fedora-infra / ansible

Clone
Source Code
GIT

#898 Resolved merge conflict from yaml sort.
Closed 2 years ago by petebuffon. Opened 2 years ago by petebuffon.
Unknown source main  into  main

file modified
+7 
@@ -32,3 +32,10 @@
 

  gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
 

  enabled=1
 

  gpgcheck=1
 

+ 

+ [rhel8-advanced-virt]
 

+ name = rhel8 AdvancedVirt $basearch
 

+ baseurl=https://infrastructure.fedoraproject.org/repo/rhel/rhel8/$basearch/rhel-8-advanced-virt/
 

+ gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
 

+ enabled=1
 

+ gpgcheck=1

file added
+10 
@@ -0,0 +1,10 @@
 

+ [Service]
 

+ TasksMax=40
 

+ CPUAccounting=yes
 

+ IOAccounting=yes
 

+ IPAccounting=yes
 

+ BlockIOAccounting=yes
 

+ MemoryAccounting=yes
 

+ TasksAccounting=yes
 

+ ConditionPathExists=/mnt/fedora_koji_prod/koji/packages 

+

file modified
+2 -1 
@@ -20,6 +20,7 @@
 

  proxy39.fedoraproject.org
 

  proxy40.fedoraproject.org
 

  copr-be.aws.fedoraproject.org
 

+ #copr-be-temp.aws.fedoraproject.org
 

  copr-be-dev.aws.fedoraproject.org
 

  #copr-be-dev-temp.aws.fedoraproject.org
 

  copr-dist-git.aws.fedoraproject.org
 
@@ -31,8 +32,8 @@
 

  copr-keygen-dev.aws.fedoraproject.org
 

  #copr-be-dev.cloud.fedoraproject.org
 

  copr-dist-git-dev.fedorainfracloud.org
 

- f32-test.fedorainfracloud.org
 

  f33-test.fedorainfracloud.org
 

+ f34-test.fedorainfracloud.org
 

  f35-test.fedorainfracloud.org
 

  rawhide-test.fedorainfracloud.org
 

  el7-test.fedorainfracloud.org

file modified
+2 -2 
@@ -1,6 +1,6 @@
 

  ---
 

+ ansible_ifcfg_blocklist: true
 

  freezes: false
 

+ host_group: cloud
 

  sudoers: "{{ private }}/files/sudo/arm-packager-sudoers"
 

  sudoers_main: nopasswd
 

- host_group: cloud
 

- ansible_ifcfg_blocklist: true

file modified
+191 -399 
@@ -5,321 +5,56 @@
 

  #   Background/reference about external repos pulled in:
 

  #       https://pagure.io/fedora-infrastructure/issue/5476
 

  #
 

+ # IPA settings
 

+ additional_host_keytabs: []
 

  ansible_base: /srv/web/infra
 

- 

- # Path to the openshift-ansible checkout as external git repo brought into
 

- # Fedora Infra
 

- openshift_ansible: /srv/web/infra/openshift-ansible/
 

- 

- #
 

- # END: Ansible roles_path variables
 

- #######
 

- 

- freezes: true
 

- # most of our systems are in IAD2
 

- datacenter: iad2
 

- preferred_dc: iad2
 

- postfix_group: "none"
 

- 

- # usually we do not want to enable nested virt, only on some virthosts
 

- nested: false
 

- 

- # most of our systems are 64bit.
 

- # Used to install various nagios scripts and the like.
 

- libdir: /usr/lib64
 

- 

- # Most EL systems need default EPEL repos.
 

- # Some systems (notably fed-cloud*) need to get their own
 

- # EPEL files because EPEL overrides packages in their core repos.
 

- use_default_epel: true
 

- 

- # example of ports for default iptables
 

- # tcp_ports: [ 22, 80, 443 ]
 

- # udp_ports: [ 110, 1024, 2049 ]
 

- # multiple lines can be handled as below
 

- # custom_rules: [ '-A INPUT -p tcp -m tcp --dport 8888 -j ACCEPT',
 

- #                  '-A INPUT -p tcp -m tcp --dport 8889 -j ACCEPT' ]
 

- # We default these to empty
 

- udp_ports: []
 

- tcp_ports: []
 

- custom_rules: []
 

- nat_rules: []
 

- custom6_rules: []
 

- 

- # defaults for hw installs
 

- install_noc: none
 

- 

- # defaults for virt installs
 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7
 

- ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

- mem_size: 4096
 

- num_cpus: 2
 

- lvm_size: 20000
 

- 

- # on MOST infra systems, the interface connected to the infra network
 

- # is eth0. but not on quite ALL systems. e.g. on s390 boxes it's enc900,
 

- # on openqa-ppc64le-01.qa it's eth2 for some reason, and on qa01.qa and
 

- # qa02.qa it's em3. currently this only affects whether GATEWAY, DOMAIN
 

- # and DNS1/DNS2 lines are put into ifcfg-(device).
 

- ansible_ifcfg_infra_net_devices: [ 'eth0', 'enc900' ]
 

- 

- # Default netmask. All of our iad2 nets are /24's. Almost all of our
 

- # non-iad2 sites are less than a /24.
 

- eth0_nm: 255.255.255.0
 

- eth1_nm: 255.255.255.0
 

- eth1_ip: 10.0.0.10
 

- br0_nm: 255.255.255.0
 

- br1_nm: 255.255.255.0
 

- nm: 255.255.255.0
 

- 

  # Default to managing the network, we want to not do this on select
 

  # hosts (like cloud nodes)
 

  ansible_ifcfg_blocklist: false
 

  # List of interfaces to explicitly disable
 

  ansible_ifcfg_disabled: []
 

+ # on MOST infra systems, the interface connected to the infra network
 

+ # is eth0. but not on quite ALL systems. e.g. on s390 boxes it's enc900,
 

+ # on openqa-ppc64le-01.qa it's eth2 for some reason, and on qa01.qa and
 

+ # qa02.qa it's em3. currently this only affects whether GATEWAY, DOMAIN
 

+ # and DNS1/DNS2 lines are put into ifcfg-(device).
 

+ ansible_ifcfg_infra_net_devices: ['eth0', 'enc900']
 

  #
 

- # The default virt-install works for rhel7 or fedora with 1 nic
 

+ # Autodetect python version
 

  #
 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

- 

- main_bridge: br0
 

- nfs_bridge: br1
 

- mac_address: RANDOM
 

- mac_address1: RANDOM
 

- 

- 

- virt_install_command_pxe_rhcos: virt-install -n {{ inventory_hostname }}
 

-   --vcpus {{ num_cpus }},maxvcpus={{ num_cpus }}
 

-   --cpu host
 

-   --memory  {{ mem_size }}
 

-   --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-   --nographics
 

-   --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-   --hvm --accelerate
 

-   --autostart --wait=-1
 

-   --extra-args "ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:ens2:none hostname={{ inventory_hostname }} nameserver={{ dns }} console=ttyS0 nomodeset rd.neednet=1 coreos.inst=yes coreos.inst.install_dev=vda coreos.live.rootfs_url={{ rhcos_install_rootfs_url }} coreos.inst.ignition_url={{ rhcos_ignition_file_url }}"
 

-   --os-variant rhel7
 

-   --location  {{ rhcos_install_url }}
 

- 

- 

- virt_install_command_one_nic: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ipv4 }}::{{ eth0_ipv4_gw }}:{{ eth0_ipv4_nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --autostart --noautoconsole --watchdog default --rng /dev/random --cpu host
 

- 

- virt_install_command_two_nic: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none
 

-                   ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname_short }}-nfs:eth1:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --network=bridge={{ nfs_bridge }},model=virtio,mac={{ mac_address1 }}
 

-                  --autostart --noautoconsole --watchdog default --rng /dev/random
 

- 

- virt_install_command_one_nic_unsafe: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns1 }}
 

-                   ip={{ eth0_ipv4 }}::{{ eth0_ipv4_gw }}:{{ eth0_ipv4_nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --autostart --noautoconsole --watchdog default --rng /dev/random --cpu host
 

- 

- virt_install_command_two_nic_unsafe: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname_short }}-nfs:eth1:none
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --network bridge={{ nfs_bridge }},model=virtio,mac={{ mac_address1 }}
 

-                  --autostart --noautoconsole --watchdog default --rng /dev/random
 

- 

- virt_install_command_ppc64le_one_nic_unsafe: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --autostart --noautoconsole --watchdog default --rng /dev/random
 

- 

- virt_install_command_ppc64le_two_nic_unsafe: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none
 

-                   ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname_short }}-nfs:eth1:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --network=bridge={{ nfs_bridge }},model=virtio,mac={{ mac_address1 }}
 

-                  --autostart --noautoconsole --watchdog default --rng /dev/random
 

- 

- virt_install_command_aarch64_one_nic: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }}
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --autostart --noautoconsole
 

- 

- virt_install_command_aarch64_one_nic_unsafe: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }}
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --autostart --noautoconsole
 

- 

- virt_install_command_aarch64_2nd_nic: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }}
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ nfs_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --autostart --noautoconsole
 

- 

- virt_install_command_aarch64_two_nic: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }}
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none
 

-                   ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname_short }}-nfs:eth1:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --network=bridge={{ nfs_bridge }},model=virtio,mac={{ mac_address1 }}
 

-                  --autostart --noautoconsole --rng /dev/random
 

- 

- virt_install_command_armv7_one_nic: virt-install -n {{ inventory_hostname }} --arch armv7l
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyAMA0
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ main_bridge }}
 

-                  --autostart --noautoconsole --rng /dev/random
 

- 

- virt_install_command_armv7_one_nic_unsafe: virt-install -n {{ inventory_hostname }} --arch armv7l
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyAMA0
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ main_bridge }}
 

-                  --autostart --noautoconsole --rng /dev/random --qemu-commandline="-machine highmem=off"
 

- 

- virt_install_command_s390x_one_nic: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }}
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --autostart --noautoconsole --rng /dev/random --cpu host
 

- 

- virt_install_command_s390x_one_nic_unsafe: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }}
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --autostart --noautoconsole --rng /dev/random --cpu host
 

- 

- virt_install_command_rhel6: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }}
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  "inst.ksdevice=eth0 inst.ks={{ ks_url }} ip={{ eth0_ip }} netmask={{ nm }}
 

-                   gateway={{ gw }} dns={{ dns }} console=tty0 console=ttyS0
 

-                   hostname={{ inventory_hostname }}"
 

-                  --network=bridge=br0 --autostart --noautoconsole --watchdog default
 

- 

- max_mem_size: "{{ mem_size * 5 }}"
 

- max_cpu: "{{ num_cpus * 5 }}"
 

- 

- # This is the wildcard certname for our proxies.  It has a different name for
 

- # the staging group and is used in the proxies.yml playbook.
 

- wildcard_cert_name: wildcard-2020.fedoraproject.org
 

- wildcard_crt_file: wildcard-2020.fedoraproject.org.cert
 

- wildcard_key_file: wildcard-2020.fedoraproject.org.key
 

- wildcard_int_file: wildcard-2020.fedoraproject.org.intermediate.cert
 

- 

- # This is the openshift wildcard cert. Until it exists set it equal to wildcard
 

- os_wildcard_cert_name: wildcard-2021.app.os.fedoraproject.org
 

- os_wildcard_crt_file: wildcard-2021.app.os.fedoraproject.org.cert
 

- os_wildcard_key_file: wildcard-2021.app.os.fedoraproject.org.key
 

- os_wildcard_int_file: wildcard-2021.app.os.fedoraproject.org.intermediate.cert
 

- 

- # This is the openshift wildcard cert for ocp
 

- ocp_wildcard_cert_name: wildcard-2021.apps.ocp.fedoraproject.org
 

- ocp_wildcard_cert_file: wildcard-2021.apps.ocp.fedoraproject.org.cert
 

- ocp_wildcard_key_file: wildcard-2021.apps.ocp.fedoraproject.org.key
 

- ocp_wildcard_int_file: wildcard-2021.apps.ocp.fedoraproject.org.intermediate.cert
 

- 

- # This is the mirrors.centos.org certs
 

- mirrors_centos_org_cert_name: mirrors.centos.org
 

- mirrors_centos_org_cert_file: mirrors.centos.org.cert
 

- mirrors_centos_org_key_file: mirrors.centos.org.key
 

- 

- # Everywhere, always, we should sign messages and validate signatures.
 

- # However, we allow individual hosts and groups to override this.  Use this very
 

- # carefully.. and never in production (good for testing stuff in staging).
 

- fedmsg_sign_messages: True
 

- fedmsg_validate_signatures: True
 

- 

- # By default, nodes get no fedmsg certs.  They need to declare them explicitly.
 

- fedmsg_certs: []
 

- 

- # By default, fedmsg should not log debug info.  Groups can override this.
 

- fedmsg_loglevel: INFO
 

- 

- # By default, fedmsg sends error logs to sysadmin-datanommer-members@fp.o.
 

- fedmsg_error_recipients:
 

- - sysadmin-datanommer-members@fedoraproject.org
 

- 

- # By default, fedmsg hosts are in passive mode.  External hosts are typically
 

- # active.
 

- fedmsg_active: False
 

- 

- # Other defaults for fedmsg environments
 

- fedmsg_prefix: org.fedoraproject
 

- fedmsg_env: prod
 

- 

- # Amount of time to wait for connections after a socket is first established.
 

- fedmsg_post_init_sleep: 1.0
 

- 

- # A special flag that, when set to true, will disconnect the host from the
 

- # global fedmsg-relay instance and set it up with its own local one.  You can
 

- # temporarily set this to true for a specific host to do some debugging -- so
 

- # you can *replay real messages from the datagrepper history without having
 

- # those broadcast to the rest of the bus*.
 

- fedmsg_debug_loopback: False
 

+ ansible_python_interpreter: auto
 

+ # Set variable if we want to use our global iptables defaults
 

+ # Some things need to set their own.
 

+ baseiptables: True
 

+ # by default set become to false here We can override it as needed.
 

+ # Note that if become is true, you need to unset requiretty for
 

+ # ssh controlpersist to work.
 

+ become: false
 

+ br0_nm: 255.255.255.0
 

+ br1_nm: 255.255.255.0
 

+ # assume collectd apache
 

+ collectd_apache: true
 

+ # true or false if we are or are not a copr build virthost.
 

+ # Default to false
 

+ copr_build_virthost: false
 

+ # assume createrepo is true and this builder has the koji nfs mount to do that
 

+ createrepo: True
 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Unspecified
 

+ csi_relationship: |
 

+   Unspecified.
 

+   * What hosts/services does this rely on?
 

+   * What hosts/services rely on this?
 

  

+   To update this text, add the csi_* vars to group_vars/ in ansible.
 

+ # This vars get shoved into /etc/system_identification by the base role.
 

+ # Groups and individual hosts should override them with specific info.
 

+ # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

+ csi_security_category: Unspecified
 

+ custom6_rules: []
 

+ custom_rules: []
 

+ # most of our systems are in IAD2
 

+ datacenter: iad2
 

  # These are used to:
 

  #  1) configure mod_wsgi
 

  #  2) open iptables rules for fedmsg (per wsgi thread)
 
@@ -330,130 +65,187 @@
 

  

  # By default, nodes don't backup any dbs on them unless they declare it.
 

  dbs_to_backup: []
 

- 

- # by default the number of procs we allow before we whine
 

- nrpe_procs_warn: 250
 

- nrpe_procs_crit: 300
 

- 

- # by default, the number of emails in queue before we whine
 

- nrpe_check_postfix_queue_warn: 2
 

- nrpe_check_postfix_queue_crit: 5
 

- 

+ dns1: "10.3.163.33"
 

+ dns2: "10.3.163.34"
 

  # env is staging or production, we default it to production here.
 

  env: production
 

  env_prefix: ""
 

- env_suffix: ""
 

  env_short: prod
 

- 

- # nfs mount options, override at the group/host level
 

- nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

- 

- # by default set become to false here We can override it as needed.
 

- # Note that if become is true, you need to unset requiretty for
 

- # ssh controlpersist to work.
 

- become: false
 

- 

- # default the root_auth_users to nothing.
 

- # This should be set for cloud instances in their host or group vars.
 

- root_auth_users: ''
 

- 

- # This vars get shoved into /etc/system_identification by the base role.
 

- # Groups and individual hosts should override them with specific info.
 

- # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- csi_security_category: Unspecified
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Unspecified
 

- csi_relationship: |
 

-     Unspecified.
 

-     * What hosts/services does this rely on?
 

-     * What hosts/services rely on this?
 

- 

-     To update this text, add the csi_* vars to group_vars/ in ansible.
 

- 

- #
 

- # say if we want the apache role dependency for mod_wsgi or not
 

- # In some cases we want mod_wsgi and no apache (for python3 httpaio stuff)
 

+ env_suffix: ""
 

+ # Default netmask. All of our iad2 nets are /24's. Almost all of our
 

+ # non-iad2 sites are less than a /24.
 

+ eth0_nm: 255.255.255.0
 

+ eth1_ip: 10.0.0.10
 

+ eth1_nm: 255.255.255.0
 

+ # By default, fedmsg hosts are in passive mode.  External hosts are typically
 

+ # active.
 

+ fedmsg_active: False
 

+ # By default, nodes get no fedmsg certs.  They need to declare them explicitly.
 

+ fedmsg_certs: []
 

+ # A special flag that, when set to true, will disconnect the host from the
 

+ # global fedmsg-relay instance and set it up with its own local one.  You can
 

+ # temporarily set this to true for a specific host to do some debugging -- so
 

+ # you can *replay real messages from the datagrepper history without having
 

+ # those broadcast to the rest of the bus*.
 

+ fedmsg_debug_loopback: False
 

+ fedmsg_env: prod
 

+ # By default, fedmsg sends error logs to sysadmin-datanommer-members@fp.o.
 

+ fedmsg_error_recipients:
 

+   - sysadmin-datanommer-members@fedoraproject.org
 

+ # By default, fedmsg should not log debug info.  Groups can override this.
 

+ fedmsg_loglevel: INFO
 

+ # Amount of time to wait for connections after a socket is first established.
 

+ fedmsg_post_init_sleep: 1.0
 

+ # Other defaults for fedmsg environments
 

+ fedmsg_prefix: org.fedoraproject
 

+ # Everywhere, always, we should sign messages and validate signatures.
 

+ # However, we allow individual hosts and groups to override this.  Use this very
 

+ # carefully.. and never in production (good for testing stuff in staging).
 

+ fedmsg_sign_messages: True
 

+ fedmsg_validate_signatures: True
 

  #
 

- wsgi_wants_apache: true
 

- 

- # IPA settings
 

- additional_host_keytabs: []
 

+ # END: Ansible roles_path variables
 

+ #######
 

+ freezes: true
 

+ # defaults for hw installs
 

+ install_noc: none
 

+ ipa_admin_password: "{{ ipa_prod_admin_password }}"
 

+ ipa_realm: FEDORAPROJECT.ORG
 

  ipa_server: ipa01.iad2.fedoraproject.org
 

  ipa_server_nodes:
 

    - ipa01.iad2.fedoraproject.org
 

    - ipa02.iad2.fedoraproject.org
 

    #- ipa03.iad2.fedoraproject.org
 

- ipa_realm: FEDORAPROJECT.ORG
 

- ipa_admin_password: "{{ ipa_prod_admin_password }}"
 

- primary_auth_source: ipa
 

- 

- # Normal default sshd port is 22
 

- sshd_port: 22
 

- # This enables/disables the SSH "keyhelper" used by Pagure for verifying users'
 

- # SSH keys from the Pagure database
 

- sshd_keyhelper: false
 

- 

- # List of names under which the host is available
 

- ssh_hostnames: []
 

- 

- # assume collectd apache
 

- collectd_apache: true
 

- 

- # assume vpn is false
 

- vpn: False
 

- 

- # assume createrepo is true and this builder has the koji nfs mount to do that
 

- createrepo: True
 

- 

+ ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

+ # defaults for virt installs
 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7
 

+ # most of our systems are 64bit.
 

+ # Used to install various nagios scripts and the like.
 

+ libdir: /usr/lib64
 

+ lvm_size: 20000
 

+ mac_address: RANDOM
 

+ mac_address1: RANDOM
 

+ main_bridge: br0
 

+ max_cpu: "{{ num_cpus * 5 }}"
 

+ max_mem_size: "{{ mem_size * 5 }}"
 

+ mem_size: 4096
 

+ mirrors_centos_org_cert_file: mirrors.centos.org.cert
 

+ # This is the mirrors.centos.org certs
 

+ mirrors_centos_org_cert_name: mirrors.centos.org
 

+ mirrors_centos_org_key_file: mirrors.centos.org.key
 

+ nagios_Can_Connect: true
 

  # Nagios global variables
 

  nagios_Check_Services:
 

-   mail: true
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: true
 

+   mail: true
 

+   named: false
 

+   nrpe: true
 

    ping: true
 

    raid: false
 

- 

- nagios_Can_Connect: true
 

- 

- # Set variable if we want to use our global iptables defaults
 

- # Some things need to set their own.
 

- baseiptables: True
 

- 

+   sshd: true
 

+   swap: true
 

+ nat_rules: []
 

+ # usually we do not want to enable nested virt, only on some virthosts
 

+ nested: false
 

+ nfs_bridge: br1
 

+ # nfs mount options, override at the group/host level
 

+ nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

+ nm: 255.255.255.0
 

  # Most of our machines have manual resolv.conf files
 

  # These settings are for machines where NM is supposed to control resolv.conf.
 

  nm_controlled_resolv: False
 

- dns1: "10.3.163.33"
 

- dns2: "10.3.163.34"
 

- 

+ nrpe_check_postfix_queue_crit: 5
 

+ # by default, the number of emails in queue before we whine
 

+ nrpe_check_postfix_queue_warn: 2
 

+ nrpe_procs_crit: 300
 

+ # by default the number of procs we allow before we whine
 

+ nrpe_procs_warn: 250
 

+ num_cpus: 2
 

+ # ocp4 is only set true in some proxy roles
 

+ ocp4: false
 

+ ocp_wildcard_cert_file: wildcard-2021.apps.ocp.fedoraproject.org.cert
 

+ # This is the openshift wildcard cert for ocp
 

+ ocp_wildcard_cert_name: wildcard-2021.apps.ocp.fedoraproject.org
 

+ ocp_wildcard_int_file: wildcard-2021.apps.ocp.fedoraproject.org.intermediate.cert
 

+ ocp_wildcard_key_file: wildcard-2021.apps.ocp.fedoraproject.org.key
 

+ # Path to the openshift-ansible checkout as external git repo brought into
 

+ # Fedora Infra
 

+ openshift_ansible: /srv/web/infra/openshift-ansible/
 

+ # This is the openshift wildcard cert. Until it exists set it equal to wildcard
 

+ os_wildcard_cert_name: wildcard-2021.app.os.fedoraproject.org
 

+ os_wildcard_crt_file: wildcard-2021.app.os.fedoraproject.org.cert
 

+ os_wildcard_int_file: wildcard-2021.app.os.fedoraproject.org.intermediate.cert
 

+ os_wildcard_key_file: wildcard-2021.app.os.fedoraproject.org.key
 

+ postfix_group: "none"
 

  # This is a list of services that need to wait for VPN to be up before getting started.
 

  postvpnservices: []
 

- 

- # true or false if we are or are not a copr build virthost.
 

- # Default to false
 

- copr_build_virthost: false
 

- 

+ preferred_dc: iad2
 

+ primary_auth_source: ipa
 

  #
 

  # Set a redirectmatch variable we can use to disable some redirectmatches
 

  # like the prerelease to final ones.
 

  #
 

  redirectmatch_enabled: True
 

- 

+ # default the root_auth_users to nothing.
 

+ # This should be set for cloud instances in their host or group vars.
 

+ root_auth_users: ''
 

+ # List of names under which the host is available
 

+ ssh_hostnames: []
 

+ # This enables/disables the SSH "keyhelper" used by Pagure for verifying users'
 

+ # SSH keys from the Pagure database
 

+ sshd_keyhelper: false
 

+ # Normal default sshd port is 22
 

+ sshd_port: 22
 

  #
 

  # sshd can run a internal sftp server, we need this on some hosts, but
 

  # not on most of them, so default to false
 

  sshd_sftp: false
 

- 

+ tcp_ports: []
 

+ # example of ports for default iptables
 

+ # tcp_ports: [ 22, 80, 443 ]
 

+ # udp_ports: [ 110, 1024, 2049 ]
 

+ # multiple lines can be handled as below
 

+ # custom_rules: [ '-A INPUT -p tcp -m tcp --dport 8888 -j ACCEPT',
 

+ #                  '-A INPUT -p tcp -m tcp --dport 8889 -j ACCEPT' ]
 

+ # We default these to empty
 

+ udp_ports: []
 

+ # Most EL systems need default EPEL repos.
 

+ # Some systems (notably fed-cloud*) need to get their own
 

+ # EPEL files because EPEL overrides packages in their core repos.
 

+ use_default_epel: true
 

  #
 

- # Autodetect python version
 

+ # The default virt-install works for rhel7 or fedora with 1 nic
 

  #
 

- ansible_python_interpreter: auto
 

- 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ virt_install_command_aarch64_2nd_nic: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ nfs_bridge }},model=virtio,mac={{ mac_address }} --autostart --noautoconsole
 

+ virt_install_command_aarch64_one_nic: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --autostart --noautoconsole
 

+ virt_install_command_aarch64_one_nic_unsafe: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --autostart --noautoconsole
 

+ virt_install_command_aarch64_two_nic: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname_short }}-nfs:eth1:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --network=bridge={{ nfs_bridge }},model=virtio,mac={{ mac_address1 }} --autostart --noautoconsole --rng /dev/random
 

+ virt_install_command_armv7_one_nic: virt-install -n {{ inventory_hostname }} --arch armv7l --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyAMA0 hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }} --autostart --noautoconsole --rng /dev/random
 

+ virt_install_command_armv7_one_nic_unsafe: virt-install -n {{ inventory_hostname }} --arch armv7l --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyAMA0 hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }} --autostart --noautoconsole --rng /dev/random --qemu-commandline="-machine highmem=off"
 

+ virt_install_command_one_nic: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ipv4 }}::{{ eth0_ipv4_gw }}:{{ eth0_ipv4_nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --autostart --noautoconsole --watchdog default --rng /dev/random --cpu host
 

+ virt_install_command_one_nic_unsafe: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }} nameserver={{ dns1 }} ip={{ eth0_ipv4 }}::{{ eth0_ipv4_gw }}:{{ eth0_ipv4_nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --autostart --noautoconsole --watchdog default --rng /dev/random --cpu host
 

+ virt_install_command_ppc64le_one_nic_unsafe: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --autostart --noautoconsole --watchdog default --rng /dev/random
 

+ virt_install_command_ppc64le_two_nic_unsafe: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname_short }}-nfs:eth1:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --network=bridge={{ nfs_bridge }},model=virtio,mac={{ mac_address1 }} --autostart --noautoconsole --watchdog default --rng /dev/random
 

+ virt_install_command_pxe_rhcos: virt-install -n {{ inventory_hostname }} --vcpus {{ num_cpus }},maxvcpus={{ num_cpus }} --cpu host --memory  {{ mem_size }} --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --nographics --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --hvm --accelerate --autostart --wait=-1 --extra-args "ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:ens2:none hostname={{ inventory_hostname }} nameserver={{ dns }} console=ttyS0 nomodeset rd.neednet=1 coreos.inst=yes coreos.inst.install_dev=vda coreos.live.rootfs_url={{ rhcos_install_rootfs_url }} coreos.inst.ignition_url={{ rhcos_ignition_file_url }}" --os-variant rhel7 --location  {{ rhcos_install_url }}
 

+ virt_install_command_rhel6: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x "inst.ksdevice=eth0 inst.ks={{ ks_url }} ip={{ eth0_ip }} netmask={{ nm }} gateway={{ gw }} dns={{ dns }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }}" --network=bridge=br0 --autostart --noautoconsole --watchdog default
 

+ virt_install_command_s390x_one_nic: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ipv4 }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --autostart --noautoconsole --rng /dev/random --cpu host
 

+ virt_install_command_s390x_one_nic_unsafe: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ipv4 }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --autostart --noautoconsole --rng /dev/random --cpu host
 

+ virt_install_command_two_nic: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname_short }}-nfs:eth1:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --network=bridge={{ nfs_bridge }},model=virtio,mac={{ mac_address1 }} --autostart --noautoconsole --watchdog default --rng /dev/random
 

+ virt_install_command_two_nic_unsafe: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }},cache=unsafe,io=threads --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 inst.ksdevice=eth0 inst.ks={{ ks_url }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname_short }}-nfs:eth1:none ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --network bridge={{ nfs_bridge }},model=virtio,mac={{ mac_address1 }} --autostart --noautoconsole --watchdog default --rng /dev/random
 

+ # assume vpn is false
 

+ vpn: False
 

+ # This is the wildcard certname for our proxies.  It has a different name for
 

+ # the staging group and is used in the proxies.yml playbook.
 

+ wildcard_cert_name: wildcard-2020.fedoraproject.org
 

+ wildcard_crt_file: wildcard-2020.fedoraproject.org.cert
 

+ wildcard_int_file: wildcard-2020.fedoraproject.org.intermediate.cert
 

+ wildcard_key_file: wildcard-2020.fedoraproject.org.key
 

+ #
 

+ # say if we want the apache role dependency for mod_wsgi or not
 

+ # In some cases we want mod_wsgi and no apache (for python3 httpaio stuff)
 

+ #
 

+ wsgi_wants_apache: true
 

  # set no x-forward header by default
 

  x_forward: false
 

- 

- # ocp4 is only set true in some proxy roles
 

- ocp4: false

file modified
+20 -27 
@@ -1,39 +1,32 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 30000
 

- mem_size: 2048
 

- num_cpus: 2
 

- 

+ ansible_ifcfg_allowlist:
 

+   - eth0
 

+   - eth1
 

+ csi_primary_contact: Release Engineering - rel-eng@lists.fedoraproject.org
 

+ csi_purpose: Automatically sign Rawhide and Branched packages
 

+ csi_relationship: |
 

+   This host will run the robosignatory application which should automatically sign
 

+   builds.  It listens to koji over fedora-messaging for notifications of new builds,
 

+   and then asks sigul, the signing server, to sign the rpms and store the new rpm
 

+   header back in Koji.
 

+ # For the MOTD
 

+ csi_security_category: High
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

  

  # Make connections from signing bridges stateless, they break sigul connections
 

  # https://bugzilla.redhat.com/show_bug.cgi?id=1283364
 

  custom_rules: ['-A INPUT --proto tcp --sport 44334 --source 10.3.169.120 -j ACCEPT']
 

- 

- ansible_ifcfg_allowlist:
 

- - eth0
 

- - eth1
 

- 

+ fedmsg_error_recipients: []
 

  host_group: autosign
 

- ipa_host_group: autosign
 

- ipa_host_group_desc: Hosts signing content automatically
 

  ipa_client_shell_groups:
 

- - sysadmin-releng
 

+   - sysadmin-releng
 

  ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- 

- fedmsg_error_recipients: []
 

- 

+   - sysadmin-releng
 

+ ipa_host_group: autosign
 

+ ipa_host_group_desc: Hosts signing content automatically
 

+ lvm_size: 30000
 

+ mem_size: 2048
 

  nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

- # For the MOTD
 

- csi_security_category: High
 

- csi_primary_contact: Release Engineering - rel-eng@lists.fedoraproject.org
 

- csi_purpose: Automatically sign Rawhide and Branched packages
 

- csi_relationship: |
 

-     This host will run the robosignatory application which should automatically sign
 

-     builds.  It listens to koji over fedora-messaging for notifications of new builds,
 

-     and then asks sigul, the signing server, to sign the rpms and store the new rpm
 

-     header back in Koji.
 

- 

+ num_cpus: 2

file modified
-1 
@@ -2,5 +2,4 @@
 

  # Make connections from signing bridges stateless, they break sigul connections
 

  # https://bugzilla.redhat.com/show_bug.cgi?id=1283364
 

  custom_rules: ['-A INPUT --proto tcp --sport 44334 --source 10.3.169.120 -j ACCEPT']
 

- 

  host_group: autosign

file modified
+7 -7 
@@ -1,10 +1,10 @@
 

  ---
 

- primary_auth_source: ipa
 

- ipa_host_group: badges
 

- ipa_host_group_desc: Hosts running the Badges application
 

  ipa_client_shell_groups:
 

- - sysadmin-badges
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - sysadmin-badges
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-badges
 

+   - sysadmin-badges
 

+ ipa_host_group: badges
 

+ ipa_host_group_desc: Hosts running the Badges application
 

+ primary_auth_source: ipa

file modified
+45 -54 
@@ -1,60 +1,51 @@
 

  ---
 

+ csi_primary_contact: Badges admins - sysadmin-badges-members@fedoraproject.org
 

+ csi_purpose: Run fedmsg-hub with the fedbadges plugin to award badges (+ some crons)
 

+ csi_relationship: |
 

+   fedbadges integrates many different services..
 

+ 

+   * The fedbadges fedmsg-hub plugin relies on:
 

+     * the fedmsg bus, to deliver messages
 

+     * pkgdb, for queries about who owns what packages
 

+     * fas, to lookup what irc nick corresponds to what fas user.
 

+     * db-datanommer for the fedmsg history
 

+     * db01, for storing badge awards
 

+ 

+   * badges-web01 will be expecting to display badges entered into the tahrir
 

+     db on db01.  So, if badges stop showing up there, the problem is likely
 

+     here.
 

+ 

+   * Locally, of note there exists:
 

+     * a git repo of badge rules and images to be synced here by ansible
 

+       to /usr/share/badges/
 

+     * a local file cache in /var/tmp/fedbadges-cache.dbm (not memcached, atm)
 

+     * Furthermore, there are a ton of cronjobs for awarding badges in
 

+       /usr/share/badges/cronjobs/ that depends on all sorts of third parties
 

+       (flickr, google+, libravatar, etc..).
 

+ # For the MOTD
 

+ csi_security_category: Low
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - fedbadges.badge.award
 

+       - fedbadges.person.rank.advance
 

+     group: fedmsg
 

+     owner: root
 

+     service: fedbadges
 

+ # These people get told when something goes wrong.
 

+ fedmsg_error_recipients:
 

+   - sysadmin-badges-members@fedoraproject.org
 

+ fedmsg_hub_auto_restart: True
 

+ fedmsg_hub_memory_limit_mb: "{{ (mem_size / 2) | int }}"
 

+ freezes: false
 

  lvm_size: 20000
 

  mem_size: 16384
 

  num_cpus: 2
 

- freezes: false
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 3000, 3001, 3002, 3003,
 

-              3004, 3005, 3006, 3007 ]
 

- 

- 

- # These people get told when something goes wrong.
 

- fedmsg_error_recipients:
 

- - sysadmin-badges-members@fedoraproject.org
 

- 

- fedmsg_hub_auto_restart: True
 

- fedmsg_hub_memory_limit_mb: "{{ (mem_size / 2) | int }}"
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: fedbadges
 

-   owner: root
 

-   group: fedmsg
 

-   can_send:
 

-   - fedbadges.badge.award
 

-   - fedbadges.person.rank.advance
 

- 

- 

- # For the MOTD
 

- csi_security_category: Low
 

- csi_primary_contact: Badges admins - sysadmin-badges-members@fedoraproject.org
 

- csi_purpose: Run fedmsg-hub with the fedbadges plugin to award badges (+ some crons)
 

- csi_relationship: |
 

-     fedbadges integrates many different services..
 

- 

-     * The fedbadges fedmsg-hub plugin relies on:
 

-       * the fedmsg bus, to deliver messages
 

-       * pkgdb, for queries about who owns what packages
 

-       * fas, to lookup what irc nick corresponds to what fas user.
 

-       * db-datanommer for the fedmsg history
 

-       * db01, for storing badge awards
 

- 

-     * badges-web01 will be expecting to display badges entered into the tahrir
 

-       db on db01.  So, if badges stop showing up there, the problem is likely
 

-       here.
 

- 

-     * Locally, of note there exists:
 

-       * a git repo of badge rules and images to be synced here by ansible
 

-         to /usr/share/badges/
 

-       * a local file cache in /var/tmp/fedbadges-cache.dbm (not memcached, atm)
 

-       * Furthermore, there are a ton of cronjobs for awarding badges in
 

-         /usr/share/badges/cronjobs/ that depends on all sorts of third parties
 

-         (flickr, google+, libravatar, etc..).
 

+ tcp_ports: [3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]

file modified
+44 -52 
@@ -1,59 +1,51 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ csi_primary_contact: Badges admins - sysadmin-badges-members@fedoraproject.org
 

+ csi_purpose: Run fedmsg-hub with the fedbadges plugin to award badges (+ some crons)
 

+ csi_relationship: |
 

+   fedbadges integrates many different services..
 

+ 

+   * The fedbadges fedmsg-hub plugin relies on:
 

+     * the fedmsg bus, to deliver messages
 

+     * pkgdb, for queries about who owns what packages
 

+     * fas, to lookup what irc nick corresponds to what fas user.
 

+     * db-datanommer for the fedmsg history
 

+     * db01, for storing badge awards
 

+ 

+   * badges-web01 will be expecting to display badges entered into the tahrir
 

+     db on db01.  So, if badges stop showing up there, the problem is likely
 

+     here.
 

+ 

+   * Locally, of note there exists:
 

+     * a git repo of badge rules and images to be synced here by ansible
 

+       to /usr/share/badges/
 

+     * a local file cache in /var/tmp/fedbadges-cache.dbm (not memcached, atm)
 

+     * Furthermore, there are a ton of cronjobs for awarding badges in
 

+       /usr/share/badges/cronjobs/ that depends on all sorts of third parties
 

+       (flickr, google+, libravatar, etc..).
 

+ # For the MOTD
 

+ csi_security_category: Low
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - fedbadges.badge.award
 

+       - fedbadges.person.rank.advance
 

+     group: fedmsg
 

+     owner: root
 

+     service: fedbadges
 

+ # These people get told when something goes wrong.
 

+ fedmsg_error_recipients:
 

+   - sysadmin-badges-members@fedoraproject.org
 

+ fedmsg_hub_auto_restart: True
 

+ fedmsg_hub_memory_limit_mb: "{{ (mem_size / 2) | int }}"
 

  lvm_size: 20000
 

  mem_size: 8192
 

  num_cpus: 2
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 3000, 3001, 3002, 3003,
 

-              3004, 3005, 3006, 3007 ]
 

- 

- # These people get told when something goes wrong.
 

- fedmsg_error_recipients:
 

- - sysadmin-badges-members@fedoraproject.org
 

- 

- fedmsg_hub_auto_restart: True
 

- fedmsg_hub_memory_limit_mb: "{{ (mem_size / 2) | int }}"
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: fedbadges
 

-   owner: root
 

-   group: fedmsg
 

-   can_send:
 

-   - fedbadges.badge.award
 

-   - fedbadges.person.rank.advance
 

- 

- 

- # For the MOTD
 

- csi_security_category: Low
 

- csi_primary_contact: Badges admins - sysadmin-badges-members@fedoraproject.org
 

- csi_purpose: Run fedmsg-hub with the fedbadges plugin to award badges (+ some crons)
 

- csi_relationship: |
 

-     fedbadges integrates many different services..
 

- 

-     * The fedbadges fedmsg-hub plugin relies on:
 

-       * the fedmsg bus, to deliver messages
 

-       * pkgdb, for queries about who owns what packages
 

-       * fas, to lookup what irc nick corresponds to what fas user.
 

-       * db-datanommer for the fedmsg history
 

-       * db01, for storing badge awards
 

- 

-     * badges-web01 will be expecting to display badges entered into the tahrir
 

-       db on db01.  So, if badges stop showing up there, the problem is likely
 

-       here.
 

- 

-     * Locally, of note there exists:
 

-       * a git repo of badge rules and images to be synced here by ansible
 

-         to /usr/share/badges/
 

-       * a local file cache in /var/tmp/fedbadges-cache.dbm (not memcached, atm)
 

-       * Furthermore, there are a ton of cronjobs for awarding badges in
 

-         /usr/share/badges/cronjobs/ that depends on all sorts of third parties
 

-         (flickr, google+, libravatar, etc..).
 

+ tcp_ports: [3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]

file modified
+8 -8 
@@ -1,11 +1,11 @@
 

  ---
 

- ipa_host_group: badges
 

- ipa_host_group_desc: Hosts running the Badges application
 

  ipa_client_shell_groups:
 

- - sysadmin-badges
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - sysadmin-badges
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-badges
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - sysadmin-badges
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_host_group: badges
 

+ ipa_host_group_desc: Hosts running the Badges application

file modified
+41 -48 
@@ -1,9 +1,48 @@
 

  ---
 

+ csi_primary_contact: Badges admins - sysadmin-badges-members@fedoraproject.org
 

+ csi_purpose: Run the 'tahrir' mod_wsgi app to display badges.fedoraproject.org
 

+ csi_relationship: |
 

+   The apache/mod_wsgi app is the only thing really running here
 

+ 

+   * This host relies on:
 

+     * db01 for its database of badge awards (and users, etc..)
 

+     * a collection of .pngs in /usr/share/badges/pngs put there by ansible
 

+     * memcached!
 

+ 

+   * Conversely, a few things rely on this site:
 

+     * We have a mediawiki plugin that hits a JSON endpoint to display badges.
 

+       It should be resilient, but issues in the badges app may cascade into
 

+       mediawiki issues in the event of faults.
 

+     * fedora-mobile (the android app) queries the JSON api here.
 

+     * zodbot has a .badges <username> command that queries the JSON api here.
 

+     * openbadges.org may call back to this app to verify that badge assertions
 

+       are really certified by us (this will happen anytime someone exports
 

+       their fedora badges to the mozilla universe via the tahrir web
 

+       interface, but may also happen later in the future to ensure we did not
 

+       revoke such and such badge).
 

+ # For the MOTD
 

+ csi_security_category: Low
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - fedbadges.badge.award
 

+       - fedbadges.person.rank.advance
 

+       - fedbadges.person.login.first
 

+     group: tahrir
 

+     owner: root
 

+     service: tahrir
 

+ freezes: false
 

  lvm_size: 20000
 

  mem_size: 6144
 

  num_cpus: 2
 

- freezes: false
 

- 

+ tcp_ports: [80]
 

  # Definining these vars has a number of effects
 

  # 1) mod_wsgi is configured to use the vars for its own setup
 

  # 2) iptables opens enough ports for all threads for fedmsg
 
@@ -11,49 +50,3 @@
 

  wsgi_fedmsg_service: tahrir
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: tahrir
 

-   owner: root
 

-   group: tahrir
 

-   can_send:
 

-   - fedbadges.badge.award
 

-   - fedbadges.person.rank.advance
 

-   - fedbadges.person.login.first
 

- 

- 

- # For the MOTD
 

- csi_security_category: Low
 

- csi_primary_contact: Badges admins - sysadmin-badges-members@fedoraproject.org
 

- csi_purpose: Run the 'tahrir' mod_wsgi app to display badges.fedoraproject.org
 

- csi_relationship: |
 

-     The apache/mod_wsgi app is the only thing really running here
 

- 

-     * This host relies on:
 

-       * db01 for its database of badge awards (and users, etc..)
 

-       * a collection of .pngs in /usr/share/badges/pngs put there by ansible
 

-       * memcached!
 

- 

-     * Conversely, a few things rely on this site:
 

-       * We have a mediawiki plugin that hits a JSON endpoint to display badges.
 

-         It should be resilient, but issues in the badges app may cascade into
 

-         mediawiki issues in the event of faults.
 

-       * fedora-mobile (the android app) queries the JSON api here.
 

-       * zodbot has a .badges <username> command that queries the JSON api here.
 

-       * openbadges.org may call back to this app to verify that badge assertions
 

-         are really certified by us (this will happen anytime someone exports
 

-         their fedora badges to the mozilla universe via the tahrir web
 

-         interface, but may also happen later in the future to ensure we did not
 

-         revoke such and such badge).

file modified
+40 -46 
@@ -1,9 +1,48 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ csi_primary_contact: Badges admins - sysadmin-badges-members@fedoraproject.org
 

+ csi_purpose: Run the 'tahrir' mod_wsgi app to display badges.fedoraproject.org
 

+ csi_relationship: |
 

+   The apache/mod_wsgi app is the only thing really running here
 

+ 

+   * This host relies on:
 

+     * db01 for its database of badge awards (and users, etc..)
 

+     * a collection of .pngs in /usr/share/badges/pngs put there by ansible
 

+     * memcached!
 

+ 

+   * Conversely, a few things rely on this site:
 

+     * We have a mediawiki plugin that hits a JSON endpoint to display badges.
 

+       It should be resilient, but issues in the badges app may cascade into
 

+       mediawiki issues in the event of faults.
 

+     * fedora-mobile (the android app) queries the JSON api here.
 

+     * zodbot has a .badges <username> command that queries the JSON api here.
 

+     * openbadges.org may call back to this app to verify that badge assertions
 

+       are really certified by us (this will happen anytime someone exports
 

+       their fedora badges to the mozilla universe via the tahrir web
 

+       interface, but may also happen later in the future to ensure we did not
 

+       revoke such and such badge).
 

+ # For the MOTD
 

+ csi_security_category: Low
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - fedbadges.badge.award
 

+       - fedbadges.person.rank.advance
 

+       - fedbadges.person.login.first
 

+     group: tahrir
 

+     owner: root
 

+     service: tahrir
 

  lvm_size: 20000
 

  mem_size: 2048
 

  num_cpus: 2
 

- 

+ tcp_ports: [80]
 

  # Definining these vars has a number of effects
 

  # 1) mod_wsgi is configured to use the vars for its own setup
 

  # 2) iptables opens enough ports for all threads for fedmsg
 
@@ -11,48 +50,3 @@
 

  wsgi_fedmsg_service: tahrir
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: tahrir
 

-   owner: root
 

-   group: tahrir
 

-   can_send:
 

-   - fedbadges.badge.award
 

-   - fedbadges.person.rank.advance
 

-   - fedbadges.person.login.first
 

- 

- 

- # For the MOTD
 

- csi_security_category: Low
 

- csi_primary_contact: Badges admins - sysadmin-badges-members@fedoraproject.org
 

- csi_purpose: Run the 'tahrir' mod_wsgi app to display badges.fedoraproject.org
 

- csi_relationship: |
 

-     The apache/mod_wsgi app is the only thing really running here
 

- 

-     * This host relies on:
 

-       * db01 for its database of badge awards (and users, etc..)
 

-       * a collection of .pngs in /usr/share/badges/pngs put there by ansible
 

-       * memcached!
 

- 

-     * Conversely, a few things rely on this site:
 

-       * We have a mediawiki plugin that hits a JSON endpoint to display badges.
 

-         It should be resilient, but issues in the badges app may cascade into
 

-         mediawiki issues in the event of faults.
 

-       * fedora-mobile (the android app) queries the JSON api here.
 

-       * zodbot has a .badges <username> command that queries the JSON api here.
 

-       * openbadges.org may call back to this app to verify that badge assertions
 

-         are really certified by us (this will happen anytime someone exports
 

-         their fedora badges to the mozilla universe via the tahrir web
 

-         interface, but may also happen later in the future to ensure we did not
 

-         revoke such and such badge).

file modified
+7 -16 
@@ -1,22 +1,13 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ custom_rules: [
 

+   # fas01, fas02
 

+   '-A INPUT -p tcp -m tcp -s 10.5.126.25   --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.26   --dport 80 -j ACCEPT',
 

+   # wiki01, wiki02
 

+   '-A INPUT -p tcp -m tcp -s 10.5.126.63   --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.73   --dport 80 -j ACCEPT',
 

+   # os-node*
 

+   '-A INPUT -p tcp -m tcp -s 10.5.126.248   --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.164   --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.165   --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.166   --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.167   --dport 80 -j ACCEPT']
 

  lvm_size: 30000
 

  mem_size: 4096
 

  num_cpus: 2
 

- 

- custom_rules: [
 

-     # fas01, fas02
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.25   --dport 80 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.26   --dport 80 -j ACCEPT',
 

-     # wiki01, wiki02
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.63   --dport 80 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.73   --dport 80 -j ACCEPT',
 

-     # os-node*
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.248   --dport 80 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.164   --dport 80 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.165   --dport 80 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.166   --dport 80 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.167   --dport 80 -j ACCEPT',
 

- ]
 

- 

  primary_auth_source: ipa

file modified
+7 -12 
@@ -1,17 +1,12 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ custom_rules: [
 

+   # fas01.stg
 

+   '-A INPUT -p tcp -m tcp -s 10.5.128.129   --dport 80 -j ACCEPT',
 

+   # wiki01.stg
 

+   '-A INPUT -p tcp -m tcp -s 10.5.128.188   --dport 80 -j ACCEPT',
 

+   # os-node*.stg
 

+   '-A INPUT -p tcp -m tcp -s 10.5.128.104   --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.128.105   --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.128.106   --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.128.107   --dport 80 -j ACCEPT']
 

  lvm_size: 20000
 

  mem_size: 4096
 

  num_cpus: 2
 

- 

- custom_rules: [
 

-     # fas01.stg
 

-     '-A INPUT -p tcp -m tcp -s 10.5.128.129   --dport 80 -j ACCEPT',
 

-     # wiki01.stg
 

-     '-A INPUT -p tcp -m tcp -s 10.5.128.188   --dport 80 -j ACCEPT',
 

-     # os-node*.stg
 

-     '-A INPUT -p tcp -m tcp -s 10.5.128.104   --dport 80 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.5.128.105   --dport 80 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.5.128.106   --dport 80 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.5.128.107   --dport 80 -j ACCEPT',
 

- ]

file modified
+47 -65 
@@ -1,83 +1,65 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 20000
 

- mem_size: 8192
 

- num_cpus: 4
 

- 

- #
 

- # allow incoming openvpn and smtp
 

- #
 

- tcp_ports: [ 22, 25, 1194 ]
 

- udp_ports: [ 1194 ]
 

- 

+ csi_primary_contact: sysadmin-main admin@fedoraproject.org
 

+ csi_purpose: SSH proxy to access infrastructure not exposed to the web
 

+ csi_relationship: |
 

+   - Provides ssh access to all iad2/vpn connected servers.
 

+   - Bastion is the hub for all infrastructure's VPN connections.
 

+   - All incoming SMTP from iad2 and VPN, as well as outgoing SMTP,
 

+     pass or are filtered here.
 

+   - Bastion does not accept any mail outside phx2/vpn.
 

+ # These variables are pushed into /etc/system_identification by the base role.
 

+ # Groups and individual hosts should override them with specific info.
 

+ # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

+ csi_security_category: High
 

  #
 

  # drop incoming traffic from less trusted vpn hosts
 

  # allow ntp from internal RH 10 nets
 

  #
 

- custom_rules: [
 

-     '-A INPUT -s 192.168.100/24 -j REJECT --reject-with icmp-host-prohibited',
 

-     '-A INPUT -s 10.0.0.0/8 -p udp -m udp --dport 123 -j ACCEPT',
 

- ]
 

- 

- primary_auth_source: ipa
 

- 

- # allow a bunch of sysadmin groups here so they can access internal stuff
 

- ipa_host_group: bastion
 

- ipa_host_group_desc: Bastion hosts
 

- 

- ipa_client_shell_groups:
 

- - pungi-devel
 

- - sysadmin-analysis
 

- - sysadmin-dba
 

- - sysadmin-ppc
 

- - sysadmin-secondary
 

- - sysadmin-spin
 

- - sysadmin-troubleshoot
 

- - sysadmin-qa
 

- - sysadmin-kernel
 

- ipa_client_shell_groups_inherit_from:
 

- - batcave
 

- 

- fasjson_url: https://fasjson.fedoraproject.org/
 

- 

- #
 

- # This is a postfix gateway. This will pick up gateway postfix config in base
 

- #
 

- postfix_group: gateway
 

- postfix_transport_filename: transports.gateway
 

- 

+ custom_rules: ['-A INPUT -s 192.168.100/24 -j REJECT --reject-with icmp-host-prohibited', '-A INPUT -s 10.0.0.0/8 -p udp -m udp --dport 123 -j ACCEPT']
 

  #
 

  # Set this to get fasclient cron to make the aliases file
 

  #
 

  fas_aliases: true
 

- 

  #
 

  # Set this to get fasjson-client cron to make the aliases file
 

  #
 

  fasjson_aliases: false
 

- 

+ fasjson_url: https://fasjson.fedoraproject.org/
 

+ ipa_client_shell_groups:
 

+   - pungi-devel
 

+   - sysadmin-analysis
 

+   - sysadmin-dba
 

+   - sysadmin-ppc
 

+   - sysadmin-secondary
 

+   - sysadmin-spin
 

+   - sysadmin-troubleshoot
 

+   - sysadmin-qa
 

+   - sysadmin-kernel
 

+ ipa_client_shell_groups_inherit_from:
 

+   - batcave
 

+ # allow a bunch of sysadmin groups here so they can access internal stuff
 

+ ipa_host_group: bastion
 

+ ipa_host_group_desc: Bastion hosts
 

+ lvm_size: 20000
 

+ mem_size: 8192
 

+ nagios_Check_Services:
 

+   mail: false
 

+   nrpe: true
 

+ nrpe_procs_crit: 1200
 

  #
 

  # Sometimes there are lots of postfix processes
 

  #
 

  nrpe_procs_warn: 1100
 

- nrpe_procs_crit: 1200
 

- 

- # These variables are pushed into /etc/system_identification by the base role.
 

- # Groups and individual hosts should override them with specific info.
 

- # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

- csi_security_category: High
 

- csi_primary_contact: sysadmin-main admin@fedoraproject.org
 

- csi_purpose: SSH proxy to access infrastructure not exposed to the web
 

- csi_relationship: |
 

-   - Provides ssh access to all iad2/vpn connected servers.
 

-   - Bastion is the hub for all infrastructure's VPN connections.
 

-   - All incoming SMTP from iad2 and VPN, as well as outgoing SMTP,
 

-     pass or are filtered here.
 

-   - Bastion does not accept any mail outside phx2/vpn.
 

- 

- nagios_Check_Services:
 

-   nrpe: true
 

-   mail: false
 

- 

- # needed for rhel8
 

+ num_cpus: 4
 

+ #
 

+ # This is a postfix gateway. This will pick up gateway postfix config in base
 

+ #
 

+ postfix_group: gateway
 

+ postfix_transport_filename: transports.gateway
 

+ primary_auth_source: ipa
 

+ #
 

+ # allow incoming openvpn and smtp
 

+ #
 

+ tcp_ports: [22, 25, 1194]
 

+ udp_ports: [1194]

file modified
+41 -55 
@@ -1,59 +1,16 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 20000
 

- mem_size: 8192
 

- num_cpus: 4
 

- 

- #
 

- # allow incoming openvpn and smtp
 

- #
 

- tcp_ports: [ 22, 25, 1194 ]
 

- udp_ports: [ 1194 ]
 

- 

- #
 

- # drop incoming traffic from less trusted vpn hosts
 

- # allow ntp from internal RH 10 nets
 

- #
 

- custom_rules: [
 

-     '-A INPUT -s 192.168.100/24 -j REJECT --reject-with icmp-host-prohibited',
 

-     '-A INPUT -s 10.0.0.0/8 -p udp -m udp --dport 123 -j ACCEPT',
 

- ]
 

- #
 

- # allow a bunch of sysadmin groups here so they can access internal stuff
 

- #
 

- ipa_host_group: bastion
 

- ipa_host_group_desc: Bastion hosts
 

- 

+ bastion_ipa_client_shell_groups:
 

+   - pungi-devel
 

+   - sysadmin-analysis
 

+   - sysadmin-dba
 

+   - sysadmin-ppc
 

+   - sysadmin-secondary
 

+   - sysadmin-spin
 

+   - sysadmin-troubleshoot
 

  # this only works if the `batcave_stg` group and at least one host in it is defined
 

  # batcave_ipa_client_shell_groups: "{{ hostvars[groups['batcave_stg'][0]]['ipa_client_shell_groups'] | default([]) }}"
 

  batcave_ipa_client_shell_groups: []
 

- bastion_ipa_client_shell_groups:
 

- - pungi-devel
 

- - sysadmin-analysis
 

- - sysadmin-dba
 

- - sysadmin-ppc
 

- - sysadmin-secondary
 

- - sysadmin-spin
 

- - sysadmin-troubleshoot
 

- 

- ipa_client_shell_groups: "{{ (bastion_ipa_client_shell_groups + batcave_ipa_client_shell_groups) | sort | unique }}"
 

- 

- #
 

- # Set this to get fasjson-client cron to make the aliases file
 

- #
 

- fasjson_aliases: true
 

- 

- #
 

- # Sometimes there are lots of postfix processes
 

- #
 

- nrpe_procs_warn: 1100
 

- nrpe_procs_crit: 1200
 

- 

- # These variables are pushed into /etc/system_identification by the base role.
 

- # Groups and individual hosts should override them with specific info.
 

- # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

- csi_security_category: High
 

  csi_primary_contact: sysadmin-main admin@fedoraproject.org
 

  csi_purpose: SSH proxy to access STAGING infrastructure not exposed to the web
 

  csi_relationship: |
 
@@ -62,9 +19,38 @@
 

    - All incoming SMTP from iad2 and VPN, as well as outgoing SMTP,
 

      pass or are filtered here.
 

    - Bastion does not accept any mail outside phx2/vpn.
 

- 

+ # These variables are pushed into /etc/system_identification by the base role.
 

+ # Groups and individual hosts should override them with specific info.
 

+ # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

+ csi_security_category: High
 

+ #
 

+ # drop incoming traffic from less trusted vpn hosts
 

+ # allow ntp from internal RH 10 nets
 

+ #
 

+ custom_rules: ['-A INPUT -s 192.168.100/24 -j REJECT --reject-with icmp-host-prohibited', '-A INPUT -s 10.0.0.0/8 -p udp -m udp --dport 123 -j ACCEPT']
 

+ #
 

+ # Set this to get fasjson-client cron to make the aliases file
 

+ #
 

+ fasjson_aliases: true
 

+ ipa_client_shell_groups: "{{ (bastion_ipa_client_shell_groups + batcave_ipa_client_shell_groups) | sort | unique }}"
 

+ #
 

+ # allow a bunch of sysadmin groups here so they can access internal stuff
 

+ #
 

+ ipa_host_group: bastion
 

+ ipa_host_group_desc: Bastion hosts
 

+ lvm_size: 20000
 

+ mem_size: 8192
 

  nagios_Check_Services:
 

-   nrpe: true
 

    mail: false
 

- 

- # needed for rhel8
 

+   nrpe: true
 

+ nrpe_procs_crit: 1200
 

+ #
 

+ # Sometimes there are lots of postfix processes
 

+ #
 

+ nrpe_procs_warn: 1100
 

+ num_cpus: 4
 

+ #
 

+ # allow incoming openvpn and smtp
 

+ #
 

+ tcp_ports: [22, 25, 1194]
 

+ udp_ports: [1194]

file modified
+66 -73 
@@ -1,83 +1,76 @@
 

  ---
 

- lvm_size: 500000
 

- mem_size: 24576
 

- num_cpus: 10
 

- 

- tcp_ports: [ 80, 443, 8442, 8443 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: batcave
 

- ipa_host_group_desc: The Bat Cave
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-ask
 

- - sysadmin-badges
 

- - sysadmin-bot
 

- - sysadmin-centos
 

- - sysadmin-cloud
 

- - sysadmin-copr
 

- - sysadmin-coreos
 

- - sysadmin-cvs
 

- - sysadmin-datanommer
 

- - sysadmin-debuginfod
 

- - sysadmin-fedimg
 

- - sysadmin-koschei
 

- - sysadmin-libravatar
 

- - sysadmin-mbs
 

- - sysadmin-messaging
 

- - sysadmin-noc
 

- - sysadmin-odcs
 

- - sysadmin-osbs
 

- - sysadmin-qa
 

- - sysadmin-retrace
 

- - sysadmin-releasemonitoring
 

- - sysadmin-releng
 

- - sysadmin-tools
 

- - sysadmin-upstreamfirst
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- 

  ansible_base: /srv/web/infra
 

- freezes: true
 

- nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - ansible.playbook.complete
 

-   - ansible.playbook.start
 

-   - logger.log
 

- - service: scm
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - infragit.receive
 

- 

- # For the MOTD
 

- csi_security_category: High
 

  csi_primary_contact: admin@fedoraproject.org / sysadmin-main-members
 

  csi_purpose: Central management host for ansible
 

  csi_relationship: |
 

-     From the batcave batman ventures out to fight crime and protect gotham city!
 

+   From the batcave batman ventures out to fight crime and protect gotham city!
 

  

-     batcave is the central management host for ansible.
 

-     It also is the infrastructure.fedoraproject.org website with various content.
 

-     It houses a number of infrastructure git repos.
 

+   batcave is the central management host for ansible.
 

+   It also is the infrastructure.fedoraproject.org website with various content.
 

+   It houses a number of infrastructure git repos.
 

  

-     * This host relies on:
 

-     The virthost it's hosted on (virthost22)
 

+   * This host relies on:
 

+   The virthost it's hosted on (virthost22)
 

  

-     * Things that rely on this host:
 

-     Things that access rhel/fedora/infra rpm repos, including builders and infra hosts.
 

-     If this host is down, ansible runs cannot be made to update other hosts.
 

-     If this host is down, crime may go up in gotham city.
 

- 

- nrpe_procs_warn: 900
 

+   * Things that rely on this host:
 

+   Things that access rhel/fedora/infra rpm repos, including builders and infra hosts.
 

+   If this host is down, ansible runs cannot be made to update other hosts.
 

+   If this host is down, crime may go up in gotham city.
 

+ # For the MOTD
 

+ csi_security_category: High
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - ansible.playbook.complete
 

+       - ansible.playbook.start
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - infragit.receive
 

+     group: sysadmin
 

+     owner: root
 

+     service: scm
 

+ freezes: true
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-ask
 

+   - sysadmin-badges
 

+   - sysadmin-bot
 

+   - sysadmin-centos
 

+   - sysadmin-cloud
 

+   - sysadmin-copr
 

+   - sysadmin-coreos
 

+   - sysadmin-cvs
 

+   - sysadmin-datanommer
 

+   - sysadmin-debuginfod
 

+   - sysadmin-fedimg
 

+   - sysadmin-koschei
 

+   - sysadmin-libravatar
 

+   - sysadmin-mbs
 

+   - sysadmin-messaging
 

+   - sysadmin-noc
 

+   - sysadmin-odcs
 

+   - sysadmin-osbs
 

+   - sysadmin-qa
 

+   - sysadmin-retrace
 

+   - sysadmin-releasemonitoring
 

+   - sysadmin-releng
 

+   - sysadmin-tools
 

+   - sysadmin-upstreamfirst
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_host_group: batcave
 

+ ipa_host_group_desc: The Bat Cave
 

+ lvm_size: 500000
 

+ mem_size: 24576
 

+ nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

  nrpe_procs_crit: 1000
 

- vpn: true
 

+ nrpe_procs_warn: 900
 

+ num_cpus: 10
 

+ primary_auth_source: ipa
 

  sshd_sftp: true
 

+ tcp_ports: [80, 443, 8442, 8443]
 

+ vpn: true

file modified
+6 -8 
@@ -1,13 +1,11 @@
 

  ---
 

  host_group: kojibuilder
 

- 

- koji_hub_nfs: "fedora_koji"
 

- koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.fedoraproject.org/koji"
 

- koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

- 

- ipa_host_group: kojibuilder-kernel
 

- ipa_host_group_desc: Koji Build hosts for kernel builds
 

  # Both of these default to sysadmin-main in the ipa/client role
 

  ipa_client_shell_groups: []
 

  ipa_client_sudo_groups: []
 

+ ipa_host_group: kojibuilder-kernel
 

+ ipa_host_group_desc: Koji Build hosts for kernel builds
 

+ koji_hub_nfs: "fedora_koji"
 

+ koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

+ koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

+ koji_weburl: "https://koji.fedoraproject.org/koji"

file modified
+30 -39 
@@ -1,48 +1,39 @@
 

  ---
 

- lvm_size: 30000
 

- mem_size: 4096
 

- num_cpus: 2
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 443, 8888 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: blockerbugs
 

- ipa_host_group_desc: Blocker bug tracking service
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-qa
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-qa
 

- 

- # This gets overridden by whichever node we want to run special cronjobs.
 

- master_blockerbugs_node: False
 

- 

- host_group: blockerbugs
 

- 

- blockerbugs_secret_key: "{{ stg_blockerbugs_secret_key }}"
 

- blockerbugs_url: 'https://qa.fedoraproject.org/blockerbugs/'
 

- blockerbugs_bugzilla_url: 'https://bugzilla.redhat.com/'
 

  blockerbugs_bodhi_url: 'https://bodhi.fedoraproject.org/'
 

- blockerbugs_pagure_url: 'https://pagure.io/'
 

- blockerbugs_pagure_repo_token_secret: "{{ blockerbugs_pagure_repo_token }}"
 

- blockerbugs_pagure_repo_webhook_key_secret: "{{ blockerbugs_pagure_repo_webhook_key }}"
 

- 

+ blockerbugs_bugzilla_url: 'https://bugzilla.redhat.com/'
 

+ blockerbugs_db_host: "{{ blockerbugs_db_host_machine }}"
 

  ############################################################
 

  # blockerbugs db details
 

  ############################################################
 

- 

  blockerbugs_db_host_machine: db01.iad2.fedoraproject.org
 

- blockerbugs_db_host: "{{ blockerbugs_db_host_machine }}"
 

- blockerbugs_db_port: 5432
 

  blockerbugs_db_name: blockerbugs
 

+ blockerbugs_db_password: "{{ prod_blockerbugs_db_password }}"
 

+ blockerbugs_db_port: 5432
 

  # these aren't right but they're just placeholders for now
 

  blockerbugs_db_user: "{{ prod_blockerbugs_db_user }}"
 

- blockerbugs_db_password: "{{ prod_blockerbugs_db_password }}"
 

+ blockerbugs_pagure_repo_token_secret: "{{ blockerbugs_pagure_repo_token }}"
 

+ blockerbugs_pagure_repo_webhook_key_secret: "{{ blockerbugs_pagure_repo_webhook_key }}"
 

+ blockerbugs_pagure_url: 'https://pagure.io/'
 

+ blockerbugs_secret_key: "{{ stg_blockerbugs_secret_key }}"
 

+ blockerbugs_url: 'https://qa.fedoraproject.org/blockerbugs/'
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ host_group: blockerbugs
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-qa
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-qa
 

+ ipa_host_group: blockerbugs
 

+ ipa_host_group_desc: Blocker bug tracking service
 

+ lvm_size: 30000
 

+ # This gets overridden by whichever node we want to run special cronjobs.
 

