#765 metrics-for-apps: Adding inventory/groupvars/changes for ocp prod
Merged 8 months ago by dkirwan. Opened 9 months ago by dkirwan.
fedora-infra/ dkirwan/ansible main  into  main

@@ -275,6 +275,12 @@ 

  os_wildcard_key_file: wildcard-2021.app.os.fedoraproject.org.key

  os_wildcard_int_file: wildcard-2021.app.os.fedoraproject.org.intermediate.cert

  

+ # This is the openshift wildcard cert for ocp

+ ocp_wildcard_cert_name: wildcard-2021.apps.ocp.fedoraproject.org

+ ocp_wildcard_cert_file: wildcard-2021.apps.ocp.fedoraproject.org.cert

+ ocp_wildcard_key_file: wildcard-2021.apps.ocp.fedoraproject.org.key

+ ocp_wildcard_int_file: wildcard-2021.apps.ocp.fedoraproject.org.intermediate.cert

+ 

  # Everywhere, always, we should sign messages and validate signatures.

  # However, we allow individual hosts and groups to override this.  Use this very

  # carefully.. and never in production (good for testing stuff in staging).

@@ -0,0 +1,8 @@ 

+ ---

+ rhcos_version: 4.8.2

+ ocp4: true

+ vpn: false

+ nagios_Check_Services:

+   swap: false

+   nrpe: false

+   mail: false

@@ -124,3 +124,14 @@ 

  - os-node01.vpn.fedoraproject.org

  - os-node02.vpn.fedoraproject.org

  - os-node03.vpn.fedoraproject.org

+ 

+ ocp_masters:

+ - bootstrap.ocp.iad2.fedoraproject.org

+ - ocp01.ocp.iad2.fedoraproject.org

+ - ocp02.ocp.iad2.fedoraproject.org

+ - ocp03.ocp.iad2.fedoraproject.org

+ 

+ ocp_nodes:

+ - worker01.ocp.iad2.fedoraproject.org

+ - worker02.ocp.iad2.fedoraproject.org

+ - worker03.ocp.iad2.fedoraproject.org

@@ -121,13 +121,13 @@ 

  - os-node03.stg.iad2.fedoraproject.org

  - os-node04.stg.iad2.fedoraproject.org

  

- ocp_masters:

+ ocp_masters_stg:

  # - bootstrap.ocp.stg.iad2.fedoraproject.org

  - ocp01.ocp.stg.iad2.fedoraproject.org

  - ocp02.ocp.stg.iad2.fedoraproject.org

  - ocp03.ocp.stg.iad2.fedoraproject.org

  

- ocp_nodes:

+ ocp_nodes_stg:

  - worker01.ocp.stg.iad2.fedoraproject.org

  - worker02.ocp.stg.iad2.fedoraproject.org

  - worker03.ocp.stg.iad2.fedoraproject.org

@@ -0,0 +1,60 @@ 

+ ---

+ freezes: false

+ 

+ datacenter: iad2

+ 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org,

+ volgroup: /dev/vg_guests

+ lvm_size: 120g

+ mem_size: 16384

+ max_mem_size: 16384

+ num_cpus: 4

+ 

+ dns1: 10.3.163.33

+ dns2: 10.3.163.34

+ 

+ dns_search1: "iad2.fedoraproject.org"

+ dns_search3: "fedoraproject.org"

+ 

+ has_ipv4: yes

+ eth0_ipv4: 10.3.163.126

+ eth0_ipv4_nm: 24

+ eth0_ipv4_gw: 10.3.163.254

+ eth0_ip: "{{eth0_ipv4}}"

+ nm: 255.255.255.0

+ gw: "{{ eth0_ipv4_gw }}"

+ dns: "{{ dns1 }}"

+ 

+ mac0: "{{ ansible_default_ipv4.macaddress }}"

+ 

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/bootstrap.ign"

+ rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"

+ rhcos_install_url: "http://10.3.163.65/rhcos/"

+ 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"

+ 

+ network_connections:

+   - name: eth0

+     mac: "{{ mac0 }}"

+     state: up

+     type: ethernet

+     autoconnect: yes

+     ip:

