Commit Graph

1579 Commits

Author SHA1 Message Date
James E. Blair
d579b997c4 Add zuul_connection_secrets to mergers and executors
These may need secrets (such as passwords) if they need to perform
git operations over http.

Change-Id: I93501ae27d246c1cccfe18fc555f3f2f4b7814d5
2019-10-04 14:11:26 -07:00
James E. Blair
859e386103 Add web_root option to zuul.conf
This is the base url that will be used for log reporting.

Depends-On: https://review.opendev.org/675655
Change-Id: Ia92a34e9ed506931e0d736ac034f60f4f7c381fc
2019-08-09 16:13:35 +00:00
James E. Blair
3c84c65614 Add tarballs.opendev.org vhost
Change-Id: I6aa85bf92b2d5726d3c86b11b103a87f11953c51
2019-06-05 14:10:19 -07:00
Clark Boylan
08152aa22f Remove groups configuration
This removes the groups servers from our inventory as well as our
manifests/modules. We don't run the groups service anymore as many
groups migrated to meetup.com independent of us and the others have
transitioned there.

Change-Id: I7cb76611e6d30e7189821923f36a38dec9ea7241
2019-05-23 12:20:04 -07:00
Jeremy Stanley
3eaf200196 Revert "Pin skopeo to unbreak skopeo+bubblewrap"
This reverts commit 0d370a285b.

Fixed by https://github.com/containers/skopeo/pull/653 so safe to
merge this once a new build appears in the PPA.

Change-Id: I858eee79d084016b6b71eec46a6118d78f68cafa
2019-05-18 13:33:29 +00:00
Monty Taylor
0d370a285b Pin skopeo to unbreak skopeo+bubblewrap
Pin skopeo back to 0.1.36-1~dev~ubuntu16.04.2~ppa14 which is before
the code that changed the required capabilities, breaking the use of
skopeo from inside of bubblewrap.

Change-Id: Ibf3000d87772d02b7325315cfeed078716e0d7bf
2019-05-15 14:16:57 +00:00
Monty Taylor
e69c7b7fb9 Rename review.openstack.org to review.opendev.org
There are many references to review.openstack.org, and while the
redirect should work, we can also go ahead and fix them.

Change-Id: I28f398796a6392a3dffea1d25cfe2ae3a36a3589
2019-05-09 14:38:51 +00:00
Ian Wienand
2acfc176b0 Remove graphite.openstack.org
The server has been removed, remove it from inventory.

While we're here, s/graphite.openstack.org/graphite.opendev.org/'
... it's a CNAME redirect but we might as well clean up.

Change-Id: I36c951c85316cd65dde748b1e50ffa2e058c9a88
2019-05-08 05:55:33 +10:00
smarcet
fa0f5860d2 Update OpenstackId Prod Node Settings
moved from smtp email driver to sendgrid

Change-Id: I719a3fd7e730972b7a0784a9a4857a76672119d0
2019-04-30 14:24:42 -03:00
smarcet
66bf9c5cc4 OpenStackid parametrized urls
updated config to be able to setup registration/lost password
and resend verification link by config

Depends-On: https://review.opendev.org/#/c/656395/
Depends-On: https://review.opendev.org/#/c/656396/
Change-Id: I9df2afbc6a90652030fde5398f8ac28ca3c4c397
2019-04-29 18:41:54 -03:00
Zuul
6d85578b14 Merge "Install socat on zuul executors" 2019-04-23 21:44:44 +00:00
James E. Blair
676bc3cadb Install socat on zuul executors
This is needed for the intermediate registry jobs.

Change-Id: I98652c4cf4ec0688d18e74d39090bb3b22ad8274
2019-04-22 10:16:47 -07:00
Clark Boylan
6e61cbff2e Stop ansipuppeting the old cgit farm
We have replaced the cgit farm with a gitea farm. Stop managing the cgit
farm. This removes testing for centos7 as these were our only centos7
nodes.

Depends-On: https://review.opendev.org/654549
Change-Id: Ia48ff10cb88d51f609e8b28de176c72f7a9ee24f
2019-04-22 15:50:08 +00:00
Monty Taylor
c6d129a108 Update some paths for opendev
There's a bunch in here. This is mostly big-ticket things and test
fixes. Also, change the README to rst - because why is it markdown?