+ master_blockerbugs_node: False
 

+ mem_size: 4096
 

+ num_cpus: 2
 

+ primary_auth_source: ipa
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [80, 443, 8888]

file modified
+28 -36 
@@ -1,44 +1,36 @@
 

  ---
 

- lvm_size: 30000
 

- mem_size: 4096
 

- num_cpus: 2
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 443, 8888 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- ipa_host_group: blockerbugs
 

- ipa_host_group_desc: Blocker bug tracking service
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-qa
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-qa
 

- 

- # This gets overridden by whichever node we want to run special cronjobs.
 

- master_blockerbugs_node: False
 

- 

- blockerbugs_secret_key: "{{ stg_blockerbugs_secret_key }}"
 

- blockerbugs_url: 'https://qa.stg.fedoraproject.org/blockerbugs/'
 

- blockerbugs_bugzilla_url: 'https://bugzilla.stage.redhat.com/'
 

  blockerbugs_bodhi_url: 'https://bodhi.stg.fedoraproject.org/'
 

- blockerbugs_pagure_url: 'https://stg.pagure.io/'
 

- blockerbugs_pagure_repo_token_secret: "{{ blockerbugs_stg_pagure_repo_token }}"
 

- blockerbugs_pagure_repo_webhook_key_secret: "{{ blockerbugs_stg_pagure_repo_webhook_key }}"
 

- 

+ blockerbugs_bugzilla_url: 'https://bugzilla.stage.redhat.com/'
 

+ blockerbugs_db_host: "{{ blockerbugs_db_host_machine }}"
 

  ############################################################
 

  # blockerbugs db details
 

  ############################################################
 

- 

  blockerbugs_db_host_machine: db01.stg.iad2.fedoraproject.org
 

- blockerbugs_db_host: "{{ blockerbugs_db_host_machine }}"
 

- blockerbugs_db_port: 5432
 

  blockerbugs_db_name: blockerbugs
 

- blockerbugs_db_user: "{{ stg_blockerbugs_db_user }}"
 

  blockerbugs_db_password: "{{ stg_blockerbugs_db_password }}"
 

+ blockerbugs_db_port: 5432
 

+ blockerbugs_db_user: "{{ stg_blockerbugs_db_user }}"
 

+ blockerbugs_pagure_repo_token_secret: "{{ blockerbugs_stg_pagure_repo_token }}"
 

+ blockerbugs_pagure_repo_webhook_key_secret: "{{ blockerbugs_stg_pagure_repo_webhook_key }}"
 

+ blockerbugs_pagure_url: 'https://stg.pagure.io/'
 

+ blockerbugs_secret_key: "{{ stg_blockerbugs_secret_key }}"
 

+ blockerbugs_url: 'https://qa.stg.fedoraproject.org/blockerbugs/'
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-qa
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-qa
 

+ ipa_host_group: blockerbugs
 

+ ipa_host_group_desc: Blocker bug tracking service
 

+ lvm_size: 30000
 

+ # This gets overridden by whichever node we want to run special cronjobs.
 

+ master_blockerbugs_node: False
 

+ mem_size: 4096
 

+ num_cpus: 2
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [80, 443, 8888]

file modified
+26 -40 
@@ -1,50 +1,36 @@
 

  ---
 

  # common items for the releng-* boxes
 

- lvm_size: 100000
 

- mem_size: 16384
 

- num_cpus: 16
 

- nm: 255.255.255.0
 

- gw: 10.5.125.254
 

- dns: 10.5.126.21
 

- 

- ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7
 

- ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/
 

- 

- virt_install_command: "{{ virt_install_command_two_nic }}"
 

- 

- # Do not use testing repositories on production
 

- testing: False
 

- 

- # Make connections from signing bridges stateless, they break sigul connections
 

- # https://bugzilla.redhat.com/show_bug.cgi?id=1283364
 

- custom_rules: ['-A INPUT --proto tcp --sport 44334 --source 10.5.125.71 -j ACCEPT']
 

- 

- # With 16 cpus, theres a bunch more kernel threads
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

- host_group: bodhi2
 

- 

  bodhi_message_queue_name: "bodhi{{ env_suffix }}_composer"
 

  # Define the topics that our fedora-messaging queue should be subscribed to.
 

  bodhi_message_routing_keys:
 

    - "org.fedoraproject.*.bodhi.composer.start"
 

- 

+ # Make connections from signing bridges stateless, they break sigul connections
 

+ # https://bugzilla.redhat.com/show_bug.cgi?id=1283364
 

+ custom_rules: ['-A INPUT --proto tcp --sport 44334 --source 10.5.125.71 -j ACCEPT']
 

+ dns: 10.5.126.21
 

+ gw: 10.5.125.254
 

+ host_group: bodhi2
 

+ ipa_client_shell_groups:
 

+   - sysadmin-bodhi
 

+   - sysadmin-releng
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-bodhi
 

+   - sysadmin-releng
 

+ ipa_host_group: bodhi
 

+ ipa_host_group_desc: Bodhi update service
 

+ ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7
 

+ lvm_size: 100000
 

+ mem_size: 16384
 

  ## XXX -- note that the fedmsg_certs declaration does not happen here, but
 

  # happens instead at the inventory/host_vars/ level s
 

- 

  nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ # With 16 cpus, theres a bunch more kernel threads
 

+ nrpe_procs_warn: 900
 

+ num_cpus: 16
 

  sudoers: "{{ private }}/files/sudo/00releng-sudoers"
 

- 

- ipa_host_group: bodhi
 

- ipa_host_group_desc: Bodhi update service
 

- ipa_client_shell_groups:
 

- - sysadmin-bodhi
 

- - sysadmin-releng
 

- ipa_client_sudo_groups:
 

- - sysadmin-bodhi
 

- - sysadmin-releng
 

- 

- ## XXX - note that the csi_ stuff is kept at the host_vars/ level.
 

- 

+ # Do not use testing repositories on production
 

+ testing: False
 

+ virt_install_command: "{{ virt_install_command_two_nic }}"

file modified
+43 -50 
@@ -1,59 +1,52 @@
 

  ---
 

  # common items for the releng-* boxes
 

- lvm_size: 100000
 

- mem_size: 4096
 

- num_cpus: 2
 

- nm: 255.255.255.0
 

- gw: 10.5.126.254
 

- dns: 10.5.126.21
 

- 

- # Use the infra-testing repo
 

- testing: True
 

- 

- # Make connections from signing bridges stateless, they break sigul connections
 

- # https://bugzilla.redhat.com/show_bug.cgi?id=1283364
 

- # this is sign-bridge01.iad2 ip 10.3.169.120
 

- custom_rules: ['-A INPUT --proto tcp --sport 44334 --source 10.3.169.120 -j ACCEPT']
 

- 

- # With 16 cpus, theres a bunch more kernel threads
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

- host_group: bodhi2
 

- 

  bodhi_message_queue_name: "bodhi{{ env_suffix }}_composer"
 

  # Define the topics that our fedora-messaging queue should be subscribed to.
 

  bodhi_message_routing_keys:
 

    - "org.fedoraproject.*.bodhi.composer.start"
 

- 

- ipa_host_group: bodhi
 

- ipa_host_group_desc: Bodhi update service
 

- ipa_client_shell_groups:
 

- - sysadmin-bodhi
 

- - sysadmin-releng
 

- ipa_client_sudo_groups:
 

- - sysadmin-bodhi
 

- - sysadmin-releng
 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

  csi_primary_contact: Releng Admins sysadmin-releng-members@fedoraproject.org
 

  csi_purpose: Run the Bodhi masher.
 

  csi_relationship: |
 

-     The mashing of repos here happens as part of the 'fedmsg-hub' daemon.  Check
 

-     logs with 'journalctl -u fedmsg-hub'.  Check the bodhi masher docs/code for
 

-     more detail on what it does:
 

-     https://github.com/fedora-infra/bodhi/blob/develop/bodhi/consumers/masher.py
 

- 

-     * This host relies on:
 

-       * db01 for its database, which is shares with the bodhi2 frontend nodes.
 

-       * An NFS mount of koji data in /mnt/koji/
 

-       * The fedmsg bus for triggering mashes.
 

-       * XMLRPC calls to koji for tagging and untagging updates.
 

-       * bugzilla for posting comments about status changes
 

-       * the wiki for getting information about QA "Test Cases"
 

-       * taksotron (resultsdb) for getting status-check results (gating updates).
 

- 

-     * No other systems rely directly on this host.  Everything depends on it
 

-       indirectly for the creation of new updates repos (which get synced out to
 

-       the master mirror for distribution.
 

+   The mashing of repos here happens as part of the 'fedmsg-hub' daemon.  Check
 

+   logs with 'journalctl -u fedmsg-hub'.  Check the bodhi masher docs/code for
 

+   more detail on what it does:
 

+   https://github.com/fedora-infra/bodhi/blob/develop/bodhi/consumers/masher.py
 

+ 

+   * This host relies on:
 

+     * db01 for its database, which is shares with the bodhi2 frontend nodes.
 

+     * An NFS mount of koji data in /mnt/koji/
 

+     * The fedmsg bus for triggering mashes.
 

+     * XMLRPC calls to koji for tagging and untagging updates.
 

+     * bugzilla for posting comments about status changes
 

+     * the wiki for getting information about QA "Test Cases"
 

+     * taksotron (resultsdb) for getting status-check results (gating updates).
 

+ 

+   * No other systems rely directly on this host.  Everything depends on it
 

+     indirectly for the creation of new updates repos (which get synced out to
 

+     the master mirror for distribution.
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ # Make connections from signing bridges stateless, they break sigul connections
 

+ # https://bugzilla.redhat.com/show_bug.cgi?id=1283364
 

+ # this is sign-bridge01.iad2 ip 10.3.169.120
 

+ custom_rules: ['-A INPUT --proto tcp --sport 44334 --source 10.3.169.120 -j ACCEPT']
 

+ dns: 10.5.126.21
 

+ gw: 10.5.126.254
 

+ host_group: bodhi2
 

+ ipa_client_shell_groups:
 

+   - sysadmin-bodhi
 

+   - sysadmin-releng
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-bodhi
 

+   - sysadmin-releng
 

+ ipa_host_group: bodhi
 

+ ipa_host_group_desc: Bodhi update service
 

+ lvm_size: 100000
 

+ mem_size: 4096
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ # With 16 cpus, theres a bunch more kernel threads
 

+ nrpe_procs_warn: 900
 

+ num_cpus: 2
 

+ # Use the infra-testing repo
 

+ testing: True

file modified
+7 -8 
@@ -2,15 +2,14 @@
 

  # nagios items
 

  # We don't use nrpe to check any of the builders
 

  # Nor do we check swap there.
 

+ ipa_client_shell_groups:
 

+   - sysadmin-releng
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-releng
 

+ ipa_host_group: kojibuilder
 

+ ipa_host_group_desc: Koji Build hosts
 

  nagios_Check_Services:
 

+   mail: false
 

    nrpe: false
 

    swap: false
 

-   mail: false
 

- 

  primary_auth_source: ipa
 

- ipa_host_group: kojibuilder
 

- ipa_host_group_desc: Koji Build hosts
 

- ipa_client_shell_groups:
 

- - sysadmin-releng
 

- ipa_client_sudo_groups:
 

- - sysadmin-releng

file modified
+7 -8 
@@ -2,15 +2,14 @@
 

  # nagios items
 

  # We don't use nrpe to check any of the builders
 

  # Nor do we check swap there.
 

+ ipa_client_shell_groups:
 

+   - sysadmin-releng
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-releng
 

+ ipa_host_group: kojibuilder
 

+ ipa_host_group_desc: Koji Build hosts
 

  nagios_Check_Services:
 

+   mail: false
 

    nrpe: false
 

    swap: false
 

-   mail: false
 

- 

  primary_auth_source: ipa
 

- ipa_host_group: kojibuilder
 

- ipa_host_group_desc: Koji Build hosts
 

- ipa_client_shell_groups:
 

- - sysadmin-releng
 

- ipa_client_sudo_groups:
 

- - sysadmin-releng

file modified
+13 -17 
@@ -1,27 +1,23 @@
 

  ---
 

- host_group: kojibuilder
 

- freezes: true
 

- 

- koji_hub_nfs: "fedora_koji"
 

- koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.fedoraproject.org/koji"
 

- koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

- 

- # These variables are pushed into /etc/system_identification by the base role.
 

- # Groups and individual hosts should ovveride them with specific info.
 

- # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

- csi_security_category: High
 

  csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

  csi_purpose: Koji service employs a set of machines to build packages for the Fedora project.
 

  csi_relationship: |
 

    * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

    * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

    * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

- 

+ # These variables are pushed into /etc/system_identification by the base role.
 

+ # Groups and individual hosts should ovveride them with specific info.
 

+ # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

+ csi_security_category: High
 

+ docker_registry: "candidate-registry.fedoraproject.org"
 

+ freezes: true
 

+ host_group: kojibuilder
 

+ koji_hub: "koji.fedoraproject.org/kojihub"
 

+ koji_hub_nfs: "fedora_koji"
 

+ koji_root: "koji.fedoraproject.org/koji"
 

+ koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

+ koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

+ koji_weburl: "https://koji.fedoraproject.org/koji"
 

  # These variables are for koji-containerbuild/osbs
 

  osbs_url: "osbs.fedoraproject.org"
 

- docker_registry: "candidate-registry.fedoraproject.org"
 

  source_registry: "registry.fedoraproject.org"
 

- koji_root: "koji.fedoraproject.org/koji"
 

- koji_hub: "koji.fedoraproject.org/kojihub"

file modified
+22 -26 
@@ -1,27 +1,5 @@
 

  ---
 

  # common items for the buildvm-* koji builders
 

- volgroup: /dev/BuildGuests
 

- lvm_size: 262144
 

- mem_size: 15360
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 6
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- nm: 255.255.255.0
 

- gw: 10.5.125.254
 

- dns: 10.3.163.33
 

- virt_install_command: "{{ virt_install_command_one_nic_unsafe }}"
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- host_group: kojibuilder
 

- 

- koji_hub_nfs: "fedora_koji"
 

- koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.fedoraproject.org/koji"
 

- koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

- 

- csi_security_category: High
 

  csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

  csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders.
 

  csi_relationship: |
 
@@ -29,10 +7,28 @@
 

    * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

    * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

    * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

- 

+ csi_security_category: High
 

+ dns: 10.3.163.33
 

+ docker_registry: "candidate-registry.fedoraproject.org"
 

+ gw: 10.5.125.254
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ host_group: kojibuilder
 

+ koji_hub: "koji.fedoraproject.org/kojihub"
 

+ koji_hub_nfs: "fedora_koji"
 

+ koji_root: "koji.fedoraproject.org/koji"
 

+ koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

+ koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

+ koji_weburl: "https://koji.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ lvm_size: 262144
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 15360
 

+ nm: 255.255.255.0
 

+ num_cpus: 6
 

  # These variables are for koji-containerbuild/osbs
 

  osbs_url: "osbs.fedoraproject.org"
 

- docker_registry: "candidate-registry.fedoraproject.org"
 

  source_registry: "registry.fedoraproject.org"
 

- koji_root: "koji.fedoraproject.org/koji"
 

- koji_hub: "koji.fedoraproject.org/kojihub"
 

+ virt_install_command: "{{ virt_install_command_one_nic_unsafe }}"
 

+ volgroup: /dev/BuildGuests

file modified
+23 -28 
@@ -1,29 +1,5 @@
 

  ---
 

  # common items for the buildvm-aarch64* koji builders
 

- volgroup: /dev/vg_guests
 

- lvm_size: 140000
 

- mem_size: 40960
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 5
 

- max_cpu: "{{ num_cpus }}"
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/aarch64/os/
 

- nm: 255.255.255.0
 

- gw: 10.3.170.254
 

- dns: 10.3.163.33
 

- 

- virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- host_group: kojibuilder
 

- 

- koji_hub_nfs: "fedora_koji"
 

- koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.fedoraproject.org/koji"
 

- koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

- 

- csi_security_category: High
 

  csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

  csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders.
 

  csi_relationship: |
 
@@ -31,10 +7,29 @@
 

    * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

    * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

    * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

- 

+ csi_security_category: High
 

+ dns: 10.3.163.33
 

+ docker_registry: "candidate-registry.fedoraproject.org"
 

+ gw: 10.3.170.254
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ host_group: kojibuilder
 

+ koji_hub: "koji.fedoraproject.org/kojihub"
 

+ koji_hub_nfs: "fedora_koji"
 

+ koji_root: "koji.fedoraproject.org/koji"
 

+ koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

+ koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

+ koji_weburl: "https://koji.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/aarch64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ lvm_size: 140000
 

+ max_cpu: "{{ num_cpus }}"
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 40960
 

+ nm: 255.255.255.0
 

+ num_cpus: 5
 

  # These variables are for koji-containerbuild/osbs
 

  osbs_url: "osbs.fedoraproject.org"
 

- docker_registry: "candidate-registry.fedoraproject.org"
 

  source_registry: "registry.fedoraproject.org"
 

- koji_root: "koji.fedoraproject.org/koji"
 

- koji_hub: "koji.fedoraproject.org/kojihub"
 

+ virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
 

+ volgroup: /dev/vg_guests

file modified
+27 -32 
@@ -1,48 +1,43 @@
 

  ---
 

  # common items for the buildvm-* koji builders
 

- volgroup: /dev/vg_guests
 

- lvm_size: 140000
 

- mem_size: 40960
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 5
 

- max_cpu: "{{ num_cpus }}"
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/aarch64/os/
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ createrepo: True
 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders (staging).
 

+ csi_relationship: |
 

+   * VMs built on top of buildvmhost
 

+   * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

+   * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

+   * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

+ csi_security_category: High
 

+ datacenter: staging
 

  dns: 10.3.163.33
 

- 

+ docker_registry: "candidate-registry.stg.fedoraproject.org"
 

+ gw: 10.3.167.254
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

  host_group: kojibuilder
 

- datacenter: staging
 

- nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

+ koji_hub: "koji.stg.fedoraproject.org/kojihub"
 

  koji_hub_nfs: "fedora_koji"
 

+ koji_root: "koji.stg.fedoraproject.org/koji"
 

  koji_server_url: "https://koji.stg.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

  koji_topurl: "https://kojipkgs.stg.fedoraproject.org/"
 

  # These variables are pushed into /etc/system_identification by the base role.
 

  # Groups and individual hosts should ovveride them with specific info.
 

  # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

  

- csi_security_category: High
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders (staging).
 

- csi_relationship: |
 

-   * VMs built on top of buildvmhost
 

-   * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

-   * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

-   * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

- 

- # this is to enable nested virt, which we need for some builds
 

- virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
 

- 

+ koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/aarch64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ lvm_size: 140000
 

+ max_cpu: "{{ num_cpus }}"
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 40960
 

+ nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

+ nm: 255.255.255.0
 

+ num_cpus: 5
 

  # These variables are for koji-containerbuild/osbs
 

  osbs_url: "osbs.stg.fedoraproject.org"
 

  source_registry: "registry.stg.fedoraproject.org"
 

- docker_registry: "candidate-registry.stg.fedoraproject.org"
 

- koji_root: "koji.stg.fedoraproject.org/koji"
 

- koji_hub: "koji.stg.fedoraproject.org/kojihub"
 

- 

- createrepo: True
 

+ # this is to enable nested virt, which we need for some builds
 

+ virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
 

+ volgroup: /dev/vg_guests

file modified
+26 -31 
@@ -1,32 +1,5 @@
 

  ---
 

  # common items for the buildvm-aarmv7* koji builders
 

- volgroup: /dev/vg_guests
 

- lvm_size: 140000
 

- mem_size: 40960
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 5
 

- max_cpu: "{{ num_cpus }}"
 

- ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-34-armv7
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/armhfp/os/
 

- nm: 255.255.255.0
 

- gw: 10.3.170.254
 

- dns: 10.3.163.33
 

- 

- # This is reverted so that eth1 gets br0 and eth0 gets br1
 

- # This seems some kind of bug where in the guest kernel the devices are swapped around
 

- # when compared to the host.
 

- virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- host_group: kojibuilder
 

- 

- koji_hub_nfs: "fedora_koji"
 

- koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.fedoraproject.org/koji"
 

- koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

- 

- csi_security_category: High
 

  csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

  csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders.
 

  csi_relationship: |
 
@@ -34,10 +7,32 @@
 

    * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

    * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

    * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

- 

+ csi_security_category: High
 

+ dns: 10.3.163.33
 

+ docker_registry: "candidate-registry.fedoraproject.org"
 

+ gw: 10.3.170.254
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ host_group: kojibuilder
 

+ koji_hub: "koji.fedoraproject.org/kojihub"
 

+ koji_hub_nfs: "fedora_koji"
 

+ koji_root: "koji.fedoraproject.org/koji"
 

+ koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

+ koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

+ koji_weburl: "https://koji.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/armhfp/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-34-armv7
 

+ lvm_size: 140000
 

+ max_cpu: "{{ num_cpus }}"
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 40960
 

+ nm: 255.255.255.0
 

+ num_cpus: 5
 

  # These variables are for koji-containerbuild/osbs
 

  osbs_url: "osbs.fedoraproject.org"
 

- docker_registry: "candidate-registry.fedoraproject.org"
 

  source_registry: "registry.fedoraproject.org"
 

- koji_root: "koji.fedoraproject.org/koji"
 

- koji_hub: "koji.fedoraproject.org/kojihub"
 

+ # This is reverted so that eth1 gets br0 and eth0 gets br1
 

+ # This seems some kind of bug where in the guest kernel the devices are swapped around
 

+ # when compared to the host.
 

+ virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
 

+ volgroup: /dev/vg_guests

file modified
+27 -32 
@@ -1,48 +1,43 @@
 

  ---
 

  # common items for the buildvm-* koji builders
 

- volgroup: /dev/vg_guests
 

- lvm_size: 140000
 

- mem_size: 40960
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 5
 

- max_cpu: "{{ num_cpus }}"
 

- ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-34-armv7
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/armhfp/os/
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ createrepo: True
 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders (staging).
 

+ csi_relationship: |
 

+   * VMs built on top of buildvmhost
 

+   * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

+   * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

+   * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

+ csi_security_category: High
 

+ datacenter: staging
 

  dns: 10.3.163.33
 

- 

+ docker_registry: "candidate-registry.stg.fedoraproject.org"
 

+ gw: 10.3.167.254
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

  host_group: kojibuilder
 

- datacenter: staging
 

- nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

+ koji_hub: "koji.stg.fedoraproject.org/kojihub"
 

  koji_hub_nfs: "fedora_koji"
 

+ koji_root: "koji.stg.fedoraproject.org/koji"
 

  koji_server_url: "https://koji.stg.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

  koji_topurl: "https://kojipkgs.stg.fedoraproject.org/"
 

  # These variables are pushed into /etc/system_identification by the base role.
 

  # Groups and individual hosts should ovveride them with specific info.
 

  # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

  

- csi_security_category: High
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders (staging).
 

- csi_relationship: |
 

-   * VMs built on top of buildvmhost
 

-   * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

-   * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

-   * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

- 

- # this is to enable nested virt, which we need for some builds
 

- virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
 

- 

+ koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/armhfp/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/buildvm-fedora-34-armv7
 

+ lvm_size: 140000
 

+ max_cpu: "{{ num_cpus }}"
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 40960
 

+ nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

+ nm: 255.255.255.0
 

+ num_cpus: 5
 

  # These variables are for koji-containerbuild/osbs
 

  osbs_url: "osbs.stg.fedoraproject.org"
 

  source_registry: "registry.stg.fedoraproject.org"
 

- docker_registry: "candidate-registry.stg.fedoraproject.org"
 

- koji_root: "koji.stg.fedoraproject.org/koji"
 

- koji_hub: "koji.stg.fedoraproject.org/kojihub"
 

- 

- createrepo: True
 

+ # this is to enable nested virt, which we need for some builds
 

+ virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
 

+ volgroup: /dev/vg_guests

file modified
+28 -36 
@@ -1,41 +1,5 @@
 

  ---
 

  # common items for the buildvm-* koji builders
 

- volgroup: /dev/vg_guests
 

- lvm_size: 600000
 

- mem_size: 20480
 

- max_mem_size: 20480
 

- num_cpus: 8
 

- 

- ks_repo: http://10.3.163.35/pub/fedora-secondary/releases/34/Server/ppc64le/os/
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- 

- ipa_server: ipa01.iad2.fedoraproject.org
 

- nm: 255.255.255.0
 

- gw: 10.3.171.254
 

- dns: 10.3.163.33
 

- datacenter: iad2
 

- 

- #
 

- # The ppc virthosts have different bridge names for the main and nfs bridges.
 

- #
 

- main_bridge: br0
 

- 

- virt_install_command: "{{ virt_install_command_one_nic_unsafe }}"
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- host_group: kojibuilder
 

- 

- koji_hub_nfs: "fedora_koji"
 

- koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.fedoraproject.org/koji"
 

- koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

- 

- # These variables are pushed into /etc/system_identification by the base role.
 

- # Groups and individual hosts should ovveride them with specific info.
 

- # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

- csi_security_category: High
 

  csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

  csi_purpose: Koji service employs a set of virtual machines to build packages for the Fedora project. This group builds packages for ppcle architecture.
 

  csi_relationship: |
 
@@ -43,3 +7,31 @@
 

    * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

    * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

    * virtual instances
 

+ # These variables are pushed into /etc/system_identification by the base role.
 

+ # Groups and individual hosts should ovveride them with specific info.
 

+ # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

+ csi_security_category: High
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

+ gw: 10.3.171.254
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ host_group: kojibuilder
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

+ koji_hub_nfs: "fedora_koji"
 

+ koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

+ koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

+ koji_weburl: "https://koji.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora-secondary/releases/34/Server/ppc64le/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ lvm_size: 600000
 

+ #
 

+ # The ppc virthosts have different bridge names for the main and nfs bridges.
 

+ #
 

+ main_bridge: br0
 

+ max_mem_size: 20480
 

+ mem_size: 20480
 

+ nm: 255.255.255.0
 

+ num_cpus: 8
 

+ virt_install_command: "{{ virt_install_command_one_nic_unsafe }}"
 

+ volgroup: /dev/vg_guests

file modified
+26 -32 
@@ -1,48 +1,42 @@
 

  ---
 

  # common items for the buildvm-* koji builders
 

- volgroup: /dev/vg_guests
 

- lvm_size: 150000
 

- mem_size: 10240
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 4
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora-secondary/releases/34/Server/ppc64le/os/
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ createrepo: True
 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders (staging).
 

+ csi_relationship: |
 

+   * VMs built on top of buildvmhost
 

+   * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

+   * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

+   * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

+ csi_security_category: High
 

+ datacenter: staging
 

  dns: 10.3.163.33
 

- 

+ docker_registry: "candidate-registry.stg.fedoraproject.org"
 

+ gw: 10.3.167.254
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

  host_group: kojibuilder
 

- datacenter: staging
 

- nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

- main_bridge: br0
 

- 

+ koji_hub: "koji.stg.fedoraproject.org/kojihub"
 

  koji_hub_nfs: "fedora_koji"
 

+ koji_root: "koji.stg.fedoraproject.org/koji"
 

  koji_server_url: "https://koji.stg.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

  koji_topurl: "https://kojipkgs.stg.fedoraproject.org/"
 

  # These variables are pushed into /etc/system_identification by the base role.
 

  # Groups and individual hosts should ovveride them with specific info.
 

  # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

  

- csi_security_category: High
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders (staging).
 

- csi_relationship: |
 

-   * VMs built on top of buildvmhost
 

-   * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

-   * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

-   * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

- 

- virt_install_command: "{{ virt_install_command_ppc64le_one_nic_unsafe }}"
 

- 

+ koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora-secondary/releases/34/Server/ppc64le/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ lvm_size: 150000
 

+ main_bridge: br0
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 10240
 

+ nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

+ nm: 255.255.255.0
 

+ num_cpus: 4
 

  # These variables are for koji-containerbuild/osbs
 

  osbs_url: "osbs.stg.fedoraproject.org"
 

  source_registry: "registry.stg.fedoraproject.org"
 

- docker_registry: "candidate-registry.stg.fedoraproject.org"
 

- koji_root: "koji.stg.fedoraproject.org/koji"
 

- koji_hub: "koji.stg.fedoraproject.org/kojihub"
 

- 

- createrepo: True
 

+ virt_install_command: "{{ virt_install_command_ppc64le_one_nic_unsafe }}"
 

+ volgroup: /dev/vg_guests

file modified
+20 -23 
@@ -1,28 +1,5 @@
 

  ---
 

- lvm_size: 102400
 

- mem_size: 10240
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 3
 

- varnish_group: s390kojipkgs
 

- vmhost: buildvmhost-s390x-01.s390.fedoraproject.org
 

- gw: 10.16.0.254
 

- main_bridge: vmbr
 

- volgroup: /dev/fedora_linux_lpar_1
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora-secondary/releases/34/Server/s390x/os/
 

- dns: 10.3.163.33
 

- nm: 255.255.255.0
 

- virt_install_command: "{{ virt_install_command_s390x_one_nic_unsafe }}"
 

- 

  createrepo: False
 

- host_group: kojibuilder
 

- 

- koji_hub_nfs: "fedora_koji"
 

- koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.fedoraproject.org/koji"
 

- koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

- 

- csi_security_category: High
 

  csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

  csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders.
 

  csi_relationship: |
 
@@ -30,3 +7,23 @@
 

    * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

    * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

    * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

+ csi_security_category: High
 

+ dns: 10.3.163.33
 

+ gw: 10.16.0.254
 

+ host_group: kojibuilder
 

+ koji_hub_nfs: "fedora_koji"
 

+ koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

+ koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

+ koji_weburl: "https://koji.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora-secondary/releases/34/Server/s390x/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ lvm_size: 102400
 

+ main_bridge: vmbr
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 10240
 

+ nm: 255.255.255.0
 

+ num_cpus: 3
 

+ varnish_group: s390kojipkgs
 

+ virt_install_command: "{{ virt_install_command_s390x_one_nic }}"
 

+ vmhost: buildvmhost-s390x-01.s390.fedoraproject.org
 

+ volgroup: /dev/fedora_linux_lpar_1

file modified
+9 -11 
@@ -1,17 +1,6 @@
 

  ---
 

  ansible_ifcfg_blocklist: True
 

  createrepo: False
 

- host_group: kojibuilder
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora-secondary/releases/34/Server/s390x/os/
 

- virt_install_command: "{{ virt_install_command_s390x_one_nic_unsafe }}"
 

- 

- koji_hub_nfs: "fedora_koji"
 

- koji_server_url: "https://koji.stg.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

- koji_topurl: "https://kojipkgs.stg.fedoraproject.org/"
 

- 

- csi_security_category: High
 

  csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

  csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders.
 

  csi_relationship: |
 
@@ -19,3 +8,12 @@
 

    * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

    * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

    * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

+ csi_security_category: High
 

+ host_group: kojibuilder
 

+ koji_hub_nfs: "fedora_koji"
 

+ koji_server_url: "https://koji.stg.fedoraproject.org/kojihub"
 

+ koji_topurl: "https://kojipkgs.stg.fedoraproject.org/"
 

+ koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora-secondary/releases/35/Server/s390x/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ virt_install_command: "{{ virt_install_command_s390x_one_nic_unsafe }}"

file modified
+25 -28 
@@ -1,45 +1,42 @@
 

  ---
 

  # common items for the buildvm-* koji builders
 

- volgroup: /dev/vg_guests
 

- lvm_size: 150000
 

- mem_size: 10240
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 4
 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders (staging).
 

+ csi_relationship: |
 

+   * VMs built on top of buildvmhost
 

+   * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

+   * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

+   * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

+ csi_security_category: High
 

+ datacenter: staging
 

  dns: 10.3.163.33
 

+ docker_registry: "candidate-registry.stg.fedoraproject.org"
 

  gw: 10.3.167.254
 

- nm: 255.255.255.0
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm_fedora
 

- resolvconf: "resolv.conf/iad2"
 

- virt_install_command: "{{ virt_install_command_one_nic_unsafe }}"
 

- ipa_server: ipa01.stg.iad2.fedoraproject.org
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

  host_group: kojibuilder
 

- datacenter: staging
 

- nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=4"
 

- 

+ ipa_server: ipa01.stg.iad2.fedoraproject.org
 

+ koji_hub: "koji.stg.fedoraproject.org/kojihub"
 

  koji_hub_nfs: "fedora_koji"
 

+ koji_root: "koji.stg.fedoraproject.org/koji"
 

  koji_server_url: "https://koji.stg.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

  koji_topurl: "https://kojipkgs.stg.fedoraproject.org/"
 

  # These variables are pushed into /etc/system_identification by the base role.
 

  # Groups and individual hosts should ovveride them with specific info.
 

  # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

  

- csi_security_category: High
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Koji service employs a set of machines to build packages for the Fedora project. This playbook builds vm builders (staging).
 

- csi_relationship: |
 

-   * VMs built on top of buildvmhost
 

-   * Relies on koji-hub, Packages, PkgDB, apache, fedmsg, fas, virthost, and is monitored by nagios
 

-   * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

-   * Produces automated builds of packages for the architecture listed. Builders can be scaled by adding new
 

- 

+ koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm_fedora
 

+ lvm_size: 150000
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 10240
 

+ nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=4"
 

+ nm: 255.255.255.0
 

+ num_cpus: 4
 

  # These variables are for koji-containerbuild/osbs
 

  osbs_url: "osbs.stg.fedoraproject.org"
 

+ resolvconf: "resolv.conf/iad2"
 

  source_registry: "registry.fedoraproject.org"
 

- docker_registry: "candidate-registry.stg.fedoraproject.org"
 

- koji_root: "koji.stg.fedoraproject.org/koji"
 

- koji_hub: "koji.stg.fedoraproject.org/kojihub"
 

+ virt_install_command: "{{ virt_install_command_one_nic_unsafe }}"
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,17 +1,15 @@
 

  ---
 

- nrpe_procs_warn: 1500
 

- nrpe_procs_crit: 1600
 

- virthost: true
 

- nested: True
 

- 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Koji service employs a set of virtual machines to build packages for the Fedora project. This playbook is for the provisioning of a physical host for buildvm's.
 

+ csi_relationship: |
 

+   * Relies on ansible, virthost, and is monitored by nagios
 

+   * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

+   * Builder vm's are hosted on hosts created with this playbook.
 

  # These variables are pushed into /etc/system_identification by the base role.
 

  # Groups and individual hosts should ovveride them with specific info.
 

  # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

  csi_security_category: High
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Koji service employs a set of virtual machines to build packages for the Fedora project. This playbook is for the provisioning of a physical host for buildvm's.
 

- csi_relationship: |
 

-     * Relies on ansible, virthost, and is monitored by nagios
 

-     * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

-     * Builder vm's are hosted on hosts created with this playbook.
 

+ nested: True
 

+ nrpe_procs_crit: 1600
 

+ nrpe_procs_warn: 1500
 

+ virthost: true

file modified
+21 -26 
@@ -1,34 +1,29 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+ ipa_client_shell_groups:
 

+   - sysadmin-datanommer
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-datanommer
 

+ ipa_host_group: busgateway
 

+ ipa_host_group_desc: Bridge between fedmsg and fedora-messaging
 

  lvm_size: 20000
 

  mem_size: 8192
 

  num_cpus: 2
 

- 

+ primary_auth_source: ipa
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [
 

-     3999,  # The fedmsg-relay republishes here.  Listeners need to connect.
 

-     9941,  # The fedmsg-relay listens here.  Ephemeral producers connect.
 

-     3998,  # The fedmsg-relay listens here.  VPN producers connect.
 

-     9940,  # The fedmsg-gateway republishes here.  Proxies need to connect.
 

-     9919,  # The websocket server publishes here.  Proxies need to connect.
 

+ tcp_ports: [3999, # The fedmsg-relay republishes here.  Listeners need to connect.
 

+   9941, # The fedmsg-relay listens here.  Ephemeral producers connect.
 

+   3998, # The fedmsg-relay listens here.  VPN producers connect.
 

+   9940, # The fedmsg-gateway republishes here.  Proxies need to connect.
 

+   9919, # The websocket server publishes here.  Proxies need to connect.
 

  ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: busgateway
 

- ipa_host_group_desc: Bridge between fedmsg and fedora-messaging
 

- ipa_client_shell_groups:
 

- - sysadmin-datanommer
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-datanommer
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log

file modified
+19 -24 
@@ -1,32 +1,27 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+ ipa_client_shell_groups:
 

+   - sysadmin-datanommer
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-datanommer
 

+ ipa_host_group: busgateway
 

+ ipa_host_group_desc: Bridge between fedmsg and fedora-messaging
 

  lvm_size: 20000
 

  mem_size: 4096
 

  num_cpus: 1
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [
 

-     3999,  # The fedmsg-relay republishes here.  Listeners need to connect.
 

-     9941,  # The fedmsg-relay listens here.  Ephemeral producers connect.
 

-     9940,  # The fedmsg-gateway republishes here.  Proxies need to connect.
 

-     9919,  # The websocket server publishes here.  Proxies need to connect.
 

+ tcp_ports: [3999, # The fedmsg-relay republishes here.  Listeners need to connect.
 

+   9941, # The fedmsg-relay listens here.  Ephemeral producers connect.
 

+   9940, # The fedmsg-gateway republishes here.  Proxies need to connect.
 

+   9919, # The websocket server publishes here.  Proxies need to connect.
 

  ]
 

- 

- ipa_host_group: busgateway
 

- ipa_host_group_desc: Bridge between fedmsg and fedora-messaging
 

- ipa_client_shell_groups:
 

- - sysadmin-datanommer
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-datanommer
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log

file modified
+3 -3 
@@ -1,5 +1,5 @@
 

  ---
 

- virthost: true
 

- nrpe_procs_warn: 1400
 

- nrpe_procs_crit: 1500
 

  nested: true
 

+ nrpe_procs_crit: 1500
 

+ nrpe_procs_warn: 1400
 

+ virthost: true

file modified
+4 -8 
@@ -1,15 +1,11 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

  lvm_size: 20000
 

  mem_size: 2048
 

  num_cpus: 2
 

- 

+ primary_auth_source: ipa
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 443 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- primary_auth_source: ipa
 

+ tcp_ports: [80, 443]

file modified
+3 -6 
@@ -1,13 +1,10 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

  lvm_size: 20000
 

  mem_size: 2048
 

  num_cpus: 2
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 443 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

+ tcp_ports: [80, 443]

file modified
+5 -6 
@@ -1,16 +1,15 @@
 

  # This var should never be set for more than one machine
 

- checkcompose_prod: true
 

- checkcompose_env_suffix:
 

- checkcompose_env: production
 

- 

  # The checkcompose settings below cause system(s) in this group to
 

  # send out check-compose reports. This could cause duplicate reports
 

  # if additional systems were added to this group.
 

  checkcompose_emailfrom: rawhide@fedoraproject.org
 

  checkcompose_emailto: "test@lists.fedoraproject.org devel@lists.fedoraproject.org"
 

+ checkcompose_env: production
 

+ checkcompose_env_suffix:
 

+ checkcompose_greenwaveurl: https://greenwave.fedoraproject.org
 

+ checkcompose_prod: true
 

+ checkcompose_smtp: bastion.iad2.fedoraproject.org
 

  checkcompose_subvariant_emails:
 

    AtomicHost:
 

      error: ["dusty@dustymabe.com", "walters@verbum.org", "atomic@lists.fedoraproject.org"]
 

- checkcompose_smtp: bastion.iad2.fedoraproject.org
 

  checkcompose_url: "https://{{ external_hostname }}"
 

- checkcompose_greenwaveurl: https://greenwave.fedoraproject.org

file modified
+6 -8 
@@ -1,15 +1,13 @@
 

  # we need this for our fedora-messaging consumer as it is not allowed
 

  # to create queues on the infra AMQP broker, by broker config
 

- checkcompose_amqp_passive: true
 

- 

- # fedora-messaging compose report sender settings
 

- checkcompose_amqp_url: "amqps://openqa{{ checkcompose_env_suffix }}:@rabbitmq{{ checkcompose_env_suffix }}.fedoraproject.org/%2Fpubsub"
 

  checkcompose_amqp_cacert: /etc/fedora-messaging/cacert{{ checkcompose_env_suffix }}.pem
 

- checkcompose_amqp_key: /etc/pki/fedora-messaging/openqa{{ checkcompose_env_suffix }}-key.pem
 

  checkcompose_amqp_cert: /etc/pki/fedora-messaging/openqa{{ checkcompose_env_suffix }}-cert.pem
 

- checkcompose_amqp_queue: "openqa{{ checkcompose_env_suffix }}_checkcomp"
 

- checkcompose_amqp_routing_keys: ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"]
 

- 

+ checkcompose_amqp_key: /etc/pki/fedora-messaging/openqa{{ checkcompose_env_suffix }}-key.pem
 

  # fedora-messaging email error reporting settings
 

  checkcompose_amqp_mailto: ["adamwill@fedoraproject.org", "lruzicka@fedoraproject.org"]
 

+ checkcompose_amqp_passive: true
 

+ checkcompose_amqp_queue: "openqa{{ checkcompose_env_suffix }}_checkcomp"
 

+ checkcompose_amqp_routing_keys: ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"]
 

  checkcompose_amqp_smtp: bastion
 

+ # fedora-messaging compose report sender settings
 

+ checkcompose_amqp_url: "amqps://openqa{{ checkcompose_env_suffix }}:@rabbitmq{{ checkcompose_env_suffix }}.fedoraproject.org/%2Fpubsub"

file modified
+3 -4 
@@ -1,6 +1,5 @@
 

- checkcompose_prod: false
 

- checkcompose_env_suffix: .stg
 

  checkcompose_env: staging
 

- 

- checkcompose_url: "https://{{ external_hostname }}"
 

+ checkcompose_env_suffix: .stg
 

  checkcompose_greenwaveurl: https://greenwave-web-greenwave.app.os.stg.fedoraproject.org
 

+ checkcompose_prod: false
 

+ checkcompose_url: "https://{{ external_hostname }}"

file modified
+2 -2 
@@ -1,7 +1,7 @@
 

  ---
 

+ ansible_ifcfg_blocklist: true
 

+ datacenter: cloud
 

  nagios_Check_Services:
 

    mail: false
 

    nrpe: false
 

    swap: false
 

- datacenter: cloud
 

- ansible_ifcfg_blocklist: true

file modified
+5 -6 
@@ -6,15 +6,14 @@
 

  

  # Disable ethX ifcfg, let amazon handle these via DHCP.
 

  ansible_ifcfg_blocklist: true
 

- 

  datacenter: aws
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false

file modified
+2 -5 
@@ -1,10 +1,7 @@
 

  ---
 

- freezes: false
 

- 

- use_default_epel: false
 

- 

  collectd_apache: false
 

- 

+ freezes: false
 

  nagios_Check_Services:
 

    nrpe: true
 

    swap: true
 

+ use_default_epel: false

file modified
+14 -22 
@@ -1,30 +1,22 @@
 

  ---
 

- devel: false
 

  _forward_src: "forward"
 

- 

+ ansible_ifcfg_blocklist: true
 

+ backend_base_url: "https://download.copr.fedorainfracloud.org"
 

+ builders:
 

+   # max|max_spawn|max_prealloc
 

+   aws:
 

+     aarch64: [20, 10, 10]
 

+     armhfp: [20, 5, 5]
 

+     x86_64: [100, 20, 30]
 

+ copr_aws_region: us-east-1
 

  # don't forget to update ip in ./copr-keygen, due to custom firewall rules
 

  

  # eth0, eth1
 

  copr_backend_ips: ["172.25.33.79", "172.25.82.25"]
 

+ datacenter: cloud
 

+ devel: false
 

+ dist_git_base_url: "copr-dist-git.fedorainfracloud.org"
 

+ frontend_base_url: "https://copr.fedorainfracloud.org"
 

  keygen_host: "172.25.33.75"
 

- 

- resolvconf: "resolv.conf/cloud"
 

- 

- backend_base_url: "https://download.copr.fedorainfracloud.org"
 

  postfix_maincf: "postfix/main.cf/main.cf.copr"
 

- 

- frontend_base_url: "https://copr.fedorainfracloud.org"
 

- dist_git_base_url: "copr-dist-git.fedorainfracloud.org"
 

- 

- ansible_ifcfg_blocklist: true
 

- 

- copr_aws_region: us-east-1
 

- 

- datacenter: cloud
 

- 

- builders:
 

-     # max|max_spawn|max_prealloc
 

-     aws:
 

-         x86_64: [100,20,30]
 

-         armhfp: [20,5,5]
 

-         aarch64: [20,10,10]
 

+ resolvconf: "resolv.conf/cloud"

file modified
+1 
@@ -1,1 +1,2 @@
 

  # Put here configuration for all copr instances (production, devel, ...)
 

+

file modified
+49 -69 
@@ -1,76 +1,7 @@
 

  ---
 

- devel: false
 

- datacenter: aws
 

- 

- copr_messaging: true
 

- 

  _forward_src: "forward"
 

- 

- # don't forget to update ip in ./copr-keygen, due to custom firewall rules
 

- 

- # eth0, eth1
 

- copr_backend_ips: ["52.44.175.77", "172.30.2.203"]
 

- keygen_host: "54.83.48.73"
 

- 

- backend_base_url: "https://download.copr.fedorainfracloud.org"
 

- postfix_group: copr
 

- 

- frontend_base_url: "https://copr.fedorainfracloud.org"
 

- dist_git_base_url: "copr-dist-git.fedorainfracloud.org"
 

- 

  ansible_ifcfg_blocklist: true
 

- 

- copr_aws_region: us-east-1
 

- 

- services_disabled: false
 

- nm_controlled_resolv: True
 

- 

- builders:
 

-     # max|spawn_concurrently|prealloc
 

-     aws:
 

-         x86_64: [20, 4, 4]
 

-         aarch64: [8, 2, 2]
 

- 

-     aws_spot:
 

-         x86_64: [40, 8, 8]
 

-         aarch64: [30, 4, 6]
 

- 

-     x86_hypervisor_01:
 

-         x86_64: [20, 4, 20]
 

- 

-     x86_hypervisor_02:
 

-         x86_64: [20, 4, 20]
 

- 

-     x86_hypervisor_03:
 

-         x86_64: [20, 4, 20]
 

- 

-     x86_hypervisor_04:
 

-         x86_64: [20, 4, 20]
 

- 

-     ppc64le_hypervisor_01:
 

-         ppc64le: [15, 4, 15]
 

- 

-     # There's the ppc64le-test machine, so keep 2 builders less.
 

-     ppc64le_hypervisor_02:
 

-         ppc64le: [13, 4, 13]
 

- 

- copr_builder_images:
 

-   hypervisor:
 

-     x86_64: copr-builder-x86_64-20211012_115536
 

-     ppc64le: copr-builder-ppc64le-20211012_120530
 

-   aws:
 

-     x86_64: ami-0baeeebc194e64780
 

-     aarch64: ami-068c2760406b9e3c9
 

- 

  aws_arch_subnets:
 

-   x86_64:
 

-     - subnet-0995f6a466849f4c3
 

-     - subnet-08cadf5a14b530ac4
 

-     - subnet-07b0b3168a353e3ee
 

-     - subnet-09c74a3e6420a206b
 

-     - subnet-01d4e967ab5e78005
 

-     - subnet-05437ac82d63b6ef5
 

- 

    # Your requested instance type (a1.xlarge) is not supported in your requested Availability Zone (us-east-1a).
 

    # Your requested instance type (a1.xlarge) is not supported in your requested Availability Zone (us-east-1d).
 

    # Your requested instance type (a1.xlarge) is not supported in your requested Availability Zone (us-east-1f).
 
@@ -78,5 +9,54 @@
 

      - subnet-0995f6a466849f4c3
 

      - subnet-08cadf5a14b530ac4
 

      - subnet-07b0b3168a353e3ee
 

+   x86_64:
 

+     - subnet-0995f6a466849f4c3
 

+     - subnet-08cadf5a14b530ac4
 

+     - subnet-07b0b3168a353e3ee
 

+     - subnet-09c74a3e6420a206b
 

+     - subnet-01d4e967ab5e78005
 

+     - subnet-05437ac82d63b6ef5
 

+ backend_base_url: "https://download.copr.fedorainfracloud.org"
 

+ builders:
 

+   # max|spawn_concurrently|prealloc
 

+   aws:
 

+     aarch64: [8, 2, 2]
 

+     x86_64: [20, 4, 4]
 

+   aws_spot:
 

+     aarch64: [30, 4, 6]
 

+     x86_64: [40, 8, 8]
 

+   ppc64le_hypervisor_01:
 

+     ppc64le: [15, 4, 15]
 

+   # There's the ppc64le-test machine, so keep 2 builders less.
 

+   ppc64le_hypervisor_02:
 

+     ppc64le: [13, 4, 13]
 

+   x86_hypervisor_01:
 

+     x86_64: [20, 4, 20]
 

+   x86_hypervisor_02:
 

+     x86_64: [20, 4, 20]
 

+   x86_hypervisor_03:
 

+     x86_64: [20, 4, 20]
 

+   x86_hypervisor_04:
 

+     x86_64: [20, 4, 20]
 

+ copr_aws_region: us-east-1
 

+ # don't forget to update ip in ./copr-keygen, due to custom firewall rules
 

  

+ # eth0, eth1
 

+ copr_backend_ips: ["52.44.175.77", "172.30.2.203"]
 

+ copr_builder_images:
 

+   aws:
 

+     aarch64: ami-068c2760406b9e3c9
 

+     x86_64: ami-0baeeebc194e64780
 

+   hypervisor:
 

+     ppc64le: copr-builder-ppc64le-20211012_120530
 

+     x86_64: copr-builder-x86_64-20211012_115536
 

+ copr_messaging: true
 

+ datacenter: aws
 

+ devel: false
 

+ dist_git_base_url: "copr-dist-git.fedorainfracloud.org"
 

+ frontend_base_url: "https://copr.fedorainfracloud.org"
 

+ keygen_host: "54.83.48.73"
 

+ nm_controlled_resolv: True
 

+ postfix_group: copr
 

  rpm_vendor_copr_name: Fedora Copr
 

+ services_disabled: false

file modified
+19 -27 
@@ -1,39 +1,31 @@
 

  ---
 

- copr_nova_auth_url: "https://fedorainfracloud.org:5000/v2.0"
 

- copr_nova_tenant_id: "5d99f099b7fe4b0387f0352f6301ba6a"
 

- copr_nova_tenant_name: "copr"
 

- copr_nova_username: "copr"
 

- 

  # copr_builder_image_name: "Fedora-Cloud-Base-20141203-21"
 

  copr_builder_flavor_name: "ms2.builder"
 

- copr_builder_network_name: "copr-net"
 

- copr_builder_key_name: "buildsys"
 

- copr_builder_security_groups: "ssh-anywhere-copr,default,ssh-from-persistent-copr"
 

- 

  copr_builder_images:
 

-   x86_64: copr-builder-x86_64-f31-20200117_120726
 

-   ppc64le: copr-builder-ppc64le-f31-20200117_132023
 

    aarch64: copr-builder-20200120_133457
 

    aws:
 

-     x86_64: ami-09a4c035460759858 # copr-builder-x86_64-f31-20200421_131242
 

      aarch64: ami-0acfbfbed95798259 # copr-builder-aarch64-f31-20200421_133814
 

- 

- nrpe_procs_warn: 2200
 

- nrpe_procs_crit: 2500
 

- 

- do_sign: "true"
 

- 

- spawn_in_advance: "true"
 

- frontend_base_url: "https://copr.fedorainfracloud.org"
 

- 

- 

- # These variables are pushed into /etc/system_identification by the base role.
 

- # Groups and individual hosts should override them with specific info.
 

- # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

- csi_security_category: High
 

+     x86_64: ami-09a4c035460759858 # copr-builder-x86_64-f31-20200421_131242
 

+   ppc64le: copr-builder-ppc64le-f31-20200117_132023
 

+   x86_64: copr-builder-x86_64-f31-20200117_120726
 

+ copr_builder_key_name: "buildsys"
 

+ copr_builder_network_name: "copr-net"
 

+ copr_builder_security_groups: "ssh-anywhere-copr,default,ssh-from-persistent-copr"
 

+ copr_nova_auth_url: "https://fedorainfracloud.org:5000/v2.0"
 

+ copr_nova_tenant_id: "5d99f099b7fe4b0387f0352f6301ba6a"
 

+ copr_nova_tenant_name: "copr"
 

+ copr_nova_username: "copr"
 

  csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys"
 

  csi_purpose: Provide the backend for copr (3rd party packages)
 

  csi_relationship: |
 

    - Backend: Management of copr cloud infrastructure (OpenStack).
 

    - Small frontend with copr's public stats
 

+ # These variables are pushed into /etc/system_identification by the base role.
 

+ # Groups and individual hosts should override them with specific info.
 

+ # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

+ csi_security_category: High
 

+ do_sign: "true"
 

+ frontend_base_url: "https://copr.fedorainfracloud.org"
 

+ nrpe_procs_crit: 2500
 

+ nrpe_procs_warn: 2200
 

+ spawn_in_advance: "true"

file modified
+34 -41 
@@ -1,55 +1,48 @@
 

  ---
 

- description: copr dispatcher and repo server
 

- 

- copr_nova_auth_url: "https://fedorainfracloud.org:5000/v2.0"
 

- copr_nova_tenant_id: "5d99f099b7fe4b0387f0352f6301ba6a"
 

- copr_nova_tenant_name: "copr"
 

- copr_nova_username: "copr"
 

+ _copr_be_conf: copr-be.conf
 

+ # There is no python2 on F30
 

  

+ # what is the main backend service name
 

+ copr_backend_target: copr-backend.target
 

  # copr_builder_image_name: "Fedora-Cloud-Base-20141203-21"
 

  copr_builder_flavor_name: "ms2.builder"
 

- copr_builder_network_name: "copr-net"
 

  copr_builder_key_name: "buildsys"
 

+ copr_builder_network_name: "copr-net"
 

  copr_builder_security_groups: "ssh-anywhere-copr,default,ssh-from-persistent-copr"
 

- 

- nrpe_procs_warn: 2200
 

- nrpe_procs_crit: 2500
 

- 

- do_sign: "true"
 

- 

- spawn_in_advance: "true"
 

- frontend_base_url: "https://copr.fedorainfracloud.org"
 

- 

- 

- # These variables are pushed into /etc/system_identification by the base role.
 

- # Groups and individual hosts should override them with specific info.
 

- # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

- csi_security_category: High
 

+ # Copr vars
 

+ copr_hostbase: copr-be
 

+ copr_nova_auth_url: "https://fedorainfracloud.org:5000/v2.0"
 

+ copr_nova_tenant_id: "5d99f099b7fe4b0387f0352f6301ba6a"
 

+ copr_nova_tenant_name: "copr"
 

+ copr_nova_username: "copr"
 

  csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys"
 

  csi_purpose: Provide the backend for copr (3rd party packages)
 

  csi_relationship: |
 

    - Backend: Management of copr cloud infrastructure (OpenStack).
 

    - Small frontend with copr's public stats
 

- 

- root_auth_users: msuchy pingou frostyx praiskup schlupov
 

- 

- tcp_ports: [ 22, 80, 443 ]
 

- 

+ # These variables are pushed into /etc/system_identification by the base role.
 

+ # Groups and individual hosts should override them with specific info.
 

+ # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

+ csi_security_category: High
 

+ description: copr dispatcher and repo server
 

+ do_sign: "true"
 

+ frontend_base_url: "https://copr.fedorainfracloud.org"
 

+ host_backup_targets: ['/var/lib/copr/public_html/results']
 

  # consumed by roles/messaging/base
 

  messaging:
 

    certificates:
 

-   - key: copr
 

-     username: copr
 

-     app_name: Copr build system
 

- 

- # Copr vars
 

- copr_hostbase: copr-be
 

- 

- host_backup_targets: ['/var/lib/copr/public_html/results']
 

- _copr_be_conf: copr-be.conf
 

- 

- # There is no python2 on F30
 

- 

- # what is the main backend service name
 

- copr_backend_target: copr-backend.target
 

+     - app_name: Copr build system
 

+       key: copr
 

+       username: copr
 

+ nrpe_procs_crit: 2500
 

+ nrpe_procs_warn: 2200
 

+ root_auth_users: msuchy pingou frostyx praiskup schlupov
 

+ spawn_in_advance: "true"
 

+ tcp_ports: [
 

+     22, 80, 443,
 

+     # node_exporter/prometheus
 

+     9100,
 

+ ]
 

+ services_disabled: false
 

+ 

+ aws_ipv6_addr: "2600:1f18:8ee:ae00:d553:8ed5:d8b6:9f83/128"

file modified
+20 -28 
@@ -1,44 +1,36 @@
 

  ---
 

- copr_nova_auth_url: "https://fedorainfracloud.org:5000/v2.0"
 

- copr_nova_tenant_id: "a6ff2158641c439a8426d7facab45437"
 

- copr_nova_tenant_name: "coprdev"
 

- copr_nova_username: "copr"
 

- 

- copr_builder_image_name: "builder-f24"
 

  copr_builder_flavor_name: "ms2.builder"
 

- copr_builder_network_name: "coprdev-net"
 

- copr_builder_key_name: "buildsys"
 

- copr_builder_security_groups: "ssh-anywhere-coprdev,default,ssh-from-persistent-coprdev"
 

- 

+ copr_builder_image_name: "builder-f24"
 

  copr_builder_images:
 

-   x86_64: copr-builder-x86_64-f31-20200117_120726
 

-   ppc64le: copr-builder-ppc64le-f31-20200117_132023
 

    aarch64: copr-builder-20200120_133457
 

    aws:
 

-     x86_64: ami-09a4c035460759858 # copr-builder-x86_64-f31-20200421_131242
 

      aarch64: ami-0acfbfbed95798259 # copr-builder-aarch64-f31-20200421_133814
 

- 

- do_sign: "true"
 

- 

- spawn_in_advance: "false"
 

- frontend_base_url: "https://copr-fe-dev.cloud.fedoraproject.org"
 

- 

- 

+     x86_64: ami-09a4c035460759858 # copr-builder-x86_64-f31-20200421_131242
 

+   ppc64le: copr-builder-ppc64le-f31-20200117_132023
 

+   x86_64: copr-builder-x86_64-f31-20200117_120726
 

+ copr_builder_key_name: "buildsys"
 

+ copr_builder_network_name: "coprdev-net"
 

+ copr_builder_security_groups: "ssh-anywhere-coprdev,default,ssh-from-persistent-coprdev"
 

+ copr_nova_auth_url: "https://fedorainfracloud.org:5000/v2.0"
 

+ copr_nova_tenant_id: "a6ff2158641c439a8426d7facab45437"
 

+ copr_nova_tenant_name: "coprdev"
 

+ copr_nova_username: "copr"
 

+ csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys"
 

+ csi_purpose: Provide the testing environment of copr's backend
 

+ csi_relationship: This host is the testing environment for the cloud infrastructure of copr's backend
 

  # These variables are pushed into /etc/system_identification by the base role.
 

  # Groups and individual hosts should override them with specific info.
 

  # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

  csi_security_category: Moderate
 

- csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys"
 

- csi_purpose: Provide the testing environment of copr's backend
 

- csi_relationship: This host is the testing environment for the cloud infrastructure of copr's backend
 

- 

+ do_sign: "true"
 

+ frontend_base_url: "https://copr-fe-dev.cloud.fedoraproject.org"
 

  # consumed by roles/copr/certbot
 

  letsencrypt:
 

-   predefined_deploy_script: lighttpd
 

    certificates:
 

      copr-be-dev.cloud.fedoraproject.org:
 

-       domains:
 

-       - copr-be-dev.cloud.fedoraproject.org
 

        challenge_dir: /var/lib/copr/public_html
 

+       domains:
 

+         - copr-be-dev.cloud.fedoraproject.org
 

        mail: copr-devel@lists.fedorahosted.org
 

+   predefined_deploy_script: lighttpd
 

+ spawn_in_advance: "false"

file modified
+33 -40 
@@ -1,58 +1,51 @@
 

  ---
 

- description: copr dispatcher and repo server - dev instance
 

- 

+ _copr_be_conf: copr-be.conf-dev
 

+ # what is the main backend service name
 

+ copr_backend_target: copr-backend.target
 

+ copr_builder_flavor_name: "ms2.builder"
 

+ copr_builder_image_name: "builder-f24"
 

+ copr_builder_key_name: "buildsys"
 

+ copr_builder_network_name: "coprdev-net"
 

+ copr_builder_security_groups: "ssh-anywhere-coprdev,default,ssh-from-persistent-coprdev"
 

+ # Copr vars
 

+ copr_hostbase: copr-be-dev
 

  copr_nova_auth_url: "https://fedorainfracloud.org:5000/v2.0"
 

  copr_nova_tenant_id: "a6ff2158641c439a8426d7facab45437"
 

  copr_nova_tenant_name: "coprdev"
 

  copr_nova_username: "copr"
 

- 

- copr_builder_image_name: "builder-f24"
 

- copr_builder_flavor_name: "ms2.builder"
 

- copr_builder_network_name: "coprdev-net"
 

- copr_builder_key_name: "buildsys"
 

- copr_builder_security_groups: "ssh-anywhere-coprdev,default,ssh-from-persistent-coprdev"
 

- 

- do_sign: "true"
 

- 

- spawn_in_advance: "false"
 

- frontend_base_url: "https://copr-fe-dev.cloud.fedoraproject.org"
 

- 

- 

+ csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys"
 

+ csi_purpose: Provide the testing environment of copr's backend
 

+ csi_relationship: This host is the testing environment for the cloud infrastructure of copr's backend
 

  # These variables are pushed into /etc/system_identification by the base role.
 

  # Groups and individual hosts should override them with specific info.
 

  # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

  csi_security_category: Moderate
 

- csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys"
 

- csi_purpose: Provide the testing environment of copr's backend
 

- csi_relationship: This host is the testing environment for the cloud infrastructure of copr's backend
 

- 

+ datacenter: aws
 

+ description: copr dispatcher and repo server - dev instance
 

+ do_sign: "true"
 

+ frontend_base_url: "https://copr-fe-dev.cloud.fedoraproject.org"
 

  # consumed by roles/copr/certbot
 

  letsencrypt:
 

-   predefined_deploy_script: lighttpd
 

    certificates:
 

      copr-be-dev.cloud.fedoraproject.org:
 

-       domains:
 

-       - copr-be-dev.cloud.fedoraproject.org
 

        challenge_dir: /var/lib/copr/public_html
 

+       domains:
 

+         - copr-be-dev.cloud.fedoraproject.org
 

        mail: copr-devel@lists.fedorahosted.org
 

- 

- root_auth_users: msuchy pingou frostyx praiskup schlupov
 

- 

- tcp_ports: [ 22, 80, 443 ]
 

- 

+   predefined_deploy_script: lighttpd
 

  # consumed by roles/messaging/base
 

  messaging:
 

    certificates:
 

-   - key: copr
 

-     username: copr
 

-     app_name: Copr build system
 

- 

- # Copr vars
 

- copr_hostbase: copr-be-dev
 

- _copr_be_conf: copr-be.conf-dev
 

- 

- datacenter: aws
 

- 

- # what is the main backend service name
 

- copr_backend_target: copr-backend.target
 

+     - app_name: Copr build system
 

+       key: copr
 

+       username: copr
 

+ root_auth_users: msuchy pingou frostyx praiskup schlupov
 

+ spawn_in_advance: "false"
 

+ tcp_ports: [
 

+     22, 80, 443,
 

+     # node_exporter/prometheus
 

+     9100,
 

+ ]
 

+ services_disabled: false
 

+ 

+ aws_ipv6_addr: "2600:1f18:8ee:ae00:6c8c:e094:1c5b:c2f9/128"

file modified
+12 -19 
@@ -1,28 +1,21 @@
 

  ---
 

- resolvconf: "resolv.conf/cloud"
 

- 

+ copr_builder_flavor_name: "ms2.builder"
 

+ copr_builder_image_name: "builder-f24"
 

+ copr_builder_key_name: "buildsys"
 

+ copr_builder_network_name: "coprdev-net"
 

+ copr_builder_security_groups: "ssh-anywhere-coprdev,default,ssh-from-persistent-coprdev"
 

  copr_nova_auth_url: "https://fedorainfracloud.org:5000/v2.0"
 

  copr_nova_tenant_id: "a6ff2158641c439a8426d7facab45437"
 

  copr_nova_tenant_name: "coprdev"
 

  copr_nova_username: "copr"
 

- 

- copr_builder_image_name: "builder-f24"
 

- copr_builder_flavor_name: "ms2.builder"
 

- copr_builder_network_name: "coprdev-net"
 

- copr_builder_key_name: "buildsys"
 

- copr_builder_security_groups: "ssh-anywhere-coprdev,default,ssh-from-persistent-coprdev"
 

- 

- do_sign: "true"
 

- 

- spawn_in_advance: "false"
 

- frontend_base_url: "https://copr.stg.fedoraproject.org"
 

- 

- 

+ csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys"
 

+ csi_purpose: Provide the testing environment of copr's backend
 

+ csi_relationship: This host is the testing environment for the cloud infrastructure of copr's backend
 

  # These variables are pushed into /etc/system_identification by the base role.
 

  # Groups and individual hosts should override them with specific info.
 

  # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

  csi_security_category: Moderate
 

- csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys"
 

- csi_purpose: Provide the testing environment of copr's backend
 

- csi_relationship: This host is the testing environment for the cloud infrastructure of copr's backend
 

+ do_sign: "true"
 

+ frontend_base_url: "https://copr.stg.fedoraproject.org"
 

+ resolvconf: "resolv.conf/cloud"
 

+ spawn_in_advance: "false"

file modified
+2 -3 
@@ -1,7 +1,6 @@
 

  ---
 

- tcp_ports: [22, 5432]
 

- 

- csi_security_category: Low
 

  csi_primary_contact: "msuchy (mirek), frostyx,  praiskup IRC #fedora-admin, #fedora-buildsys"
 

  csi_purpose: Provide the testing environment of copr's db
 

  csi_relationship: This host is the testing environment for copr's database
 

+ csi_security_category: Low
 

+ tcp_ports: [22, 5432]

file modified
+13 -21 
@@ -1,31 +1,23 @@
 

  ---
 

- devel: true
 

  #_forward-src: "{{ files }}/copr/forward-dev"
 

  _forward_src: "forward_dev"
 

- 

+ ansible_ifcfg_blocklist: true
 

+ backend_base_url: "https://download.copr-dev.fedorainfracloud.org"
 

+ builders:
 

+   # max|max_spawn|max_prealloc
 

+   aws:
 

+     aarch64: [5, 2, 2]
 

