Rename install-ansible to bootstrap-bridge

This used to be called "bridge", but was then renamed with
Ia7c8dd0e32b2c4aaa674061037be5ab66d9a3581 to install-ansible to be
clearer.

It is true that this is installing Ansible, but as part of our
reworking for parallel jobs this is the also the synchronisation point
where we should be deploying the system-config code to run for the
buildset.

Thus naming this "boostrap-bridge" should hopefully be clearer again
about what's going on.

I've added a note to the job calling out it's difference to the
infra-prod-service-bridge job to hopefully also avoid some of the
inital confusion.

Change-Id: I4db1c883f237de5986edb4dc4c64860390cc8e22
This commit is contained in:
Ian Wienand 2021-12-03 11:32:31 +11:00
parent 362d8fa147
commit 73a9acc7ad
5 changed files with 43 additions and 33 deletions

View File

@ -1,5 +1,5 @@
- hosts: bridge.openstack.org:!disabled
name: "Bridge: boostrap the bastion host"
name: "Bridge: bootstrap the bastion host"
become: true
roles:
- pip3

View File

@ -1,4 +1,4 @@
- import_playbook: ../install-ansible.yaml
- import_playbook: ../bootstrap-bridge.yaml
vars:
root_rsa_key: "{{ lookup('file', zuul.executor.work_root + '/' + zuul.build + '_id_rsa', rstrip=False) }}"
ansible_cron_disable_job: true

View File

@ -30,17 +30,28 @@
nodes: []
- job:
name: infra-prod-install-ansible
name: infra-prod-bootstrap-bridge
parent: infra-prod-playbook
description: Install ansible on bridge.
description: |
Configure the bastion host (bridge)
This job does minimal configuration on the bastion host
(bridge.openstack.org) to allow it to run system-config
playbooks against our production hosts. It sets up Ansible on
the host.
Note that this is separate to infra-prod-service-bridge;
bridge in it's role as the bastion host actaully runs that
against itself; it includes things not strictly needed to make
the host able to deploy system-config.
vars:
playbook_name: install-ansible.yaml
playbook_name: bootstrap-bridge.yaml
files:
- inventory/
- roles/
- install_modules.sh
- modules.env
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/roles/pip3/
- playbooks/roles/install-ansible/
- playbooks/roles/logrotate/
@ -363,7 +374,6 @@
playbook_name: service-zuul.yaml
files:
- inventory/base
- playbooks/install-ansible.yaml
- playbooks/service-zuul.yaml
- inventory/service/group_vars/zuul
- inventory/service/group_vars/zookeeper.yaml

View File

@ -358,12 +358,12 @@
# This installs the ansible on bridge that all the infra-prod
# jobs will run with. Note the jobs use this ansible to then
# run against zuul's checkout of system-config.
- infra-prod-install-ansible
- infra-prod-bootstrap-bridge
# From now on, all jobs should depend on base
- infra-prod-base: &infra-prod-base
dependencies:
- name: infra-prod-install-ansible
- name: infra-prod-bootstrap-bridge
soft: true
# Legacy puppet hosts
@ -611,7 +611,7 @@
- zuul-ci-goaccess-report
# Nightly runs of ansible things for catchup
# Keep in order from above
- infra-prod-install-ansible
- infra-prod-bootstrap-bridge
- infra-prod-base: *infra-prod-base
- infra-prod-remote-puppet-else: *infra-prod-remote-puppet-else
- infra-prod-letsencrypt: *infra-prod-letsencrypt
@ -649,7 +649,7 @@
opendev-prod-hourly:
jobs:
- infra-prod-install-ansible
- infra-prod-bootstrap-bridge
- infra-prod-service-bridge: *infra-prod-service-bridge
- infra-prod-service-nodepool: *infra-prod-service-nodepool
- infra-prod-service-registry: *infra-prod-service-registry