Depends-On: https://review.opendev.org/654005
Change-Id: I21e5017011e1111b4d7a9e4bf0ea6b10f5dd8c1b
2019-04-20 09:31:14 -07:00
James E. Blair
07572767dd Merge "Redirect review.openstack.org to review.opendev.org" 2019-04-20 15:45:28 +00:00
James E. Blair
881c8f590f Update known_hosts for zuul
Add the review.opendev.org hostname to the known_hosts files.

Change-Id: I8b925053adaca7f47c647641466c0762b17776d9
2019-04-19 20:16:57 -07:00
Clark Boylan
16fa372e0c Redirect review.openstack.org to review.opendev.org
This is part of the opendev git hosting transition. We do this on
review.opendev.org/review.openstack.org and not files.openstack.org so
that ssh connections continue to work. This will need to be applied
during the maintenance window.

This also updates the canonical urls and logo.

Change-Id: I5bf4dcd6835e379fcdd2d55393c5a844578074a9
2019-04-17 20:50:20 +00:00
Zuul
498151d7e2 Merge "Update grafana for new archive repo" 2019-04-17 03:38:50 +00:00
Zuul
4f7dd4157e Merge "Added openstackid dev sendgrid support" 2019-04-16 18:08:20 +00:00
Ian Wienand
fb12d2620b Update grafana for new archive repo
Grafana has moved to a new package repo [1] and the apt-get update
step is failing on the current host.

The first version of puppet-grafana that has this update is 6.0.0;
this is two years later than the current version we're using so
... yeah.  It does not work with puppet3, so only run apply test with
puppet4.

It looks like upstream has moved from camptocamp/archive to
voxpupuli/archive so the comment is no longer required.

[1] https://grafana.com/blog/2019/01/05/moving-to-packages.grafana.com/

Change-Id: Ibab0ed6799563ba0f9674ef1ea575c6ac5d60341
2019-04-15 12:05:28 +10:00
smarcet
d6c2d3ab9e Added openstackid dev sendgrid support
updated openstackid dev node configuration
to use sendgrid api key from hiera

Depends-On: https://review.openstack.org/#/c/651794/
Depends-On: https://review.openstack.org/#/c/651798/
Change-Id: I9fc5e9b24886105771a1be93d8d8a6c6e1189c32
2019-04-11 11:49:27 -03:00
Ian Wienand
74e33f362e Pass SSL certs to graphite.opendev.org
This enables the SSL site for graphite.opendev.org

Change-Id: Ifa9e4864a9b2bad4a9e94ad1312f9e1d05b8aef3
Depends-On: https://review.openstack.org/651686
2019-04-11 13:23:41 +10:00
James E. Blair
2ccf1ddb7a Use docs.opendev.org ssl cert
This has been added to bridge hostvars.

Change-Id: Ibd3db857b02558a255c482d8da83564fbc65d7c1
2019-03-26 15:31:50 -07:00
James E. Blair
51dda0881f Serve docs.opendev.org from files.openstack.org
Change-Id: I2d69994b51bef96b7ba9b71b1a65d0a1956f9f73
2019-03-22 15:49:59 -07:00
Zuul
a38f3e5c73 Merge "Set up legacy git redirect sites" 2019-03-20 21:06:10 +00:00
Clark Boylan
8c8b1d9c71 Remove trusty testing flag from nodes that are xenial
We've been upgrading many of our nodes to xenial from trusty. Remove the
manifests/site.pp trusty test flags from nodes that don't run on trusty
any longer.

Change-Id: I2ee9754d8b30f120d375cb6ff554c107f4a750d5
2019-03-13 15:02:47 -07:00
Clark Boylan
1de45463c8 Manage zuul status backups directly
We were previously creating zuul status backups for http and https
endpoints. We really only need them for the https endpoint. Additionally
backup our kata-containers tenant.