+     armhfp: [3, 1, 1]
 

+     x86_64: [20, 5, 5]
 

+ copr_aws_region: us-east-1
 

  # don't forget to update ip in ./copr-keygen-stg, due to custom firewall rules
 

  

  # eth0, eth1
 

  copr_backend_ips: ["172.25.33.80", "172.25.144.254"]
 

+ devel: true
 

+ dist_git_base_url: "copr-dist-git-dev.fedorainfracloud.org"
 

+ frontend_base_url: "https://copr-fe-dev.cloud.fedoraproject.org"
 

  keygen_host: "172.25.33.73"
 

- 

- resolvconf: "resolv.conf/cloud"
 

- 

- backend_base_url: "https://download.copr-dev.fedorainfracloud.org"
 

  postfix_maincf: "postfix/main.cf/main.cf.copr"
 

- 

- frontend_base_url: "https://copr-fe-dev.cloud.fedoraproject.org"
 

- dist_git_base_url: "copr-dist-git-dev.fedorainfracloud.org"
 

- 

- ansible_ifcfg_blocklist: true
 

- 

- copr_aws_region: us-east-1
 

- 

+ resolvconf: "resolv.conf/cloud"
 

  services_disabled: true
 

- 

- builders:
 

-     # max|max_spawn|max_prealloc
 

-     aws:
 

-         x86_64: [20,5,5]
 

-         armhfp: [3,1,1]
 

-         aarch64: [5,2,2]

file modified
+48 -69 
@@ -1,76 +1,7 @@
 

  ---
 

- devel: true
 

- 

- copr_messaging: true
 

- 

- datacenter: aws
 

- 

  _forward_src: "forward_dev"
 

- 

- # don't forget to update ip in ./copr-keygen-stg, due to custom firewall rules
 

- 

- # eth0, eth1
 

- copr_backend_ips: ["18.208.10.131", "172.30.2.207"]
 

- keygen_host: "54.225.23.248"
 

- 

- backend_base_url: "https://download.copr-dev.fedorainfracloud.org"
 

- postfix_group: copr
 

- 

- frontend_base_url: "https://copr-fe-dev.cloud.fedoraproject.org"
 

- dist_git_base_url: "copr-dist-git-dev.fedorainfracloud.org"
 

- 

  ansible_ifcfg_blocklist: true
 

- 

- copr_aws_region: us-east-1
 

- 

- services_disabled: false
 

- nm_controlled_resolv: True
 

- 

- builders:
 

-     # max|spawn_concurrently|prealloc
 

-     aws:
 

-         x86_64: [4, 1, 1]
 

-         aarch64: [2, 1, 1]
 

- 

-     aws_spot:
 

-         x86_64: [5, 2, 2]
 

-         aarch64: [5, 2, 1]
 

- 

-     x86_hypervisor_01:
 

-         x86_64: [2,1,1]
 

- 

-     x86_hypervisor_02:
 

-         x86_64: [2, 1, 1]
 

- 

-     x86_hypervisor_03:
 

-         x86_64: [2, 1, 1]
 

- 

-     x86_hypervisor_04:
 

-         x86_64: [2, 1, 1]
 

- 

-     ppc64le_hypervisor_01:
 

-         ppc64le: [2, 1, 1]
 

- 

-     ppc64le_hypervisor_02:
 

-         ppc64le: [2, 1, 1]
 

- 

- copr_builder_images:
 

-   hypervisor:
 

-     x86_64: copr-builder-x86_64-20211012_115536
 

-     ppc64le: copr-builder-ppc64le-20211012_120530
 

-   aws:
 

-     x86_64: ami-0baeeebc194e64780
 

-     aarch64: ami-068c2760406b9e3c9
 

- 

  aws_arch_subnets:
 

-   x86_64:
 

-     - subnet-0995f6a466849f4c3
 

-     - subnet-08cadf5a14b530ac4
 

-     - subnet-07b0b3168a353e3ee
 

-     - subnet-09c74a3e6420a206b
 

-     - subnet-01d4e967ab5e78005
 

-     - subnet-05437ac82d63b6ef5
 

- 

    # Your requested instance type (a1.xlarge) is not supported in your requested Availability Zone (us-east-1a).
 

    # Your requested instance type (a1.xlarge) is not supported in your requested Availability Zone (us-east-1d).
 

    # Your requested instance type (a1.xlarge) is not supported in your requested Availability Zone (us-east-1f).
 
@@ -78,5 +9,53 @@
 

      - subnet-0995f6a466849f4c3
 

      - subnet-08cadf5a14b530ac4
 

      - subnet-07b0b3168a353e3ee
 

+   x86_64:
 

+     - subnet-0995f6a466849f4c3
 

+     - subnet-08cadf5a14b530ac4
 

+     - subnet-07b0b3168a353e3ee
 

+     - subnet-09c74a3e6420a206b
 

+     - subnet-01d4e967ab5e78005
 

+     - subnet-05437ac82d63b6ef5
 

+ backend_base_url: "https://download.copr-dev.fedorainfracloud.org"
 

+ builders:
 

+   # max|spawn_concurrently|prealloc
 

+   aws:
 

+     aarch64: [2, 1, 1]
 

+     x86_64: [4, 1, 1]
 

+   aws_spot:
 

+     aarch64: [5, 2, 1]
 

+     x86_64: [5, 2, 2]
 

+   ppc64le_hypervisor_01:
 

+     ppc64le: [2, 1, 1]
 

+   ppc64le_hypervisor_02:
 

+     ppc64le: [2, 1, 1]
 

+   x86_hypervisor_01:
 

+     x86_64: [2, 1, 1]
 

+   x86_hypervisor_02:
 

+     x86_64: [2, 1, 1]
 

+   x86_hypervisor_03:
 

+     x86_64: [2, 1, 1]
 

+   x86_hypervisor_04:
 

+     x86_64: [2, 1, 1]
 

+ copr_aws_region: us-east-1
 

+ # don't forget to update ip in ./copr-keygen-stg, due to custom firewall rules
 

  

+ # eth0, eth1
 

+ copr_backend_ips: ["18.208.10.131", "172.30.2.207"]
 

+ copr_builder_images:
 

+   aws:
 

+     aarch64: ami-068c2760406b9e3c9
 

+     x86_64: ami-0baeeebc194e64780
 

+   hypervisor:
 

+     ppc64le: copr-builder-ppc64le-20211012_120530
 

+     x86_64: copr-builder-x86_64-20211012_115536
 

+ copr_messaging: true
 

+ datacenter: aws
 

+ devel: true
 

+ dist_git_base_url: "copr-dist-git-dev.fedorainfracloud.org"
 

+ frontend_base_url: "https://copr-fe-dev.cloud.fedoraproject.org"
 

+ keygen_host: "54.225.23.248"
 

+ nm_controlled_resolv: True
 

+ postfix_group: copr
 

  rpm_vendor_copr_name: Fedora Copr (devel)
 

+ services_disabled: false

file modified
+4 -5 
@@ -1,14 +1,13 @@
 

  ---
 

- tcp_ports: [22, 80, 443]
 

  datacenter: cloud
 

  freezes: false
 

- 

  # consumed by roles/copr/certbot
 

  letsencrypt:
 

-   predefined_deploy_script: httpd
 

    certificates:
 

      copr-dist-git.fedorainfracloud.org:
 

-       domains:
 

-       - copr-dist-git.fedorainfracloud.org
 

        challenge_dir: /var/www/html
 

+       domains:
 

+         - copr-dist-git.fedorainfracloud.org
 

        mail: copr-devel@lists.fedorahosted.org
 

+   predefined_deploy_script: httpd
 

+ tcp_ports: [22, 80, 443]

file modified
+7 -5 
@@ -1,14 +1,16 @@
 

  ---
 

- tcp_ports: [22, 80, 443]
 

  datacenter: aws
 

  freezes: false
 

- 

  # consumed by roles/copr/certbot
 

  letsencrypt:
 

-   predefined_deploy_script: httpd
 

    certificates:
 

      copr-dist-git.fedorainfracloud.org:
 

-       domains:
 

-       - copr-dist-git.fedorainfracloud.org
 

        challenge_dir: /var/www/html
 

+       domains:
 

+         - copr-dist-git.fedorainfracloud.org
 

        mail: copr-devel@lists.fedorahosted.org
 

+   predefined_deploy_script: httpd
 

+ tcp_ports: [22, 80, 443]
 

+ services_disabled: false
 

+ 

+ aws_ipv6_addr: "2600:1f18:8ee:ae00:41cc:53dc:b87b:2d8c/128"

file modified
+5 -6 
@@ -1,15 +1,14 @@
 

  ---
 

- tcp_ports: [22, 80, 443]
 

  datacenter: cloud
 

- freezes: false
 

  devel: true
 

- 

+ freezes: false
 

  # consumed by roles/copr/certbot
 

  letsencrypt:
 

-   predefined_deploy_script: httpd
 

    certificates:
 

      copr-dist-git-dev.fedorainfracloud.org:
 

-       domains:
 

-       - copr-dist-git-dev.fedorainfracloud.org
 

        challenge_dir: /var/www/html
 

+       domains:
 

+         - copr-dist-git-dev.fedorainfracloud.org
 

        mail: copr-devel@lists.fedorahosted.org
 

+   predefined_deploy_script: httpd
 

+ tcp_ports: [22, 80, 443]

file modified
+8 -6 
@@ -1,15 +1,17 @@
 

  ---
 

- tcp_ports: [22, 80, 443]
 

  datacenter: aws
 

- freezes: false
 

  devel: true
 

- 

+ freezes: false
 

  # consumed by roles/copr/certbot
 

  letsencrypt:
 

-   predefined_deploy_script: httpd
 

    certificates:
 

      copr-dist-git-dev.fedorainfracloud.org:
 

-       domains:
 

-       - copr-dist-git-dev.fedorainfracloud.org
 

        challenge_dir: /var/www/html
 

+       domains:
 

+         - copr-dist-git-dev.fedorainfracloud.org
 

        mail: copr-devel@lists.fedorahosted.org
 

+   predefined_deploy_script: httpd
 

+ tcp_ports: [22, 80, 443]
 

+ services_disabled: false
 

+ 

+ aws_ipv6_addr: "2600:1f18:8ee:ae00:691b:4103:dbcd:a64a/128"

file modified
+2 -3 
@@ -1,6 +1,5 @@
 

  ---
 

- resolvconf: "resolv.conf/cloud"
 

- 

- tcp_ports: [22, 80, 443]
 

  datacenter: cloud
 

  freezes: false
 

+ resolvconf: "resolv.conf/cloud"
 

+ tcp_ports: [22, 80, 443]

file modified
+16 -20 
@@ -1,34 +1,30 @@
 

  ---
 

- tcp_ports: [22, 80, 443]
 

+ copr_fe_homedir: /usr/share/copr/coprs_frontend
 

  copr_frontend_public_hostname: "copr.fedorainfracloud.org"
 

- 

- # These variables are pushed into /etc/system_identification by the base role.
 

- # Groups and individual hosts should override them with specific info.
 

- # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

- csi_security_category: Moderate
 

+ copr_kerberos_auth_enabled: false
 

+ copr_messaging_queue: "a9b74258-21c6-4e79-ba65-9e858dc84a2b"
 

+ copr_pagure_events:
 

+   io.pagure.prod.pagure: "https://pagure.io/"
 

+   org.fedoraproject.prod.pagure: "https://src.fedoraproject.org/"
 

  csi_primary_contact: "msuchy (mirek), frostyx, praiskup IRC #fedora-admin, #fedora-buildsys"
 

  csi_purpose: Provide a publicly accessible frontend for 3rd party packages (copr)
 

  csi_relationship: |
 

    - This host provides the frontend part of copr only.
 

    - It's the point of contact between end users and the copr build system (backend, package singer)
 

- 

+ # These variables are pushed into /etc/system_identification by the base role.
 

+ # Groups and individual hosts should override them with specific info.
 

+ # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

+ csi_security_category: Moderate
 

  # consumed by roles/copr/certbot
 

  letsencrypt:
 

-   predefined_deploy_script: httpd
 

    certificates:
 

      copr.fedorainfracloud.org:
 

-       domains:
 

-       - copr.fedorainfracloud.org
 

        challenge_dir: /var/www/html
 

+       domains:
 

+         - copr.fedorainfracloud.org
 

        mail: copr-devel@lists.fedorahosted.org
 

+   predefined_deploy_script: httpd
 

+ tcp_ports: [22, 80, 443]
 

+ services_disabled: false
 

  

- copr_pagure_events:
 

-   io.pagure.prod.pagure: "https://pagure.io/"
 

-   org.fedoraproject.prod.pagure: "https://src.fedoraproject.org/"
 

- 

- copr_messaging_queue: "a9b74258-21c6-4e79-ba65-9e858dc84a2b"
 

- 

- copr_fe_homedir: /usr/share/copr/coprs_frontend
 

- 

- copr_kerberos_auth_enabled: false
 

+ aws_ipv6_addr: "2600:1f18:8ee:ae00:9d1f:4737:93ce:6db/128"

file modified
+20 -25 
@@ -1,37 +1,32 @@
 

  ---
 

- tcp_ports: [22, 80, 443]
 

+ allowlist_emails:
 

+   - msuchy@redhat.com
 

+   - praiskup@redhat.com
 

+   - jkadlcik@redhat.com
 

+   - schlupov@redhat.com
 

+ copr_fe_homedir: /usr/share/copr/coprs_frontend
 

  copr_frontend_public_hostname: "copr-fe-dev.cloud.fedoraproject.org"
 

- 

- csi_security_category: Low
 

+ copr_kerberos_auth_enabled: false
 

+ copr_mbs_cli_login: Y29wcg==##vtvvikhcjncwkfkdcssv
 

+ copr_messaging_queue: "c8e11df7-e863-4ca4-99b9-d37c6663c7f7"
 

+ copr_pagure_events:
 

+   io.pagure.prod.pagure: "https://pagure.io/"
 

+   io.pagure.stg.pagure: "https://stg.pagure.io"
 

+   org.fedoraproject.prod.pagure: "https://src.fedoraproject.org/"
 

  csi_primary_contact: "msuchy (mirek), frostyx,  praiskup IRC #fedora-admin, #fedora-buildsys"
 

  csi_purpose: Provide the testing environment of copr's frontend
 

  csi_relationship: This host is the testing environment for copr's web interface
 

- 

- copr_mbs_cli_login: Y29wcg==##vtvvikhcjncwkfkdcssv
 

- 

+ csi_security_category: Low
 

  # consumed by roles/copr/certbot
 

  letsencrypt:
 

-   predefined_deploy_script: httpd
 

    certificates:
 

      copr-fe-dev.cloud.fedoraproject.org:
 

-       domains:
 

-       - copr-fe-dev.cloud.fedoraproject.org
 

        challenge_dir: /var/www/html
 

+       domains:
 

+         - copr-fe-dev.cloud.fedoraproject.org
 

        mail: copr-devel@lists.fedorahosted.org
 

+   predefined_deploy_script: httpd
 

+ tcp_ports: [22, 80, 443]
 

+ services_disabled: false
 

  

- allowlist_emails:
 

-   - msuchy@redhat.com
 

-   - praiskup@redhat.com
 

-   - jkadlcik@redhat.com
 

-   - schlupov@redhat.com
 

- 

- copr_pagure_events:
 

-   io.pagure.prod.pagure: "https://pagure.io/"
 

-   org.fedoraproject.prod.pagure: "https://src.fedoraproject.org/"
 

-   io.pagure.stg.pagure: "https://stg.pagure.io"
 

- 

- copr_messaging_queue: "c8e11df7-e863-4ca4-99b9-d37c6663c7f7"
 

- 

- copr_fe_homedir: /usr/share/copr/coprs_frontend
 

- 

- copr_kerberos_auth_enabled: false
 

+ aws_ipv6_addr: "2600:1f18:8ee:ae00:66a:fd15:3f16:4092/128"

file modified
+19 -26 
@@ -1,33 +1,26 @@
 

  ---
 

- virthost: true
 

- 

- vpn: true
 

- primary_auth_source: ipa
 

- ipa_host_group: vmhost-copr
 

- ipa_host_group_desc: VM hosts for COPR
 

- ipa_client_shell_groups:
 

- - sysadmin-copr
 

- ipa_client_sudo_groups:
 

- - sysadmin-copr
 

- 

- nrpe_procs_warn: 1400
 

- nrpe_procs_crit: 1500
 

- 

- postfix_group: copr
 

- postfix_maincf: "postfix/main.cf/main.cf.copr"
 

- 

- freezes: false
 

- 

- csi_security_category: High
 

  csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

  csi_purpose: Host guest virtual machines.
 

  csi_relationship: |
 

-    - Guests on this host will be inaccessible if the host is down.
 

-    - This host will be required by any application with a virtual machine running on it, therefore, if this host is down those applications will be impacted.
 

- 

+   - Guests on this host will be inaccessible if the host is down.
 

+   - This host will be required by any application with a virtual machine running on it, therefore, if this host is down those applications will be impacted.
 

+ csi_security_category: High
 

+ dist_git_base_url: https://example.com/unset
 

+ freezes: false
 

+ frontend_base_url: https://exmaple.com/unset
 

+ ipa_client_shell_groups:
 

+   - sysadmin-copr
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-copr
 

+ ipa_host_group: vmhost-copr
 

+ ipa_host_group_desc: VM hosts for COPR
 

  nagios_Check_Services:
 

    raid: true
 

- 

+ nrpe_procs_crit: 1500
 

+ nrpe_procs_warn: 1400
 

+ postfix_group: copr
 

+ postfix_maincf: "postfix/main.cf/main.cf.copr"
 

+ primary_auth_source: ipa
 

  rpm_vendor_copr_name: unset vendor
 

- frontend_base_url: https://exmaple.com/unset
 

- dist_git_base_url: https://example.com/unset
 

+ virthost: true
 

+ vpn: true

file modified
+2 -8 
@@ -1,12 +1,6 @@
 

  ---
 

- tcp_ports: [22]
 

- 

  # http + signd dest ports
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 172.25.33.79 --dport 80 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 172.25.82.25 --dport 80 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 172.25.33.79 --dport 5167 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 172.25.82.25 --dport 5167 -j ACCEPT']
 

- 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 172.25.33.79 --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 172.25.82.25 --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 172.25.33.79 --dport 5167 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 172.25.82.25 --dport 5167 -j ACCEPT']
 

  datacenter: cloud
 

- 

  freezes: false
 

+ tcp_ports: [22]

file modified
+5 -9 
@@ -1,14 +1,10 @@
 

  ---
 

  copr_hostbase: copr-keygen
 

- 

- tcp_ports: [22]
 

- 

  # http + signd dest ports
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 52.44.175.77 --dport   80 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 52.44.175.77 --dport 5167 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 172.30.2.203 --dport   80 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 172.30.2.203 --dport 5167 -j ACCEPT']
 

- 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 52.44.175.77 --dport   80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 52.44.175.77 --dport 5167 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 172.30.2.37  --dport   80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 172.30.2.37  --dport 5167 -j ACCEPT']
 

  datacenter: aws
 

- 

  freezes: false
 

+ tcp_ports: [22]
 

+ services_disabled: false
 

+ 

+ aws_ipv6_addr: "2600:1f18:8ee:ae00:acef:63f0:530a:cdff/128"

file modified
+2 -8 
@@ -1,13 +1,7 @@
 

  ---
 

  copr_hostbase: copr-keygen-dev
 

- tcp_ports: []
 

- 

  # http + signd dest ports
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 172.25.33.80 --dport 80 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 172.25.33.80 --dport 5167 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 172.25.144.254 --dport 80 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 172.25.144.254 --dport 5167 -j ACCEPT']
 

- 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 172.25.33.80 --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 172.25.33.80 --dport 5167 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 172.25.144.254 --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 172.25.144.254 --dport 5167 -j ACCEPT']
 

  datacenter: cloud
 

- 

  freezes: false
 

+ tcp_ports: []

file modified
+5 -9 
@@ -1,14 +1,10 @@
 

  ---
 

  copr_hostbase: copr-keygen-dev
 

- 

- tcp_ports: [22]
 

- 

  # http + signd dest ports
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 18.208.10.131   --dport   80 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 18.208.10.131   --dport 5167 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 172.30.2.207    --dport   80 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 172.30.2.207    --dport 5167 -j ACCEPT']
 

- 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 18.208.10.131   --dport   80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 18.208.10.131   --dport 5167 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 54.81.201.101   --dport   80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 54.81.201.101   --dport 5167 -j ACCEPT']
 

  datacenter: aws
 

- 

  freezes: false
 

+ tcp_ports: [22]
 

+ services_disabled: false
 

+ 

+ aws_ipv6_addr: "2600:1f18:8ee:ae00:3cbb:7920:d83:e607/128"

file modified
+3 -10 
@@ -1,15 +1,8 @@
 

  ---
 

- resolvconf: "resolv.conf/cloud"
 

- 

  copr_hostbase: copr-keygen-stg
 

- tcp_ports: []
 

- 

  # http + signd dest ports
 

- custom_rules: ['-A INPUT -p tcp -m tcp -s 172.25.33.49 --dport 80 -j ACCEPT',
 

-                '-A INPUT -p tcp -m tcp -s 209.132.184.44 --dport 80 -j ACCEPT',
 

-                '-A INPUT -p tcp -m tcp -s 172.25.33.49 --dport 5167 -j ACCEPT',
 

-                '-A INPUT -p tcp -m tcp -s 209.132.184.44 --dport 5167 -j ACCEPT']
 

- 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 172.25.33.49 --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 209.132.184.44 --dport 80 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 172.25.33.49 --dport 5167 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 209.132.184.44 --dport 5167 -j ACCEPT']
 

  datacenter: cloud
 

- 

  freezes: false
 

+ resolvconf: "resolv.conf/cloud"
 

+ tcp_ports: []

file modified
+5 -9 
@@ -1,15 +1,11 @@
 

  ---
 

- devel: false
 

  #_forward-src: "{{ files }}/copr/forward-dev"
 

  _forward_src: "forward_dev"
 

- 

+ ansible_ifcfg_blocklist: true
 

+ backend_base_url: "https://copr-be-stg.fedorainfracloud.org"
 

  # don't forget to update ip in ./copr-keygen-stg, due to custom firewall rules
 

- 

  copr_backend_ips: ["172.25.33.49", "209.132.184.44"]
 

- keygen_host: "172.25.33.51"
 

- 

- backend_base_url: "https://copr-be-stg.fedorainfracloud.org"
 

- frontend_base_url: "https://copr.stg.fedoraproject.org"
 

+ devel: false
 

  dist_git_base_url: "copr-dist-git-stg.fedorainfracloud.org"
 

- 

- ansible_ifcfg_blocklist: true
 

+ frontend_base_url: "https://copr.stg.fedoraproject.org"
 

+ keygen_host: "172.25.33.51"

file modified
+15 -23 
@@ -1,30 +1,22 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ deployment_type: prod
 

+ freezes: false
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-datanommer
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-datanommer
 

+ ipa_host_group: datagrepper
 

+ ipa_host_group_desc: Service to grep through historical message bus data
 

  lvm_size: 20000
 

  mem_size: 8192
 

  num_cpus: 2
 

- 

+ primary_auth_source: ipa
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 443, 6996 ]
 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

- ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: datagrepper
 

- ipa_host_group_desc: Service to grep through historical message bus data
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-datanommer
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-datanommer
 

- 

- freezes: false
 

- 

- deployment_type: prod
 

+ tcp_ports: [80, 443, 6996]

file modified
+13 -17 
@@ -1,24 +1,20 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ freezes: false
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-datanommer
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-datanommer
 

+ ipa_host_group: datagrepper
 

+ ipa_host_group_desc: Service to grep through historical message bus data
 

  lvm_size: 20000
 

  mem_size: 2048
 

  num_cpus: 1
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 443, 6996 ]
 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- ipa_host_group: datagrepper
 

- ipa_host_group_desc: Service to grep through historical message bus data
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-datanommer
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-datanommer
 

- 

- freezes: false
 

+ tcp_ports: [80, 443, 6996]

file modified
+6 -6 
@@ -1,9 +1,9 @@
 

  ---
 

- ipa_host_group: dbserver
 

- ipa_host_group_desc: Database server hosts
 

  ipa_client_shell_groups:
 

- - sysadmin-dba
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - sysadmin-dba
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-dba
 

+   - sysadmin-dba
 

+ ipa_host_group: dbserver
 

+ ipa_host_group_desc: Database server hosts

file modified
+6 -6 
@@ -1,9 +1,9 @@
 

  ---
 

- ipa_host_group: dbserver
 

- ipa_host_group_desc: Database server hosts
 

  ipa_client_shell_groups:
 

- - sysadmin-dba
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - sysadmin-dba
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-dba
 

+   - sysadmin-dba
 

+ ipa_host_group: dbserver
 

+ ipa_host_group_desc: Database server hosts

file modified
+17 -22 
@@ -1,28 +1,23 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ csi_primary_contact: "#fedora-admin"
 

+ csi_purpose: Provides debuginfod services
 

+ csi_relationship: |
 

+   - This server provides a debuginfod server to allow downloading debuginfod
 

+ csi_security_category: Low
 

+ deployment_type: prod
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-debuginfod
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-debuginfod
 

+ ipa_host_group: debuginfod
 

+ ipa_host_group_desc: debuginfod servers
 

  lvm_size: 500000
 

- mem_size: 8192
 

  max_mem_size: 16384
 

+ mem_size: 8192
 

  num_cpus: 4
 

- 

- deployment_type: prod
 

- 

- tcp_ports: [ 8002 ]
 

- 

  primary_auth_source: ipa
 

- ipa_host_group: debuginfod
 

- ipa_host_group_desc: debuginfod servers
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-debuginfod
 

- ipa_client_sudo_groups:
 

- - sysadmin-debuginfod
 

- 

- csi_security_category: Low
 

- csi_primary_contact: "#fedora-admin"
 

- csi_purpose:  Provides debuginfod services
 

- csi_relationship: |
 

-  - This server provides a debuginfod server to allow downloading debuginfod
 

- 

+ tcp_ports: [8002]

file modified
+17 -22 
@@ -1,28 +1,23 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ csi_primary_contact: "#fedora-admin"
 

+ csi_purpose: Provides debuginfod services
 

+ csi_relationship: |
 

+   - This server provides a debuginfod server to allow downloading debuginfod
 

+ csi_security_category: Low
 

+ deployment_type: stg
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-debuginfod
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-debuginfod
 

+ ipa_host_group: debuginfod
 

+ ipa_host_group_desc: debuginfod servers
 

  lvm_size: 500000
 

- mem_size: 8192
 

  max_mem_size: 16384
 

+ mem_size: 8192
 

  num_cpus: 4
 

- 

- deployment_type: stg
 

- 

- tcp_ports: [ 8002 ]
 

- 

  primary_auth_source: ipa
 

- ipa_host_group: debuginfod
 

- ipa_host_group_desc: debuginfod servers
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-debuginfod
 

- ipa_client_sudo_groups:
 

- - sysadmin-debuginfod
 

- 

- csi_security_category: Low
 

- csi_primary_contact: "#fedora-admin"
 

- csi_purpose:  Provides debuginfod services
 

- csi_relationship: |
 

-  - This server provides a debuginfod server to allow downloading debuginfod
 

- 

+ tcp_ports: [8002]

file modified
+9 -11 
@@ -1,16 +1,14 @@
 

  ---
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- virthost: true
 

- 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Koji service employs a set of virtual machines to build packages for the Fedora project. This playbook is for the provisioning of a physical host for buildvm's.
 

+ csi_relationship: |
 

+   * Relies on ansible, virthost, and is monitored by nagios
 

+   * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

+   * Builder vm's are hosted on hosts created with this playbook.
 

  # These variables are pushed into /etc/system_identification by the base role.
 

  # Groups and individual hosts should ovveride them with specific info.
 

  # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

  csi_security_category: High
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Koji service employs a set of virtual machines to build packages for the Fedora project. This playbook is for the provisioning of a physical host for buildvm's.
 

- csi_relationship: |
 

-     * Relies on ansible, virthost, and is monitored by nagios
 

-     * Several services rely on the builders, including koschei, Bodhi, Tagger, SCM, Darkserver.
 

-     * Builder vm's are hosted on hosts created with this playbook.
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ virthost: true

file modified
+16 -23 
@@ -1,30 +1,23 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Domain Name Service
 

+ csi_security_category: High
 

+ ipa_client_shell_groups:
 

+   - sysadmin-dns
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-dns
 

+ ipa_host_group: dns
 

+ ipa_host_group_desc: DNS servers
 

  lvm_size: 30000
 

  mem_size: 2048
 

+ nagios_has_named: true
 

+ nrpe_procs_crit: 500
 

+ nrpe_procs_warn: 300
 

  num_cpus: 2
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- udp_ports: [ 53 ]
 

- tcp_ports: [ 53 ]
 

- 

  primary_auth_source: ipa
 

- ipa_host_group: dns
 

- ipa_host_group_desc: DNS servers
 

- ipa_client_shell_groups:
 

- - sysadmin-dns
 

- ipa_client_sudo_groups:
 

- - sysadmin-dns
 

- 

- nrpe_procs_warn: 300
 

- nrpe_procs_crit: 500
 

- 

  sudoers: "{{ private }}/files/sudo/sysadmin-dns"
 

- 

- csi_security_category: High
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Domain Name Service
 

- 

- nagios_has_named: true
 

+ tcp_ports: [53]
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ udp_ports: [53]

file modified
+91 -93 
@@ -1,98 +1,96 @@
 

  ---
 

- primary_auth_source: ipa
 

+ dl_tier1:
 

+   - 10.0.0.0/8 # Red Hat Internal
 

+   - 128.171.104.148 # mirror.ancl.hawaii.edu.
 

+   - 129.101.198.59 # University of Idaho
 

+   - 129.21.171.98 # kirby.main.ad.rit.edu.
 

+   - 129.7.128.189 # pubmirror1.math.uh.edu.
 

+   - 129.7.128.190 # pubmirror2.math.uh.edu.
 

+   - 129.7.128.191 # pubmirror3.math.uh.edu.
 

+   - 130.225.254.116 # dotsrc.org
 

+   - 130.239.17.3 # its-ehm.its.umu.se.
 

+   - 137.138.120.188 # cern
 

+   - 137.138.148.168 # cern
 

+   - 137.138.44.122 # cern
 

+   - 140.247.173.57 # pool-computing-servers.seas.harvard.edu.
 

+   - 147.75.101.1 # ams.edge.kernel.org
 

+   - 147.75.197.195 # ewr.edge.kernel.org
 

+   - 147.75.69.165 # sjc.edge.kernel.org
 

+   - 147.75.95.133 # kernel.org apac
 

+   - 149.11.118.8/29 # Red Hat CZ
 

+   - 152.19.134.145 # vm6.fedora.ibiblio.org.
 

+   - 152.19.134.195 # vm15.fedora.ibiblio.org.
 

+   - 154.45.192.0/29 # Red Hat CZ New
 

+   - 166.78.229.128 # rackspace new infra
 

+   - 182.255.111.7 # dksn-k4.cdn.aarnet.edu.au.
 

+   - 188.184.104.133 # cern
 

+   - 188.184.116.38 # cern
 

+   - 195.220.108.108 # mandril.creatis.insa-lyon.fr.
 

+   - 198.129.224.34 # linux-src.es.net.
 

+   - 199.6.1.170 # isc.org
 

+   - 200.17.202.1/28 # ufpr.br
 

+   - 202.158.214.12 # bne-a-vms1.retain.aarnet.edu.au.
 

+   - 204.152.191.36 # isc.org
 

+   - 208.96.144.68 # University of Southern Indiana
 

+   - 208.96.144.90 # University of Southern Indiana
 

+   - 208.89.87.36 # Mirror.dst.ca
 

+   - 213.175.37.8/29 # ??
 

+   - 66.187.233.206 # Red Hat BOS
 

+   - 71.19.151.18 # prgmr.com / nb.zone
 

+   - 72.4.120.222 # rackspace old infra
 

+   - 91.209.10.253 # Red Hat CZ New Newer
 

+   - 125.16.200.50 # Red Hat PNQ
 

+   - 2001:388:1:4066:225:90ff:fec7:777e # ??
 

+   - 2001:4DE8:C0FD::/48 # ??
 

+   - 2001:878:346::116 # dotsrc.org
 

+   - 2001:978:2:81::1:0/112 # ??
 

+   - 2604:1380:3000:1500::1 # kernel.org apac
 

+   - 2620:52:3:1:dead:beef:cafe:fed1 # download-cc-rdu01's ipv6 address
 

+   - archive.linux.duke.edu # 152.3.102.53
 

+   - 152.3.68.159 # new archive.linux.duke.edu
 

+   - auslistsdr01.us.dell.com # 143.166.224.62
 

+   - auslistsprd01.us.dell.com # 143.166.82.43
 

+   - download-ib01.fedoraproject.org # 152.19.134.145
 

+   - download-cc-rdu01.fedoraproject.org # 8.43.85.72
 

+   - fedora.c3sl.ufpr.br # 200.236.31.8
 

+   - frisal.switch.ch # 130.59.113.36
 

+   - ftp.heanet.ie # 193.1.193.64
 

+   - ftp.linux.cz # 147.251.48.205
 

+   - 2001:718:801:230::cd # ftp.linux.cz ipv6 address
 

+   - ftp.nrc.ca # 132.246.2.21
 

+   - jobbot1.ibiblio.org # 152.19.134.30
 

+   - elba.hrz.tu-chemnitz.de # 134.109.228.48 / 2001:638:911:b0e:134:109:228:48
 

+   - waterloo.hrz.tu-chemnitz.de # 134.109.228.1 / 2001:638:911:b0e:134:109:228:1
 

+   - lists.us.dell.com # 143.166.82.43
 

+   - mirror.gtlib.gatech.edu # 128.61.111.11
 

+   - mirror.hiwaay.net # 216.180.99.217
 

+   - mirror.liquidtelecom.com # 197.155.77.1
 

+   - mirror.prgmr.com # 71.19.148.193
 

+   - mirror.speedpartner.de # 91.184.32.5
 

+   - mirrors.mit.edu # 18.7.29.125
 

+   - mirrors.pdx.kernel.org # 198.145.21.9 / 2001:19d0:306:6:0:1994:3:14
 

+   - mirrors.rit.edu # 129.21.171.72
 

+   - mirrors.sfo.kernel.org # 149.20.37.36 / 2001:4f8:4:6f:0:1994:3:14
 

+   - mirrors.xmission.com # 198.60.22.13
 

+   - nrt.edge.kernel.org # 147.75.95.133 / 2604:1380:3000:1500::1
 

+   - odysseus.fi.muni.cz # 147.251.48.205
 

+   - odysseus.linux.cz # 147.251.48.205
 

+   - rhlx01.hs-esslingen.de # 129.143.116.10
 

+   - rsyncer.ftp.heanet.ie # 193.1.219.88
 

+   - sagres.c3sl.ufpr.br # 200.236.31.1
 

+   - scrye.com # 75.148.32.185
 

+   - sfo-korg-mirror.kernel.org # 149.20.37.36 / 2001:4f8:4:6f:0:1994:3:14
 

+   - sinclair.wpi.edu # 130.215.32.86
 

+   - mirr-web-p-u01.wpi.edu # 130.215.32.92 / 2607:f5c0:8040:a081::80
 

+   - solar-one.mit.edu # 18.7.29.123
 

+   - speculum.rbc.ru # 80.68.250.217
 

+   - torrent01.fedoraproject.org # 152.19.134.141
 

+   - torrent02.fedoraproject.org # 152.19.134.148
 

+   - ultra.linux.cz # 195.113.15.27
 

+   - wpi.edu # 130.215.36.26
 

+   - zaphod.gtlib.gatech.edu # 128.61.111.12
 

  ipa_host_group: download
 

  ipa_host_group_desc: Download servers
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

- dl_tier1:
 

-   - 10.0.0.0/8			       # Red Hat Internal
 

-   - 128.171.104.148                    # mirror.ancl.hawaii.edu.
 

-   - 129.101.198.59                     # University of Idaho
 

-   - 129.21.171.98                      # kirby.main.ad.rit.edu.
 

-   - 129.7.128.189                      # pubmirror1.math.uh.edu.
 

-   - 129.7.128.190                      # pubmirror2.math.uh.edu.
 

-   - 129.7.128.191                      # pubmirror3.math.uh.edu.
 

-   - 130.225.254.116                    # dotsrc.org
 

-   - 130.239.17.3                       # its-ehm.its.umu.se.
 

-   - 137.138.120.188                    # cern
 

-   - 137.138.148.168                    # cern
 

-   - 137.138.44.122                     # cern
 

-   - 140.247.173.57                     # pool-computing-servers.seas.harvard.edu.
 

-   - 147.75.101.1                       # ams.edge.kernel.org
 

-   - 147.75.197.195                     # ewr.edge.kernel.org
 

-   - 147.75.69.165                      # sjc.edge.kernel.org
 

-   - 147.75.95.133                      # kernel.org apac
 

-   - 149.11.118.8/29                    # Red Hat CZ
 

-   - 152.19.134.145                     # vm6.fedora.ibiblio.org.
 

-   - 152.19.134.195                     # vm15.fedora.ibiblio.org.
 

-   - 154.45.192.0/29                    # Red Hat CZ New
 

-   - 166.78.229.128                     # rackspace new infra
 

-   - 182.255.111.7                      # dksn-k4.cdn.aarnet.edu.au.
 

-   - 188.184.104.133                    # cern
 

-   - 188.184.116.38                     # cern
 

-   - 195.220.108.108                    # mandril.creatis.insa-lyon.fr.
 

-   - 198.129.224.34                     # linux-src.es.net.
 

-   - 199.6.1.170                        # isc.org
 

-   - 200.17.202.1/28                    # ufpr.br
 

-   - 202.158.214.12                     # bne-a-vms1.retain.aarnet.edu.au.
 

-   - 204.152.191.36                     # isc.org
 

-   - 208.96.144.68                      # University of Southern Indiana
 

-   - 208.96.144.90                      # University of Southern Indiana
 

-   - 208.89.87.36		       # Mirror.dst.ca
 

-   - 213.175.37.8/29                    # ??
 

-   - 66.187.233.206                     # Red Hat BOS
 

-   - 71.19.151.18                       # prgmr.com / nb.zone
 

-   - 72.4.120.222                       # rackspace old infra
 

-   - 91.209.10.253                      # Red Hat CZ New Newer
 

-   - 125.16.200.50		       # Red Hat PNQ
 

-   - 2001:388:1:4066:225:90ff:fec7:777e # ??
 

-   - 2001:4DE8:C0FD::/48                # ??
 

-   - 2001:878:346::116                  # dotsrc.org
 

-   - 2001:978:2:81::1:0/112             # ??
 

-   - 2604:1380:3000:1500::1             # kernel.org apac
 

-   - 2620:52:3:1:dead:beef:cafe:fed1    # download-cc-rdu01's ipv6 address
 

-   - archive.linux.duke.edu             # 152.3.102.53
 

-   - 152.3.68.159                       # new archive.linux.duke.edu
 

-   - auslistsdr01.us.dell.com           # 143.166.224.62
 

-   - auslistsprd01.us.dell.com          # 143.166.82.43
 

-   - download-ib01.fedoraproject.org    # 152.19.134.145
 

-   - download-cc-rdu01.fedoraproject.org    # 8.43.85.72
 

-   - fedora.c3sl.ufpr.br                # 200.236.31.8
 

-   - frisal.switch.ch                   # 130.59.113.36
 

-   - ftp.heanet.ie                      # 193.1.193.64
 

-   - ftp.linux.cz                       # 147.251.48.205
 

-   - 2001:718:801:230::cd               # ftp.linux.cz ipv6 address
 

-   - ftp.nrc.ca                         # 132.246.2.21
 

-   - jobbot1.ibiblio.org                # 152.19.134.30
 

-   - elba.hrz.tu-chemnitz.de            # 134.109.228.48 / 2001:638:911:b0e:134:109:228:48
 

-   - waterloo.hrz.tu-chemnitz.de        # 134.109.228.1 / 2001:638:911:b0e:134:109:228:1
 

-   - lists.us.dell.com                  # 143.166.82.43
 

-   - mirror.gtlib.gatech.edu            # 128.61.111.11
 

-   - mirror.hiwaay.net                  # 216.180.99.217
 

-   - mirror.liquidtelecom.com           # 197.155.77.1
 

-   - mirror.prgmr.com                   # 71.19.148.193
 

-   - mirror.speedpartner.de             # 91.184.32.5
 

-   - mirrors.mit.edu                    # 18.7.29.125
 

-   - mirrors.pdx.kernel.org             # 198.145.21.9 / 2001:19d0:306:6:0:1994:3:14
 

-   - mirrors.rit.edu                    # 129.21.171.72
 

-   - mirrors.sfo.kernel.org             # 149.20.37.36 / 2001:4f8:4:6f:0:1994:3:14
 

-   - mirrors.xmission.com               # 198.60.22.13
 

-   - nrt.edge.kernel.org                # 147.75.95.133 / 2604:1380:3000:1500::1
 

-   - odysseus.fi.muni.cz                # 147.251.48.205
 

-   - odysseus.linux.cz                  # 147.251.48.205
 

-   - rhlx01.hs-esslingen.de             # 129.143.116.10
 

-   - rsyncer.ftp.heanet.ie              # 193.1.219.88
 

-   - sagres.c3sl.ufpr.br                # 200.236.31.1
 

-   - scrye.com                          # 75.148.32.185
 

-   - sfo-korg-mirror.kernel.org         # 149.20.37.36 / 2001:4f8:4:6f:0:1994:3:14
 

-   - sinclair.wpi.edu                   # 130.215.32.86
 

-   - mirr-web-p-u01.wpi.edu             # 130.215.32.92 / 2607:f5c0:8040:a081::80
 

-   - solar-one.mit.edu                  # 18.7.29.123
 

-   - speculum.rbc.ru                    # 80.68.250.217
 

-   - torrent01.fedoraproject.org        # 152.19.134.141
 

-   - torrent02.fedoraproject.org        # 152.19.134.148
 

-   - ultra.linux.cz                     # 195.113.15.27
 

-   - wpi.edu                            # 130.215.36.26
 

-   - zaphod.gtlib.gatech.edu            # 128.61.111.12
 

+ primary_auth_source: ipa

file modified
+5 -8 
@@ -1,14 +1,11 @@
 

  ---
 

+ blocked_ips: []
 

  datacenter: iad2
 

- tcp_ports: [80, 443, 873]
 

- rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

  dns: 10.3.163.33
 

- 

  host_group: download-iad2
 

- 

  # nfs mount options, overrides the all/default
 

  nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,actimeo=600,nfsvers=3"
 

- 

- blocked_ips: [  ]
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

+ tcp_ports: [80, 443, 873]

file modified
+3 -4 
@@ -1,7 +1,6 @@
 

  ---
 

  datacenter: ibiblio
 

- tcp_ports: [80, 443, 873]
 

- rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

- nrpe_procs_warn: 900
 

  nrpe_procs_crit: 1000
 

- 

+ nrpe_procs_warn: 900
 

+ rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

+ tcp_ports: [80, 443, 873]

file modified
+6 -7 
@@ -1,11 +1,10 @@
 

  ---
 

- datacenter: rdu
 

- tcp_ports: [80, 443, 873]
 

- rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- virt_install_command: "{{ virt_install_command_rhel6 }}"
 

  ansible_ifcfg_blocklist: true
 

- 

+ datacenter: rdu
 

  # nfs mount options, overrides the all/default
 

  nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,actimeo=600,nfsvers=3"
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

+ tcp_ports: [80, 443, 873]
 

+ virt_install_command: "{{ virt_install_command_rhel6 }}"

file modified
+27 -35 
@@ -1,42 +1,34 @@
 

  ---
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - fedimg.image.test
 

+       - fedimg.image.upload
 

+       - fedimg.image.copy
 

+       - fedimg.image.publish
 

+     group: fedmsg
 

+     owner: root
 

+     service: fedimg
 

+ # These people get told when something goes wrong.
 

+ fedmsg_error_recipients:
 

+   - sysadmin-fedimg-members@fedoraproject.org
 

+ ipa_client_shell_groups:
 

+   - sysadmin-releng
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-releng
 

+ ipa_host_group: fedimg
 

  lvm_size: 20000
 

  mem_size: 6144
 

  num_cpus: 2
 

- 

- testing: False
 

- 

+ primary_auth_source: ipa
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

  tcp_ports: [
 

-    # These are all for outgoing fedmsg.
 

-    3000, 3001, 3002, 3003, 3004, 3005, 3006,
 

-    3007, 3008, 3009, 3010, 3011, 3012, 3013,
 

- ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: fedimg
 

- ipa_client_shell_groups:
 

- - sysadmin-releng
 

- ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- 

- # These people get told when something goes wrong.
 

- fedmsg_error_recipients:
 

- - sysadmin-fedimg-members@fedoraproject.org
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: fedimg
 

-   owner: root
 

-   group: fedmsg
 

-   can_send:
 

-   - fedimg.image.test
 

-   - fedimg.image.upload
 

-   - fedimg.image.copy
 

-   - fedimg.image.publish
 

+   # These are all for outgoing fedmsg.
 

+   3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3008, 3009, 3010, 3011, 3012, 3013]
 

+ testing: False

file modified
+28 -37 
@@ -1,44 +1,35 @@
 

  ---
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - fedimg.image.test
 

+       - fedimg.image.upload
 

+       - fedimg.image.copy
 

+       - fedimg.image.publish
 

+     group: fedmsg
 

+     owner: root
 

+     service: fedimg
 

+ fedmsg_debug_loopback: True
 

+ # These people get told when something goes wrong.
 

+ fedmsg_error_recipients:
 

+   - sysadmin-fedimg-members@fedoraproject.org
 

+ ipa_client_shell_groups:
 

+   - sysadmin-releng
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-releng
 

+ ipa_host_group: fedimg
 

  lvm_size: 20000
 

  mem_size: 6144
 

  num_cpus: 2
 

- 

- # Use infrastructure-tags-stg repo
 

- testing: True
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

  tcp_ports: [
 

-    # These are all for outgoing fedmsg.
 

-    3000, 3001, 3002, 3003, 3004, 3005, 3006,
 

-    3007, 3008, 3009, 3010, 3011, 3012, 3013,
 

- ]
 

- 

- ipa_host_group: fedimg
 

- ipa_client_shell_groups:
 

- - sysadmin-releng
 

- ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- 

- fedmsg_debug_loopback: True
 

- 

- # These people get told when something goes wrong.
 

- fedmsg_error_recipients:
 

- - sysadmin-fedimg-members@fedoraproject.org
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: fedimg
 

-   owner: root
 

-   group: fedmsg
 

-   can_send:
 

-   - fedimg.image.test
 

-   - fedimg.image.upload
 

-   - fedimg.image.copy
 

-   - fedimg.image.publish
 

+   # These are all for outgoing fedmsg.
 

+   3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3008, 3009, 3010, 3011, 3012, 3013]
 

+ # Use infrastructure-tags-stg repo
 

+ testing: True

file modified
+7 -9 
@@ -1,17 +1,15 @@
 

  # we need this for our fedora-messaging consumer as it is not allowed
 

  # to create queues on the infra AMQP broker, by broker config
 

- fedora_nightlies_amqp_passive: true
 

- 

- # fedora-messaging job scheduler settings
 

- fedora_nightlies_amqp_url: "amqps://openqa:@rabbitmq.fedoraproject.org/%2Fpubsub"
 

  fedora_nightlies_amqp_cacert: /etc/fedora-messaging/cacert.pem
 

- fedora_nightlies_amqp_key: /etc/pki/fedora-messaging/openqa-key.pem
 

  fedora_nightlies_amqp_cert: /etc/pki/fedora-messaging/openqa-cert.pem
 

- fedora_nightlies_amqp_queue: "openqa_fedora_nightlies"
 

- fedora_nightlies_amqp_routing_keys: ["org.fedoraproject.prod.openqa.job.done", "org.fedoraproject.prod.pungi.compose.status.change"]
 

- fedora_nightlies_amqp_html_file: /usr/share/openqa/public/nightlies.html
 

  fedora_nightlies_amqp_data_file: /usr/share/openqa/public/nightlies.json
 

- 

+ fedora_nightlies_amqp_html_file: /usr/share/openqa/public/nightlies.html
 

+ fedora_nightlies_amqp_key: /etc/pki/fedora-messaging/openqa-key.pem
 

  # fedora-messaging email error reporting settings
 

  fedora_nightlies_amqp_mailto: ["adamwill@fedoraproject.org"]
 

+ fedora_nightlies_amqp_passive: true
 

+ fedora_nightlies_amqp_queue: "openqa_fedora_nightlies"
 

+ fedora_nightlies_amqp_routing_keys: ["org.fedoraproject.prod.openqa.job.done", "org.fedoraproject.prod.pungi.compose.status.change"]
 

  fedora_nightlies_amqp_smtp: bastion
 

+ # fedora-messaging job scheduler settings
 

+ fedora_nightlies_amqp_url: "amqps://openqa:@rabbitmq.fedoraproject.org/%2Fpubsub"

file modified
+58 -64 
@@ -1,9 +1,66 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ deployment_type: prod
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - github.commit_comment
 

+       - github.create
 

+       - github.delete
 

+       - github.fork
 

+       - github.gollum
 

+       - github.issue.assigned
 

+       - github.issue.closed
 

+       - github.issue.comment
 

+       - github.issue.edited
 

+       - github.issue.labeled
 

+       - github.issue.milestone
 

+       - github.issue.opened
 

+       - github.issue.reopened
 

+       - github.issue.unassigned
 

+       - github.issue.unlabeled
 

+       - github.label
 

+       - github.member
 

+       - github.page_build
 

+       - github.pull_request.assigned
 

+       - github.pull_request.closed
 

+       - github.pull_request.edited
 

+       - github.pull_request.labeled
 

+       - github.pull_request.opened
 

+       - github.pull_request_review
 

+       - github.pull_request_review_comment
 

+       - github.pull_request.review_requested
 

+       - github.pull_request.synchronize
 

+       - github.pull_request.unlabeled
 

+       - github.push
 

+       - github.release
 

+       - github.repository_vulnerability_alert
 

+       - github.star
 

+       - github.status
 

+       - github.team_add
 

+       - github.webhook
 

+     group: apache
 

+     owner: root
 

+     service: github2fedmsg
 

+ ipa_client_shell_groups:
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_host_group: github2fedmsg
 

+ ipa_host_group_desc: Bridge select GitHub repo events into bus messages
 

  lvm_size: 20000
 

  mem_size: 2048
 

  num_cpus: 2
 

- 

+ primary_auth_source: ipa
 

+ tcp_ports: [80]
 

+ # for fedora-messaging
 

+ username: "github2fedmsg{{ env_suffix }}"
 

  # Definining these vars has a number of effects
 

  # 1) mod_wsgi is configured to use the vars for its own setup
 

  # 2) iptables opens enough ports for all threads for fedmsg
 
@@ -11,66 +68,3 @@
 

  wsgi_fedmsg_service: github2fedmsg
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: github2fedmsg
 

- ipa_host_group_desc: Bridge select GitHub repo events into bus messages
 

- ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- 

- # for fedora-messaging
 

- username: "github2fedmsg{{ env_suffix }}"
 

- deployment_type: prod
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: github2fedmsg
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - github.commit_comment
 

-   - github.create
 

-   - github.delete
 

-   - github.fork
 

-   - github.gollum
 

-   - github.issue.assigned
 

-   - github.issue.closed
 

-   - github.issue.comment
 

-   - github.issue.edited
 

-   - github.issue.labeled
 

-   - github.issue.milestone
 

-   - github.issue.opened
 

-   - github.issue.reopened
 

-   - github.issue.unassigned
 

-   - github.issue.unlabeled
 

-   - github.label
 

-   - github.member
 

-   - github.page_build
 

-   - github.pull_request.assigned
 

-   - github.pull_request.closed
 

-   - github.pull_request.edited
 

-   - github.pull_request.labeled
 

-   - github.pull_request.opened
 

-   - github.pull_request_review
 

-   - github.pull_request_review_comment
 

-   - github.pull_request.review_requested
 

-   - github.pull_request.synchronize
 

-   - github.pull_request.unlabeled
 

-   - github.push
 

-   - github.release
 

-   - github.repository_vulnerability_alert
 

-   - github.star
 

-   - github.status
 

-   - github.team_add
 

-   - github.webhook

file modified
+57 -63 
@@ -1,9 +1,65 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ deployment_type: stg
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - github.commit_comment
 

+       - github.create
 

+       - github.delete
 

+       - github.fork
 

+       - github.gollum
 

+       - github.issue.assigned
 

+       - github.issue.closed
 

+       - github.issue.comment
 

+       - github.issue.edited
 

+       - github.issue.labeled
 

+       - github.issue.milestone
 

+       - github.issue.opened
 

+       - github.issue.reopened
 

+       - github.issue.unassigned
 

+       - github.issue.unlabeled
 

+       - github.label
 

+       - github.member
 

+       - github.page_build
 

+       - github.pull_request.assigned
 

+       - github.pull_request.closed
 

+       - github.pull_request.edited
 

+       - github.pull_request.labeled
 

+       - github.pull_request.opened
 

+       - github.pull_request_review
 

+       - github.pull_request_review_comment
 

+       - github.pull_request.review_requested
 

+       - github.pull_request.synchronize
 

+       - github.pull_request.unlabeled
 

+       - github.push
 

+       - github.release
 

+       - github.repository_vulnerability_alert
 

+       - github.star
 

+       - github.status
 

+       - github.team_add
 

+       - github.webhook
 

+     group: apache
 

+     owner: root
 

+     service: github2fedmsg
 

+ ipa_client_shell_groups:
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_host_group: github2fedmsg
 

+ ipa_host_group_desc: Bridge select GitHub repo events into bus messages
 

  lvm_size: 20000
 

  mem_size: 4096
 

  num_cpus: 1
 

- 

+ tcp_ports: [80]
 

+ # for fedora-messaging
 

+ username: "github2fedmsg{{ env_suffix }}"
 

  # Definining these vars has a number of effects
 

  # 1) mod_wsgi is configured to use the vars for its own setup
 

  # 2) iptables opens enough ports for all threads for fedmsg
 
@@ -11,65 +67,3 @@
 

  wsgi_fedmsg_service: github2fedmsg
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- ipa_host_group: github2fedmsg
 

- ipa_host_group_desc: Bridge select GitHub repo events into bus messages
 

- ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- 

- # for fedora-messaging
 

- username: "github2fedmsg{{ env_suffix }}"
 

- deployment_type: stg
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: github2fedmsg
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - github.commit_comment
 

-   - github.create
 

-   - github.delete
 

-   - github.fork
 

-   - github.gollum
 

-   - github.issue.assigned
 

-   - github.issue.closed
 

-   - github.issue.comment
 

-   - github.issue.edited
 

-   - github.issue.labeled
 

-   - github.issue.milestone
 

-   - github.issue.opened
 

-   - github.issue.reopened
 

-   - github.issue.unassigned
 

-   - github.issue.unlabeled
 

-   - github.label
 

-   - github.member
 

-   - github.page_build
 

-   - github.pull_request.assigned
 

-   - github.pull_request.closed
 

-   - github.pull_request.edited
 

-   - github.pull_request.labeled
 

-   - github.pull_request.opened
 

-   - github.pull_request_review
 

-   - github.pull_request_review_comment
 

-   - github.pull_request.review_requested
 

-   - github.pull_request.synchronize
 

-   - github.pull_request.unlabeled
 

-   - github.push
 

-   - github.release
 

-   - github.repository_vulnerability_alert
 

-   - github.star
 

-   - github.status
 

-   - github.team_add
 

-   - github.webhook

file modified
+5 -5 
@@ -1,7 +1,7 @@
 

- freezes: False
 

  csi_purpose: GNOME Infrastructure Backups facility
 

  csi_relationship: |
 

-     Provides rdiff-backup based backups to all the GNOME Infrastructure
 

-     machines and services
 

-     - This machine mainly relies on the Red Hat sponsored NetApp assigned
 

-       to the GNOME Project where all the backups do reside
 

+   Provides rdiff-backup based backups to all the GNOME Infrastructure
 

+   machines and services
 

+   - This machine mainly relies on the Red Hat sponsored NetApp assigned
 

+     to the GNOME Project where all the backups do reside
 

+ freezes: False

file modified
+4 -5 
@@ -2,9 +2,8 @@
 

  # XXX - this is not really a group of real hosts.
 

  # Instead, it represents an application in openshift.
 

  # See playbooks/openshift-apps/greenwave.yml
 

- 

  fedmsg_certs:
 

- - service: greenwave
 

-   can_send:
 

-   - logger.log
 

-   - greenwave.decision.update
 

+   - can_send:
 

+       - logger.log
 

+       - greenwave.decision.update
 

+     service: greenwave

file modified
+5 -7 
@@ -2,11 +2,9 @@
 

  # XXX - this is not really a group of real hosts.
 

  # Instead, it represents an application in openshift.
 

  # See playbooks/openshift-apps/greenwave.yml
 

- 

- fedmsg_env: stg
 

- 

  fedmsg_certs:
 

- - service: greenwave
 

-   can_send:
 

-   - logger.log
 

-   - greenwave.decision.update
 

+   - can_send:
 

+       - logger.log
 

+       - greenwave.decision.update
 

+     service: greenwave
 

+ fedmsg_env: stg

file modified
+15 -23 
@@ -1,29 +1,21 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 30000
 

- mem_size: 8192
 

- num_cpus: 4
 

- 

- tcp_ports: [ 80, 88, 389, 443, 464, 636 ]
 

- udp_ports: [ 88, 464 ]
 

- 

- custom_rules: [
 

-     '-A INPUT -p udp -m udp -s 10.3.0.0/16 --dport 53 -j ACCEPT'
 

- ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: ipa
 

- ipa_host_group_desc: IPA service
 

+ custom_rules: ['-A INPUT -p udp -m udp -s 10.3.0.0/16 --dport 53 -j ACCEPT']
 

+ host_backup_targets: ['/var/lib/ipa/backup', '/var/log/dirsrv/slapd-FEDORAPROJECT-ORG']
 

  ipa_client_shell_groups:
 

- - sysadmin-accounts
 

+   - sysadmin-accounts
 

  ipa_client_sudo_groups:
 

- - sysadmin-accounts
 

- 

- nrpe_procs_warn: 300
 

- nrpe_procs_crit: 500
 

- 

- ipa_initial: false
 

+   - sysadmin-accounts
 

  ipa_dm_password: "{{ ipa_prod_dm_password }}"
 

+ ipa_host_group: ipa
 

+ ipa_host_group_desc: IPA service
 

+ ipa_initial: false
 

  ipa_ldap_socket: ldapi://%2fvar%2frun%2fslapd-FEDORAPROJECT-ORG.socket
 

- 

- host_backup_targets: ['/var/lib/ipa/backup', '/var/log/dirsrv/slapd-FEDORAPROJECT-ORG']
 

+ lvm_size: 30000
 

+ mem_size: 8192
 

+ nrpe_procs_crit: 500
 

+ nrpe_procs_warn: 300
 

+ num_cpus: 4
 

+ primary_auth_source: ipa
 

+ tcp_ports: [80, 88, 389, 443, 464, 636]
 

+ udp_ports: [88, 464]

file modified
+11 -15 
@@ -1,21 +1,17 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 30000
 

- mem_size: 8192
 

- num_cpus: 4
 

- 

- tcp_ports: [ 80, 88, 389, 443, 464, 636 ]
 

- udp_ports: [ 88, 464 ]
 

- 

- ipa_host_group: ipa
 

- ipa_host_group_desc: IPA service
 

  ipa_client_shell_groups:
 

- - sysadmin-accounts
 

+   - sysadmin-accounts
 

  ipa_client_sudo_groups:
 

- - sysadmin-accounts
 

- 

- nrpe_procs_warn: 300
 

- nrpe_procs_crit: 500
 

- 

+   - sysadmin-accounts
 

  ipa_dm_password: "{{ ipa_stg_dm_password }}"
 

+ ipa_host_group: ipa
 

+ ipa_host_group_desc: IPA service
 

  ipa_ldap_socket: ldapi://%2fvar%2frun%2fslapd-STG-FEDORAPROJECT-ORG.socket
 

+ lvm_size: 30000
 

+ mem_size: 8192
 

+ nrpe_procs_crit: 500
 

+ nrpe_procs_warn: 300
 

+ num_cpus: 4
 

+ tcp_ports: [80, 88, 389, 443, 464, 636]
 

+ udp_ports: [88, 464]

file modified
+5 -9 
@@ -1,16 +1,12 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ ipa_host_group: ipsilon
 

+ ipa_host_group_desc: Ipsilon SSO application
 

  lvm_size: 20000
 

  mem_size: 4096
 

  num_cpus: 2
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 443 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- ipa_host_group: ipsilon
 

- ipa_host_group_desc: Ipsilon SSO application
 

+ tcp_ports: [80, 443]

file modified
+5 -9 
@@ -1,16 +1,12 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ ipa_host_group: ipsilon
 

+ ipa_host_group_desc: Ipsilon SSO application
 

  lvm_size: 20000
 

  mem_size: 4096
 

  num_cpus: 2
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- proxy_tcp_ports: [ 80, 443 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- ipa_host_group: ipsilon
 

- ipa_host_group_desc: Ipsilon SSO application
 

+ proxy_tcp_ports: [80, 443]

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 192.168.122.0/24 --dport 2049 -j ACCEPT']
 

  freezes: false
 

- resolvconf: "{{ files }}/resolv.conf/iad2"
 

- 

- ipa_host_group: kernel_qa
 

- ipa_host_group_desc: kernel test machines
 

  ipa_client_shell_groups:
 

- - sysadmin-kernel
 

+   - sysadmin-kernel
 

  ipa_client_sudo_groups:
 

- - sysadmin-kernel
 

- 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 192.168.122.0/24 --dport 2049 -j ACCEPT' ]
 

+   - sysadmin-kernel
 

+ ipa_host_group: kernel_qa
 

+ ipa_host_group_desc: kernel test machines
 

+ resolvconf: "{{ files }}/resolv.conf/iad2"

file modified
+22 -27 
@@ -1,9 +1,30 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - kerneltest.release.edit
 

+       - kerneltest.release.new
 

+       - kerneltest.upload.new
 

+     group: apache
 

+     owner: root
 

+     service: kerneltest
 

+ ipa_client_shell_groups:
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_host_group: kerneltest
 

  lvm_size: 20000
 

  mem_size: 4096
 

  num_cpus: 2
 

- 

+ primary_auth_source: ipa
 

+ tcp_ports: [80]
 

  # Definining these vars has a number of effects
 

  # 1) mod_wsgi is configured to use the vars for its own setup
 

  # 2) iptables opens enough ports for all threads for fedmsg
 
@@ -11,29 +32,3 @@
 

  wsgi_fedmsg_service: kerneltest
 

  wsgi_procs: 2
 

  wsgi_threads: 1
 

- 

- tcp_ports: [ 80 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: kerneltest
 

- ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: kerneltest
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - kerneltest.release.edit
 

-   - kerneltest.release.new
 

-   - kerneltest.upload.new

file modified
+39 -48 
@@ -1,56 +1,47 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 30000
 

- mem_size: 32768
 

- num_cpus: 16
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- tcp_ports: [ 80, 443, 111, 2049,
 

-     # These 8 ports are used by fedmsg.  One for each wsgi thread.
 

-     3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]
 

- 

- udp_ports: [ 111, 2049 ]
 

- 

  custom_rules: [
 

-     # Needed for keepalived
 

-     '-A INPUT -d 224.0.0.0/8 -j ACCEPT',
 

-     '-A INPUT -p vrrp -j ACCEPT',
 

- ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: kojihub
 

- ipa_host_group_desc: Koji Hub hosts
 

- ipa_client_shell_groups:
 

- - sysadmin-releng
 

- ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- 

+   # Needed for keepalived
 

+   '-A INPUT -d 224.0.0.0/8 -j ACCEPT', '-A INPUT -p vrrp -j ACCEPT']
 

+ docker_registry: "candidate-registry.fedoraproject.org"
 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: koji
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - buildsys.build.state.change
 

-   - buildsys.package.list.change
 

-   - buildsys.repo.done
 

-   - buildsys.repo.init
 

-   - buildsys.rpm.sign
 

-   - buildsys.tag
 

-   - buildsys.task.state.change
 

-   - buildsys.untag
 

- 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - buildsys.build.state.change
 

+       - buildsys.package.list.change
 

+       - buildsys.repo.done
 

+       - buildsys.repo.init
 

+       - buildsys.rpm.sign
 

+       - buildsys.tag
 

+       - buildsys.task.state.change
 

+       - buildsys.untag
 

+     group: apache
 

+     owner: root
 

+     service: koji
 

+ ipa_client_shell_groups:
 

+   - sysadmin-releng
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-releng
 

+ ipa_host_group: kojihub
 

+ ipa_host_group_desc: Koji Hub hosts
 

+ koji_hub: "koji.fedoraproject.org/kojihub"
 

+ koji_root: "koji.fedoraproject.org/koji"
 

+ lvm_size: 30000
 

+ mem_size: 32768
 

  nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- virt_install_command: "{{ virt_install_command_two_nic }}"
 

- 

+ num_cpus: 16
 

  osbs_url: "osbs.fedoraproject.org"
 

- docker_registry: "candidate-registry.fedoraproject.org"
 

+ primary_auth_source: ipa
 

  source_registry: "registry.fedoraproject.org"
 

- koji_root: "koji.fedoraproject.org/koji"
 

- koji_hub: "koji.fedoraproject.org/kojihub"
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [80, 443, 111, 2049,
 

+   # These 8 ports are used by fedmsg.  One for each wsgi thread.
 

+   3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]
 

+ udp_ports: [111, 2049]
 

+ virt_install_command: "{{ virt_install_command_two_nic }}"

file modified
+47 -58 
@@ -1,66 +1,55 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 250000
 

- mem_size: 8192
 

- num_cpus: 8
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- tcp_ports: [ 80, 443, 111, 2049,
 

-     # These 8 ports are used by fedmsg.  One for each wsgi thread.
 

-     3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]
 

- 

- udp_ports: [ 111, 2049 ]
 

- 

- ipa_host_group: kojihub
 

- ipa_host_group_desc: Koji Hub hosts
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-osbs
 

- - sysadmin-releng
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-osbs
 

- - sysadmin-releng
 

- 

+ # Add custom iptable rule to allow stage koji to talk to
 

+ # osbs-dev.fedorainfracloud.org (will move to stage osbs later, this is for the
 

+ # sake of testing).
 

