644 --- a/roles/taskotron/buildslave-configure/templates/buildslave.service.j2 +++ b/roles/taskotron/buildslave-configure/templates/buildslave.service.j2 @@ -4,7 +4,8 @@ After=network.target [Service] Type=forking -PIDFile=/home/buildslave/slave/twistd.pid +# disabled because of https://pagure.io/taskotron/issue/236 +#PIDFile=/home/buildslave/slave/twistd.pid ExecStart=/bin/buildslave start /home/buildslave/slave/ ExecStop=/bin/buildslave stop /home/buildslave/slave/ User=buildslave From 2767cfd05b0f5996df2a53ac6e9f9a49c51566a6 Mon Sep 17 00:00:00 2001 From: Pierre-Yves Chibon Date: Fri, 5 Jan 2018 14:08:56 +0100 Subject: [PATCH 03/24] Looks like the pagure fedmsg hook is using the shell fedmsg cert Signed-off-by: Pierre-Yves Chibon --- inventory/group_vars/pkgs | 1 + inventory/group_vars/pkgs-stg | 1 + 2 files changed, 2 insertions(+) diff --git a/inventory/group_vars/pkgs b/inventory/group_vars/pkgs index 6e0c0e3df9..55434c1f15 100644 --- a/inventory/group_vars/pkgs +++ b/inventory/group_vars/pkgs @@ -66,6 +66,7 @@ fedmsg_certs: - git.pkgdb2branch.complete - git.pkgdb2branch.start - logger.log + - pagure.git.receive - service: scm owner: root group: packager diff --git a/inventory/group_vars/pkgs-stg b/inventory/group_vars/pkgs-stg index 353826b294..ca75ead3c4 100644 --- a/inventory/group_vars/pkgs-stg +++ b/inventory/group_vars/pkgs-stg @@ -61,6 +61,7 @@ fedmsg_certs: - git.mass_branch.start - git.pkgdb2branch.complete - git.pkgdb2branch.start + - pagure.git.receive - service: scm owner: root group: packager From 0dd454ae663962aabd63b7dc31e44a25a2d3551b Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Fri, 5 Jan 2018 13:11:04 +0000 Subject: [PATCH 04/24] Move buildvm-ppc64-01.stg out of ppc8-02 to get it moving Signed-off-by: Patrick Uiterwijk --- inventory/host_vars/buildvm-ppc64-01.stg.ppc.fedoraproject.org | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inventory/host_vars/buildvm-ppc64-01.stg.ppc.fedoraproject.org b/inventory/host_vars/buildvm-ppc64-01.stg.ppc.fedoraproject.org index 794c213c7e..51a9dbff77 100644 --- a/inventory/host_vars/buildvm-ppc64-01.stg.ppc.fedoraproject.org +++ b/inventory/host_vars/buildvm-ppc64-01.stg.ppc.fedoraproject.org @@ -1,5 +1,5 @@ --- -vmhost: ppc8-02.ppc.fedoraproject.org +vmhost: ppc8-01.ppc.fedoraproject.org eth0_ip: 10.5.129.230 gw: 10.5.129.254 main_bridge: br1 From 08ff0eb0ed605e0bf6ade2613aa3e4c56eca2d44 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20P=C3=A1ral?= Date: Fri, 5 Jan 2018 14:13:36 +0100 Subject: [PATCH 05/24] taskotron: reload systemd after creating buildmaster/slave service files --- roles/taskotron/buildmaster-configure/tasks/main.yml | 2 ++ roles/taskotron/buildslave-configure/tasks/main.yml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/roles/taskotron/buildmaster-configure/tasks/main.yml b/roles/taskotron/buildmaster-configure/tasks/main.yml index ee7b84e3e4..2b5a44c61f 100644 --- a/roles/taskotron/buildmaster-configure/tasks/main.yml +++ b/roles/taskotron/buildmaster-configure/tasks/main.yml @@ -18,6 +18,8 @@ - name: generate buildmaster service file template: src=buildmaster.service.j2 dest=/lib/systemd/system/buildmaster.service owner=root group=root mode=0744 + notify: + - reload systemd - name: start and enable buildmaster service service: name=buildmaster enabled=yes state=started diff --git a/roles/taskotron/buildslave-configure/tasks/main.yml b/roles/taskotron/buildslave-configure/tasks/main.yml index 5a61a13150..2af456f214 100644 --- a/roles/taskotron/buildslave-configure/tasks/main.yml +++ b/roles/taskotron/buildslave-configure/tasks/main.yml @@ -40,6 +40,8 @@ - name: generate buildslave service file template: src=buildslave.service.j2 dest=/lib/systemd/system/buildslave.service owner=root group=root mode=0744 when: deployment_type in ['local', 'qa-stg'] + notify: + - reload systemd - name: start and enable buildslave service service: name=buildslave enabled=yes state=started From 37f69d3950544a767112550041af77d2d1c2eef0 Mon Sep 17 00:00:00 2001 From: clime Date: Fri, 5 Jan 2018 11:30:37 +0100 Subject: [PATCH 06/24] copr-builder: use builder images with the latest kernel --- roles/copr/backend/files/provision/builderpb_nova.yml | 2 +- roles/copr/backend/files/provision/builderpb_nova_ppc64le.