View File

@ -212,7 +212,7 @@
host_copy_output:
'/var/log/acme.sh': logs
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- inventory/service/group_vars/letsencrypt.yaml
# This is split because we ant to avoid
# ...create-certs/handlers/main.yaml matching since every
@ -243,7 +243,7 @@
required-projects:
- opendev/system-config
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- inventory/service/host_vars/lists.openstack.org.yaml
- inventory/service/host_vars/lists.katacontainers.io.yaml
- inventory/service/group_vars/mailman.yaml
@ -296,7 +296,7 @@
# Test our ad hoc restart playbook works
- playbooks/nodepool_restart.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- inventory/service/group_vars/nodepool.yaml
- inventory/service/group_vars/nodepool-builder.yaml
- inventory/service/group_vars/nodepool-launcher.yaml
@ -331,7 +331,7 @@
'/etc/bind/named.conf': logs
'/var/lib/bind/zones': logs
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- inventory/service/group_vars/adns.yaml
- inventory/service/group_vars/dns.yaml
- inventory/service/host_vars/(ad)?ns\d+.opendev.org.yaml
@ -364,7 +364,7 @@
files:
- playbooks/service-borg-backup.yaml
- playbooks/test-borg-bcakup.yaml
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/roles/install-borg
- playbooks/roles/borg-backup
- playbooks/zuul/templates/host_vars/borg-backup
@ -404,7 +404,7 @@
'/var/log/acme.sh': logs
'/etc/apache2/sites-available/mirror.conf': logs
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- roles/
- playbooks/roles/base/
- inventory/service/group_vars/mirror.yaml
@ -454,7 +454,7 @@
run_playbooks:
- playbooks/service-mirror-update.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- roles/
- playbooks/roles/mirror-update/
- playbooks/roles/reprepro/
@ -482,7 +482,7 @@
'/var/registry/auth': logs
'/var/registry/certs': logs
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- inventory/service/group_vars/registry.yaml
- inventory/service/host_vars/insecure-ci-registry\d+.opendev.org.yaml
- playbooks/zuul/templates/group_vars/registry.yaml.j2
@ -512,7 +512,7 @@
- playbooks/letsencrypt.yaml
- playbooks/service-codesearch.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-codesearch.yaml
- playbooks/roles/codesearch/
@ -539,7 +539,7 @@
- playbooks/letsencrypt.yaml
- playbooks/service-etherpad.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-etherpad.yaml
- playbooks/roles/etherpad/
@ -592,7 +592,7 @@
host_copy_output:
'/var/haproxy/etc': logs
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-gitea-lb.yaml
- playbooks/service-gitea.yaml
@ -643,7 +643,7 @@
- playbooks/service-grafana.yaml
run_test_playbook: playbooks/test-grafana.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-grafana.yaml
- playbooks/roles/grafana/
@ -675,7 +675,7 @@
host_copy_output:
'/var/log/graphite': logs
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-graphite.yaml
- playbooks/roles/graphite
@ -735,7 +735,7 @@
host_copy_output:
'/var/jitsi-meet': logs
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- inventory/service/group_vars/meetpad.yaml
- inventory/service/host_vars/meetpad\d+.opendev.org.yaml
- playbooks/roles/letsencrypt-create-certs/handlers/restart_jitsi_meet.yaml
@ -767,7 +767,7 @@
- playbooks/service-paste.yaml
run_test_playbook: playbooks/test-paste.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-paste.yaml
- playbooks/roles/lodgeit
@ -791,7 +791,7 @@
run_playbooks:
- playbooks/service-zookeeper.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- inventory/service/group_vars/zookeeper.yaml
- ^inventory/service/host_vars/zk\d+\..*
- playbooks/roles/zookeeper/
@ -817,7 +817,7 @@
run_playbooks:
- playbooks/service-zuul-preview.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/roles/zuul-preview/
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
@ -871,7 +871,7 @@
host_copy_output:
'/etc/hosts': logs
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/service-zookeeper.yaml
- playbooks/service-zuul.yaml
- inventory/service/group_vars/zuul
@ -918,7 +918,7 @@
'/var/log/apache2/': logs
'/var/log/acme.sh': logs
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-review.*.yaml
- playbooks/test-review.yaml
@ -984,7 +984,7 @@
- playbooks/letsencrypt.yaml
- playbooks/service-static.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/roles/static/
- playbooks/roles/letsencrypt
- playbooks/letsencrypt.yaml
@ -1023,7 +1023,7 @@
- playbooks/service-refstack.yaml
container_command: docker
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- inventory/service/group-vars/refstack.yaml
- playbooks/zuul/templates/group_vars/refstack.yaml.j2
- playbooks/roles/refstack/
@ -1063,5 +1063,5 @@
- playbooks/service-kerberos.yaml
run_test_playbook: playbooks/test-kerberos.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/bootstrap-bridge.yaml
- playbooks/roles/kerberos-kdc/