+ custom_rules: ['-A OUTPUT -p tcp -m tcp -d 209.132.184.60 --dport 8443 -j ACCEPT']
 

+ docker_registry: "candidate-registry.stg.fedoraproject.org"
 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: koji
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - buildsys.build.state.change
 

-   - buildsys.package.list.change
 

-   - buildsys.repo.done
 

-   - buildsys.repo.init
 

-   - buildsys.rpm.sign
 

-   - buildsys.tag
 

-   - buildsys.task.state.change
 

-   - buildsys.untag
 

- 

- # NOTE -- staging mounts read-only
 

- nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

- 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - buildsys.build.state.change
 

+       - buildsys.package.list.change
 

+       - buildsys.repo.done
 

+       - buildsys.repo.init
 

+       - buildsys.rpm.sign
 

+       - buildsys.tag
 

+       - buildsys.task.state.change
 

+       - buildsys.untag
 

+     group: apache
 

+     owner: root
 

+     service: koji
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-osbs
 

+   - sysadmin-releng
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-osbs
 

+   - sysadmin-releng
 

+ ipa_host_group: kojihub
 

+ ipa_host_group_desc: Koji Hub hosts
 

+ koji_hub: "koji.stg.fedoraproject.org/kojihub"
 

+ koji_root: "koji.stg.fedoraproject.org/koji"
 

  koji_server_url: "https://koji.stg.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

  koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

- 

+ koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

+ lvm_size: 250000
 

+ mem_size: 8192
 

+ # NOTE -- staging mounts read-only
 

+ nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

+ num_cpus: 8
 

  osbs_url: "osbs.stg.fedoraproject.org"
 

  source_registry: "registry.stg.fedoraproject.org"
 

- docker_registry: "candidate-registry.stg.fedoraproject.org"
 

- koji_root: "koji.stg.fedoraproject.org/koji"
 

- koji_hub: "koji.stg.fedoraproject.org/kojihub"
 

- 

- 

- # Add custom iptable rule to allow stage koji to talk to
 

- # osbs-dev.fedorainfracloud.org (will move to stage osbs later, this is for the
 

- # sake of testing).
 

- custom_rules: [
 

-     '-A OUTPUT -p tcp -m tcp -d 209.132.184.60 --dport 8443 -j ACCEPT'
 

- ]
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [80, 443, 111, 2049,
 

+   # These 8 ports are used by fedmsg.  One for each wsgi thread.
 

+   3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]
 

+ udp_ports: [111, 2049]

file modified
+29 -37 
@@ -1,47 +1,39 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 50000
 

- mem_size: 98304
 

- max_mem_size: 98304
 

- num_cpus: 16
 

- 

- custom_rules: [
 

-     # Need for rsync from log01 for logs.
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

-  ]
 

- 

- tcp_ports: [80, 8080]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: kojipkgs
 

- ipa_host_group_desc: Koji Packages hosts
 

- ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-releng
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- 

- varnish_group: kojipkgs
 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

  csi_primary_contact: Fedora admins - admin@fedoraproject.org
 

  csi_purpose: Cache packages from koji for builders and others
 

  csi_relationship: |
 

-     There are a few things running here:
 

- 

-     - apache web server and varnish caching proxy.
 

+   There are a few things running here:
 

  

-     - This host relies on:
 

-       - koji nfs storage
 

-       - proxy01/10 to proxy requests to it.
 

+   - apache web server and varnish caching proxy.
 

  

-     - Things that rely on this host:
 

-       - all koji builders/buildsystem
 

-       - koschei
 

-       - external users downloading packages from koji.
 

+   - This host relies on:
 

+     - koji nfs storage
 

+     - proxy01/10 to proxy requests to it.
 

  

+   - Things that rely on this host:
 

+     - all koji builders/buildsystem
 

+     - koschei
 

+     - external users downloading packages from koji.
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ custom_rules: [
 

+   # Need for rsync from log01 for logs.
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ ipa_client_shell_groups:
 

+   - sysadmin-noc
 

+   - sysadmin-releng
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-releng
 

+ ipa_host_group: kojipkgs
 

+ ipa_host_group_desc: Koji Packages hosts
 

+ lvm_size: 50000
 

+ max_mem_size: 98304
 

+ mem_size: 98304
 

  nagios_Check_Services:
 

    swap: false
 

+ num_cpus: 16
 

+ primary_auth_source: ipa
 

+ tcp_ports: [80, 8080]
 

+ varnish_group: kojipkgs

file modified
+10 -10 
@@ -1,13 +1,13 @@
 

  ---
 

- primary_auth_source: ipa
 

- ipa_host_group: logging
 

- ipa_host_group_desc: Logging hosts
 

  ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-analysis
 

- - sysadmin-logs
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - fi-apprentice
 

+   - sysadmin-analysis
 

+   - sysadmin-logs
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-analysis
 

- - sysadmin-logs
 

+   - sysadmin-analysis
 

+   - sysadmin-logs
 

+ ipa_host_group: logging
 

+ ipa_host_group_desc: Logging hosts
 

+ primary_auth_source: ipa

file modified
+45 -55 
@@ -1,78 +1,68 @@
 

  ---
 

  # common items for the releng-* boxes
 

- lvm_size: 250000
 

- mem_size: 32768
 

- max_mem_size: 32768
 

- num_cpus: 4
 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- tcp_ports: [
 

-     25, 80, 443,
 

-     # For outgoing fedmsg
 

-     3000, 3001, 3002, 3003,
 

- ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: mailman
 

- ipa_host_group_desc: Mailing list services
 

- ipa_client_shell_groups:
 

- - sysadmin-tools
 

- ipa_client_sudo_groups:
 

- - sysadmin-tools
 

- 

  deployment_type: prod
 

- 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: mailman
 

-   owner: mailman
 

-   group: mailman
 

-   can_send:
 

-   - mailman.receive
 

- 

- # Postfix main.cf
 

- postfix_group: mailman
 

- 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - mailman.receive
 

+     group: mailman
 

+     owner: mailman
 

+     service: mailman
 

+ ipa_client_shell_groups:
 

+   - sysadmin-tools
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-tools
 

+ ipa_host_group: mailman
 

+ ipa_host_group_desc: Mailing list services
 

+ lvm_size: 250000
 

  # Used by the mailman role
 

  mailman_db_server: db01.iad2.fedoraproject.org
 

  mailman_domains:
 

- - lists.fedoraproject.org
 

- - lists.fedorahosted.org
 

- - lists.pagure.io
 

+   - lists.fedoraproject.org
 

+   - lists.fedorahosted.org
 

+   - lists.pagure.io
 

  mailman_login:
 

-   gitlab:
 

-     display_name: GitLab
 

-     provider: gitlab
 

+   facebook:
 

+     display_name: Facebook
 

+     provider: facebook
 

    github:
 

      display_name: GitHub
 

      provider: github
 

-   twitter:
 

-     display_name: Twitter
 

-     provider: twitter
 

+   gitlab:
 

+     display_name: GitLab
 

+     provider: gitlab
 

    google:
 

      display_name: Google
 

      provider: google
 

-   facebook:
 

-     display_name: Facebook
 

-     provider: facebook
 

    stackexchange:
 

      display_name: StackExchange
 

      provider: stackexchange
 

- 

+   twitter:
 

+     display_name: Twitter
 

+     provider: twitter
 

+ max_mem_size: 32768
 

+ mem_size: 32768
 

+ nagios_Check_Services:
 

+   nrpe: true
 

+   swap: false
 

+ nrpe_check_postfix_queue_crit: 200
 

  # by default, the number of emails in queue before we whine
 

  nrpe_check_postfix_queue_warn: 100
 

- nrpe_check_postfix_queue_crit: 200
 

- 

+ nrpe_procs_crit: 500
 

  # Number of processes for nagios
 

  nrpe_procs_warn: 300
 

- nrpe_procs_crit: 500
 

+ num_cpus: 4
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

  

- nagios_Check_Services:
 

-   nrpe: true
 

-   swap: false
 

+ # Postfix main.cf
 

+ postfix_group: mailman
 

+ primary_auth_source: ipa
 

+ tcp_ports: [25, 80, 443,
 

+   # For outgoing fedmsg
 

+   3000, 3001, 3002, 3003]

file modified
+40 -48 
@@ -1,68 +1,60 @@
 

  ---
 

  # common items for the releng-* boxes
 

- lvm_size: 250000
 

- mem_size: 4096
 

- num_cpus: 2
 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- tcp_ports: [
 

-     25, 80, 443,
 

-     # For outbound fedmsg
 

-     3000, 3001, 3002, 3003,
 

- ]
 

- 

- ipa_host_group: mailman
 

- ipa_host_group_desc: Mailing list services
 

- ipa_client_shell_groups:
 

- - sysadmin-tools
 

- ipa_client_sudo_groups:
 

- - sysadmin-tools
 

- 

  deployment_type: prod
 

- 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: mailman
 

-   owner: mailman
 

-   group: mailman
 

-   can_send:
 

-   - mailman.receive
 

- 

- # Postfix main.cf
 

- postfix_group: mailman-stg
 

- 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - mailman.receive
 

+     group: mailman
 

+     owner: mailman
 

+     service: mailman
 

+ ipa_client_shell_groups:
 

+   - sysadmin-tools
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-tools
 

+ ipa_host_group: mailman
 

+ ipa_host_group_desc: Mailing list services
 

+ lvm_size: 250000
 

  # Used by the mailman role
 

  mailman_db_server: db01.stg.iad2.fedoraproject.org
 

  mailman_domains:
 

- - lists.stg.fedoraproject.org
 

- - lists.stg.fedorahosted.org
 

- - lists.stg.pagure.io
 

+   - lists.stg.fedoraproject.org
 

+   - lists.stg.fedorahosted.org
 

+   - lists.stg.pagure.io
 

  mailman_login:
 

-   gitlab:
 

-     display_name: GitLab
 

-     provider: gitlab
 

+   facebook:
 

+     display_name: Facebook
 

+     provider: facebook
 

    github:
 

      display_name: GitHub
 

      provider: github
 

-   twitter:
 

-     display_name: Twitter
 

-     provider: twitter
 

+   gitlab:
 

+     display_name: GitLab
 

+     provider: gitlab
 

    google:
 

      display_name: Google
 

      provider: google
 

-   facebook:
 

-     display_name: Facebook
 

-     provider: facebook
 

    stackexchange:
 

      display_name: StackExchange
 

      provider: stackexchange
 

- 

+   twitter:
 

+     display_name: Twitter
 

+     provider: twitter
 

+ mem_size: 4096
 

+ nrpe_check_postfix_queue_crit: 50
 

  # by default, the number of emails in queue before we whine
 

  nrpe_check_postfix_queue_warn: 20
 

- nrpe_check_postfix_queue_crit: 50
 

+ num_cpus: 2
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ 

+ # Postfix main.cf
 

+ postfix_group: mailman-stg
 

+ tcp_ports: [25, 80, 443,
 

+   # For outbound fedmsg
 

+   3000, 3001, 3002, 3003]

file modified
+10 -11 
@@ -1,16 +1,15 @@
 

  ---
 

+ ansible_ifcfg_blocklist: true
 

+ datacenter: aws
 

  freezes: false
 

+ ipa_client_shell_groups:
 

+   - packager
 

+ ipa_client_sudo_nopasswd_groups:
 

+   - sysadmin-main
 

+   - packager
 

+ ipa_host_group: maintainer_test
 

+ ipa_host_group_desc: Test hosts for package maintainers
 

+ primary_auth_source: ipa
 

  sudoers: "{{ private }}/files/sudo/arm-packager-sudoers"
 

  sudoers_main: nopasswd
 

- datacenter: aws
 

- ansible_ifcfg_blocklist: true
 

- 

  vpn: true
 

- primary_auth_source: ipa
 

- ipa_host_group: maintainer_test
 

- ipa_host_group_desc: Test hosts for package maintainers
 

- ipa_client_shell_groups:
 

- - packager
 

- ipa_client_sudo_nopasswd_groups:
 

- - sysadmin-main
 

- - packager

file modified
+9 -9 
@@ -1,12 +1,12 @@
 

  ---
 

- primary_auth_source: ipa
 

- ipa_host_group: mbs
 

- ipa_host_group_desc: Modular Build Service hosts
 

  ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-releng
 

- - sysadmin-mbs
 

- - sysadmin-veteran
 

+   - sysadmin-noc
 

+   - sysadmin-releng
 

+   - sysadmin-mbs
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- - sysadmin-mbs
 

+   - sysadmin-releng
 

+   - sysadmin-mbs
 

+ ipa_host_group: mbs
 

+ ipa_host_group_desc: Modular Build Service hosts
 

+ primary_auth_source: ipa

file modified
+27 -35 
@@ -1,44 +1,36 @@
 

  ---
 

- lvm_size: 20000
 

- mem_size: 16384
 

- num_cpus: 2
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- tcp_ports: [ 3000, 3001, 3002, 3003,
 

-              3004, 3005, 3006, 3007 ]
 

- 

- # These people get told when something goes wrong.
 

- fedmsg_error_recipients:
 

- - ralph@fedoraproject.org
 

- - jkaluza@fedoraproject.org
 

- - fivaldi@fedoraproject.org
 

+ csi_primary_contact: Modularity WG - modularity-wg-members@fedoraproject.org
 

+ csi_purpose: Run the module-build-service fedmsg-hub backend (the scheduler)
 

+ csi_relationship: |
 

+   The fedmsg-hub process running here is responsible for scheduling all rpm
 

+   builds in koji in response to requests submitted to the MBS API on the
 

+   mbs-frontend nodes.
 

  

+   NOTE - this system has a KRB service principal with elevated koji privileges.
 

+ # For the MOTD
 

+ csi_security_category: High
 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: mbs
 

-   owner: root
 

-   group: fedmsg
 

-   can_send:
 

-   - mbs.module.state.change
 

-   - mbs.component.state.change
 

- 

+   - can_send:
 

+       - mbs.module.state.change
 

+       - mbs.component.state.change
 

+     group: fedmsg
 

+     owner: root
 

+     service: mbs
 

+ # These people get told when something goes wrong.
 

+ fedmsg_error_recipients:
 

+   - ralph@fedoraproject.org
 

+   - jkaluza@fedoraproject.org
 

+   - fivaldi@fedoraproject.org
 

  # Wait a little bit longer than usual.. I'm not seeing messages from mbs backend
 

  fedmsg_post_init_sleep: 1.5
 

- 

- # For the MOTD
 

- csi_security_category: High
 

- csi_primary_contact: Modularity WG - modularity-wg-members@fedoraproject.org
 

- csi_purpose: Run the module-build-service fedmsg-hub backend (the scheduler)
 

- csi_relationship: |
 

-     The fedmsg-hub process running here is responsible for scheduling all rpm
 

-     builds in koji in response to requests submitted to the MBS API on the
 

-     mbs-frontend nodes.
 

- 

-     NOTE - this system has a KRB service principal with elevated koji privileges.
 

- 

+ lvm_size: 20000
 

  mbs_broker_url: "amqps://mbs-private-queue{{ env_suffix }}@rabbitmq{{ env_suffix }}.fedoraproject.org//mbs-private-queue"
 

+ mbs_frontend: false
 

  mbs_num_workers: 3
 

  mbs_systemd_wait_for_rabbitmq: true
 

- mbs_frontend: false
 

+ mem_size: 16384
 

+ num_cpus: 2
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]

file modified
+26 -33 
@@ -1,41 +1,34 @@
 

  ---
 

- lvm_size: 20000
 

- mem_size: 4096
 

- num_cpus: 1
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- tcp_ports: [ 3000, 3001, 3002, 3003,
 

-              3004, 3005, 3006, 3007 ]
 

- 

- # These people get told when something goes wrong.
 

- fedmsg_error_recipients:
 

- - ralph@fedoraproject.org
 

- - jkaluza@fedoraproject.org
 

- - fivaldi@fedoraproject.org
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: mbs
 

-   owner: root
 

-   group: fedmsg
 

-   can_send:
 

-   - mbs.module.state.change
 

-   - mbs.component.state.change
 

- 

- # For the MOTD
 

- csi_security_category: High
 

  csi_primary_contact: Modularity WG - modularity-wg-members@fedoraproject.org
 

  csi_purpose: Run the module-build-service fedmsg-hub backend (the scheduler)
 

  csi_relationship: |
 

-     The fedmsg-hub process running here is responsible for scheduling all rpm
 

-     builds in koji in response to requests submitted to the MBS API on the
 

-     mbs-frontend nodes.
 

- 

-     NOTE - this system has a KRB service principal with elevated koji privileges.
 

+   The fedmsg-hub process running here is responsible for scheduling all rpm
 

+   builds in koji in response to requests submitted to the MBS API on the
 

+   mbs-frontend nodes.
 

  

+   NOTE - this system has a KRB service principal with elevated koji privileges.
 

+ # For the MOTD
 

+ csi_security_category: High
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - mbs.module.state.change
 

+       - mbs.component.state.change
 

+     group: fedmsg
 

+     owner: root
 

+     service: mbs
 

+ # These people get told when something goes wrong.
 

+ fedmsg_error_recipients:
 

+   - ralph@fedoraproject.org
 

+   - jkaluza@fedoraproject.org
 

+   - fivaldi@fedoraproject.org
 

+ lvm_size: 20000
 

  mbs_broker_url: "amqps://mbs-private-queue{{ env_suffix }}@rabbitmq{{ env_suffix }}.fedoraproject.org//mbs-private-queue"
 

+ mbs_frontend: false
 

  mbs_num_workers: 3
 

  mbs_systemd_wait_for_rabbitmq: true
 

- mbs_frontend: false
 

+ mem_size: 4096
 

+ num_cpus: 1
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]

file modified
+28 -34 
@@ -1,8 +1,35 @@
 

  ---
 

+ csi_primary_contact: Modularity WG - modularity-wg-members@fedoraproject.org
 

+ csi_purpose: Run the module-build-service frontend API.
 

+ csi_relationship: |
 

+   The apache/mod_wsgi app is the only thing really running here
 

+ 

+   This host relies on db01 for its database of activity (what module builds
 

+   are in flight?)
 

+ 

+   It has no special credentials itself.  When a module build it submitted, it
 

+   makes a note in the DB and publishes a fedmsg message.  The mbs backend
 

+   nodes do all the work of talking to koji.
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - mbs.module.state.change
 

+       # Only the backend sends this message..
 

+       #- mbs.component.state.change
 

+     group: fedmsg
 

+     owner: fedmsg
 

+     service: mbs
 

  lvm_size: 20000
 

+ mbs_broker_url: ""
 

+ mbs_frontend: true
 

+ mbs_num_workers: 3
 

  mem_size: 4096
 

  num_cpus: 2
 

- 

+ tcp_ports: [80]
 

  # Definining these vars has a number of effects
 

  # 1) mod_wsgi is configured to use the vars for its own setup
 

  # 2) iptables opens enough ports for all threads for fedmsg
 
@@ -10,36 +37,3 @@
 

  wsgi_fedmsg_service: mbs
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: mbs
 

-   owner: fedmsg
 

-   group: fedmsg
 

-   can_send:
 

-   - mbs.module.state.change
 

-   # Only the backend sends this message..
 

-   #- mbs.component.state.change
 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

- csi_primary_contact: Modularity WG - modularity-wg-members@fedoraproject.org
 

- csi_purpose: Run the module-build-service frontend API.
 

- csi_relationship: |
 

-     The apache/mod_wsgi app is the only thing really running here
 

- 

-     This host relies on db01 for its database of activity (what module builds
 

-     are in flight?)
 

- 

-     It has no special credentials itself.  When a module build it submitted, it
 

-     makes a note in the DB and publishes a fedmsg message.  The mbs backend
 

-     nodes do all the work of talking to koji.
 

- 

- mbs_broker_url: ""
 

- mbs_num_workers: 3
 

- mbs_frontend: true

file modified
+28 -34 
@@ -1,8 +1,35 @@
 

  ---
 

+ csi_primary_contact: Modularity WG - modularity-wg-members@fedoraproject.org
 

+ csi_purpose: Run the module-build-service frontend API.
 

+ csi_relationship: |
 

+   The apache/mod_wsgi app is the only thing really running here
 

+ 

+   This host relies on db01 for its database of activity (what module builds
 

+   are in flight?)
 

+ 

+   It has no special credentials itself.  When a module build it submitted, it
 

+   makes a note in the DB and publishes a fedmsg message.  The mbs backend
 

+   nodes do all the work of talking to koji.
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - mbs.module.state.change
 

+       # Only the backend sends this message..
 

+       #- mbs.component.state.change
 

+     group: fedmsg
 

+     owner: fedmsg
 

+     service: mbs
 

  lvm_size: 20000
 

+ mbs_broker_url: ""
 

+ mbs_frontend: true
 

+ mbs_num_workers: 3
 

  mem_size: 4096
 

  num_cpus: 1
 

- 

+ tcp_ports: [80]
 

  # Definining these vars has a number of effects
 

  # 1) mod_wsgi is configured to use the vars for its own setup
 

  # 2) iptables opens enough ports for all threads for fedmsg
 
@@ -10,36 +37,3 @@
 

  wsgi_fedmsg_service: mbs
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: mbs
 

-   owner: fedmsg
 

-   group: fedmsg
 

-   can_send:
 

-   - mbs.module.state.change
 

-   # Only the backend sends this message..
 

-   #- mbs.component.state.change
 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

- csi_primary_contact: Modularity WG - modularity-wg-members@fedoraproject.org
 

- csi_purpose: Run the module-build-service frontend API.
 

- csi_relationship: |
 

-     The apache/mod_wsgi app is the only thing really running here
 

- 

-     This host relies on db01 for its database of activity (what module builds
 

-     are in flight?)
 

- 

-     It has no special credentials itself.  When a module build it submitted, it
 

-     makes a note in the DB and publishes a fedmsg message.  The mbs backend
 

-     nodes do all the work of talking to koji.
 

- 

- mbs_broker_url: ""
 

- mbs_num_workers: 3
 

- mbs_frontend: true

file modified
+8 -8 
@@ -1,11 +1,11 @@
 

  ---
 

- ipa_host_group: mbs
 

- ipa_host_group_desc: Modular Build Service hosts
 

  ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-releng
 

- - sysadmin-mbs
 

- - sysadmin-veteran
 

+   - sysadmin-noc
 

+   - sysadmin-releng
 

+   - sysadmin-mbs
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- - sysadmin-mbs
 

+   - sysadmin-releng
 

+   - sysadmin-mbs
 

+ ipa_host_group: mbs
 

+ ipa_host_group_desc: Modular Build Service hosts

file modified
+11 -15 
@@ -1,22 +1,18 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-web
 

+ ipa_host_group: memcached
 

+ ipa_host_group_desc: Distributed Memory Caching service
 

  lvm_size: 10000
 

  mem_size: 8192
 

  num_cpus: 2
 

- 

+ primary_auth_source: ipa
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 11211 ]
 

- 

- 

- primary_auth_source: ipa
 

- ipa_host_group: memcached
 

- ipa_host_group_desc: Distributed Memory Caching service
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- ipa_client_sudo_groups:
 

- - sysadmin-web
 

+ tcp_ports: [11211]

file modified
+10 -13 
@@ -1,20 +1,17 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-web
 

+ ipa_host_group: memcached
 

+ ipa_host_group_desc: Distributed Memory Caching service
 

  lvm_size: 10000
 

  mem_size: 4096
 

  num_cpus: 1
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 11211 ]
 

- 

- ipa_host_group: memcached
 

- ipa_host_group_desc: Distributed Memory Caching service
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- ipa_client_sudo_groups:
 

- - sysadmin-web
 

+ tcp_ports: [11211]

file modified
+10 -11 
@@ -1,16 +1,15 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- primary_auth_source: ipa
 

- ipa_host_group: mirrormanager
 

- ipa_host_group_desc: Mirror Manager
 

+ deployment_type: prod
 

  ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-web
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

  ipa_client_sudo_groups:
 

- - sysadmin-noc
 

- - sysadmin-web
 

- 

- mm2_checkin: false
 

- deployment_type: prod
 

+   - sysadmin-noc
 

+   - sysadmin-web
 

+ ipa_host_group: mirrormanager
 

+ ipa_host_group_desc: Mirror Manager
 

  mirrormanager_db_host: 'db01'
 

+ mm2_checkin: false
 

+ primary_auth_source: ipa

file modified
+15 -17 
@@ -1,22 +1,20 @@
 

  ---
 

- mem_size: 6144
 

- 

- fedmsg_certs:
 

- - service: shell
 

-   alias: mirrormanager
 

-   owner: mirrormanager
 

-   group: sysadmin
 

-   can_send:
 

-   - mirrormanager.netblocks.get
 

-   - logger.log
 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

  csi_primary_contact: Fedora admin - admin@fedoraproject.org
 

  csi_purpose: Run mirrormanager backend cron tasks
 

  csi_relationship: |
 

-     TODO - we should document:
 

+   TODO - we should document:
 

  

-     * what kinds of processes run here
 

-     * what other services they depend on
 

-     * what other services depend on it
 

+   * what kinds of processes run here
 

+   * what other services they depend on
 

+   * what other services depend on it
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ fedmsg_certs:
 

+   - alias: mirrormanager
 

+     can_send:
 

+       - mirrormanager.netblocks.get
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: mirrormanager
 

+     service: shell
 

+ mem_size: 6144

file modified
+13 -15 
@@ -1,20 +1,18 @@
 

  ---
 

- 

- fedmsg_certs:
 

- - service: shell
 

-   owner: mirrormanager
 

-   group: sysadmin
 

-   can_send:
 

-   - mirrormanager.netblocks.get
 

-   - logger.log
 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

  csi_primary_contact: Fedora admin - admin@fedoraproject.org
 

  csi_purpose: Run mirrormanager backend cron tasks
 

  csi_relationship: |
 

-     TODO - we should document:
 

+   TODO - we should document:
 

  

-     * what kinds of processes run here
 

-     * what other services they depend on
 

-     * what other services depend on it
 

+   * what kinds of processes run here
 

+   * what other services they depend on
 

+   * what other services depend on it
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - mirrormanager.netblocks.get
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: mirrormanager
 

+     service: shell

file modified
+15 -18 
@@ -1,24 +1,21 @@
 

  ---
 

- 

- fedmsg_certs:
 

- - service: shell
 

-   owner: mirrormanager
 

-   group: sysadmin
 

-   can_send:
 

-   - mirrormanager.crawler.complete
 

-   - mirrormanager.crawler.start
 

-   - logger.log
 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

  csi_primary_contact: Fedora admin - admin@fedoraproject.org
 

  csi_purpose: Run mirrormanager crawlers
 

  csi_relationship: |
 

-     TODO - we should document:
 

- 

-     * what kinds of processes run here
 

-     * what other services they depend on
 

-     * what other services depend on it
 

+   TODO - we should document:
 

  

+   * what kinds of processes run here
 

+   * what other services they depend on
 

+   * what other services depend on it
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - mirrormanager.crawler.complete
 

+       - mirrormanager.crawler.start
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: mirrormanager
 

+     service: shell
 

  rsyncd_conf: "rsyncd.conf.crawler"
 

- tcp_ports: [ 873 ]
 

+ tcp_ports: [873]

file modified
+14 -16 
@@ -1,21 +1,19 @@
 

  ---
 

- 

- fedmsg_certs:
 

- - service: shell
 

-   owner: mirrormanager
 

-   group: sysadmin
 

-   can_send:
 

-   - mirrormanager.crawler.complete
 

-   - mirrormanager.crawler.start
 

-   - logger.log
 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

  csi_primary_contact: Fedora admin - admin@fedoraproject.org
 

  csi_purpose: Run mirrormanager crawlers
 

  csi_relationship: |
 

-     TODO - we should document:
 

+   TODO - we should document:
 

  

-     * what kinds of processes run here
 

-     * what other services they depend on
 

-     * what other services depend on it
 

+   * what kinds of processes run here
 

+   * what other services they depend on
 

+   * what other services depend on it
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - mirrormanager.crawler.complete
 

+       - mirrormanager.crawler.start
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: mirrormanager
 

+     service: shell

file modified
+20 -25 
@@ -1,30 +1,25 @@
 

  ---
 

- mem_size: 4096
 

- 

- tcp_ports: [ 80,
 

-     # These 2 ports are used by fedmsg.
 

-     # One for each wsgi thread.
 

-     3000, 3001,
 

-     ]
 

- 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: mirrormanager2
 

-   owner: root
 

-   group: apache
 

- 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

  csi_primary_contact: Fedora admin - admin@fedoraproject.org
 

  csi_purpose: Run mirrormanager frontend WSGI app
 

  csi_relationship: |
 

-     TODO - we should document:
 

+   TODO - we should document:
 

  

-     * what kinds of processes run here
 

-     * what other services they depend on
 

-     * what other services depend on it
 

+   * what kinds of processes run here
 

+   * what other services they depend on
 

+   * what other services depend on it
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - group: apache
 

+     owner: root
 

+     service: mirrormanager2
 

+ mem_size: 4096
 

+ tcp_ports: [80,
 

+   # These 2 ports are used by fedmsg.
 

+   # One for each wsgi thread.
 

+   3000, 3001]

file modified
+19 -24 
@@ -1,29 +1,24 @@
 

  ---
 

- 

- tcp_ports: [ 80,
 

-     # These 2 ports are used by fedmsg.
 

-     # One for each wsgi thread.
 

-     3000, 3001,
 

-     ]
 

- 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: mirrormanager2
 

-   owner: root
 

-   group: apache
 

- 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

  csi_primary_contact: Fedora admin - admin@fedoraproject.org
 

  csi_purpose: Run mirrormanager frontend WSGI app
 

  csi_relationship: |
 

-     TODO - we should document:
 

+   TODO - we should document:
 

  

-     * what kinds of processes run here
 

-     * what other services they depend on
 

-     * what other services depend on it
 

+   * what kinds of processes run here
 

+   * what other services they depend on
 

+   * what other services depend on it
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - group: apache
 

+     owner: root
 

+     service: mirrormanager2
 

+ tcp_ports: [80,
 

+   # These 2 ports are used by fedmsg.
 

+   # One for each wsgi thread.
 

+   3000, 3001]

file modified
+9 -10 
@@ -1,15 +1,14 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- ipa_host_group: mirrormanager
 

- ipa_host_group_desc: Mirror Manager
 

+ deployment_type: stg
 

  ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-web
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

  ipa_client_sudo_groups:
 

- - sysadmin-noc
 

- - sysadmin-web
 

- 

- mm2_checkin: false
 

- deployment_type: stg
 

+   - sysadmin-noc
 

+   - sysadmin-web
 

+ ipa_host_group: mirrormanager
 

+ ipa_host_group_desc: Mirror Manager
 

  mirrormanager_db_host: 'db01.stg'
 

+ mm2_checkin: false

file modified
+62 -75 
@@ -1,42 +1,55 @@
 

  ---
 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Monitoring system
 

+ csi_security_category: High
 

  deployment_type: prod
 

- 

- lvm_size: 20000
 

- mem_size: 2048
 

- num_cpus: 2
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 443 ]
 

- 

+ dns_external:
 

+   - ns-iad01.fedoraproject.org
 

+   - ns-iad02.fedoraproject.org
 

+   - ns02.fedoraproject.org
 

+   - ns05.fedoraproject.org
 

+ # When you have a group which comes up with empty members in all.cfg, it
 

+ # is because it contains all hosts which aren't pinganble. You may want
 

+ # to add that group to this list. Other items on this list are ones
 

+ # where it is an enormous group not needed.
 

+ # Exclude these ansible host groups in hostgroups/all.cfg
 

+ exclude_iad2_hostgroups:
 

+   - centos_ipa_client_stg
 

+   - zabbix_stg
 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: nagios
 

-   owner: root
 

-   group: nagios
 

-   can_send:
 

-   - nagios.host.state.change
 

-   - nagios.service.state.change
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: nagios
 

- ipa_host_group_desc: Nagios Monitoring
 

- ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-noc
 

- 

- csi_security_category: High
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Monitoring system
 

- 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - nagios.host.state.change
 

+       - nagios.service.state.change
 

+     group: nagios
 

+     owner: root
 

+     service: nagios
 

+ #iad2_management_slowping:
 

+ #  - ppc8-01-fsp.mgmt.fedoraproject.org
 

+ #  - ppc8-02-fsp.mgmt.fedoraproject.org
 

+ #  - ppc8-03-fsp.mgmt.fedoraproject.org
 

+ iad2_external:
 

+   - bastion01.fedoraproject.org
 

+   - bastion02.fedoraproject.org
 

+   - dl-iad01.fedoraproject.org
 

+   - dl-iad02.fedoraproject.org
 

+   - dl-iad03.fedoraproject.org
 

+   - dl-iad04.fedoraproject.org
 

+   - dl-iad05.fedoraproject.org
 

+   - infrastructure.fedoraproject.org
 

+   - koji.fedoraproject.org
 

+   - kojipkgs.fedoraproject.org
 

+   - ns-iad01.fedoraproject.org
 

+   - ns-iad02.fedoraproject.org
 

+   - pkgs.fedoraproject.org
 

+   - proxy01.fedoraproject.org
 

+   - proxy10.fedoraproject.org
 

+   - secondary01.fedoraproject.org
 

  #
 

  # This is a list of hosts which are in the IAD2 160 mgmt network
 

  # we do not have them in ansible because it tries to connect
 
@@ -81,7 +94,6 @@
 

    - vmhost-x86-05.mgmt.iad2.fedoraproject.org
 

    - vmhost-x86-06.mgmt.iad2.fedoraproject.org
 

    - vmhost-x86-07.mgmt.iad2.fedoraproject.org
 

- 

  #
 

  # These are management interfaces we only want
 

  # to test ping against. No http/https
 
@@ -89,42 +101,17 @@
 

  iad2_management_limited:
 

    - opengear01.mgmt.iad2.fedoraproject.org
 

    - sign-vault01.mgmt.iad2.fedoraproject.org
 

- 

- #iad2_management_slowping:
 

- #  - ppc8-01-fsp.mgmt.fedoraproject.org
 

- #  - ppc8-02-fsp.mgmt.fedoraproject.org
 

- #  - ppc8-03-fsp.mgmt.fedoraproject.org
 

- 

- iad2_external:
 

-   - bastion01.fedoraproject.org
 

-   - bastion02.fedoraproject.org
 

-   - dl-iad01.fedoraproject.org
 

-   - dl-iad02.fedoraproject.org
 

-   - dl-iad03.fedoraproject.org
 

-   - dl-iad04.fedoraproject.org
 

-   - dl-iad05.fedoraproject.org
 

-   - infrastructure.fedoraproject.org
 

-   - koji.fedoraproject.org
 

-   - kojipkgs.fedoraproject.org
 

-   - ns-iad01.fedoraproject.org
 

-   - ns-iad02.fedoraproject.org
 

-   - pkgs.fedoraproject.org
 

-   - proxy01.fedoraproject.org
 

-   - proxy10.fedoraproject.org
 

-   - secondary01.fedoraproject.org
 

- 

- dns_external:
 

-   - ns-iad01.fedoraproject.org
 

-   - ns-iad02.fedoraproject.org
 

-   - ns02.fedoraproject.org
 

-   - ns05.fedoraproject.org
 

- 

- 

- # When you have a group which comes up with empty members in all.cfg, it
 

- # is because it contains all hosts which aren't pinganble. You may want
 

- # to add that group to this list. Other items on this list are ones
 

- # where it is an enormous group not needed.
 

- # Exclude these ansible host groups in hostgroups/all.cfg
 

- exclude_iad2_hostgroups:
 

-   - centos_ipa_client_stg
 

-   - zabbix_stg
 

+ ipa_client_shell_groups:
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-noc
 

+ ipa_host_group: nagios
 

+ ipa_host_group_desc: Nagios Monitoring
 

+ lvm_size: 20000
 

+ mem_size: 2048
 

+ num_cpus: 2
 

+ primary_auth_source: ipa
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [80, 443]

file modified
+7 -7 
@@ -1,10 +1,10 @@
 

  ---
 

- primary_auth_source: ipa
 

- ipa_host_group: notifs
 

- ipa_host_group_desc: Fedora Notifications
 

  ipa_client_shell_groups:
 

- - sysadmin-datanommer
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - sysadmin-datanommer
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-datanommer
 

+   - sysadmin-datanommer
 

+ ipa_host_group: notifs
 

+ ipa_host_group_desc: Fedora Notifications
 

+ primary_auth_source: ipa

file modified
+26 -30 
@@ -1,37 +1,33 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ deployment_type: prod
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - # The shell cert needs to be allowed to send these too so it can do alembic
 

+     # upgrades that trigger messages.
 

+     can_send:
 

+       - fmn.filter.update
 

+       - fmn.preference.update
 

+       - fmn.rule.update
 

+       - fmn.confirmation.update
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - fmn.filter.update
 

+       - fmn.preference.update
 

+       - fmn.rule.update
 

+       - fmn.confirmation.update
 

+     group: fedmsg
 

+     owner: root
 

+     service: fmn
 

+ # For performance measurement.. for now.  This can be removed whenever.
 

+ fedmsg_loglevel: DEBUG
 

  lvm_size: 65536
 

- mem_size: 24576
 

  max_mem_size: "{{ mem_size }}"
 

+ mem_size: 24576
 

  num_cpus: 8
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 3000, 3001, 3002, 3003, 3004, 3005 ]
 

- 

- # For performance measurement.. for now.  This can be removed whenever.
 

- fedmsg_loglevel: DEBUG
 

- deployment_type: prod
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   # The shell cert needs to be allowed to send these too so it can do alembic
 

-   # upgrades that trigger messages.
 

-   can_send:
 

-   - fmn.filter.update
 

-   - fmn.preference.update
 

-   - fmn.rule.update
 

-   - fmn.confirmation.update
 

-   - logger.log
 

- - service: fmn
 

-   owner: root
 

-   group: fedmsg
 

-   can_send:
 

-   - fmn.filter.update
 

-   - fmn.preference.update
 

-   - fmn.rule.update
 

-   - fmn.confirmation.update
 

+ tcp_ports: [3000, 3001, 3002, 3003, 3004, 3005]

file modified
+24 -27 
@@ -1,34 +1,31 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ deployment_type: stg
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - # The shell cert needs to be allowed to send these too so it can do alembic
 

+     # upgrades that trigger messages.
 

+     can_send:
 

+       - fmn.filter.update
 

+       - fmn.preference.update
 

+       - fmn.rule.update
 

+       - fmn.confirmation.update
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - fmn.filter.update
 

+       - fmn.preference.update
 

+       - fmn.rule.update
 

+       - fmn.confirmation.update
 

+     group: fedmsg
 

+     owner: root
 

+     service: fmn
 

  lvm_size: 20000
 

- mem_size: 16384
 

  max_mem_size: "{{ mem_size }}"
 

+ mem_size: 16384
 

  num_cpus: 4
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 3000, 3001, 3002, 3003, 3004 ]
 

- 

- deployment_type: stg
 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   # The shell cert needs to be allowed to send these too so it can do alembic
 

-   # upgrades that trigger messages.
 

-   can_send:
 

-   - fmn.filter.update
 

-   - fmn.preference.update
 

-   - fmn.rule.update
 

-   - fmn.confirmation.update
 

-   - logger.log
 

- - service: fmn
 

-   owner: root
 

-   group: fedmsg
 

-   can_send:
 

-   - fmn.filter.update
 

-   - fmn.preference.update
 

-   - fmn.rule.update
 

-   - fmn.confirmation.update
 

+ tcp_ports: [3000, 3001, 3002, 3003, 3004]

file modified
+8 -8 
@@ -1,11 +1,11 @@
 

  ---
 

- ipa_host_group: notifs
 

- ipa_host_group_desc: Fedora Notifications
 

  ipa_client_shell_groups:
 

- - sysadmin-datanommer
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - sysadmin-datanommer
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-datanommer
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - sysadmin-datanommer
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_host_group: notifs
 

+ ipa_host_group_desc: Fedora Notifications

file modified
+17 -22 
@@ -1,32 +1,27 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ deployment_type: prod
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - fmn.filter.update
 

+       - fmn.preference.update
 

+       - fmn.rule.update
 

+       - fmn.confirmation.update
 

+     group: apache
 

+     owner: root
 

+     service: fmn
 

  lvm_size: 20000
 

  mem_size: 1024
 

  num_cpus: 2
 

- 

+ tcp_ports: [80]
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

  wsgi_fedmsg_service: fmn
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]
 

- 

- deployment_type: prod
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: fmn
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - fmn.filter.update
 

-   - fmn.preference.update
 

-   - fmn.rule.update
 

-   - fmn.confirmation.update

file modified
+17 -22 
@@ -1,32 +1,27 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ deployment_type: stg
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - fmn.filter.update
 

+       - fmn.preference.update
 

+       - fmn.rule.update
 

+       - fmn.confirmation.update
 

+     group: apache
 

+     owner: root
 

+     service: fmn
 

  lvm_size: 20000
 

  mem_size: 1024
 

  num_cpus: 2
 

- 

+ tcp_ports: [80]
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

  wsgi_fedmsg_service: fmn
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]
 

- 

- deployment_type: stg
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: fmn
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - fmn.filter.update
 

-   - fmn.preference.update
 

-   - fmn.rule.update
 

-   - fmn.confirmation.update

file modified
+7 -7 
@@ -1,10 +1,10 @@
 

  ---
 

- primary_auth_source: ipa
 

- ipa_host_group: nuancier
 

- ipa_host_group_desc: Supplementary Wallpaper Voting
 

  ipa_client_shell_groups:
 

- - sysadmin-datanommer
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - sysadmin-datanommer
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-datanommer
 

+   - sysadmin-datanommer
 

+ ipa_host_group: nuancier
 

+ ipa_host_group_desc: Supplementary Wallpaper Voting
 

+ primary_auth_source: ipa

file modified
+6 -6 
@@ -1,9 +1,9 @@
 

  ---
 

- ipa_host_group: nuancier
 

- ipa_host_group_desc: Supplementary Wallpaper Voting
 

  ipa_client_shell_groups:
 

- - sysadmin-datanommer
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - sysadmin-datanommer
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-datanommer
 

+   - sysadmin-datanommer
 

+ ipa_host_group: nuancier
 

+ ipa_host_group_desc: Supplementary Wallpaper Voting

file modified
+6 -9 
@@ -1,13 +1,10 @@
 

  ---
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: oci-registry
 

- ipa_host_group_desc: OCI Registry service
 

  ipa_client_shell_groups:
 

- - sysadmin-releng
 

+   - sysadmin-releng
 

  ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- 

- tcp_ports: [ 5000 ]
 

- 

+   - sysadmin-releng
 

+ ipa_host_group: oci-registry
 

+ ipa_host_group_desc: OCI Registry service
 

  nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

+ primary_auth_source: ipa
 

+ tcp_ports: [5000]

file modified
+5 -8 
@@ -1,12 +1,9 @@
 

  ---
 

- ipa_host_group: oci-registry
 

- ipa_host_group_desc: OCI Registry service
 

  ipa_client_shell_groups:
 

- - sysadmin-releng
 

+   - sysadmin-releng
 

  ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- 

- tcp_ports: [ 5000 ]
 

- 

+   - sysadmin-releng
 

+ ipa_host_group: oci-registry
 

+ ipa_host_group_desc: OCI Registry service
 

  nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

+ tcp_ports: [5000]

file modified
+5 -5 
@@ -1,8 +1,8 @@
 

  ---
 

- rhcos_version: 4.8.2
 

- ocp4: true
 

- vpn: false
 

  nagios_Check_Services:
 

-   swap: false
 

-   nrpe: false
 

    mail: false
 

+   nrpe: false
 

+   swap: false
 

+ ocp4: true
 

+ rhcos_version: 4.8.2
 

+ vpn: false

file modified
+5 -5 
@@ -1,8 +1,8 @@
 

  ---
 

- rhcos_version: 4.8.2
 

- ocp4: true
 

- vpn: false
 

  nagios_Check_Services:
 

-   swap: false
 

-   nrpe: false
 

    mail: false
 

+   nrpe: false
 

+   swap: false
 

+ ocp4: true
 

+ rhcos_version: 4.8.2
 

+ vpn: false

file modified
+55 -60 
@@ -1,71 +1,66 @@
 

- primary_auth_source: ipa
 

- ipa_host_group: odcs
 

- ipa_host_group_desc: On Demand Compose Service
 

  ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-odcs
 

- - sysadmin-releng
 

- - sysadmin-veteran
 

+   - sysadmin-noc
 

+   - sysadmin-odcs
 

+   - sysadmin-releng
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-odcs
 

- - sysadmin-releng
 

- 

- # Configs executed on releng backends must have "releng_" prefix.
 

- odcs_raw_config_urls:
 

-   releng_fmc:
 

-     url: https://pagure.io/releng/fmc.git
 

-     config_filename: fedora-minimal-compose.conf
 

-   releng_jkaluza_test_config:
 

-     url: https://pagure.io/jkaluza-test-compose.git
 

-     config_filename: test.conf
 

-   eln:
 

-     url: https://pagure.io/pungi-fedora.git
 

-     config_filename: eln.conf
 

-   eln_jwboyer:
 

-     url: https://pagure.io/forks/jwboyer/pungi-fedora.git
 

-     config_filename: eln.conf
 

-   cccc:
 

-     url: https://pagure.io/fedora-ci/cccc-merged-configs.git
 

-     config_filename: cccc.conf
 

-   releng_compose_ci:
 

-     url: https://pagure.io/fedora-ci/compose-ci-pipeline.git
 

-     config_filename: compose_ci.conf
 

-     raw_config_wrapper: /etc/odcs/custom_compose_raw_config_wrapper.conf
 

- 

+   - sysadmin-odcs
 

+   - sysadmin-releng
 

+ ipa_host_group: odcs
 

+ ipa_host_group_desc: On Demand Compose Service
 

+ odcs_allowed_clients_groups:
 

+   eln-sig: {"raw_config_keys": ["eln", "cccc", "eln_jwboyer"], "source_types": ["tag", "module", "build", "raw_config"]}
 

+   packager: {"source_types": ["module"]}
 

+   pungi-devel: {}
 

+   sysadmin-odcs: {}
 

+ odcs_allowed_clients_users:
 

+   humaton: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

+   jkaluza: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

+   mohanboddu: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

+   # This is token used by CCCC service running on https://jenkins-fedora-infra.apps.ci.centos.org/job/cccc.
 

+   odcs@service: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

+   osbs@service: {}
 

+   releng-odcs@service: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

  # Default queues for general ODCS backends.
 

  odcs_celery_queues:
 

- - pungi_composes
 

- - cleanup
 

- 

+   - pungi_composes
 

+   - cleanup
 

  odcs_celery_router_config:
 

+   cleanup_task: odcs.server.celery_tasks.run_cleanup
 

+   default_queue: pungi_composes
 

    routing_rules:
 

      odcs.server.celery_tasks.generate_pungi_compose:
 

-       releng_raw_pungi_composes:
 

-         source_type: 5  # "raw_config"
 

-         source: "releng_.*"
 

-       eln_raw_pungi_composes:
 

-         source_type: 5  # "raw_config"
 

-         source: "eln.*"
 

        cccc_raw_pungi_composes:
 

-         source_type: 5  # "raw_config"
 

          source: "cccc.*"
 

+         source_type: 5 # "raw_config"
 

+       eln_raw_pungi_composes:
 

+         source: "eln.*"
 

+         source_type: 5 # "raw_config"
 

        releng_pungi_composes:
 

-         source_type: [1, 2, 6, 7]  # "tag", "module", "build", "pungi_compose"
 

          owner: ["mohanboddu", "humaton"]
 

-   cleanup_task: odcs.server.celery_tasks.run_cleanup
 

-   default_queue: pungi_composes
 

- 

- odcs_allowed_clients_users:
 

-   humaton: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

-   mohanboddu: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

-   jkaluza: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

-   releng-odcs@service: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

-   osbs@service: {}
 

-   # This is token used by CCCC service running on https://jenkins-fedora-infra.apps.ci.centos.org/job/cccc.
 

-   odcs@service: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

- odcs_allowed_clients_groups:
 

-   sysadmin-odcs: {}
 

-   pungi-devel: {}
 

-   packager: {"source_types": ["module"]}
 

-   eln-sig: {"source_types": ["tag", "module", "build", "raw_config"], "raw_config_keys": ["eln", "cccc", "eln_jwboyer"]}
 

- 

+         source_type: [1, 2, 6, 7] # "tag", "module", "build", "pungi_compose"
 

+       releng_raw_pungi_composes:
 

+         source: "releng_.*"
 

+         source_type: 5 # "raw_config"
 

+ # Configs executed on releng backends must have "releng_" prefix.
 

+ odcs_raw_config_urls:
 

+   cccc:
 

+     config_filename: cccc.conf
 

+     url: https://pagure.io/fedora-ci/cccc-merged-configs.git
 

+   eln:
 

+     config_filename: eln.conf
 

+     url: https://pagure.io/pungi-fedora.git
 

+   eln_jwboyer:
 

+     config_filename: eln.conf
 

+     url: https://pagure.io/forks/jwboyer/pungi-fedora.git
 

+   releng_compose_ci:
 

+     config_filename: compose_ci.conf
 

+     raw_config_wrapper: /etc/odcs/custom_compose_raw_config_wrapper.conf
 

+     url: https://pagure.io/fedora-ci/compose-ci-pipeline.git
 

+   releng_fmc:
 

+     config_filename: fedora-minimal-compose.conf
 

+     url: https://pagure.io/releng/fmc.git
 

+   releng_jkaluza_test_config:
 

+     config_filename: test.conf
 

+     url: https://pagure.io/jkaluza-test-compose.git
 

+ primary_auth_source: ipa

file modified
+37 -51 
@@ -1,60 +1,46 @@
 

  ---
 

- lvm_size: 200000
 

- mem_size: 4096
 

- num_cpus: 2
 

- 

- freezes: true
 

- 

- tcp_ports: [
 

-     3000, 3001, 3002, 3003,
 

-     3004, 3005, 3006, 3007,
 

-     # These ports all required for gluster
 

-     111, 24007, 24008, 24009, 24010, 24011,
 

-     49152, 49153, 49154, 49155,
 

- ]
 

- # Also for gluster.
 

- udp_ports: [ 111 ]
 

- 

- # These people get told when something goes wrong.
 

- fedmsg_error_recipients:
 

- - ralph@fedoraproject.org
 

- - jkaluza@fedoraproject.org
 

- - cqi@fedoraproject.org
 

- - qwan@fedoraproject.org
 

- 

- # NOTE -- read-only mount of /mnt/fedora_koji here.
 

- nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- fedmsg_hub_auto_restart: False
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: odcs
 

-   owner: odcs
 

-   group: fedmsg
 

-   can_send:
 

-   - odcs.compose.state-changed
 

- 

- odcs_target_dir_url: https://odcs.fedoraproject.org/composes
 

- 

- # For the MOTD
 

- csi_security_category: Low
 

  csi_primary_contact: Factory 2 factory2-members@fedoraproject.org
 

  csi_purpose: Run the on-demand-compose-service backend scheduler.
 

  csi_relationship: |
 

-     There is an odcs backend process running here.
 

- 

-     The process is called `odcs-backend`.
 

+   There is an odcs backend process running here.
 

  

-     This host:
 

+   The process is called `odcs-backend`.
 

  

-     - relies on db01 for its database of activity (what composes have been
 

-       requested and what state are they in?)
 

-     - Uses pungi to compose repos of content.
 

-     - It also *provides* an nfs share used by odcs-frontend01.
 

+   This host:
 

  

+   - relies on db01 for its database of activity (what composes have been
 

+     requested and what state are they in?)
 

+   - Uses pungi to compose repos of content.
 

+   - It also *provides* an nfs share used by odcs-frontend01.
 

+ # For the MOTD
 

+ csi_security_category: Low
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - odcs.compose.state-changed
 

+     group: fedmsg
 

+     owner: odcs
 

+     service: odcs
 

+ # These people get told when something goes wrong.
 

+ fedmsg_error_recipients:
 

+   - ralph@fedoraproject.org
 

+   - jkaluza@fedoraproject.org
 

+   - cqi@fedoraproject.org
 

+   - qwan@fedoraproject.org
 

+ fedmsg_hub_auto_restart: False
 

+ freezes: true
 

+ lvm_size: 200000
 

+ mem_size: 4096
 

  nagios_Check_Services:
 

    odcs-celery-backend: true
 

+ # NOTE -- read-only mount of /mnt/fedora_koji here.
 

+ nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

+ num_cpus: 2
 

+ odcs_target_dir_url: https://odcs.fedoraproject.org/composes
 

+ tcp_ports: [3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
 

+   # These ports all required for gluster
 

+   111, 24007, 24008, 24009, 24010, 24011, 49152, 49153, 49154, 49155]
 

+ # Also for gluster.
 

+ udp_ports: [111]

file modified
+1 -2 
@@ -1,6 +1,5 @@
 

- odcs_celery_queues: ["releng_raw_pungi_composes", "releng_pungi_composes", "cleanup", "eln_raw_pungi_composes", "cccc_raw_pungi_composes"]
 

- 

  fmc_queue_name: "fmc{{ env_suffix }}_composer"
 

  # Define the topics that our fedora-messaging queue should be subscribed to.
 

  fmc_routing_keys:
 

    - "org.fedoraproject.prod.buildsys.rpm.sign"
 

+ odcs_celery_queues: ["releng_raw_pungi_composes", "releng_pungi_composes", "cleanup", "eln_raw_pungi_composes", "cccc_raw_pungi_composes"]

file modified
+33 -49 
@@ -1,60 +1,44 @@
 

  ---
 

- lvm_size: 40000
 

- mem_size: 2048
 

- num_cpus: 2
 

+ csi_primary_contact: Factory 2 factory2-members@fedoraproject.org
 

+ csi_purpose: Run the on-demand-compose-service backend scheduler.
 

+ csi_relationship: |
 

+   There is an odcs backend process running here.
 

  

- # Set this to True for the F28 release and onwards.
 

- freezes: false
 

+   The process is called `odcs-backend`.
 

  

- tcp_ports: [
 

-     3000, 3001, 3002, 3003,
 

-     3004, 3005, 3006, 3007,
 

-     # These ports all required for gluster
 

-     111, 24007, 24008, 24009, 24010, 24011,
 

-     49152, 49153, 49154, 49155,
 

- ]
 

- # Also for gluster.
 

- udp_ports: [ 111 ]
 

+   This host:
 

  

+   - relies on db01 for its database of activity (what composes have been
 

+     requested and what state are they in?)
 

+   - Uses pungi to compose repos of content.
 

+   - It also *provides* an nfs share used by odcs-frontend01.
 

+ # For the MOTD
 

+ csi_security_category: Low
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ datacenter: iad2
 

  # These people get told when something goes wrong.
 

  fedmsg_error_recipients:
 

- - ralph@fedoraproject.org
 

- - jkaluza@fedoraproject.org
 

- - cqi@fedoraproject.org
 

- - qwan@fedoraproject.org
 

- 

- datacenter: iad2
 

- 

+   - ralph@fedoraproject.org
 

+   - jkaluza@fedoraproject.org
 

+   - cqi@fedoraproject.org
 

+   - qwan@fedoraproject.org
 

+ fedmsg_hub_auto_restart: False
 

+ # Set this to True for the F28 release and onwards.
 

+ freezes: false
 

+ lvm_size: 40000
 

+ mem_size: 2048
 

+ nagios_Check_Services:
 

+   odcs-celery-backend: true
 

  # NOTE -- read-only mount of /mnt/fedora_koji here.
 

  nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- fedmsg_hub_auto_restart: False
 

- 

+ num_cpus: 2
 

  odcs_allowed_source_types: ["tag", "module"]
 

- 

- odcs_target_dir_url: https://odcs.stg.fedoraproject.org/composes
 

- 

  # Handle all Celery queues on single staging backend.
 

  odcs_celery_queues: ["releng_raw_pungi_composes", "releng_pungi_composes", "cleanup", "eln_raw_pungi_composes", "pungi_composes", "cccc_raw_pungi_composes"]
 

- 

- # For the MOTD
 

- csi_security_category: Low
 

- csi_primary_contact: Factory 2 factory2-members@fedoraproject.org
 

- csi_purpose: Run the on-demand-compose-service backend scheduler.
 

- csi_relationship: |
 

-     There is an odcs backend process running here.
 

- 

-     The process is called `odcs-backend`.
 

- 

-     This host:
 

- 

-     - relies on db01 for its database of activity (what composes have been
 

-       requested and what state are they in?)
 

-     - Uses pungi to compose repos of content.
 

-     - It also *provides* an nfs share used by odcs-frontend01.
 

- 

- nagios_Check_Services:
 

-   odcs-celery-backend: true
 

+ odcs_target_dir_url: https://odcs.stg.fedoraproject.org/composes
 

+ tcp_ports: [3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
 

+   # These ports all required for gluster
 

+   111, 24007, 24008, 24009, 24010, 24011, 49152, 49153, 49154, 49155]
 

+ # Also for gluster.
 

+ udp_ports: [111]

file modified
+30 -44 
@@ -1,52 +1,38 @@
 

  ---
 

- lvm_size: 30000
 

- mem_size: 2048
 

- num_cpus: 2
 

- 

- freezes: true
 

- 

- # There vars are used to configure mod_wsgi
 

- wsgi_procs: 2
 

- wsgi_threads: 2
 

+ csi_primary_contact: Factory 2 factory2-members@fedoraproject.org
 

+ csi_purpose: Run the on-demand-compose-service frontend API.
 

+ csi_relationship: |
 

+   The apache/mod_wsgi app is the only thing really running here
 

  

- tcp_ports: [
 

-     80,
 

-     # These ports all required for gluster
 

-     111, 24007, 24008, 24009, 24010, 24011,
 

-     49152, 49153, 49154, 49155,
 

- ]
 

- # Also for gluster.
 

- udp_ports: [ 111 ]
 

+   This host:
 

  

+   - relies on db01 for its database of activity (what composes have been
 

+     requested and what state are they in?)
 

+   - It also mounts an nfs shared provided by odcs-backend01.
 

+   - It provides http access to the compose contents on that nfs share.
 

+ # For the MOTD
 

+ csi_security_category: Low
 

  # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: odcs
 

-   owner: apache
 

-   group: apache
 

-   can_send:
 

-   - odcs.compose.state-changed
 

- 

- 

+   - can_send:
 

+       - odcs.compose.state-changed
 

+     group: apache
 

+     owner: apache
 

+     service: odcs
 

+ freezes: true
 

+ lvm_size: 30000
 

+ mem_size: 2048
 

+ nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

+ num_cpus: 2
 

  odcs_target_dir_url: https://odcs.fedoraproject.org/composes
 

- 

+ tcp_ports: [80,
 

+   # These ports all required for gluster
 

+   111, 24007, 24008, 24009, 24010, 24011, 49152, 49153, 49154, 49155]
 

+ # Also for gluster.
 

+ udp_ports: [111]
 

  virt_install_command: "{{ virt_install_command_two_nic }}"
 

- 

- nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

- 

- # For the MOTD
 

- csi_security_category: Low
 

- csi_primary_contact: Factory 2 factory2-members@fedoraproject.org
 

- csi_purpose: Run the on-demand-compose-service frontend API.
 

- csi_relationship: |
 

-     The apache/mod_wsgi app is the only thing really running here
 

- 

-     This host:
 

- 

-     - relies on db01 for its database of activity (what composes have been
 

-       requested and what state are they in?)
 

-     - It also mounts an nfs shared provided by odcs-backend01.
 

-     - It provides http access to the compose contents on that nfs share.
 

- 

+ # There vars are used to configure mod_wsgi
 

+ wsgi_procs: 2
 

+ wsgi_threads: 2

file modified
+25 -38 
@@ -1,45 +1,32 @@
 

  ---
 

- lvm_size: 20000
 

- mem_size: 2048
 

- num_cpus: 2
 

+ csi_primary_contact: Factory 2 factory2-members@fedoraproject.org
 

+ csi_purpose: Run the on-demand-compose-service frontend API.
 

+ csi_relationship: |
 

+   The apache/mod_wsgi app is the only thing really running here
 

+ 

+   This host:
 

  

+   - relies on db01 for its database of activity (what composes have been
 

+     requested and what state are they in?)
 

+   - It also mounts an nfs shared provided by odcs-backend01.
 

+   - It provides http access to the compose contents on that nfs share.
 

+ # For the MOTD
 

+ csi_security_category: Low
 

+ # Neeed for rsync from log01 for logs.
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

  # Set this to True for the F28 release and onwards.
 

  freezes: false
 

- 

+ lvm_size: 20000
 

+ mem_size: 2048
 

+ nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

+ num_cpus: 2
 

+ odcs_allowed_source_types: ["tag", "module"]
 

+ odcs_target_dir_url: https://odcs.stg.fedoraproject.org/composes
 

+ tcp_ports: [80,
 

+   # These ports all required for gluster
 

+   111, 24007, 24008, 24009, 24010, 24011, 49152, 49153, 49154, 49155]
 

+ # Also for gluster.
 

+ udp_ports: [111]
 

  # There vars are used to configure mod_wsgi
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [
 

-     80,
 

-     # These ports all required for gluster
 

-     111, 24007, 24008, 24009, 24010, 24011,
 

-     49152, 49153, 49154, 49155,
 

- ]
 

- # Also for gluster.
 

- udp_ports: [ 111 ]
 

- 

- # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- odcs_allowed_source_types: ["tag", "module"]
 

- 

- odcs_target_dir_url: https://odcs.stg.fedoraproject.org/composes
 

- 

- nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

- 

- 

- # For the MOTD
 

- csi_security_category: Low
 

- csi_primary_contact: Factory 2 factory2-members@fedoraproject.org
 

- csi_purpose: Run the on-demand-compose-service frontend API.
 

- csi_relationship: |
 

-     The apache/mod_wsgi app is the only thing really running here
 

- 

-     This host:
 

- 

-     - relies on db01 for its database of activity (what composes have been
 

-       requested and what state are they in?)
 

-     - It also mounts an nfs shared provided by odcs-backend01.
 

-     - It provides http access to the compose contents on that nfs share.
 

-

file modified
+44 -49 
@@ -1,60 +1,55 @@
 

- ipa_host_group: odcs
 

- ipa_host_group_desc: On Demand Compose Service
 

  ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-odcs
 

- - sysadmin-releng
 

- - sysadmin-veteran
 

+   - sysadmin-noc
 

+   - sysadmin-odcs
 

+   - sysadmin-releng
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-odcs
 

- - sysadmin-releng
 

- 

- # Configs executed on releng backends must have "releng_" prefix.
 

- odcs_raw_config_urls:
 

-   releng_fmc:
 

-     url: https://pagure.io/releng/fmc.git
 

-     config_filename: fedora-minimal-compose.conf
 

-   releng_jkaluza_test_config:
 

-     url: https://pagure.io/jkaluza-test-compose.git
 

-     config_filename: test.conf
 

-   eln:
 

-     url: https://pagure.io/pungi-fedora.git
 

-     config_filename: eln.conf
 

-   cccc:
 

-     url: https://pagure.io/fedora-ci/cccc-merged-configs.git
 

-     config_filename: cccc.conf
 

- 

+   - sysadmin-odcs
 

+   - sysadmin-releng
 

+ ipa_host_group: odcs
 

+ ipa_host_group_desc: On Demand Compose Service
 

+ odcs_allowed_clients_groups:
 

+   eln-sig: {"raw_config_keys": ["eln", "cccc"], "source_types": ["tag", "module", "build", "raw_config"]}
 

+   packager: {"source_types": ["module"]}
 

+   pungi-devel: {}
 

+   sysadmin-odcs: {}
 

+ odcs_allowed_clients_users:
 

+   humaton: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

+   jkaluza: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

+   mohanboddu: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

+   osbs@service: {}
 

  # Default queues for general ODCS backends.
 

  odcs_celery_queues:
 

- - pungi_composes
 

- - cleanup
 

- 

+   - pungi_composes
 

+   - cleanup
 

  odcs_celery_router_config:
 

+   cleanup_task: odcs.server.celery_tasks.run_cleanup
 

+   default_queue: pungi_composes
 

    routing_rules:
 

      odcs.server.celery_tasks.generate_pungi_compose:
 

-       releng_raw_pungi_composes:
 

-         source_type: 5  # "raw_config"
 

-         source: "releng_.*"
 

-       eln_raw_pungi_composes:
 

-         source_type: 5  # "raw_config"
 

-         source: "eln.*"
 

        cccc_raw_pungi_composes:
 

-         source_type: 5  # "raw_config"
 

          source: "cccc.*"
 

+         source_type: 5 # "raw_config"
 

+       eln_raw_pungi_composes:
 

+         source: "eln.*"
 

+         source_type: 5 # "raw_config"
 

        releng_pungi_composes:
 

-         source_type: [1, 2, 6, 7]  # "tag", "module", "build", "pungi_compose"
 

          owner: ["jkaluza", "mohanboddu", "humaton"]
 

-   cleanup_task: odcs.server.celery_tasks.run_cleanup
 

-   default_queue: pungi_composes
 

- 

- odcs_allowed_clients_users:
 

-   humaton: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

-   mohanboddu: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

-   jkaluza: {"source_types": ["tag", "module", "build", "raw_config"], "target_dirs": ["private"]}
 

-   osbs@service: {}
 

- odcs_allowed_clients_groups:
 

-   sysadmin-odcs: {}
 

-   pungi-devel: {}
 

-   packager: {"source_types": ["module"]}
 

-   eln-sig: {"source_types": ["tag", "module", "build", "raw_config"], "raw_config_keys": ["eln", "cccc"]}
 

- 

+         source_type: [1, 2, 6, 7] # "tag", "module", "build", "pungi_compose"
 

+       releng_raw_pungi_composes:
 

+         source: "releng_.*"
 

+         source_type: 5 # "raw_config"
 

+ # Configs executed on releng backends must have "releng_" prefix.
 