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/copr/backend/files/provision/builderpb_nova.yml b/roles/copr/backend/files/provision/builderpb_nova.yml index 9935aac78c..14852fa15f 100644 --- a/roles/copr/backend/files/provision/builderpb_nova.yml +++ b/roles/copr/backend/files/provision/builderpb_nova.yml @@ -11,7 +11,7 @@ keypair: buildsys max_spawn_time: 600 spawning_vm_user: "fedora" - image_name: "copr-builder-x86_64-f27" + image_name: "copr-builder-x86_64-f27-new-kernel" tasks: - name: generate builder name diff --git a/roles/copr/backend/files/provision/builderpb_nova_ppc64le.yml b/roles/copr/backend/files/provision/builderpb_nova_ppc64le.yml index 31d3f39386..86c42e293e 100644 --- a/roles/copr/backend/files/provision/builderpb_nova_ppc64le.yml +++ b/roles/copr/backend/files/provision/builderpb_nova_ppc64le.yml @@ -11,7 +11,7 @@ keypair: buildsys max_spawn_time: 600 spawning_vm_user: "fedora" - image_name: "copr-builder-ppc64le-f27" + image_name: "copr-builder-ppc64le-f27-new-kernel" tasks: - name: generate builder name From 2ea0e76545789fffcc804f01a92aef886d9783cb Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Fri, 5 Jan 2018 13:21:21 +0000 Subject: [PATCH 07/24] Attempt ppc8-04 Signed-off-by: Patrick Uiterwijk --- inventory/host_vars/buildvm-ppc64-01.stg.ppc.fedoraproject.org | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inventory/host_vars/buildvm-ppc64-01.stg.ppc.fedoraproject.org b/inventory/host_vars/buildvm-ppc64-01.stg.ppc.fedoraproject.org index 51a9dbff77..eb390996c3 100644 --- a/inventory/host_vars/buildvm-ppc64-01.stg.ppc.fedoraproject.org +++ b/inventory/host_vars/buildvm-ppc64-01.stg.ppc.fedoraproject.org @@ -1,5 +1,5 @@ --- -vmhost: ppc8-01.ppc.fedoraproject.org +vmhost: ppc8-04.ppc.fedoraproject.org eth0_ip: 10.5.129.230 gw: 10.5.129.254 main_bridge: br1 From 54168ace6b6538f5f5277316ab4d5504e057d7f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20P=C3=A1ral?= Date: Fri, 5 Jan 2018 14:56:54 +0100 Subject: [PATCH 08/24] taskotron: need to flush handlers immediately --- roles/taskotron/buildmaster-configure/tasks/main.yml | 2 ++ roles/taskotron/buildslave-configure/tasks/main.yml | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/roles/taskotron/buildmaster-configure/tasks/main.yml b/roles/taskotron/buildmaster-configure/tasks/main.yml index 2b5a44c61f..e0f8e4060f 100644 --- a/roles/taskotron/buildmaster-configure/tasks/main.yml +++ b/roles/taskotron/buildmaster-configure/tasks/main.yml @@ -20,6 +20,8 @@ template: src=buildmaster.service.j2 dest=/lib/systemd/system/buildmaster.service owner=root group=root mode=0744 notify: - reload systemd + - restart buildmaster + - meta: flush_handlers - name: start and enable buildmaster service service: name=buildmaster enabled=yes state=started diff --git a/roles/taskotron/buildslave-configure/tasks/main.yml b/roles/taskotron/buildslave-configure/tasks/main.yml index 2af456f214..4e39f21ca1 100644 --- a/roles/taskotron/buildslave-configure/tasks/main.yml +++ b/roles/taskotron/buildslave-configure/tasks/main.yml @@ -42,6 +42,7 @@ when: deployment_type in ['local', 'qa-stg'] notify: - reload systemd + - meta: flush_handlers - name: start and enable buildslave service service: name=buildslave enabled=yes state=started @@ -113,6 +114,9 @@ - name: generate buildslave service file template: src=buildslave@.service.j2 dest=/lib/systemd/system/buildslave@.service owner=root group=root mode=0644 when: deployment_type in ['dev', 'stg', 'prod'] + notify: + - reload systemd + - meta: flush_handlers - name: start and enable buildslave services service: name=buildslave@{{ item.user }} enabled=yes state=started From acb6babb45ec07355c1f49ed727d2d23e0af8f50 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20P=C3=A1ral?