+       address:

+       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"

+       gateway4: "{{ eth0_ipv4_gw }}"

+       dns:

+       - "{{ dns1 }}"

+       - "{{ dns2 }}"

+       dns_search:

+       - "{{ dns_search1 }}"

+       - "{{ dns_search2 }}"

+       - "{{ dns_search3 }}"

+       dhcp4: no

+       auto6: no

+ 

+ vpn: true

+ 

+ nrpe_procs_warn: 1200

+ nrpe_procs_crit: 1400

@@ -0,0 +1,60 @@ 

+ ---

+ freezes: false

+ 

+ datacenter: iad2

+ 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org,

+ volgroup: /dev/vg_guests

+ lvm_size: 120g

+ mem_size: 16384

+ max_mem_size: 16384

+ num_cpus: 4

+ 

+ dns1: 10.3.163.33

+ dns2: 10.3.163.34

+ 

+ dns_search1: "iad2.fedoraproject.org"

+ dns_search3: "fedoraproject.org"

+ 

+ has_ipv4: yes

+ eth0_ipv4: 10.3.163.120

+ eth0_ipv4_nm: 24

+ eth0_ipv4_gw: 10.3.163.254

+ eth0_ip: "{{eth0_ipv4}}"

+ nm: 255.255.255.0

+ gw: "{{ eth0_ipv4_gw }}"

+ dns: "{{ dns1 }}"

+ 

+ mac0: "{{ ansible_default_ipv4.macaddress }}"

+ 

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/controlplane.ign"

+ rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"

+ rhcos_install_url: "http://10.3.163.65/rhcos/"

+ 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"

+ 

+ network_connections:

+   - name: eth0

+     mac: "{{ mac0 }}"

+     state: up

+     type: ethernet

+     autoconnect: yes

+     ip:

+       address:

+       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"

+       gateway4: "{{ eth0_ipv4_gw }}"

+       dns:

+       - "{{ dns1 }}"

+       - "{{ dns2 }}"

+       dns_search:

+       - "{{ dns_search1 }}"

+       - "{{ dns_search2 }}"

+       - "{{ dns_search3 }}"

+       dhcp4: no

+       auto6: no

+ 

+ vpn: true

+ 

+ nrpe_procs_warn: 1200

+ nrpe_procs_crit: 1400

@@ -0,0 +1,60 @@ 

+ ---

+ freezes: false

+ 

+ datacenter: iad2

+ 

+ vmhost: vmhost-x86-05.iad2.fedoraproject.org,

+ volgroup: /dev/vg_guests

+ lvm_size: 120g

+ mem_size: 16384

+ max_mem_size: 16384

+ num_cpus: 4

+ 

+ dns1: 10.3.163.33

+ dns2: 10.3.163.34

+ 

+ dns_search1: "iad2.fedoraproject.org"

+ dns_search3: "fedoraproject.org"

+ 

+ has_ipv4: yes

+ eth0_ipv4: 10.3.163.121

+ eth0_ipv4_nm: 24

+ eth0_ipv4_gw: 10.3.163.254

+ eth0_ip: "{{eth0_ipv4}}"

+ nm: 255.255.255.0

+ gw: "{{ eth0_ipv4_gw }}"

+ dns: "{{ dns1 }}"

+ 

+ mac0: "{{ ansible_default_ipv4.macaddress }}"

+ 

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/controlplane.ign"

+ rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"

+ rhcos_install_url: "http://10.3.163.65/rhcos/"

+ 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"

+ 

+ network_connections:

+   - name: eth0

+     mac: "{{ mac0 }}"

+     state: up

+     type: ethernet

+     autoconnect: yes

+     ip:

+       address:

+       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"

+       gateway4: "{{ eth0_ipv4_gw }}"

+       dns:

+       - "{{ dns1 }}"

+       - "{{ dns2 }}"

+       dns_search:

+       - "{{ dns_search1 }}"

+       - "{{ dns_search2 }}"

+       - "{{ dns_search3 }}"