+ odcs_raw_config_urls:
 

+   cccc:
 

+     config_filename: cccc.conf
 

+     url: https://pagure.io/fedora-ci/cccc-merged-configs.git
 

+   eln:
 

+     config_filename: eln.conf
 

+     url: https://pagure.io/pungi-fedora.git
 

+   releng_fmc:
 

+     config_filename: fedora-minimal-compose.conf
 

+     url: https://pagure.io/releng/fmc.git
 

+   releng_jkaluza_test_config:
 

+     config_filename: test.conf
 

+     url: https://pagure.io/jkaluza-test-compose.git

file modified
+14 -22 
@@ -1,33 +1,25 @@
 

  # this is to enable nested virt, which we need for disk image creation
 

- virt_install_command: "{{ virt_install_command_one_nic }} --cpu=host-passthrough,+vmx"
 

- 

+ deployment_type: prod
 

  external_hostname: openqa.fedoraproject.org
 

- 

+ freezes: false
 

+ openqa_compose_arches: x86_64,aarch64
 

  openqa_dbname: openqa
 

- openqa_dbuser: openqa
 

  openqa_dbpassword: "{{ prod_openqa_dbpassword }}"
 

- 

- openqa_key: "{{ prod_openqa_apikey }}"
 

- openqa_secret: "{{ prod_openqa_apisecret }}"
 

- 

- openqa_webapi_plugins: FedoraMessaging FedoraUpdateRestart
 

- 

+ openqa_dbuser: openqa
 

+ openqa_env: production
 

+ openqa_env_prefix:
 

  # this is because openqa staging isn't really a staging host
 

  # we don't want to set env_suffix to stg on it because that may
 

  # break some other plays, but we do need the env suffix for the
 

  # fedora-messaging bits, so let's make our own
 

  openqa_env_suffix:
 

- openqa_env_prefix:
 

- openqa_env: production
 

- 

- wikitcms_token: "{{ private }}/files/openidc/production/wikitcms.json"
 

- openqa_wikitcms_hostname: fedoraproject.org
 

- openqa_resultsdb_url: http://resultsdb01.iad2.fedoraproject.org/resultsdb_api/api/v2.0/
 

- openqa_compose_arches: x86_64,aarch64
 

- openqa_update_arches: ['x86_64']
 

- 

+ openqa_key: "{{ prod_openqa_apikey }}"
 

  # all our workers need NFS access
 

  openqa_nfs_workers: "{{ groups['openqa_workers'] }}"
 

- 

- deployment_type: prod
 

- freezes: false
 

+ openqa_resultsdb_url: http://resultsdb01.iad2.fedoraproject.org/resultsdb_api/api/v2.0/
 

+ openqa_secret: "{{ prod_openqa_apisecret }}"
 

+ openqa_update_arches: ['x86_64']
 

+ openqa_webapi_plugins: FedoraMessaging FedoraUpdateRestart
 

+ openqa_wikitcms_hostname: fedoraproject.org
 

+ virt_install_command: "{{ virt_install_command_one_nic }} --cpu=host-passthrough,+vmx"
 

+ wikitcms_token: "{{ private }}/files/openidc/production/wikitcms.json"

file modified
+28 -32 
@@ -10,48 +10,44 @@
 

  # be stg.fedoraproject.org
 

  

  # this is to enable nested virt, which we need for disk image creation
 

- virt_install_command: "{{ virt_install_command_one_nic }} --cpu=host-passthrough,+vmx"
 

- 

+ deployment_type: stg
 

  external_hostname: openqa.stg.fedoraproject.org
 

- 

+ # makes sure it sends stg not prod fedmsgs
 

+ fedmsg_env: stg
 

+ freezes: false
 

+ # FIXME: disable consumers that write to wiki until auth key
 

+ # is working again:
 

+ # https://pagure.io/fedora-infrastructure/issue/8381
 

+ openqa_amqp_wiki_reporter_queue:
 

+ # lab-specific until newer openQA is on prod (2021-11)
 

+ openqa_amqp_publisher_exchange: "amq.topic"
 

+ openqa_amqp_publisher_cacertfile: "/etc/fedora-messaging/{{ openqa_env_prefix }}cacert.pem"
 

+ openqa_amqp_publisher_certfile: "/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-cert.pem"
 

+ openqa_amqp_publisher_keyfile: "/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-key.pem"
 

+ openqa_assetsize_ppc: 300
 

+ openqa_compose_arches: x86_64,aarch64,ppc64le
 

  openqa_dbname: openqa-stg
 

- openqa_dbuser: openqastg
 

  openqa_dbpassword: "{{ stg_openqa_dbpassword }}"
 

- openqa_assetsize_ppc: 300
 

- 

- openqa_key: "{{ stg_openqa_apikey }}"
 

- openqa_secret: "{{ stg_openqa_apisecret }}"
 

- 

- openqa_webapi_plugins: FedoraMessaging FedoraUpdateRestart
 

- 

+ openqa_dbuser: openqastg
 

+ openqa_env: staging
 

+ openqa_env_prefix: stg-
 

  # this is because openqa staging isn't really a staging host
 

  # we don't want to set env_suffix to stg on it because that may
 

  # break some other plays, but we do need the env suffix for the
 

  # fedora-messaging bits, so let's make our own
 

  openqa_env_suffix: .stg
 

- openqa_env_prefix: stg-
 

- openqa_env: staging
 

- 

+ openqa_key: "{{ stg_openqa_apikey }}"
 

+ # all our workers need NFS access
 

+ openqa_nfs_workers: "{{ groups['openqa_lab_workers'] }}"
 

  # install openQA from updates-testing - this is staging, we live
 

  # ON THE EDGE (radical guitar riff)
 

  openqa_repo: updates-testing
 

- 

- wikitcms_token: "{{ private }}/files/openidc/staging/wikitcms.json"
 

- openqa_wikitcms_hostname: stg.fedoraproject.org
 

+ # 2021-11 scratch builds for testing (plus the updated Mojolicious needed)
 

+ openqa_scratch: ["79442168", "79272379"]
 

  openqa_resultsdb_url: http://resultsdb01.stg.iad2.fedoraproject.org/resultsdb_api/api/v2.0/
 

- openqa_compose_arches: x86_64,aarch64,ppc64le
 

+ openqa_secret: "{{ stg_openqa_apisecret }}"
 

  openqa_update_arches: ['x86_64', 'ppc64le']
 

- 

- # all our workers need NFS access
 

- openqa_nfs_workers: "{{ groups['openqa_lab_workers'] }}"
 

- 

- # FIXME: disable consumers that write to wiki until auth key
 

- # is working again:
 

- # https://pagure.io/fedora-infrastructure/issue/8381
 

- openqa_amqp_wiki_reporter_queue:
 

- 

- deployment_type: stg
 

- freezes: false
 

- 

- # makes sure it sends stg not prod fedmsgs
 

- fedmsg_env: stg
 

+ openqa_webapi_plugins: FedoraMessaging FedoraUpdateRestart
 

+ openqa_wikitcms_hostname: stg.fedoraproject.org
 

+ virt_install_command: "{{ virt_install_command_one_nic }} --cpu=host-passthrough,+vmx"
 

+ wikitcms_token: "{{ private }}/files/openidc/staging/wikitcms.json"

file modified
+18 -25 
@@ -1,35 +1,28 @@
 

+ deployment_type: stg
 

+ freezes: false
 

  gw: 10.3.174.254
 

- openqa_workers: 4
 

- openqa_hostname: openqa-lab01.iad2.fedoraproject.org
 

- openqa_key: "{{ stg_openqa_apikey }}"
 

- openqa_secret: "{{ stg_openqa_apisecret }}"
 

- 

+ ipa_client_shell_groups:
 

+   - sysadmin-qa
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-qa
 

+ ipa_host_group: openqa-lab-workers
 

+ ipa_host_group_desc: OpenQA Lab worker hosts
 

+ openqa_env: staging
 

+ openqa_env_prefix: stg-
 

  # this is because openqa staging isn't really a staging host
 

  # we don't want to set env_suffix to stg on it because that may
 

  # break some other plays, but we do need the env suffix for the
 

  # fedora-messaging bits, so let's make our own
 

  openqa_env_suffix: .stg
 

- openqa_env_prefix: stg-
 

- openqa_env: staging
 

- 

+ openqa_hostname: openqa-lab01.iad2.fedoraproject.org
 

+ openqa_key: "{{ stg_openqa_apikey }}"
 

+ # we are all NFS workers for now at least
 

+ openqa_nfs_worker: true
 

  # install openQA and os-autoinst from updates-testing - this is
 

  # staging, we live ON THE EDGE (radical guitar riff)
 

  openqa_repo: updates-testing
 

- 

- # we are all NFS workers for now at least
 

- openqa_nfs_worker: true
 

- 

- # qemu build with fix for snapshots on qxl; not a scratch build,
 

- # just getting it deployed ahead of the updates-testing push
 

- openqa_scratch: ["78533572"]
 

- 

- deployment_type: stg
 

- freezes: false
 

- 

+ # 2021-11 scratch builds for testing (plus the updated Mojolicious needed)
 

+ openqa_scratch: ["79299369", "79442168", "79272379"]
 

+ openqa_secret: "{{ stg_openqa_apisecret }}"
 

+ openqa_workers: 4
 

  primary_auth_source: ipa
 

- ipa_host_group: openqa-lab-workers
 

- ipa_host_group_desc: OpenQA Lab worker hosts
 

- ipa_client_shell_groups:
 

- - sysadmin-qa
 

- ipa_client_sudo_groups:
 

- - sysadmin-qa

file modified
+38 -52 
@@ -2,71 +2,57 @@
 

  # openQA servers. these are mostly things that are set as variables
 

  # in the plays so we can change them over time and also so the plays
 

  # can be used for non-infra deployments.
 

- 

- openqa_hostname: localhost
 

- openqa_email: adamwill@fedoraproject.org
 

- openqa_nickname: adamwill
 

- openqa_fullname: Adam Williamson
 

- openqa_userid: http://adamwill.id.fedoraproject.org/
 

- 

- openqa_assetsize: 500
 

- openqa_assetsize_aarch64: 300
 

- openqa_assetsize_updates: 200
 

- 

- # stg and prod use the same database server
 

- openqa_dbhost: db-openqa01.iad2.fedoraproject.org
 

- 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-qa
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-qa
 

+ ipa_host_group: openqa-servers
 

+ ipa_host_group_desc: OpenQA servers
 

+ # fedora-messaging email error reporting settings
 

+ openqa_amqp_mailto: ["adamwill@fedoraproject.org", "lruzicka@fedoraproject.org"]
 

  # we need this for all our fedora-messaging consumers as they are not
 

  # allowed to create queues on the infra AMQP broker, by broker config
 

  openqa_amqp_passive: true
 

- 

- # fedora-messaging publisher settings
 

- openqa_amqp_publisher_prefix: org.fedoraproject.{{ fedmsg_env }}
 

- openqa_amqp_publisher_url: "amqps://openqa{{ openqa_env_suffix }}:@rabbitmq{{ openqa_env_suffix }}.fedoraproject.org/%2Fpubsub"
 

  # openQA isn't very ssl-aware here, so we're abusing its URL construction
 

  # to stuff the cert and key values in here
 

  openqa_amqp_publisher_exchange: "amq.topic&cacertfile=/etc/fedora-messaging/{{ openqa_env_prefix }}cacert.pem&certfile=/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-cert.pem&keyfile=/etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-key.pem"
 

- 

- # fedora-messaging job scheduler settings: most of these are the same
 

- # for prod and stg as they both must listen for prod messages. Only
 

- # the queue names differs
 

- openqa_amqp_scheduler_url: "amqps://openqa:@rabbitmq.fedoraproject.org/%2Fpubsub"
 

- openqa_amqp_scheduler_cacert: /etc/fedora-messaging/cacert.pem
 

- openqa_amqp_scheduler_key: /etc/pki/fedora-messaging/openqa-key.pem
 

- openqa_amqp_scheduler_cert: /etc/pki/fedora-messaging/openqa-cert.pem
 

- openqa_amqp_scheduler_queue: "openqa{{ openqa_env_suffix }}_scheduler"
 

- openqa_amqp_scheduler_routing_keys: ["org.fedoraproject.prod.pungi.compose.status.change",
 

-                                      "org.fedoraproject.prod.bodhi.update.request.testing",
 

-                                      "org.fedoraproject.prod.bodhi.update.edit"]
 

- 

- # fedora-messaging reporter settings
 

- openqa_amqp_reporter_url: "amqps://openqa{{ openqa_env_suffix }}:@rabbitmq{{ openqa_env_suffix }}.fedoraproject.org/%2Fpubsub"
 

+ # fedora-messaging publisher settings
 

+ openqa_amqp_publisher_prefix: org.fedoraproject.{{ fedmsg_env }}
 

+ openqa_amqp_publisher_url: "amqps://openqa{{ openqa_env_suffix }}:@rabbitmq{{ openqa_env_suffix }}.fedoraproject.org/%2Fpubsub"
 

  openqa_amqp_reporter_cacert: /etc/fedora-messaging/{{ openqa_env_prefix }}cacert.pem
 

- openqa_amqp_reporter_key: /etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-key.pem
 

  openqa_amqp_reporter_cert: /etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-cert.pem
 

- 

+ openqa_amqp_reporter_key: /etc/pki/fedora-messaging/openqa{{ openqa_env_suffix }}-key.pem
 

+ # fedora-messaging reporter settings
 

+ openqa_amqp_reporter_url: "amqps://openqa{{ openqa_env_suffix }}:@rabbitmq{{ openqa_env_suffix }}.fedoraproject.org/%2Fpubsub"
 

  # fedora-messaging resultsdb reporter settings
 

  openqa_amqp_resultsdb_reporter_queue: "openqa{{ openqa_env_suffix }}_resultsdb_reporter"
 

  openqa_amqp_resultsdb_reporter_routing_keys: ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"]
 

- 

+ # fedora-messaging scheduler settings (that differ from defaults)
 

+ openqa_amqp_scheduler_cert: /etc/pki/fedora-messaging/openqa-cert.pem
 

+ openqa_amqp_scheduler_key: /etc/pki/fedora-messaging/openqa-key.pem
 

+ openqa_amqp_scheduler_queue: "openqa{{ openqa_env_suffix }}_scheduler"
 

+ openqa_amqp_scheduler_routing_keys: ["org.fedoraproject.prod.pungi.compose.status.change", "org.fedoraproject.prod.bodhi.update.request.testing", "org.fedoraproject.prod.bodhi.update.edit", "org.fedoraproject.prod.bodhi.update.status.testing.koji-build-group.build.complete", "org.fedoraproject.prod.coreos.build.state.change"]
 

+ # fedora-messaging job scheduler settings: most of these are the same
 

+ # for prod and stg as they both must listen for prod messages. Only
 

+ # the queue names differs
 

+ openqa_amqp_scheduler_url: "amqps://openqa:@rabbitmq.fedoraproject.org/%2Fpubsub"
 

+ openqa_amqp_smtp: bastion
 

  # fedora-messaging wiki reporter settings
 

  openqa_amqp_wiki_reporter_queue: "openqa{{ openqa_env_suffix }}_wiki_reporter"
 

  openqa_amqp_wiki_reporter_routing_keys: ["org.fedoraproject.{{ deployment_type }}.openqa.job.done"]
 

- 

- # fedora-messaging email error reporting settings
 

- openqa_amqp_mailto: ["adamwill@fedoraproject.org", "lruzicka@fedoraproject.org"]
 

- openqa_amqp_smtp: bastion
 

- 

+ openqa_assetsize: 500
 

+ openqa_assetsize_aarch64: 300
 

+ openqa_assetsize_updates: 200
 

+ # stg and prod use the same database server
 

+ openqa_dbhost: db-openqa01.iad2.fedoraproject.org
 

+ openqa_email: adamwill@fedoraproject.org
 

+ openqa_fullname: Adam Williamson
 

+ openqa_hostname: localhost
 

+ openqa_nickname: adamwill
 

+ openqa_userid: http://adamwill.id.fedoraproject.org/
 

+ primary_auth_source: ipa
 

  # http and NFS
 

  tcp_ports: [80, 2049]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: openqa-servers
 

- ipa_host_group_desc: OpenQA servers
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-qa
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-qa

file modified
+6 -13 
@@ -1,17 +1,10 @@
 

- openqa_tap: true
 

- 

+ # firewall rules to allow openQA openvswitch guests to communicate
 

+ # uses interface definition from host vars
 

+ custom_rules: ['-A FORWARD -i br0 -j ACCEPT', '-A FORWARD -m state -i {{ openqa_tap_iface }} -o br0 --state RELATED,ESTABLISHED -j ACCEPT', '-A INPUT -i br0 -j ACCEPT']
 

  # for iptables rules...maybe other stuff in future? both staging
 

  # and prod workers are in this group
 

  host_group: openqa-tap-workers
 

- 

- # firewall rules to allow openQA openvswitch guests to communicate
 

- # uses interface definition from host vars
 

- custom_rules: [
 

-     '-A FORWARD -i br0 -j ACCEPT',
 

-     '-A FORWARD -m state -i {{ openqa_tap_iface }} -o br0 --state RELATED,ESTABLISHED -j ACCEPT',
 

-     '-A INPUT -i br0 -j ACCEPT'
 

- ]
 

  nat_rules: [
 

-     # masquerade for openQA openvswitch workers to reach the outside
 

-     '-A POSTROUTING -o {{ openqa_tap_iface }} -j MASQUERADE'
 

-  ]
 

+   # masquerade for openQA openvswitch workers to reach the outside
 

+   '-A POSTROUTING -o {{ openqa_tap_iface }} -j MASQUERADE']
 

+ openqa_tap: true

file modified
+14 -18 
@@ -1,27 +1,23 @@
 

+ deployment_type: prod
 

+ freezes: false
 

  gw: 10.5.124.254
 

- openqa_workers: 4
 

- openqa_hostname: openqa01.iad2.fedoraproject.org
 

- openqa_key: "{{ prod_openqa_apikey }}"
 

- openqa_secret: "{{ prod_openqa_apisecret }}"
 

- 

+ ipa_client_shell_groups:
 

+   - sysadmin-qa
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-qa
 

+ ipa_host_group: openqa-workers
 

+ ipa_host_group_desc: OpenQA worker hosts
 

+ openqa_env: production
 

+ openqa_env_prefix:
 

  # this is because openqa staging isn't really a staging host
 

  # we don't want to set env_suffix to stg on it because that may
 

  # break some other plays, but we do need the env suffix for the
 

  # fedora-messaging bits, so let's make our own
 

  openqa_env_suffix:
 

- openqa_env_prefix:
 

- openqa_env: production
 

- 

+ openqa_hostname: openqa01.iad2.fedoraproject.org
 

+ openqa_key: "{{ prod_openqa_apikey }}"
 

  # we are all NFS workers for now at least
 

  openqa_nfs_worker: true
 

- 

- deployment_type: prod
 

- freezes: false
 

- 

+ openqa_secret: "{{ prod_openqa_apisecret }}"
 

+ openqa_workers: 4
 

  primary_auth_source: ipa
 

- ipa_host_group: openqa-workers
 

- ipa_host_group_desc: OpenQA worker hosts
 

- ipa_client_shell_groups:
 

- - sysadmin-qa
 

- ipa_client_sudo_groups:
 

- - sysadmin-qa

file modified
+3 -3 
@@ -1,6 +1,6 @@
 

  ---
 

- host_group: openstack-compute
 

- nrpe_procs_warn: 1100
 

- nrpe_procs_crit: 1200
 

  ansible_ifcfg_blocklist: true
 

  baseiptables: False
 

+ host_group: openstack-compute
 

+ nrpe_procs_crit: 1200
 

+ nrpe_procs_warn: 1100

file modified
+7 -8 
@@ -1,13 +1,12 @@
 

  ---
 

- host_group: os
 

  baseiptables: False
 

- no_http2: True
 

- nm_controlled_resolv: True
 

+ host_group: os
 

+ ipa_client_shell_groups:
 

+   - sysadmin-openshift
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-openshift
 

  #openshift_ansible_upgrading: False
 

  ipa_host_group: openshift
 

  ipa_host_group_desc: OpenShift cluster
 

- 

- ipa_client_shell_groups:
 

- - sysadmin-openshift
 

- ipa_client_sudo_groups:
 

- - sysadmin-openshift
 

+ nm_controlled_resolv: True
 

+ no_http2: True

file modified
+1 -3 
@@ -1,5 +1,3 @@
 

  ---
 

- 

- os_url: os.fedoraproject.org
 

  os_app_url: app.os.fedoraproject.org
 

- 

+ os_url: os.fedoraproject.org

file modified
+1 -3 
@@ -1,5 +1,3 @@
 

  ---
 

- 

- os_url: os.stg.fedoraproject.org
 

  os_app_url: app.os.stg.fedoraproject.org
 

- 

+ os_url: os.stg.fedoraproject.org

file modified
+13 -16 
@@ -1,29 +1,26 @@
 

  ---
 

- 

- os_url: os.fedoraproject.org
 

- os_app_url: app.os.fedoraproject.org
 

- swap: false
 

- nagios_Check_Services:
 

-   swap: false
 

-   nrpe: false
 

-   mail: false
 

- 

+ bodhi_openshift_pods: 1
 

  #
 

  # Set some bodhi variables here.
 

  # Since they are used when running playbooks against the master nodes.
 

  #
 

- bodhi_version: "5.7.1"
 

- bodhi_openshift_pods: 1
 

- 

+ bodhi_version: "5.7.2"
 

+ nagios_Check_Services:
 

+   mail: false
 

+   nrpe: false
 

+   swap: false
 

+ os_app_url: app.os.fedoraproject.org
 

+ os_url: os.fedoraproject.org
 

  # GDPR SAR related dictionary
 

  sar_openshift:
 

    # Name of the app
 

    release-monitoring:
 

-     # Location of the script
 

-     sar_script: /usr/local/bin/sar.py
 

-     # Output file on local machine
 

-     sar_output_file: anitya.json
 

      # Openshift namespace where the app runs
 

      openshift_namespace: release-monitoring
 

      # Name of openshift pod - will be used for label search
 

      openshift_pod: release-monitoring-web
 

+     # Output file on local machine
 

+     sar_output_file: anitya.json
 

+     # Location of the script
 

+     sar_script: /usr/local/bin/sar.py
 

+ swap: false

file modified
+8 -11 
@@ -1,15 +1,12 @@
 

  ---
 

- 

- os_url: os.stg.fedoraproject.org
 

- os_app_url: app.os.stg.fedoraproject.org
 

- 

- nagios_Check_Services:
 

-   swap: false
 

-   nrpe: false
 

-   mail: false
 

- 

+ bodhi_openshift_pods: 1
 

  # Set some bodhi variables here.
 

  # Since they are used when running playbooks against the master nodes.
 

  #
 

- bodhi_version: "5.7.1"
 

- bodhi_openshift_pods: 1
 

+ bodhi_version: "5.7.2"
 

+ nagios_Check_Services:
 

+   mail: false
 

+   nrpe: false
 

+   swap: false
 

+ os_app_url: app.os.stg.fedoraproject.org
 

+ os_url: os.stg.fedoraproject.org

file modified
+5 -6 
@@ -1,9 +1,8 @@
 

  ---
 

- 

- os_url: os.fedoraproject.org
 

- os_app_url: app.os.fedoraproject.org
 

- swap: false
 

  nagios_Check_Services:
 

-   swap: false
 

-   nrpe: false
 

    mail: false
 

+   nrpe: false
 

+   swap: false
 

+ os_app_url: app.os.fedoraproject.org
 

+ os_url: os.fedoraproject.org
 

+ swap: false

file modified
+4 -6 
@@ -1,9 +1,7 @@
 

  ---
 

- 

- os_url: os.stg.fedoraproject.org
 

- os_app_url: app.os.stg.fedoraproject.org
 

- 

  nagios_Check_Services:
 

-   swap: false
 

-   nrpe: false
 

    mail: false
 

+   nrpe: false
 

+   swap: false
 

+ os_app_url: app.os.stg.fedoraproject.org
 

+ os_url: os.stg.fedoraproject.org

file modified
+11 -17 
@@ -1,24 +1,18 @@
 

  ---
 

+ custom_rules: [
 

+   # Needed for keepalived
 

+   '-A INPUT -d 224.0.0.0/8 -j ACCEPT', '-A INPUT -p vrrp -j ACCEPT',
 

+   # machinectl api
 

+   '-A INPUT -p tcp --dport 22623 --src 38.145.48.0/27 -j ACCEPT']
 

  datacenter: cloud
 

  host_group: cloud
 

  lvm_size: 20000
 

  mem_size: 8192
 

  num_cpus: 4
 

- 

  tcp_ports: [
 

-     # For os routers
 

-     80,
 

-     443,
 

-     # For ks8 api
 

-     6443,
 

-     # For haproxy status
 

-     8080,
 

- ]
 

- 

- custom_rules: [
 

-     # Needed for keepalived
 

-     '-A INPUT -d 224.0.0.0/8 -j ACCEPT',
 

-     '-A INPUT -p vrrp -j ACCEPT',
 

-     # machinectl api
 

-     '-A INPUT -p tcp --dport 22623 --src 38.145.48.0/27 -j ACCEPT',
 

- ]
 

+   # For os routers
 

+   80, 443,
 

+   # For ks8 api
 

+   6443,
 

+   # For haproxy status
 

+   8080]

file modified
+7 -8 
@@ -1,14 +1,13 @@
 

  ---
 

- host_group: os
 

  baseiptables: False
 

- no_http2: False
 

- nm_controlled_resolv: True
 

+ host_group: os
 

+ ipa_client_shell_groups:
 

+   - sysadmin-openshift
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-openshift
 

  # Only define this when upgrading, otherwise comment it
 

  # openshift_ansible_upgrading: True
 

  ipa_host_group: openshift
 

  ipa_host_group_desc: OpenShift cluster
 

- 

- ipa_client_shell_groups:
 

- - sysadmin-openshift
 

- ipa_client_sudo_groups:
 

- - sysadmin-openshift
 

+ nm_controlled_resolv: True
 

+ no_http2: False

file modified
+26 -37 
@@ -1,47 +1,36 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 60000
 

- mem_size: 8192
 

- num_cpus: 2
 

- 

- tcp_ports: [ 80, 443, 8443]
 

- 

- sudoers: "{{ private }}/files/sudo/osbs-sudoers"
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: osbs
 

- ipa_host_group_desc: OpenShift Build Service
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-osbs
 

- - sysadmin-releng
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-osbs
 

- - sysadmin-releng
 

- 

+ baseiptables: False
 

  docker_cert_dir: "/etc/docker/certs.d/candidate-registry.fedoraproject.org"
 

  docker_registry: "candidate-registry.fedoraproject.org"
 

- source_registry: "registry.fedoraproject.org"
 

- 

- osbs_url: "osbs.fedoraproject.org"
 

- osbs_koji_username: "kojibuilder"
 

- 

+ # fedora container images required by buildroot
 

+ fedora_required_images:
 

+   - "fedora:latest"
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-osbs
 

+   - sysadmin-releng
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-osbs
 

+   - sysadmin-releng
 

+ ipa_host_group: osbs
 

+ ipa_host_group_desc: OpenShift Build Service
 

  koji_url: "koji.fedoraproject.org"
 

- 

- osbs_client_conf_path: /etc/osbs.conf
 

- 

- baseiptables: False
 

- 

+ lvm_size: 60000
 

+ mem_size: 8192
 

+ nm_controlled_resolv: True
 

+ num_cpus: 2
 

  #openshift_ansible_upgrading: True
 

  

  # docker images required by OpenShift Origin
 

  openshift_required_images:
 

    - "openshift/origin-pod"
 

- 

- # fedora container images required by buildroot
 

- fedora_required_images:
 

-   - "fedora:latest"
 

- 

- nm_controlled_resolv: True
 

+ osbs_client_conf_path: /etc/osbs.conf
 

+ osbs_koji_username: "kojibuilder"
 

+ osbs_url: "osbs.fedoraproject.org"
 

+ primary_auth_source: ipa
 

+ source_registry: "registry.fedoraproject.org"
 

+ sudoers: "{{ private }}/files/sudo/osbs-sudoers"
 

+ tcp_ports: [80, 443, 8443]

file modified
+30 -46 
@@ -1,58 +1,42 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ #Docker command delegated host
 

+ composer: compose-x86-01.iad2.fedoraproject.org
 

+ docker_cert_dir: "/etc/docker/certs.d/candidate-registry.fedoraproject.org"
 

+ docker_registry: "candidate-registry.fedoraproject.org"
 

+ koji_url: "koji.fedoraproject.org"
 

  lvm_size: 60000
 

- mem_size: 8192
 

+ max_cpu: "{{ num_cpus }}"
 

  max_mem_size: "{{ mem_size }}"
 

+ mem_size: 8192
 

+ # Nagios configuration
 

+ nagios_Check_Services:
 

+   dhcpd: false
 

+   httpd: false
 

+   named: false
 

+   nrpe: true
 

+   sshd: true
 

+   swap: false
 

  num_cpus: 2
 

- max_cpu: "{{ num_cpus }}"
 

- virt_install_command: "{{ virt_install_command_aarch64_one_nic }}"
 

- 

- tcp_ports: [ 80, 443, 8443]
 

- 

- openshift_node_labels: {'region':'infra'}
 

+ openshift_node_labels: {'region': 'infra'}
 

  openshift_schedulable: False
 

- 

- docker_cert_dir: "/etc/docker/certs.d/candidate-registry.fedoraproject.org"
 

- source_registry: "registry.fedoraproject.org"
 

- docker_registry: "candidate-registry.fedoraproject.org"
 

- 

- osbs_url: "osbs.fedoraproject.org"
 

- 

- koji_url: "koji.fedoraproject.org"
 

- 

  osbs_client_conf_path: /etc/osbs.conf
 

- 

- osbs_namespace: "osbs-fedora"
 

- osbs_worker_namespace: worker
 

- 

- osbs_worker_service_accounts:
 

-   - orchestrator
 

+ osbs_conf_readwrite_users:
 

+   - "system:serviceaccount:{{ osbs_namespace }}:default"
 

+   - "system:serviceaccount:{{ osbs_namespace }}:builder"
 

+ osbs_conf_service_accounts:
 

+   - koji
 

    - builder
 

- 

- 

  osbs_conf_sources_command: fedpkg sources
 

- 

+ osbs_namespace: "osbs-fedora"
 

  osbs_orchestrator_cpu_limitrange: "95m"
 

- 

- osbs_worker_default_nodeselector: "worker=true"
 

  osbs_orchestrator_default_nodeselector: "orchestrator=true"
 

- 

- osbs_conf_service_accounts:
 

-   - koji
 

+ osbs_url: "osbs.fedoraproject.org"
 

+ osbs_worker_default_nodeselector: "worker=true"
 

+ osbs_worker_namespace: worker
 

+ osbs_worker_service_accounts:
 

+   - orchestrator
 

    - builder
 

- 

- osbs_conf_readwrite_users:
 

-   - "system:serviceaccount:{{ osbs_namespace }}:default"
 

-   - "system:serviceaccount:{{ osbs_namespace }}:builder"
 

- 

- #Docker command delegated host
 

- composer: compose-x86-01.iad2.fedoraproject.org
 

- 

- # Nagios configuration
 

- nagios_Check_Services:
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

-   dhcpd: false
 

-   httpd: false
 

-   swap: false
 

+ source_registry: "registry.fedoraproject.org"
 

+ tcp_ports: [80, 443, 8443]
 

+ virt_install_command: "{{ virt_install_command_aarch64_one_nic }}"

file modified
+30 -46 
@@ -1,58 +1,42 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ #Docker command delegated host
 

+ composer: compose-x86-01.stg.iad2.fedoraproject.org
 

+ docker_cert_dir: "/etc/docker/certs.d/candidate-registry.stg.fedoraproject.org"
 

+ docker_registry: "candidate-registry.stg.fedoraproject.org"
 

+ koji_url: "koji.stg.fedoraproject.org"
 

  lvm_size: 60000
 

- mem_size: 8192
 

+ max_cpu: "{{ num_cpus }}"
 

  max_mem_size: "{{ mem_size }}"
 

+ mem_size: 8192
 

+ # Nagios configuration
 

+ nagios_Check_Services:
 

+   dhcpd: false
 

+   httpd: false
 

+   named: false
 

+   nrpe: true
 

+   sshd: true
 

+   swap: false
 

  num_cpus: 2
 

- max_cpu: "{{ num_cpus }}"
 

- virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
 

- 

- tcp_ports: [ 80, 443, 8443]
 

- 

- openshift_node_labels: {'region':'infra'}
 

+ openshift_node_labels: {'region': 'infra'}
 

  openshift_schedulable: False
 

- 

- docker_cert_dir: "/etc/docker/certs.d/candidate-registry.stg.fedoraproject.org"
 

- source_registry: "registry.stg.fedoraproject.org"
 

- docker_registry: "candidate-registry.stg.fedoraproject.org"
 

- 

- osbs_url: "osbs.stg.fedoraproject.org"
 

- 

- koji_url: "koji.stg.fedoraproject.org"
 

- 

  osbs_client_conf_path: /etc/osbs.conf
 

- 

- osbs_namespace: "osbs-fedora"
 

- osbs_worker_namespace: worker
 

- 

- osbs_worker_service_accounts:
 

-   - orchestrator
 

+ osbs_conf_readwrite_users:
 

+   - "system:serviceaccount:{{ osbs_namespace }}:default"
 

+   - "system:serviceaccount:{{ osbs_namespace }}:builder"
 

+ osbs_conf_service_accounts:
 

+   - koji
 

    - builder
 

- 

- 

  osbs_conf_sources_command: fedpkg sources
 

- 

+ osbs_namespace: "osbs-fedora"
 

  osbs_orchestrator_cpu_limitrange: "95m"
 

- 

- osbs_worker_default_nodeselector: "worker=true"
 

  osbs_orchestrator_default_nodeselector: "orchestrator=true"
 

- 

- osbs_conf_service_accounts:
 

-   - koji
 

+ osbs_url: "osbs.stg.fedoraproject.org"
 

+ osbs_worker_default_nodeselector: "worker=true"
 

+ osbs_worker_namespace: worker
 

+ osbs_worker_service_accounts:
 

+   - orchestrator
 

    - builder
 

- 

- osbs_conf_readwrite_users:
 

-   - "system:serviceaccount:{{ osbs_namespace }}:default"
 

-   - "system:serviceaccount:{{ osbs_namespace }}:builder"
 

- 

- #Docker command delegated host
 

- composer: compose-x86-01.stg.iad2.fedoraproject.org
 

- 

- # Nagios configuration
 

- nagios_Check_Services:
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

-   dhcpd: false
 

-   httpd: false
 

-   swap: false
 

+ source_registry: "registry.stg.fedoraproject.org"
 

+ tcp_ports: [80, 443, 8443]
 

+ virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"

file modified
+9 -12 
@@ -1,20 +1,17 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

  lvm_size: 60000
 

- mem_size: 8192
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 2
 

  max_cpu: "{{ num_cpus }}"
 

- virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
 

- 

- tcp_ports: [ 80, 443, 8443, 10250]
 

- 

- openshift_node_labels: {'region': 'primary', 'zone': 'default'}
 

- 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 8192
 

  nagios_Check_Services:
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

+   named: false
 

+   nrpe: true
 

+   sshd: true
 

    swap: false
 

+ num_cpus: 2
 

+ openshift_node_labels: {'region': 'primary', 'zone': 'default'}
 

+ tcp_ports: [80, 443, 8443, 10250]
 

+ virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"

file modified
+9 -12 
@@ -1,20 +1,17 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

  lvm_size: 60000
 

- mem_size: 8192
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 2
 

  max_cpu: "{{ num_cpus }}"
 

- virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
 

- 

- tcp_ports: [ 80, 443, 8443, 10250]
 

- 

- openshift_node_labels: {'region': 'primary', 'zone': 'default'}
 

- 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 8192
 

  nagios_Check_Services:
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

+   named: false
 

+   nrpe: true
 

+   sshd: true
 

    swap: false
 

+ num_cpus: 2
 

+ openshift_node_labels: {'region': 'primary', 'zone': 'default'}
 

+ tcp_ports: [80, 443, 8443, 10250]
 

+ virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"

file modified
+9 -12 
@@ -1,20 +1,17 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

  lvm_size: 60000
 

- mem_size: 8192
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 2
 

  max_cpu: "{{ num_cpus }}"
 

- virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
 

- 

- tcp_ports: [ 80, 443, 8443, 10250]
 

- 

- openshift_node_labels: {'region': 'primary', 'zone': 'default'}
 

- 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 8192
 

  nagios_Check_Services:
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

+   named: false
 

+   nrpe: true
 

+   sshd: true
 

    swap: false
 

+ num_cpus: 2
 

+ openshift_node_labels: {'region': 'primary', 'zone': 'default'}
 

+ tcp_ports: [80, 443, 8443, 10250]
 

+ virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"

file modified
+8 -10 
@@ -1,15 +1,13 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- sudoers: "{{ private }}/files/sudo/osbs-sudoers"
 

- 

- # Variables used in the ansible-ansible-openshift-ansible role in osbs-cluster playbook
 

- osbs_url: "osbs.fedoraproject.org"
 

- inventory_filename: "cluster-inventory"
 

- cluster_masters_group: "osbs_masters"
 

- cluster_nodes_group: "osbs_nodes"
 

- cluster_infra_group: "osbs_masters"
 

- 

+ aarch_infra_group: "osbs_aarch64_masters"
 

  # Aarch64 variables
 

  aarch_masters_group: "osbs_aarch64_masters"
 

  aarch_nodes_group: "osbs_aarch64_nodes"
 

- aarch_infra_group: "osbs_aarch64_masters"
 

+ cluster_infra_group: "osbs_masters"
 

+ cluster_masters_group: "osbs_masters"
 

+ cluster_nodes_group: "osbs_nodes"
 

+ inventory_filename: "cluster-inventory"
 

+ # Variables used in the ansible-ansible-openshift-ansible role in osbs-cluster playbook
 

+ osbs_url: "osbs.fedoraproject.org"
 

+ sudoers: "{{ private }}/files/sudo/osbs-sudoers"

file modified
+6 -7 
@@ -2,13 +2,12 @@
 

  # Define resources for this group of hosts here.
 

  

  # Variables used in the ansible-ansible-openshift-ansible role in osbs-cluster playbook
 

- osbs_url: "osbs.stg.fedoraproject.org"
 

- inventory_filename: "cluster-inventory-stg"
 

- cluster_masters_group: "osbs_masters_stg"
 

- cluster_nodes_group: "osbs_nodes_stg"
 

- cluster_infra_group: "osbs_masters_stg"
 

- 

+ aarch_infra_group: "osbs_aarch64_masters_stg"
 

  # Aarch64 variables
 

  aarch_masters_group: "osbs_aarch64_masters_stg"
 

  aarch_nodes_group: "osbs_aarch64_nodes_stg"
 

- aarch_infra_group: "osbs_aarch64_masters_stg"
 

+ cluster_infra_group: "osbs_masters_stg"
 

+ cluster_masters_group: "osbs_masters_stg"
 

+ cluster_nodes_group: "osbs_nodes_stg"
 

+ inventory_filename: "cluster-inventory-stg"
 

+ osbs_url: "osbs.stg.fedoraproject.org"

file modified
+112 -154 
@@ -1,176 +1,134 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 60000
 

- mem_size: 8192
 

- num_cpus: 2
 

- 

- tcp_ports: [ 80, 443, 8443]
 

- 

- docker_cert_dir: "/etc/docker/certs.d/candidate-registry.fedoraproject.org"
 

- source_registry: "registry.fedoraproject.org"
 

- docker_registry: "candidate-registry.fedoraproject.org"
 

- 

- osbs_url: "osbs.fedoraproject.org"
 

- osbs_koji_username: "kojibuilder"
 

- 

- koji_url: "koji.fedoraproject.org"
 

- 

- osbs_client_conf_path: /etc/osbs.conf
 

- 

- openshift_node_labels: {'region':'infra'}
 

- openshift_schedulable: False
 

- 

- osbs_namespace: "osbs-fedora"
 

- osbs_worker_namespace: worker
 

- 

- osbs_worker_service_accounts:
 

-   - orchestrator
 

-   - builder
 

- 

- 

- osbs_conf_sources_command: fedpkg sources
 

- 

- osbs_orchestrator_cpu_limitrange: "95m"
 

- 

- osbs_worker_default_nodeselector: "worker=true"
 

- osbs_orchestrator_default_nodeselector: "orchestrator=true"
 

- 

- osbs_conf_service_accounts:
 

-   - koji
 

-   - builder
 

- 

- osbs_conf_readwrite_users:
 

-   - "system:serviceaccount:{{ osbs_namespace }}:default"
 

-   - "system:serviceaccount:{{ osbs_namespace }}:builder"
 

- 

- osbs_conf_worker_clusters:
 

-   x86_64:
 

-   - name: x86_64
 

-     max_concurrent_builds: 2
 

-     openshift_url: "https://osbs.fedoraproject.org/"
 

-     verify_ssl: 'false'
 

- 

-   aarch64:
 

-   - name: aarch64
 

-     max_concurrent_builds: 1
 

-     openshift_url: "https://osbs-aarch64-master01.iad2.fedoraproject.org:8443/"
 

-     verify_ssl: 'false'
 

- 

- 

- osbs_platform_descriptors:
 

- - platform: x86_64
 

-   architecture: amd64
 

- 

- - platform: aarch64
 

-   architecture: arm64
 

- 

  _osbs_reactor_config_map:
 

-     version: 1
 

- 

-     clusters:
 

-       x86_64:
 

-       - name: "x86_64"
 

-         max_concurrent_builds: 2
 

-         enabled: True
 

+   artifacts_allowed_domains: []
 

+   #- download.devel.redhat.com/released
 

+   #- download.devel.redhat.com/devel/candidates
 

  

-       aarch64:
 

-       - name: "aarch64"
 

+   clusters:
 

+     aarch64:
 

+       - enabled: True
 

          max_concurrent_builds: 1
 

-         enabled: True
 

- 

-     clusters_client_config_dir: "/var/run/secrets/atomic-reactor/client-config-secret"
 

- 

-     koji:
 

-       hub_url: "https://koji{{ env_suffix }}.fedoraproject.org/kojihub"
 

-       root_url: "https://koji{{ env_suffix }}.fedoraproject.org/"
 

-       auth:
 

-         krb_principal: "osbs/{{osbs_url}}@{{ ipa_realm }}"
 

-         krb_keytab_path: "FILE:/etc/krb5.osbs_{{ osbs_url }}.keytab"
 

- 

-     odcs:
 

-         api_url: "https://odcs{{ env_suffix }}.fedoraproject.org/api/1"
 

-         auth:
 

-           openidc_dir: "/var/run/secrets/atomic-reactor/odcs-oidc-secret"
 

-         signing_intents:
 

-           - name: unsigned
 

-             keys: []
 

-         default_signing_intent: "unsigned"
 

- 

-     flatpak:
 

-         base_image: "registry.fedoraproject.org/flatpak-build-base:latest"
 

-         metadata: both
 

- 

-     image_labels:
 

-       vendor: "Fedora Project"
 

-       authoritative-source-url: "{{ source_registry }}"
 

-       distribution-scope: public
 

- 

-     image_equal_labels:
 

-       - ['description', 'io.k8s.description']
 

-     openshift:
 

-       url: "https://{{ osbs_url }}"
 

-       insecure: true
 

-       build_json_dir: /usr/share/osbs
 

-       auth:
 

-         enable: True
 

- 

-     platform_descriptors: "{{ osbs_platform_descriptors }}"
 

- 

-     prefer_schema1_digest: False
 

- 

-     content_versions:
 

+         name: "aarch64"
 

+     x86_64:
 

+       - enabled: True
 

+         max_concurrent_builds: 2
 

+         name: "x86_64"
 

+   clusters_client_config_dir: "/var/run/secrets/atomic-reactor/client-config-secret"
 

+   content_versions:
 

      - v2
 

- 

-     registries:
 

-     - url: https://candidate-registry.fedoraproject.org/v2
 

-       auth:
 

+   flatpak:
 

+     base_image: "registry.fedoraproject.org/flatpak-build-base:latest"
 

+     metadata: both
 

+   group_manifests: True
 

+   image_equal_labels:
 

+     - ['description', 'io.k8s.description']
 

+   image_labels:
 

+     authoritative-source-url: "{{ source_registry }}"
 

+     distribution-scope: public
 

+     vendor: "Fedora Project"
 

+   koji:
 

+     auth:
 

+       krb_keytab_path: "FILE:/etc/krb5.osbs_{{ osbs_url }}.keytab"
 

+       krb_principal: "osbs/{{osbs_url}}@{{ ipa_realm }}"
 

+     hub_url: "https://koji{{ env_suffix }}.fedoraproject.org/kojihub"
 

+     root_url: "https://koji{{ env_suffix }}.fedoraproject.org/"
 

+   odcs:
 

+     api_url: "https://odcs{{ env_suffix }}.fedoraproject.org/api/1"
 

+     auth:
 

+       openidc_dir: "/var/run/secrets/atomic-reactor/odcs-oidc-secret"
 

+     default_signing_intent: "unsigned"
 

+     signing_intents:
 

+       - keys: []
 

+         name: unsigned
 

+   openshift:
 

+     auth:
 

+       enable: True
 

+     build_json_dir: /usr/share/osbs
 

+     insecure: true
 

+     url: "https://{{ osbs_url }}"
 

+   platform_descriptors: "{{ osbs_platform_descriptors }}"
 

+   prefer_schema1_digest: False
 

+   registries:
 

+     - auth:
 

          cfg_path: /var/run/secrets/atomic-reactor/v2-registry-dockercfg
 

- 

-     source_registry:
 

-       url: "{{ source_registry }}"
 

-       insecure: True
 

- 

-     group_manifests: True
 

- 

-     sources_command: "{{ osbs_conf_sources_command }}"
 

- 

-     artifacts_allowed_domains: []
 

-     #- download.devel.redhat.com/released
 

-     #- download.devel.redhat.com/devel/candidates
 

- 

-     required_secrets:
 

+       url: https://candidate-registry.fedoraproject.org/v2
 

+   required_secrets:
 

      - v2-registry-dockercfg
 

      - odcs-oidc-secret
 

- 

-     worker_token_secrets:
 

+   skip_koji_check_for_base_image: True
 

+   source_registry:
 

+     insecure: True
 

+     url: "{{ source_registry }}"
 

+   sources_command: "{{ osbs_conf_sources_command }}"
 

+   version: 1
 

+   worker_token_secrets:
 

      - x86-64-orchestrator
 

      - aarch64-orchestrator
 

      - client-config-secret
 

- 

-     skip_koji_check_for_base_image: True
 

- 

  _osbs_scratch_reactor_config_map_overrides:
 

    image_labels:
 

      distribution-scope: private
 

- 

- osbs_reactor_config_maps:
 

- - name: reactor-config-map
 

-   data: "{{ _osbs_reactor_config_map }}"
 

- - name: reactor-config-map-scratch
 

-   data: >
 

-     {{ _osbs_reactor_config_map |
 

-        combine(_osbs_scratch_reactor_config_map_overrides, recursive=True) }}
 

- 

- osbs_odcs_enabled: true
 

- 

  #Docker command delegated host
 

  composer: compose-x86-01.iad2.fedoraproject.org
 

- 

+ docker_cert_dir: "/etc/docker/certs.d/candidate-registry.fedoraproject.org"
 

+ docker_registry: "candidate-registry.fedoraproject.org"
 

+ koji_url: "koji.fedoraproject.org"
 

+ lvm_size: 60000
 

+ mem_size: 8192
 

  # Nagios configuration
 

  nagios_Check_Services:
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

+   named: false
 

+   nrpe: true
 

+   sshd: true
 

    swap: false
 

+ num_cpus: 2
 

+ openshift_node_labels: {'region': 'infra'}
 

+ openshift_schedulable: False
 

+ osbs_client_conf_path: /etc/osbs.conf
 

+ osbs_conf_readwrite_users:
 

+   - "system:serviceaccount:{{ osbs_namespace }}:default"
 

+   - "system:serviceaccount:{{ osbs_namespace }}:builder"
 

+ osbs_conf_service_accounts:
 

+   - koji
 

+   - builder
 

+ osbs_conf_sources_command: fedpkg sources
 

+ osbs_conf_worker_clusters:
 

+   aarch64:
 

+     - max_concurrent_builds: 1
 

+       name: aarch64
 

+       openshift_url: "https://osbs-aarch64-master01.iad2.fedoraproject.org:8443/"
 

+       verify_ssl: 'false'
 

+   x86_64:
 

+     - max_concurrent_builds: 2
 

+       name: x86_64
 

+       openshift_url: "https://osbs.fedoraproject.org/"
 

+       verify_ssl: 'false'
 

+ osbs_koji_username: "kojibuilder"
 

+ osbs_namespace: "osbs-fedora"
 

+ osbs_odcs_enabled: true
 

+ osbs_orchestrator_cpu_limitrange: "95m"
 

+ osbs_orchestrator_default_nodeselector: "orchestrator=true"
 

+ osbs_platform_descriptors:
 

+   - architecture: amd64
 

+     platform: x86_64
 

+   - architecture: arm64
 

+     platform: aarch64
 

+ osbs_reactor_config_maps:
 

+   - data: "{{ _osbs_reactor_config_map }}"
 

+     name: reactor-config-map
 

+   - data: >
 

+       {{ _osbs_reactor_config_map |
 

+ 

+          combine(_osbs_scratch_reactor_config_map_overrides, recursive=True) }}
 

+     name: reactor-config-map-scratch
 

+ osbs_url: "osbs.fedoraproject.org"
 

+ osbs_worker_default_nodeselector: "worker=true"
 

+ osbs_worker_namespace: worker
 

+ osbs_worker_service_accounts:
 

+   - orchestrator
 

+   - builder
 

+ source_registry: "registry.fedoraproject.org"
 

+ tcp_ports: [80, 443, 8443]

file modified
+112 -154 
@@ -1,176 +1,134 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 60000
 

- mem_size: 8192
 

- num_cpus: 2
 

- 

- 

- tcp_ports: [ 80, 443, 8443]
 

- 

- openshift_node_labels: {'region':'infra'}
 

- openshift_schedulable: False
 

- 

- docker_cert_dir: "/etc/docker/certs.d/candidate-registry.stg.fedoraproject.org"
 

- source_registry: "registry.fedoraproject.org"
 

- docker_registry: "candidate-registry.stg.fedoraproject.org"
 

- 

- osbs_url: "osbs.stg.fedoraproject.org"
 

- 

- koji_url: "koji.stg.fedoraproject.org"
 

- 

- osbs_client_conf_path: /etc/osbs.conf
 

- 

- osbs_namespace: "osbs-fedora"
 

- osbs_worker_namespace: worker
 

- 

- osbs_worker_service_accounts:
 

-   - orchestrator
 

-   - builder
 

- 

- 

- osbs_conf_sources_command: fedpkg sources
 

- 

- osbs_orchestrator_cpu_limitrange: "95m"
 

- 

- osbs_worker_default_nodeselector: "worker=true"
 

- osbs_orchestrator_default_nodeselector: "orchestrator=true"
 

- 

- osbs_conf_service_accounts:
 

-   - koji
 

-   - builder
 

- 

- osbs_conf_readwrite_users:
 

-   - "system:serviceaccount:{{ osbs_namespace }}:default"
 

-   - "system:serviceaccount:{{ osbs_namespace }}:builder"
 

- 

- osbs_conf_worker_clusters:
 

-   x86_64:
 

-   - name: x86_64
 

-     max_concurrent_builds: 2
 

-     openshift_url: "https://osbs-master01.stg.iad2.fedoraproject.org:8443"
 

-     verify_ssl: 'false'
 

- 

-   aarch64:
 

-   - name: aarch64
 

-     max_concurrent_builds: 1
 

-     openshift_url: "https://osbs-aarch64-master01.stg.iad2.fedoraproject.org:8443/"
 

-     verify_ssl: 'false'
 

- 

- osbs_platform_descriptors:
 

- - platform: x86_64
 

-   architecture: amd64
 

- 

- - platform: aarch64
 

-   architecture: arm64
 

- 

  _osbs_reactor_config_map:
 

-     version: 1
 

+   artifacts_allowed_domains: []
 

+   #- download.devel.redhat.com/released
 

+   #- download.devel.redhat.com/devel/candidates
 

  

-     clusters:
 

-       x86_64:
 

-       - name: "x86_64"
 

-         max_concurrent_builds: 2
 

-         enabled: True
 

- 

-       aarch64:
 

-       - name: "aarch64"
 

+   clusters:
 

+     aarch64:
 

+       - enabled: True
 

          max_concurrent_builds: 1
 

-         enabled: True
 

- 

-     clusters_client_config_dir: "/var/run/secrets/atomic-reactor/client-config-secret"
 

- 

-     koji:
 

-       hub_url: "https://koji{{ env_suffix }}.fedoraproject.org/kojihub"
 

-       root_url: "https://koji{{ env_suffix }}.fedoraproject.org/"
 

-       auth:
 

-         krb_principal: "osbs/{{osbs_url}}@{{ ipa_realm }}"
 

-         krb_keytab_path: "FILE:/etc/krb5.osbs_{{ osbs_url }}.keytab"
 

- 

-     odcs:
 

-         api_url: "https://odcs{{ env_suffix }}.fedoraproject.org/api/1"
 

-         auth:
 

-           openidc_dir: "/var/run/secrets/atomic-reactor/odcs-oidc-secret"
 

-         signing_intents:
 

-           - name: unsigned
 

-             keys: []
 

-         default_signing_intent: "unsigned"
 

- 

-     flatpak:
 

-         base_image: "registry.fedoraproject.org/flatpak-build-base:latest"
 

-         metadata: both
 

- 

-     image_labels:
 

-       vendor: "Fedora Project"
 

-       authoritative-source-url: "{{ source_registry }}"
 

-       distribution-scope: public
 

- 

-     image_equal_labels:
 

-       - ['description', 'io.k8s.description']
 

-     openshift:
 

-       url: "https://{{ osbs_url }}"
 

-       insecure: true
 

-       build_json_dir: /usr/share/osbs
 

-       auth:
 

-         enable: True
 

- 

-     platform_descriptors: "{{ osbs_platform_descriptors }}"
 

- 

-     prefer_schema1_digest: False
 

- 

-     content_versions:
 

+         name: "aarch64"
 

+     x86_64:
 

+       - enabled: True
 

+         max_concurrent_builds: 2
 

+         name: "x86_64"
 

+   clusters_client_config_dir: "/var/run/secrets/atomic-reactor/client-config-secret"
 

+   content_versions:
 

      - v2
 

- 

-     registries:
 

-     - url: https://candidate-registry.stg.fedoraproject.org/v2
 

-       insecure: False
 

-       auth:
 

+   flatpak:
 

+     base_image: "registry.fedoraproject.org/flatpak-build-base:latest"
 

+     metadata: both
 

+   group_manifests: True
 

+   image_equal_labels:
 

+     - ['description', 'io.k8s.description']
 

+   image_labels:
 

+     authoritative-source-url: "{{ source_registry }}"
 

+     distribution-scope: public
 

+     vendor: "Fedora Project"
 

+   koji:
 

+     auth:
 

+       krb_keytab_path: "FILE:/etc/krb5.osbs_{{ osbs_url }}.keytab"
 

+       krb_principal: "osbs/{{osbs_url}}@{{ ipa_realm }}"
 

+     hub_url: "https://koji{{ env_suffix }}.fedoraproject.org/kojihub"
 

+     root_url: "https://koji{{ env_suffix }}.fedoraproject.org/"
 

+   odcs:
 

+     api_url: "https://odcs{{ env_suffix }}.fedoraproject.org/api/1"
 

+     auth:
 

+       openidc_dir: "/var/run/secrets/atomic-reactor/odcs-oidc-secret"
 

+     default_signing_intent: "unsigned"
 

+     signing_intents:
 

+       - keys: []
 

+         name: unsigned
 

+   openshift:
 

+     auth:
 

+       enable: True
 

+     build_json_dir: /usr/share/osbs
 

+     insecure: true
 

+     url: "https://{{ osbs_url }}"
 

+   platform_descriptors: "{{ osbs_platform_descriptors }}"
 

+   prefer_schema1_digest: False
 

+   registries:
 

+     - auth:
 

          cfg_path: /var/run/secrets/atomic-reactor/v2-registry-dockercfg
 

- 

-     source_registry:
 

-       url: "{{ source_registry }}"
 

-       insecure: True
 

- 

-     group_manifests: True
 

- 

-     sources_command: "{{ osbs_conf_sources_command }}"
 

- 

-     artifacts_allowed_domains: []
 

-     #- download.devel.redhat.com/released
 

-     #- download.devel.redhat.com/devel/candidates
 

- 

-     required_secrets:
 

+       insecure: False
 

+       url: https://candidate-registry.stg.fedoraproject.org/v2
 

+   required_secrets:
 

      - v2-registry-dockercfg
 

      - odcs-oidc-secret
 

- 

-     worker_token_secrets:
 

+   skip_koji_check_for_base_image: True
 

+   source_registry:
 

+     insecure: True
 

+     url: "{{ source_registry }}"
 

+   sources_command: "{{ osbs_conf_sources_command }}"
 

+   version: 1
 

+   worker_token_secrets:
 

      - x86-64-orchestrator
 

      - aarch64-orchestrator
 

      - client-config-secret
 

- 

-     skip_koji_check_for_base_image: True
 

- 

  _osbs_scratch_reactor_config_map_overrides:
 

    image_labels:
 

      distribution-scope: private
 

- 

- osbs_reactor_config_maps:
 

- - name: reactor-config-map
 

-   data: "{{ _osbs_reactor_config_map }}"
 

- - name: reactor-config-map-scratch
 

-   data: >
 

-     {{ _osbs_reactor_config_map |
 

-        combine(_osbs_scratch_reactor_config_map_overrides, recursive=True) }}
 

- 

- osbs_odcs_enabled: true
 

- 

  #Docker command delegated host
 

  composer: compose-x86-01.stg.iad2.fedoraproject.org
 

- 

+ docker_cert_dir: "/etc/docker/certs.d/candidate-registry.stg.fedoraproject.org"
 

+ docker_registry: "candidate-registry.stg.fedoraproject.org"
 

+ koji_url: "koji.stg.fedoraproject.org"
 

+ lvm_size: 60000
 

+ mem_size: 8192
 

  # Nagios configuration
 

  nagios_Check_Services:
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

+   named: false
 

+   nrpe: true
 

+   sshd: true
 

    swap: false
 

+ num_cpus: 2
 

+ openshift_node_labels: {'region': 'infra'}
 

+ openshift_schedulable: False
 

+ osbs_client_conf_path: /etc/osbs.conf
 

+ osbs_conf_readwrite_users:
 

+   - "system:serviceaccount:{{ osbs_namespace }}:default"
 

+   - "system:serviceaccount:{{ osbs_namespace }}:builder"
 

+ osbs_conf_service_accounts:
 

+   - koji
 

+   - builder
 

+ osbs_conf_sources_command: fedpkg sources
 

+ osbs_conf_worker_clusters:
 

+   aarch64:
 

+     - max_concurrent_builds: 1
 

+       name: aarch64
 

+       openshift_url: "https://osbs-aarch64-master01.stg.iad2.fedoraproject.org:8443/"
 

+       verify_ssl: 'false'
 

+   x86_64:
 

+     - max_concurrent_builds: 2
 

+       name: x86_64
 

+       openshift_url: "https://osbs-master01.stg.iad2.fedoraproject.org:8443"
 

+       verify_ssl: 'false'
 

+ osbs_namespace: "osbs-fedora"
 

+ osbs_odcs_enabled: true
 

+ osbs_orchestrator_cpu_limitrange: "95m"
 

+ osbs_orchestrator_default_nodeselector: "orchestrator=true"
 

+ osbs_platform_descriptors:
 

+   - architecture: amd64
 

+     platform: x86_64
 

+   - architecture: arm64
 

+     platform: aarch64
 

+ osbs_reactor_config_maps:
 

+   - data: "{{ _osbs_reactor_config_map }}"
 

+     name: reactor-config-map
 

+   - data: >
 

+       {{ _osbs_reactor_config_map |
 

+ 

+          combine(_osbs_scratch_reactor_config_map_overrides, recursive=True) }}
 

+     name: reactor-config-map-scratch
 

+ osbs_url: "osbs.stg.fedoraproject.org"
 

+ osbs_worker_default_nodeselector: "worker=true"
 

+ osbs_worker_namespace: worker
 

+ osbs_worker_service_accounts:
 

+   - orchestrator
 

+   - builder
 

+ source_registry: "registry.fedoraproject.org"
 

+ tcp_ports: [80, 443, 8443]

file modified
+11 -17 
@@ -1,26 +1,20 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 60000
 

- mem_size: 8192
 

- num_cpus: 2
 

- 

- tcp_ports: [ 80, 443, 8443, 10250]
 

- 

  docker_cert_dir: "/etc/docker/certs.d/candidate-registry.fedoraproject.org"
 

  docker_registry: "candidate-registry.fedoraproject.org"
 

- source_registry: "registry.fedoraproject.org"
 

- 

- osbs_url: "osbs.fedoraproject.org"
 

- osbs_koji_username: "kojibuilder"
 

- 

  koji_url: "koji.fedoraproject.org"
 

- 

- osbs_client_conf_path: /etc/osbs.conf
 

- 

+ lvm_size: 60000
 

+ mem_size: 8192
 

  nagios_Check_Services:
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

+   named: false
 

+   nrpe: true
 

+   sshd: true
 

    swap: false
 

+ num_cpus: 2
 

+ osbs_client_conf_path: /etc/osbs.conf
 

+ osbs_koji_username: "kojibuilder"
 

+ osbs_url: "osbs.fedoraproject.org"
 

+ source_registry: "registry.fedoraproject.org"
 

+ tcp_ports: [80, 443, 8443, 10250]

file modified
+6 -9 
@@ -2,16 +2,13 @@
 

  # Define resources for this group of hosts here.
 

  lvm_size: 60000
 

  mem_size: 8192
 

- num_cpus: 2
 

- 

- tcp_ports: [ 80, 443, 8443, 10250]
 

- 

- openshift_node_labels: {'region': 'primary', 'zone': 'default'}
 

- 

  nagios_Check_Services:
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

+   named: false
 

+   nrpe: true
 

+   sshd: true
 

    swap: false
 

+ num_cpus: 2
 

+ openshift_node_labels: {'region': 'primary', 'zone': 'default'}
 

+ tcp_ports: [80, 443, 8443, 10250]

file modified
+24 -36 
@@ -1,45 +1,33 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 60000
 

- mem_size: 8192
 

- num_cpus: 2
 

- 

- tcp_ports: [ 80, 443, 8443]
 

- 

- ipa_host_group: osbs
 

- ipa_host_group_desc: OpenShift Build Service
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-osbs
 

- - sysadmin-releng
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-osbs
 

- - sysadmin-releng
 

- 

+ baseiptables: False
 

  docker_cert_dir: "/etc/docker/certs.d/candidate-registry.stg.fedoraproject.org"
 

- source_registry: "registry.fedoraproject.org"
 

  docker_registry: "candidate-registry.stg.fedoraproject.org"
 

- 

- osbs_url: "osbs.stg.fedoraproject.org"
 

- osbs_koji_username: "kojibuilder_stg"
 

- 

+ # fedora container images required by buildroot
 

+ fedora_required_images:
 

+   - "fedora:latest"
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-osbs
 

+   - sysadmin-releng
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-osbs
 

+   - sysadmin-releng
 

+ ipa_host_group: osbs
 

+ ipa_host_group_desc: OpenShift Build Service
 

  koji_url: "koji.stg.fedoraproject.org"
 

- 

- osbs_client_conf_path: /etc/osbs.conf
 

- 

- baseiptables: False
 

- 

+ lvm_size: 60000
 

+ mem_size: 8192
 

+ nm_controlled_resolv: True
 

+ num_cpus: 2
 

  openshift_ansible_upgrading: True
 

- 

  # docker images required by OpenShift Origin
 

  openshift_required_images:
 

    - "openshift/origin-pod"
 

- 

- # fedora container images required by buildroot
 

- fedora_required_images:
 

-   - "fedora:latest"
 

- 

- nm_controlled_resolv: True
 

- 

+ osbs_client_conf_path: /etc/osbs.conf
 

+ osbs_koji_username: "kojibuilder_stg"
 

+ osbs_url: "osbs.stg.fedoraproject.org"
 

+ source_registry: "registry.fedoraproject.org"
 

+ tcp_ports: [80, 443, 8443]

file modified
+28 -35 
@@ -1,42 +1,35 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 100000
 

- mem_size: 8192
 

- max_mem_size: 8192
 

- num_cpus: 4
 

- 

- tcp_ports: [ 80, 443,
 

-     # This is for glusterd
 

-     6996,
 

-     # These 16 ports are used by fedmsg.  One for each wsgi thread.
 

-     3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
 

-     3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
 

- 

  # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: packages
 

- ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-packages
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- ipa_client_sudo_groups:
 

- - sysadmin-noc
 

- - sysadmin-packages
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

  freezes: false
 

- pythonsitelib: /usr/lib/python2.7/site-packages
 

- 

+ ipa_client_shell_groups:
 

+   - sysadmin-noc
 

+   - sysadmin-packages
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-noc
 

+   - sysadmin-packages
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_host_group: packages
 

+ lvm_size: 100000
 

+ max_mem_size: 8192
 

+ mem_size: 8192
 

  nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 

+ num_cpus: 4
 

+ primary_auth_source: ipa
 

+ pythonsitelib: /usr/lib/python2.7/site-packages
 

+ tcp_ports: [80, 443,
 

+   # This is for glusterd
 

+   6996,
 

+   # These 16 ports are used by fedmsg.  One for each wsgi thread.
 

+   3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

file modified
+23 -29 
@@ -1,35 +1,29 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 80000
 

- mem_size: 4096
 

- num_cpus: 4
 

- 

- tcp_ports: [ 80, 443,
 

-     # These 16 ports are used by fedmsg.  One for each wsgi thread.
 

-     3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
 

-     3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
 

- 

  # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

- ipa_host_group: packages
 

- ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-packages
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- ipa_client_sudo_groups:
 

- - sysadmin-noc
 

- - sysadmin-packages
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+ ipa_client_shell_groups:
 

+   - sysadmin-noc
 

+   - sysadmin-packages
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-noc
 

+   - sysadmin-packages
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_host_group: packages
 

+ lvm_size: 80000
 

+ mem_size: 4096
 

+ num_cpus: 4
 

  pythonsitelib: /usr/lib/python2.7/site-packages
 

+ tcp_ports: [80, 443,
 

+   # These 16 ports are used by fedmsg.  One for each wsgi thread.
 