= Date: Fri, 5 Jan 2018 15:33:48 +0100 Subject: [PATCH 09/24] taskotron: add restart buildmaster handler and fix buildslave services --- handlers/restart_services.yml | 4 +++- roles/taskotron/buildslave-configure/tasks/main.yml | 6 +++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/handlers/restart_services.yml b/handlers/restart_services.yml index 93e20433dd..53a3495aa5 100644 --- a/handlers/restart_services.yml +++ b/handlers/restart_services.yml @@ -20,7 +20,7 @@ - name: restart fedmsg-hub command: /usr/local/bin/conditional-restart.sh fedmsg-hub fedmsg-hub # Note that, we're cool with arbitrary restarts on bodhi-backend02, just - # not bodhi-backend01 or bodhi-backend03. 01 and 03 is where the releng/mash + # not bodhi-backend01 or bodhi-backend03. 01 and 03 is where the releng/mash # stuff happens and we # don't want to interrupt that. when: inventory_hostname not in ['bodhi-backend01.phx2.fedoraproject.org', 'bodhi-backend03.phx2.fedoraproject.org'] @@ -180,3 +180,5 @@ - name: restart darkserver service: name=darkserver state=restarted +- name: restart buildmaster + service: name=buildmaster state=restarted diff --git a/roles/taskotron/buildslave-configure/tasks/main.yml b/roles/taskotron/buildslave-configure/tasks/main.yml index 4e39f21ca1..ae010f5c82 100644 --- a/roles/taskotron/buildslave-configure/tasks/main.yml +++ b/roles/taskotron/buildslave-configure/tasks/main.yml @@ -40,15 +40,15 @@ - name: generate buildslave service file template: src=buildslave.service.j2 dest=/lib/systemd/system/buildslave.service owner=root group=root mode=0744 when: deployment_type in ['local', 'qa-stg'] + register: buildslave-service notify: - reload systemd - meta: flush_handlers - name: start and enable buildslave service - service: name=buildslave enabled=yes state=started + service: name=buildslave enabled=yes state={{ (buildslave-service.changed) | ternary('restarted','started') }} when: deployment_type in ['local', 'qa-stg'] - - name: create slave become: true become_user: '{{ item.user }}' @@ -119,7 +119,7 @@ - meta: flush_handlers - name: start and enable buildslave services - service: name=buildslave@{{ item.user }} enabled=yes state=started + service: name=buildslave@{{ item.user }} enabled=yes state={{ (buildslave-service.changed) | ternary('restarted','started') }} with_items: - '{{ slaves|default([dict(user="", home="", dir="")]) }}' when: deployment_type in ['dev', 'stg', 'prod'] From 076286e4c401ead7f36187a949245e2fa23251b3 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Fri, 5 Jan 2018 14:39:40 +0000 Subject: [PATCH 10/24] Disable h2 for now due to ostree bugs. Re-enable 2018-01-19 Signed-off-by: Patrick Uiterwijk --- files/httpd/h2.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/httpd/h2.conf.j2 b/files/httpd/h2.conf.j2 index 2627ea8a32..0f36485f40 100644 --- a/files/httpd/h2.conf.j2 +++ b/files/httpd/h2.conf.j2 @@ -1 +1 @@ -Protocols h2 {% if not inventory_hostname.startswith('proxy') %} h2c {% endif %} http/1.1 +#Protocols h2 {% if not inventory_hostname.startswith('proxy') %} h2c {% endif %} http/1.1 From 925fc4277d83cabd535b80e275239a3288ecd212 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20P=C3=A1ral?