Now that we're retiring the third-party-ci-announce mailing list,
which we never really used consistently anyway, just tell
third-party CI operators to make sure the E-mail address on their
account is current and reachable.
Change-Id: I6186149de25b06f2982702143a807de8bb01be73
In preparation for retiring a number of mailing lists from
lists.openstack.org which have had no activity for over three years,
remove their configuration so our deployment automation won't
recreate them once they're gone. Also remove references to the
third-part-announce list in our documentation, since that's one of
the unused lists we're removing. See the announcement at
http://lists.openstack.org/pipermail/openstack-discuss/2022-February/027404.html
for details.
Change-Id: Ieedd8613363039d19d3ae47f1a83a38747419bdc
The status.openstack.org server is offline now that it no longer
hosts any working services. Remove all configuration for it in
preparation for retiring related Git repositories.
Also roll some related cleanup into this for the already retired
puppet-kibana module.
Change-Id: I3cfcc129983e3641dfbe55d5ecc208c554e97de4
We indicated to the OpenStack TC that this service would be going away
after the Yoga cycle if no one stepped up to start maintaining it. That
help didn't arrive in the form of OpenDev assistance (there is effort
to use OpenSearch external to OpenDev) and Yoga has released. This means
we are now clear to retire and shutdown this service.
This change attempts to remove our configuration management for these
services so that we can shutdown the servers afterwards. It was a good
run. Sad to see it go but it wasn't sustainable anymore.
Note a follow-up will clean up elastic-recheck which runs on the status
server.
Depends-On: https://review.opendev.org/c/opendev/base-jobs/+/837619
Change-Id: I5f7f73affe7b97c74680d182e68eb4bfebbe23e1
The openstack health service is being shutdown and retired. That
services was the only service that relied on the subunit2sql workers.
This means we can shutdown and retire the subunit2sql workers. This is
one step of that process.
Change-Id: Ibd02faaeba888dfcd1f512f4dd3a7d768497fc16
Follow-on to I07ca2b18d2da7e6261389696a0eae13d20d2cb22
* Github issues are now closed via the
maintain-github-openstack-mirror which Zuul runs periodically
* manage-projects also runs from Zuul
* run-mirror hasn't been used since If5935b356e222c2f4d474a2cec8add3cc66b6010
* I'm not sure what the ssh key stuff is talking about, it's not
really relevant now.
Change-Id: If4d8a1ac98c35c494090564d94f3a8c082cea900
This introduces and "Open Infrastructure" page which is designed for a
moderately experienced developer with some understanding of Zuul,
Ansible and basic Linux admin skills to have an entrypoint to
navigating the system-config and related repositories.
It is designed to re-enforce the idea of open infrastructure, and
explain how development, testing and production come together at a
level high enough to be understood, but with links or descriptions of
specific places in the code to get started.
It moves a little of what was in the sysadmin page into this, and
leaves that page as more low-level descriptions of various tasks.
Change-Id: I60a9299df455b98ad549ac0075a59d381722bc06
We have discovered that it is possible for a gitea repository to be come
corrupted. Since gitea is not the source of truth the easiest way to
handle this is to replace the repo with a new empty repository and have
Gerrit replicate back to it. This adds documentation that walks through
the process of doing this.
Change-Id: Ief990adaaf3cbb3c748bc9ee6ceb466a1104915a
This is meant to help debug gerrit in some circumstances particularly
now that the Java Melody plugin is not installed.
Change-Id: Ifedb7abd08c7fe1281ac510c6872fe8d9fe700a1
Update the docs to reflect not having grafyaml in the container.
Also move the import into a separate helper script, which can be
manually run on the host if the container needs to be restarted
out-of-band for some reason.
Change-Id: Ib1f6aea7e16180d9b122552a2aa30ce223426941
In OFTC, entery message is set via ``entrymsg`` command,
correcting it in doc.
<ChanServ> *** SET Help ***
..
URL: Set the channel's homepage.
EMAIL: Sets the channel's e-mail address.
ENTRYMSG: Sets the channel greeting.
..
Change-Id: I2e436015641ab78c5b509b4b4ca35e1088c3376f
The commit replaces DefCore committee (a former name) by
Interop Working Group (the current name) and updates a few
more old interop references.
Change-Id: I35d754ad0b37ba462afdc52b552fbd0b607954df
This adds a keycloak server so we can start experimenting with it.
It's based on the docker-compose file Matthieu made for Zuul
(see https://review.opendev.org/819745 )
We should be able to configure a realm and federate with openstackid
and other providers as described in the opendev auth spec. However,
I am unable to test federation with openstackid due its inability to
configure an oauth app at "localhost". Therefore, we will need an
actual deployed system to test it. This should allow us to do so.
