Also, this impacted bvm-s390 because thats a Fedora host and
"distrib < 10" is true for F42 :)
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
Fairly big commit, this does:
- Any host including zabbix_agent will now register iteself with the server
This means we can drop auto-registration once it's tested
- Any host with a "bmc:" entry in host_vars will add items/triggers to monitor it
This means we don't need separate "hosts" for the MGMT interfaces
- Reverted to a single base template
The split ones were overkill, we can handle the builders with host macros
- Added defaults to the roles
This lets us override the connection vars from host/group vars (useful for testing)
- Lint & minor cleanup
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
This re-adds a iscsi_client role we had in iad2 back in in rdu3.
When then apply it to bvmhost-p10-01 to login and use a iscsi lun from
the rdu3 netapp. We then move the buildvm-ppc64le vm's to use this iscsi
volume instead of local storage.
As we reinstall those builders they will use the iscsi volume.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
I think @kevin inadvertently broke this in
f0663ae52f - he mixed up the names
of environments ('production' / 'staging') and Koji instances
('primary' / 'secondary'), just in this one case (it's correct
everywhere else). This is causing the pungi user not to be
created, and that means compose hosts can't publish messages.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
Seems like we set this up many years ago for staging, but then we added
a comment to do it for prod and never did.
This is needed in todays rdu3 setup. The pagure user needs to be local
so it can sudo with the local sudo config instead of the ipa sudo
config.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This deploys a new set of ccd files to bastion*rdu3 for openvpn.
Right now bastion01.iad2 is the vpn hub/server for all connections.
Once dns is changed and clients restarted, they will connect to
bastion01.rdu3.
These ccd files swap the iad2 for rdu3 servers.
So, for example now 'wiki01.vpn.fedoraproject.org', or 'wiki01' as the
proxies call it, will go to wiki01.iad2.fedoraproject.org.
After the dns switch and client reconnects here,
wiki01.vpn.fedoraproject.org/wiki01's ip will be claimed by
wiki01.rdu3.fedoraproject.org instead and wiki01.iad2 will get a dynamic
ip (or will be just turned off).
This will allow us to more easly move services from proxies.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This machine has a smart card in it for secure boot signing,
so use it for now for the dc move and then we will move to
the new signing setup that can just use (select) buildvm's and
sigul.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
