17d6727d42
On old system, the SELinux context parameter for mounted volume might raise an issue, for example if the storage is located on NFS and on the system is old podman installed. Change-Id: I882e571776c173bdf135837ef1fe63b2b5e6c33b
58 lines
1.7 KiB
YAML
58 lines
1.7 KiB
YAML
---
|
|
- name: Configure ci-log-processing services
|
|
hosts: localhost
|
|
become: true
|
|
vars:
|
|
# logscraper and logsender
|
|
tenant_builds:
|
|
- tenant: openstack
|
|
zuul_api_url:
|
|
- https://zuul.opendev.org/api/tenant/openstack
|
|
download: true
|
|
download_dir: /mnt/logscraper/openstack
|
|
es_username: logstash
|
|
# NOTE: password will be provided on the host until
|
|
# it is not automatized.
|
|
es_password: "mypassword"
|
|
es_host: opensearch.logs.openstack.org
|
|
es_port: 443
|
|
es_insecure: false
|
|
es_index_prefix: 'logstash-logs-'
|
|
max_skipped: 1000
|
|
logscraper_workers: 4
|
|
logsender_workers: 10
|
|
logsender_wait_time: 10
|
|
skip_debug: true
|
|
performance_index_prefix: "performance-"
|
|
subunit_index_prefix: "subunit-"
|
|
monitoring_port: 9128
|
|
selinux_context: "z"
|
|
roles:
|
|
- logscraper
|
|
- logsender
|
|
tasks:
|
|
- name: Install firewalld package
|
|
yum:
|
|
name: firewalld
|
|
state: present
|
|
|
|
- name: Start and enable firewalld service
|
|
service:
|
|
name: firewalld
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Expose Prometheus node exporter metrics for softwarefactory-project.io
|
|
firewalld:
|
|
rich_rule: 'rule family=ipv4 source address=38.102.83.250/32 port port=9100 protocol=tcp accept'
|
|
state: enabled
|
|
permanent: true
|
|
immediate: true
|
|
|
|
- name: Expose Prometheus Logscraper exporter metrics for softwarefactory-project.io
|
|
firewalld:
|
|
rich_rule: 'rule family=ipv4 source address=38.102.83.250/32 port port=9128 protocol=tcp accept'
|
|
state: enabled
|
|
permanent: true
|
|
immediate: true
|