+       dhcp4: no

+       auto6: no

+ 

+ vpn: true

+ 

+ nrpe_procs_warn: 1200

+ nrpe_procs_crit: 1400

@@ -0,0 +1,60 @@ 

+ ---

+ freezes: false

+ 

+ datacenter: iad2

+ 

+ vmhost: vmhost-x86-06.iad2.fedoraproject.org,

+ volgroup: /dev/vg_guests

+ lvm_size: 120g

+ mem_size: 16384

+ max_mem_size: 16384

+ num_cpus: 4

+ 

+ dns1: 10.3.163.33

+ dns2: 10.3.163.34

+ 

+ dns_search1: "iad2.fedoraproject.org"

+ dns_search3: "fedoraproject.org"

+ 

+ has_ipv4: yes

+ eth0_ipv4: 10.3.163.122

+ eth0_ipv4_nm: 24

+ eth0_ipv4_gw: 10.3.163.254

+ eth0_ip: "{{eth0_ipv4}}"

+ nm: 255.255.255.0

+ gw: "{{ eth0_ipv4_gw }}"

+ dns: "{{ dns1 }}"

+ 

+ mac0: "{{ ansible_default_ipv4.macaddress }}"

+ 

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/controlplane.ign"

+ rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"

+ rhcos_install_url: "http://10.3.163.65/rhcos/"

+ 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"

+ 

+ network_connections:

+   - name: eth0

+     mac: "{{ mac0 }}"

+     state: up

+     type: ethernet

+     autoconnect: yes

+     ip:

+       address:

+       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"

+       gateway4: "{{ eth0_ipv4_gw }}"

+       dns:

+       - "{{ dns1 }}"

+       - "{{ dns2 }}"

+       dns_search:

+       - "{{ dns_search1 }}"

+       - "{{ dns_search2 }}"

+       - "{{ dns_search3 }}"

+       dhcp4: no

+       auto6: no

+ 

+ vpn: true

+ 

+ nrpe_procs_warn: 1200

+ nrpe_procs_crit: 1400

@@ -0,0 +1,57 @@ 

+ ---

+ freezes: true

+ 

+ datacenter: iad2

+ 

+ arch: x86_64

+ 

+ dns1: 10.3.163.33

+ dns2: 10.3.163.34

+ 

+ dns_search1: "iad2.fedoraproject.org"

+ dns_search3: "fedoraproject.org"

+ 

+ has_ipv4: yes

+ eth0_ipv4: 10.3.163.123

+ eth0_ipv4_nm: 24

+ eth0_ipv4_gw: 10.3.163.254

+ eth0_ip: "{{eth0_ipv4}}"

+ nm: 255.255.255.0

+ gw: "{{ eth0_ipv4_gw }}"

+ dns: "{{ dns1 }}"

+ 

+ pxe_bootdev: eno34

+ install_dev: /dev/sda

+ mac0: "68:05:CA:CE:A3:C9"

+ 

+ rhcos_install_img_url: "http://10.3.163.165/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"

+ rhcos_install_url: "http://10.3.163.65/rhcos/"

+ rhcos_kernel_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"

+ rhcos_initrd_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/worker.ign"

+ 

+ network_connections:

+   - name: eth0

+     mac: "{{ mac0 }}"

+     state: up

+     type: ethernet

+     autoconnect: yes

+     ip:

+       address:

+       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"

+       gateway4: "{{ eth0_ipv4_gw }}"

+       dns:

+       - "{{ dns1 }}"

+       - "{{ dns2 }}"

+       dns_search:

+       - "{{ dns_search1 }}"

+       - "{{ dns_search2 }}"

+       - "{{ dns_search3 }}"

+       dhcp4: no

+       auto6: no

+ 

+ vpn: true

+ 

+ nrpe_procs_warn: 1200

+ nrpe_procs_crit: 1400

@@ -0,0 +1,57 @@ 

+ ---

+ freezes: true

+ 

+ datacenter: iad2

+ 

+ arch: x86_64

+ 

+ dns1: 10.3.163.33

+ dns2: 10.3.163.34

+ 

+ dns_search1: "iad2.fedoraproject.org"

+ dns_search3: "fedoraproject.org"

