citycloud is rolling out per-region keystone. There is a change with an
error in it in the latest openstacksdk, so put the right auth_url into
the files directly while we update it and release it again.
Additionally, Sto2 and Lon1 each have different domain ids. The domain
names are the same though - and that's good, because logical names are
nicer in config files anyway.
Restore the config for those clouds.
Change-Id: If55d27defc164bd38af2ffd1e7739120389422af
First we convert from a hash to an array to list the zk cluster members.
Do this because the older puppet-zookeeper module we use doesn't support
hashes like newer releases do.
Second we convert from hostnames to IP addresses because the hostnames
were looked up in /etc/hosts to resolve to 127.0.1.1 which caused zk to
listen on 127.0.1.1 and the cluster members could not talk to each
other.
Change-Id: Id590eb535301b27ff0dcb27cf65ba85d61ed19a5
This region does not show up in catalog listings anymore and is causing
inventory generation for ansible to fail. This change removes Sto2 from
the management side of things so that we can get ansible and puppet
running again.
This does not cleanup nodepool which we can do in a followup once
ansible and puppet are running again.
Change-Id: Ifeea238592b897aa4cea47b723513d7f38d6374b
You have to tell the zk servers what servers belong to the cluster to
have them act as a cluster. Currently all our servers are in mode
standalone as they do not know about the other servers.
Fix this by configuring the three servers as servers 1, 2, and 3 in the
zk config.
Change-Id: I985ac7387744498058f99859eb8445f885b8bbcc
Switch the zuul scheduler to use our new zk cluster. Note this should
happen after the builders have switched and populated image data on the
new database cluster and at the same time as the launchers update.
This gets us off the old single node zk server running on trusty to
newer xenial based zk cluster with HA.
This change does update the config for mergers and executors for
consistency, but I believe that only the scheduler makes use of this
config today.
Change-Id: I132c176af188787cec3a5a562ffdc81f818c26b0
Depends-On: https://review.openstack.org/612441
testinfra 1.17.0 has a broken wheel on pypi that attempts to install
importlib regardless of the python version. Unfortunately this breaks
under python3 (and possibly under python2.7) as this is a python2.6 only
dependency. Avoid this trouble by not installing that package version.
I've filed https://github.com/philpep/testinfra/issues/380 upstream to
see if they can fix this.
Change-Id: I5cdfb8467cbc62cf729a9070589f5dcf5c794234
Add some details about how we integrate a new cloud into the
ecosystem. I feel like this is an appropriate level of detail given
we're dealing with clueful admins who just need a rough guide on what
to do and can fill in the gaps.
Fix up the formatting a bit while we're here.
Change-Id: Iba3440e67ab798d5018b9dffb835601bb5c0c6c7
Add info on how to kinit and aklog if not using Debuntu deb.conf to set
the correct realm and cell settings.
Change-Id: I80a698649f03863b73399873cf190fda4fa41776
This will allow us to create new nameservers in the opendev.org
domain. We will replace the existing servers once these are
bootstrapped.
Some lines are commented pending server creation.
Change-Id: If71e3f87a9d7a83d80cff053874c84411b248515
The mailman verp router handles remote addresses like dnslookup.
It needs to run before dnslookup in order to be effective, so run
it first. It's only for outgoing messages, not incoming, so won't
affect the blackhole aliases we have for incoming fake bounce
messages.
Note that the verp router hasn't been used in about a year due to
this oversight, so we should merge this change with caution.
Change-Id: I7d2a0f05f82485a54c1e7048f09b4edf6e0f0612
This region does not show up in catalog listings anymore and is causing
inventory generation for ansible to fail. This change removes Lon1 from
the management side of things so that we can get ansible and puppet
running again.
This does not cleanup nodepool which we can do in a followup once
ansible and puppet are running again.
Change-Id: Icf3b19381ebba3498dfc204a48dc1ea52ae9d951
The OpenStack Ansible project relies on Infra's OpenSUSE repo mirror
for their OpenSUSE gate checks. It is therefore important that the
mirror is somewhat up to date and reflects a recent state of the
official repository.
In order to make "recent" more recent this change drops the sync
frequency for the OpenSUSE repositories to every 2 hours down from
every 6 hours.
Change-Id: I94012c7981cc8fd8c8da6e5fb4af3d8e402c9758
This ate a good chunk of my day before a more AFS-savvy colleague
pointed out that a mountpoint within a volume is just a special kind
of file record and so needed the parent volume released before it
would appear in the read-only path.
Change-Id: Ic3d717d70c8bf2548447550472a52849dd85ffd3
Add a commentlink entry which matches task footers in commit
messages and links them to the corresponding task URL on storyboard.
This has already been tested on review-dev, and seems to work
without breaking the separate its-storyboard entry which handles
task updating automation.
Change-Id: I8e69fa7e5dfdef5ea9c05fa457c4ee08c624d005
Add a commentlink entry which matches task footers in commit
messages and links them to the corresponding task URL on
storyboard-dev. This has already been tested manually on review-dev,
and seems to work without breaking the separate its-storyboard entry
which handles task updating automation.
Change-Id: Iea9bde67432249e7314917ff63d6ee5e16a80f25
These backups were kept locally for convenience of operation. Bup stores
blobs in git so it should be effectively deduping these over time so
wasn't a stress on remote backups. However now we are filling the local
disk with the db backup files.
Address this by reducing the number of local backups to 5 (from 10).
Change-Id: I1765836784752dba2a6f2582801b860fcce4843c
The current amount of backslashes is not good enough for gerrit, and it
rejects the config file. Probably related to futureparser? In any case,
we need doubled-backslashes in the generated file, so 4 backslashes does
the right thing in the puppet.
Change-Id: I950b8efbcb876b2d1309f1117626a41ef22025b0
We don't use snappy to install software on our servers, but it started
being installed by default. We don't need it, so remove it.
Change-Id: I043d4335916276476350d9ac605fed1e67362e15
As we start doing things like opendev, we should be able to add
additional prefixes in gerrit without replicating them to github - or
causing gerrit to just spawn errors.
Change-Id: I9bca81df9d9600c4ccb1550039f488c6eb552abd