We've stopped using many of these, but we never got around to
removing them from lists.
Also, we should probably retire the repos.
Depends-On: https://review.opendev.org/717620
Depends-On: https://review.opendev.org/720527
Change-Id: I8e012c5bfa48d274dbd7f5484a9e75fee080cb5e
Make inventory/service for service-specific things, including the
groups.yaml group definitions, and inventory/base for hostvars
related to the base system, including the list of hosts.
Move the exisitng host_vars into inventory/service, since most of
them are likely service-specific. Move group_vars/all.yaml into
base/group_vars as almost all of it is related to base things,
with the execption of the gerrit public key.
A followup patch will move host-specific values into equivilent
files in inventory/base.
This should let us override hostvars in gate jobs. It should also
allow us to do better file matchers - and to be able to organize
our playbooks move if we want to.
Depends-On: https://review.opendev.org/731583
Change-Id: Iddf57b5be47c2e9de16b83a1bc83bee25db995cf
We are trying to use this file in our docs config but the file was
mistakently not added in that change. Add it now.
Change-Id: I8f5f9d62f96d8532477c42a7076c57aa6548c9cf
In places like crontab entries we use full paths to executables because
PATH is different under cron. Unfortunately, this meant we broke
docker-compose commands using /usr/bin/docker-compose when we installed
it under /usr/local/bin/docker-compose. In particular this impacted
database backups on gitea nodes and etherpad.
Update these paths so that everything is happy again.
Change-Id: Ib001baab419325ef1a43ac8e3364e755a6655617
We've got some old out of date docs in some places. This isn't even
a full reworking, but at least tries to remove some of the more
egregiously wrong things.
Change-Id: I9033acb9572e1ce1b3e4426564b92706a4385dcb
We use project-config for gerrit, gitea and nodepool config. That's
cool, because can clone that from zuul too and make sure that each
prod run we're doing runs with the contents of the patch in question.
Introduce a flag file that can be touched in /home/zuulcd that will
block zuul from running prod playbooks. By default, if the file is
there, zuul will wait for an hour before giving up.
Rename zuulcd to zuul
To better align prod and test, name the zuul user zuul.
Change-Id: I83c38c9c430218059579f3763e02d6b9f40c7b89
We had the clouds split from back when we used the openstack
dynamic inventory plugin. We don't use that anymore, so we don't
need these to be split. Any other usage we have directly references
a cloud.
Change-Id: I5d95bf910fb8e2cbca64f92c6ad4acd3aaeed1a3
These are OpenDev docs now so the OpenStack theming doesn't quite fit.
Switch to Alabaster + OpenDev logo which is what we did with
infra-manual.
Change-Id: Id211e8e0b4dab7282fb5ca5fce494a028a826fba
The OpenDev community is moving its discussions off the old
openstack-infra mailing list, so make sure to refer to the correct
new address(es).
Change-Id: I558b60ea0aa3421285d46be449f04198441cf285
These are useful for the times when a secret needs to be decrypted
for debugging but seem to have been deleted when we did the zuulv3
migration removal.
Change-Id: Ib1544d9032df9bd25c50eeca032f643e40f035b0
Update conf.py and index.rst for OpenDev.
Use newer openstackdocstheme and update conf.py for this.
Change-Id: I62312ca1d3fda9221660b7bb664c8ea55dac68a4
There are two different concerns here. One is configuring the gitea
and gerrit services. This is independent from the management of
projects running inside them.
Make a manage-projects playbook which currently runs gitea-git-repos
but will also get a gerrit-git-repos role in a bit. Make a
service-gitea playbook for deploying gitea itself and update
run_all to take all of that into account. This should make our
future world of turning these into zuul jobs easier.
Add several missing files to the files matchers for run-gitea
and run-review.
Also - nothing about this has anything to do with puppet.
Change-Id: I5eaf75129d76138c61013a3a7ed7c381d567bb8b
We keep track of these files now in the opendev/project-config repo,
so make sure that they are committed there.
Change-Id: Icf4b4e32ac4f209811ba8361bbb9d8458c79251a
With the move from OpenStack governance to our own OpenDev team, we
should also move to use the #opendev IRC channel in preference to
the #openstack-infra channel which will remain in use for OpenStack
specific discussions.
Update the references in our docs accordingly.
Change-Id: I448704f5d2664fd233a69a2ad12578ca24d9878a
Based on #openstack-infra talks from Feb 17th, I am proposing some clarifications regarding how logging should
be done by 3rd party CI.
These should help 3rd party integrators create a better
experience for developers, making logs more accessible.
Change-Id: I2ebc788505ba1319afc038d0aa1406da3823a911
This change effectively converts the OpenStack Infra project description
into an OpenDev project description in our documentation. Since OpenDev
is largely an evolution of the preexisting infra team much of the
content remains the same. I have added a section on governance as we'll
not be able to run off of the OpenStack governance any longer.
Note this leaves what becomes the OpenStack Infra project without a
project document. However, the remaining scope of that OpenStack project
will be small and I don't think it will need to same level of team
organization. I think we can get by with OpenStack's default governance
for its teams there. Then should we need something more explicit or
different we can write that up within openstack itself.
Depends-On: https://review.opendev.org/#/c/703134/
Change-Id: I56aab771510768211386325e6466d2f94fe298fb
Update the Zuul v3 page with correct links and description of promote
pipeline and remove the now obsolete note - and follow it with renaming
the document to zuul.
Change-Id: I9c89cb56d4a318f3a234e7f2f08dabb46d0dfab6
This introduces two new roles for managing the backup-server and hosts
that we wish to back up.
Firstly the "backup" role runs on hosts we wish to backup. This
generates and configures a separate ssh key for running bup and
installs the appropriate cron job to run the backup daily.
The "backup-server" job runs on the backup server (or, indeed
servers). It creates users for each backup host, accepts the remote
keys mentioned above and initalises bup. It is then ready to receive
backups from the remote hosts.
This eliminates a fairly long-standing requirement for manual setup of
the backup server users and keys; this section is removed from the
documentation.
testinfra coverage is added.
Change-Id: I9bf74df351e056791ed817180436617048224d2c
This script helps restart the AFS servers, which is useful when
updating parameters. It can also enable audit logging.
It can also stop and start the servers, although it's unlikely we'd
want all the servers offline at the same time so stopping has a
warning included.
Documentation is updated to refer to the helper script
Change-Id: Idcb3e43a3f6e614cdb787d4334e692a98bffdd15
This can be used in an apache vhost later, but should be fine to
merge now.
Depends-On: https://review.opendev.org/673902
Change-Id: Ic2cb7585433351ec1bdabd88915fa1ca07da44e7
The launch script is referring to the wrong path for the emergency
inventory. Also correct the references in the sysadmin guide and
update the example for using it.
Change-Id: I80bdbd440ec451bcd6fb1a3eb552ffda32407c44
The OpenStack/OpenDev PPA repositories are currently undocumented.
Add some information on where to find things.
Change-Id: Iea03c5d558b3dd6af9f7c860dfcc75a71dc59d9f
