14133 Commits

Author SHA1 Message Date
James E. Blair
76c7720df1 Install openshift module on bridge
This is so that we can use the ansible k8s_raw module on bridge
to interact with k8s clusters.

Change-Id: I1bc0de734a8635db528ce159bad6710246309fb9
2018-12-20 13:02:40 -08:00
Zuul
65527237f5 Merge "Enable github shared admin account" 2018-12-19 02:29:12 +00:00
Zuul
bd0a9ff01f Merge "Remove test_firewall.py" 2018-12-18 20:26:06 +00:00
Zuul
f5b19b4598 Merge "Turn on the future parser for elasticsearch.openstack.org" 2018-12-18 20:17:52 +00:00
Zuul
6ae18c6f90 Merge "Run a local MySQL service on StoryBoard servers" 2018-12-18 19:35:41 +00:00
James E. Blair
4e9597b5a2 Remove test_firewall.py
This was special non-docker testing of iptables, however, the testing
of iptables which is applied everywhere works for docker too.  This
is not necessary.

Change-Id: I9ec73874b89f8013bbc7e2d08e33d55e8cebca0f
2018-12-18 11:23:29 -08:00
Zuul
686651c75d Merge "Import install-docker role" 2018-12-18 17:08:15 +00:00
Zuul
97afa829ae Merge "Collect syslogs from nodes in ansible tests" 2018-12-18 17:08:12 +00:00
Zuul
1079fc5cbf Merge "Set iptables forward drop by default" 2018-12-18 17:08:11 +00:00
Zuul
854f3ba29f Merge "Turn on the future parser for subunit workers" 2018-12-18 01:00:43 +00:00
Zuul
2f6804e8a3 Merge "Set CacheIgnoreCacheControl on pypi proxy cache" 2018-12-17 20:26:41 +00:00
Zuul
cba45bdee8 Merge "Copy pasta the debian base server bits, don't include them" 2018-12-17 19:11:24 +00:00
Zuul
0469710073 Merge "Update favicon for newer OpenStack logo" 2018-12-17 17:01:55 +00:00
Zuul
46fe20acc7 Merge "Manage the favicon.ico file for the wiki" 2018-12-17 16:36:32 +00:00
Zuul
399f98f1f5 Merge "Stop running unnecessary tests on trusty" 2018-12-17 13:26:39 +00:00
melissaml
54ecfe0ef4 Change openstack-dev to openstack-discuss
Mailinglists have been updated. Openstack-discuss replaces
openstack-dev.

Change-Id: If72585a6d360bac1696fb75ce1583a44c6dbb662
2018-12-17 10:26:01 +11:00
Clark Boylan
bde73bb690 Stop running unnecessary tests on trusty
We tag our site.pp with annotations that indicate if certain hosts
should be testedo ntrusty or not. We've semi recently upgraded several
services that no longer need to be tested on trusty so we remove them
here.

Change-Id: I79e6e1e555eca9e93acb37303a80cecae7d8d92d
2018-12-14 14:02:14 -08:00
Clark Boylan
a8d35bb4bd Copy pasta the debian base server bits, don't include them
The arm64 nodes install special kernels so we have a dedicated
base-server task list for them. To reduce duplication we were then
include_tasks: Debian.yaml but this seems to result in the ansible play
crashing there and continuing with the next play in the playbook as if
there were no failure/error.

This is concerning but to deal with this in the present lets copy pasta
the debian bits so things hopefully work again then go from there.

Logs of this occurring:

  2018-12-14 20:54:28,515 p=11685 u=root |  TASK [base-server : Install HWE kernel for arm64] ******************************
  2018-12-14 20:54:28,515 p=11685 u=root |  Friday 14 December 2018  20:54:28 +0000 (0:00:14.672)       0:08:06.479 *******
  2018-12-14 20:54:32,564 p=11685 u=root |  ok: [mirror01.london.linaro-london.openstack.org]
  2018-12-14 20:54:32,747 p=11685 u=root |  ok: [nb03.openstack.org]
  2018-12-14 20:54:32,843 p=11685 u=root |  ok: [mirror01.nrt1.arm64ci.openstack.org]
  2018-12-14 20:54:33,727 p=11685 u=root |  ok: [mirror01.cn1.linaro.openstack.org]
  2018-12-14 20:54:33,777 p=11685 u=root |  TASK [base-server : Include generic Debian tasks] ******************************
  2018-12-14 20:54:33,778 p=11685 u=root |  Friday 14 December 2018  20:54:33 +0000 (0:00:05.262)       0:08:11.741 *******
  2018-12-14 20:54:34,023 p=11685 u=root |  PLAY [Base: configure OpenStackSDK on bridge] **********************************
  2018-12-14 20:54:34,052 p=11685 u=root |  TASK [include_role : configure-openstacksdk] ***********************************

