Reinstall this vm over on ibiblio05 which has a bridge to the new vlan.
This will be a nice test if everything is working on that vlan before we
move more important things over to it.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Other hypervisors run with iptables, but the p09 machine is Fedora 42,
and we need libvirt-daemon-driver-network package which on Fedora 42
installs nftables anyway.
The server uses the upstream release RPM, not EPEL, so
the package names are different. Our pattern for OS vars
override host_vars, so we have to explictly set an override var
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
Turns out we don't have 80/443 access from .stg to .mgmt so
we can only monitor ping for these hosts
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
ibiblio wants to move us to a new vlan. They have already setup things
so we can tag into that vlan on their side, so this just configures a
br1 bridge with that vlan tagged. The existing vm's should be able to be
on the existing vlan for now, but this will let us provision on that
network/vlan.
Also, it seems that I didn't set these up correctly network wise.
They are just using the interfaces directly instead of using a bond over
them. This configuration does that correctly.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This server isn't working and we can't figure out why not. It's
a problem for openQA because we copy the host's DNS config into
'advanced networking' openQA guests, and then when we do a
FreeIPA deployment test, it picks up both DNS servers, tries to
confirm both work, and fails. So we need to take ns03 out until
it's fixed.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
We don't have ipv6 routing setup yet, but are scheduled to work on that
soon. To get ready for that, lets add ipv6 addresses to the (few)
machines that will actually need them.
We do not want to add ipv6 to all hosts. The vast majority of them never
need to talk to the outside world directly and shouldn't have a ipv6
address that can do this.
These few hosts are ones with external nat mappings where it is
desireable that they be able to handle ipv6 connections.
Note that we also do NOT want to add any of these to dns until
they are known working. We also will likely have to adjust nftables
to allow the services on ipv6 that we do on ipv4 (if they make sense).
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This is to disambiguate 'ns02'. Right now we have ns02.fedoraproject.org
and also ns02.rdu3.fedoraproject.org. After this we will just have a
ns02 and a ns03.rdu3 server.
This will also allow us to more easily change whois/glue records.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