Depends-On: https://review.openstack.org/642896
Change-Id: I35a58b2faf3234aa0f3c04e5a682c8f9f9111898
2019-03-12 14:37:54 -07:00
Jeremy Stanley
72e51a8998 Just use openstack.org domain for wiki hosts
Currently there are no plans to integrate the existing wiki services
into OpenDev, so for clarity we're limiting the inventory globbing
and global site manifest node regular expressions to the
openstack.org domain specifically.

Change-Id: Ifdc86f7cc5d6a865e1d5f76828ad8b52f2ee75fe
2019-03-10 14:32:11 +00:00
Jeremy Stanley
73955d55b7 Set up legacy git redirect sites
As part of the move to Gitea, we're creating compatibility redirects
from our old Cgit and Git HTTP backend sites to opendev.org. This
introduces Apache vhosts for each of git.airshipit.org,
git.openstack.org, git.starlingx.io and git.zuul-ci.org which all
serve the same docroot on the files.openstack.org server. This
docroot houses a single .htaccess file with the relevant redirect
rules.

Change-Id: I729fe39bcbe0a0cae237e9036ed8fa980f897e68
Co-Authored-By: James E. Blair <jeblair@redhat.com>
Task: #29705
2019-03-08 23:54:51 +00:00
Clark Boylan
df97b70c00 Test afs nodes on xenial
This is part of the work to upgrade our afs nodes to xenial. We will run
on puppet tests on xenial against the afs node defs.

Change-Id: Ifcfc2d33d600ad8630408c0080a3bde02df3167a
2019-03-06 15:08:17 -08:00
Clark Boylan
bfb2963c20 Cleanup old health server
We have replaced health.openstack.org with health01.openstack.org
(CNAMEd to by health.openstack.org). Remove reference to the old server.
Note that this updates references to health01.openstack.org to use the
full openstack.org to make it clear that this is not an opendev service.

Change-Id: Ifa21dc4a82258974857da2a843f67c5234736c47
2019-02-27 10:32:02 -08:00
Clark Boylan
85c1fc62f1 Put health servers in the puppet health group
This is necessary for the proper group lookup of heira data to happen
from the puppet side of the config. The ansible side is already
configured properly via inventory/groups.yaml.

Change-Id: I8ceb6733c2052a7cf29a344a12ab7312e8739191
2019-02-26 10:50:27 -08:00
Zuul
e6417e62c8 Merge "Updated openstackid prod node" 2019-02-26 12:06:11 +00:00
Clark Boylan
3531e8be3c Set health service's vhost hostname explicitly
We set the health service's api vhost hostname to 'health.openstack.org'
explicitly so that we can boot health01.opendev.org which is not where
we'll serve the content from.

Change-Id: Ic39fc51d9367219629e0947d2d20ba0b8c93e5e2
2019-02-25 15:11:19 -08:00
Sebastian Marcet
26cb9f660d Updated openstackid prod node
Updated configuration files to use mysql ssl
certs

Change-Id: I2b9f1311e2fec7786349930b11daff7cccc1cba5
2019-02-25 18:14:12 -03:00
Clark Boylan
9c465131db Make kdc03 the master kerberos kdc and admin server
This change will convert kdc03 to a master from a hot standby and will
remove kdc01 from management.

Cutover plan:
  Disable kdc01 in ansible emergeny file
  Stop run-kprop cron on kdc01
  Stop kadmind on kdc01
  Execute run-kprop.sh on kdc01
  Merge this change
  Wait for puppet to convert kdc03 to the master
  Confirm that run-kprop works from kdc03 to kdc04
  Update dns records as documented in our kerberos docs
  Test kadmin works
  Delete old kdc01 server

Change-Id: Ib14b11fa1f0a6bc11b0f615ce5b6f6be214b5629
2019-02-22 15:47:49 -08:00
Clark Boylan
452760a49c Add kdc03.openstack.org
This new Xenial server is being added as a kerberos standby node but
will be used to replace kdc01 as the master once fully configured and
happy as a standby. This replaces the old trusty server.

Note that the server wasn't added to opendev.org as we don't have a
kerberos realm for that domain so that would be a separate activity for
the future.