Change-Id: I20dbd5b4c768c967c82f786a7cb1d5261bf5b494
2018-12-14 13:36:07 -08:00
Zuul
c5dba5e53f Merge "Add rust-vmm OpenDev ML" 2018-12-14 20:13:27 +00:00
Zuul
6b96f59405 Merge "Turn on the future parser for logstash.openstack.org" 2018-12-14 20:00:31 +00:00
Ian Wienand
f07bf2a507 Import install-docker role
This is a role for installing docker on our control-plane servers.

It is based on install-docker from zuul-jobs.

Basic testinfra tests are added; because docker fiddles the iptables
rules in magic ways, the firewall testing is moved out of the base
tests and modified to partially match our base firewall configuration.

Change-Id: Ia4de5032789ff0f2b07d4f93c0c52cf94aa9c25c
2018-12-14 11:30:47 -08:00
Ian Wienand
860b0f9773 Collect syslogs from nodes in ansible tests
This collects syslogs from nodes running in our ansible gate tests.
The node's logs are grouped under a "hosts" directory (the bridge.o.o
logs are moved there for consistentcy too).

Change-Id: I3869946888f09e189c61be4afb280673aa3a3f2e
2018-12-14 10:33:27 -08:00
Clark Boylan
94eb7e5d2b Set iptables forward drop by default
Docker wants to set FORWARD DROP but our existing rules set FORWARD
ACCEPT. To avoid these two services fighting over each other and to
simplify testing lets default to FORWARD DROP too.

None of our servers should act as routers currently. If we resurrect
infracloud or if we deploy k8s this may change but today this should be
fine and be a safer ruleset.

Change-Id: I5f19233129cf54eb70beb335c7b6224f0836096c
2018-12-14 10:33:26 -08:00
Jeremy Stanley
5102f5689f Add rust-vmm OpenDev ML
A group of interested developers for crosvm and Firecracker are
seeking a neutral location to host a discussion list for
collaboration around secure/special-purpose virtual machine monitors
implemented in the Rust programming language, and asked for the list
name to be rust-vmm. This request came to us via OSF staff who they
approached earlier this week.

Change-Id: I2003e3ae7a352b12d213a553f7ee0cd4f4e5d4f1
Depends-On: https://review.openstack.org/625241
2018-12-14 13:22:56 +00:00
Zuul
a20990ace0 Merge "Add lists.opendev.org to Mailman" 2018-12-14 12:53:33 +00:00
Colleen Murphy
100173dfe2 Turn on the future parser for elasticsearch.openstack.org
Change-Id: I91b5a7d15fa29ad1e604a5cf3a1bd32dfa5fa892
2018-12-13 15:26:12 -08:00
Colleen Murphy
7313bd0bb2 Turn on the future parser for subunit workers
Change-Id: I3308b015e99442c48f8a044a30ba50989eb9647c
2018-12-13 15:26:04 -08:00
Colleen Murphy
c5901672fa Turn on the future parser for logstash.openstack.org
Change-Id: I9f8056b91acf413f1d541b89aea5b98ca0cdfd1e
2018-12-13 15:25:59 -08:00
Zuul
19ce2f6292 Merge "Turn on the future parser for wiki.openstack.org" 2018-12-13 23:20:14 +00:00
Zuul
04b2ee6e18 Merge "Turn on the future parser for wiki-dev.openstack.org" 2018-12-13 23:20:11 +00:00
Jeremy Stanley
a507b6b401 Add lists.opendev.org to Mailman
Set up the initial boilerplate to enable addition of new
project-neutral Mailman mailing lists on lists.opendev.org.

Change-Id: I8cad4149bdd7b51d10f43b928cdb9362d4bde835
2018-12-13 20:36:08 +00:00
Clark Boylan
130c0a47fc Set CacheIgnoreCacheControl on pypi proxy cache
Newer pip sets cache-control: max-age=0 on requests for pypi indexes.
This tells the proxy cache not to serve the index content from the
cache. Unfortauntely this then means we fail to get this data which
could be cached if we can't talk to the backend for some reason.

