opendev
/
system-config
Code Issues Proposed changes
system-config/playbooks/roles
History
Jeremy Stanley ab50b54169 Limit connections for static site Apache workers 
We've noticed that our static sites will semi-regularly have
problems due to stale SSL certs served by Apache workers which
predate the latest certificate replacement and haven't terminated
(graceful restart only ends the running workers once they have no
remaining connections). Limit the impact of this by recycling
workers automatically after a reasonable (large) number of
connections.

This implementation is shamelessly stolen from that used in
Ic377f48d1a5a3eecbcb183327c9255134c4364ab for our mirror sites.

Change-Id: I2e5c0bdf012184ebbfccb086b967008bf12582ab
Co-Authored-By: Clark Boylan <clark.boylan@gmail.com>
 		2020-06-23 20:41:31 +00:00
..
accessbot Split eavesdrop into its own playbook 2020-04-23 14:34:28 -05:00
afs-release Add a new docs.airshipit.org vhost on static01 2020-03-20 19:09:13 +00:00
afsmon afsmon: install python3-pip 2020-02-12 16:39:11 +11:00
backup Update bup excludes for zuul-scheduler 2020-05-07 08:44:58 -07:00
backup-server Exclude disabled group from backup-server loop 2020-04-11 14:53:20 -05:00
base Run iptables in service playbooks instead of base 2020-06-04 07:44:22 -05:00
configure-kubectl Configure .kube/config on bridge 2019-02-06 15:43:19 -08:00
configure-openstacksdk Manage clouds.yaml files in ansible 2018-09-04 08:49:00 -07:00
disable-puppet-agent Stop running mcollective 2020-05-05 15:00:04 -05:00
edit-secrets-script Add edit-secrets script to bridge.o.o 2019-02-27 08:45:11 -08:00
etherpad Fix rooted path to docker-compose 2020-04-22 14:09:46 -07:00
gerrit Make a review-test that we run ansible on 2020-06-15 13:32:05 -05:00
gitea Cron module wants strings 2020-04-25 11:59:29 -05:00
gitea-git-repos Use project-config from zuul instead of direct clones 2020-04-15 12:29:33 -05:00
haproxy Install docker-compose from pypi 2020-04-16 12:08:00 -07:00
install-ansible Make disable-ansible fancier 2020-06-15 16:14:34 -07:00
install-ansible-roles Only install ansible roles once per run 2020-05-23 08:58:48 -05:00
install-apt-repo Vendor the apt repo gpg keys used for Zuul 2020-05-20 13:17:09 -07:00
install-certcheck Generate ssl check list directly from letsencrypt variables 2020-05-20 14:27:14 +10:00
install-docker install-docker: remove arch match 2020-04-30 08:38:41 +10:00
install-kubectl Remove snap cleanup tasks 2020-04-16 12:45:36 -05:00
install-osc-container Use openstackclient from container 2020-04-23 07:46:28 -05:00
install-podman Run a gerrit container on review-dev01 2019-10-29 08:29:17 +09:00
iptables Run iptables in service playbooks instead of base 2020-06-04 07:44:22 -05:00
jitsi-meet Merge "Indicate firefox is suboptimal in meetpad" 2020-06-03 17:48:46 +00:00
letsencrypt-acme-sh-install ansible-lint : disable 503 2020-03-06 09:57:00 +11:00
letsencrypt-config-certcheck Generate ssl check list directly from letsencrypt variables 2020-05-20 14:27:14 +10:00
letsencrypt-create-certs Restart apache on graphite when LE updates certs 2020-06-03 09:51:23 -07:00
letsencrypt-install-txt-record Handle offline hosts in LE role 2020-01-08 10:21:53 -08:00
letsencrypt-request-certs Generate ssl check list directly from letsencrypt variables 2020-05-20 14:27:14 +10:00
logrotate logrotate: better rotation options 2019-10-01 09:00:53 +10:00
master-nameserver Don't log the public loop on master-nameserver 2020-04-08 16:38:15 -05:00
mirror Listen on Quay Registry Mirror Ports 2020-05-19 16:47:51 -07:00
mirror-update mirror-update: restore -t to rsync commands 2020-06-19 12:27:46 +10:00
nameserver Remove zonefile from nsd config 2019-04-02 13:20:01 +11:00
nodepool-base Merge "Zookeeper: listen on plain and TLS ports" 2020-06-19 22:12:21 +00:00
nodepool-base-legacy Add initial Ansible for nodepool hosts 2020-03-06 14:02:52 +11:00
nodepool-builder Add stop and start playbooks for nodepool 2020-06-16 15:48:47 -05:00
nodepool-launcher Add stop and start playbooks for nodepool 2020-06-16 15:48:47 -05:00
pip3 Install pip3 for docker-compose installation 2020-04-17 13:28:03 -07:00
rax-dns-backup rax-dns-backup: fix copy file typo 2020-06-17 09:29:11 +10:00
registry Install docker-compose from pypi 2020-04-16 12:08:00 -07:00
root-keys roles: Add README.rst and lint 2018-08-23 21:34:42 +10:00
run-puppet Don't install puppet modules when we don't need them 2020-06-15 14:35:41 -05:00
static Limit connections for static site Apache workers 2020-06-23 20:41:31 +00:00
sync-project-config Stop logging the rsync of puppet 2020-04-30 16:11:42 -05:00
vos-release Add missing newline in vos_release.sudo 2019-11-21 19:08:30 +00:00
zk-ca Zookeeper: listen on plain and TLS ports 2020-06-17 10:38:59 -07:00
zookeeper Zookeeper: listen on plain and TLS ports 2020-06-17 10:38:59 -07:00
zuul Zookeeper: listen on plain and TLS ports 2020-06-17 10:38:59 -07:00
zuul-executor Merge "Fix whitespace in zuul-executor PPAs" 2020-05-26 17:25:40 +00:00
zuul-merger Fix a few missing zuul_user usages 2020-05-23 09:05:16 -05:00
zuul-preview Install docker-compose from pypi 2020-04-16 12:08:00 -07:00
zuul-scheduler Fix a few missing zuul_user usages 2020-05-23 09:05:16 -05:00
zuul-status-backup Add --fail flag to zuul status backup curl 2020-04-28 08:33:05 -05:00
zuul-user Split eavesdrop into its own playbook 2020-04-23 14:34:28 -05:00
zuul-web Run Zuul as the zuuld user 2020-05-20 13:17:28 -07:00
set-hostname Split eavesdrop into its own playbook 2020-04-23 14:34:28 -05:00