Change-Id: I4cc5fcd7504c98a7bcd9dc4f2ad57bb5bf8b54bd
2019-02-22 10:30:57 -08:00
Zuul
57d38c4412 Merge "Clean up after StoryBoard replacement maintenance" 2019-02-21 22:05:23 +00:00
Zuul
a23cd84a69 Merge "pbx.openstack.org cleanup" 2019-02-18 18:32:14 +00:00
Clark Boylan
4d3ba10e46 pbx.openstack.org cleanup
Update the docs, test flags, cacti entries, and inventory for our new
pbx server. We have replaced the old Trusty node with a Xenial node.

Change-Id: Ifb1e156afbcb38474cbc9f0bc78ae45fdd74444b
2019-02-18 09:19:20 -08:00
Sebastian Marcet
b4ed722bc6 Updated OpenStackId Production Node
* updated release label to 2.0.0
** php7.x
** LV 5.6
* update node OS to xenial

Change-Id: Ifd1f2b01583dbe533197254a2ef7f7e5db6dacb4
2019-02-18 10:30:39 -03:00
Jeremy Stanley
08a553f529 Clean up after StoryBoard replacement maintenance
Now that both staging and production storyboard servers are running
on enumerated Xenial servers in opendev.org, remove the old
inventory entry for the production server, clear out testing hints
for trusty and tighten up the inventory globs and node regular
expressions accordingly. Also get them swapped into cacti in place
of the old production server entry.

Change-Id: I5e66abb95751f69a337434e08d09dcc3b107e123
2019-02-16 18:02:00 +00:00
Zuul
4f5581a662 Merge "Update puppet config for openstackid-dev node" 2019-02-14 23:05:18 +00:00
Sebastian Marcet
1dacc6c9db Update puppet config for openstackid-dev node
Added mysql ssl cert from hiera

Change-Id: Id754acfd2b4234146f2fc431599a50b053d3ffdf
2019-02-14 10:30:11 -03:00
Clark Boylan
a6703e9e57 Prep for pbx upgrade to xenial
This sets our testing to test pbx manifest on xenial and adds a hiera
group called pbx to the servers so we can properly do servernames with
digits and have common config in hiera.

Change-Id: I8c3096d18fe318c6ca206203de0ac984c8934566
2019-02-13 09:44:48 -08:00
Clark Boylan
9acd916d4f Remove top level hiera lookups
Puppet4 is a lot more picky about scoping of variables. In our hiera
lookups we rely on the $group var to specify where to find hiera data
files, but this group var is set on a per node basis. This means that
top level hiera lookups produce warnings like:

  Undefined variable 'group';
    (file & line not available)

And lookups will break if they need keys in the group/node specific data
files.

Avoid this problem entirely by removing top level lookups. We only had
one for our elasticsearch_nodes var which we can easily set statically
in site.pp and not rely on hiera for.

Change-Id: Ifa3740f0f31c3fa9a2d8faa355101d3a5671afff
2019-02-07 07:34:18 -08:00
Jeremy Stanley
cf53072d7d Override FQDN defaults for OpenStackID servers
The current OpenStackID servers have hostnames matching the names of
their Web site vhosts in Apache. Their replacements will have
different hostnames/server instance names but should retain their
original Web site identities. To facilitate this, explicitly pass in
the expected hostnames for the corresponding class parameters which
normally default to $::fqdn in the puppet-openstackid module.

Change-Id: I395626ee11e287dac5766f4027a067e2c918a9ed
2019-02-06 00:26:34 +00:00
James E. Blair
ff2960424e Install skopeo on Zuul executors
Skopeo can be used to easily (and without a docker daemon running)
copy images between docker registries.  Install it on the executors
so that we can use it to move images between the intermediate
registry and buildset registries.

Change-Id: I1f00d24e6f6d9c02dce987e5d01644d97632eb92
2019-02-04 15:27:56 -08:00
James E. Blair
209e5e03e0 Add git-test website
This serves static files out of afs, so we can test redirects from
git.openstack.org to opendev.

Change-Id: I5bdec079ca12074bb761862632d936306c713df4
2019-02-04 13:06:37 -08:00
Zuul
2a9136366a Merge "Remove old storyboard-dev from inventory" 2019-02-04 20:37:34 +00:00