WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-27 03:52:09 +08:00
Code Issues Packages Projects Releases Wiki Activity
43,553 Commits 9 Branches 0 Tags
24afcc8bd4dfd90a43c879d08e3353309a0cab8b
Commit Graph

43553 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Aurélien Bompard
24afcc8bd4 Fix zodbot deployment on value01.rdu3 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-06-30 11:11:55 +02:00
Aurélien Bompard
5203378066 Don't put so much public stuff in the ansible repo, where we don't have env variables 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-06-30 11:00:18 +02:00
Aurélien Bompard
2f22b5edea Fix kerneltest wsgi script broken by f513e7c 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-06-30 11:00:17 +02:00
James Antill
99f6f54346 mailman: No service for rdu3, yet. 
Signed-off-by: James Antill <james@and.org>
 2025-06-29 16:10:51 -04:00
James Antill
b909188491 mailman: No sending emails from rdu3, yet. 
Signed-off-by: James Antill <james@and.org>
 2025-06-29 16:00:05 -04:00
James Antill
8f2282e2c3 Add mailman01.rdu3 host_vars file, on vmhost-05. 
Signed-off-by: James Antill <james@and.org>
 2025-06-29 14:58:34 -04:00
James Antill
5d9a3e5e71 Add mailman01.rdu3. 
Signed-off-by: James Antill <james@and.org>
 2025-06-29 14:57:01 -04:00
Kevin Fenzi
d2a86d10e3 sign-vault01.rdu3: add to correct datacenter 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-29 09:35:12 -07:00
Kevin Fenzi
2f6b8de8c5 sign-vault.rdu3: also setup nbde and serial console in rdu3 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-29 09:27:22 -07:00
Kevin Fenzi
d29feb2c71 bvmhost-p10-01: no nbde for now 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 18:27:20 -07:00
Kevin Fenzi
46e93ae29b proxies: block a few more nets 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 17:07:23 -07:00
Kevin Fenzi
da58790976 batcave01: drop srm, its not actually in epel9 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 15:57:44 -07:00
Kevin Fenzi
a2dad69ed9 buildvm_aarch64_rdu3: set local rdu3 ipa server as default 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 15:29:40 -07:00
Kevin Fenzi
8c69141111 inventory: add buildhw-x86 to buildhw group 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 15:08:33 -07:00
Kevin Fenzi
36105cc348 inventory: leave the bootstrap group 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 15:06:08 -07:00
Kevin Fenzi
0f43b66635 buildhw-x86-02/03.rdu3: initial configuration as builders. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 15:03:53 -07:00
Kevin Fenzi
d0e1d725d8 inventory: drop ocp bootstrap node 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 15:03:38 -07:00
Kevin Fenzi
d2598f422c buildvm-ppc64le.rdu3: oddly, aarch64 kernel does not boot on ppc64le? 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 13:07:36 -07:00
Kevin Fenzi
842fc58fbb buildvm-ppc64le.rdu3: add to base group 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 13:04:27 -07:00
Kevin Fenzi
dc140eecbf buildvm-ppc64le.rdu3: deploy ppc64le builders in rdu3 
Note that these don't do nested virt due to the way we have the host
setup. We are working on changing that, but for now, this should work
fine for normal builds. Only parts of composes that need nested virt
will fail for a week or so until we get a power9 moved to the new dc
or reconfigure a power10 box.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 12:59:44 -07:00
Kevin Fenzi
da9b97676e nagios: There is not a bvmhost-x86-05 in rdu3 staging 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 12:45:39 -07:00
Kevin Fenzi
a81fd4e160 inventory: switch primary os-control host to be os-control01.rdu3 
This means openshift app playbook runs will deploy to rdu3 prod cluster
instead of the iad2 one. If there's still some need to deploy something
to iad2 (unlikely) you can modify the playbook to directly call
os-control01.iad2.

This should make it easier to deploy things to rdu3 prod cluster.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 09:47:07 -07:00
Kevin Fenzi
a130888041 bastion / rdu3 / openvpn_server: setup ccd files for rdu3 bastion openvpn 
This deploys a new set of ccd files to bastion*rdu3 for openvpn.
Right now bastion01.iad2 is the vpn hub/server for all connections.
Once dns is changed and clients restarted, they will connect to
bastion01.rdu3.

