Cleanup opensuse mirroring configs entirely
This should cleanup our mirror update server so that we no longer have configes (cron, scripts, logrotate rules, etc) for mirroring opensuse. It won't clean up the afs volume, but we can get to that later (and it will probably require manual intervention). This cleanup is done in a way that it should be able to be applied to future cleanups too (like when centos 8 stream goes away and everything is centos stream specific). Change-Id: Ib5d15ce800ff0620187345e1cfec0b7b5d65bee5
This commit is contained in:
parent
a0ae3481dd
commit
515abdec64
9
playbooks/roles/logrotate/tasks/cleanup.yaml
Normal file
9
playbooks/roles/logrotate/tasks/cleanup.yaml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
# Hash the full path to avoid any conflicts but remain idempotent.
|
||||||
|
- name: Create a unique config name
|
||||||
|
set_fact:
|
||||||
|
logrotate_generated_config_file_name: "{{ (logrotate_file_name | hash('sha1'))[0:6] }}.conf"
|
||||||
|
|
||||||
|
- name: Cleanup the indicated file
|
||||||
|
file:
|
||||||
|
state: absent
|
||||||
|
path: '/etc/logrotate.d/{{ logrotate_generated_config_file_name }}'
|
@ -1,66 +0,0 @@
|
|||||||
#!/bin/bash -xe
|
|
||||||
# Copyright 2017 SUSE Linux GmbH
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
||||||
# not use this file except in compliance with the License. You may obtain
|
|
||||||
# a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
||||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
||||||
# License for the specific language governing permissions and limitations
|
|
||||||
# under the License.
|
|
||||||
|
|
||||||
source /usr/share/mirror-update/functions.sh
|
|
||||||
|
|
||||||
MIRROR_VOLUME=$1
|
|
||||||
|
|
||||||
# Runs with timeout under cron
|
|
||||||
if [[ ${UNDER_CRON:-0} -eq 0 ]]; then
|
|
||||||
echo_ts "Running interactively"
|
|
||||||
TIMEOUT=""
|
|
||||||
set -x
|
|
||||||
else
|
|
||||||
TIMEOUT="timeout -k 2m 90m"
|
|
||||||
fi
|
|
||||||
|
|
||||||
BASE="/afs/.openstack.org/mirror/opensuse"
|
|
||||||
MIRROR="rsync://mirror.clarkson.edu/opensuse/opensuse"
|
|
||||||
OBS_MIRROR="rsync://provo-mirror.opensuse.org/opensuse/repositories"
|
|
||||||
OBS_REPOS=()
|
|
||||||
K5START="k5start -t -f /etc/opensuse.keytab service/opensuse-mirror -- $TIMEOUT"
|
|
||||||
|
|
||||||
# NOTE(hwoarang): Ensure old distros are not mirrored aymore
|
|
||||||
for REPO in distribution/leap update/leap \
|
|
||||||
repositories/Cloud: \
|
|
||||||
repositories/Virtualization: \
|
|
||||||
repositories/network: ; do
|
|
||||||
if [ -d $BASE/$REPO ]; then
|
|
||||||
$K5START rm -rf $BASE/$REPO
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
date --iso-8601=ns
|
|
||||||
for obs_repo in ${OBS_REPOS[@]}; do
|
|
||||||
REPO=repositories/${obs_repo}/
|
|
||||||
if ! [ -f $BASE/$REPO ]; then
|
|
||||||
$K5START mkdir -p $BASE/$REPO
|
|
||||||
fi
|
|
||||||
echo "Running rsync ${obs_repo} ..."
|
|
||||||
$K5START rsync -rltvz \
|
|
||||||
--delete --stats \
|
|
||||||
--delete-excluded \
|
|
||||||
--exclude="src/" \
|
|
||||||
--exclude="nosrc/" \
|
|
||||||
--exclude=".~tmp~" \
|
|
||||||
$OBS_MIRROR/$obs_repo/ $BASE/$REPO
|
|
||||||
done
|
|
||||||
|
|
||||||
date --iso-8601=ns | $K5START tee $BASE/timestamp.txt
|
|
||||||
echo "rsync completed successfully, running vos release."
|
|
||||||
vos_release $MIRROR_VOLUME
|
|
||||||
|
|
||||||
date --iso-8601=ns
|
|
||||||
echo "Done."
|
|
@ -19,9 +19,15 @@
|
|||||||
- epel
|
- epel
|
||||||
- fedora
|
- fedora
|
||||||
- openeuler
|
- openeuler
|
||||||
- opensuse
|
|
||||||
- yum-puppetlabs
|
- yum-puppetlabs
|
||||||
|
|
||||||
|
- name: Cleanup old unused rsync mirroring scripts
|
||||||
|
set_fact:
|
||||||
|
cleanup_rsync_update_scripts:
|
||||||
|
- opensuse
|
||||||
|
|
||||||
|
##### Script creation #####
|
||||||
|
|
||||||
- name: Copy keytab files in place
|
- name: Copy keytab files in place
|
||||||
shell: 'echo "{{ lookup("vars", "mirror_update_keytab_" + item) }}" | base64 -d > /etc/{{ item }}.keytab'
|
shell: 'echo "{{ lookup("vars", "mirror_update_keytab_" + item) }}" | base64 -d > /etc/{{ item }}.keytab'
|
||||||
args:
|
args:
|
||||||
@ -60,3 +66,36 @@
|
|||||||
logrotate_file_name: '/var/log/rsync-mirrors/{{ item }}.log'
|
logrotate_file_name: '/var/log/rsync-mirrors/{{ item }}.log'
|
||||||
logrotate_frequency: 'weekly'
|
logrotate_frequency: 'weekly'
|
||||||
loop: '{{ rsync_update_scripts }}'
|
loop: '{{ rsync_update_scripts }}'
