1194 Commits

Author SHA1 Message Date
Clark Boylan
bf1a15b4e6 Add translate ansible group
This was missed as part of the earlier translate upgrade change. With
switch to digitized host names we also want to group those hosts
together in hiera and ansible. Make that change here.

Change-Id: I6d25b35efbf0b43bd63a8ff9e217b68663575c75
2017-02-27 11:03:27 -08:00
Clark Boylan
f2b6333603 Add puppetry for translate01 xenialing
This is part of the Zanata upgrade process. We will be deploying new
Zanata to translate01.openstack.org so add node def in site.pp to
support that. This keeps the old translate.o.o def too so that it is
left alone untouched.

Note that this also adds code to pass through wildlfy's install URL and
fixes the specification of the wildfly version number. I think the
version number var being wrong was not a problem for us because the
wildfly installation only runs if there is no installation dir in place.

Change-Id: I4b6ababcc34e2464cf6a824e92a1c146d553dcaf
2017-02-27 09:09:48 -08:00
Paul Belanger
9f3d2a19a2 Remove SSH public key from nl01.o.o
We don't need this for nodepool-launcher, as image builds now happen
on nodepool-builder (nb01.o.o / nb02.o.o).

Change-Id: I1318805b466be9416f162280766da14b08998df5
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-02-21 08:37:16 -05:00
Jenkins
04db9abf14 Merge "Use gerrit_zuul_user_ssh_key_contents for zuulv3-dev.o.o" 2017-02-21 13:30:13 +00:00
Jenkins
6314bb6ed6 Merge "Add nodepool SSH private key to nl01.o.o" 2017-02-21 13:29:19 +00:00
Paul Belanger
4b08bbc07f Use gerrit_zuul_user_ssh_key_contents for zuulv3-dev.o.o
We need to change our the private SSH key for gerrit, since we are
using a different user the zuul.o.o.

Change-Id: I3d93fa70e8d5b6830d14cb891aa19de6b4e63efa
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-02-20 16:24:29 -05:00
Paul Belanger
73ffdbeb1d Add zuulv3-dev.o.o to zookeeper firewall port
We need to allow zuulv3-dev.o.o access to nodepool.o.o zookeeper
instance.

Change-Id: I9be72511f245282b2261e25ad907f8b258947373
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-02-20 14:58:38 -05:00
Paul Belanger
bc6f0be3d2 Add nodepool SSH private key to nl01.o.o
Change-Id: Ifee0499809f7dbde0c9f82518adb39042191ec3f
Depends-On: I148af66c52d515c030c3618b7d276febe97e5b57
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-02-20 13:57:28 -05:00
Joshua Hesketh
a1f4fe67f0 Add nl01 to statsd firewall
Allow nl01 to send statsd to graphite.o.o

Change-Id: Idce34ef971933cf7fa13251294cef0c0a0bb3b43
2017-02-20 11:52:08 -05:00
Jenkins
9cf7c2bbcf Merge "Add Node-OS: trusty for zuulv3-dev.o.o" 2017-02-16 21:12:47 +00:00
Jenkins
834d3afac1 Merge "Allow nl01.o.o to access zookeeper" 2017-02-16 21:02:06 +00:00
Paul Belanger
eeca2ebb50 Add Node-OS: trusty for zuulv3-dev.o.o
Surprisingly our previous patch wasn't actually tested in the gate.
Enable that logic and fix syntax issues.

Change-Id: I5dd98ab0b75fd5f31ed80b8fe0bcc0bd11e4352d
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-02-16 15:50:41 -05:00
Paul Belanger
c3324f1d62 Add zuulv3-dev.openstack.org server
This is needed for our zuulv3 effort durning the atlanta PTG event. We
don't expect this server to be moved into production at this time.

Currently, we are missing zuul-launcher and zuul-scheduler support, which
will be added in a follow up patch.

Change-Id: I97a3ffd168679562edd2f89c572c185d94b44255
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-02-16 12:15:52 -05:00
Paul Belanger
ea040e2ccc Allow nl01.o.o to access zookeeper
Open the firewall on nodepool.o.o allowing nl01.o.o access to
zookeeper.

Change-Id: I67c5d6755784859a9d55598e15e5d7cc5dc0aeb2
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-02-15 18:00:17 -05:00
Jenkins
432ab99180 Merge "Add nl01.openstack.org server" 2017-02-15 21:41:47 +00:00
Paul Belanger
707d7fddcd Add nl01.openstack.org server
Stand up a server we'll be using for nodepool (zuulv3) testing.

We'll be using this for the Atlanta PTG with the goal of moving it
into production when our feature/zuulv3 branch is merged into master
for nodepool.