+   3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

file modified
+75 -86 
@@ -1,98 +1,87 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 750000
 

- mem_size: 49152
 

- max_mem_size: 131072
 

- num_cpus: 16
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

+ csi_primary_contact: Fedora admins - admin@fedoraproject.org
 

+ csi_purpose: Run the pagure instances for fedora
 

+ csi_relationship: |
 

+   There are a few things running here:
 

  

- tcp_ports: [ 22, 25, 80, 443,
 

-     8442, 8443, 8444, 8445,
 

-     # Used for the eventsource
 

-     8088,
 

-     # This is for the pagure public fedmsg relay
 

-     9940]
 

+   - The apache/mod_wsgi app for pagure
 

  

- stunnel_service: "eventsource"
 

- stunnel_source_port: 8088
 

- stunnel_destination_port: 8080
 

- 

- sshd_config: ssh/sshd_config.pagure
 

- sshd_keyhelper: true
 

+   - This host relies on:
 

+     - A postgres db server running locally
 

  

+   - Things that rely on this host:
 

+     - nothing currently
 

+ # For the MOTD
 

+ csi_security_category: Low
 

+ db_backup_dir: ['/backups']
 

+ dbs_to_backup: ['pagure']
 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: pagure
 

-   owner: git
 

-   group: apache
 

-   can_send:
 

-   - pagure.git.receive
 

-   - pagure.issue.assigned.added
 

-   - pagure.issue.assigned.reset
 

-   - pagure.issue.comment.added
 

-   - pagure.issue.comment.edited
 

-   - pagure.issue.dependency.added
 

-   - pagure.issue.dependency.removed
 

-   - pagure.issue.drop
 

-   - pagure.issue.edit
 

-   - pagure.issue.new
 

-   - pagure.issue.tag.added
 

-   - pagure.issue.tag.removed
 

-   - pagure.project.deleted
 

-   - pagure.project.edit
 

-   - pagure.project.forked
 

-   - pagure.project.group.added
 

-   - pagure.project.new
 

-   - pagure.project.tag.edited
 

-   - pagure.project.tag.removed
 

-   - pagure.project.user.access.updated
 

-   - pagure.project.user.added
 

-   - pagure.pull-request.closed
 

-   - pagure.pull-request.comment.added
 

-   - pagure.pull-request.flag.added
 

-   - pagure.pull-request.flag.updated
 

-   - pagure.pull-request.new
 

-   - pagure.request.assigned.added
 

- 

- fedmsg_prefix: io.pagure
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - pagure.git.receive
 

+       - pagure.issue.assigned.added
 

+       - pagure.issue.assigned.reset
 

+       - pagure.issue.comment.added
 

+       - pagure.issue.comment.edited
 

+       - pagure.issue.dependency.added
 

+       - pagure.issue.dependency.removed
 

+       - pagure.issue.drop
 

+       - pagure.issue.edit
 

+       - pagure.issue.new
 

+       - pagure.issue.tag.added
 

+       - pagure.issue.tag.removed
 

+       - pagure.project.deleted
 

+       - pagure.project.edit
 

+       - pagure.project.forked
 

+       - pagure.project.group.added
 

+       - pagure.project.new
 

+       - pagure.project.tag.edited
 

+       - pagure.project.tag.removed
 

+       - pagure.project.user.access.updated
 

+       - pagure.project.user.added
 

+       - pagure.pull-request.closed
 

+       - pagure.pull-request.comment.added
 

+       - pagure.pull-request.flag.added
 

+       - pagure.pull-request.flag.updated
 

+       - pagure.pull-request.new
 

+       - pagure.request.assigned.added
 

+     group: apache
 

+     owner: git
 

+     service: pagure
 

  fedmsg_env: prod
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: pagure
 

- ipa_host_group_desc: Pagure GIT Forge
 

+ fedmsg_prefix: io.pagure
 

+ freezes: true
 

+ host_backup_targets: ['/srv/git', '/var/www/releases']
 

  ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-web
 

- - sysadmin-veteran
 

+   - sysadmin-noc
 

+   - sysadmin-web
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-web
 

- 

- freezes: true
 

+   - sysadmin-web
 

+ ipa_host_group: pagure
 

+ ipa_host_group_desc: Pagure GIT Forge
 

+ lvm_size: 750000
 

+ max_mem_size: 131072
 

+ mem_size: 49152
 

+ num_cpus: 16
 

  postfix_group: vpn.pagure
 

+ primary_auth_source: ipa
 

+ sshd_config: ssh/sshd_config.pagure
 

+ sshd_keyhelper: true
 

+ stunnel_destination_port: 8080
 

+ stunnel_service: "eventsource"
 

+ stunnel_source_port: 8088
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [22, 25, 80, 443, 8442, 8443, 8444, 8445,
 

+   # Used for the eventsource
 

+   8088,
 

+   # This is for the pagure public fedmsg relay
 

+   9940]
 

  vpn: true
 

- 

- host_backup_targets: ['/srv/git', '/var/www/releases']
 

- db_backup_dir: ['/backups']
 

- dbs_to_backup: ['pagure']
 

- 

- # For the MOTD
 

- csi_security_category: Low
 

- csi_primary_contact: Fedora admins - admin@fedoraproject.org
 

- csi_purpose: Run the pagure instances for fedora
 

- csi_relationship: |
 

-     There are a few things running here:
 

- 

-     - The apache/mod_wsgi app for pagure
 

- 

-     - This host relies on:
 

-       - A postgres db server running locally
 

- 

-     - Things that rely on this host:
 

-       - nothing currently

file modified
+76 -86 
@@ -1,100 +1,90 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 50000
 

- mem_size: 8192
 

- num_cpus: 4
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- tcp_ports: [ 22, 25, 80, 443, 9418,
 

-     # Used for the eventsource server
 

-     8088,
 

-     # This is for the pagure public fedmsg relay
 

-     9940]
 

+ csi_primary_contact: Fedora admins - admin@fedoraproject.org
 

+ csi_purpose: Run the pagure instances for fedora
 

+ csi_relationship: |
 

+   There are a few things running here:
 

  

- stunnel_service: "eventsource"
 

- stunnel_source_port: 8088
 

- stunnel_destination_port: 8080
 

+   - The apache/mod_wsgi app for pagure
 

  

- sshd_config: ssh/sshd_config.pagure
 

- sshd_keyhelper: true
 

+   - This host relies on:
 

+     - A postgres db server running locally
 

  

+   - Things that rely on this host:
 

+     - nothing currently
 

+ # For the MOTD
 

+ csi_security_category: Low
 

+ env: pagure-staging
 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: pagure
 

-   owner: git
 

-   group: apache
 

-   can_send:
 

-   - pagure.git.receive
 

-   - pagure.issue.assigned.added
 

-   - pagure.issue.assigned.reset
 

-   - pagure.issue.comment.added
 

-   - pagure.issue.comment.edited
 

-   - pagure.issue.dependency.added
 

-   - pagure.issue.dependency.removed
 

-   - pagure.issue.drop
 

-   - pagure.issue.edit
 

-   - pagure.issue.new
 

-   - pagure.issue.tag.added
 

-   - pagure.issue.tag.removed
 

-   - pagure.project.deleted
 

-   - pagure.project.edit
 

-   - pagure.project.forked
 

-   - pagure.project.group.added
 

-   - pagure.project.new
 

-   - pagure.project.tag.edited
 

-   - pagure.project.tag.removed
 

-   - pagure.project.user.access.updated
 

-   - pagure.project.user.added
 

-   - pagure.pull-request.closed
 

-   - pagure.pull-request.comment.added
 

-   - pagure.pull-request.flag.added
 

-   - pagure.pull-request.flag.updated
 

-   - pagure.pull-request.new
 

-   - pagure.request.assigned.added
 

- 

- fedmsg_prefix: io.pagure
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - pagure.git.receive
 

+       - pagure.issue.assigned.added
 

+       - pagure.issue.assigned.reset
 

+       - pagure.issue.comment.added
 

+       - pagure.issue.comment.edited
 

+       - pagure.issue.dependency.added
 

+       - pagure.issue.dependency.removed
 

+       - pagure.issue.drop
 

+       - pagure.issue.edit
 

+       - pagure.issue.new
 

+       - pagure.issue.tag.added
 

+       - pagure.issue.tag.removed
 

+       - pagure.project.deleted
 

+       - pagure.project.edit
 

+       - pagure.project.forked
 

+       - pagure.project.group.added
 

+       - pagure.project.new
 

+       - pagure.project.tag.edited
 

+       - pagure.project.tag.removed
 

+       - pagure.project.user.access.updated
 

+       - pagure.project.user.added
 

+       - pagure.pull-request.closed
 

+       - pagure.pull-request.comment.added
 

+       - pagure.pull-request.flag.added
 

+       - pagure.pull-request.flag.updated
 

+       - pagure.pull-request.new
 

+       - pagure.request.assigned.added
 

+     group: apache
 

+     owner: git
 

+     service: pagure
 

  fedmsg_env: stg
 

- 

- ipa_host_group: pagure
 

- ipa_host_group_desc: Pagure GIT Forge
 

- ipa_client_shell_groups:
 

- - sysadmin-noc
 

- - sysadmin-web
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-web
 

- 

+ fedmsg_prefix: io.pagure
 

  freezes: false
 

- env: pagure-staging
 

- postfix_group: vpn.pagure-stg
 

- vpn: true
 

- 

+ git_basepath: /srv/git/repositories
 

+ git_daemon_user: git
 

  # Configuration for the git-daemon/server
 

  git_group: git
 

  git_port: 9418
 

  git_server: /usr/libexec/git-core/git-daemon
 

  git_server_args: --export-all --syslog --inetd --verbose
 

- git_basepath: /srv/git/repositories
 

- git_daemon_user: git
 

- 

- # For the MOTD
 

- csi_security_category: Low
 

- csi_primary_contact: Fedora admins - admin@fedoraproject.org
 

- csi_purpose: Run the pagure instances for fedora
 

- csi_relationship: |
 

-     There are a few things running here:
 

- 

-     - The apache/mod_wsgi app for pagure
 

- 

-     - This host relies on:
 

-       - A postgres db server running locally
 

- 

-     - Things that rely on this host:
 

-       - nothing currently
 

+ ipa_client_shell_groups:
 

+   - sysadmin-noc
 

+   - sysadmin-web
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-web
 

+ ipa_host_group: pagure
 

+ ipa_host_group_desc: Pagure GIT Forge
 

+ lvm_size: 50000
 

+ mem_size: 8192
 

+ num_cpus: 4
 

+ postfix_group: vpn.pagure-stg
 

+ sshd_config: ssh/sshd_config.pagure
 

+ sshd_keyhelper: true
 

+ stunnel_destination_port: 8080
 

+ stunnel_service: "eventsource"
 

+ stunnel_source_port: 8088
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [22, 25, 80, 443, 9418,
 

+   # Used for the eventsource server
 

+   8088,
 

+   # This is for the pagure public fedmsg relay
 

+   9940]
 

+ vpn: true

file modified
+32 -40 
@@ -1,50 +1,42 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ deployment_type: prod
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - pdc.compose
 

+       - pdc.rpms
 

+       - pdc.images
 

+     group: apache
 

+     owner: root
 

+     service: pdc
 

+ ipa_client_shell_groups:
 

+   - sysadmin-mbs
 

+   - sysadmin-noc
 

+   - sysadmin-releng
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-mbs
 

+   - sysadmin-releng
 

+ ipa_host_group: pdc-web
 

+ ipa_host_group_desc: Product Definition Center web app
 

  lvm_size: 20000
 

  mem_size: 8192
 

+ nagios_Check_Services:
 

+   swap: false
 

  num_cpus: 2
 

- 

+ # This just defines the CN of the saml2 cert we pull from the private repo
 

+ # Don't be confused.  The app is actually served at apps.stg.fp.o/pdc
 

+ pdc_domain: pdc.fedoraproject.org
 

+ primary_auth_source: ipa
 

+ tcp_ports: [80]
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

  wsgi_fedmsg_service: pdc
 

  wsgi_procs: 3
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: pdc-web
 

- ipa_host_group_desc: Product Definition Center web app
 

- ipa_client_shell_groups:
 

- - sysadmin-mbs
 

- - sysadmin-noc
 

- - sysadmin-releng
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-mbs
 

- - sysadmin-releng
 

- 

- deployment_type: prod
 

- 

- # This just defines the CN of the saml2 cert we pull from the private repo
 

- # Don't be confused.  The app is actually served at apps.stg.fp.o/pdc
 

- pdc_domain: pdc.fedoraproject.org
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: pdc
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - pdc.compose
 

-   - pdc.rpms
 

-   - pdc.images
 

- 

- nagios_Check_Services:
 

-   swap: false

file modified
+29 -36 
@@ -1,46 +1,39 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ deployment_type: stg
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - pdc.compose
 

+       - pdc.rpms
 

+       - pdc.images
 

+     group: apache
 

+     owner: root
 

+     service: pdc
 

+ ipa_client_shell_groups:
 

+   - sysadmin-mbs
 

+   - sysadmin-noc
 

+   - sysadmin-releng
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-mbs
 

+   - sysadmin-releng
 

+ ipa_host_group: pdc-web
 

+ ipa_host_group_desc: Product Definition Center web app
 

  lvm_size: 20000
 

  mem_size: 4098
 

  num_cpus: 1
 

- 

+ # This just defines the CN of the saml2 cert we pull from the private repo
 

+ # Don't be confused.  The app is actually served at apps.stg.fp.o/pdc
 

+ pdc_domain: pdc.stg.fedoraproject.org
 

+ tcp_ports: [80]
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

  wsgi_fedmsg_service: pdc
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]
 

- 

- ipa_host_group: pdc-web
 

- ipa_host_group_desc: Product Definition Center web app
 

- ipa_client_shell_groups:
 

- - sysadmin-mbs
 

- - sysadmin-noc
 

- - sysadmin-releng
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-mbs
 

- - sysadmin-releng
 

- 

- deployment_type: stg
 

- 

- # This just defines the CN of the saml2 cert we pull from the private repo
 

- # Don't be confused.  The app is actually served at apps.stg.fp.o/pdc
 

- pdc_domain: pdc.stg.fedoraproject.org
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: pdc
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - pdc.compose
 

-   - pdc.rpms
 

-   - pdc.images

file modified
+32 -43 
@@ -1,57 +1,46 @@
 

  ---
 

+ blocked_ips: []
 

  clamscan_mailto: admin@fedoraproject.org
 

  clamscan_paths:
 

- - /srv/
 

+   - /srv/
 

+ csi_primary_contact: Fedora admins - admin@fedoraproject.org
 

+ csi_purpose: Provide hosting space for Fedora contributors and Fedora Planet
 

+ csi_relationship: |
 

+   - shell accounts and web space for fedora contributors
 

+   - web space for personal yum repos
 

+   - shared space for small group/personal git repos
 

  

+    Please be aware that this is a shared server, and you should not upload
 

+    Private/Secret SSH or GPG keys onto this system. Any such keys found
 

+    will be deleted.
 

+ # For the MOTD
 

+ csi_security_category: Low
 

  # Neeed for rsync from log01 for logs.
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 

- 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT']
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - planet.post.new
 

+     group: planet-user
 

+     owner: root
 

+     service: planet
 

+ git_basepath: /
 

+ git_daemon_user: nobody
 

  git_port: 9418
 

  git_server: /usr/libexec/git-core/git-daemon
 

  git_server_args: --export-all --syslog --inetd --verbose
 

- git_basepath: /
 

- git_daemon_user: nobody
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: people
 

- ipa_host_group_desc: A place for people to host things
 

  # fedora-contributors is an umbrella group containing all others
 

  ipa_client_shell_groups:
 

- - fedora-contributor
 

+   - fedora-contributor
 

  ipa_client_sudo_groups:
 

- - sysadmin-tools
 

- 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: planet
 

-   owner: root
 

-   group: planet-user
 

-   can_send:
 

-   - planet.post.new
 

- 

+   - sysadmin-tools
 

+ ipa_host_group: people
 

+ ipa_host_group_desc: A place for people to host things
 

+ primary_auth_source: ipa
 

  # enable sftp for cotributors.
 

  sshd_sftp: true
 

- 

  vpn: true
 

- 

- # For the MOTD
 

- csi_security_category: Low
 

- csi_primary_contact: Fedora admins - admin@fedoraproject.org
 

- csi_purpose: Provide hosting space for Fedora contributors and Fedora Planet
 

- 

- csi_relationship: |
 

-  - shell accounts and web space for fedora contributors
 

-  - web space for personal yum repos
 

-  - shared space for small group/personal git repos
 

- 

-   Please be aware that this is a shared server, and you should not upload
 

-   Private/Secret SSH or GPG keys onto this system. Any such keys found
 

-   will be deleted.
 

- 

- blocked_ips: [
 

- ]
 

-

file modified
+1 -1 
@@ -1,3 +1,3 @@
 

  ---
 

- freezes: false
 

  datacenter: cloud
 

+ freezes: false

file modified
+88 -95 
@@ -1,102 +1,95 @@
 

  ---
 

- lvm_size: 500000
 

- mem_size: 16384
 

- max_mem_size:  32768
 

- num_cpus: 8
 

- 

- tcp_ports: [ 80, 443 ]
 

- 

+ clamscan_excludes:
 

+   - clamav-
 

+   - amavisd-new-2.3.3.tar.gz
 

+   - bro-20080804.tgz
 

+   - mailman-
 

+   - sagator-
 

+   - nicotine
 

+   - fwsnort-1.0.6.tar.gz
 

+   - psad-2.1.7.tar.bz2
 

+   - pymilter-
 

+   - linkchecker-
 

+   - julia-0.3.7.tar.gz
 

+   - jbossws-cxf-5.1.5.Final.zip
 

+   - wss4j-2.1.5-source-release.zip
 

+   - python-impacket-0.9.14-67fc19e.tar.gz
 

+   - gdk-pixbuf-
 

+ clamscan_mailto: admin@fedoraproject.org
 

+ clamscan_paths:
 

+   - /srv/cache/lookaside/pkgs
 

  # We have both celery (pagure_worker) and web thread wanting to send out fedmsg's.
 

  # To make things easy on the listening side (so avoid contention of binding ports), let's set the pkgs boxes to active fedmsg.
 

  fedmsg_active: True
 

- 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - git.branch
 

+       - git.mass_branch.complete
 

+       - git.mass_branch.start
 

+       - logger.log
 

+       - pagure.git.receive
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - git.receive
 

+       - pagure.git.receive
 

+     group: packager
 

+     owner: root
 

+     service: scm
 

+   - can_send:
 

+       - git.lookaside.new
 

+     group: apache
 

+     owner: root
 

+     service: lookaside
 

+   - can_send:
 

+       - pagure.git.receive
 

+       - pagure.issue.assigned.added
 

+       - pagure.issue.assigned.reset
 

+       - pagure.issue.comment.added
 

+       - pagure.issue.dependency.added
 

+       - pagure.issue.dependency.removed
 

+       - pagure.issue.edit
 

+       - pagure.issue.new
 

+       - pagure.issue.tag.added
 

+       - pagure.issue.tag.removed
 

+       - pagure.project.edit
 

+       - pagure.project.forked
 

+       - pagure.project.group.added
 

+       - pagure.project.new
 

+       - pagure.project.tag.edited
 

+       - pagure.project.tag.removed
 

+       - pagure.project.user.added
 

+       - pagure.project.user.removed
 

+       - pagure.pull-request.closed
 

+       - pagure.pull-request.comment.added
 

+       - pagure.pull-request.comment.edited
 

+       - pagure.pull-request.flag.added
 

+       - pagure.pull-request.flag.updated
 

+       - pagure.pull-request.new
 

+       - pagure.request.assigned.added
 

+     group: apache
 

+     owner: pagure
 

+     service: pagure
 

+ ipa_client_shell_groups:
 

+   - packager
 

+   - sysadmin-cvs
 

+   - sysadmin-main
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-cvs
 

+   - sysadmin-main
 

+ ipa_host_group: pkgs
 

+ lvm_size: 500000
 

+ max_mem_size: 32768
 

+ mem_size: 16384
 

+ num_cpus: 8
 

+ pagure_static_uid: 600
 

+ primary_auth_source: ipa
 

+ sshd_keyhelper: true
 

+ tcp_ports: [80, 443]
 

  # There vars are used to configure mod_wsgi
 

  wsgi_procs: 6
 

  wsgi_threads: 6
 

- 

- pagure_static_uid: 600
 

- sshd_keyhelper: true
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: pkgs
 

- ipa_client_shell_groups:
 

- - packager
 

- - sysadmin-cvs
 

- - sysadmin-main
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-cvs
 

- - sysadmin-main
 

- 

- clamscan_mailto: admin@fedoraproject.org
 

- clamscan_paths:
 

- - /srv/cache/lookaside/pkgs
 

- clamscan_excludes:
 

- - clamav-
 

- - amavisd-new-2.3.3.tar.gz
 

- - bro-20080804.tgz
 

- - mailman-
 

- - sagator-
 

- - nicotine
 

- - fwsnort-1.0.6.tar.gz
 

- - psad-2.1.7.tar.bz2
 

- - pymilter-
 

- - linkchecker-
 

- - julia-0.3.7.tar.gz
 

- - jbossws-cxf-5.1.5.Final.zip
 

- - wss4j-2.1.5-source-release.zip
 

- - python-impacket-0.9.14-67fc19e.tar.gz
 

- - gdk-pixbuf-
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - git.branch
 

-   - git.mass_branch.complete
 

-   - git.mass_branch.start
 

-   - logger.log
 

-   - pagure.git.receive
 

- - service: scm
 

-   owner: root
 

-   group: packager
 

-   can_send:
 

-   - git.receive
 

-   - pagure.git.receive
 

- - service: lookaside
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - git.lookaside.new
 

- - service: pagure
 

-   owner: pagure
 

-   group: apache
 

-   can_send:
 

-   - pagure.git.receive
 

-   - pagure.issue.assigned.added
 

-   - pagure.issue.assigned.reset
 

-   - pagure.issue.comment.added
 

-   - pagure.issue.dependency.added
 

-   - pagure.issue.dependency.removed
 

-   - pagure.issue.edit
 

-   - pagure.issue.new
 

-   - pagure.issue.tag.added
 

-   - pagure.issue.tag.removed
 

-   - pagure.project.edit
 

-   - pagure.project.forked
 

-   - pagure.project.group.added
 

-   - pagure.project.new
 

-   - pagure.project.tag.edited
 

-   - pagure.project.tag.removed
 

-   - pagure.project.user.added
 

-   - pagure.project.user.removed
 

-   - pagure.pull-request.closed
 

-   - pagure.pull-request.comment.added
 

-   - pagure.pull-request.comment.edited
 

-   - pagure.pull-request.flag.added
 

-   - pagure.pull-request.flag.updated
 

-   - pagure.pull-request.new
 

-   - pagure.request.assigned.added

file modified
+87 -94 
@@ -1,101 +1,94 @@
 

  ---
 

+ clamscan_excludes:
 

+   - clamav-
 

+   - amavisd-new-2.3.3.tar.gz
 

+   - bro-20080804.tgz
 

+   - mailman-
 

+   - sagator-
 

+   - nicotine
 

+   - fwsnort-1.0.6.tar.gz
 

+   - psad-2.1.7.tar.bz2
 

+   - pymilter-
 

+   - linkchecker-
 

+   - julia-0.3.7.tar.gz
 

+ clamscan_mailto: admin@fedoraproject.org
 

+ clamscan_paths:
 

+   - /srv/cache/lookaside/pkgs
 

+ # We have both celery (pagure_worker) and web thread wanting to send out fedmsg's.
 

+ # To make things easy on the listening side (so avoid contention of binding ports), let's set the pkgs boxes to active fedmsg.
 

+ fedmsg_active: True
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+       - git.branch
 

+       - git.mass_branch.complete
 

+       - git.mass_branch.start
 

+       - pagure.git.receive
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - git.branch
 

+       - git.mass_branch.complete
 

+       - git.mass_branch.start
 

+       - git.receive
 

+       - pagure.git.receive
 

+     group: packager
 

+     owner: root
 

+     service: scm
 

+   - can_send:
 

+       - git.lookaside.new
 

+     group: apache
 

+     owner: root
 

+     service: lookaside
 

+   - can_send:
 

+       - pagure.git.receive
 

+       - pagure.issue.assigned.added
 

+       - pagure.issue.assigned.reset
 

+       - pagure.issue.comment.added
 

+       - pagure.issue.dependency.added
 

+       - pagure.issue.dependency.removed
 

+       - pagure.issue.edit
 

+       - pagure.issue.new
 

+       - pagure.issue.tag.added
 

+       - pagure.issue.tag.removed
 

+       - pagure.project.edit
 

+       - pagure.project.forked
 

+       - pagure.project.group.added
 

+       - pagure.project.new
 

+       - pagure.project.tag.edited
 

+       - pagure.project.tag.removed
 

+       - pagure.project.user.added
 

+       - pagure.project.user.removed
 

+       - pagure.pull-request.closed
 

+       - pagure.pull-request.comment.added
 

+       - pagure.pull-request.comment.edited
 

+       - pagure.pull-request.flag.added
 

+       - pagure.pull-request.flag.updated
 

+       - pagure.pull-request.new
 

+       - pagure.request.assigned.added
 

+     group: apache
 

+     owner: pagure
 

+     service: pagure
 

+ ipa_client_shell_groups:
 

+   - packager
 

+   - sysadmin-cvs
 

+   - sysadmin-main
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-cvs
 

+   - sysadmin-main
 

+ ipa_host_group: pkgs
 

  lvm_size: 500000
 

+ max_mem_size: 32768
 

  mem_size: 16384
 

- max_mem_size:  32768
 

  num_cpus: 8
 

- 

- tcp_ports: [ 80, 443, 8444, 8443, 8445 ]
 

- # There vars are used to configure mod_wsgi
 

- wsgi_procs: 4
 

- wsgi_threads: 4
 

- 

  pagure_static_uid: 600
 

- 

  # Configures ssh for git@ user
 

  sshd_keyhelper: true
 

- 

- # We have both celery (pagure_worker) and web thread wanting to send out fedmsg's.
 

- # To make things easy on the listening side (so avoid contention of binding ports), let's set the pkgs boxes to active fedmsg.
 

- fedmsg_active: True
 

- 

- ipa_host_group: pkgs
 

- ipa_client_shell_groups:
 

- - packager
 

- - sysadmin-cvs
 

- - sysadmin-main
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- ipa_client_sudo_groups:
 

- - sysadmin-cvs
 

- - sysadmin-main
 

- 

- clamscan_mailto: admin@fedoraproject.org
 

- clamscan_paths:
 

- - /srv/cache/lookaside/pkgs
 

- clamscan_excludes:
 

- - clamav-
 

- - amavisd-new-2.3.3.tar.gz
 

- - bro-20080804.tgz
 

- - mailman-
 

- - sagator-
 

- - nicotine
 

- - fwsnort-1.0.6.tar.gz
 

- - psad-2.1.7.tar.bz2
 

- - pymilter-
 

- - linkchecker-
 

- - julia-0.3.7.tar.gz
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

-   - git.branch
 

-   - git.mass_branch.complete
 

-   - git.mass_branch.start
 

-   - pagure.git.receive
 

- - service: scm
 

-   owner: root
 

-   group: packager
 

-   can_send:
 

-   - git.branch
 

-   - git.mass_branch.complete
 

-   - git.mass_branch.start
 

-   - git.receive
 

-   - pagure.git.receive
 

- - service: lookaside
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - git.lookaside.new
 

- - service: pagure
 

-   owner: pagure
 

-   group: apache
 

-   can_send:
 

-   - pagure.git.receive
 

-   - pagure.issue.assigned.added
 

-   - pagure.issue.assigned.reset
 

-   - pagure.issue.comment.added
 

-   - pagure.issue.dependency.added
 

-   - pagure.issue.dependency.removed
 

-   - pagure.issue.edit
 

-   - pagure.issue.new
 

-   - pagure.issue.tag.added
 

-   - pagure.issue.tag.removed
 

-   - pagure.project.edit
 

-   - pagure.project.forked
 

-   - pagure.project.group.added
 

-   - pagure.project.new
 

-   - pagure.project.tag.edited
 

-   - pagure.project.tag.removed
 

-   - pagure.project.user.added
 

-   - pagure.project.user.removed
 

-   - pagure.pull-request.closed
 

-   - pagure.pull-request.comment.added
 

-   - pagure.pull-request.comment.edited
 

-   - pagure.pull-request.flag.added
 

-   - pagure.pull-request.flag.updated
 

-   - pagure.pull-request.new
 

-   - pagure.request.assigned.added
 

+ tcp_ports: [80, 443, 8444, 8443, 8445]
 

+ # There vars are used to configure mod_wsgi
 

+ wsgi_procs: 4
 

+ wsgi_threads: 4

file modified
+87 -146 
@@ -1,156 +1,97 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ blocked_ip_v6: []
 

+ blocked_ips: ['14.102.69.78', '104.219.54.236', '103.38.177.2', '110.172.140.98', '183.80.131.253', '113.190.178.137', '115.76.39.108', '116.109.31.204', '209.64.155.56']
 

+ collectd_apache: true
 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Provides frontend (reverse) proxy for most web applications
 

+ csi_relationship: |
 

+   Using Apache -> haproxy, these hosts contact app servers and
 

+       other various hosts to provide web applications at sites like
 

+       fedoraproject.org and admin.fedoraproject.org.  The proxy servers are
 

+       balanced via dns and geoIP and are spread all over the place.
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ custom_rules: [
 

+   # Need for rsync from log01 for logs.
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 209.132.181.102 --dport 873 -j ACCEPT',
 

+   # allow varnish from localhost
 

+   '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6081 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6082 -j ACCEPT',
 

+   # also allow varnish from internal for purge requests
 

+   '-A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 6081 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.0/24 --dport 6081 -j ACCEPT',
 

+   # Allow happinesspackets.fedorainfracloud.org to talk to inbound fedmsg relay.
 

+   '-A INPUT -p tcp -m tcp --dport 9941 -s 209.132.184.58 -j ACCEPT',
 

+   # Allow openqa01 to talk to the inbound fedmsg relay.
 

+   '-A INPUT -p tcp -m tcp --dport 9941 -s 10.3.174.0/24 -j ACCEPT',
 

+   # For Zanata
 

+   # See files/httpd/website_id_fp_o_zanata.conf for info
 

+   '-A INPUT -p tcp -m tcp --dport 44342 -s 209.132.183.252 -j ACCEPT',
 

+   # Allow ocp control plane hosts
 

+   '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.35 -j ACCEPT', # batcave01
 

+   '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.120 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.121 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.122 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.123 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.124 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.125 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.126 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.65 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.120 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.121 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.122 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.123 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.124 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.125 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.126 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.65 -j ACCEPT']
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-web
 

+ ipa_host_group: proxies
 

+ ipa_host_group_desc: Proxies between internal hosts and the Internet
 

  lvm_size: 50000
 

- mem_size: 8192
 

- num_cpus: 6
 

- 

  # This is used in the httpd.conf to determine the value for serverlimit and
 

  # maxrequestworkers. On 8gb proxies, 900 seems fine. But on 4gb proxies, this
 

  # should be lowered in the host vars for that proxy.
 

  maxrequestworkers: 1500
 

- 

- tcp_ports: [
 

-     # For apache, generally.
 

-     80,
 

-     443,
 

- 

-     # This is for TCP krb5
 

-     1088,
 

- 

-     # This is for RabbitMQ public access
 

-     5671,
 

-     # This is for RabbitMQ internal-public access
 

-     15671,
 

- 

-     # This is for the haproxy HTML stats page
 

-     # TODO -- there's no need for this to be wide open to the world.  With this
 

-     # in place, you can visit https://apps.fedoraproject.org:8080 and get the
 

-     # haproxy stats page.  We should close this and just have admins go through
 

-     # the apache reverseproxy at https://admin.fedoraproject.org/haproxy/proxy1
 

-     8080,
 

- 

-     # This is for TOTP
 

-     8443,
 

- 

-     # For fedmsg websocket server over stunnel
 

-     9939,
 

-     # For fedmsg raw zeromq socket (outbound)
 

-     9940,
 

-     # 9941 is closed generally, is for the inbound fedmsg and is covered in
 

-     # custom_rules
 

-  ]
 

- custom_rules: [
 

-     # Need for rsync from log01 for logs.
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 209.132.181.102 --dport 873 -j ACCEPT',
 

- 

-     # allow varnish from localhost
 

-     '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6081 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6082 -j ACCEPT',
 

- 

-     # also allow varnish from internal for purge requests
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 6081 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.0/24 --dport 6081 -j ACCEPT',
 

- 

-     # Allow happinesspackets.fedorainfracloud.org to talk to inbound fedmsg relay.
 

-     '-A INPUT -p tcp -m tcp --dport 9941 -s 209.132.184.58 -j ACCEPT',
 

- 

-      # Allow openqa01 to talk to the inbound fedmsg relay.
 

-     '-A INPUT -p tcp -m tcp --dport 9941 -s 10.3.174.0/24 -j ACCEPT',
 

- 

-     # For Zanata
 

-     # See files/httpd/website_id_fp_o_zanata.conf for info
 

-     '-A INPUT -p tcp -m tcp --dport 44342 -s 209.132.183.252 -j ACCEPT',
 

- 

-     # Allow ocp control plane hosts
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.35 -j ACCEPT', # batcave01
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.120 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.121 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.122 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.123 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.124 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.125 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.126 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.65 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.120 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.121 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.122 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.123 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.124 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.125 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.126 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.163.65 -j ACCEPT',
 

- ]
 

- 

+ mem_size: 8192
 

  nat_rules: [
 

-     # For Zanata, redirect 443/tcp -> 43342/tcp for TLS reasons
 

-     # See files/httpd/website_id_fp_o_zanata.conf for info
 

-     '-A PREROUTING -s 209.132.183.252 -p tcp --dport 443 -j REDIRECT --to 44342'
 

-  ]
 

- 

- blocked_ips: [
 

-  '14.102.69.78',
 

-  '104.219.54.236',
 

-  '103.38.177.2',
 

-  '110.172.140.98',
 

-  '183.80.131.253',
 

-  '113.190.178.137',
 

-  '115.76.39.108',
 

-  '116.109.31.204',
 

-  '209.64.155.56',
 

- ]
 

- 

- 

- blocked_ip_v6: [
 

- ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: proxies
 

- ipa_host_group_desc: Proxies between internal hosts and the Internet
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- ipa_client_sudo_groups:
 

- - sysadmin-web
 

- 

- collectd_apache: true
 

- 

- varnish_group: proxies
 

- 

- postvpnservices:
 

- - haproxy
 

- - varnish
 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Provides frontend (reverse) proxy for most web applications
 

- csi_relationship: |
 

-     Using Apache -> haproxy, these hosts contact app servers and
 

-         other various hosts to provide web applications at sites like
 

-         fedoraproject.org and admin.fedoraproject.org.  The proxy servers are
 

-         balanced via dns and geoIP and are spread all over the place.
 

- 

- openshift_masters:
 

- - os-master01.vpn.fedoraproject.org
 

- - os-master02.vpn.fedoraproject.org
 

- - os-master03.vpn.fedoraproject.org
 

- 

- openshift_nodes:
 

- - os-node01.vpn.fedoraproject.org
 

- - os-node02.vpn.fedoraproject.org
 

- - os-node03.vpn.fedoraproject.org
 

- 

+   # For Zanata, redirect 443/tcp -> 43342/tcp for TLS reasons
 

+   # See files/httpd/website_id_fp_o_zanata.conf for info
 

+   '-A PREROUTING -s 209.132.183.252 -p tcp --dport 443 -j REDIRECT --to 44342']
 

+ num_cpus: 6
 

  ocp_masters:
 

- - bootstrap.ocp.iad2.fedoraproject.org
 

- - ocp01.ocp.iad2.fedoraproject.org
 

- - ocp02.ocp.iad2.fedoraproject.org
 

- - ocp03.ocp.iad2.fedoraproject.org
 

- 

+   - bootstrap.ocp.iad2.fedoraproject.org
 

+   - ocp01.ocp.iad2.fedoraproject.org
 

+   - ocp02.ocp.iad2.fedoraproject.org
 

+   - ocp03.ocp.iad2.fedoraproject.org
 

  ocp_nodes:
 

- - worker01.ocp.iad2.fedoraproject.org
 

- - worker02.ocp.iad2.fedoraproject.org
 

- - worker03.ocp.iad2.fedoraproject.org
 

+   - worker01.ocp.iad2.fedoraproject.org
 

+   - worker02.ocp.iad2.fedoraproject.org
 

+   - worker03.ocp.iad2.fedoraproject.org
 

+ openshift_masters:
 

+   - os-master01.vpn.fedoraproject.org
 

+   - os-master02.vpn.fedoraproject.org
 

+   - os-master03.vpn.fedoraproject.org
 

+ openshift_nodes:
 

+   - os-node01.vpn.fedoraproject.org
 

+   - os-node02.vpn.fedoraproject.org
 

+   - os-node03.vpn.fedoraproject.org
 

+ postvpnservices:
 

+   - haproxy
 

+   - varnish
 

+ primary_auth_source: ipa
 

+ tcp_ports: [
 

+   # For apache, generally.
 

+   80, 443,
 

+   # This is for TCP krb5
 

+   1088,
 

+   # This is for RabbitMQ public access
 

+   5671,
 

+   # This is for RabbitMQ internal-public access
 

+   15671,
 

+   # This is for the haproxy HTML stats page
 

+   # TODO -- there's no need for this to be wide open to the world.  With this
 

+   # in place, you can visit https://apps.fedoraproject.org:8080 and get the
 

+   # haproxy stats page.  We should close this and just have admins go through
 

+   # the apache reverseproxy at https://admin.fedoraproject.org/haproxy/proxy1
 

+   8080,
 

+   # This is for TOTP
 

+   8443,
 

+   # For fedmsg websocket server over stunnel
 

+   9939,
 

+   # For fedmsg raw zeromq socket (outbound)
 

+   9940,
 

+   # 9941 is closed generally, is for the inbound fedmsg and is covered in
 

+   # custom_rules
 

+ ]
 

+ varnish_group: proxies

file modified
+84 -127 
@@ -1,136 +1,93 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ collectd_apache: true
 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Provides frontend (reverse) proxy for most web applications
 

+ csi_relationship: |
 

+   Using Apache -> haproxy, these hosts contact app servers and
 

+       other various hosts to provide web applications at sites like
 

+       fedoraproject.org and admin.fedoraproject.org.  The proxy servers are
 

+       balanced via dns and geoIP and are spread all over the place.
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ custom_rules: [
 

+   # Need for rsync from log01 for logs.
 

+   '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

+   # allow varnish from localhost
 

+   '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6081 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6082 -j ACCEPT',
 

+   # also allow varnish from internal for purge requests
 

+   '-A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 6081 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.0/24 --dport 6081 -j ACCEPT',
 

+   # Allow stg.fedoramagazine.org running at vultr.com to talk inbound fedmsg
 

+   # Contact cydrobolt about the status of this.  It hasn't hit prod status
 

+   # yet as of 2015-04-27 (threebean).
 

+   '-A INPUT -p tcp -m tcp --dport 9941 -s 104.207.133.220 -j ACCEPT',
 

+   # Allow resultsdb talk to the inbound fedmsg relay.
 

+   '-A INPUT -p tcp -m tcp --dport 9941 -s 10.5.124.147 -j ACCEPT',
 

+   # Allow openqa to talk to the inbound fedmsg relay.
 

+   '-A INPUT -p tcp -m tcp --dport 9941 -s 10.5.131.72 -j ACCEPT',
 

+   # Allow happinesspackets-stg.fedorainfracloud.org to talk to the inbound fedmsg relay
 

+   '-A INPUT -p tcp -m tcp --dport 9941 -s 209.132.184.123 -j ACCEPT',
 

+   # Allow ocp control plane hosts
 

+   '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.35 -j ACCEPT', # batcave01
 

+   '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.115 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.116 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.117 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.118 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.119 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.120 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.121 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.122 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.123 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.50 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.115 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.116 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.117 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.118 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.119 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.120 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.121 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.122 -j ACCEPT', '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.123 -j ACCEPT']
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-web
 

+ ipa_host_group: proxies
 

+ ipa_host_group_desc: Proxies between internal hosts and the Internet
 

  lvm_size: 50000
 

- mem_size: 8192
 

- num_cpus: 2
 

- 

  # This is used in the httpd.conf to determine the value for serverlimit and
 

  # maxrequestworkers. On 8gb proxies, 900 seems fine. But on 4gb proxies, this
 

  # should be lowered in the host vars for that proxy.
 

  maxrequestworkers: 900
 

- 

- tcp_ports: [
 

-     # For apache, generally.
 

-     80,
 

-     443,
 

- 

-     # This is for TCP krb5
 

-     1088,
 

- 

-     # This is for RabbitMQ public access
 

-     5671,
 

-     # This is for RabbitMQ internal-public access
 

-     15671,
 

- 

-     # This is for the haproxy HTML stats page
 

-     # TODO -- there's no need for this to be wide open to the world.  With this
 

-     # in place, you can visit https://apps.fedoraproject.org:8080 and get the
 

-     # haproxy stats page.  We should close this and just have admins go through
 

-     # the apache reverseproxy at https://admin.fedoraproject.org/haproxy/proxy1
 

-     8080,
 

- 

-     # This is for TOTP
 

-     8443,
 

- 

-     # For fedmsg websocket server over stunnel
 

-     9939,
 

-     # For fedmsg raw zeromq socket (outbound)
 

-     9940,
 

-     # 9941 is closed generally, is for the inbound fedmsg and is covered in
 

-     # custom_rules
 

-  ]
 

- custom_rules: [
 

-     # Need for rsync from log01 for logs.
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

- 

-     # allow varnish from localhost
 

-     '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6081 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 127.0.0.1 --dport 6082 -j ACCEPT',
 

- 

-     # also allow varnish from internal for purge requests
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 6081 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.0/24 --dport 6081 -j ACCEPT',
 

- 

-     # Allow stg.fedoramagazine.org running at vultr.com to talk inbound fedmsg
 

-     # Contact cydrobolt about the status of this.  It hasn't hit prod status
 

-     # yet as of 2015-04-27 (threebean).
 

-     '-A INPUT -p tcp -m tcp --dport 9941 -s 104.207.133.220 -j ACCEPT',
 

- 

-     # Allow resultsdb talk to the inbound fedmsg relay.
 

-     '-A INPUT -p tcp -m tcp --dport 9941 -s 10.5.124.147 -j ACCEPT',
 

- 

-     # Allow openqa to talk to the inbound fedmsg relay.
 

-     '-A INPUT -p tcp -m tcp --dport 9941 -s 10.5.131.72 -j ACCEPT',
 

- 

-     # Allow happinesspackets-stg.fedorainfracloud.org to talk to the inbound fedmsg relay
 

-     '-A INPUT -p tcp -m tcp --dport 9941 -s 209.132.184.123 -j ACCEPT',
 

-     # Allow ocp control plane hosts
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.35 -j ACCEPT', # batcave01
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.115 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.116 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.117 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.118 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.119 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.120 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.121 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.122 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.123 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.50 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.115 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.116 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.117 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.118 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.119 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.120 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.121 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.122 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp --dport 22623 -s 10.3.166.123 -j ACCEPT',
 

-  ]
 

- 

- ipa_host_group: proxies
 

- ipa_host_group_desc: Proxies between internal hosts and the Internet
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- ipa_client_sudo_groups:
 

- - sysadmin-web
 

- 

- collectd_apache: true
 

- varnish_group: proxies
 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Provides frontend (reverse) proxy for most web applications
 

- csi_relationship: |
 

-     Using Apache -> haproxy, these hosts contact app servers and
 

-         other various hosts to provide web applications at sites like
 

-         fedoraproject.org and admin.fedoraproject.org.  The proxy servers are
 

-         balanced via dns and geoIP and are spread all over the place.
 

- 

- openshift_masters:
 

- - os-master01.stg.iad2.fedoraproject.org
 

- - os-master02.stg.iad2.fedoraproject.org
 

- - os-master03.stg.iad2.fedoraproject.org
 

- 

- openshift_nodes:
 

- - os-node01.stg.iad2.fedoraproject.org
 

- - os-node02.stg.iad2.fedoraproject.org
 

- - os-node03.stg.iad2.fedoraproject.org
 

- - os-node04.stg.iad2.fedoraproject.org
 

- 

+ mem_size: 8192
 

+ num_cpus: 2
 

  ocp_masters_stg:
 

- # - bootstrap.ocp.stg.iad2.fedoraproject.org
 

- - ocp01.ocp.stg.iad2.fedoraproject.org
 

- - ocp02.ocp.stg.iad2.fedoraproject.org
 

- - ocp03.ocp.stg.iad2.fedoraproject.org
 

- 

+   # - bootstrap.ocp.stg.iad2.fedoraproject.org
 

+   - ocp01.ocp.stg.iad2.fedoraproject.org
 

+   - ocp02.ocp.stg.iad2.fedoraproject.org
 

+   - ocp03.ocp.stg.iad2.fedoraproject.org
 

  ocp_nodes_stg:
 

- - worker01.ocp.stg.iad2.fedoraproject.org
 

- - worker02.ocp.stg.iad2.fedoraproject.org
 

- - worker03.ocp.stg.iad2.fedoraproject.org
 

- - worker04.ocp.stg.iad2.fedoraproject.org
 

- - worker05.ocp.stg.iad2.fedoraproject.org
 

+   - worker01.ocp.stg.iad2.fedoraproject.org
 

+   - worker02.ocp.stg.iad2.fedoraproject.org
 

+   - worker03.ocp.stg.iad2.fedoraproject.org
 

+   - worker04.ocp.stg.iad2.fedoraproject.org
 

+   - worker05.ocp.stg.iad2.fedoraproject.org
 

+ openshift_masters:
 

+   - os-master01.stg.iad2.fedoraproject.org
 

+   - os-master02.stg.iad2.fedoraproject.org
 

+   - os-master03.stg.iad2.fedoraproject.org
 

+ openshift_nodes:
 

+   - os-node01.stg.iad2.fedoraproject.org
 

+   - os-node02.stg.iad2.fedoraproject.org
 

+   - os-node03.stg.iad2.fedoraproject.org
 

+   - os-node04.stg.iad2.fedoraproject.org
 

+ tcp_ports: [
 

+   # For apache, generally.
 

+   80, 443,
 

+   # This is for TCP krb5
 

+   1088,
 

+   # This is for RabbitMQ public access
 

+   5671,
 

+   # This is for RabbitMQ internal-public access
 

+   15671,
 

+   # This is for the haproxy HTML stats page
 

+   # TODO -- there's no need for this to be wide open to the world.  With this
 

+   # in place, you can visit https://apps.fedoraproject.org:8080 and get the
 

+   # haproxy stats page.  We should close this and just have admins go through
 

+   # the apache reverseproxy at https://admin.fedoraproject.org/haproxy/proxy1
 

+   8080,
 

+   # This is for TOTP
 

+   8443,
 

+   # For fedmsg websocket server over stunnel
 

+   9939,
 

+   # For fedmsg raw zeromq socket (outbound)
 

+   9940,
 

+   # 9941 is closed generally, is for the inbound fedmsg and is covered in
 

+   # custom_rules
 

+ ]
 

+ varnish_group: proxies

file modified
+18 -36 
@@ -1,43 +1,25 @@
 

  ---
 

- tcp_ports: [
 

-     # https://www.rabbitmq.com/clustering.html#selinux-ports
 

-     # EPMD
 

-     4369,
 

-     # AMQP
 

-     5672,
 

-     5671,
 

-     # CLI tools
 

-     35672,
 

-     35673,
 

-     35674,
 

-     35675,
 

-     35676,
 

-     35677,
 

-     35678,
 

-     35679,
 

-     35680,
 

-     35681,
 

-     35682,
 

-     # HTTP API
 

-     #15672,
 

- ]
 

- 

  custom_rules: [
 

-     # Neeed for rsync from log01 for logs.
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

-     # Inter-node traffic
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.78 --dport 25672 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.79 --dport 25672 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.80 --dport 25672 -j ACCEPT',
 

- ]
 

- 

- primary_auth_source: ipa
 

+   # Neeed for rsync from log01 for logs.
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

+   # Inter-node traffic
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.78 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.79 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.80 --dport 25672 -j ACCEPT']
 

  ipa_host_group: rabbitmq
 

  ipa_host_group_desc: RabbitMQ service
 

  ipa_shell_groups:
 

- - sysadmin-messaging
 

+   - sysadmin-messaging
 

  ipa_sudo_groups:
 

- - sysadmin-messaging
 

- 

+   - sysadmin-messaging
 

  mem_size: 4096
 

+ primary_auth_source: ipa
 

+ tcp_ports: [
 

+   # https://www.rabbitmq.com/clustering.html#selinux-ports
 

+   # EPMD
 

+   4369,
 

+   # AMQP
 

+   5672, 5671,
 

+   # CLI tools
 

+   35672, 35673, 35674, 35675, 35676, 35677, 35678, 35679, 35680, 35681, 35682,
 

+   # HTTP API
 

+   #15672,
 

+ ]

file modified
+24 -46 
@@ -1,57 +1,35 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ custom_rules: [
 

+   # Neeed for rsync from log01 for logs.
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

+   # Inter-node traffic
 

+   '-A INPUT -p tcp -m tcp -s 10.3.166.78 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.166.79 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.166.80 --dport 25672 -j ACCEPT']
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ gw: 10.3.166.254
 

+ ipa_host_group: rabbitmq
 

+ ipa_host_group_desc: RabbitMQ service
 

+ ipa_shell_groups:
 

+   - sysadmin-messaging
 

+ ipa_sudo_groups:
 

+   - sysadmin-messaging
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- 

- datacenter: iad2
 

- 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  # Define resources for this group of hosts here.
 

  lvm_size: 20000
 

  mem_size: 4096
 

+ nm: 255.255.255.0
 

  num_cpus: 2
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

  tcp_ports: [
 

-     # https://www.rabbitmq.com/clustering.html#selinux-ports
 

-     # EPMD
 

-     4369,
 

-     # AMQP
 

-     5672,
 

-     5671,
 

-     # CLI tools
 

-     35672,
 

-     35673,
 

-     35674,
 

-     35675,
 

-     35676,
 

-     35677,
 

-     35678,
 

-     35679,
 

-     35680,
 

-     35681,
 

-     35682,
 

-     # HTTP API
 

-     #15672,
 

- ]
 

- 

- custom_rules: [
 

-     # Neeed for rsync from log01 for logs.
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

-     # Inter-node traffic
 

-     '-A INPUT -p tcp -m tcp -s 10.3.166.78 --dport 25672 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.3.166.79 --dport 25672 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.3.166.80 --dport 25672 -j ACCEPT',
 

+   # https://www.rabbitmq.com/clustering.html#selinux-ports
 

+   # EPMD
 

+   4369,
 

+   # AMQP
 

+   5672, 5671,
 

+   # CLI tools
 

+   35672, 35673, 35674, 35675, 35676, 35677, 35678, 35679, 35680, 35681, 35682,
 

+   # HTTP API
 

+   #15672,
 

  ]
 

- 

- ipa_host_group: rabbitmq
 

- ipa_host_group_desc: RabbitMQ service
 

- ipa_shell_groups:
 

- - sysadmin-messaging
 

- ipa_sudo_groups:
 

- - sysadmin-messaging

file modified
+48 -57 
@@ -1,66 +1,57 @@
 

  ---
 

  # common items for the releng-* boxes
 

- lvm_size: 100000
 

- mem_size: 131072
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 16
 

- virt_install_command: "{{ virt_install_command_two_nic_unsafe }}"
 

- 

- nm: 255.255.255.0
 

- gw: 10.5.125.254
 

  dns: 10.5.126.21
 

- 

- # With 16 cpus, theres a bunch more kernel threads
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

- host_group: releng
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: root
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - pungi.compose.phase.start
 

+       - pungi.compose.phase.stop
 

+       - pungi.compose.status.change
 

+       - pungi.compose.createiso.targets
 

+       - pungi.compose.createiso.imagefail
 

+       - pungi.compose.createiso.imagedone
 

+       - pungi.compose.ostree
 

+       - compose.27.complete
 

+       - compose.27.start
 

+       - compose.28.complete
 

+       - compose.28.rsync.complete
 

+       - compose.28.rsync.start
 

+       - compose.28.start
 

+       - compose.29.complete
 

+       - compose.29.start
 

+     group: masher
 

+     owner: root
 

+     service: releng
 

  freezes: true
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: releng-compose
 

- ipa_host_group_desc: Hosts running composes
 

+ gw: 10.5.125.254
 

+ host_group: releng
 

  ipa_client_shell_groups:
 

- - sysadmin-releng
 

+   - sysadmin-releng
 

  ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- 

- nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

- # For the mock config
 

- kojipkgs_url: kojipkgs.fedoraproject.org
 

- kojihub_url: koji.fedoraproject.org/kojihub
 

- kojihub_scheme: https
 

- 

+   - sysadmin-releng
 

+ ipa_host_group: releng-compose
 

+ ipa_host_group_desc: Hosts running composes
 

  # for kojid config
 

  koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.fedoraproject.org/koji"
 

  koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

- 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: root
 

-   can_send:
 

-   - logger.log
 

- - service: releng
 

-   owner: root
 

-   group: masher
 

-   can_send:
 

-   - pungi.compose.phase.start
 

-   - pungi.compose.phase.stop
 

-   - pungi.compose.status.change
 

-   - pungi.compose.createiso.targets
 

-   - pungi.compose.createiso.imagefail
 

-   - pungi.compose.createiso.imagedone
 

-   - pungi.compose.ostree
 

-   - compose.27.complete
 

-   - compose.27.start
 

-   - compose.28.complete
 

-   - compose.28.rsync.complete
 

-   - compose.28.rsync.start
 

-   - compose.28.start
 

-   - compose.29.complete
 

-   - compose.29.start
 

+ koji_weburl: "https://koji.fedoraproject.org/koji"
 

+ kojihub_scheme: https
 

+ kojihub_url: koji.fedoraproject.org/kojihub
 

+ # For the mock config
 

+ kojipkgs_url: kojipkgs.fedoraproject.org
 

+ lvm_size: 100000
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 131072
 

+ nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ # With 16 cpus, theres a bunch more kernel threads
 

+ nrpe_procs_warn: 900
 

+ num_cpus: 16
 

+ primary_auth_source: ipa
 

+ virt_install_command: "{{ virt_install_command_two_nic_unsafe }}"

file modified
+6 -9 
@@ -1,16 +1,13 @@
 

  ---
 

- ipa_host_group: releng-compose
 

- ipa_host_group_desc: Hosts running composes
 

  ipa_client_shell_groups:
 

- - sysadmin-releng
 

+   - sysadmin-releng
 

  ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- 

+   - sysadmin-releng
 

+ ipa_host_group: releng-compose
 

+ ipa_host_group_desc: Hosts running composes
 

  koji_server_url: "https://koji.stg.fedoraproject.org/kojihub"
 

- koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

  koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

- 

- nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

+ koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

  mem_size: 8192
 

+ nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

  num_cpus: 4

file modified
+1 -1 
@@ -1,5 +1,5 @@
 

  # This var should never be set for more than one machine
 

- relvalconsumer_prod: true
 

  # this one probably shouldn't either
 

  relvalconsumer_bugzilla_api_key: "{{ prod_relvalconsumer_bugzilla_secret_api_key }}"
 

  relvalconsumer_env_suffix:
 

+ relvalconsumer_prod: true

file modified
+10 -12 
@@ -1,19 +1,17 @@
 

  # we need this for our fedora-messaging consumer as it is not allowed
 

  # to create queues on the infra AMQP broker, by broker config
 

- relvalconsumer_amqp_passive: true
 

- 

- # fedora-messaging job scheduler settings: most of these are the same
 

- # for prod and stg as they both must listen for prod messages. Only
 

- # the queue names differs
 

- relvalconsumer_amqp_url: "amqps://openqa:@rabbitmq.fedoraproject.org/%2Fpubsub"
 

- relvalconsumer_amqp_cacert: /etc/fedora-messaging/cacert.pem
 

- relvalconsumer_amqp_key: /etc/pki/fedora-messaging/openqa-key.pem
 

- relvalconsumer_amqp_cert: /etc/pki/fedora-messaging/openqa-cert.pem
 

- relvalconsumer_amqp_queue: "openqa_relvalconsumer{{ relvalconsumer_env_suffix }}"
 

- relvalconsumer_amqp_routing_keys: ["org.fedoraproject.prod.pungi.compose.status.change"]
 

  relvalamiconsumer_amqp_queue: "openqa_relvalamiconsumer{{ relvalconsumer_env_suffix }}"
 

  relvalamiconsumer_amqp_routing_keys: ["org.fedoraproject.prod.fedimg.image.publish"]
 

- 

+ relvalconsumer_amqp_cacert: /etc/fedora-messaging/cacert.pem
 

+ relvalconsumer_amqp_cert: /etc/pki/fedora-messaging/openqa-cert.pem
 

+ relvalconsumer_amqp_key: /etc/pki/fedora-messaging/openqa-key.pem
 

  # fedora-messaging email error reporting settings
 

  relvalconsumer_amqp_mailto: ["adamwill@fedoraproject.org", "lruzicka@fedoraproject.org"]
 

+ relvalconsumer_amqp_passive: true
 

+ relvalconsumer_amqp_queue: "openqa_relvalconsumer{{ relvalconsumer_env_suffix }}"
 

+ relvalconsumer_amqp_routing_keys: ["org.fedoraproject.prod.pungi.compose.status.change"]
 

  relvalconsumer_amqp_smtp: bastion
 

+ # fedora-messaging job scheduler settings: most of these are the same
 

+ # for prod and stg as they both must listen for prod messages. Only
 

+ # the queue names differs
 

+ relvalconsumer_amqp_url: "amqps://openqa:@rabbitmq.fedoraproject.org/%2Fpubsub"

file modified
+3 -4 
@@ -1,8 +1,7 @@
 

- relvalconsumer_prod: false
 

- relvalconsumer_env_suffix: .test
 

- 

+ relvalamiconsumer_disabled: true
 

  # FIXME: disable consumers that write to wiki until auth key
 

  # is working again:
 

  # https://pagure.io/fedora-infrastructure/issue/8381
 

  relvalconsumer_disabled: true
 

- relvalamiconsumer_disabled: true
 

+ relvalconsumer_env_suffix: .test
 

+ relvalconsumer_prod: false

file modified
+9 -21 
@@ -1,29 +1,17 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 50000
 

- mem_size: 8192
 

- max_mem_size: 16348
 

- num_cpus: 8
 

- 

- # For the MOTD
 

- csi_security_category: Low
 

  csi_primary_contact: admin@fedoraproject.org / sysadmin-main-members
 

  csi_purpose: repospanner git syncing host
 

- 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 8.43.84.211 --dport 8443:8445 -j ACCEPT',
 

-             '-A INPUT -p tcp -m tcp -s 8.43.84.212 --dport 8443:8445 -j ACCEPT',
 

-             '-A INPUT -p tcp -m tcp -s 8.43.85.76 --dport 8443:8445 -j ACCEPT',
 

-             '-A INPUT -p tcp -m tcp -s 152.19.134.149 --dport 8443:8445 -j ACCEPT',
 

-             '-A INPUT -p tcp -m tcp -s 209.132.181.20 --dport 8443:8445 -j ACCEPT',
 

-             '-A INPUT -p tcp -m tcp -s 8.43.85.78 --dport 8443:8445 -j ACCEPT',
 

-             '-A INPUT -p tcp -m tcp -s 152.19.134.191 --dport 8443:8445 -j ACCEPT',
 

-             '-A INPUT -p tcp -m tcp -s 140.211.169.199 --dport 8443:8445 -j ACCEPT',]
 

- 

+ # For the MOTD
 

+ csi_security_category: Low
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 8.43.84.211 --dport 8443:8445 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 8.43.84.212 --dport 8443:8445 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 8.43.85.76 --dport 8443:8445 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 152.19.134.149 --dport 8443:8445 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 209.132.181.20 --dport 8443:8445 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 8.43.85.78 --dport 8443:8445 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 152.19.134.191 --dport 8443:8445 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 140.211.169.199 --dport 8443:8445 -j ACCEPT']
 

+ lvm_size: 50000
 

+ max_mem_size: 16348
 

+ mem_size: 8192
 

  nagios_Check_Services:
 

-   nrpe: false
 

    mail: false
 

+   nrpe: false
 

+   ping: false
 

    sshd: false
 

    swap: false
 

-   ping: false
 

- 

- ## End of file
 

+ num_cpus: 8

file modified
+27 -39 
@@ -2,16 +2,23 @@
 

  ############################################################
 

  # general information
 

  ############################################################
 

+ allowed_hosts:
 

+   - 10.5.124
 

  deployment_type: dev
 

+ execdb_db_host: "{{ execdb_db_host_machine }}"
 

+ ############################################################
 

+ # execdb details
 

+ ############################################################
 

+ execdb_db_host_machine: db-qa01.qa.fedoraproject.org
 

+ execdb_db_name: execdb_dev
 

+ execdb_db_password: "{{ dev_execdb_db_password }}"
 

+ execdb_db_port: 5432
 

+ execdb_db_user: "{{ dev_execdb_db_user }}"
 

+ execdb_endpoint: 'execdb'
 

+ execdb_secret_key: "{{ dev_execdb_secret_key }}"
 

  external_hostname: taskotron-dev.fedoraproject.org
 

- tcp_ports: [ 80, 443, "{{ resultsdb_db_port }}", "{{ execdb_db_port }}" ]
 

- 

  freezes: false
 

- 

- 

- 

- 

- 

+ resultsdb_db_host: "{{ resultsdb_db_host_machine }}"
 

  ############################################################
 

  # resultsdb details
 

  ############################################################
 
@@ -20,47 +27,28 @@
 

  # that db is localhost relative to resultsdb
 

  #
 

  resultsdb_db_host_machine: db-qa01.qa.fedoraproject.org
 

- resultsdb_db_host: "{{ resultsdb_db_host_machine }}"
 

- resultsdb_db_port: 5432
 

- resultsdb_endpoint: 'resultsdb_api'
 

  resultsdb_db_name: resultsdb_dev
 

- resultsdb_db_user: "{{ dev_resultsdb_db_user }}"
 

  resultsdb_db_password: "{{ dev_resultsdb_db_password }}"
 

- resultsdb_secret_key: "{{ dev_resultsdb_secret_key }}"
 

- 

- allowed_hosts:
 

-     - 10.5.124
 

- 

+ resultsdb_db_port: 5432
 

+ resultsdb_db_user: "{{ dev_resultsdb_db_user }}"
 

+ resultsdb_endpoint: 'resultsdb_api'
 

  ############################################################
 

  # resultsdb-frontend details
 

  ############################################################
 

  resultsdb_fe_endpoint: "resultsdb"
 

  resultsdb_frontend_secret_key: "{{ dev_resultsdb_frontend_secret_key }}"
 

- 

- 

- ############################################################
 

- # execdb details
 

- ############################################################
 

- execdb_db_host_machine: db-qa01.qa.fedoraproject.org
 

- execdb_db_host: "{{ execdb_db_host_machine }}"
 

- execdb_db_port: 5432
 

- execdb_endpoint: 'execdb'
 

- execdb_db_name: execdb_dev
 

- execdb_db_user: "{{ dev_execdb_db_user }}"
 

- execdb_db_password: "{{ dev_execdb_db_password }}"
 

- execdb_secret_key: "{{ dev_execdb_secret_key }}"
 

- 

- 

+ resultsdb_secret_key: "{{ dev_resultsdb_secret_key }}"
 

+ tcp_ports: [80, 443, "{{ resultsdb_db_port }}", "{{ execdb_db_port }}"]
 

+ vault_db_host: "{{ vault_db_host_machine }}"
 

+ vault_db_host_machine: db-qa01.qa.fedoraproject.org
 

+ vault_db_name: vault_dev
 

+ vault_db_password: "{{ dev_vault_db_password }}"
 

+ vault_db_port: 5432
 

+ vault_db_user: "{{ dev_vault_db_user }}"
 

+ vault_endpoint: 'vault'
 

+ vault_masterkey: "{{dev_vault_masterkey}}"
 

  ############################################################
 

  # vault details
 

  ############################################################
 

  vault_public_url: "https://taskotron-dev.fedoraproject.org/vault"
 

- vault_db_host_machine: db-qa01.qa.fedoraproject.org
 

- vault_db_host: "{{ vault_db_host_machine }}"
 

- vault_db_port: 5432
 

- vault_endpoint: 'vault'
 

- vault_db_name: vault_dev
 

- vault_db_user: "{{ dev_vault_db_user }}"
 

- vault_db_password: "{{ dev_vault_db_password }}"
 

  vault_secret_key: "{{ dev_vault_secret_key }}"
 

- vault_masterkey: "{{dev_vault_masterkey}}"

file modified
+45 -61 
@@ -2,88 +2,72 @@
 

  ############################################################
 

  # general information
 

  ############################################################
 

+ allowed_hosts:
 

+   - 10.3.160.0/19
 

  deployment_type: prod
 

- vpn: true
 

+ execdb_db_host: "{{ execdb_db_host_machine }}"
 

+ ############################################################
 

+ # execdb details
 

+ ############################################################
 

+ execdb_db_host_machine: db01.iad2.fedoraproject.org
 

+ execdb_db_name: execdb
 

+ execdb_db_password: "{{ prod_execdb_db_password }}"
 

+ execdb_db_port: 5432
 

+ execdb_db_user: "{{ prod_execdb_db_user }}"
 

+ execdb_endpoint: 'execdb'
 

+ execdb_secret_key: "{{ prod_execdb_secret_key }}"
 

  external_hostname: taskotron.fedoraproject.org
 

- tcp_ports: [ 80, 443, "{{ resultsdb_db_port }}" ]
 

- 

+ ############################################################
 

+ # fedmsg details
 

+ ############################################################
 

+ fedmsg_active: True
 

+ fedmsg_cert_prefix: resultsdb
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - taskotron.result.new
 

+       - resultsdb.result.new
 

+     group: apache
 

+     owner: root
 

+     service: resultsdb
 

+ ipa_client_shell_groups:
 

+   - sysadmin-qa
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-qa
 

+ ipa_host_group: resultsdb
 

+ ipa_host_group_desc: ResultsDB application servers
 

  # common items for the releng-* boxes
 

  lvm_size: 50000
 

  mem_size: 16384
 

+ nrpe_procs_crit: 300
 

+ nrpe_procs_warn: 250
 

  num_cpus: 4
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

  

  primary_auth_source: ipa
 

- ipa_host_group: resultsdb
 

- ipa_host_group_desc: ResultsDB application servers
 

- ipa_client_shell_groups:
 

- - sysadmin-qa
 

- ipa_client_sudo_groups:
 

- - sysadmin-qa
 

- 

- nrpe_procs_warn: 250
 

- nrpe_procs_crit: 300
 

- 

- 

- 

- 

- 

+ resultsdb_db_host: "{{ resultsdb_db_host_machine }}"
 

  ############################################################
 

  # resultsdb details
 

  ############################################################
 

  

  # the db_host_machine bits are so that delegation continues to work, even if
 

  # that db is localhost relative to resultsdb
 

- 

  resultsdb_db_host_machine: db01.iad2.fedoraproject.org
 

- resultsdb_db_host: "{{ resultsdb_db_host_machine }}"
 

- resultsdb_db_port: 5432
 

- resultsdb_endpoint: 'resultsdb_api'
 

  resultsdb_db_name: resultsdb
 

- resultsdb_db_user: "{{ prod_resultsdb_db_user }}"
 

  resultsdb_db_password: "{{ prod_resultsdb_db_password }}"
 

- resultsdb_secret_key: "{{ prod_resultsdb_secret_key }}"
 

- 

- allowed_hosts:
 

