fedora-infra_ansible

mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-25 11:00:32 +08:00

Author	SHA1	Message	Date
Michal Konecny	df86e98c4d	Add missing staging buildvm host vars	2025-07-03 21:22:25 +02:00
Adam Williamson	64ffac4caf	haproxy: only proxy rabbitmq on rdu3 proxies Prior to `38d138e` this condition existed with 'iad2' instead of 'rdu3'. @abompard took it out entirely, but that was wrong, it makes the external proxies include this block. We need to put the condition back with the correct data center name. Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-07-03 12:05:00 -07:00
Adam Williamson	9da2cfb6f2	haproxy: IPA certs don't depend on data center The IPA cert doesn't change when we move datacenters, because we just replicate across. So it shouldn't have the datacenter in the name. This should fix haproxy deployment (it was broken because we didn't have an 'rdu3' file). Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-07-03 11:55:59 -07:00
Kevin Fenzi	1f05949fbc	add some tags to login-registry Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-03 11:50:58 -07:00
Nils Philippsen	6c85fda0c9	Mass remove/replace iad2 -> rdu3, 10.3. -> 10.16. Signed-off-by: Nils Philippsen <nils@redhat.com>	2025-07-03 20:05:02 +02:00
Adam Williamson	577fb0545b	add openqa_tap12_workers (back) to openqa_tap_workers D'oh, now we need this group again, it needs to be a child of openqa_tap_workers or the configs aren't done right... Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-07-03 10:27:26 -07:00
Kevin Fenzi	c0180dc19e	proxies: drop worker06.vpn as we do not have a 06 anymore Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-03 09:48:57 -07:00
Kevin Fenzi	cf9d0af59a	datanommer02: drop warnings from timescaledb on backups Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-03 09:30:11 -07:00
Aurélien Bompard	9ac53be8ad	Fixup the move from file to template Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2025-07-03 18:21:18 +02:00
Aurélien Bompard	19eee1d9a9	Don't run the file permissions change on each run, it's too long Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2025-07-03 18:20:18 +02:00
Aurélien Bompard	a0d4c1f6df	Factor out in vars the openshift user ids This should make it easier to change them in the next datacenter move. Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2025-07-03 18:09:42 +02:00
Aurélien Bompard	88c228a362	Fix the supplementalGroups in fedora-packages-static Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2025-07-03 16:47:26 +02:00
Kevin Fenzi	1ddf40d2dc	bodhi-backend: drop some more iad2 conditionals Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-03 06:46:19 -07:00
Aurélien Bompard	1244b24408	Activate the bodhi2/backend role for bodhi-backend in rdu3 too Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2025-07-03 15:42:55 +02:00
Kevin Fenzi	ac8b3ec86f	koji-hub: fix proxy principals Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-03 06:01:57 -07:00
Kevin Fenzi	895f72aa43	kojipkgs: adjust varnish for rdu3 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-03 05:39:20 -07:00
Michal Konecny	3f35d57b31	[release-monitoring] Update to F42 Let's update the deployment to Fedora 42. I already tested it out on dev environment and it should work.	2025-07-03 14:10:07 +02:00
Aurélien Bompard	81b59123a8	RabbitMQ: disable useless collectd plugins Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2025-07-03 11:27:25 +02:00
Aurélien Bompard	a5808c8436	RabbitMQ: fix the collectd package name Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2025-07-03 11:10:59 +02:00
Aurélien Bompard	cad444265d	Collectd: only include .conf files in the config dir Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2025-07-03 10:38:57 +02:00
Aurélien Bompard	2042f4ee07	Fix installation of collectd server on RHEL9 Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2025-07-03 08:58:50 +02:00
Aurélien Bompard	981f16ee8f	Fixup `ea5784a05e` Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2025-07-03 08:05:46 +02:00
Aurélien Bompard	253e47796b	RabbitMQ: set the max message processing time to 2 hours Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2025-07-03 07:37:19 +02:00
Adam Williamson	5543191485	correct MAC addresses for openqa-x86-worker01 again ok this time use the output from the right machine adam Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-07-02 21:16:27 -07:00
Adam Williamson	88e7907d4b	correct MAC addresses for openqa-x86-worker01 grrr. Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-07-02 21:12:25 -07:00
Kevin Fenzi	d97f99cdf4	coreos-ostree-importer: set storageClassName to nothing Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 20:57:21 -07:00
James Antill	ec5be36747	distgit: Add a mini docs comment for IP_ALLOWED_INTERNAL, just in case. Signed-off-by: James Antill <james@and.org>	2025-07-02 23:35:35 -04:00
James Antill	8885a76136	distgit: Change iad2 to rdu3 IPs for distgit. Signed-off-by: James Antill <james@and.org>	2025-07-02 23:25:05 -04:00