Change-Id: I7a3edb871510d1000a9bbf06944551d4b272ac8d
Depends-On: I29e661e38e9a2a56a01a1c30f1dc1eae97a4de7b
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-02-09 16:06:25 -05:00
Paul Belanger
ab30c8d249 Break out openstack_project::server from zuul_prod.pp
Change-Id: I1a38a283ed0fe06d51a57b3c43ca708978132255
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-02-07 15:21:48 -05:00
Paul Belanger
f13efacb5f Break out openstack_project::server from zuul_dev.pp
Change-Id: I255decdcc4ef4ca460248090bc9f52613248b065
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-02-07 14:51:18 -05:00
Paul Belanger
79523f0204 Break out openstack_project::server from zuul_merger.pp
This should be setup in site.pp, like all our other nodes.

Change-Id: I790f59d870ac70340bc43b9ebf53f6ce93fd5f46
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-02-07 14:25:21 -05:00
Jeremy Stanley
b964f20cd2 Correct hiera keys for docs/developer certs
Use the correct hiera key names for the HTTPS cert/chain/key file
contents used by the developer.openstack.org and docs.openstack.org
sites.

Change-Id: I84f790bf132c81678836e84b2f89bdb01ed71f73
2017-01-26 21:00:55 +00:00
James E. Blair
12aa4163cc Open port 443 on files01.openstack.org
Also, remove port 22 from the list of public tcp ports that need
opening -- that's implied and not necessary.

Change-Id: Ief17a2eab3330b2c4b85bc252b8af55cdd99980f
2017-01-26 11:48:22 -08:00
Jeremy Stanley
2be925f8e9 Add HTTPS to developer and docs.openstack.org
Add X.509 certificates, certificate chains and private keys for
https://developer.openstack.org/ and https://docs.openstack.org/
separately using SNI (as the list grows we can consider condensing
these into a single cert using ServerAltNames later).

Change-Id: Ia365be3363b611e5ee3b6dceb38ec311456466ec
2017-01-25 23:32:10 +00:00
Clark Boylan
5700271dd5 Deploy simple ethercalc server
This is a simple first deployment of an ethercalc service. It does not
come with authenticated redis or redis backups. It will however have
working ssl.

Change-Id: I8c434a6bff42bce75e67fb37665d213f3cc018c8
Depends-On: Id10247211d9643e81bb1b6e8fb67377ba6de873a
2017-01-25 10:23:07 -08:00
Paul Belanger
c4d76f9d66 Add support for fedora-25 for puppet apply tests
This also removes fedora-23 support, which was removed a while back.

Change-Id: I5a73ba63967feb29881652c734f0014c7ff8f446
Depends-On: I8142c3b4e5517f197b6fb47c8cc98f3759516a02
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-01-13 16:33:50 -05:00
Jenkins
9b83ae3e53 Merge "Add Fedora mirror to AFS" 2017-01-11 20:36:42 +00:00
Paul Belanger
a953d095ca Add Fedora mirror to AFS
This has been on my list for some time, since we run fedora jobs in
the gate, we should also mirror this infra too.

Change-Id: I523bf263b5f9455ee51a712fc97cde3f8daeba80
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-01-11 11:21:44 -05:00
James E. Blair
ca197ce0e9 Fix syntax error in afsdb01 site defn
Change-Id: I33cdaed6363ebb73ee00cd1403363df75d09d54b
2017-01-06 15:18:02 -08:00
Jenkins
865302cfd3 Merge "Add a cron job to release AFS volumes" 2017-01-06 22:05:00 +00:00
Jenkins
061c04397b Merge "Added Gem Mirror to Infra" 2016-12-23 15:01:22 +00:00
James E. Blair
3fc724a675 Add a cron job to release AFS volumes
Every 5 minutes, check to see if the docs volumes have been updated,
and if so, release them.  This means we can serve the docs volumes
from replicated read-only volumes with only a 5 minute delay.

Since this does not coordinate with the docs publishing jobs, we
may end up releasing partial updates, however, those jobs, since they
use rsync, should tolerate this.

Change-Id: I082ae6f37af9a6e12ad62b0cc4cb45e631a0935b
2016-12-19 18:53:26 +01:00
James E. Blair
72b64418e2 Remove statusbot_accessbot_nick
This was and should have remained $accessbot_nick, but was inadvertently
changed in I62c767eeab472ac79bf18ba0177ed80b08dbf8fa.

Change-Id: If65833b2ebd15be7c7f002c20e466e095a886334
2016-12-14 14:04:28 -08:00
Emilien Macchi
8829fc8a69 Added Gem Mirror to Infra
This patch adds a static, read-only gem mirror to openstack-infra's regional
mirrors under the /gem path.

Change-Id: I2f67fe01d32c4472ff56862b9dc25b9915a695c0
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2016-12-13 20:16:19 -05:00
James E. Blair
110f587015 Switch nodepool and builder to master branch
We have merged the zuulv3 branch into master; resume running from
master on the production servers.

