These vlans will be used by the stuff moving from the
rd2 community cage over to rdu3. We want it isolated
from the rest of our stuff (in particular pagure and copr builders).
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
The zones I added are not under a view, they are the same for everyone.
And some old no longer used zones are expired and the new named in
rhel9.6 will not load them. So, just drop the signed ones for now.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
First the mgmt zone was loading the wrong thing.
Next, rdu3 does in fact need to be able to resolve iad2 zones, because
we need to be able to resolve the ipa servers in order for sssd
to work.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Mistakenly I copied this from IAD2 and failed to change the zone that it
was loading, so it was always giving the IAD2 view in RDU3.
This should fix that.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This should setup the rdu3 vlans with initial dns, which is just a copy
of our iad2 networks with 10.3 changing to 10.16.
Once rdu3 machines have network we should be able to use these to let
rdu3 hosts query the regular dns servers for things.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This will unify all the handlers to use first uppercase letter for
ansible-lint to stop complaining.
I went through all `notify:` occurrences and fixed them by running
```
set TEXT "text_to_replace"; set REPLACEMENT "replacement_text"; git grep
-rlz "$TEXT" . | xargs -0 sed -i "s/$TEXT/$REPLACEMENT/g"
```
Then I went through all the changes and removed the ones that wasn't
expected to be changed.
Fixes https://pagure.io/fedora-infrastructure/issue/12391
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
fix 1900 failures of the following case issue:
`name[casing]: All names should start with an uppercase letter.`
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
This is a new z16 lpar in rdu.
This is for staging.
We should not mess with its network because it has a nice weird bonded
set of interfaces that we have a bridge on top of.
Set to make a new buildvm-s390x-01.stg on it.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Increase the window so we keep track of more queries
Set the max number of nxdomains to try and drop those.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This domain is already in the dns repo (unsigned).
So, this adds it to named.conf and adds it as an alias on the
fedoraproject.org site for now.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Problem: Fedora Infrastructure has used various DNS servers in
PHX2. Those no longer exist. This is causing breakage in DNS and many
other internal services.
Fix: Work with Red Hat IT
- to get new DNS servers which are infoblox devices.
- get firewall rules fixed to that
- update named.conf to have new ips
- remove old ips which no longer exist.
Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
I think this is leftover from chroot named days. New bind requires a
writable directory for this and default is /var/named.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
In order to try and fix the number of TCP connections allowed to get
to the dns servers by increasing from the default 100 to 1000. This
will hopefully help fix the issue in
https://pagure.io/fedora-infrastructure/issue/9850 where the name
servers are not able to answer TCP connections after a while.
Signed-off-by: Stephen Smoogen <smooge@smoogespace.com>
This reverts commit 8c3d08396b.
Landing this before changes in DNS repo left the SA region with
no proxies. ;( Reverting it until we can land it all (nearly) at
once.