= Date: Fri, 5 Jan 2018 15:41:24 +0100 Subject: [PATCH 11/24] taskotron: use tasks instead of handlers for buildmaster-configure Because the meta keyword doesn't seem to work. --- roles/taskotron/buildmaster-configure/tasks/main.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/roles/taskotron/buildmaster-configure/tasks/main.yml b/roles/taskotron/buildmaster-configure/tasks/main.yml index e0f8e4060f..c5043e2386 100644 --- a/roles/taskotron/buildmaster-configure/tasks/main.yml +++ b/roles/taskotron/buildmaster-configure/tasks/main.yml @@ -18,13 +18,14 @@ - name: generate buildmaster service file template: src=buildmaster.service.j2 dest=/lib/systemd/system/buildmaster.service owner=root group=root mode=0744 - notify: - - reload systemd - - restart buildmaster - - meta: flush_handlers + register: buildmaster-service + +- name: reload systemd + command: systemctl daemon-reload + when: buildmaster-service.changed - name: start and enable buildmaster service - service: name=buildmaster enabled=yes state=started + service: name=buildmaster enabled=yes state={{ (buildmaster-service.changed) | ternary('restarted','started') }} - name: reconfig master become: true From 5f4ea314a0b869e537742df632cd930a9a2705d0 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Fri, 5 Jan 2018 14:45:29 +0000 Subject: [PATCH 12/24] Also disable h2 here Signed-off-by: Patrick Uiterwijk --- roles/httpd/website/templates/website.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/httpd/website/templates/website.conf b/roles/httpd/website/templates/website.conf index 81a476b5a5..ff5bcae024 100644 --- a/roles/httpd/website/templates/website.conf +++ b/roles/httpd/website/templates/website.conf @@ -33,7 +33,7 @@ ServerAdmin {{ server_admin }} {% if ansible_distribution == 'Fedora' %} - Protocols h2 http/1.1 + # Protocols h2 http/1.1 {% endif %} {% if gzip %} From c8bd3d356e850fa0b9985761d71b9a5adc2c45f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20P=C3=A1ral?= Date: Fri, 5 Jan 2018 15:47:51 +0100 Subject: [PATCH 13/24] taskotron: use valid variable names --- .../buildmaster-configure/tasks/main.yml | 6 +++--- .../buildslave-configure/tasks/main.yml | 21 +++++++++++-------- 2 files changed, 15 insertions(+), 12 deletions(-) diff --git a/roles/taskotron/buildmaster-configure/tasks/main.yml b/roles/taskotron/buildmaster-configure/tasks/main.yml index c5043e2386..b78644470e 100644 --- a/roles/taskotron/buildmaster-configure/tasks/main.yml +++ b/roles/taskotron/buildmaster-configure/tasks/main.yml @@ -18,14 +18,14 @@ - name: generate buildmaster service file template: src=buildmaster.service.j2 dest=/lib/systemd/system/buildmaster.service owner=root group=root mode=0744 - register: buildmaster-service + register: buildmaster_service - name: reload systemd command: systemctl daemon-reload - when: buildmaster-service.changed + when: buildmaster_service.changed - name: start and enable buildmaster service - service: name=buildmaster enabled=yes state={{ (buildmaster-service.changed) | ternary('restarted','started') }} + service: name=buildmaster enabled=yes state={{ (buildmaster_service.changed) | ternary('restarted','started') }} - name: reconfig master become: true diff --git a/roles/taskotron/buildslave-configure/tasks/main.yml b/roles/taskotron/buildslave-configure/tasks/main.yml index ae010f5c82..f9acddc124 100644 --- a/roles/taskotron/buildslave-configure/tasks/main.yml +++ b/roles/taskotron/buildslave-configure/tasks/main.yml @@ -40,13 +40,14 @@ - name: generate buildslave service file template: src=buildslave.service.j2 dest=/lib/systemd/system/buildslave.service owner=root group=root mode=0744 when: deployment_type in ['local', 'qa-stg'] - register: buildslave-service - notify: - - reload