This is the base url that will be used for log reporting.
Depends-On: https://review.opendev.org/675655
Change-Id: Ia92a34e9ed506931e0d736ac034f60f4f7c381fc
This removes the groups servers from our inventory as well as our
manifests/modules. We don't run the groups service anymore as many
groups migrated to meetup.com independent of us and the others have
transitioned there.
Change-Id: I7cb76611e6d30e7189821923f36a38dec9ea7241
Pin skopeo back to 0.1.36-1~dev~ubuntu16.04.2~ppa14 which is before
the code that changed the required capabilities, breaking the use of
skopeo from inside of bubblewrap.
Change-Id: Ibf3000d87772d02b7325315cfeed078716e0d7bf
There are many references to review.openstack.org, and while the
redirect should work, we can also go ahead and fix them.
Change-Id: I28f398796a6392a3dffea1d25cfe2ae3a36a3589
The server has been removed, remove it from inventory.
While we're here, s/graphite.openstack.org/graphite.opendev.org/'
... it's a CNAME redirect but we might as well clean up.
Change-Id: I36c951c85316cd65dde748b1e50ffa2e058c9a88
We have replaced the cgit farm with a gitea farm. Stop managing the cgit
farm. This removes testing for centos7 as these were our only centos7
nodes.
Depends-On: https://review.opendev.org/654549
Change-Id: Ia48ff10cb88d51f609e8b28de176c72f7a9ee24f
There's a bunch in here. This is mostly big-ticket things and test
fixes. Also, change the README to rst - because why is it markdown?
Depends-On: https://review.opendev.org/654005
Change-Id: I21e5017011e1111b4d7a9e4bf0ea6b10f5dd8c1b
This is part of the opendev git hosting transition. We do this on
review.opendev.org/review.openstack.org and not files.openstack.org so
that ssh connections continue to work. This will need to be applied
during the maintenance window.
This also updates the canonical urls and logo.
Change-Id: I5bf4dcd6835e379fcdd2d55393c5a844578074a9
Grafana has moved to a new package repo [1] and the apt-get update
step is failing on the current host.
The first version of puppet-grafana that has this update is 6.0.0;
this is two years later than the current version we're using so
... yeah. It does not work with puppet3, so only run apply test with
puppet4.
It looks like upstream has moved from camptocamp/archive to
voxpupuli/archive so the comment is no longer required.
[1] https://grafana.com/blog/2019/01/05/moving-to-packages.grafana.com/
Change-Id: Ibab0ed6799563ba0f9674ef1ea575c6ac5d60341
This enables the SSL site for graphite.opendev.org
Change-Id: Ifa9e4864a9b2bad4a9e94ad1312f9e1d05b8aef3
Depends-On: https://review.openstack.org/651686
We've been upgrading many of our nodes to xenial from trusty. Remove the
manifests/site.pp trusty test flags from nodes that don't run on trusty
any longer.
Change-Id: I2ee9754d8b30f120d375cb6ff554c107f4a750d5
We were previously creating zuul status backups for http and https
endpoints. We really only need them for the https endpoint. Additionally
backup our kata-containers tenant.
Depends-On: https://review.openstack.org/642896
Change-Id: I35a58b2faf3234aa0f3c04e5a682c8f9f9111898
Currently there are no plans to integrate the existing wiki services
into OpenDev, so for clarity we're limiting the inventory globbing
and global site manifest node regular expressions to the
openstack.org domain specifically.
Change-Id: Ifdc86f7cc5d6a865e1d5f76828ad8b52f2ee75fe
As part of the move to Gitea, we're creating compatibility redirects
from our old Cgit and Git HTTP backend sites to opendev.org. This
introduces Apache vhosts for each of git.airshipit.org,
git.openstack.org, git.starlingx.io and git.zuul-ci.org which all
serve the same docroot on the files.openstack.org server. This
docroot houses a single .htaccess file with the relevant redirect
rules.