These ccd files swap the iad2 for rdu3 servers.
So, for example now 'wiki01.vpn.fedoraproject.org', or 'wiki01' as the
proxies call it, will go to wiki01.iad2.fedoraproject.org.

After the dns switch and client reconnects here,
wiki01.vpn.fedoraproject.org/wiki01's ip will be claimed by
wiki01.rdu3.fedoraproject.org instead and wiki01.iad2 will get a dynamic
ip (or will be just turned off).

This will allow us to more easly move services from proxies.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-28 08:12:44 -07:00
Kevin Fenzi
c1976110a8 rdu3: increase some proc limits in rdu3 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 21:19:49 -07:00
Kevin Fenzi
cfd9ac4059 memcached02: add to correct rdu3 group 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 21:02:24 -07:00
Kevin Fenzi
1b027f42dd releng-compose: nftables, allow rdu3 noc 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 20:43:59 -07:00
Kevin Fenzi
56c028d684 bastion: nftables, allow rdu3 noc 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 20:40:54 -07:00
Francois Andrieu
3fea252fd8 use rsyslogd v8 conf as the default 2025-06-28 01:41:02 +00:00
James Antill
ca73a63415 koji_builder: Don't need rdu3 contacting iad2. 
Signed-off-by: James Antill <james@and.org>
 2025-06-27 21:23:37 -04:00
Kevin Fenzi
032f6ecc60 buildhw: simplify bkernel role conditional 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 17:22:10 -07:00
James Antill
9a3b4670bf koji_builder: Replace openh264.repo instead of remove, due to upgrades. 
Signed-off-by: James Antill <james@and.org>
 2025-06-27 20:06:48 -04:00
Kevin Fenzi
bdf5aaf084 buildhw-x86-01.rdu3: add to correct groups 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 16:53:33 -07:00
Kevin Fenzi
a831568130 buildhw-x86-01.rdu3: fix mac address duplicate 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 16:47:09 -07:00
James Antill
5d24121a32 koji_builder: Remove openh264 repo, packages are external. 
Signed-off-by: James Antill <james@and.org>
 2025-06-27 17:52:59 -04:00
James Antill
1d37a90bda koji_builder: Change out edk2-arm for edk2-aarch64 
Signed-off-by: James Antill <james@and.org>
 2025-06-27 15:54:47 -04:00
Francois Andrieu
80f922c6ff replace iad2 ocp-stg certificate with rdu3 2025-06-27 16:49:04 +00:00
Kevin Fenzi
b82659aa38 buildhw-x86-01.rdu3: cider. fine. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 09:32:25 -07:00
Kevin Fenzi
d4f7c92d3c buildhw-x86-01.rdu3: add missing netmask 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 09:25:23 -07:00
Kevin Fenzi
9fb63a1553 buildhw-x86-01.rdu3: fix variable 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 09:23:04 -07:00
Kevin Fenzi
07b650aadb buildhw-x86-01.rdu3: add config for buildhw that will serve as bkernel in rdu3 for a short time 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 09:20:09 -07:00
Kevin Fenzi
d7337acea8 buildhw: adjust syntax 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 09:08:23 -07:00
Kevin Fenzi
f6b20ead52 buildhw: adjust syntax 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 09:03:47 -07:00
Kevin Fenzi
09aeba8d02 buildhw: fix quoting 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 08:48:17 -07:00
Aurélien Bompard
00e719bb1f MirrorManager: in staging, don't run the cronjobs that need to access the mirrorlist proxies in prod 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-06-27 17:32:48 +02:00
Kevin Fenzi
46cb427235 buildhw-x86-01.rdu3: set this rdu3 buildhw to be a bkernel for now 
This machine has a smart card in it for secure boot signing,
so use it for now for the dc move and then we will move to
the new signing setup that can just use (select) buildvm's and
sigul.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 08:24:00 -07:00
Kevin Fenzi
d1868c86e9 db-openqa01: fix datacenter on rdu3 instance 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 08:21:51 -07:00
Francois Andrieu
3fb6f0bc23 switch ocp_nodes_stg to rdu3 nodes 2025-06-27 15:20:38 +00:00
Aurélien Bompard
5fbb502c4f Fix indentation 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-06-27 17:16:26 +02:00
Kevin Fenzi
4964230bcb postgresql: add db-openqa01.rdu3 to playbook 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 08:05:10 -07:00
Kevin Fenzi
47cc598086 db-openqa01.rdu3: deploy db to rdu3 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-27 07:49:48 -07:00