+ 

+ has_ipv4: yes

+ eth0_ipv4: 10.3.163.124

+ eth0_ipv4_nm: 24

+ eth0_ipv4_gw: 10.3.163.254

+ eth0_ip: "{{eth0_ipv4}}"

+ nm: 255.255.255.0

+ gw: "{{ eth0_ipv4_gw }}"

+ dns: "{{ dns1 }}"

+ 

+ pxe_bootdev: eno33

+ install_dev: /dev/sda

+ mac0: "68:05:CA:CE:A2:90"

+ 

+ rhcos_install_img_url: "http://10.3.163.165/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"

+ rhcos_install_url: "http://10.3.163.65/rhcos/"

+ rhcos_kernel_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"

+ rhcos_initrd_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/worker.ign"

+ 

+ network_connections:

+   - name: eth0

+     mac: "{{ mac0 }}"

+     state: up

+     type: ethernet

+     autoconnect: yes

+     ip:

+       address:

+       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"

+       gateway4: "{{ eth0_ipv4_gw }}"

+       dns:

+       - "{{ dns1 }}"

+       - "{{ dns2 }}"

+       dns_search:

+       - "{{ dns_search1 }}"

+       - "{{ dns_search2 }}"

+       - "{{ dns_search3 }}"

+       dhcp4: no

+       auto6: no

+ 

+ vpn: true

+ 

+ nrpe_procs_warn: 1200

+ nrpe_procs_crit: 1400

@@ -0,0 +1,57 @@ 

+ ---

+ freezes: true

+ 

+ datacenter: iad2

+ 

+ arch: x86_64

+ 

+ dns1: 10.3.163.33

+ dns2: 10.3.163.34

+ 

+ dns_search1: "iad2.fedoraproject.org"

+ dns_search3: "fedoraproject.org"

+ 

+ has_ipv4: yes

+ eth0_ipv4: 10.3.163.125

+ eth0_ipv4_nm: 24

+ eth0_ipv4_gw: 10.3.163.254

+ eth0_ip: "{{eth0_ipv4}}"

+ nm: 255.255.255.0

+ gw: "{{ eth0_ipv4_gw }}"

+ dns: "{{ dns1 }}"

+ 

+ pxe_bootdev: eno33

+ install_dev: /dev/sda

+ mac0: "68:05:CA:CE:A7:4C"

+ 

+ rhcos_install_img_url: "http://10.3.163.165/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"

+ rhcos_install_url: "http://10.3.163.65/rhcos/"

+ rhcos_kernel_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"

+ rhcos_initrd_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/worker.ign"

+ 

+ network_connections:

+   - name: eth0

+     mac: "{{ mac0 }}"

+     state: up

+     type: ethernet

+     autoconnect: yes

+     ip:

+       address:

+       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"

+       gateway4: "{{ eth0_ipv4_gw }}"

+       dns:

+       - "{{ dns1 }}"

+       - "{{ dns2 }}"

+       dns_search:

+       - "{{ dns_search1 }}"

+       - "{{ dns_search2 }}"

+       - "{{ dns_search3 }}"

+       dhcp4: no

+       auto6: no

+ 

+ vpn: true

+ 

+ nrpe_procs_warn: 1200

+ nrpe_procs_crit: 1400

file modified
+23
@@ -1054,6 +1054,29 @@ 

  osbs_aarch64_masters_stg

  osbs_aarch64_nodes_stg

  

+ [ocp:children]

+ os_control

+ ocp_controlplane

+ ocp_workers

+ ocp_boostrap

+ 

+ [ocp_vms:children]

+ ocp_boostrap

+ ocp_controlplane

+ 

+ [ocp_controlplane]

+ ocp01.ocp.iad2.fedoraproject.org

+ ocp02.ocp.iad2.fedoraproject.org

+ ocp03.ocp.iad2.fedoraproject.org

+ 

+ [ocp_workers]

+ worker01.ocp.iad2.fedoraproject.org

+ worker02.ocp.iad2.fedoraproject.org

+ worker03.ocp.iad2.fedoraproject.org

+ 

+ [ocp_boostrap]