It will also allow use to connect realms to the newly available
Zuul admin api on opendev.
It should be possible to configure the realm the way we want, then
export its configuration into a JSON file and then have our playbooks
or the docker-compose file import it. That would allow us to drive
change to the configuration of the system through code review. Because
of the above limitation with openstackid, I think we should regard the
current implementation as experimental. Once we have a realm
configuration that we like (which we will create using the GUI), we
can chose to either continue to maintain the config with the GUI and
appropriate file backups, or switch to a gitops model based on an
export.
My understanding is that all the data (realms configuration and session)
are kept in an H2 database. This is probably sufficient for now and even
production use with Zuul, but we should probably switch to mariadb before
any heavy (eg gerrit, etc) production use.
This is a partial implementation of https://docs.opendev.org/opendev/infra-specs/latest/specs/central-auth.html
We can re-deploy with a new domain when it exists.
Change-Id: I2e069b1b220dbd3e0a5754ac094c2b296c141753
Co-Authored-By: Matthieu Huin <mhuin@redhat.com>
Now that the SKS keyserver network is no more, and there's no
convenient way to share third-party key signatures, we need to
adjust our key management and rollover process accordingly.
Change-Id: I7008706aae06b6e4a16db2dd85a8c7f91530cd50
All the osf/ namespace Git repositories have moved into a new and
more appropriate openinfra/ namespace, so make the necessary
adjustments to RefStack's image build and operations document.
Change-Id: I01c8d153321a617fbc78c2d3c99102185b03243d
Depends-On: https://review.opendev.org/808479
Mostly just formatting and punctuation, plus some outdated bits.
Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Change-Id: I641beb5d65f87173d50c74a4e1f0dba48d006231
This is followon to feedback for earlier docs updates. Basically we
should always log these restarts so make that more clear that it isn't
optional.
Change-Id: Ib0fa05b2075d6c82199e6e043724aeedaf04e49c
Zuul has changed has it stores secret keys and they are in zookeeper
now. This means our old docs on decrypting things are no longer correct.
Update them with a new set of instructions that matches the modern
setup.
Change-Id: I7484a8c02e005fadc41e22a4158b3dcb8434ec5d
It was recently pointed out that our restart process for zuul is a bit
stale. Document the new modern process that deals with ansible playbooks
and docker containers.
Change-Id: I52812e87ed73e6ed538f94a86c1b62ce3de57c37
This is just a documentation update but reflect the change upstream
Gerrit made in versions 3.3 renaming this group.
Change-Id: I5458afd2683c2a7c4616f4894884e3d3ce03bbaf
Since ptgbot has updated config management and deployment
orchestration now, update our operational docs to reflect that.
Change-Id: Iad4eb23616ac8ad44d8456268dca730a9754acce
Symlink the docs logo to the canonical assets location. It looks like
it does the sensible thing and de-references the source symlink when
building, as doc/build/html/_static/opendev.svg ends up as the actual
file, not a symlink.
Change-Id: I4409c8e20601bdcb9e387d028b5df13c90d1ffa0
The Open Infrastructure Foundation's developers who maintain the
OpenStackID software are taking over management of the site itself,
and have deployed it on new servers. DNS records have already been
updated to the new IP address, so it's time to clean up our end in
preparation for deleting the old servers we've been running.
OpenStackID is still used by some services we run, like RefStack and
Zanata, and we're still hosting the OpenStackID Git repository and
documentation, so this does not get rid of all references to it.
Change-Id: I1d625d5204f1e9e3a85ba9605465f6ebb9433021
This update captures that we host projects outside of openstack and
intend for projects like openstack or others to do some steps on their
own. We also update this to reflect chagnes in the configuration
management and deployment tooling that we use today.
Change-Id: I0bc0ce335fd90e6187253e18007361a133a8f30c
A lot of the current sections here talk about modify the Gerrit
database that no longer exists. Remove these.
Update the section on duplicate accounts to handle removing the second
account via NoteDB and the API.
Change-Id: I2139ff33d87bf42e4453f6e7252fcc427594967a
We've stopped relying on jeepyb's track-upstream feature, so stop
installing the entrypoint script and cease running its cronjob.
Depends-On: https://review.opendev.org/799123
Change-Id: I0d6edcc34f25e6bfe2bc41d328ac76618b59f62d
I tripped over this during recent afs fileserver reboots. Note it in the
docs so that we are aware of this in the future when doing maintenance.
Change-Id: Iac20fa6b9ec17f1eb69c50bc8f5736b34967fd83
Noticed this when doing some afs maintenance. We want the bos status of
fileservers when rebooting those servers not the status of the db
servers.
Change-Id: I30f6a2320487c302fda2ffe300daa1d91c7dec45
