WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-29 21:10:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
43,401 Commits 9 Branches 0 Tags
7aa7553b84af5dc8efa78e9d8a4e50dde369052d
Commit Graph

8856 Commits

Author SHA1 Message Date
James Antill
a634122b7f postgresql-server: Fix db-datanommer02 typo. 
Signed-off-by: James Antill <james@and.org>
 2025-06-24 18:15:12 -04:00
Kevin Fenzi
f68fa52107 openshift / staging / rdu3: fix kernel filename 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-24 12:54:22 -07:00
Kevin Fenzi
3d208ad979 openshift / staging / rdu3: enable bootstrap node, fix path on kernel download. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-24 12:51:15 -07:00
James Antill
34a0144950 Add prod db03.rdu3.* to groups/mariadb-server.yml 
Signed-off-by: James Antill <james@and.org>
 2025-06-24 18:47:31 +00:00
James Antill
b4a9b84fec Add prod db*.rdu3.* to groups/postgresql-server.yml 
Signed-off-by: James Antill <james@and.org>
 2025-06-24 18:47:31 +00:00
Kevin Fenzi
713af9ea3a proxies: move coreos cincinnati to rdu3 openshift 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-24 11:44:16 -07:00
Michal Konecny
39ca0fe099 [ipsilon] Add RDU3 centos machines 
To prevent removing RDU3 centos machines from HBAC rule let's add them
to task. For more info see https://pagure.io/fedora-infrastructure/issue/12514
 2025-06-24 08:11:51 +00:00
James Antill
cb326914b5 Add db03.stg.rdu3.* to groups/mariadb-server.yml 
Signed-off-by: James Antill <james@and.org>
 2025-06-24 01:58:01 +00:00
James Antill
a783db6a1c Add db*.stg.rdu3.* to groups/postgresql-server.yml 
Signed-off-by: James Antill <james@and.org>
 2025-06-24 01:58:01 +00:00
Kevin Fenzi
243687ab0e log01.rdu3: also mount nfs and setup other crons on log01.rdu3 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-22 09:13:26 -07:00
Kevin Fenzi
8f849f9ae0 proxies: we need the ocp-rdu3 sites on all proxies 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-22 08:53:42 -07:00
Kevin Fenzi
bb34f3506a nagios-rdu3: add website, proxy, vpn endpoint 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-20 20:48:07 -07:00
Kevin Fenzi
449385c8b0 nagios: move rdu3 hosts over to noc01.rdu3 
Also open firewalls to allow noc03.rdu3 to access them.
Also enable nagios_server on noc01.rdu3.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-20 20:29:24 -07:00
Kevin Fenzi
a1b905d8e4 virthost: drop these conditionals for nagios_client and collectd 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-20 19:47:10 -07:00
Greg Sutcliffe
f6209410a7 backup01.rdu3: add new host to rdu3 
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
 2025-06-20 13:22:57 +01:00
Kevin Fenzi
a15935f6ac tang: setup tang for rdu3 virthosts 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-19 15:16:36 -07:00
Kevin Fenzi
ae1a0c4800 buildvm-ppc64le-osbuild: drop these for now as they are not currently needed 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-19 09:57:26 -07:00
Kevin Fenzi
c3b66efa9f download/rdu3: also try nfs mounts in rdu3 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-16 14:16:23 -07:00
Kevin Fenzi
f9c8e842b7 download / rdu3: add rdu3 download servers 
This will allow us to test ro mounts from the rdu3 netapp.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-16 14:02:36 -07:00
Kevin Fenzi
a6c096617b proxies: openshift rdu3 
So, we renamed the cluster with the ocp-rdu3 name, so drop all this
special handling. All the proxies should be able to reach it by that
name and via the vpn endpoints it has.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-16 11:10:08 -07:00
Kevin Fenzi
23d71ae40f proxies / rdu3: set rdu3 proxies to proxy to the rdu3 openshift cluster 
The iad2 and rdu3 openshift clusters have the same name
(yes, I know, I was trying to be clever!)
So, in rdu3 we want *.apps.ocp.fedoraproject.org to proxy to the rdu3
cluster and everywhere else to the iad2 cluster (until we move).
This should point proxy01.rdu3 and proxy10.rdu3 the right way.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-16 09:42:55 -07:00
Kevin Fenzi
b07a636045 openshift / openvpn: also run on rdu3 control host 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-15 15:17:34 -07:00
Kevin Fenzi
e7e6db8d8d proxies: rename ocp4-rdu3 to ocp4_rdu3 to hopefully get jinja2 to leave it alone 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-14 14:30:00 -07:00
Kevin Fenzi
2f25595228 proxies / rdu3: perhaps destname cannot have a . in it 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-14 13:40:37 -07:00
Kevin Fenzi
63b02e9098 proxies: use double quotes 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-14 13:09:42 -07:00
Kevin Fenzi
99fe2b3fd6 proxies: also install the rdu3 ocp cert 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-14 13:01:34 -07:00
Kevin Fenzi
2691464323 proxies: set ocp4 false when ocp4-rdu3 is true 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-14 12:56:54 -07:00
Kevin Fenzi
e1132667d3 proxies: add a ocp-rdu3 site/endpoint to get to the new rdu3 prod openshift 
We can't use easily the existing hostname/site, as that goes to the
current iad2 cluster, so setup a -rdu3 version for now.
After we switch we can drop this and repoint the main one to the new
cluster.