Adam Williamson	099406f1b9	openqa/worker tap: set CAP_NET_ADMIN on qemu I have no idea why we didn't need this before, but we seem to need it now. Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-07-02 20:08:18 -07:00
Adam Williamson	5e737c675c	openqa: disable ppc64le on lab for now We don't have any workers. We may turn this back on later, or... not. Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-07-02 19:54:44 -07:00
Adam Williamson	03c5676da3	Rename br0 to bondbr0 on all openQA worker hosts This is the main system connection, a bridge over a pair of bonded ethernet ports. We want to let the openQA openvswitch bridge be br0 in case that makes it fricking work again, so this needs to be called something else to allow that. Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-07-02 17:35:29 -07:00
Adam Williamson	9d931214ea	Revert "openQA: rename openvswitch bridge device to avoid conflict" This reverts commit `4dc01bc892` and a follow-up commit. I'm having trouble getting things to work and want to see if it works if we go back to having the openQA bridge be br0, and rename the bridge used for the system's bonded network connection to something else instead.	2025-07-02 17:25:18 -07:00
Adam Williamson	10b68ac01f	openqa/worker: remove old unused files Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-07-02 17:23:42 -07:00
Adam Williamson	b343d8de52	Try and fix openQA bridge config Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-07-02 16:20:39 -07:00
Kevin Fenzi	90ed0a38e0	pkgs: change the pagure user to uid 1000 for suexec, block in sssd The pagure user needs to be uid 1000 because suexec won't let users with uid under that suexec. ;( Also, filter pagure user out in sssd so we get the local user. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 15:25:17 -07:00
Adam Williamson	f7ca68a38e	openqa/dispatcher: install resultsdb_conventions I thought/assumed/knew/something? that resultsdb_conventions_fedora required resultsdb_conventions, but right now it seems it doesn't. It should, but I can't fix it right now as the buildsystem is down, so let's just install it here... Signed-off-by: Adam Williamson <awilliam@redhat.com>	2025-07-02 15:20:09 -07:00
Kevin Fenzi	70ee9cda84	pkgs: set ipa_host_group_desc or ipa playbook errors failed: [pkgs01.rdu3.fedoraproject.org -> ipa01.rdu3.fedoraproject.org] (item=ipa_host_group_desc) => {"ansible_loop_var": "item", "changed": false, "item": "ipa_host_group_desc", "msg": "`ipa_host_group_desc` is not defined"} Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 14:52:48 -07:00
Kevin Fenzi	7855344443	pkgs: create a local pagure user. Seems like we set this up many years ago for staging, but then we added a comment to do it for prod and never did. This is needed in todays rdu3 setup. The pagure user needs to be local so it can sudo with the local sudo config instead of the ipa sudo config. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 14:46:56 -07:00
Kevin Fenzi	1df69acbfd	kojibuilder: nftables: drop a rdu3 restriction, we need this for s390x as well Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 14:15:46 -07:00
Kevin Fenzi	2b7406be4c	poddlers: use fqdn for memcached02 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 14:02:03 -07:00
Kevin Fenzi	160cbd7932	inventory: switch everything back to mtu 1500 We have been hitting lots of weird problems going accross vlans in rdu3 with mtu 9000. For now and to stablize things, lets just switch everything back to 1500. We can revisit this down the road, but stablity is better than a few % of overhead. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 13:26:11 -07:00
Kevin Fenzi	07b5336e55	nftables: rework for s390x builders, rip out iad2 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 12:40:06 -07:00
Kevin Fenzi	2e4c63f83d	kickstarts: The first few sank into the swamp, but this one... this one... Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 12:02:14 -07:00
Kevin Fenzi	9c956c6505	kickstarts: need Everything repo too Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 11:41:31 -07:00
Kevin Fenzi	6b70553e22	kickstarts: add missing /os to path Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 11:34:33 -07:00
Kevin Fenzi	abeb65c40a	kickstarts: fix transposed path in url Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 11:11:30 -07:00
Kevin Fenzi	40147157cb	kickstarts: fix s390x url Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 10:56:16 -07:00
Kevin Fenzi	c5fea2e61c	buildvm_s390x: actually use the new kickstart Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 10:43:54 -07:00
Kevin Fenzi	aaffab1d9d	kickstarts: add a special s390x kickstart that uses infra directly Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 10:36:46 -07:00
Kevin Fenzi	846638ba2c	postfix: fix some relayhosts that were still trying to use iad2 in rdu3 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2025-07-02 10:04:54 -07:00

1 2 3 4 5 ...

43689 Commits