By default pypi seems to set a 600 second max-age on these indexes which
should be far better than not caching at all. So set the config to have
apache ignore client side max-age and other cache disabling directives.

Change-Id: I2da7006dcd8a8f4212f5e766ef35ba7b98177ed0
2018-12-13 12:30:43 -08:00
Zuul
2cfe6061a8 Merge "Enable ARA reports for system-config bridge CI jobs" 2018-12-12 23:19:02 +00:00
Zuul
5be026ccc7 Merge "Add support for enabling the ARA callback plugin in install-ansible" 2018-12-12 23:19:00 +00:00
Zuul
78f802715e Merge "Prefix install_openstacksdk variable" 2018-12-12 23:18:58 +00:00
Zuul
0b327f3ab1 Merge "Turn on the future parser for lists.openstack.org" 2018-12-12 19:53:22 +00:00
Zuul
ea7265de57 Merge "Add a script to generate the static inventory" 2018-12-12 19:12:11 +00:00
Zuul
d3b9dfb04a Merge "Ectomy some Jenkins out of the docs" 2018-12-12 11:53:39 +00:00
Zuul
b26e731c62 Merge "Mirror Stein on Ubuntu from Cloud Archive" 2018-12-12 08:16:46 +00:00
Ian Wienand
1c48bfe327 Enable github shared admin account
This change describes the shared github administrator account.

This is inspired by I0c61f192a6b5164af7babde5c99e5ee2b77a652c.  As
described there, this allows for admins to have private accounts in
the organisation, but requires that 2FA be turned on.  If people wish
to keep this as a single account which they do "real" work with
(commits, etc) that is probably OK, but add a note that you'll end up
with a lot of mostly irrelevant stuff in your feeds.

Change-Id: Ic408250571133796b4b4639715fe8d01f91898f2
2018-12-12 10:48:16 +11:00
Monty Taylor
ac602f9d14 Add a script to generate the static inventory
We moved from dynamic to static inventory. When creating a new host with
launch-node, a script isn't really needed, the inventory is yaml, the
new host can just be added. However, generating a new inventory by
hitting the APIs of all of our clouds might be useful, so add a utility
script to help in case such a thing is needed.

Change-Id: Iae1be8e9cfe19533005e9f0395d1ef7a6427bc83
2018-12-12 07:20:16 +11:00
Zuul
35e5e15ef6 Merge "Configure packages on ubuntu arm servers" 2018-12-10 20:23:36 +00:00
Zuul
f0c54c65c6 Merge "Don't install lxd on our servers" 2018-12-10 20:22:20 +00:00
Monty Taylor
55ddc7bf88
Ectomy some Jenkins out of the docs
There are a bunch of places where the narrative text say things like
"jenkins runs jobs". This hasn't been true for a while and it's getting
less true.

Left third-party and running-your-own alone because those are
instructions for other people to do things - and we are not yet at the
point where we are suggesting anyone do their things like we do our
things.

The devstack-gate document describes an old deprecated system, but the
system is still in use (sadly) so it was mostly left intact. A warning
was added so that people would be clear that it was deprecated.

Also removed the logstash client config file. It's the only change in
here that actually affects running code and became unnecessary when it
was switched to geard with Ie3f814e6d3278d87f2a20a72e40b6b92217684fc

Change-Id: Iaf2128c3f953976180c71cb599fcbff7bc06c28a
2018-12-10 17:55:04 +00:00
Zuul
e92b81bae2 Merge "Trivial: Update pypi url to new url" 2018-12-10 02:09:48 +00:00
Zuul
69a9ddb463 Merge "fix somes typos in doc file." 2018-12-10 02:04:26 +00:00
Zuul
dad0716592 Merge "Fix enumerated list in gerrit.rst" 2018-12-10 01:47:35 +00:00
liumk
3f8ec46be8 fix somes typos in doc file.
Change-Id: I5a27ddb6fcbcaa21c223d0b76e733063acce4556
2018-12-10 12:26:23 +11:00
melissaml
f8f7b73846 Trivial: Update pypi url to new url
Pypi url changed from [1] to [2]

[1] https://pypi.python.org/pypi/<package>
[2] https://pypi.org/project/<package>

Change-Id: Ie9f62ed7ed9d9732590d7d274feee64eb41818e9
2018-12-10 12:19:25 +11:00
Zuul
5a09af1783 Merge "Fix dead link" 2018-12-10 01:04:26 +00:00