This is the first step of the new getfedora / fedoraproject replacement in prod. Here's the plan:
- removes fedoraproject.org redirects to getfedora.org.
- Provisions s3 storage on OCP.
- Deploys buildconfig / deployment on OCP to build the new website and push to s3.
- Installs s3cmd on proxies (used to sync s3 storage)
- Deploys the sync script with previously created s3 credentials.
- Profit
Then, on release day, we will create a redirect from getfedora.org (old) to fedoraproject.org (new).
I'll send a PR for that part later.
This is a 3 steps deployment:
Openshift part
First, we need to run the Openshift playbook (playbooks/openshift-apps/websites.yml) and wait for the s3 bucket to be created (usually takes ~2 minutes)
Then, we can retrieve the created S3 credentials and save them in /srv/private.
There are 3 values to fetch:
- AWS_SECRET_ACCESS_KEY
- AWS_ACCESS_KEY_ID
- BUCKET_NAME
The first two are stored in a secret and the third one in a configmap. They are both named fedoraproject-s3.
That's where all the fun begins :)
stg part, for references: https://pagure.io/fedora-infra/ansible/pull-request/1264
This is the first step of the new getfedora / fedoraproject replacement in prod. Here's the plan:
- removes fedoraproject.org redirects to getfedora.org.
- Provisions s3 storage on OCP.
- Deploys buildconfig / deployment on OCP to build the new website and push to s3.
- Installs s3cmd on proxies (used to sync s3 storage)
- Deploys the sync script with previously created s3 credentials.
- Profit
Then, on release day, we will create a redirect from getfedora.org (old) to fedoraproject.org (new).
I'll send a PR for that part later.
This is a 3 steps deployment:
Openshift part
First, we need to run the Openshift playbook (
playbooks/openshift-apps/websites.yml
) and wait for the s3 bucket to be created (usually takes ~2 minutes)Then, we can retrieve the created S3 credentials and save them in
/srv/private
.There are 3 values to fetch:
- AWS_SECRET_ACCESS_KEY
- AWS_ACCESS_KEY_ID
- BUCKET_NAME
The first two are stored in a secret and the third one in a configmap. They are both named
fedoraproject-s3
.The expected private vars file name is
/srv/private/ansible/files/websites/s3_fedoraproject_prod.yml
with the following variables in it:Cleaning old redirects
A few files need to be manually removed on proxies to take care of the previous fedoraproject -> getfedora redirects:
or you could just drop the whole
/etc/httpd/conf.d/fedoraproject.org
directory and the playbook will recreate everything.Proxies part
Now that everything is in place, we can run the proxies playbook (
playbooks/groups/proxies.yml
).As usual, I'll be around on irc if anything goes south :)