Verify that wheels are built while running against multiple hosts
Infra team has reported that OSA deployments use to DDoS gitea. During some investigation we discovered that the potential workflow that lead to DDoS was incorrect order during upgrade, when compute nodes were upgraded before controllers and thus each compute node was independently pulling same repos as no repo server was available to this specific OS version. Based on that we're implementing check that allows such behaviour only if it's performed in a serial manner. Undocumented variable `venv_wheel_build_skip_check` is added for cases when local repos are used for service deployment and limitation should not be applicable. Change-Id: I54b2d4bdf6d101cc72c92be196962902a6138757
This commit is contained in:
parent
b59fd648c2
commit
de731e7f9e
|
@ -22,6 +22,26 @@
|
|||
tags:
|
||||
- always
|
||||
|
||||
# NOTE(noonedeadpunk): If you are deploying services from local forks high load on which is not
|
||||
# an issue for you, you can disable this with `venv_wheel_build_skip_check: true`
|
||||
- name: Fail if wheels are not built for multiple hosts
|
||||
fail:
|
||||
msg: >-
|
||||
You are not building wheels while running role against multiple hosts.
|
||||
This might result in DOS-ing OpenDev infrustructure servers.
|
||||
In order to proceed, please ensure that you have repo servers
|
||||
for selected OS version and architecture.
|
||||
If you want to avoid building wheel on purpose, ensure that you run
|
||||
playbook in serial manner.
|
||||
In case of causing unreasonable load on the opendev.org git servers,
|
||||
your access may be blocked to protect other users and the OpenDev CI
|
||||
infrastructure which are reliant on this service.
|
||||
Found venv_build_targets: {{ venv_build_targets }}
|
||||
when:
|
||||
- venv_wheel_build_enable | bool
|
||||
- ansible_play_batch | length > 2
|
||||
- not (venv_wheel_build_skip_check | default(False))
|
||||
|
||||
- include_tasks: "python_venv_wheel_build.yml"
|
||||
args:
|
||||
apply:
|
||||
|
|
Loading…
Reference in New Issue