|
||||||
|
|
||||||
|
##### Script deletion #####
|
||||||
|
|
||||||
|
# Remove the cron first to avoid any races with cron execution.
|
||||||
|
- name: Delete old mirroring cron jobs
|
||||||
|
cron:
|
||||||
|
name: '{{ item }} mirror sync'
|
||||||
|
state: absent
|
||||||
|
job: 'flock -n /var/run/{{ item }}-mirror.lock {{ item }}-mirror-update mirror.{{ item }} >> /var/log/rsync-mirrors/{{ item }}.log 2>&1'
|
||||||
|
hour: '*/6'
|
||||||
|
minute: '{{ 45 | random(seed=item) }}'
|
||||||
|
loop: '{{ cleanup_rsync_update_scripts }}'
|
||||||
|
|
||||||
|
- name: Delete old keytab files
|
||||||
|
file:
|
||||||
|
path: '/etc/{{ item }}.keytab'
|
||||||
|
state: absent
|
||||||
|
loop: '{{ cleanup_rsync_update_scripts }}'
|
||||||
|
no_log: True
|
||||||
|
|
||||||
|
- name: Delete old rsync mirror scripts
|
||||||
|
file:
|
||||||
|
path: '/usr/local/bin/{{ item }}-mirror-update'
|
||||||
|
state: absent
|
||||||
|
loop: '{{ cleanup_rsync_update_scripts }}'
|
||||||
|
|
||||||
|
- name: Delete old logrotate rules
|
||||||
|
include_role:
|
||||||
|
name: logrotate
|
||||||
|
tasks_from: cleanup
|
||||||
|
vars:
|
||||||
|
logrotate_file_name: '/var/log/rsync-mirrors/{{ item }}.log'
|
||||||
|
loop: '{{ cleanup_rsync_update_scripts }}'
|
||||||
|
@ -32,11 +32,15 @@ def test_rsync_scripts(host):
|
|||||||
'epel',
|
'epel',
|
||||||
'fedora',
|
'fedora',
|
||||||
'openeuler',
|
'openeuler',
|
||||||
'opensuse',
|
|
||||||
'yum-puppetlabs']:
|
'yum-puppetlabs']:
|
||||||
f = host.file('/usr/local/bin/%s-mirror-update' % script)
|
f = host.file('/usr/local/bin/%s-mirror-update' % script)
|
||||||
assert f.exists
|
assert f.exists
|
||||||
|
|
||||||
|
def test_rsync_scripts_removed(host):
|
||||||
|
for script in ['opensuse']:
|
||||||
|
f = host.file('/usr/local/bin/%s-mirror-update' % script)
|
||||||
|
assert not f.exists
|
||||||
|
|
||||||
def test_publisher_script(host):
|
def test_publisher_script(host):
|
||||||
f = host.file('/usr/local/bin/publish-mirror-logs')
|
f = host.file('/usr/local/bin/publish-mirror-logs')
|
||||||
assert f.exists
|
assert f.exists
|
||||||
@ -49,7 +53,6 @@ def test_keytabs(host):
|
|||||||
'/etc/epel.keytab',
|
'/etc/epel.keytab',
|
||||||
'/etc/fedora.keytab',
|
'/etc/fedora.keytab',
|
||||||
'/etc/openeuler.keytab',
|
'/etc/openeuler.keytab',
|
||||||
'/etc/opensuse.keytab',
|
|
||||||
'/etc/yum-puppetlabs.keytab',
|
'/etc/yum-puppetlabs.keytab',
|
||||||
'/etc/reprepro.keytab']:
|
'/etc/reprepro.keytab']:
|
||||||
|
|
||||||
@ -58,6 +61,11 @@ def test_keytabs(host):
|
|||||||
assert f.sha256sum == KEYTAB_SHA256
|
assert f.sha256sum == KEYTAB_SHA256
|
||||||
assert f.mode == 0o400
|
assert f.mode == 0o400
|
||||||
|
|
||||||
|
def test_keytabs_removed(host):
|
||||||
|
for keytab in ['/etc/opensuse.keytab']:
|
||||||
|
f = host.file(keytab)
|
||||||
|
assert not f.exists
|
||||||
|
|
||||||
def test_afs_release_script(host):
|
def test_afs_release_script(host):
|
||||||
f = host.file('/opt/afs-release/release-volumes.py')
|
f = host.file('/opt/afs-release/release-volumes.py')
|
||||||
assert f.exists
|
assert f.exists
|
||||||
|
Loading…
Reference in New Issue
Block a user