-     - 10.3.160.0/19
 

- 

- 

+ resultsdb_db_port: 5432
 

+ resultsdb_db_user: "{{ prod_resultsdb_db_user }}"
 

+ resultsdb_endpoint: 'resultsdb_api'
 

  ############################################################
 

  # resultsdb-frontend details
 

  ############################################################
 

  resultsdb_fe_endpoint: "resultsdb"
 

  resultsdb_frontend_secret_key: "{{ prod_resultsdb_frontend_secret_key }}"
 

- 

- 

- ############################################################
 

- # execdb details
 

- ############################################################
 

- execdb_db_host_machine: db01.iad2.fedoraproject.org
 

- execdb_db_host: "{{ execdb_db_host_machine }}"
 

- execdb_db_port: 5432
 

- execdb_endpoint: 'execdb'
 

- execdb_db_name: execdb
 

- execdb_db_user: "{{ prod_execdb_db_user }}"
 

- execdb_db_password: "{{ prod_execdb_db_password }}"
 

- execdb_secret_key: "{{ prod_execdb_secret_key }}"
 

- 

- 

- ############################################################
 

- # fedmsg details
 

- ############################################################
 

- fedmsg_active: True
 

- fedmsg_cert_prefix: resultsdb
 

- 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: resultsdb
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - taskotron.result.new
 

-   - resultsdb.result.new
 

+ resultsdb_secret_key: "{{ prod_resultsdb_secret_key }}"
 

+ tcp_ports: [80, 443, "{{ resultsdb_db_port }}"]
 

+ vpn: true

file modified
+44 -59 
@@ -2,82 +2,67 @@
 

  ############################################################
 

  # general information
 

  ############################################################
 

+ allowed_hosts:
 

+   - 10.3.160.0/19
 

  deployment_type: stg
 

+ execdb_db_host: "{{ execdb_db_host_machine }}"
 

+ ############################################################
 

+ # execdb details
 

+ ############################################################
 

+ execdb_db_host_machine: db-qa01.qa.fedoraproject.org
 

+ execdb_db_name: execdb_stg
 

+ execdb_db_password: "{{ stg_execdb_db_password }}"
 

+ execdb_db_port: 5432
 

+ execdb_db_user: "{{ stg_execdb_db_user }}"
 

+ execdb_endpoint: 'execdb'
 

+ execdb_secret_key: "{{ stg_execdb_secret_key }}"
 

  external_hostname: taskotron.stg.fedoraproject.org
 

- tcp_ports: [ 80, 443, "{{ resultsdb_db_port }}" ]
 

- 

- freezes: false
 

- 

- 

+ ############################################################
 

+ # fedmsg details
 

+ ############################################################
 

+ fedmsg_active: True
 

+ fedmsg_cert_prefix: resultsdb
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - taskotron.result.new
 

+       - resultsdb.result.new
 

+     group: apache
 

+     owner: root
 

+     service: resultsdb
 

  # make sure we're using the stg fedsmg bus
 

  fedmsg_env: stg
 

- 

- ipa_host_group: resultsdb
 

- ipa_host_group_desc: ResultsDB application servers
 

+ freezes: false
 

  ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-qa
 

- - sysadmin-veteran
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-qa
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-qa
 

- 

+   - sysadmin-qa
 

+ ipa_host_group: resultsdb
 

+ ipa_host_group_desc: ResultsDB application servers
 

+ resultsdb_db_host: "{{ resultsdb_db_host_machine }}"
 

  ############################################################
 

  # resultsdb details
 

  ############################################################
 

  

  # the db_host_machine bits are so that delegation continues to work, even if
 

  # that db is localhost relative to resultsdb
 

- 

  resultsdb_db_host_machine: db01.stg.iad2.fedoraproject.org
 

- resultsdb_db_host: "{{ resultsdb_db_host_machine }}"
 

- resultsdb_db_port: 5432
 

- resultsdb_endpoint: 'resultsdb_api'
 

  resultsdb_db_name: resultsdb_stg
 

- resultsdb_db_user: "{{ stg_resultsdb_db_user }}"
 

  resultsdb_db_password: "{{ stg_resultsdb_db_password }}"
 

- resultsdb_secret_key: "{{ stg_resultsdb_secret_key }}"
 

- 

- allowed_hosts:
 

-     - 10.3.160.0/19
 

- 

- 

- 

+ resultsdb_db_port: 5432
 

+ resultsdb_db_user: "{{ stg_resultsdb_db_user }}"
 

+ resultsdb_endpoint: 'resultsdb_api'
 

  ############################################################
 

  # resultsdb-frontend details
 

  ############################################################
 

  resultsdb_fe_endpoint: "resultsdb"
 

  resultsdb_frontend_secret_key: "{{ stg_resultsdb_frontend_secret_key }}"
 

- 

- 

- ############################################################
 

- # execdb details
 

- ############################################################
 

- execdb_db_host_machine: db-qa01.qa.fedoraproject.org
 

- execdb_db_host: "{{ execdb_db_host_machine }}"
 

- execdb_db_port: 5432
 

- execdb_endpoint: 'execdb'
 

- execdb_db_name: execdb_stg
 

- execdb_db_user: "{{ stg_execdb_db_user }}"
 

- execdb_db_password: "{{ stg_execdb_db_password }}"
 

- execdb_secret_key: "{{ stg_execdb_secret_key }}"
 

- 

- 

- ############################################################
 

- # fedmsg details
 

- ############################################################
 

- fedmsg_active: True
 

- fedmsg_cert_prefix: resultsdb
 

- 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: resultsdb
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - taskotron.result.new
 

-   - resultsdb.result.new
 

+ resultsdb_secret_key: "{{ stg_resultsdb_secret_key }}"
 

+ tcp_ports: [80, 443, "{{ resultsdb_db_port }}"]

file modified
+40 -49 
@@ -1,59 +1,50 @@
 

  ---
 

- env: production
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: retrace
 

- ipa_host_group_desc: Retrace servers
 

- ipa_client_shell_groups:
 

- - retrace
 

- ipa_client_sudo_groups:
 

- - retrace
 

- 

- vpn: true
 

- 

- freezes: false
 

  ansible_ifcfg_blocklist: true
 

- 

- tcp_ports: [ 80, 443 ]
 

- 

  custom_rules:
 

- - '-A INPUT -p tcp -m tcp -s 10.5.78.11 --dport 2049 -j ACCEPT'
 

- - '-A INPUT -p tcp -m tcp -s 10.5.78.11 --dport 5432 -j ACCEPT'
 

- 

- 

- nrpe_procs_warn: 1800
 

- nrpe_procs_crit: 2000
 

- 

+   - '-A INPUT -p tcp -m tcp -s 10.5.78.11 --dport 2049 -j ACCEPT'
 

+   - '-A INPUT -p tcp -m tcp -s 10.5.78.11 --dport 5432 -j ACCEPT'
 

+ env: production
 

  # Since retrace is on the qa network, it needs to actively connect to our
 

  # inbound relay.
 

  fedmsg_active: True
 

  fedmsg_cert_prefix: faf
 

- 

  # Declare fedmsg certs that should be put in /etc/pki/fedmsg/
 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: retrace
 

-   can_send:
 

-   - logger.log
 

- - service: faf
 

-   owner: root
 

-   group: faf
 

-   can_send:
 

-   - faf.report.threshold1
 

-   - faf.report.threshold10
 

-   - faf.report.threshold100
 

-   - faf.report.threshold1000
 

-   - faf.report.threshold1000
 

-   - faf.report.threshold10000
 

-   - faf.report.threshold100000
 

-   - faf.report.threshold1000000
 

-   - faf.problem.threshold1
 

-   - faf.problem.threshold10
 

-   - faf.problem.threshold100
 

-   - faf.problem.threshold1000
 

-   - faf.problem.threshold1000
 

-   - faf.problem.threshold10000
 

-   - faf.problem.threshold100000
 

-   - faf.problem.threshold1000000
 

+   - can_send:
 

+       - logger.log
 

+     group: retrace
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - faf.report.threshold1
 

+       - faf.report.threshold10
 

+       - faf.report.threshold100
 

+       - faf.report.threshold1000
 

+       - faf.report.threshold1000
 

+       - faf.report.threshold10000
 

+       - faf.report.threshold100000
 

+       - faf.report.threshold1000000
 

+       - faf.problem.threshold1
 

+       - faf.problem.threshold10
 

+       - faf.problem.threshold100
 

+       - faf.problem.threshold1000
 

+       - faf.problem.threshold1000
 

+       - faf.problem.threshold10000
 

+       - faf.problem.threshold100000
 

+       - faf.problem.threshold1000000
 

+     group: faf
 

+     owner: root
 

+     service: faf
 

+ freezes: false
 

+ ipa_client_shell_groups:
 

+   - retrace
 

+ ipa_client_sudo_groups:
 

+   - retrace
 

+ ipa_host_group: retrace
 

+ ipa_host_group_desc: Retrace servers
 

+ nrpe_procs_crit: 2000
 

+ nrpe_procs_warn: 1800
 

+ primary_auth_source: ipa
 

+ tcp_ports: [80, 443]
 

+ vpn: true

file modified
+4 -8 
@@ -1,14 +1,10 @@
 

  ---
 

  env: staging
 

- 

- vpn: true
 

- 

- tcp_ports: [ 22, 80, 443 ]
 

- 

- sudoers: "{{ private }}/files/sudo/arm-retrace-sudoers"
 

- root_auth_users: msuchy mfabik mgrabovs mzidek
 

- 

  nagios_Check_Services:
 

    mail: false
 

    nrpe: false
 

    swap: false
 

+ root_auth_users: msuchy mfabik mgrabovs mzidek
 

+ sudoers: "{{ private }}/files/sudo/arm-retrace-sudoers"
 

+ tcp_ports: [22, 80, 443]
 

+ vpn: true

file modified
+21 -24 
@@ -1,29 +1,26 @@
 

  ---
 

  datacenter: iad2
 

- tcp_ports: [80, 443, 873]
 

- rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- sshd_sftp: true
 

- 

- # nfs mount options, overrides the all/default
 

- nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,actimeo=600,nfsvers=3"
 

- 

  host_group: secondary
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: secondary
 

- ipa_host_group_desc: Serve secondary arch and archived releases
 

  ipa_client_shell_groups:
 

- - alt-k12linux
 

- - alt-sugar
 

- - altvideos
 

- - fi-apprentice
 

- - hosted-content
 

- - mips-content
 

- - qa-deltaisos
 

- - s390_content
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

+   - alt-k12linux
 

+   - alt-sugar
 

+   - altvideos
 

+   - fi-apprentice
 

+   - hosted-content
 

+   - mips-content
 

+   - qa-deltaisos
 

+   - s390_content
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

  ipa_client_sudo_groups:
 

- - sysadmin-noc
 

+   - sysadmin-noc
 

+ ipa_host_group: secondary
 

+ ipa_host_group_desc: Serve secondary arch and archived releases
 

+ # nfs mount options, overrides the all/default
 

+ nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,actimeo=600,nfsvers=3"
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ primary_auth_source: ipa
 

+ rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

+ sshd_sftp: true
 

+ tcp_ports: [80, 443, 873]

file modified
+7 -10 
@@ -1,17 +1,14 @@
 

  ---
 

  freezes: true
 

- postfix_group: sign
 

- 

+ ipa_client_shell_groups:
 

+   - sysadmin-releng
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-releng
 

+ ipa_host_group: sign-bridge
 

  # Define resources for this group of hosts here.
 

  lvm_size: 50000
 

  mem_size: 4096
 

  num_cpus: 4
 

- 

- tcp_ports: [ 44333, 44334 ]
 

- 

+ postfix_group: sign
 

  primary_auth_source: ipa
 

- ipa_host_group: sign-bridge
 

- ipa_client_shell_groups:
 

- - sysadmin-releng
 

- ipa_client_sudo_groups:
 

- - sysadmin-releng
 

+ tcp_ports: [44333, 44334]

file modified
+3 -3 
@@ -1,11 +1,11 @@
 

  ---
 

+ ansible_ifcfg_blocklist: true
 

  freezes: true
 

- postfix_group: sign
 

  host_group: sign
 

- ansible_ifcfg_blocklist: true
 

  nagios_Check_Services:
 

    mail: false
 

    nrpe: false
 

+   ping: true
 

    sshd: false
 

    swap: false
 

-   ping: true
 

+ postfix_group: sign

file modified
+18 -23 
@@ -1,31 +1,26 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ ipa_client_shell_access:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-tools
 

+   - sysadmin-veteran
 

+ ipa_client_sudo_access:
 

+   - sysadmin-noc
 

+   - sysadmin-tools
 

+   - sysadmin-veteran
 

+ ipa_host_group: smtp_mm
 

+ ipa_host_group_desc: SMTP servers
 

  lvm_size: 20000
 

  mem_size: 2048
 

+ nagios_Check_Services:
 

+   mail: false
 

+   nrpe: true
 

  num_cpus: 2
 

- 

+ postfix_group: smtp-mm
 

+ postfix_transport_filename: transports.smtp-mm
 

+ primary_auth_source: ipa
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 25 ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: smtp_mm
 

- ipa_host_group_desc: SMTP servers
 

- ipa_client_shell_access:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-tools
 

- - sysadmin-veteran
 

- ipa_client_sudo_access:
 

- - sysadmin-noc
 

- - sysadmin-tools
 

- - sysadmin-veteran
 

- 

- postfix_transport_filename: transports.smtp-mm
 

- postfix_group: smtp-mm
 

+ tcp_ports: [25]
 

  vpn: true
 

- 

- nagios_Check_Services:
 

-   nrpe: true
 

-   mail: false

file modified
+28 -33 
@@ -1,43 +1,38 @@
 

  ---
 

- freezes: false
 

+ deployment_type: stg
 

  env: staging
 

  env_prefix: stg.
 

- env_suffix: .stg
 

  env_short: stg
 

+ env_suffix: .stg
 

+ fedmsg_env: stg
 

+ fedmsg_prefix: org.fedoraproject
 

+ freezes: false
 

  host_group: staging
 

- 

- # This is the wildcard certname for our stg proxies.
 

- wildcard_cert_name: wildcard-2020.stg.fedoraproject.org
 

- wildcard_cert_file: wildcard-2020.stg.fedoraproject.org.cert
 

- wildcard_key_file: wildcard-2020.stg.fedoraproject.org.key
 

- wildcard_int_file: wildcard-2020.stg.fedoraproject.org.intermediate.cert
 

- 

- # This is the openshift wildcard cert for stg
 

- os_wildcard_cert_name: wildcard-2021.app.os.stg.fedoraproject.org
 

- os_wildcard_cert_file: wildcard-2021.app.os.stg.fedoraproject.org.cert
 

- os_wildcard_key_file: wildcard-2021.app.os.stg.fedoraproject.org.key
 

- os_wildcard_int_file: wildcard-2021.app.os.stg.fedoraproject.org.intermediate.cert
 

- 

- # This is the openshift wildcard cert for ocp stg
 

- ocp_wildcard_cert_name: wildcard-2021.apps.ocp.stg.fedoraproject.org
 

- ocp_wildcard_cert_file: wildcard-2021.apps.ocp.stg.fedoraproject.org.cert
 

- ocp_wildcard_key_file: wildcard-2021.apps.ocp.stg.fedoraproject.org.key
 

- ocp_wildcard_int_file: wildcard-2021.apps.ocp.stg.fedoraproject.org.intermediate.cert
 

- 

+ ipa_admin_password: "{{ ipa_stg_admin_password }}"
 

+ ipa_realm: STG.FEDORAPROJECT.ORG
 

+ # IPA details
 

+ ipa_server: ipa01.stg.iad2.fedoraproject.org
 

+ ipa_server_nodes:
 

+   - ipa01.stg.iad2.fedoraproject.org
 

+   - ipa02.stg.iad2.fedoraproject.org
 

+ mirrors_centos_org_cert_file: mirrors.stg.centos.org.cert
 

  # This is the mirrors.stg.centos.org certs
 

  mirrors_centos_org_cert_name: mirrors.stg.centos.org
 

- mirrors_centos_org_cert_file: mirrors.stg.centos.org.cert
 

  mirrors_centos_org_key_file: mirrors.stg.centos.org.key
 

- 

- fedmsg_prefix: org.fedoraproject
 

- fedmsg_env: stg
 

- deployment_type: stg
 

- 

- # IPA details
 

- ipa_server: ipa01.stg.iad2.fedoraproject.org
 

- ipa_realm: STG.FEDORAPROJECT.ORG
 

- ipa_admin_password: "{{ ipa_stg_admin_password }}"
 

+ ocp_wildcard_cert_file: wildcard-2021.apps.ocp.stg.fedoraproject.org.cert
 

+ # This is the openshift wildcard cert for ocp stg
 

+ ocp_wildcard_cert_name: wildcard-2021.apps.ocp.stg.fedoraproject.org
 

+ ocp_wildcard_int_file: wildcard-2021.apps.ocp.stg.fedoraproject.org.intermediate.cert
 

+ ocp_wildcard_key_file: wildcard-2021.apps.ocp.stg.fedoraproject.org.key
 

+ os_wildcard_cert_file: wildcard-2021.app.os.stg.fedoraproject.org.cert
 

+ # This is the openshift wildcard cert for stg
 

+ os_wildcard_cert_name: wildcard-2021.app.os.stg.fedoraproject.org
 

+ os_wildcard_int_file: wildcard-2021.app.os.stg.fedoraproject.org.intermediate.cert
 

+ os_wildcard_key_file: wildcard-2021.app.os.stg.fedoraproject.org.key
 

  # RIP, FAS
 

  primary_auth_source: ipa
 

- ipa_server_nodes:
 

-   - ipa01.stg.iad2.fedoraproject.org
 

+ wildcard_cert_file: wildcard-2020.stg.fedoraproject.org.cert
 

+ # This is the wildcard certname for our stg proxies.
 

+ wildcard_cert_name: wildcard-2020.stg.fedoraproject.org
 

+ wildcard_int_file: wildcard-2020.stg.fedoraproject.org.intermediate.cert
 

+ wildcard_key_file: wildcard-2020.stg.fedoraproject.org.key

file modified
+20 -27 
@@ -1,34 +1,27 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ deployment_type: prod
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-releng
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-releng
 

+   - sysadmin-web
 

+ ipa_host_group: sundries
 

+ ipa_host_group_desc: Odds and ends
 

  lvm_size: 50000
 

- mem_size: 2048
 

- num_cpus: 2
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 873 ]
 

- 

  # This gets overridden by whichever node we want to run special cronjobs.
 

  master_sundries_node: False
 

- 

- deployment_type: prod
 

- 

- # A host group for rsync config
 

- rsync_group: sundries
 

- 

- nrpe_procs_warn: 300
 

+ mem_size: 2048
 

  nrpe_procs_crit: 500
 

- 

+ nrpe_procs_warn: 300
 

+ num_cpus: 2
 

  primary_auth_source: ipa
 

- ipa_host_group: sundries
 

- ipa_host_group_desc: Odds and ends
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-releng
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- - sysadmin-web
 

+ # A host group for rsync config
 

+ rsync_group: sundries
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [80, 873]

file modified
+19 -26 
@@ -1,33 +1,26 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ deployment_type: stg
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-releng
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-releng
 

+   - sysadmin-web
 

+ ipa_host_group: sundries
 

+ ipa_host_group_desc: Odds and ends
 

  lvm_size: 50000
 

- mem_size: 2048
 

- num_cpus: 2
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 873 ]
 

- 

  # This gets overridden by whichever node we want to run special cronjobs.
 

  master_sundries_node: False
 

- 

- deployment_type: stg
 

- 

+ mem_size: 2048
 

+ nrpe_procs_crit: 500
 

+ nrpe_procs_warn: 300
 

+ num_cpus: 2
 

  # A host group for rsync config
 

  rsync_group: sundries-stg
 

- 

- nrpe_procs_warn: 300
 

- nrpe_procs_crit: 500
 

- 

- ipa_host_group: sundries
 

- ipa_host_group_desc: Odds and ends
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-releng
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- ipa_client_sudo_groups:
 

- - sysadmin-releng
 

- - sysadmin-web
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [80, 873]

file modified
+1 -3 
@@ -1,7 +1,5 @@
 

  ---
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [80]
 

- 

  primary_auth_source: ipa
 

+ tcp_ports: [80]

file modified
+30 -33 
@@ -1,39 +1,36 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 750000
 

- mem_size: 4096
 

- num_cpus: 2
 

- 

- tcp_ports: [ 53, 80, 443, 873, "6881:6999" ]
 

- udp_ports: [ 53 ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: torrent
 

- ipa_host_group_desc: BitTorrent trackers
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- - torrent-cc
 

- - torrentadmin
 

- ipa_client_sudo_groups:
 

- - sysadmin-web
 

- - torrentadmin
 

- 

- nrpe_procs_warn: 300
 

- nrpe_procs_crit: 500
 

- csi_security_category: Low
 

  csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

  csi_purpose: Torrent master server for Fedora distribution
 

  csi_relationship: |
 

-  torrent01 is the master torrent server for Fedora releases
 

-  This host relies on:
 

-  - The virthost it's hosted on (ibiblio05.fedoraproject.org)
 

-  - FAS to authenticate users
 

-  - VPN connectivity
 

+   torrent01 is the master torrent server for Fedora releases
 

+   This host relies on:
 

+   - The virthost it's hosted on (ibiblio05.fedoraproject.org)
 

+   - FAS to authenticate users
 

+   - VPN connectivity
 

  

-  Things that rely on this host:
 

-  - If this host is down, Fedora will lose a release distribution channel
 

-  - The Apache that displays the torrent website
 

-  - This server also has opentracker+ running to gather statistics for our torrent
 

+   Things that rely on this host:
 

+   - If this host is down, Fedora will lose a release distribution channel
 

+   - The Apache that displays the torrent website
 

+   - This server also has opentracker+ running to gather statistics for our torrent
 

+ csi_security_category: Low
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+   - torrent-cc
 

+   - torrentadmin
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-web
 

+   - torrentadmin
 

+ ipa_host_group: torrent
 

+ ipa_host_group_desc: BitTorrent trackers
 

+ lvm_size: 750000
 

+ mem_size: 4096
 

+ nrpe_procs_crit: 500
 

+ nrpe_procs_warn: 300
 

+ num_cpus: 2
 

+ primary_auth_source: ipa
 

+ tcp_ports: [53, 80, 443, 873, "6881:6999"]
 

+ udp_ports: [53]

file modified
+10 -18 
@@ -1,23 +1,15 @@
 

  ---
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 209.132.184.0/24 --dport 53 -j ACCEPT', '-A INPUT -p udp -m udp -s 209.132.184.0/24 --dport 53 -j ACCEPT', '-A INPUT -p udp -m udp -s 38.145.48.0/23 --dport 53 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 38.145.48.0/23 --dport 53 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 209.132.181.0/24 --dport 53 -j ACCEPT', '-A INPUT -p udp -m udp -s 209.132.181.0/24 --dport 53 -j ACCEPT']
 

+ freezes: false
 

+ ipa_client_shell_groups:
 

+   - sysadmin-dns
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-dns
 

+ ipa_host_group: unbound
 

+ ipa_host_group_desc: Unbound caching DNS
 

  lvm_size: 10000
 

  mem_size: 2048
 

  num_cpus: 2
 

- 

- tcp_ports: [ 80, 443 ]
 

- custom_rules: [ '-A INPUT -p tcp -m tcp -s 209.132.184.0/24 --dport 53 -j ACCEPT',
 

-                 '-A INPUT -p udp -m udp -s 209.132.184.0/24 --dport 53 -j ACCEPT',
 

-                 '-A INPUT -p udp -m udp -s 38.145.48.0/23 --dport 53 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 38.145.48.0/23 --dport 53 -j ACCEPT',
 

-                 '-A INPUT -p tcp -m tcp -s 209.132.181.0/24 --dport 53 -j ACCEPT',
 

-                 '-A INPUT -p udp -m udp -s 209.132.181.0/24 --dport 53 -j ACCEPT' ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: unbound
 

- ipa_host_group_desc: Unbound caching DNS
 

- ipa_client_shell_groups:
 

- - sysadmin-dns
 

- ipa_client_sudo_groups:
 

- - sysadmin-dns
 

- 

- freezes: false
 

  postfix_group: vpn
 

+ primary_auth_source: ipa
 

+ tcp_ports: [80, 443]

file modified
+59 -70 
@@ -1,77 +1,66 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ csi_primary_contact: mote admins - sysadmin-mote-members@fedoraproject.org
 

+ csi_purpose: Hosts services which help facilitate communication over IRC and related mediums.
 

+ csi_relationship: |
 

+   There are a couple things running here.
 

+ 

+   * zodbot, a supybot instance.  See the zodbot SOP for more info.
 

+   * fedmsg-irc, our fedmsg to IRC relay.  'journalctl -u fedmsg-irc'
 

+   * mote, a webapp running behind httpd that serves meetbot log files.
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ custom_rules: [
 

+   # Needed for rsync from log01 for logs.
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

+   # Needed to let nagios on noc01 and noc02 pipe alerts to zodbot here
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.10 --dport 5050 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.20 --dport 5050 -j ACCEPT',
 

+   # batcave01 also needs access to announce commits.
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.35 --dport 5050 -j ACCEPT']
 

+ deployment_type: prod
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       # cookies!
 

+       - irc.karma
 

+       # standard meetbot stuff
 

+       - meetbot.meeting.complete
 

+       - meetbot.meeting.start
 

+       - meetbot.meeting.topic.update
 

+       # meetbot line items
 

+       - meetbot.meeting.item.agreed
 

+       - meetbot.meeting.item.accepted
 

+       - meetbot.meeting.item.rejected
 

+       - meetbot.meeting.item.action
 

+       - meetbot.meeting.item.info
 

+       - meetbot.meeting.item.idea
 

+       - meetbot.meeting.item.help
 

+       - meetbot.meeting.item.link
 

+     group: daemon
 

+     owner: root
 

+     service: supybot
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-mote
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-mote
 

+   - sysadmin-web
 

+ ipa_host_group: value
 

+ ipa_host_group_desc: "Value added: IRC bots, message logging, etc."
 

  lvm_size: 30000
 

  mem_size: 6144
 

  num_cpus: 2
 

- 

- deployment_type: prod
 

- 

+ primary_auth_source: ipa
 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 443,
 

-     # These 16 ports are used by fedmsg.  One for each wsgi thread.
 

-     3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
 

-     3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
 

- 

- custom_rules: [
 

-     # Needed for rsync from log01 for logs.
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

-     # Needed to let nagios on noc01 and noc02 pipe alerts to zodbot here
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.10 --dport 5050 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.20 --dport 5050 -j ACCEPT',
 

-     # batcave01 also needs access to announce commits.
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.35 --dport 5050 -j ACCEPT',
 

- ]
 

- 

- primary_auth_source: ipa
 

- ipa_host_group: value
 

- ipa_host_group_desc: "Value added: IRC bots, message logging, etc."
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-mote
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- ipa_client_sudo_groups:
 

- - sysadmin-mote
 

- - sysadmin-web
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: supybot
 

-   owner: root
 

-   group: daemon
 

-   can_send:
 

-   # cookies!
 

-   - irc.karma
 

-   # standard meetbot stuff
 

-   - meetbot.meeting.complete
 

-   - meetbot.meeting.start
 

-   - meetbot.meeting.topic.update
 

-   # meetbot line items
 

-   - meetbot.meeting.item.agreed
 

-   - meetbot.meeting.item.accepted
 

-   - meetbot.meeting.item.rejected
 

-   - meetbot.meeting.item.action
 

-   - meetbot.meeting.item.info
 

-   - meetbot.meeting.item.idea
 

-   - meetbot.meeting.item.help
 

-   - meetbot.meeting.item.link
 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

- csi_primary_contact: mote admins - sysadmin-mote-members@fedoraproject.org
 

- csi_purpose: Hosts services which help facilitate communication over IRC and related mediums.
 

- csi_relationship: |
 

-     There are a couple things running here.
 

- 

-     * zodbot, a supybot instance.  See the zodbot SOP for more info.
 

-     * fedmsg-irc, our fedmsg to IRC relay.  'journalctl -u fedmsg-irc'
 

-     * mote, a webapp running behind httpd that serves meetbot log files.
 

+ tcp_ports: [80, 443,
 

+   # These 16 ports are used by fedmsg.  One for each wsgi thread.
 

+   3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

file modified
+58 -71 
@@ -1,78 +1,65 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ csi_primary_contact: mote admins - sysadmin-mote-members@fedoraproject.org
 

+ csi_purpose: Hosts staging services which help facilitate communication over IRC and related mediums.
 

+ csi_relationship: |
 

+   There are a couple things running here.
 

+ 

+   * ursabot, a supybot instance.  See the zodbot SOP for more info.
 

+   * fedmsg-irc, our staging fedmsg to IRC relay.  'journalctl -u fedmsg-irc'
 

+   * mote, a webapp running behind httpd that serves meetbot log files.
 

+ # For the MOTD
 

+ csi_security_category: Moderate
 

+ custom_rules: [
 

+   # Neeed for rsync from log01 for logs.
 

+   '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

+   # Needed to let nagios on noc01 and noc02 (noc01.stg) pipe alerts to zodbot here
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.10 --dport 5050 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.128.38 --dport 5050 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 152.19.134.192 --dport 5050 -j ACCEPT',
 

+   # batcave01 also needs access to announce commits.
 

+   '-A INPUT -p tcp -m tcp -s 10.5.126.23 --dport 5050 -j ACCEPT']
 

+ deployment_type: stg
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       # cookies!
 

+       - irc.karma
 

+       # standard meetbot stuff
 

+       - meetbot.meeting.complete
 

+       - meetbot.meeting.start
 

+       - meetbot.meeting.topic.update
 

+       # meetbot line items
 

+       - meetbot.meeting.item.agreed
 

+       - meetbot.meeting.item.accepted
 

+       - meetbot.meeting.item.rejected
 

+       - meetbot.meeting.item.action
 

+       - meetbot.meeting.item.info
 

+       - meetbot.meeting.item.idea
 

+       - meetbot.meeting.item.help
 

+       - meetbot.meeting.item.link
 

+     group: daemon
 

+     owner: root
 

+     service: supybot
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-mote
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-mote
 

+   - sysadmin-web
 

+ ipa_host_group: value
 

+ ipa_host_group_desc: "Value added: IRC bots, message logging, etc."
 

  lvm_size: 30000
 

  mem_size: 6144
 

  num_cpus: 2
 

- 

- deployment_type: stg
 

- 

  # for systems that do not match the above - specify the same parameter in
 

  # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 443,
 

-     # These 16 ports are used by fedmsg.  One for each wsgi thread.
 

-     3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
 

-     3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
 

- 

- custom_rules: [
 

-     # Neeed for rsync from log01 for logs.
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
 

-     # Needed to let nagios on noc01 and noc02 (noc01.stg) pipe alerts to zodbot here
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.10 --dport 5050 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.5.128.38 --dport 5050 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 152.19.134.192 --dport 5050 -j ACCEPT',
 

-     # batcave01 also needs access to announce commits.
 

-     '-A INPUT -p tcp -m tcp -s 10.5.126.23 --dport 5050 -j ACCEPT',
 

- ]
 

- 

- ipa_host_group: value
 

- ipa_host_group_desc: "Value added: IRC bots, message logging, etc."
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-mote
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- ipa_client_sudo_groups:
 

- - sysadmin-mote
 

- - sysadmin-web
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: supybot
 

-   owner: root
 

-   group: daemon
 

-   can_send:
 

-   # cookies!
 

-   - irc.karma
 

-   # standard meetbot stuff
 

-   - meetbot.meeting.complete
 

-   - meetbot.meeting.start
 

-   - meetbot.meeting.topic.update
 

-   # meetbot line items
 

-   - meetbot.meeting.item.agreed
 

-   - meetbot.meeting.item.accepted
 

-   - meetbot.meeting.item.rejected
 

-   - meetbot.meeting.item.action
 

-   - meetbot.meeting.item.info
 

-   - meetbot.meeting.item.idea
 

-   - meetbot.meeting.item.help
 

-   - meetbot.meeting.item.link
 

- 

- 

- # For the MOTD
 

- csi_security_category: Moderate
 

- csi_primary_contact: mote admins - sysadmin-mote-members@fedoraproject.org
 

- csi_purpose: Hosts staging services which help facilitate communication over IRC and related mediums.
 

- csi_relationship: |
 

-     There are a couple things running here.
 

- 

-     * ursabot, a supybot instance.  See the zodbot SOP for more info.
 

-     * fedmsg-irc, our staging fedmsg to IRC relay.  'journalctl -u fedmsg-irc'
 

-     * mote, a webapp running behind httpd that serves meetbot log files.
 

+ tcp_ports: [80, 443,
 

+   # These 16 ports are used by fedmsg.  One for each wsgi thread.
 

+   3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]

file modified
+11 -16 
@@ -1,25 +1,20 @@
 

  ---
 

  # iscsi initiator for netapp iscsi volume
 

- netapp_nfs01_iscsi_name: iqn.1992-08.com.netapp:sn.1573980325:vf.f88732f4-106e-11e2-bc86-00a098162a28
 

- # iscsi portal for netapp iscsi volume
 

- netapp_nfs01_iscsi_portal: 10.5.88.36
 

- 

- virthost: true
 

- nrpe_procs_warn: 1400
 

- nrpe_procs_crit: 1500
 

- 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: Host guest virtual machines.
 

+ csi_relationship: |
 

+   - Guests on this host will be inaccessible if the host is down.
 

+   - This host will be required by any application with a virtual machine running on it, therefore, if this host is down those applications will be impacted.
 

  # These variables are pushed into /etc/system_identification by the base role.
 

  # Groups and individual hosts should override them with specific info.
 

  # See http://infrastructure.fedoraproject.org/csi/security-policy/
 

- 

  csi_security_category: High
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: Host guest virtual machines.
 

- csi_relationship: |
 

-    - Guests on this host will be inaccessible if the host is down.
 

-    - This host will be required by any application with a virtual machine running on it, therefore, if this host is down those applications will be impacted.
 

- 

  nagios_Check_Services:
 

    raid: true
 

- 

+ netapp_nfs01_iscsi_name: iqn.1992-08.com.netapp:sn.1573980325:vf.f88732f4-106e-11e2-bc86-00a098162a28
 

+ # iscsi portal for netapp iscsi volume
 

+ netapp_nfs01_iscsi_portal: 10.5.88.36
 

+ nrpe_procs_crit: 1500
 

+ nrpe_procs_warn: 1400
 

  primary_auth_source: ipa
 

+ virthost: true

file modified
+1 -2 
@@ -1,5 +1,4 @@
 

  ---
 

- nrpe_procs_warn: 900
 

  nrpe_procs_crit: 1000
 

- 

+ nrpe_procs_warn: 900
 

  virthost: true

file modified
+1 -1 
@@ -1,3 +1,3 @@
 

  ---
 

- virthost: true
 

  datacenter: cloud
 

+ virthost: true

file modified
+4 -5 
@@ -2,9 +2,8 @@
 

  # XXX - this is not really a group of real hosts.
 

  # Instead, it represents an application in openshift.
 

  # See playbooks/openshift-apps/waiverdb.yml
 

- 

  fedmsg_certs:
 

- - service: waiverdb
 

-   can_send:
 

-   - logger.log
 

-   - waiverdb.waiver.new
 

+   - can_send:
 

+       - logger.log
 

+       - waiverdb.waiver.new
 

+     service: waiverdb

file modified
+5 -7 
@@ -2,11 +2,9 @@
 

  # XXX - this is not really a group of real hosts.
 

  # Instead, it represents an application in openshift.
 

  # See playbooks/openshift-apps/waiverdb.yml
 

- 

- fedmsg_env: stg
 

- 

  fedmsg_certs:
 

- - service: waiverdb
 

-   can_send:
 

-   - logger.log
 

-   - waiverdb.waiver.new
 

+   - can_send:
 

+       - logger.log
 

+       - waiverdb.waiver.new
 

+     service: waiverdb
 

+ fedmsg_env: stg

file modified
+36 -45 
@@ -1,55 +1,46 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

+ csi_primary_contact: "#fedora-admin"
 

+ csi_purpose: Provides our wiki
 

+ csi_relationship: |
 

+   - There are multiple servers that this service requires. All proxy servers and Wiki 1 and 2.
 

+   - Wiki requires the proxy servers in order for traffic to pass to them
 

+   - If the Apache processes stop on wiki01 and wiki02 the wiki will not display
 

+   - The wiki also requires fas for log in purposes
 

+ csi_security_category: Moderate
 

+ deployment_type: prod
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - wiki.article.edit
 

+       - wiki.upload.complete
 

+     group: apache
 

+     owner: root
 

+     service: mediawiki
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-web
 

+ ipa_host_group: wiki
 

+ ipa_host_group_desc: Fedora Wiki
 

  lvm_size: 30000
 

- mem_size: 8192
 

  max_mem_size: 8192
 

+ mem_size: 8192
 

+ nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

  num_cpus: 4
 

- 

- deployment_type: prod
 

- 

- virt_install_command: "{{ virt_install_command_two_nic }}"
 

- 

- tcp_ports: [ 80 ]
 

- 

  primary_auth_source: ipa
 

- ipa_host_group: wiki
 

- ipa_host_group_desc: Fedora Wiki
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-web
 

- ipa_client_sudo_groups:
 

- - sysadmin-web
 

- 

+ tcp_ports: [80]
 

+ virt_install_command: "{{ virt_install_command_two_nic }}"
 

  # mediawiki variables
 

  wikiname: "fp"
 

  wikipath: "wiki"
 

- wpath: "w"
 

  wikiver: "mediawiki"
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: mediawiki
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - wiki.article.edit
 

-   - wiki.upload.complete
 

- 

- nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

- csi_security_category: Moderate
 

- csi_primary_contact: "#fedora-admin"
 

- csi_purpose:  Provides our wiki
 

- csi_relationship: |
 

-  - There are multiple servers that this service requires. All proxy servers and Wiki 1 and 2.
 

-  - Wiki requires the proxy servers in order for traffic to pass to them
 

-  - If the Apache processes stop on wiki01 and wiki02 the wiki will not display
 

-  - The wiki also requires fas for log in purposes
 

- 

+ wpath: "w"

file modified
+26 -32 
@@ -1,41 +1,35 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 30000
 

- mem_size: 4096
 

- num_cpus: 2
 

- 

  deployment_type: stg
 

- 

- tcp_ports: [ 80 ]
 

- 

- ipa_host_group: wiki
 

- ipa_host_group_desc: Fedora Wiki
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   - can_send:
 

+       - logger.log
 

+     group: sysadmin
 

+     owner: root
 

+     service: shell
 

+   - can_send:
 

+       - wiki.article.edit
 

+       - wiki.upload.complete
 

+     group: apache
 

+     owner: root
 

+     service: mediawiki
 

  ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-web
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-web
 

  ipa_client_sudo_groups:
 

- - sysadmin-web
 

- 

+   - sysadmin-web
 

+ ipa_host_group: wiki
 

+ ipa_host_group_desc: Fedora Wiki
 

+ lvm_size: 30000
 

+ mem_size: 4096
 

+ nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

+ num_cpus: 2
 

+ tcp_ports: [80]
 

  # mediawiki variables
 

  wikiname: "fp"
 

  wikipath: "wiki"
 

- wpath: "w"
 

  wikiver: "mediawiki"
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: sysadmin
 

-   can_send:
 

-   - logger.log
 

- - service: mediawiki
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - wiki.article.edit
 

-   - wiki.upload.complete
 

- 

- nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

+ wpath: "w"

file modified
+19 -25 
@@ -1,33 +1,27 @@
 

  ---
 

  # Define resources for this group of hosts here.
 

- lvm_size: 100000
 

- mem_size: 8192
 

- num_cpus: 2
 

- 

- deployment_type: stg
 

- 

- # for systems that do not match the above - specify the same parameter in
 

- # the host_vars/$hostname file
 

- 

- tcp_ports: [ 80, 443]
 

- 

- ipa_host_group: zabbix
 

- ipa_host_group_desc: Zabbix Network Monitoring
 

- ipa_client_shell_groups:
 

- - fi-apprentice
 

- - sysadmin-noc
 

- - sysadmin-veteran
 

- - sysadmin-jenkins
 

- ipa_client_sudo_groups:
 

- - sysadmin-jenkins
 

- 

- # For the MOTD
 

- csi_security_category: []
 

  csi_primary_contact: []
 

  csi_purpose: []
 

  csi_relationship: |
 

-        Test instance for zabbix server
 

- 

+   Test instance for zabbix server
 

+ # For the MOTD
 

+ csi_security_category: []
 

+ deployment_type: stg
 

+ ipa_client_shell_groups:
 

+   - fi-apprentice
 

+   - sysadmin-noc
 

+   - sysadmin-veteran
 

+   - sysadmin-jenkins
 

+ ipa_client_sudo_groups:
 

+   - sysadmin-jenkins
 

+ ipa_host_group: zabbix
 

+ ipa_host_group_desc: Zabbix Network Monitoring
 

+ lvm_size: 100000
 

+ mem_size: 8192
 

  nagios_Can_Connect: false
 

  nagios_Check_Services:
 

    ping: false
 

+ num_cpus: 2
 

+ # for systems that do not match the above - specify the same parameter in
 

+ # the host_vars/$hostname file
 

+ tcp_ports: [80, 443]

file modified
+14 -25 
@@ -1,36 +1,25 @@
 

  ---
 

- vmhost: cloudvmhost-aarch64-01.fedorainfracloud.org
 

+ datacenter: cloud
 

+ dns: 8.8.8.8
 

  eth0_ip: 38.145.48.51
 

- nm: 255.255.254.0
 

  gw: 38.145.49.254
 

- dns: 8.8.8.8
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-fedora-31-ext-aarch64
 

  ks_repo: http://209.132.181.6/pub/fedora/linux/releases/31/Server/aarch64/os/
 

- 

- virt_install_command_one_nic: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }}
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 ksdevice=eth0 ks={{ ks_url }} console=ttyS0
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }}
 

-                  --autostart --noautoconsole --rng /dev/random
 

- 

- volgroup: /dev/vg_guests
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-fedora-31-ext-aarch64
 

  lvm_size: 140000
 

- mem_size: 40960
 

  max_mem_size: "{{ mem_size }}"
 

- num_cpus: 5
 

- datacenter: cloud
 

- 

+ mem_size: 40960
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ nm: 255.255.254.0
 

+ num_cpus: 5
 

+ virt_install_command_one_nic: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 ksdevice=eth0 ks={{ ks_url }} console=ttyS0 hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac_address }} --autostart --noautoconsole --rng /dev/random
 

+ vmhost: cloudvmhost-aarch64-01.fedorainfracloud.org
 

+ volgroup: /dev/vg_guests

file modified
+15 -20 
@@ -1,32 +1,27 @@
 

  ---
 

- vmhost: vmhost-a64-cc01.rdu-cc.fedoraproject.org
 

+ datacenter: rdu-cc
 

+ dns: 8.8.8.8
 

  eth0_ip: 8.43.85.52
 

- nm: 255.255.255.0
 

  gw: 8.43.85.254
 

- dns: 8.8.8.8
 

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/armhfp/os/
 

- 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  libdir: /usr/lib
 

- vpn: true
 

- 

- datacenter: rdu-cc
 

- 

- virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
 

- 

- volgroup: /dev/vg_guests
 

  lvm_size: 140000
 

- mem_size: 40960
 

  max_mem_size: "{{ mem_size }}"
 

- num_cpus: 5
 

- 

+ mem_size: 40960
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ nm: 255.255.255.0
 

+ num_cpus: 5
 

+ virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
 

+ vmhost: vmhost-a64-cc01.rdu-cc.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+15 -21 
@@ -1,33 +1,27 @@
 

  ---
 

- vmhost: vmhost-a64-cc01.rdu-cc.fedoraproject.org
 

+ datacenter: rdu-cc
 

+ dns: 8.8.8.8
 

  eth0_ip: 8.43.85.53
 

- nm: 255.255.255.0
 

  gw: 8.43.85.254
 

- dns: 8.8.8.8
 

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/armhfp/os/
 

- 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  libdir: /usr/lib
 

- 

- vpn: true
 

- 

- datacenter: rdu-cc
 

- 

- virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
 

- 

- volgroup: /dev/vg_guests
 

  lvm_size: 140000
 

- mem_size: 40960
 

  max_mem_size: "{{ mem_size }}"
 

- num_cpus: 5
 

- 

+ mem_size: 40960
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ nm: 255.255.255.0
 

+ num_cpus: 5
 

+ virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
 

+ vmhost: vmhost-a64-cc01.rdu-cc.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+19 -26 
@@ -1,39 +1,32 @@
 

  ---
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eno1_ipv4: 10.3.169.28
 

- eno1_ipv4_nm: 24
 

  eno1_ipv4_gw: 10.3.169.254
 

- 

+ eno1_ipv4_nm: 24
 

+ eno1_mac: "{{ mac1 }}"
 

+ has_ipv4: yes
 

  mac1: ec:f4:bb:d2:85:48
 

  mac2: ec:f4:bb:d2:85:4a
 

  mac3: ec:f4:bb:d2:85:4c
 

  mac4: ec:f4:bb:d2:85:4d
 

- 

- eno1_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

- - name: eno1
 

-   mac: "{{ eno1_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eno1_ipv4 }}/{{ eno1_ipv4_nm }}"
 

-     gateway4: "{{ eno1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eno1_ipv4 }}/{{ eno1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eno1_ipv4_gw }}"
 

+     mac: "{{ eno1_mac }}"
 

+     name: eno1
 

+     state: up
 

+     type: ethernet

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ eth0_ip: 10.3.167.29
 

+ gw: 10.3.167.254
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: bvmhost-x86-02.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- eth0_ip: 10.3.167.29
 

+ volgroup: /dev/vg_guests

file modified
+24 -34 
@@ -1,44 +1,34 @@
 

  ---
 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- datacenter: iad2
 

- 

  ansible_ifcfg_blocklist: true
 

- 

- grokmirror_topdir: /fedora_backups/grokmirror
 

- weblate_backup_topdir: /fedora_backups/misc/weblate
 

- 

+ datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eno1_ipv4: 10.3.163.40
 

- eno1_ipv4_nm: 24
 

  eno1_ipv4_gw: 10.3.163.254
 

- 

- mac0: ec:f4:bb:d2:76:a0
 

- 

+ eno1_ipv4_nm: 24
 

  eno1_mac: "{{ mac0 }}"
 

- 

+ grokmirror_topdir: /fedora_backups/grokmirror
 

+ has_ipv4: yes
 

+ mac0: ec:f4:bb:d2:76:a0
 

  network_connections:
 

- - name: eno1
 

-   mac: "{{ eno1_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eno1_ipv4 }}/{{ eno1_ipv4_nm }}"
 

-     gateway4: "{{ eno1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eno1_ipv4 }}/{{ eno1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eno1_ipv4_gw }}"
 

+     mac: "{{ eno1_mac }}"
 

+     name: eno1
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ weblate_backup_topdir: /fedora_backups/misc/weblate

file modified
+8 -9 
@@ -1,15 +1,14 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.94
 

- vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

+ sar_output_file: badges.json
 

  # GDPR SAR variables
 

  sar_script: /usr/local/bin/get-sar-person-details
 

  sar_script_user: fedmsg
 

- sar_output_file: badges.json
 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -7 
@@ -1,15 +1,14 @@
 

  ---
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ipv4: 10.3.166.44
 

  eth0_ipv4_gw: 10.3.166.254
 

  eth0_ipv4_nm: 255.255.255.0
 

- vmhost: vmhost-x86-11.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ sar_output_file: badges.json
 

  # GDPR SAR variables
 

  sar_script: /usr/local/bin/get-sar-person-details
 

  sar_script_user: fedmsg
 

- sar_output_file: badges.json
 

+ vmhost: vmhost-x86-11.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -6 
@@ -1,10 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.95
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+4 -4 
@@ -1,10 +1,10 @@
 

  ---
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ipv4: 10.3.166.65
 

  eth0_ipv4_gw: 10.3.166.254
 

  eth0_ipv4_nm: 255.255.255.0
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  vmhost: vmhost-x86-11.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+8 -13 
@@ -1,19 +1,14 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 8.8.8.8
 

- 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.3.163.31
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ gw: 10.3.163.254
 

  ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ nm: 255.255.255.0
 

+ ssh_hostnames:
 

+   - bastion.fedoraproject.org
 

+   - bastion01.fedoraproject.org
 

  vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests
 

  vpn: false
 

- 

- ssh_hostnames:
 

- - bastion.fedoraproject.org
 

- - bastion01.fedoraproject.org

file modified
+8 -13 
@@ -1,19 +1,14 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.3.163.32
 

- 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-8-iad2
 

+ gw: 10.3.163.254
 

  ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL8-x86_64/
 

- 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

+ ssh_hostnames:
 

+   - bastion.fedoraproject.org
 

+   - bastion02.fedoraproject.org
 

  vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests
 

  vpn: false
 

- 

- ssh_hostnames:
 

- - bastion.fedoraproject.org
 

- - bastion02.fedoraproject.org

file modified
+13 -20 
@@ -1,31 +1,24 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 172.31.2.254
 

+ datacenter: rdu
 

  dns: 172.31.2.24
 

  dns1: 172.31.2.24
 

  #dns2: 8.8.4.4
 

  

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-rhel-8-ext
 

- ks_repo: http://38.145.60.16/repo/rhel/RHEL8-x86_64/
 

- 

- vmhost: virthost-rdu01.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 172.31.2.21
 

  eth0_nm: 255.255.255.0
 

- 

+ gw: 172.31.2.254
 

+ ks_repo: http://38.145.60.16/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-rhel-8-ext
 

+ max_mem_size: 32768
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

+ postfix_group: vpn
 

  public_ip: 209.132.190.1
 

- 

  # This is consumed by the roles/fedora-web/main role
 

  sponsor: redhat
 

- datacenter: rdu
 

- postfix_group: vpn
 

+ vmhost: virthost-rdu01.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- mem_size: 16384
 

- max_mem_size: 32768
 

- num_cpus: 8
 

-

file modified
+9 -13 
@@ -1,24 +1,20 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.35
 

- vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ nm: 255.255.255.0
 

+ sar_output_file: koji.json
 

  #host_backup_targets: ['/git', '/mnt/fedora/app/attachments']
 

  

  # GDPR SAR variables - koji
 

  sar_script: /usr/local/bin/koji_sar.py
 

  sar_script_user: root
 

- sar_output_file: koji.json
 

- 

  # Add VPN host name as alt name for SSH cert.  Useful when you need to
 

  # SSH into batcave through VPN, like from bastion in a different DC.
 

  ssh_hostnames:
 

- - batcave01.vpn.fedoraproject.org
 

+   - batcave01.vpn.fedoraproject.org
 

+ vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+19 -29 
@@ -1,50 +1,40 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 172.31.2.254
 

+ ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q root@bastion13.fedoraproject.org"'
 

+ datacenter: rdu
 

  dns: 172.31.2.24
 

  dns1: 172.31.2.24
 

  #dns2: 8.8.4.4
 

  

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-rhel-8-ext
 

- ks_repo: http://38.145.60.16/repo/rhel/RHEL8-x86_64/
 

- 

- vmhost: virthost-rdu01.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- virt_install_command: "{{ virt_install_command_two_nic }}"
 

- 

  eth0_ip: 172.31.2.25
 

  eth0_nm: 255.255.255.0
 

- 

  eth1_ip: 172.31.1.3
 

  eth1_nm: 255.255.255.0
 

- 

- #public_ip: 209.132.190.2
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: redhat
 

- datacenter: rdu
 

- postfix_group: vpn
 

- vpn: true
 

- 

+ gw: 172.31.2.254
 

+ ks_repo: http://38.145.60.16/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-rhel-8-ext
 

+ max_mem_size: 32768
 

+ mem_size: 16384
 

  nagios_Can_Connect: false
 

- 

  nagios_Check_Services:
 

    mail: false
 

    nrpe: false
 

+   ping: false
 

    sshd: false
 

    swap: false
 

-   ping: false
 

- 

- nrpe_procs_warn: 1200
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

- 

- mem_size: 16384
 

- max_mem_size: 32768
 

+ nrpe_procs_warn: 1200
 

  num_cpus: 8
 

+ postfix_group: vpn
 

+ #public_ip: 209.132.190.2
 

  

- ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q root@bastion13.fedoraproject.org"'
 

- 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: redhat
 

  # Add VPN host name as alt namefor SSH cert.  Useful when you need to
 

  # SSH into batcave through VPN, like from bastion in a different DC.
 

  ssh_hostnames:
 

- - batcave13.vpn.fedoraproject.org
 

+   - batcave13.vpn.fedoraproject.org
 

+ virt_install_command: "{{ virt_install_command_two_nic }}"
 

+ vmhost: virthost-rdu01.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+20 -28 
@@ -1,38 +1,30 @@
 

  ---
 

  datacenter: iad2
 

- 

- resolvconf: "resolv.conf/iad2"
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.29
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

- mac0: d0:94:66:45:a7:e4
 

- 

+ eth0_ipv4_nm: 24
 

  eth0_mac: "{{ mac0 }}"
 

- 

+ has_ipv4: yes
 

+ mac0: d0:94:66:45:a7:e4
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ eth0_mac }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ resolvconf: "resolv.conf/iad2"

file modified
+20 -28 
@@ -1,38 +1,30 @@
 

  ---
 

  datacenter: iad2
 

- 

- resolvconf: "resolv.conf/iad2"
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.30
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

- mac0: d0:94:66:45:8c:0f
 

- 

+ eth0_ipv4_nm: 24
 

  eth0_mac: "{{ mac0 }}"
 

- 

+ has_ipv4: yes
 

+ mac0: d0:94:66:45:8c:0f
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ eth0_mac }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ resolvconf: "resolv.conf/iad2"

file modified
+8 -12 
@@ -1,17 +1,13 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ blockerbugs_db_host_machine: db01.iad2.fedoraproject.org
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.88
 

- vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  # This is the master node in stg, so it runs the cron job
 

  master_blockerbugs_node: True
 

- 

- blockerbugs_db_host_machine: db01.iad2.fedoraproject.org
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -10 
@@ -1,15 +1,12 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.37
 

- vmhost: vmhost-x86-08.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  # This is the master node in stg, so it runs the cron job
 

  master_blockerbugs_node: True
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-08.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+80 -87 
@@ -1,96 +1,89 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.169.101
 

- vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

- mem_size: 98304
 

- max_mem_size: 98304
 

- num_cpus: 30
 

- 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

- 

- datacenter: iad2
 

- 

  # These set a config value in /etc/fedmsg.d/, see roles/bodhi2/base/
 

  bodhi_masher_enabled: True
 

- bodhi_updates_handler_enabled: False
 

  bodhi_signed_handler_enabled: False
 

- 

- # GDPR SAR variables
 

- sar_script: /usr/bin/bodhi-sar
 

- sar_script_user: apache
 

- sar_output_file: bodhi.json
 

- 

- # These are consumed by a task in roles/fedmsg/base/main.yml
 

- fedmsg_certs:
 

- # These are certs for pungi
 

- - service: releng
 

-   owner: apache
 

-   group: sysadmin-releng
 

-   can_send:
 

-   # new school pungi-koji stuff (ask dgilmore)
 

-   - pungi.compose.phase.start
 

-   - pungi.compose.phase.stop
 

-   - pungi.compose.status.change
 

-   - pungi.compose.createiso.targets
 

-   - pungi.compose.ostree
 

-   - releng.atomic.twoweek.begin
 

-   - releng.atomic.twoweek.complete
 

- # These are certs for the masher to publish its own messages as it progresses.
 

- - service: bodhi
 

-   owner: root
 

-   group: apache
 

-   can_send:
 

-   - bodhi.mashtask.complete
 

-   - bodhi.mashtask.mashing
 

-   - bodhi.mashtask.start
 

-   - bodhi.mashtask.sync.done
 

-   - bodhi.mashtask.sync.wait
 

-   - bodhi.ostree.compose.start
 

-   - bodhi.ostree.compose.fail
 

-   - bodhi.ostree.compose.finish
 

-   - bodhi.errata.publish
 

-   - bodhi.update.eject
 

-   - bodhi.update.complete.testing
 

-   - bodhi.update.complete.stable
 

-   - bodhi.update.request.testing
 

-   - bodhi.update.request.stable
 

-   - bodhi.update.request.batched
 

-   - bodhi.update.karma.threshold.reach
 

-   - bodhi.buildroot_override.untag
 

-   - bodhi.update.comment
 

-   - bodhi.update.requirements_met.stable
 

- - service: ftpsync
 

-   owner: root
 

-   group: ftpsync
 

-   can_send:
 

-   - bodhi.updates.epel.sync
 

-   - bodhi.updates.fedora.sync
 

- 

- 

- # For the MOTD
 

- csi_security_category: Medium
 

+ bodhi_updates_handler_enabled: False
 

  csi_primary_contact: Releng Admins sysadmin-releng-members@fedoraproject.org
 

  csi_purpose: Run the Bodhi masher.
 

  csi_relationship: |
 

-     The mashing of repos here happens as part of the 'fedmsg-hub' daemon.  Check
 

-     logs with 'journalctl -u fedmsg-hub'.  Check the bodhi masher docs/code for
 

-     more detail on what it does:
 

-     https://github.com/fedora-infra/bodhi/blob/develop/bodhi/consumers/masher.py
 

+   The mashing of repos here happens as part of the 'fedmsg-hub' daemon.  Check
 

+   logs with 'journalctl -u fedmsg-hub'.  Check the bodhi masher docs/code for
 

+   more detail on what it does:
 

+   https://github.com/fedora-infra/bodhi/blob/develop/bodhi/consumers/masher.py
 

  

-     * This host relies on:
 

-       * db01 for its database, which is shares with the bodhi2 frontend nodes.
 

-       * An NFS mount of koji data in /mnt/koji/
 

-       * The fedmsg bus for triggering mashes.
 

-       * XMLRPC calls to koji for tagging and untagging updates.
 

-       * bugzilla for posting comments about status changes
 

-       * the wiki for getting information about QA "Test Cases"
 

-       * taksotron (resultsdb) for getting status-check results (gating updates).
 

+   * This host relies on:
 

+     * db01 for its database, which is shares with the bodhi2 frontend nodes.
 

+     * An NFS mount of koji data in /mnt/koji/
 

+     * The fedmsg bus for triggering mashes.
 

+     * XMLRPC calls to koji for tagging and untagging updates.
 

+     * bugzilla for posting comments about status changes
 

+     * the wiki for getting information about QA "Test Cases"
 

+     * taksotron (resultsdb) for getting status-check results (gating updates).
 

  

-     * No other systems rely directly on this host.  Everything depends on it
 

-       indirectly for the creation of new updates repos (which get synced out to
 

-       the master mirror for distribution.
 

+   * No other systems rely directly on this host.  Everything depends on it
 

+     indirectly for the creation of new updates repos (which get synced out to
 

+     the master mirror for distribution.
 

+ # For the MOTD
 

+ csi_security_category: Medium
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.169.101
 

+ # These are consumed by a task in roles/fedmsg/base/main.yml
 

+ fedmsg_certs:
 

+   # These are certs for pungi
 

+   - can_send:
 

+       # new school pungi-koji stuff (ask dgilmore)
 

+       - pungi.compose.phase.start
 

+       - pungi.compose.phase.stop
 

+       - pungi.compose.status.change
 

+       - pungi.compose.createiso.targets
 

+       - pungi.compose.ostree
 

+       - releng.atomic.twoweek.begin
 

+       - releng.atomic.twoweek.complete
 

+     group: sysadmin-releng
 

+     owner: apache
 

+     service: releng
 

+   # These are certs for the masher to publish its own messages as it progresses.
 

+   - can_send:
 

+       - bodhi.mashtask.complete
 

+       - bodhi.mashtask.mashing
 

+       - bodhi.mashtask.start
 

+       - bodhi.mashtask.sync.done
 

+       - bodhi.mashtask.sync.wait
 

+       - bodhi.ostree.compose.start
 

+       - bodhi.ostree.compose.fail
 

+       - bodhi.ostree.compose.finish
 

+       - bodhi.errata.publish
 

+       - bodhi.update.eject
 

+       - bodhi.update.complete.testing
 

+       - bodhi.update.complete.stable
 

+       - bodhi.update.request.testing
 

+       - bodhi.update.request.stable
 

+       - bodhi.update.request.batched
 

+       - bodhi.update.karma.threshold.reach
 

+       - bodhi.buildroot_override.untag
 

+       - bodhi.update.comment
 

+       - bodhi.update.requirements_met.stable
 

+     group: apache
 

+     owner: root
 

+     service: bodhi
 

+   - can_send:
 

+       - bodhi.updates.epel.sync
 

+       - bodhi.updates.fedora.sync
 

+     group: ftpsync
 

+     owner: root
 

+     service: ftpsync
 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ max_mem_size: 98304
 

+ mem_size: 98304
 

+ nm: 255.255.255.0
 

+ num_cpus: 30
 

+ sar_output_file: bodhi.json
 

+ # GDPR SAR variables
 

+ sar_script: /usr/bin/bodhi-sar
 

+ sar_script_user: apache
 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+22 -23 
@@ -1,28 +1,27 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

- mac_address: 52:54:00:1c:40:15
 

  eth0_ip: 10.3.167.32
 

- vmhost: bvmhost-x86-03.stg.iad2.fedoraproject.org
 

- 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- # This first cert is used by the push-tool.   releng members run it and it fires
 

- # off a simple fedmsg message that the masher (running as fedmsg-hub) is
 

- # listening for.  It then does all the worker.
 

- # These are certs for pungi
 

- - service: releng
 

-   owner: apache
 

-   group: sysadmin-releng
 

-   can_send:
 

-   # new school pungi-koji stuff (ask dgilmore)
 

-   - pungi.compose.phase.start
 

-   - pungi.compose.phase.stop
 

-   - pungi.compose.status.change
 

-   - pungi.compose.createiso.targets
 

-   - releng.atomic.twoweek.begin
 

-   - releng.atomic.twoweek.complete
 

+   # This first cert is used by the push-tool.   releng members run it and it fires
 

+   # off a simple fedmsg message that the masher (running as fedmsg-hub) is
 

+   # listening for.  It then does all the worker.
 

