490df68885
Although we only have adns01, for testing purposes it would be handy to have another adns server in testinfra (this way, we can write tests for letsencrypt paths that don't try and execute on the existing dns testing paths). Change-Id: Ie1968660c110bdb626df637f182f1f39598e59ac
94 lines
2.4 KiB
YAML
94 lines
2.4 KiB
YAML
- hosts: "!disabled"
|
|
name: "Base: set up users and base package repositories on all hosts"
|
|
roles:
|
|
- users
|
|
- base-repos
|
|
|
|
# Run base-server seperately so that the update apt cache handler in base-repos
|
|
# fires before we run base-server
|
|
- hosts: "!disabled"
|
|
name: "Base: set up common environment on all hosts"
|
|
roles:
|
|
- base-server
|
|
- timezone
|
|
- unbound
|
|
- exim
|
|
|
|
# Do not run firewall rules on kubernetes hosts, they are managed by k8s-on-openstack.
|
|
# TODO(mordred) snmpd should be able to be re-added to kubernetes hosts but we will
|
|
# need to add cacti to sg-opendev-nodes and sg-opendev-master security groups first.
|
|
- hosts: "!disabled:!kubernetes"
|
|
name: "Base: set up firewall rules"
|
|
roles:
|
|
- snmpd
|
|
- iptables
|
|
|
|
- hosts: bridge.openstack.org:!disabled
|
|
name: "Base: configure cloud credentials on bridge"
|
|
roles:
|
|
- install-kubectl
|
|
- configure-kubectl
|
|
tasks:
|
|
- include_role:
|
|
name: configure-openstacksdk
|
|
vars:
|
|
openstacksdk_config_file: '{{ openstacksdk_config_dir }}/all-clouds.yaml'
|
|
openstacksdk_config_template: clouds/bridge_all_clouds.yaml.j2
|
|
- include_role:
|
|
name: configure-openstacksdk
|
|
vars:
|
|
openstacksdk_config_template: clouds/bridge_clouds.yaml.j2
|
|
|
|
- hosts: nodepool-launcher:nodepool-builder:!disabled
|
|
name: "Base: configure OpenStackSDK on nodepool"
|
|
strategy: free
|
|
roles:
|
|
- minimal-nodepool
|
|
- configure-openstacksdk
|
|
- configure-kubectl
|
|
|
|
- hosts: "puppet:!disabled"
|
|
name: "Base: install and configure puppet on puppet hosts"
|
|
roles:
|
|
- puppet-install
|
|
- disable-puppet-agent
|
|
|
|
- hosts: adns:!disabled
|
|
name: "Base: configure adns server"
|
|
roles:
|
|
- master-nameserver
|
|
|
|
- hosts: "ns1.opendev.org:ns2.opendev.org:!disabled"
|
|
name: "Base: configure authoritative nameservers"
|
|
roles:
|
|
- nameserver
|
|
|
|
- hosts: "docker:!disabled"
|
|
name: "Base: install and configure docker on docker hosts"
|
|
roles:
|
|
- install-docker
|
|
|
|
- hosts: "registry:!disabled"
|
|
name: "Base: configure registry"
|
|
roles:
|
|
- install-docker
|
|
- registry
|
|
|
|
- hosts: "gitea:!disabled"
|
|
name: "Base: configure gitea"
|
|
roles:
|
|
- install-docker
|
|
- gitea
|
|
|
|
- hosts: "gitea-lb:!disabled"
|
|
name: "Base: configure gitea load balancer"
|
|
roles:
|
|
- install-docker
|
|
- haproxy
|
|
|
|
- hosts: "zuul-preview:!disabled"
|
|
name: "Base: configure zuul-preview"
|
|
roles:
|
|
- install-docker
|
|
- zuul-preview
|