+ bootstrap.ocp.iad2.fedoraproject.org

+ 

  [ocp_stg:children]

  os_control_stg

  ocp_controlplane_stg

@@ -49,6 +49,12 @@ 

      - app.os.fedoraproject.org

  

    - role: httpd/certificate

+     certname: wildcard-2021.apps.ocp.fedoraproject.org

+     SSLCertificateChainFile: wildcard-2021.apps.fedoraproject.org.intermediate.cert

+     tags:

+     - apps.ocp.fedoraproject.org

+ 

+   - role: httpd/certificate

      certname: getfedora.org

      SSLCertificateChainFile: getfedora.org.intermediate.cert

  

@@ -628,7 +628,7 @@ 

      balancer_name: ocp

      targettype: openshift

      ocp4: true

-     balancer_members: "{{ ocp_nodes }}"

+     balancer_members: "{{ ocp_nodes_stg }}"

      keephost: true

      tags:

      - ocp.fedoraproject.org
@@ -640,13 +640,37 @@ 

      balancer_name: apps-ocp

      targettype: openshift

      ocp4: true

-     balancer_members: "{{ ocp_nodes }}"

+     balancer_members: "{{ ocp_nodes_stg }}"

      keephost: true

      tags:

      - apps.ocp.fedoraproject.org

      when: env == "staging"

  

    - role: httpd/reverseproxy

+     website: "ocp{{ env_suffix }}.fedoraproject.org"

+     destname: ocp

+     balancer_name: ocp

+     targettype: openshift

+     ocp4: true

+     balancer_members: "{{ ocp_nodes }}"

+     keephost: true

+     tags:

+     - ocp.fedoraproject.org

+     when: env == "production"

+ 

+   - role: httpd/reverseproxy

+     website: "apps.ocp{{ env_suffix }}.fedoraproject.org"

+     destname: apps.ocp

+     balancer_name: apps-ocp

+     targettype: openshift

+     ocp4: true

+     balancer_members: "{{ ocp_nodes }}"

+     keephost: true

+     tags:

+     - apps.ocp.fedoraproject.org

+     when: env == "production"

+ 

+   - role: httpd/reverseproxy

      website: "provision{{ env_suffix }}.fedoraproject.org"

      destname: zezere

      balancer_name: app-os

@@ -713,6 +713,30 @@ 

      when: env == "staging"

  

    - role: httpd/website

+     site_name: ocp.fedoraproject.org

+     sslonly: true

+     cert_name: "{{wildcard_cert_name}}"

+     # The Connection and Upgrade headers don't work for h2

+     # So non-h2 is needed to fix websockets.

+     use_h2: false

+     tags:

+     - ocp.fedoraproject.org

+     when: env == "prod"

+ 

+   - role: httpd/website

+     site_name: apps.ocp.fedoraproject.org

+     server_aliases: ["*.apps.ocp.fedoraproject.org", api.apps.ocp.fedoraproject.org]

+     sslonly: true

+     cert_name: "{{ocp_wildcard_cert_name}}"

+     SSLCertificateChainFile: "{{ocp_wildcard_int_file}}"

+     # The Connection and Upgrade headers don't work for h2

+     # So non-h2 is needed to fix websockets.

+     use_h2: false

+     tags:

+     - apps.ocp.fedoraproject.org

+     when: env == "prod"

+ 

+   - role: httpd/website

      site_name: registry.fedoraproject.org

      server_aliases: [registry.stg.fedoraproject.org registry-no-cdn.fedoraproject.org]

      sslonly: true

@@ -548,6 +548,31 @@ 

       option subnet-mask 255.255.255.0;

  }

  

+ # Production network

+ host worker01-ocp {

+      hardware ethernet 68:05:CA:CE:A3:C9;

+      fixed-address 10.3.163.123;

+      filename "uefi/grubx64.efi";

+      next-server 10.3.163.10;

+      option routers 10.3.163.254;

+      option subnet-mask 255.255.255.0;

+ }

+ host worker02-ocp {

+      hardware ethernet 68:05:CA:CE:A2:90;

+      fixed-address 10.3.163.124;

+      filename "uefi/grubx64.efi";

