This ip had hit release-monitoring.org like 5,000,000 times in the
course of a few hours and swamped it's web pod.
Lets block it for now and see if anyone complains.
If this is you: please add some rate limiting.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
These hosts are rhel10 now and removing nftables takes out the entire
libvirt stack as it doesn't support iptables anymore.
This results in base removing libvirt and the hypervisor role
re-installing it every playbook run. It also means the network doesn't
work on guests at all.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
The x86 ones are now in rdu3 and reinstalled with rhel10.
All the power9 ones are in rdu3 and reinstalled.
So, we should just enable nbde on all of them.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We still aren't able to get to mgmt on this host, but it's up and
operating normally, so we might as well use it for now.
If it goes down we can remove it again.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
There's no need to keep ocp-rdu3 around anymore, we only used
it when we were moving datacenters last year.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Seems like the proxies don't want to handle port 80 nicely, I get
errors in Zabbix for them using localhost:80/apache-status (which
works elsewhere, like sundries). However using https/443 seems to
work, so we'll do that instead.
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
Fix https://github.com/fedora-copr/copr/issues/4001
I updated the `copr_builder_images.hypervisor.x86_64` even though the image is
not uploaded there yet because the HV is currently down.
Somebody needs to run this when it gets back online:
STAMP=$(date -I) \
ARCHES=x86_64 \
TARGETS=libvirt \
copr-upload-builder-images /var/lib/copr/public_html/images/2026-01-14/
The proxy05 is unavailable for last few days, let's remove it from
mirrorlist_proxies till the situation is resolved.
This will fix mirrorlist-statistics cronjob. See
https://pagure.io/fedora-infrastructure/issue/12993 for more info.
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
This removes the known-good things we've had in Zabbix for a while -
RAID, disk space, processes, and mail queue. It also removes swap which
we've decided we don't need.
Also includes some FS overrides on the Zabbix side so the relevant
NFS mounts get monitored on the OCI, and pkgs hosts, as per Nagios had.
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
Anubis was accidentally enabled for all traffic (/) instead of just
the /coprs/ web UI. This caused unnecessary bot challenges for API
clients, dnf/yum, and other automated tools.
Use Anubis BASE_PREFIX to cleanly protect only specific endpoints:
- Frontend: /coprs/ (web UI)
- Dist-git: /{{ cgit_uri }}/ (package browser)
https://anubis.techaro.lol/docs/admin/installation#using-base-prefix
I hope I got this right. This IP is trying Little Bobby Tables
attacks on openQA and it's making the servers crash.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