systemd - - meta: flush_handlers + register: buildslave_service + +- name: reload systemd + command: systemctl daemon-reload + when: deployment_type in ['local', 'qa-stg'] and buildmaster_service.changed - name: start and enable buildslave service - service: name=buildslave enabled=yes state={{ (buildslave-service.changed) | ternary('restarted','started') }} + service: name=buildslave enabled=yes state={{ (buildslave_service.changed) | ternary('restarted','started') }} when: deployment_type in ['local', 'qa-stg'] - name: create slave @@ -114,12 +115,14 @@ - name: generate buildslave service file template: src=buildslave@.service.j2 dest=/lib/systemd/system/buildslave@.service owner=root group=root mode=0644 when: deployment_type in ['dev', 'stg', 'prod'] - notify: - - reload systemd - - meta: flush_handlers + register: buildslave_service + +- name: reload systemd + command: systemctl daemon-reload + when: deployment_type in ['dev', 'stg', 'prod'] and buildmaster_service.changed - name: start and enable buildslave services - service: name=buildslave@{{ item.user }} enabled=yes state={{ (buildslave-service.changed) | ternary('restarted','started') }} + service: name=buildslave@{{ item.user }} enabled=yes state={{ (buildslave_service.changed) | ternary('restarted','started') }} with_items: - '{{ slaves|default([dict(user="", home="", dir="")]) }}' when: deployment_type in ['dev', 'stg', 'prod'] From 52f45933eeaa0e93b104a777509e1e92246c3097 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20P=C3=A1ral?= Date: Fri, 5 Jan 2018 15:54:29 +0100 Subject: [PATCH 14/24] taskotron: fix wrong variable name --- roles/taskotron/buildslave-configure/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/taskotron/buildslave-configure/tasks/main.yml b/roles/taskotron/buildslave-configure/tasks/main.yml index f9acddc124..cc82e59357 100644 --- a/roles/taskotron/buildslave-configure/tasks/main.yml +++ b/roles/taskotron/buildslave-configure/tasks/main.yml @@ -44,7 +44,7 @@ - name: reload systemd command: systemctl daemon-reload - when: deployment_type in ['local', 'qa-stg'] and buildmaster_service.changed + when: deployment_type in ['local', 'qa-stg'] and buildslave_service.changed - name: start and enable buildslave service service: name=buildslave enabled=yes state={{ (buildslave_service.changed) | ternary('restarted','started') }} @@ -119,7 +119,7 @@ - name: reload systemd command: systemctl daemon-reload - when: deployment_type in ['dev', 'stg', 'prod'] and buildmaster_service.changed + when: deployment_type in ['dev', 'stg', 'prod'] and buildslave_service.changed - name: start and enable buildslave services service: name=buildslave@{{ item.user }} enabled=yes state={{ (buildslave_service.changed) | ternary('restarted','started') }} From 2cff88a919a037d3b0715b619ea75aadae282a80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20P=C3=A1ral?= Date: Fri, 5 Jan 2018 16:00:21 +0100 Subject: [PATCH 15/24] taskotron: one more buildslave service to disable PIDFile in --- .../buildslave-configure/templates/buildslave@.service.j2 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/taskotron/buildslave-configure/templates/buildslave@.service.j2 b/roles/taskotron/buildslave-configure/templates/buildslave@.service.j2 index 9d218351dd..a4b455735a 100644 --- a/roles/taskotron/buildslave-configure/templates/buildslave@.service.j2 +++ b/roles/taskotron/buildslave-configure/templates/buildslave@.service.j2 @@ -5,12 +5,14 @@ After=network.target [Service] Type=forking {% if deployment_type in ['stg', 'prod'] %} -PIDFile=/home/%i/slave/twistd.pid +# disabled because of https://pagure.io/taskotron/issue/236 +#PIDFile=/home/%i/slave/twistd.pid ExecStart=/bin/buildslave start /home/%i/slave/ ExecStop=/bin/buildslave stop /home/%i/slave/ {% endif %} {% if deployment_type in ['dev'] %} -PIDFile=/srv/buildslaves/%i/slave/twistd.pid +# disabled because of https://pagure.io/taskotron/issue/236 +#PIDFile=/srv/buildslaves/%i/slave/twistd.pid ExecStart=/bin/buildslave start /srv/buildslaves/%i/slave/ ExecStop=/bin/buildslave stop /srv/buildslaves/%i/slave/ {% endif %} From 5a9c6b883b761b9dc56c92564f4e23a865e685a3 Mon Sep 17 00:00:00 2001 From: Tim Flink Date: Fri, 5 Jan 2018 16:57:22 +0000 Subject: [PATCH 16/24] updating buildslave home path for taskotron stg --- .../buildslave-configure/templates/buildslave@.service.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/taskotron/buildslave-configure/templates/buildslave@.service.j2 b/roles/taskotron/buildslave-configure/templates/buildslave@.service.j2 index a4b455735a..6c63f14b2b 100644 --- a/roles/taskotron/buildslave-configure/templates/buildslave@.service.j2 +++ b/roles/taskotron/buildslave-configure/templates/buildslave@.service.j2 @@ -4,13 +4,13 @@ After=network.target [Service] Type=forking -{% if deployment_type in ['stg', 'prod'] %} +{% if deployment_type in ['prod'] %} # disabled because of https://pagure.io/taskotron/issue/236 #PIDFile=/home/%i/slave/twistd.pid ExecStart=/bin/buildslave start /home/%i/slave/ ExecStop=/bin/buildslave stop /home/%i/slave/ {% endif %} -{% if deployment_type in ['dev'] %} +{% if deployment_type in ['dev', 'stg'] %} # disabled because of https://pagure.io/taskotron/issue/236 #PIDFile=/srv/buildslaves/%i/slave/twistd.pid ExecStart=/bin/buildslave start /srv/buildslaves/%i/slave/ From 6de46913f23927d88d59b94469cc0c7ec142f0e7 Mon Sep 17 00:00:00 2001 From: Tim Flink Date: Fri, 5 Jan 2018 17:06:53 +0000 Subject: [PATCH 17/24] updating stg buildmaster host key --- inventory/group_vars/taskotron-stg-client-hosts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inventory/group_vars/taskotron-stg-client-hosts b/inventory/group_vars/taskotron-stg-client-hosts index a8b64350e0..6b05f10289 100644 --- a/inventory/group_vars/taskotron-stg-client-hosts +++ b/inventory/group_vars/taskotron-stg-client-hosts @@ -66,7 +66,7 @@ buildslave_pubkey: "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA4EOTNfPIvIjCLNRYauVquS2L buildslave_private_sshkey_file: dev-buildslave-sshkey/dev_buildslave buildslave_public_sshkey_file: dev-buildslave-sshkey/dev_buildslave.pub -buildmaster_pubkey: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDuEn17zELhxb4AcN2S+3j3zcdi0MO/kK+z9iZq63dTHq+SoHyQjiOrwnvWURQvod0Q9ro9fukSlJ0yJCYv+Y7MGxqvavVDrK4oW5VhzpJzr4UpInaxMleDSHHt13NxNOVBy+Dkb4xkQGdPD472WuBdzGG5OSisaFNX/jAkVO88a/klbvJTH4AmHX+KslAhnV+SSxKt5L+zVDYXXJOBCeVNoGRiVmq2ZJQiWlwT+TGreDXCsjW1anqnV/lLoThWAi+u919ur3uFg1JBKIDHM/JRZZjyfapbTSC/1YPNpBs+KdaSZhcCngqXDmOt1Ax3TR7FXQ344KwWk3VD6gV+065B' +buildmaster_pubkey: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDaxEBD21YcspXmr1qdbKF1BgjlJLChl6rheTMyEG/n7I6KGa43YPcaEsfxkph1y09qvwkzRakknNkLgJMiTczU+6u82EV9dQfHCO44VdYpEbCCyHfvxRWqKBXD/vr+0BKv2oa44w76fuq/bXBie6pt5URJeQIpGj8SxXSYvuJfMu9MUArSCkiJ+unrPySCic9oeec5rTvnq9nja15dCF9wHeDkzA16la+AsYiAdOjxt7AwVAjvSX6IIM8KqtGaAcs3rwaihIDnzqz+edSTEdLdtkyUVlZuVSGtdRy6LAqQzeEI3SmfEG7ABfwIINS97EVH2kTBeZlZgLnbwGOCkluV' ############################################################ From cb228ec04e020f73747443ad493d93bc8ffce6ea Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Fri, 5 Jan 2018 18:52:36 +0000 Subject: [PATCH 18/24] move autocloud-web to fedora 27 as well in prod --- inventory/host_vars/autocloud-web01.phx2.fedoraproject.org | 4 ++-- inventory/host_vars/autocloud-web02.phx2.fedoraproject.org | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/inventory/host_vars/autocloud-web01.phx2.fedoraproject.org