Hopefully this all works and does the right thing.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-14 12:35:20 -07:00
Kevin Fenzi
6a6c146be2 openshift: link to the x86_64 metal image 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-12 14:52:39 -07:00
Kevin Fenzi
6bde401847 openshift: fix image urls for kernel/initramfs 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-12 14:49:03 -07:00
Kevin Fenzi
d3680e903a openshift: fix image urls more, correct vm ips 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-12 14:45:10 -07:00
Kevin Fenzi
6aadc84164 openshift: update download url for images 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-12 14:40:47 -07:00
Kevin Fenzi
f3b3dfb855 bodhi-backend: fix missing quote 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-11 10:43:11 -07:00
Kevin Fenzi
e5cef312a8 bodhi-backend01.rdu3: add bodhi-backend in rdu3 
This does not include actual bodhi role or nfs mounts yet.
It's mostly just to allow testing of new signing infra.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-06-11 09:04:49 -07:00
Lukas Brabec
8461d23f1d Add kparal as appowner to FQA apps 2025-06-09 16:44:46 +02:00
Kevin Fenzi
2cc8fabdbf virthost: no collectd client packages on rhel10 yet 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-30 20:06:07 -07:00
Kevin Fenzi
56c8dcc832 virthost: no zabbix client packages on rhel10 yet 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-30 19:56:43 -07:00
Kevin Fenzi
1052da754a virthost: no nagios client packages on rhel10 yet 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-30 19:49:57 -07:00
Kevin Fenzi
8f0ce956eb virthost: no rkhunter on rhel10 yet 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-30 19:43:30 -07:00
Kevin Fenzi
ec28dcbcb9 os-control: install unzip and tar as they are used later in playbooks 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-30 17:15:48 -07:00
Kevin Fenzi
76bda7e176 New kickstarts role 
Move kickstarts into ansible from the side repo they were in before.
Hopefully this will make it easier for people to contibute to them
and see what they are. All sensitive info here should be templated
out from the private repo.

note that before we merge/run this, we need to move the old repo
out of the way in the location we are syncing to.
We can gradually move other kickstarts out of the old repo into this
role as we need them to build rdu3 out.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-28 21:57:12 +00:00
Aurélien Bompard
f4de93c8ed Planet: avoid duplicate route name 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-05-28 12:17:48 +02:00
Aurélien Bompard
adc11a9235 Planet: fix the keytab 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2025-05-28 12:13:44 +02:00
Kevin Fenzi
9dc7f4adcf noc01.rdu3: someday I will get logic right 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-22 10:35:33 -07:00
Kevin Fenzi
2259edea1a noc01.rdu3: adjust openvpn logic 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-22 10:30:43 -07:00
Kevin Fenzi
81f9f0d09c noc01.rdu3: add a rdu3 noc server 
No nagios for now, but dhcp and tftp and such.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-22 10:01:27 -07:00
Kevin Fenzi
ebe5fa82a1 rdu3: fix a logic conditional thinko 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-21 16:28:25 -07:00
Kevin Fenzi
0442382c59 dns: no vpn wanted in rdu3 dns either 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-21 15:47:23 -07:00
Kevin Fenzi
f8eacdb62b bastion01.rdu3: A wild bastion01.rdu3 appears, lets try and configure it. 
This should setup a already installed bastion01.rdu3 vm so we can use it
to get to other rdu3 machines.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2025-05-21 12:37:13 -07:00
Adam Piasecki
e43c256356 coreos-cincinnati: move templates from yml to j2 
As we are now moving templates to j2, this completes the process
for the coreos-cincinnati.
 2025-05-20 16:33:54 +00:00