Change-Id: Ia514f70ead458819ceba065e89c83dbddd99b781
2016-12-13 15:41:55 -08:00
James E. Blair
64bbcf80d7 Switch nodepool to zuulv3
Change-Id: Icc6da35c13416fa72d79f5ad3fb3d8d4f7da6e03
2016-12-09 09:34:59 -08:00
Jenkins
d657ed9e31 Merge "Switch translate-dev to use openstackid" 2016-12-07 13:00:31 +00:00
David Shrewsbury
2824de2c85 Add nb02.o.o for zuulv3 testing
Change-Id: I7d07e271250f549ffa2fb038792140592423f1df
2016-12-06 09:52:06 -05:00
Jenkins
67a183dd80 Merge "Add a test node for puppet-openstackci/single-node-ci" 2016-12-02 17:16:12 +00:00
Ramy Asselin
14c2c3a57c Add a test node for puppet-openstackci/single-node-ci
Ensure changes to single-node-ci dependencies are always
co-installable.

Change-Id: I6638bc477a63f1da8fc70dc048691d1667e8319f
2016-11-30 09:35:10 -08:00
Jenkins
c557228f5f Merge "Update node (apps-dev.openstack.org) deployment instructions" 2016-11-30 16:18:58 +00:00
Jenkins
57657035e3 Merge "Updated OpenstackId Dev configuration to use LV 5.x" 2016-11-30 16:04:10 +00:00
Sebastian Marcet
2c0f542ba3 Updated OpenstackId Dev configuration to use LV 5.x
updated puppet settings for https://openstackid-dev.openstack.org/
in order to start using LV 5.x
https://review.openstack.org/#/c/305521/

Change-Id: I809aa5bb4357ce7014b27497db2f4feb7952c9db
2016-11-29 15:06:52 -03:00
Paul Belanger
8dbbc9edef Add SSH public key to nodepool-builder
Since we use DIB elements to create our zuul user, we also need to
have our SSH public key on disk. Other wise, diskimage builds will
fail.

Change-Id: I9dec17fe8937eca363cafb636cb2dd4359e5edc2
Depends-On: Ic80f2337d42ea228496b4dafcf32303fbc2ef3e5
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2016-11-29 11:19:45 -05:00
Paul Belanger
fa6e3c8625 Add iptables rule for zookeeper on nodepool.o.o
We need to allow access to zookeeper from nb01.o.o.

Change-Id: I03fb205544fb27253c6227823858ed92cea9b258
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2016-11-28 21:48:11 -05:00
Ivan Udovichenko
48f2970112 Update node (apps-dev.openstack.org) deployment instructions
Previous solution does not work as expected.
In this change we explicitly provide order and
instructions in which the services should be
configured and started up.

Also we do not use HTTPS, 80/tcp open port
should suffice.

Change-Id: I3735a7930610a9fac48e676ca18914f48372474b
Depends-On: I6e07f99a69b8beedac49edd1cf8f551ebb5c569d
2016-11-25 20:42:04 +03:00
James E. Blair
038a2bbdf3 Fix nodepool builder branch name
Change-Id: I0c5bfcd24a53d41c8d6f96c40dee529f99d62323
2016-11-23 12:51:55 -08:00
James E. Blair
f5d625ac6b Add nodepool hiera group
Also sort the groups.

Change-Id: I6c8718894c065549d5dfb37dae26a9c157c9cb09
2016-11-23 11:29:12 -08:00
James E. Blair
492db28ea7 Add nodepool builder nodes
This supports our first independent nodepool builder server.  It
will run the zuulv3 branch in parallel with the current master/
production branch to start.

Change-Id: Ic2fe4c6ac66cdeed909dd0aba35f233b61e270b1
Depends-On: I9d45d1e0ab2bcacdf9609329b88e7de45f827f74
2016-11-23 09:35:29 -08:00
Ian Y. Choi
94f65cc37a Switch translate-dev to use openstackid
Switch to openstackid instead of openstackid-dev system
so that upgrades of newer Zanata can get tested by translators

Implements: blueprint ocata-zanata-upgrade
Change-Id: Ia88529e2dd5e8b375a5870ee23aabaeb58ea77fe
2016-11-23 20:04:42 +09:00
Clark Boylan
b70423228d Allow for many translate-dev servers
As part of the work to redeploy Zanata on Xenial for newer Java lets
modernize the deployment a bit and allow for arbitrary numbered servers.

Change-Id: Iee1192fc4e4798ccbeb9bad98a53fb3896d02a5c
2016-11-18 15:10:01 -08:00
Ian Wienand
67fef047ca Correct global site manifest for pholio puppet
Remove a stray ')' and correct an incorrectly named httpd_vhost
parameter for the pholio node pattern in the global site manifest.

Also fix missing space that caused tests not to run.

Change-Id: I64711ca5b58160c50a6bde3985d2d366652a9022
2016-11-16 21:50:31 +00:00