b/inventory/host_vars/autocloud-web01.phx2.fedoraproject.org index b4e11a7eea..cb8d5fd3f6 100644 --- a/inventory/host_vars/autocloud-web01.phx2.fedoraproject.org +++ b/inventory/host_vars/autocloud-web01.phx2.fedoraproject.org @@ -3,8 +3,8 @@ nm: 255.255.255.0 gw: 10.5.126.254 dns: 10.5.126.21 -ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-25 -ks_repo: http://10.5.126.23/pub/fedora/linux/releases/25/Server/x86_64/os/ +ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-27 +ks_repo: http://10.5.126.23/pub/fedora/linux/releases/27/Server/x86_64/os/ eth0_ip: 10.5.126.117 diff --git a/inventory/host_vars/autocloud-web02.phx2.fedoraproject.org b/inventory/host_vars/autocloud-web02.phx2.fedoraproject.org index fae8fb456a..e5beaf7279 100644 --- a/inventory/host_vars/autocloud-web02.phx2.fedoraproject.org +++ b/inventory/host_vars/autocloud-web02.phx2.fedoraproject.org @@ -3,8 +3,8 @@ nm: 255.255.255.0 gw: 10.5.126.254 dns: 10.5.126.21 -ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-25 -ks_repo: http://10.5.126.23/pub/fedora/linux/releases/25/Server/x86_64/os/ +ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-27 +ks_repo: http://10.5.126.23/pub/fedora/linux/releases/27/Server/x86_64/os/ eth0_ip: 10.5.126.118 From e6df0ae97a62601c7ee2df7748e8de28738ab80a Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Fri, 5 Jan 2018 20:23:08 +0100 Subject: [PATCH 19/24] Move to the openstack 10 repo Signed-off-by: Patrick Uiterwijk --- roles/virthost/files/rhel7-os.repo | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/virthost/files/rhel7-os.repo b/roles/virthost/files/rhel7-os.repo index 3dc6faa81d..f802cefbda 100644 --- a/roles/virthost/files/rhel7-os.repo +++ b/roles/virthost/files/rhel7-os.repo @@ -1,5 +1,5 @@ [rhel7-os] name = rhel7 os $basearch -baseurl=http://infrastructure.fedoraproject.org/repo/rhel/rhel7/$basearch/rhel-7-openstack-8-rpms +baseurl=http://infrastructure.fedoraproject.org/repo/rhel/rhel7/$basearch/rhel-7-openstack-10-rpms includepkgs=qemu* gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release From 02087054e86c1ef1761c6971a29e4c94596d501c Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Fri, 5 Jan 2018 19:42:50 +0000 Subject: [PATCH 20/24] Use cpu=host for now. This limits live migration thus needs to be reconsidered later. Signed-off-by: Patrick Uiterwijk --- inventory/group_vars/all | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/inventory/group_vars/all b/inventory/group_vars/all index 1adcf0d772..2e13911491 100644 --- a/inventory/group_vars/all +++ b/inventory/group_vars/all @@ -78,7 +78,7 @@ virt_install_command_one_nic: virt-install -n {{ inventory_hostname }} hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }},model=virtio - --autostart --noautoconsole --watchdog default + --autostart --noautoconsole --watchdog default --cpu host virt_install_command_two_nic: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio @@ -89,7 +89,7 @@ virt_install_command_two_nic: virt-install -n {{ inventory_hostname }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname }}-nfs:eth1:none' --network bridge={{ main_bridge }},model=virtio --network=bridge={{ nfs_bridge }},model=virtio - --autostart --noautoconsole --watchdog default + --autostart --noautoconsole --watchdog default --cpu host virt_install_command_aarch64_one_nic: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio @@ -128,7 +128,7 @@ virt_install_command_rhel6: virt-install -n {{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x "ksdevice=eth0 ks={{ ks_url }} ip={{ eth0_ip }} netmask={{ nm }} gateway={{ gw }} dns={{ dns }} console=tty0 console=ttyS0 - hostname={{ inventory_hostname }}" + hostname={{ inventory_hostname }}" --cpu host --network=bridge=br0 --autostart --noautoconsole --watchdog default max_mem_size: "{{ mem_size * 5 }}" From 353cb995faaa21ce4704426d3abec56bbca94234 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Fri, 5 Jan 2018 21:54:55 +0000 Subject: [PATCH 21/24] add timeout here --- .../mirrorlist_proxy/templates/mirrorlist.service.