bodhi-backend01.rdu3: add bodhi-backend in rdu3

This does not include actual bodhi role or nfs mounts yet. It's mostly just to allow testing of new signing infra. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2026-05-11 10:32:27 +08:00 · 2025-06-11 09:04:49 -07:00
parent 6841154f41
commit e5cef312a8
3 changed files with 39 additions and 8 deletions
--- a/inventory/host_vars/bodhi-backend01.rdu3.fedoraproject.org
+++ b/inventory/host_vars/bodhi-backend01.rdu3.fedoraproject.org
@@ -0,0 +1,23 @@
+---
+# These set a config value, see roles/bodhi2/base/
+bodhi_masher_enabled: True
+bodhi_signed_handler_enabled: False
+bodhi_updates_handler_enabled: False
+datacenter: rdu3
+dns: 10.16.163.33
+dns1: 10.16.163.33
+dns2: 10.16.163.34
+eth0_ipv4_gw: 10.16.169.254
+eth0_ipv4_ip: 10.16.169.101
+ks_repo: https://infrastructure.fedoraproject.org/pub/fedora/linux/releases/42/Server/x86_64/os/
+ks_url: https://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-fedora
+max_mem_size: 98304
+mem_size: 98304
+num_cpus: 30
+sar_output_file: bodhi.json
+# GDPR SAR variables
+sar_script: /usr/bin/bodhi-sar
+sar_script_user: apache
+virt_install_command: "{{ virt_install_command_one_nic }}"
+vmhost: bvmhost-x86-01.rdu3.fedoraproject.org
+volgroup: /dev/vg_guests
--- a/inventory/inventory
+++ b/inventory/inventory
@@ -107,6 +107,7 @@ mailman01.stg.iad2.fedoraproject.org
 [bodhi_backend]
 # This one handles the mashing/releng stuff
 bodhi-backend01.iad2.fedoraproject.org
+bodhi-backend01.rdu3.fedoraproject.org

 [bodhi_backend_stg]
 bodhi-backend01.stg.iad2.fedoraproject.org
@@ -920,6 +921,7 @@ bodhi-backend01.iad2.fedoraproject.org

 [sar]
 bodhi-backend01.iad2.fedoraproject.org
+bodhi-backend01.rdu3.fedoraproject.org
 mailman01.iad2.fedoraproject.org
 people01.fedoraproject.org
 pagure02.fedoraproject.org
--- a/playbooks/groups/bodhi-backend.yml
+++ b/playbooks/groups/bodhi-backend.yml
@@ -45,53 +45,57 @@
    mnt_dir: '/mnt/fedora_koji'
    nfs_src_dir: 'fedora_koji'

-  - bodhi2/backend
+  - { role: bodhi2/backend, when: datacenter != 'rdu3 }

  - role: nfs/client
    mnt_dir: '/mnt/koji/ostree'
    nfs_src_dir: 'fedora_ostree_content/ostree'
-    when: env != 'staging'
+    when: env != 'staging' and datacenter == 'iad2'

  - role: nfs/client
    mnt_dir: '/mnt/koji/compose/ostree'
    nfs_src_dir: 'fedora_ostree_content/compose/ostree'
-    when: env != 'staging'
+    when: env != 'staging' and datacenter == 'iad2'

  - role: nfs/client
    mnt_dir: '/mnt/koji/ostree'
    nfs_src_dir: 'fedora_ostree_content_stg/ostree'
-    when: env == 'staging'
+    when: env == 'staging' and datacenter == 'iad2'

  - role: nfs/client
    mnt_dir: '/mnt/koji/compose/ostree'
    nfs_src_dir: 'fedora_ostree_content_stg/compose/ostree'
-    when: env == 'staging'
+    when: env == 'staging' and datacenter == 'iad2'

    # In staging, we mount fedora_koji as read only (see nfs_mount_opts)
  - role: nfs/client
    mnt_dir: '/mnt/fedora_koji_prod'
    nfs_src_dir: 'fedora_koji'
-    when: env == 'staging'
+    when: env == 'staging' and datacenter == 'iad2'

  - role: nfs/client
    mnt_dir: '/pub/'
    nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub/'
+    when: datacenter == 'iad2'

  - role: nfs/client
    mnt_dir: '/pub/archive'
    nfs_src_dir: 'fedora_ftp_archive'
+    when: datacenter == 'iad2'

  - role: keytab/service
    owner_user: apache
    owner_group: apache
    service: bodhi
    host: "bodhi{{ env_suffix }}.fedoraproject.org"
+    when: datacenter == 'iad2'

  - role: push-container-registry
    cert_dest_dir: "/etc/docker/certs.d/registry{{ env_suffix }}.fedoraproject.org"
    cert_src: "{{private}}/files/docker-registry/{{env}}/pki/issued/containerstable.crt"
    key_src: "{{private}}/files/docker-registry/{{env}}/pki/private/containerstable.key"
    certs_group: apache
+    when: datacenter == 'iad2'

  - role: rabbit/queue
    queue_username: "bodhi{{ env_suffix }}"
@@ -101,6 +105,7 @@
      warning: 10
      critical: 100
    user_sent_topics: "{{ bodhi_sent_topics }}"
+    when: datacenter == 'iad2'

  - role: rabbit/queue
    queue_username: "bodhi{{ env_suffix }}"
@@ -112,16 +117,17 @@
      critical: 100
    # We have to repeat this line for now (only the last one counts)
    user_sent_topics: "{{ bodhi_sent_topics }}"
+    when: datacenter == 'iad2'

  tasks:
  - name: Create secondary volume dir for stg bodhi
    ansible.builtin.file: dest=/mnt/koji/vol state=directory owner=apache group=apache mode=0755
    tags: bodhi
-    when: env == 'staging'
+    when: env == 'staging' and datacenter == 'iad2'
  - name: Create symlink for stg/prod secondary volume
    ansible.builtin.file: src=/mnt/fedora_koji_prod/koji dest=/mnt/koji/vol/prod state=link
    tags: bodhi
-    when: env == 'staging'
+    when: env == 'staging' and datacenter == 'iad2'

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"