Change-Id: I729fe39bcbe0a0cae237e9036ed8fa980f897e68
Co-Authored-By: James E. Blair <jeblair@redhat.com>
Task: #29705
This is part of the work to upgrade our afs nodes to xenial. We will run
on puppet tests on xenial against the afs node defs.
Change-Id: Ifcfc2d33d600ad8630408c0080a3bde02df3167a
We have replaced health.openstack.org with health01.openstack.org
(CNAMEd to by health.openstack.org). Remove reference to the old server.
Note that this updates references to health01.openstack.org to use the
full openstack.org to make it clear that this is not an opendev service.
Change-Id: Ifa21dc4a82258974857da2a843f67c5234736c47
This is necessary for the proper group lookup of heira data to happen
from the puppet side of the config. The ansible side is already
configured properly via inventory/groups.yaml.
Change-Id: I8ceb6733c2052a7cf29a344a12ab7312e8739191
We set the health service's api vhost hostname to 'health.openstack.org'
explicitly so that we can boot health01.opendev.org which is not where
we'll serve the content from.
Change-Id: Ic39fc51d9367219629e0947d2d20ba0b8c93e5e2
This change will convert kdc03 to a master from a hot standby and will
remove kdc01 from management.
Cutover plan:
Disable kdc01 in ansible emergeny file
Stop run-kprop cron on kdc01
Stop kadmind on kdc01
Execute run-kprop.sh on kdc01
Merge this change
Wait for puppet to convert kdc03 to the master
Confirm that run-kprop works from kdc03 to kdc04
Update dns records as documented in our kerberos docs
Test kadmin works
Delete old kdc01 server
Change-Id: Ib14b11fa1f0a6bc11b0f615ce5b6f6be214b5629
This new Xenial server is being added as a kerberos standby node but
will be used to replace kdc01 as the master once fully configured and
happy as a standby. This replaces the old trusty server.
Note that the server wasn't added to opendev.org as we don't have a
kerberos realm for that domain so that would be a separate activity for
the future.
Change-Id: I4cc5fcd7504c98a7bcd9dc4f2ad57bb5bf8b54bd
Update the docs, test flags, cacti entries, and inventory for our new
pbx server. We have replaced the old Trusty node with a Xenial node.
Change-Id: Ifb1e156afbcb38474cbc9f0bc78ae45fdd74444b
Now that both staging and production storyboard servers are running
on enumerated Xenial servers in opendev.org, remove the old
inventory entry for the production server, clear out testing hints
for trusty and tighten up the inventory globs and node regular
expressions accordingly. Also get them swapped into cacti in place
of the old production server entry.
Change-Id: I5e66abb95751f69a337434e08d09dcc3b107e123
This sets our testing to test pbx manifest on xenial and adds a hiera
group called pbx to the servers so we can properly do servernames with
digits and have common config in hiera.
Change-Id: I8c3096d18fe318c6ca206203de0ac984c8934566
Puppet4 is a lot more picky about scoping of variables. In our hiera
lookups we rely on the $group var to specify where to find hiera data
files, but this group var is set on a per node basis. This means that
top level hiera lookups produce warnings like:
Undefined variable 'group';
(file & line not available)
And lookups will break if they need keys in the group/node specific data
files.
Avoid this problem entirely by removing top level lookups. We only had
one for our elasticsearch_nodes var which we can easily set statically
in site.pp and not rely on hiera for.
Change-Id: Ifa3740f0f31c3fa9a2d8faa355101d3a5671afff
The current OpenStackID servers have hostnames matching the names of
their Web site vhosts in Apache. Their replacements will have
different hostnames/server instance names but should retain their
original Web site identities. To facilitate this, explicitly pass in
the expected hostnames for the corresponding class parameters which
normally default to $::fqdn in the puppet-openstackid module.
Change-Id: I395626ee11e287dac5766f4027a067e2c918a9ed
Skopeo can be used to easily (and without a docker daemon running)
copy images between docker registries. Install it on the executors
so that we can use it to move images between the intermediate
registry and buildset registries.
Change-Id: I1f00d24e6f6d9c02dce987e5d01644d97632eb92