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 b/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 index abcac03db2..7c54acbd33 100644 --- a/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 +++ b/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 @@ -8,8 +8,8 @@ TimeoutStartSec=0 Type=oneshot RemainAfterExit=yes ExecStart=/usr/bin/docker run --rm --detach --log-driver none --name %n -v /srv/mirrorlist/data/mirrorlist{{ item }}:/var/lib/mirrormanager:z -v /var/log/mirrormanager:/var/log/mirrormanager:z -p 1808{{ item }}:80 {{ mirrorlist_container_image }} -l /var/log/mirrormanager/%n.log -ExecStop=/usr/bin/docker stop %n -TimeoutStopSec=30 +ExecStop=/usr/bin/docker stop --time=180 %n +TimeoutStopSec=180 [Install] WantedBy=multi-user.target From f54e8493e70f1b2bb6bdd6d2a5e67bea5e98c895 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Sat, 6 Jan 2018 00:51:57 +0000 Subject: [PATCH 22/24] Until signal processing gets fixed for mirrorlist, hack around it Signed-off-by: Patrick Uiterwijk --- .../mirrorlist_proxy/templates/mirrorlist.service.j2 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 b/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 index 7c54acbd33..470fd9844c 100644 --- a/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 +++ b/roles/mirrormanager/mirrorlist_proxy/templates/mirrorlist.service.j2 @@ -8,7 +8,9 @@ TimeoutStartSec=0 Type=oneshot RemainAfterExit=yes ExecStart=/usr/bin/docker run --rm --detach --log-driver none --name %n -v /srv/mirrorlist/data/mirrorlist{{ item }}:/var/lib/mirrormanager:z -v /var/log/mirrormanager:/var/log/mirrormanager:z -p 1808{{ item }}:80 {{ mirrorlist_container_image }} -l /var/log/mirrormanager/%n.log -ExecStop=/usr/bin/docker stop --time=180 %n +ExecStop=/usr/bin/docker stop --time=1 %n +# Mirrorlist can't take a signal... but docker stop returns before it actually killed everything. +ExecStop=/usr/bin/sleep 10 TimeoutStopSec=180 [Install] From af8d89d205f3058aee53851b8acc80e9656d05fb Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Sun, 7 Jan 2018 19:27:49 +0000 Subject: [PATCH 23/24] bump to 4 --- roles/bodhi2/base/templates/production.ini.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/bodhi2/base/templates/production.ini.j2 b/roles/bodhi2/base/templates/production.ini.j2 index fc304dc561..0457af4434 100644 --- a/roles/bodhi2/base/templates/production.ini.j2 +++ b/roles/bodhi2/base/templates/production.ini.j2 @@ -122,7 +122,7 @@ pungi.conf.rpm = pungi.rpm.conf.j2 pungi.conf.module = pungi.module.conf.j2 pungi.labeltype = Update pungi.extracmdline = --notification-script=/usr/bin/pungi-fedmsg-notification --notification-script=pungi-wait-for-signed-ostree-handler -max_concurrent_mashes = 3 +max_concurrent_mashes = 4 ## Our periodic jobs #jobs = clean_repo nagmail fix_bug_titles cache_release_data approve_testing_updates From c54b3f2082fd114bb49cfb3a5a10f339c814ce67 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Mon, 8 Jan 2018 00:55:47 +0000 Subject: [PATCH 24/24] put requireany inside 2.4 apache block --- files/httpd/apachestatus.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/files/httpd/apachestatus.conf b/files/httpd/apachestatus.conf index 41255f4deb..cfd499349f 100644 --- a/files/httpd/apachestatus.conf +++ b/files/httpd/apachestatus.conf @@ -2,10 +2,13 @@ ExtendedStatus on SetHandler server-status + + # Apache 2.4 Require ip 127.0.0.1 Require ip ::1 Require host localhost Require valid-user +