+      next-server 10.3.163.10;

+      option routers 10.3.163.254;

+      option subnet-mask 255.255.255.0;

+ }

+ host worker03-ocp {

+      hardware ethernet 68:05:CA:CE:A7:4C;

+      fixed-address 10.3.163.125;

+      filename "uefi/grubx64.efi";

+      next-server 10.3.163.10;

+      option routers 10.3.163.254;

+      option subnet-mask 255.255.255.0;

+ }

  # Staging network

  host worker01-ocp-stg {

       hardware ethernet 68:05:CA:CE:A2:AC;

@@ -37,6 +37,34 @@ 

      stats enable

      stats uri /

  

+ {% if env == "production" %}

+ frontend ocp-masters-kapi

+     mode tcp

+     bind 0.0.0.0:6443

+     default_backend ocp-masters-backend-kapi

+ 

+ backend ocp-masters-backend-kapi

+     mode tcp

+     server  ocp01.ocp.iad2.fedoraproject.org ocp01.ocp.iad2.fedoraproject.org:6443 weight 1 maxconn 16384 check

+     server  ocp02.ocp.iad2.fedoraproject.org ocp02.ocp.iad2.fedoraproject.org:6443 weight 1 maxconn 16384 check

+     server  ocp03.ocp.iad2.fedoraproject.org ocp03.ocp.iad2.fedoraproject.org:6443 weight 1 maxconn 16384 check

+ # temp bootstrap node

+     server  bootstrap.ocp.iad2.fedoraproject.org bootstrap.ocp.iad2.fedoraproject.org:6443 weight 1 maxconn 16384 check

+ 

+ frontend ocp-masters-machineconfig

+     mode tcp

+     bind 0.0.0.0:22623

+     default_backend ocp-masters-backend-machineconfig

+ 

+ backend ocp-masters-backend-machineconfig

+     mode tcp

+     server  ocp01.ocp.iad2.fedoraproject.org ocp01.ocp.iad2.fedoraproject.org:22623 weight 1 maxconn 16384 check

+     server  ocp02.ocp.iad2.fedoraproject.org ocp02.ocp.iad2.fedoraproject.org:22623 weight 1 maxconn 16384 check

+     server  ocp03.ocp.iad2.fedoraproject.org ocp03.ocp.iad2.fedoraproject.org:22623 weight 1 maxconn 16384 check

+ # temp bootstrap node

+     server  bootstrap.ocp.iad2.fedoraproject.org bootstrap.ocp.iad2.fedoraproject.org:22623 weight 1 maxconn 16384 check

+ {% endif %}

+ 

  {% if env != "production" %}

  frontend ocp-masters-kapi

      mode tcp

  • Updated DHCP config for prod machines
  • Updated haproxy and apache config for prod
  • Added prod boxes to ansible inventory
  • Added groupvars to ansible for prod

Signed-off-by: David Kirwan dkirwan@redhat.com

rebased onto 0049415ec2679b6c3a07ee91a1bf6c580b4b0a0f

9 months ago

Metadata Update from @mobrien:
- Pull-request tagged with: freeze-break-request

9 months ago

rebased onto e750a701078878ee3e914770acc35ed4b7fe49be

9 months ago

Added ocp node vars to inventory/group_vars/proxies
Renamed inventory/group_vars/proxies_stg:ocp_nodes to ocp_nodes_stg
Updated playbooks/include/proxies-reverseproxy.yml

Tomorrow will add hostvars

I have done a visual inspection and I am +1 to this patch set.

Looks good to me. We should make sure dns changes land first, then get certs in place and finally merge this.

rebased onto d24eb79b5dfb2ee7283481baa9c685f6ca73ccd7

9 months ago

Updated the hostvars also, if you folks could give it another quick look over :)

rebased onto 808b15cf8982a08f80f0ce5c6f2aa709c7ee7edc

8 months ago

rebased onto 9f39d76

8 months ago

Pull-Request has been merged by dkirwan

8 months ago

Build failed. More information on how to proceed and troubleshoot errors available at https://fedoraproject.org/wiki/Zuul-based-ci