+   # These are certs for pungi
 

+   - can_send:
 

+       # new school pungi-koji stuff (ask dgilmore)
 

+       - pungi.compose.phase.start
 

+       - pungi.compose.phase.stop
 

+       - pungi.compose.status.change
 

+       - pungi.compose.createiso.targets
 

+       - releng.atomic.twoweek.begin
 

+       - releng.atomic.twoweek.complete
 

+     group: sysadmin-releng
 

+     owner: apache
 

+     service: releng
 

+ gw: 10.3.167.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ mac_address: 52:54:00:1c:40:15
 

+ nm: 255.255.255.0
 

+ vmhost: bvmhost-x86-03.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+32 -44 
@@ -1,60 +1,48 @@
 

  ---
 

- freezes: false
 

- 

  datacenter: iad2
 

- 

- vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- lvm_size: 120g
 

- mem_size: 16384
 

- max_mem_size: 16384
 

- num_cpus: 4
 

- 

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.163.126
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.163.254
 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ eth0_ipv4_nm: 24
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

- 

+ has_ipv4: yes
 

+ lvm_size: 120g
 

  mac0: "{{ ansible_default_ipv4.macaddress }}"
 

- 

- rhcos_ignition_file_url: "http://10.3.163.65/rhcos/bootstrap.ign"
 

- rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_install_url: "http://10.3.163.65/rhcos/"
 

- 

- virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

- 

+ max_mem_size: 16384
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/bootstrap.ign"
 

+ rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.163.65/rhcos/"
 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+32 -44 
@@ -1,60 +1,48 @@
 

  ---
 

- freezes: false
 

-  

  datacenter: iad2
 

-  

- vmhost: vmhost-x86-05.stg.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- lvm_size: 120g
 

- mem_size: 16384
 

- max_mem_size: 16384
 

- num_cpus: 4
 

-  

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

-  

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

-  

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.166.121
 

+ eth0_ipv4_gw: 10.3.166.254
 

  eth0_ipv4_nm: 24
 

- eth0_ipv4_gw: 10.3.166.254 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

-  

+ has_ipv4: yes
 

+ lvm_size: 120g
 

  mac0: "{{ ansible_default_ipv4.macaddress }}"
 

- 

- rhcos_ignition_file_url: "http://10.3.166.50/rhcos/bootstrap.ign"
 

- rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_install_url: "http://10.3.166.50/rhcos/"
 

- 

- virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

-  

+ max_mem_size: 16384
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: ens2
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-  

- vpn: true
 

-  

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: ens2
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ rhcos_ignition_file_url: "http://10.3.166.50/rhcos/bootstrap.ign"
 

+ rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.166.50/rhcos/"
 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

+ vmhost: vmhost-x86-05.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+25 -27 
@@ -1,31 +1,29 @@
 

  ---
 

- gw: 10.3.170.254
 

+ datacenter: iad2
 

  eth1_ip: 10.3.170.121
 

  eth1_ipv4_gw: 10.3.170.254
 

- datacenter: iad2
 

- 

+ gw: 10.3.170.254
 

  network_connections:
 

- - name: eth0
 

-   type: ethernet
 

-   autoconnect: no
 

-   mac: 68:05:ca:8e:ab:e6
 

- - name: eth1
 

-   state: up
 

-   type: ethernet
 

-   mac: 50:6b:4b:6b:08:50
 

-   autoconnect: yes
 

-   ip:
 

-     address: 10.3.170.121/24
 

-     gateway4: 10.3.170.254
 

-     dns:
 

-     - 10.3.163.33
 

-     - 10.3.163.34
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth2
 

-   mac: 50:6b:4b:6b:08:51
 

-   type: ethernet
 

-   autoconnect: no
 

+   - autoconnect: no
 

+     mac: 68:05:ca:8e:ab:e6
 

+     name: eth0
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     ip:
 

+       address: 10.3.170.121/24
 

+       dhcp4: no
 

+       dns:
 

+         - 10.3.163.33
 

+         - 10.3.163.34
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: 10.3.170.254
 

+     mac: 50:6b:4b:6b:08:50
 

+     name: eth1
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: 50:6b:4b:6b:08:51
 

+     name: eth2
 

+     type: ethernet

file modified
+26 -33 
@@ -2,43 +2,36 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth1_ipv4: 10.3.170.122
 

- eth1_ipv4_nm: 24
 

  eth1_ipv4_gw: 10.3.170.254
 

- 

+ eth1_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 00:1b:21:de:34:63
 

  mac1: 50:6b:4b:6a:ec:90
 

  mac2: 50:6b:4b:6a:ec:91
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: down
 

-   type: ethernet
 

- 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

-     gateway4: "{{ eth1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   state: down
 

-   type: ethernet
 

+   - mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth1_ipv4_gw }}"
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: up
 

+     type: ethernet
 

+   - mac: "{{ mac2 }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet

file modified
+30 -37 
@@ -2,48 +2,41 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.170.123
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.170.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 00:01:73:02:08:83
 

  mac1: fe:2f:0f:b7:1c:1e
 

  mac2: e6:6d:96:cc:7a:cd
 

  mac3: d2:87:2a:46:d0:24
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

- 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   state: down
 

-   type: ethernet
 

- 

- - name: eth3
 

-   mac: "{{ mac3 }}"
 

-   state: down
 

-   type: ethernet 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac2 }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac3 }}"
 

+     name: eth3
 

+     state: down
 

+     type: ethernet

file modified
+30 -37 
@@ -2,48 +2,41 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.170.124
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.170.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 2c:59:e5:36:9a:53
 

  mac1: a6:df:61:ff:e4:3f
 

  mac2: da:2c:8f:e7:99:2b
 

  mac3: c2:ac:ba:0d:8c:db
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

- 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   state: down
 

-   type: ethernet
 

- 

- - name: eth3
 

-   mac: "{{ mac3 }}"
 

-   state: down
 

-   type: ethernet
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac2 }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac3 }}"
 

+     name: eth3
 

+     state: down
 

+     type: ethernet

file modified
+30 -38 
@@ -2,49 +2,41 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.170.125
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.170.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 00:01:73:02:09:c3
 

  mac1: ee:cb:e1:1b:27:6e
 

  mac2: f2:b7:9e:26:0d:9a
 

  mac3: ca:65:7a:c4:c8:83
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

- 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   state: down
 

-   type: ethernet
 

- 

- - name: eth3
 

-   mac: "{{ mac3 }}"
 

-   state: down
 

-   type: ethernet
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac2 }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac3 }}"
 

+     name: eth3
 

+     state: down
 

+     type: ethernet

file modified
+30 -37 
@@ -2,48 +2,41 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.170.126
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.170.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 2c:59:e5:36:9a:51
 

  mac1: ce:a6:3d:c6:22:51
 

  mac2: 66:19:15:4e:89:56
 

  mac3: 66:66:16:e5:59:df
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

- 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   state: down
 

-   type: ethernet
 

- 

- - name: eth3
 

-   mac: "{{ mac3 }}"
 

-   state: down
 

-   type: ethernet 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac2 }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac3 }}"
 

+     name: eth3
 

+     state: down
 

+     type: ethernet

file modified
+2 -2 
@@ -1,5 +1,5 @@
 

  ---
 

- gw: 10.3.170.254
 

+ datacenter: iad2
 

  eth0_ip: 10.3.170.127
 

  eth0_ipv4_gw: 10.3.170.254
 

- datacenter: iad2
 

+ gw: 10.3.170.254

file modified
+19 -26 
@@ -1,36 +1,29 @@
 

  ---
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.170.128
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.170.254
 

- 

- mac0: 2c:59:e5:36:9a:4f
 

- 

+ eth0_ipv4_nm: 24
 

  eth0_mac: "{{ mac0 }}"
 

- 

+ has_ipv4: yes
 

+ mac0: 2c:59:e5:36:9a:4f
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ eth0_mac }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet

file modified
+2 -2 
@@ -1,5 +1,5 @@
 

  ---
 

- gw: 10.3.170.254
 

+ datacenter: iad2
 

  eth0_ip: 10.3.170.129
 

  eth0_ipv4_gw: 10.3.170.254
 

- datacenter: iad2
 

+ gw: 10.3.170.254

file modified
+2 -2 
@@ -1,5 +1,5 @@
 

  ---
 

- gw: 10.3.170.254
 

+ datacenter: iad2
 

  eth0_ip: 10.3.170.130
 

  eth0_ipv4_gw: 10.3.170.254
 

- datacenter: iad2
 

+ gw: 10.3.170.254

file modified
+30 -37 
@@ -2,48 +2,41 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.170.131
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.170.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 00:01:73:02:08:ff
 

  mac1: 72:a3:68:ad:39:05
 

  mac2: 8a:93:68:8d:ca:cd
 

  mac3: ee:ef:b7:b9:28:8a
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

- 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   state: down
 

-   type: ethernet
 

- 

- - name: eth3
 

-   mac: "{{ mac3 }}"
 

-   state: down
 

-   type: ethernet
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac2 }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac3 }}"
 

+     name: eth3
 

+     state: down
 

+     type: ethernet

file modified
+30 -37 
@@ -2,48 +2,41 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.170.139
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.170.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: f4:e9:d4:cc:2f:f4
 

  mac1: f4:e9:d4:cc:2f:f5
 

  mac2: f4:e9:d4:f2:e7:f4
 

  mac3: f4:e9:d4:f2:e7:f5
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

- 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   state: down
 

-   type: ethernet
 

- 

- - name: eth3
 

-   mac: "{{ mac3 }}"
 

-   state: down
 

-   type: ethernet 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac2 }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac3 }}"
 

+     name: eth3
 

+     state: down
 

+     type: ethernet

file modified
+30 -37 
@@ -2,48 +2,41 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.170.140
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.170.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: f4:e9:d4:cc:32:b2
 

  mac1: f4:e9:d4:cc:32:b3
 

  mac2: f4:e9:d4:f2:e9:6e
 

  mac3: f4:e9:d4:f2:e9:6f
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

- 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   state: down
 

-   type: ethernet
 

- 

- - name: eth3
 

-   mac: "{{ mac3 }}"
 

-   state: down
 

-   type: ethernet 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac2 }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

+   - mac: "{{ mac3 }}"
 

+     name: eth3
 

+     state: down
 

+     type: ethernet

file modified
+30 -34 
@@ -1,43 +1,39 @@
 

  ---
 

- freezes: true
 

- nested: true
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth1_ipv4: 10.3.170.151
 

- eth1_ipv4_nm: 24
 

  eth1_ipv4_gw: 10.3.170.254
 

- 

- mgmt_mac: "e8:6a:64:39:18:ef"
 

- mgmt_ipv4: "10.3.160.114"
 

+ eth1_ipv4_nm: 24
 

+ freezes: true
 

+ has_ipv4: yes
 

  mac0: 68:05:ca:8e:9b:86
 

  mac1: 50:6b:4b:6a:b6:20
 

  mac2: 50:6b:4b:6a:b6:21
 

- 

+ mgmt_ipv4: "10.3.160.114"
 

+ mgmt_mac: "e8:6a:64:39:18:ef"
 

+ nested: true
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: eth1
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   mac: "{{ mac1 }}"
 

-   ip:
 

-     address:
 

-     - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

-     gateway4: "{{ eth1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   type: ethernet
 

-   autoconnect: no
 

+   - autoconnect: no
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth1_ipv4_gw }}"
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ mac2 }}"
 

+     name: eth2
 

+     type: ethernet

file modified
+29 -34 
@@ -1,43 +1,38 @@
 

  ---
 

- freezes: true
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth1_ipv4: 10.3.170.152
 

- eth1_ipv4_nm: 24
 

  eth1_ipv4_gw: 10.3.170.254
 

- 

- mgmt_mac: "E8:6A:64:39:18:73"
 

- mgmt_ipv4: "10.3.160.116"
 

+ eth1_ipv4_nm: 24
 

+ freezes: true
 

+ has_ipv4: yes
 

  mac0: 68:05:ca:8a:f0:29
 

  mac1: 50:6b:4b:6a:eb:b0
 

  mac2: 50:6b:4b:6a:eb:b1
 

- 

+ mgmt_ipv4: "10.3.160.116"
 

+ mgmt_mac: "E8:6A:64:39:18:73"
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: eth1
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   mac: "{{ mac1 }}"
 

-   ip:
 

-     address:
 

-     - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

-     gateway4: "{{ eth1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   type: ethernet
 

-   autoconnect: no
 

+   - autoconnect: no
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth1_ipv4_gw }}"
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ mac2 }}"
 

+     name: eth2
 

+     type: ethernet

file modified
+29 -34 
@@ -1,43 +1,38 @@
 

  ---
 

- freezes: true
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth1_ipv4: 10.3.170.153
 

- eth1_ipv4_nm: 24
 

  eth1_ipv4_gw: 10.3.170.254
 

- 

- mgmt_mac: "E8:6A:64:39:19:67"
 

- mgmt_ipv4: "10.3.160.117"
 

+ eth1_ipv4_nm: 24
 

+ freezes: true
 

+ has_ipv4: yes
 

  mac0: 00:1b:21:dc:4e:32
 

  mac1: 50:6b:4b:6a:ea:60
 

  mac2: 50:6b:4b:6a:ea:61
 

- 

+ mgmt_ipv4: "10.3.160.117"
 

+ mgmt_mac: "E8:6A:64:39:19:67"
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: eth1
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   mac: "{{ mac1 }}"
 

-   ip:
 

-     address:
 

-     - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

-     gateway4: "{{ eth1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   type: ethernet
 

-   autoconnect: no
 

+   - autoconnect: no
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth1_ipv4_gw }}"
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ mac2 }}"
 

+     name: eth2
 

+     type: ethernet

file modified
+30 -34 
@@ -1,43 +1,39 @@
 

  ---
 

- freezes: true
 

- nested: true
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth1_ipv4: 10.3.170.154
 

- eth1_ipv4_nm: 24
 

  eth1_ipv4_gw: 10.3.170.254
 

- 

- mgmt_mac: "E8:6A:64:39:19:67"
 

- mgmt_ipv4: "10.3.160.118"
 

+ eth1_ipv4_nm: 24
 

+ freezes: true
 

+ has_ipv4: yes
 

  mac0: 68:05:CA:8E:98:C7
 

  mac1: 50:6B:4B:6A:C4:90
 

  mac2: 50:6B:4B:6A:C4:91
 

- 

+ mgmt_ipv4: "10.3.160.118"
 

+ mgmt_mac: "E8:6A:64:39:19:67"
 

+ nested: true
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: eth1
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   mac: "{{ mac1 }}"
 

-   ip:
 

-     address:
 

-     - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

-     gateway4: "{{ eth1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth2
 

-   mac: "{{ mac2 }}"
 

-   type: ethernet
 

-   autoconnect: no
 

+   - autoconnect: no
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth1_ipv4_gw }}"
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ mac2 }}"
 

+     name: eth2
 

+     type: ethernet

file modified
+18 -23 
@@ -1,32 +1,27 @@
 

  ---
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.31
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 14:9e:cf:61:9e:61
 

  mac1: 14:9e:cf:61:9e:64
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   type: ethernet
 

-   state: down
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+24 -29 
@@ -2,38 +2,33 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.32
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 14:9e:cf:61:9f:4f
 

  mac1: 14:9e:cf:61:9f:52
 

- 

  network_connections:
 

- - name: eth0
 

-   persistent_state: present
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   persistent_state: present
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     persistent_state: present
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     persistent_state: present
 

+     state: down
 

+     type: ethernet

file modified
+22 -27 
@@ -2,36 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.33
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 14:9e:cf:61:9e:c9
 

  mac1: 14:9e:cf:61:9e:cc
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+22 -27 
@@ -2,36 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.34
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 14:9e:cf:61:a5:07
 

  mac1: 14:9e:cf:61:a5:0a
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+23 -28 
@@ -1,35 +1,30 @@
 

  ---
 

- eth0_ip: 10.3.169.35
 

- gw: 10.3.169.254
 

  datacenter: iad2
 

- eth1_off: true
 

+ dns: 10.3.163.33
 

+ dns1: 10.3.163.33
 

+ eth0_ip: 10.3.169.35
 

  eth0_ipv4: 10.3.169.35
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

- nm: 255.255.255.0
 

- dns1: 10.3.163.33
 

- dns: 10.3.163.33
 

- 

+ eth0_ipv4_nm: 24
 

+ eth1_off: true
 

+ gw: 10.3.169.254
 

  mac0: 14:9e:cf:61:9e:7b
 

  mac1: 14:9e:cf:61:9e:7e
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   type: ethernet
 

-   state: down
 

- 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet
 

+ nm: 255.255.255.0

file modified
+22 -28 
@@ -2,37 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.36
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 14:9e:cf:61:a0:bd
 

  mac1: 14:9e:cf:61:a0:c0
 

- 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+22 -27 
@@ -2,36 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.37
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 14:9e:cf:61:9e:e3
 

  mac1: 14:9e:cf:61:9e:e6
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+22 -28 
@@ -2,37 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.38
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: 14:9e:cf:61:a6:75
 

  mac1: 14:9e:cf:61:a6:78
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

- 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+22 -27 
@@ -2,36 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.39
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: f8:ca:b8:f7:26:e1
 

  mac1: f8:ca:b8:f7:26:e4
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+22 -27 
@@ -2,36 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.40
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: f8:ca:b8:f7:27:cf
 

  mac1: f8:ca:b8:f7:27:d2
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+22 -27 
@@ -2,36 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.41
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: f8:ca:b8:f7:27:63
 

  mac1: f8:ca:b8:f7:27:66
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+22 -27 
@@ -2,36 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.42
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: f8:ca:b8:f7:2e:f5
 

  mac1: f8:ca:b8:f7:2e:f8
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+22 -27 
@@ -2,36 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.43
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: f8:ca:b8:f7:27:49
 

  mac1: f8:ca:b8:f7:27:4c
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+22 -27 
@@ -2,36 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.44
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: f8:ca:b8:f7:2d:87
 

  mac1: f8:ca:b8:f7:2d:8a
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+22 -27 
@@ -2,36 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.45
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: f8:ca:b8:f7:26:fb
 

  mac1: f8:ca:b8:f7:26:fe
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+22 -27 
@@ -2,36 +2,31 @@
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.169.46
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.169.254
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  has_ipv6: no
 

- 

  mac0: f8:ca:b8:f7:29:3d
 

  mac1: f8:ca:b8:f7:29:40
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - iad2.fedoraproject.org
 

-     - fedoraproject.org
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ mac1 }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: yes 

\ No newline at end of file
 

+   - ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.61
 

+ vmhost: bvmhost-a64-01.iad2.fedoraproject.org

file modified
+1 -3 
@@ -1,8 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

- 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.167.46
 

+ vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.62
 

+ vmhost: bvmhost-a64-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.167.54
 

+ vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.63
 

+ vmhost: bvmhost-a64-01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -1,3 +1,3 @@
 

  ---
 

- vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

  eth0_ip: 10.3.167.55
 

+ vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.64
 

+ vmhost: bvmhost-a64-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.65
 

+ vmhost: bvmhost-a64-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.66
 

+ vmhost: bvmhost-a64-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.67
 

+ vmhost: bvmhost-a64-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.68
 

+ vmhost: bvmhost-a64-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.69
 

+ vmhost: bvmhost-a64-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.70
 

+ vmhost: bvmhost-a64-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.71
 

+ vmhost: bvmhost-a64-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.72
 

+ vmhost: bvmhost-a64-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-05.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.73
 

+ vmhost: bvmhost-a64-05.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-05.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.74
 

+ vmhost: bvmhost-a64-05.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-05.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.75
 

+ vmhost: bvmhost-a64-05.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-06.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.76
 

+ vmhost: bvmhost-a64-06.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-06.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.77
 

+ vmhost: bvmhost-a64-06.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-06.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.78
 

+ vmhost: bvmhost-a64-06.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-07.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.79
 

+ vmhost: bvmhost-a64-07.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-07.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.80
 

+ vmhost: bvmhost-a64-07.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-07.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.81
 

+ vmhost: bvmhost-a64-07.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-08.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.82
 

+ vmhost: bvmhost-a64-08.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-08.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.83
 

+ vmhost: bvmhost-a64-08.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-08.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.84
 

+ vmhost: bvmhost-a64-08.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-09.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.85
 

+ vmhost: bvmhost-a64-09.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-09.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.86
 

+ vmhost: bvmhost-a64-09.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-09.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.87
 

+ vmhost: bvmhost-a64-09.iad2.fedoraproject.org

file modified
+1 -1 
@@ -1,3 +1,3 @@
 

  ---
 

- vmhost: bvmhost-a64-10.iad2.fedoraproject.org
 

  eth0_ip: 10.3.170.88
 

+ vmhost: bvmhost-a64-10.iad2.fedoraproject.org

file modified
+1 -1 
@@ -1,3 +1,3 @@
 

  ---
 

- vmhost: bvmhost-a64-10.iad2.fedoraproject.org
 

  eth0_ip: 10.3.170.89
 

+ vmhost: bvmhost-a64-10.iad2.fedoraproject.org

file modified
+1 -1 
@@ -1,3 +1,3 @@
 

  ---
 

- vmhost: bvmhost-a64-10.iad2.fedoraproject.org
 

  eth0_ip: 10.3.170.90
 

+ vmhost: bvmhost-a64-10.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-11.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.144
 

+ vmhost: bvmhost-a64-11.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-11.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.145
 

+ vmhost: bvmhost-a64-11.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-11.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.146
 

+ vmhost: bvmhost-a64-11.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.91
 

+ vmhost: bvmhost-a64-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.167.45
 

+ vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.92
 

+ vmhost: bvmhost-a64-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.167.52
 

+ vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.93
 

+ vmhost: bvmhost-a64-01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -1,3 +1,3 @@
 

  ---
 

- vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

  eth0_ip: 10.3.167.53
 

+ vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.94
 

+ vmhost: bvmhost-a64-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.95
 

+ vmhost: bvmhost-a64-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.96
 

+ vmhost: bvmhost-a64-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.97
 

+ vmhost: bvmhost-a64-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.98
 

+ vmhost: bvmhost-a64-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.99
 

+ vmhost: bvmhost-a64-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.100
 

+ vmhost: bvmhost-a64-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.101
 

+ vmhost: bvmhost-a64-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.102
 

+ vmhost: bvmhost-a64-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-05.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.103
 

+ vmhost: bvmhost-a64-05.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-05.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.104
 

+ vmhost: bvmhost-a64-05.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-05.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.105
 

+ vmhost: bvmhost-a64-05.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-06.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.106
 

+ vmhost: bvmhost-a64-06.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-06.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.107
 

+ vmhost: bvmhost-a64-06.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-06.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.108
 

+ vmhost: bvmhost-a64-06.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-07.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.109
 

+ vmhost: bvmhost-a64-07.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-07.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.110
 

+ vmhost: bvmhost-a64-07.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-07.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.111
 

+ vmhost: bvmhost-a64-07.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-08.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.112
 

+ vmhost: bvmhost-a64-08.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-08.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.113
 

+ vmhost: bvmhost-a64-08.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-08.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.114
 

+ vmhost: bvmhost-a64-08.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-09.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.115
 

+ vmhost: bvmhost-a64-09.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-09.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.116
 

+ vmhost: bvmhost-a64-09.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-09.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.117
 

+ vmhost: bvmhost-a64-09.iad2.fedoraproject.org

file modified
+1 -1 
@@ -1,3 +1,3 @@
 

  ---
 

- vmhost: bvmhost-a64-10.iad2.fedoraproject.org
 

  eth0_ip: 10.3.170.118
 

+ vmhost: bvmhost-a64-10.iad2.fedoraproject.org

file modified
+1 -1 
@@ -1,3 +1,3 @@
 

  ---
 

- vmhost: bvmhost-a64-10.iad2.fedoraproject.org
 

  eth0_ip: 10.3.170.119
 

+ vmhost: bvmhost-a64-10.iad2.fedoraproject.org

file modified
+1 -1 
@@ -1,3 +1,3 @@
 

  ---
 

- vmhost: bvmhost-a64-10.iad2.fedoraproject.org
 

  eth0_ip: 10.3.170.120
 

+ vmhost: bvmhost-a64-10.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-11.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.141
 

+ vmhost: bvmhost-a64-11.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-11.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.142
 

+ vmhost: bvmhost-a64-11.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-a64-11.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.170.143
 

+ vmhost: bvmhost-a64-11.iad2.fedoraproject.org

file modified
+6 -7 
@@ -1,12 +1,11 @@
 

  ---
 

- vmhost: buildvmhost-aarch64-18.arm.fedoraproject.org
 

- mem_size: 24576
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 4
 

- max_cpu: "{{ num_cpus }}"
 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.5.129.232
 

  gw: 10.5.129.254
 

  main_bridge: br0
 

+ max_cpu: "{{ num_cpus }}"
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 24576
 

+ num_cpus: 4
 

  virt_install_command: "{{ virt_install_command_aarch64_one_nic_unsafe }}"
 

+ vmhost: buildvmhost-aarch64-18.arm.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -7 
@@ -1,12 +1,11 @@
 

  ---
 

- vmhost: buildvmhost-aarch64-18.arm.fedoraproject.org
 

- mem_size: 24576
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 4
 

- max_cpu: "{{ num_cpus }}"
 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.5.129.233
 

  gw: 10.5.129.254
 

  main_bridge: br0
 

+ max_cpu: "{{ num_cpus }}"
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 24576
 

+ num_cpus: 4
 

  virt_install_command: "{{ virt_install_command_armv7_one_nic_unsafe }}"
 

+ vmhost: buildvmhost-aarch64-18.arm.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.41
 

+ vmhost: bvmhost-p09-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p08-01.stg.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.167.47
 

+ vmhost: bvmhost-p08-01.stg.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.42
 

+ vmhost: bvmhost-p09-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p08-01.stg.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.167.48
 

+ vmhost: bvmhost-p08-01.stg.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.43
 

+ vmhost: bvmhost-p09-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p08-01.stg.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.167.49
 

+ vmhost: bvmhost-p08-01.stg.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.44
 

+ vmhost: bvmhost-p09-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p08-01.stg.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.167.50
 

+ vmhost: bvmhost-p08-01.stg.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.45
 

+ vmhost: bvmhost-p09-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p08-01.stg.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.167.51
 

+ vmhost: bvmhost-p08-01.stg.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.46
 

+ vmhost: bvmhost-p09-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.47
 

+ vmhost: bvmhost-p09-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.48
 

+ vmhost: bvmhost-p09-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.49
 

+ vmhost: bvmhost-p09-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-01.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.50
 

+ vmhost: bvmhost-p09-01.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.51
 

+ vmhost: bvmhost-p09-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.52
 

+ vmhost: bvmhost-p09-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.53
 

+ vmhost: bvmhost-p09-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.54
 

+ vmhost: bvmhost-p09-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.55
 

+ vmhost: bvmhost-p09-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.56
 

+ vmhost: bvmhost-p09-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.57
 

+ vmhost: bvmhost-p09-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.58
 

+ vmhost: bvmhost-p09-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.59
 

+ vmhost: bvmhost-p09-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-02.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.60
 

+ vmhost: bvmhost-p09-02.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.61
 

+ vmhost: bvmhost-p09-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.62
 

+ vmhost: bvmhost-p09-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.63
 

+ vmhost: bvmhost-p09-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.64
 

+ vmhost: bvmhost-p09-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.65
 

+ vmhost: bvmhost-p09-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.66
 

+ vmhost: bvmhost-p09-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.67
 

+ vmhost: bvmhost-p09-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.68
 

+ vmhost: bvmhost-p09-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.69
 

+ vmhost: bvmhost-p09-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.70
 

+ vmhost: bvmhost-p09-03.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.71
 

+ vmhost: bvmhost-p09-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.72
 

+ vmhost: bvmhost-p09-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.73
 

+ vmhost: bvmhost-p09-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.74
 

+ vmhost: bvmhost-p09-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.75
 

+ vmhost: bvmhost-p09-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.76
 

+ vmhost: bvmhost-p09-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.77
 

+ vmhost: bvmhost-p09-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.78
 

+ vmhost: bvmhost-p09-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.79
 

+ vmhost: bvmhost-p09-04.iad2.fedoraproject.org

file modified
+1 -2 
@@ -1,7 +1,6 @@
 

  ---
 

- vmhost: bvmhost-p09-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  eth0_ip: 10.3.171.80
 

+ vmhost: bvmhost-p09-04.iad2.fedoraproject.org

file modified
+8 -8 
@@ -1,14 +1,14 @@
 

  ---
 

- varnish_group: s390kojipkgs
 

- vmhost: buildvmhost-s390x-01.s390.fedoraproject.org
 

- eth0_ip: 10.16.0.25
 

+ dns: 10.3.163.33
 

+ eth0_ipv4: 10.16.0.25
 

  gw: 10.16.0.254
 

- mem_size: 8192
 

- max_mem_size: "{{ mem_size }}"
 

- num_cpus: 2
 

  lvm_size: 102400
 

  main_bridge: vmbr
 

- volgroup: /dev/fedora_linux_lpar_1
 

- dns: 10.5.126.21
 

+ max_mem_size: "{{ mem_size }}"
 

+ mem_size: 8192
 

  nm: 255.255.255.0
 

+ num_cpus: 2
 

+ varnish_group: s390kojipkgs
 

  virt_install_command: "{{ virt_install_command_s390x_one_nic_unsafe }}"
 

+ vmhost: buildvmhost-s390x-01.s390.fedoraproject.org
 

+ volgroup: /dev/fedora_linux_lpar_1

file modified
+23 -27 
@@ -1,36 +1,32 @@
 

  ---
 

- varnish_group: s390kojipkgs
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  enc900_ipv4: 10.16.0.17
 

- enc900_ipv4_nm: 24
 

  enc900_ipv4_gw: 10.16.0.254
 

- 

- mac0: 02:d3:fa:02:00:11
 

- 

+ enc900_ipv4_nm: 24
 

  enc900_mac: "{{ mac0 }}"
 

- 

+ eth0_ip: 10.16.0.17
 

+ gw: 10.16.0.254
 

+ has_ipv4: yes
 

+ mac0: 02:d3:fa:02:00:08
 

  network_connections:
 

- - name: enc900
 

-   mac: "{{ enc900_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ enc900_ipv4 }}/{{ enc900_ipv4_nm }}"
 

-     gateway4: "{{ enc900_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ enc900_ipv4 }}/{{ enc900_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ enc900_ipv4_gw }}"
 

+     mac: "{{ enc900_mac }}"
 

+     name: enc900
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

+ varnish_group: s390kojipkgs

file modified
+18 -26 
@@ -1,34 +1,26 @@
 

  ---
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.16.0.26
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.16.0.254
 

- 

- mac0: 52:54:00:a2:30:f8
 

- 

- eth0_mac: "{{ mac0 }}"
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,34 +1,26 @@
 

  ---
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.16.0.27
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.16.0.254
 

- 

- mac0: 52:54:00:b9:2c:93
 

- 

- eth0_mac: "{{ mac0 }}"
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,34 +1,26 @@
 

  ---
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.16.0.28
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.16.0.254
 

- 

- mac0: 52:54:00:aa:25:b9
 

- 

- eth0_mac: "{{ mac0 }}"
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,34 +1,26 @@
 

  ---
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.16.0.29
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.16.0.254
 

- 

- mac0: 52:54:00:db:57:e3
 

- 

- eth0_mac: "{{ mac0 }}"
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet

file modified
+18 -25 
@@ -1,34 +1,27 @@
 

  ---
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.16.0.30
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.16.0.254
 

- 

- mac0: 52:54:00:c4:f2:4e
 

- 

+ eth0_ipv4_nm: 24
 

  eth0_mac: "{{ mac0 }}"
 

- 

+ has_ipv4: yes
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,34 +1,26 @@
 

  ---
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.16.0.31
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.16.0.254
 

- 

- mac0: 52:54:00:74:95:f0
 

- 

- eth0_mac: "{{ mac0 }}"
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,34 +1,26 @@
 

  ---
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.16.0.32
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.16.0.254
 

- 

- mac0: 52:54:00:42:6d:23
 

- 

- eth0_mac: "{{ mac0 }}"
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,34 +1,26 @@
 

  ---
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.16.0.33
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.16.0.254
 

- 

- mac0: 52:54:00:49:63:3c
 

- 

- eth0_mac: "{{ mac0 }}"
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,34 +1,26 @@
 

  ---
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.16.0.34
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.16.0.254
 

- 

- mac0: 52:54:00:e1:13:8e
 

- 

- eth0_mac: "{{ mac0 }}"
 

- 

+ eth0_ipv4_nm: 24
 

+ has_ipv4: yes
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet

file modified
+19 -27 
@@ -1,37 +1,29 @@
 

  ---
 

  # needed because this host has a varnish cache on it.
 

- custom_rules: [ '-A INPUT -s 10.16.0.0/24 -p tcp -m tcp --dport 80 -j ACCEPT' ]
 

- 

+ custom_rules: ['-A INPUT -s 10.16.0.0/24 -p tcp -m tcp --dport 80 -j ACCEPT']
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.16.0.35
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.16.0.254
 

- 

- mac0: 52:54:00:70:cc:a7
 

- 

+ eth0_ipv4_nm: 24
 

  eth0_mac: "{{ mac0 }}"
 

- 

+ has_ipv4: yes
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.51
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.52
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.53
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.54
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.55
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.56
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.57
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.58
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.59
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.60
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.61
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.62
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.63
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.64
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.65
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.66
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-06.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.67
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.68
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.69
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.70
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.71
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.72
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.73
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.74
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.75
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.76
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.77
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.78
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.79
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.80
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.81
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+1 -1 
@@ -3,6 +3,6 @@
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.82
 

  gw: 10.3.169.254
 

+ ipa_server: ipa01.iad2.fedoraproject.org
 

  resolvconf: "resolv.conf/iad2"
 

  vmhost: bvmhost-x86-07.iad2.fedoraproject.org
 

- ipa_server: ipa01.iad2.fedoraproject.org

file modified
+6 -10 
@@ -1,14 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 10.3.163.46
 

- 

- volgroup: /dev/vg_guests
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

- 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -10 
@@ -1,14 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 10.3.166.38
 

- 

- volgroup: /dev/vg_guests
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-03.stg.iad2.fedoraproject.org
 

- 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.170.11
 

+ br0_ipv4_gw: 10.3.170.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.170.11
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.170.254
 

- 

  mac1: 50:6b:4b:6a:d3:c0
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.170.12
 

+ br0_ipv4_gw: 10.3.170.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.170.12
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.170.254
 

- 

  mac1: 50:6b:4b:6a:c2:c0
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.170.13
 

+ br0_ipv4_gw: 10.3.170.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.170.13
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.170.254
 

- 

  mac1: 50:6b:4b:6b:0a:40
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.170.14
 

+ br0_ipv4_gw: 10.3.170.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.170.14
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.170.254
 

- 

  mac1: 50:6b:4b:6a:b5:d0
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.170.15
 

+ br0_ipv4_gw: 10.3.170.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.170.15
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.170.254
 

- 

  mac1: 50:6b:4b:6a:ef:70
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.170.16
 

+ br0_ipv4_gw: 10.3.170.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.170.16
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.170.254
 

- 

  mac1: 50:6b:4b:6a:ba:60
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.170.17
 

+ br0_ipv4_gw: 10.3.170.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.170.17
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.170.254
 

- 

  mac1: 50:6b:4b:6b:07:00
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.170.18
 

+ br0_ipv4_gw: 10.3.170.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.170.18
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.170.254
 

- 

  mac1: 50:6b:4b:6a:c2:00
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.170.19
 

+ br0_ipv4_gw: 10.3.170.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.170.19
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.170.254
 

- 

  mac1: 50:6b:4b:6a:c9:70
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -27 
@@ -1,42 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.170.20
 

+ br0_ipv4_gw: 10.3.170.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.170.20
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.170.254
 

- 

  mac1: 50:6b:4b:6a:dd:a0
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

- 

- 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+3 -5 
@@ -1,9 +1,7 @@
 

  ---
 

- datacenter: iad2
 

- 

+ br0_dev: eth8
 

+ br0_gw: 10.3.171.254
 

  br0_ip: 10.3.171.13
 

  br0_nm: 255.255.255.0
 

- br0_gw: 10.3.171.254
 

- br0_dev: eth8
 

- 

+ datacenter: iad2
 

  dns: 10.3.163.33

file modified
+3 -5 
@@ -1,9 +1,7 @@
 

  ---
 

- datacenter: iad2
 

- 

+ br0_dev: eth8
 

+ br0_gw: 10.3.167.254
 

  br0_ip: 10.3.167.15
 

  br0_nm: 255.255.255.0
 

- br0_gw: 10.3.167.254
 

- br0_dev: eth8
 

- 

+ datacenter: iad2
 

  dns: 10.3.163.33

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.171.15
 

+ br0_ipv4_gw: 10.3.171.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.171.15
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.171.254
 

- 

  mac1: 40:a6:b7:18:8a:38
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,42 +1,34 @@
 

  ---
 

+ br0_ipv4: 10.3.171.16
 

+ br0_ipv4_gw: 10.3.171.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac2 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.171.16
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.171.254
 

- 

  mac1: ac:1f:6b:56:e9:11
 

  mac2: 40:a6:b7:18:86:b4
 

- 

- br0_port0_mac: "{{ mac2 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.171.17
 

+ br0_ipv4_gw: 10.3.171.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.171.17
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.171.254
 

- 

  mac1: 40:a6:b7:18:85:74
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,42 +1,34 @@
 

  ---
 

+ br0_ipv4: 10.3.171.18
 

+ br0_ipv4_gw: 10.3.171.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac2 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.171.18
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.171.254
 

- 

  mac1: 40:a6:b7:18:85:74
 

  mac2: 40:a6:b7:18:86:c8
 

- 

- br0_port0_mac: "{{ mac2 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,41 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.169.11
 

+ br0_ipv4_gw: 10.3.169.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.169.11
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.169.254
 

- 

  mac1: e4:43:4b:b1:05:54
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+19 -27 
@@ -1,46 +1,38 @@
 

  ---
 

+ br0_ipv4: 10.3.167.11
 

+ br0_ipv4_gw: 10.3.167.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac3 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.167.11
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.167.254
 

- 

  mac1: 24:6e:96:b1:56:24
 

  mac2: 24:6e:96:b1:56:25
 

  mac3: 24:6e:96:b1:56:20
 

  mac4: 24:6e:96:b1:56:22
 

- 

- br0_port0_mac: "{{ mac3 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,44 +1,36 @@
 

  ---
 

+ br0_ipv4: 10.3.169.12
 

+ br0_ipv4_gw: 10.3.169.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.169.12
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.169.254
 

- 

  mac1: e4:43:4b:b1:69:fe
 

  mac2: e4:43:4b:b1:6a:00
 

  mac3: e4:43:4b:b1:6a:1e
 

  mac4: e4:43:4b:b1:6a:1f
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+19 -27 
@@ -1,46 +1,38 @@
 

  ---
 

+ br0_ipv4: 10.3.167.12
 

+ br0_ipv4_gw: 10.3.167.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.167.12
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.167.254
 

- 

  mac1: ec:f4:bb:d9:56:10
 

  mac2: ec:f4:bb:d9:56:12
 

  mac3: ec:f4:bb:d9:56:14
 

  mac4: ec:f4:bb:d9:56:15
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,44 +1,36 @@
 

  ---
 

+ br0_ipv4: 10.3.169.13
 

+ br0_ipv4_gw: 10.3.169.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.169.13
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.169.254
 

- 

  mac1: e4:43:4b:b1:62:64
 

  mac2: e4:43:4b:b1:62:66
 

  mac3: e4:43:4b:b1:62:84
 

  mac4: e4:43:4b:b1:62:85
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+19 -27 
@@ -1,46 +1,38 @@
 

  ---
 

+ br0_ipv4: 10.3.167.13
 

+ br0_ipv4_gw: 10.3.167.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac3 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.167.13
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.167.254
 

- 

  mac1: 24:6e:96:b1:c7:f4
 

  mac2: 24:6e:96:b1:c7:f5
 

  mac3: 24:6e:96:b1:c7:f0
 

  mac4: 24:6e:96:b1:c7:f2
 

- 

- br0_port0_mac: "{{ mac3 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,44 +1,36 @@
 

  ---
 

+ br0_ipv4: 10.3.169.14
 

+ br0_ipv4_gw: 10.3.169.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.169.14
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.169.254
 

- 

  mac1: e4:43:4b:b1:03:30
 

  mac2: e4:43:4b:b1:03:32
 

  mac3: e4:43:4b:b1:03:50
 

  mac4: e4:43:4b:b1:03:51
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+23 -30 
@@ -1,49 +1,42 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.167.14
 

+ br0_ipv4_gw: 10.3.167.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.167.14
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.167.254
 

- 

- mgmt_mac: "B8:2A:72:FC:EE:68"
 

- mgmt_ipv4: 10.3.160.199
 

  mac1: EC:F4:BB:D2:8F:00
 

  mac2: EC:F4:BB:D2:8F:02
 

  mac3: EC:F4:BB:D2:8F:04
 

  mac4: EC:F4:BB:D2:8F:05
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

+ mgmt_ipv4: 10.3.160.199
 

+ mgmt_mac: "B8:2A:72:FC:EE:68"
 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,44 +1,36 @@
 

  ---
 

+ br0_ipv4: 10.3.169.15
 

+ br0_ipv4_gw: 10.3.169.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.169.15
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.169.254
 

- 

  mac1: e4:43:4b:ae:44:ee
 

  mac2: e4:43:4b:ae:44:f0
 

  mac3: e4:43:4b:ae:45:0e
 

  mac4: e4:43:4b:ae:45:0f
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+23 -30 
@@ -1,49 +1,42 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.167.17
 

+ br0_ipv4_gw: 10.3.167.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.167.17
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.167.254
 

- 

- mgmt_mac: "2c:ea:7f:f3:58:4e"
 

- mgmt_ipv4: 10.3.160.157
 

  mac1: E4:43:4B:F7:AC:CC
 

  mac2: E4:43:4B:F7:AC:CE
 

  mac3: E4:43:4B:F7:AC:EC
 

  mac4: E4:43:4B:F7:AC:ED
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

+ mgmt_ipv4: 10.3.160.157
 

+ mgmt_mac: "2c:ea:7f:f3:58:4e"
 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,44 +1,36 @@
 

  ---
 

+ br0_ipv4: 10.3.169.16
 

+ br0_ipv4_gw: 10.3.169.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.169.16
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.169.254
 

- 

  mac1: e4:43:4b:ac:e1:54
 

  mac2: e4:43:4b:ac:e1:56
 

  mac3: e4:43:4b:ac:e1:74
 

  mac4: e4:43:4b:ac:e1:75
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,44 +1,36 @@
 

  ---
 

+ br0_ipv4: 10.3.169.17
 

+ br0_ipv4_gw: 10.3.169.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.169.17
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.169.254
 

- 

  mac1: e4:43:4b:b1:2b:52
 

  mac2: e4:43:4b:b1:2b:54
 

  mac3: e4:43:4b:b1:2b:72
 

  mac4: e4:43:4b:b1:2b:73
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -26 
@@ -1,44 +1,36 @@
 

  ---
 

+ br0_ipv4: 10.3.169.18
 

+ br0_ipv4_gw: 10.3.169.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac2 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.169.18
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.169.254
 

- 

  mac1: e4:43:4b:24:19:96
 

  mac2: e4:43:4b:24:19:76
 

  mac3: e4:43:4b:24:19:97
 

  mac4: e4:43:4b:24:19:78
 

- 

- br0_port0_mac: "{{ mac2 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-     

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+8 -13 
@@ -1,22 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- 

  eth0_ip: 10.3.166.42
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: vmhost-x86-09.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  nagios_Can_Connect: false
 

- 

  nagios_Check_Services:
 

    mail: false
 

    nrpe: false
 

+   ping: false
 

    sshd: false
 

    swap: false
 

-   ping: false
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-09.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+8 -13 
@@ -1,22 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- 

  eth0_ip: 10.3.166.43
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: vmhost-x86-10.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  nagios_Can_Connect: false
 

- 

  nagios_Check_Services:
 

    mail: false
 

    nrpe: false
 

+   ping: false
 

    sshd: false
 

    swap: false
 

-   ping: false
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-10.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -9 
@@ -1,13 +1,11 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.47
 

- vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  mem_size: 4096
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -9 
@@ -1,13 +1,11 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-iad2
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.22
 

- vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-iad2
 

  mem_size: 4096
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+35 -68 
@@ -1,94 +1,61 @@
 

  ---
 

- freezes: false
 

- 

  datacenter: rdu-cc
 

- vmhost: vmhost-x86-cc05.rdu-cc.fedoraproject.org
 

- volgroup: /dev/rhel_vmhost-x86-05
 

- mem_size: 8192
 

- num_cpus: 4
 

- lvm_size: 20000
 

- 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

- 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-8-ext
 

- ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL8-x86_64/
 

- 

- tcp_ports: ['67', '68']
 

- udp_ports: ['67','68','69']
 

- 

- vpn: true
 

- has_ipv4: yes
 

  eth0_ipv4: 8.43.85.49
 

- eth0_ipv4_nm: 23
 

  eth0_ipv4_gw: 8.43.85.254
 

+ eth0_ipv4_nm: 23
 

  eth1_ipv4: 172.23.1.3
 

  eth1_ipv4_nm: 24
 

  eth2_ipv4: 172.23.5.3
 

  eth2_ipv4_nm: 24
 

- 

+ freezes: false
 

+ has_ipv4: yes
 

+ ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-8-ext
 

+ lvm_size: 20000
 

  mac0: 52:54:00:46:ed:ba
 

  mac1: 52:54:00:24:8e:bc
 

  mac2: 52:54:00:d6:ab:66
 

- public_hostname: cloud-noc-os01.rdu-cc.fedoraproject.org
 

- 

+ mem_size: 8192
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - rdu-cc.fedoraproject.org
 

-       - fedoraproject.org
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: eth1
 

-     mac: "{{ mac1 }}"
 

+         - rdu-cc.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

      type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

+         - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

        dhcp4: no
 

-       auto6: no
 

-   - name: eth2
 

-     mac: "{{ mac2 }}"
 

+     mac: "{{ mac1 }}"
 

+     name: eth1
 

      type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth2_ipv4 }}/{{ eth2_ipv4_nm }}"
 

+         - "{{ eth2_ipv4 }}/{{ eth2_ipv4_nm }}"
 

        dhcp4: no
 

-       auto6: no
 

- 

- virt_install_command: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 ksdevice=eth0 ks={{ ks_url }} console=tty0 console=ttyS0
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns1 }}
 

-                   ip={{ eth0_ipv4 }}::{{ eth0_ipv4_gw }}:{{ eth0_ipv4_nm }}:{{ inventory_hostname }}:eth0:none
 

-                   ip={{ eth1_ipv4 }}:::{{ eth1_ipv4_nm }}:{{ inventory_hostname_short }}-nfs:eth1:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac0 }}
 

-                  --network=bridge={{ nfs_bridge }},model=virtio,mac={{ mac1 }}
 

-                  --autostart --noautoconsole --watchdog default --rng /dev/random
 

- 

- virt_install_command_two_nic: virt-install -n {{ inventory_hostname }}
 

-                  --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio
 

-                  --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }}
 

-                  --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x
 

-                  'net.ifnames=0 ksdevice=eth0 ks={{ ks_url }} console=tty0 console=ttyS0
 

-                   hostname={{ inventory_hostname }} nameserver={{ dns }}
 

-                   ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none
 

-                   ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname_short }}-nfs:eth1:none'
 

-                  --network bridge={{ main_bridge }},model=virtio,mac={{ mac0 }}
 

-                  --network=bridge={{ nfs_bridge }},model=virtio,mac={{ mac1 }}
 

-                  --autostart --noautoconsole --watchdog default --rng /dev/random
 

- 

+     mac: "{{ mac2 }}"
 

+     name: eth2
 

+     type: ethernet
 

+ num_cpus: 4
 

+ public_hostname: cloud-noc-os01.rdu-cc.fedoraproject.org
 

+ tcp_ports: ['67', '68']
 

+ udp_ports: ['67', '68', '69']
 

+ virt_install_command: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 ksdevice=eth0 ks={{ ks_url }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }} nameserver={{ dns1 }} ip={{ eth0_ipv4 }}::{{ eth0_ipv4_gw }}:{{ eth0_ipv4_nm }}:{{ inventory_hostname }}:eth0:none ip={{ eth1_ipv4 }}:::{{ eth1_ipv4_nm }}:{{ inventory_hostname_short }}-nfs:eth1:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac0 }} --network=bridge={{ nfs_bridge }},model=virtio,mac={{ mac1 }} --autostart --noautoconsole --watchdog default --rng /dev/random
 

+ virt_install_command_two_nic: virt-install -n {{ inventory_hostname }} --memory={{ mem_size }},maxmemory={{ max_mem_size }} --memballoon virtio --disk bus=virtio,path={{ volgroup }}/{{ inventory_hostname }} --vcpus={{ num_cpus }},maxvcpus={{ max_cpu }} -l {{ ks_repo }} -x 'net.ifnames=0 ksdevice=eth0 ks={{ ks_url }} console=tty0 console=ttyS0 hostname={{ inventory_hostname }} nameserver={{ dns }} ip={{ eth0_ip }}::{{ gw }}:{{ nm }}:{{ inventory_hostname }}:eth0:none ip={{ eth1_ip }}:::{{ nm }}:{{ inventory_hostname_short }}-nfs:eth1:none' --network bridge={{ main_bridge }},model=virtio,mac={{ mac0 }} --network=bridge={{ nfs_bridge }},model=virtio,mac={{ mac1 }} --autostart --noautoconsole --watchdog default --rng /dev/random
 

+ vmhost: vmhost-x86-cc05.rdu-cc.fedoraproject.org
 

+ volgroup: /dev/rhel_vmhost-x86-05
 

+ vpn: true

file modified
+13 -31 
@@ -1,42 +1,24 @@
 

  ---
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

+ custom_rules: ['-A INPUT -i eth0 -p tcp -m tcp -s 38.145.48.0/23  --dport 67 -j ACCEPT', '-A INPUT -i eth0 -p tcp -m tcp -s 38.145.48.0/23  --dport 68 -j ACCEPT', '-A INPUT -i eth0 -p tcp -m tcp -s 38.145.48.0/23  --dport 69 -j ACCEPT', '-A INPUT -i eth0 -p udp -m udp -s 38.145.48.0/23  --dport 67 -j ACCEPT', '-A INPUT -i eth0 -p udp -m udp -s 38.145.48.0/23  --dport 68 -j ACCEPT', '-A INPUT -i eth0 -p udp -m udp -s 38.145.48.0/23  --dport 69 -j ACCEPT', '-A INPUT -i eth1 -p tcp -m tcp -s 172.23.0.0/23  --dport 67 -j ACCEPT', '-A INPUT -i eth1 -p tcp -m tcp -s 172.23.0.0/23  --dport 68 -j ACCEPT', '-A INPUT -i eth1 -p tcp -m tcp -s 172.23.0.0/23  --dport 69 -j ACCEPT', '-A INPUT -i eth1 -p udp -m udp -s 172.23.0.0/23  --dport 67 -j ACCEPT', '-A INPUT -i eth1 -p udp -m udp -s 172.23.0.0/23  --dport 68 -j ACCEPT', '-A INPUT -i eth1 -p udp -m udp -s 172.23.0.0/23  --dport 69 -j ACCEPT', '-A INPUT -i eth0 -p udp -m udp -s 38.145.48.0/23 --dport 124 -j ACCEPT']
 

  datacenter: cloud
 

  dns: 8.8.8.8
 

  eth0_ip: 38.145.48.10
 

- gw: 38.145.49.254
 

- nm: 255.255.255.0
 

  eth1_ip: 172.23.1.1
 

  freezes: false
 

- resolvconf: "{{ files }}/resolv.conf/cloud-noc01.fedorainfracloud.org"
 

- 

- vmhost: virthost-cloud01.fedorainfracloud.org
 

- volgroup: /dev/vg_guests
 

- virt_install_command: "{{ virt_install_command_two_nic }}"
 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

+ gw: 38.145.49.254
 

  ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

- mem_size: 16384
 

- max_mem_size: 20480
 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

  lvm_size: 20000
 

+ max_mem_size: 20480
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 8
 

- 

- vpn: false
 

- 

  public_hostname: cloud-noc01.fedorainfracloud.org
 

- 

- 

+ resolvconf: "{{ files }}/resolv.conf/cloud-noc01.fedorainfracloud.org"
 

  tcp_ports: ['22']
 

- custom_rules: [ '-A INPUT -i eth0 -p tcp -m tcp -s 38.145.48.0/23  --dport 67 -j ACCEPT',
 

-                 '-A INPUT -i eth0 -p tcp -m tcp -s 38.145.48.0/23  --dport 68 -j ACCEPT',
 

-                 '-A INPUT -i eth0 -p tcp -m tcp -s 38.145.48.0/23  --dport 69 -j ACCEPT',
 

-                 '-A INPUT -i eth0 -p udp -m udp -s 38.145.48.0/23  --dport 67 -j ACCEPT',
 

-                 '-A INPUT -i eth0 -p udp -m udp -s 38.145.48.0/23  --dport 68 -j ACCEPT',
 

-                 '-A INPUT -i eth0 -p udp -m udp -s 38.145.48.0/23  --dport 69 -j ACCEPT',
 

-                 '-A INPUT -i eth1 -p tcp -m tcp -s 172.23.0.0/23  --dport 67 -j ACCEPT',
 

-                 '-A INPUT -i eth1 -p tcp -m tcp -s 172.23.0.0/23  --dport 68 -j ACCEPT',
 

-                 '-A INPUT -i eth1 -p tcp -m tcp -s 172.23.0.0/23  --dport 69 -j ACCEPT',
 

-                 '-A INPUT -i eth1 -p udp -m udp -s 172.23.0.0/23  --dport 67 -j ACCEPT',
 

-                 '-A INPUT -i eth1 -p udp -m udp -s 172.23.0.0/23  --dport 68 -j ACCEPT',
 

-                 '-A INPUT -i eth1 -p udp -m udp -s 172.23.0.0/23  --dport 69 -j ACCEPT',
 

-                 '-A INPUT -i eth0 -p udp -m udp -s 38.145.48.0/23 --dport 124 -j ACCEPT' ]
 

- 

+ virt_install_command: "{{ virt_install_command_two_nic }}"
 

+ vmhost: virthost-cloud01.fedorainfracloud.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+41 -47 
@@ -1,52 +1,46 @@
 

- vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.121
 

- volgroup: /dev/vg_guests
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/35/Server/x86_64/os/
 

- 

- datacenter: iad2
 

- 

+ fedmsg_certs:
 

+   - can_send:
 

+       - pungi.compose.phase.start
 

+       - pungi.compose.phase.stop
 

+       - pungi.compose.status.change
 

+       - pungi.compose.createiso.targets
 

+       - pungi.compose.createiso.imagefail
 

+       - pungi.compose.createiso.imagedone
 

+       - pungi.compose.ostree
 

+       - compose.branched.complete
 

+       - compose.branched.mash.complete
 

+       - compose.branched.mash.start
 

+       - compose.branched.image.complete
 

+       - compose.branched.image.start
 

+       - compose.branched.pungify.complete
 

+       - compose.branched.pungify.start
 

+       - compose.branched.rsync.complete
 

+       - compose.branched.rsync.start
 

+       - compose.branched.start
 

+       - compose.bikeshed.complete
 

+       - compose.bikeshed.mash.complete
 

+       - compose.bikeshed.mash.start
 

+       - compose.bikeshed.image.complete
 

+       - compose.bikeshed.image.start
 

+       - compose.bikeshed.pungify.complete
 

+       - compose.bikeshed.pungify.start
 

+       - compose.bikeshed.rsync.complete
 

+       - compose.bikeshed.rsync.start
 

+       - compose.bikeshed.start
 

+     group: sysadmin-releng
 

+     owner: root
 

+     service: releng
 

+ freezes: true
 

+ gw: 10.3.169.254
 

  koji_hub_nfs: "fedora_koji"
 

- 

- kojipkgs_url: kojipkgs.fedoraproject.org
 

- kojihub_url: koji.fedoraproject.org/kojihub
 

  kojihub_scheme: https
 

- 

- freezes: true
 

- 

+ kojihub_url: koji.fedoraproject.org/kojihub
 

+ kojipkgs_url: kojipkgs.fedoraproject.org
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/35/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  virt_install_command: "{{ virt_install_command_one_nic }}"
 

- 

- fedmsg_certs:
 

- - service: releng
 

-   owner: root
 

-   group: sysadmin-releng
 

-   can_send:
 

-   - pungi.compose.phase.start
 

-   - pungi.compose.phase.stop
 

-   - pungi.compose.status.change
 

-   - pungi.compose.createiso.targets
 

-   - pungi.compose.createiso.imagefail
 

-   - pungi.compose.createiso.imagedone
 

-   - pungi.compose.ostree
 

-   - compose.branched.complete
 

-   - compose.branched.mash.complete
 

-   - compose.branched.mash.start
 

-   - compose.branched.image.complete
 

-   - compose.branched.image.start
 

-   - compose.branched.pungify.complete
 

-   - compose.branched.pungify.start
 

-   - compose.branched.rsync.complete
 

-   - compose.branched.rsync.start
 

-   - compose.branched.start
 

-   - compose.bikeshed.complete
 

-   - compose.bikeshed.mash.complete
 

-   - compose.bikeshed.mash.start
 

-   - compose.bikeshed.image.complete
 

-   - compose.bikeshed.image.start
 

-   - compose.bikeshed.pungify.complete
 

-   - compose.bikeshed.pungify.start
 

-   - compose.bikeshed.rsync.complete
 

-   - compose.bikeshed.rsync.start
 

-   - compose.bikeshed.start
 

+ vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+26 -34 
@@ -1,40 +1,32 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Everything/x86_64/os/
 

- mem_size: 32768
 

- 

- vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

+ datacenter: iad2
 

  eth0_ip: 10.3.169.122
 

+ fedmsg_certs:
 

+   - can_send:
 

+       # new school pungi-koji stuff (ask dgilmore)
 

+       - pungi.compose.phase.start
 

+       - pungi.compose.phase.stop
 

+       - pungi.compose.status.change
 

+       - pungi.compose.createiso.targets
 

+       - pungi.compose.createiso.imagefail
 

+       - pungi.compose.createiso.imagedone
 

+       - pungi.compose.ostree
 

+       - compose.29.complete
 

+       - compose.29.start
 

+       - compose.29.rsync.start
 

+       - compose.29.rsync.complete
 

+     group: sysadmin-releng
 

+     owner: root
 

+     service: releng
 

+ # This VM is the compose host for IoT Edition which isn't blocking, so it doesn't freeze
 

+ freezes: false
 

  gw: 10.3.169.254
 

- main_bridge: br0
 

- 

- datacenter: iad2
 

- 

- 

  koji_hub_nfs: "fedora_koji"
 

- 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Everything/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ main_bridge: br0
 

+ mem_size: 32768
 

  sudoers: "{{ private }}/files/sudo/sysadmin-secondary-sudoers"
 

- 

  virt_install_command: "{{ virt_install_command_one_nic }}"
 

- 

- # This VM is the compose host for IoT Edition which isn't blocking, so it doesn't freeze
 

- freezes: false
 

- 

- fedmsg_certs:
 

- - service: releng
 

-   owner: root
 

-   group: sysadmin-releng
 

-   can_send:
 

-   # new school pungi-koji stuff (ask dgilmore)
 

-   - pungi.compose.phase.start
 

-   - pungi.compose.phase.stop
 

-   - pungi.compose.status.change
 

-   - pungi.compose.createiso.targets
 

-   - pungi.compose.createiso.imagefail
 

-   - pungi.compose.createiso.imagedone
 

-   - pungi.compose.ostree
 

-   - compose.29.complete
 

-   - compose.29.start
 

-   - compose.29.rsync.start
 

-   - compose.29.rsync.complete
 

+ vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+42 -48 
@@ -1,53 +1,47 @@
 

- vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.169.123
 

- volgroup: /dev/vg_guests
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/35/Server/x86_64/os/
 

- 

- datacenter: iad2
 

- 

- koji_hub_nfs: "fedora_koji"
 

- 

- kojipkgs_url: kojipkgs.fedoraproject.org
 

- kojihub_url: koji.fedoraproject.org/kojihub
 

- kojihub_scheme: https
 

- 

+ fedmsg_certs:
 

+   - can_send:
 

+       - pungi.compose.phase.start
 

+       - pungi.compose.phase.stop
 

+       - pungi.compose.status.change
 

+       - pungi.compose.createiso.targets
 

+       - pungi.compose.createiso.imagefail
 

+       - pungi.compose.createiso.imagedone
 

+       - pungi.compose.ostree
 

+       - compose.rawhide.complete
 

+       - compose.rawhide.mash.complete
 

+       - compose.rawhide.mash.start
 

+       - compose.rawhide.image.complete
 

+       - compose.rawhide.image.start
 

+       - compose.rawhide.pungify.complete
 

+       - compose.rawhide.pungify.start
 

+       - compose.rawhide.rsync.complete
 

+       - compose.rawhide.rsync.start
 

+       - compose.rawhide.start
 

+       - compose.bikeshed.complete
 

+       - compose.bikeshed.mash.complete
 

+       - compose.bikeshed.mash.start
 

+       - compose.bikeshed.image.complete
 

+       - compose.bikeshed.image.start
 

+       - compose.bikeshed.pungify.complete
 

+       - compose.bikeshed.pungify.start
 

+       - compose.bikeshed.rsync.complete
 

+       - compose.bikeshed.rsync.start
 

+       - compose.bikeshed.start
 

+     group: sysadmin-releng
 

+     owner: root
 

+     service: releng
 

  # rawhide is never frozen, the compose box should not be so we can make needed changes
 

  freezes: false
 

- 

+ gw: 10.3.169.254
 

+ koji_hub_nfs: "fedora_koji"
 

+ kojihub_scheme: https
 

+ kojihub_url: koji.fedoraproject.org/kojihub
 

+ kojipkgs_url: kojipkgs.fedoraproject.org
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/35/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  virt_install_command: "{{ virt_install_command_one_nic }}"
 

- 

- fedmsg_certs:
 

- - service: releng
 

-   owner: root
 

-   group: sysadmin-releng
 

-   can_send:
 

-   - pungi.compose.phase.start
 

-   - pungi.compose.phase.stop
 

-   - pungi.compose.status.change
 

-   - pungi.compose.createiso.targets
 

-   - pungi.compose.createiso.imagefail
 

-   - pungi.compose.createiso.imagedone
 

-   - pungi.compose.ostree
 

-   - compose.rawhide.complete
 

-   - compose.rawhide.mash.complete
 

-   - compose.rawhide.mash.start
 

-   - compose.rawhide.image.complete
 

-   - compose.rawhide.image.start
 

-   - compose.rawhide.pungify.complete
 

-   - compose.rawhide.pungify.start
 

-   - compose.rawhide.rsync.complete
 

-   - compose.rawhide.rsync.start
 

-   - compose.rawhide.start
 

-   - compose.bikeshed.complete
 

-   - compose.bikeshed.mash.complete
 

-   - compose.bikeshed.mash.start
 

-   - compose.bikeshed.image.complete
 

-   - compose.bikeshed.image.start
 

-   - compose.bikeshed.pungify.complete
 

-   - compose.bikeshed.pungify.start
 

-   - compose.bikeshed.rsync.complete
 

-   - compose.bikeshed.rsync.start
 

-   - compose.bikeshed.start
 

+ vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+52 -61 
@@ -1,68 +1,59 @@
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

+ eth0_ip: 10.3.169.124
 

+ fedmsg_certs:
 

+   - can_send:
 

+       # two-week-atomic stuff (ask maxamillion)
 

+       - releng.atomic.twoweek.begin
 

+       - releng.atomic.twoweek.complete
 

+       # new school pungi-koji stuff (ask dgilmore)
 

+       - pungi.compose.phase.start
 

+       - pungi.compose.phase.stop
 

+       - pungi.compose.status.change
 

+       - pungi.compose.createiso.targets
 

+       - pungi.compose.createiso.imagefail
 

+       - pungi.compose.createiso.imagedone
 

+       - pungi.compose.ostree
 

+       # traditional old school compose stuff
 

+       - compose.branched.complete
 

+       - compose.branched.mash.complete
 

+       - compose.branched.mash.start
 

+       - compose.branched.image.complete
 

+       - compose.branched.image.start
 

+       - compose.branched.pungify.complete
 

+       - compose.branched.pungify.start
 

+       - compose.branched.rsync.complete
 

+       - compose.branched.rsync.start
 

+       - compose.branched.start
 

+       - compose.epelbeta.complete
 

+       - compose.rawhide.complete
 

+       - compose.rawhide.mash.complete
 

+       - compose.rawhide.mash.start
 

+       - compose.rawhide.image.complete
 

+       - compose.rawhide.image.start
 

+       - compose.rawhide.pungify.complete
 

+       - compose.rawhide.pungify.start
 

+       - compose.rawhide.rsync.complete
 

+       - compose.rawhide.rsync.start
 

+       - compose.rawhide.start
 

+       - compose.29.start
 

+       - compose.29.complete
 

+     group: sysadmin-releng
 

+     owner: root
 

+     service: releng
 

+ gw: 10.3.169.254
 

+ koji_hub_nfs: "fedora_koji"
 

+ kojihub_scheme: https
 

+ kojihub_url: koji.fedoraproject.org/kojihub
 

+ kojipkgs_url: kojipkgs.fedoraproject.org
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  #
 

  # These are 64bit
 

  #
 

  libdir: /usr/lib64
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  lvm_size: 30000
 

- 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.169.124
 

- vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- 

- koji_hub_nfs: "fedora_koji"
 

- 

- kojipkgs_url: kojipkgs.fedoraproject.org
 

- kojihub_url: koji.fedoraproject.org/kojihub
 

- kojihub_scheme: https
 

- 

+ nm: 255.255.255.0
 

  virt_install_command: "{{ virt_install_command_one_nic }}"
 

- 

- fedmsg_certs:
 

- - service: releng
 

-   owner: root
 

-   group: sysadmin-releng
 

-   can_send:
 

-   # two-week-atomic stuff (ask maxamillion)
 

-   - releng.atomic.twoweek.begin
 

-   - releng.atomic.twoweek.complete
 

-   # new school pungi-koji stuff (ask dgilmore)
 

-   - pungi.compose.phase.start
 

-   - pungi.compose.phase.stop
 

-   - pungi.compose.status.change
 

-   - pungi.compose.createiso.targets
 

-   - pungi.compose.createiso.imagefail
 

-   - pungi.compose.createiso.imagedone
 

-   - pungi.compose.ostree
 

-   # traditional old school compose stuff
 

-   - compose.branched.complete
 

-   - compose.branched.mash.complete
 

-   - compose.branched.mash.start
 

-   - compose.branched.image.complete
 

-   - compose.branched.image.start
 

-   - compose.branched.pungify.complete
 

-   - compose.branched.pungify.start
 

-   - compose.branched.rsync.complete
 

-   - compose.branched.rsync.start
 

-   - compose.branched.start
 

-   - compose.epelbeta.complete
 

-   - compose.rawhide.complete
 

-   - compose.rawhide.mash.complete
 

-   - compose.rawhide.mash.start
 

-   - compose.rawhide.image.complete
 

-   - compose.rawhide.image.start
 

-   - compose.rawhide.pungify.complete
 

-   - compose.rawhide.pungify.start
 

-   - compose.rawhide.rsync.complete
 

-   - compose.rawhide.rsync.start
 

-   - compose.rawhide.start
 

-   - compose.29.start
 

-   - compose.29.complete
 

+ vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+17 -22 
@@ -1,26 +1,21 @@
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: staging
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-34-iad2
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.167.33
 

- vmhost: bvmhost-x86-03.stg.iad2.fedoraproject.org
 

- datacenter: staging
 

- 

- koji_hub_nfs: "fedora_koji"
 

- 

- kojipkgs_url: kojipkgs.fedoraproject.org
 

- kojihub_url: koji.stg.fedoraproject.org/kojihub
 

- kojihub_scheme: http
 

- 

  # These are consumed by a task in roles/fedmsg/base/main.yml
 

  fedmsg_certs:
 

- - service: shell
 

-   owner: root
 

-   group: root
 

- - service: bodhi
 

-   owner: root
 

-   group: root
 

+   - group: root
 

+     owner: root
 

+     service: shell
 

+   - group: root
 

+     owner: root
 

+     service: bodhi
 

+ gw: 10.3.167.254
 

+ koji_hub_nfs: "fedora_koji"
 

+ kojihub_scheme: http
 

+ kojihub_url: koji.stg.fedoraproject.org/kojihub
 

+ kojipkgs_url: kojipkgs.fedoraproject.org
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-34-iad2
 

+ nm: 255.255.255.0
 

+ vmhost: bvmhost-x86-03.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+5 -5 
@@ -1,11 +1,11 @@
 

  ---
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false

file modified
+8 -10 
@@ -1,16 +1,14 @@
 

- swap_file_size_mb: 8192
 

- swap_file_path: /swap
 

- 

  hostbase: copr-be-dev-
 

- public_ip: 18.208.10.131
 

- 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: true
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: true
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ public_ip: 18.208.10.131
 

+ swap_file_path: /swap
 

+ swap_file_size_mb: 8192

file modified
+28 -31 
@@ -1,46 +1,43 @@
 

  ---
 

- instance_type: ms1.xlarge
 

- image: "{{ fedora30_x86_64 }}"
 

- keypair: fedora-admin-20130801
 

- security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent,fedmsg-relay-persistent
 

- zone: nova
 

- hostbase: copr-be-dev-
 

- public_ip: 209.132.184.53
 

- root_auth_users: msuchy pingou frostyx praiskup schlupov
 

- description: copr dispatcher and repo server - dev instance
 

- tcp_ports: ['22', '80', '443', '2003', '4001']
 

- # volumes: copr-be-dev-data
 

- volumes: [ {volume_id: '09c74876-d691-487e-a54b-070b08e87719', device: '/dev/vdc'} ]
 

- 

- inventory_tenant: persistent
 

- # name of machine in OpenStack
 

- inventory_instance_name: copr-be-dev
 

+ _copr_be_conf: copr-be.conf-dev
 

  cloud_networks:
 

    # persistent-net
 

    - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
 

    # coprdev-net
 

    - net-id: "a440568f-b90a-46af-8ca6-d8fa743a7e7a"
 

- 

+ # Copr vars
 

+ copr_hostbase: copr-be-dev
 

+ description: copr dispatcher and repo server - dev instance
 

+ hostbase: copr-be-dev-
 

+ image: "{{ fedora30_x86_64 }}"
 

+ instance_type: ms1.xlarge
 

+ # name of machine in OpenStack
 

+ inventory_instance_name: copr-be-dev
 

+ inventory_tenant: persistent
 

+ keypair: fedora-admin-20130801
 

  # consumed by roles/messaging/base
 

  messaging:
 

    certificates:
 

-   - key: copr
 

-     username: copr
 

-     app_name: Copr build system
 

- 

- # Copr vars
 

- copr_hostbase: copr-be-dev
 

- _copr_be_conf: copr-be.conf-dev
 

- 

+     - app_name: Copr build system
 

+       key: copr
 

+       username: copr
 

  # There is no python2 on F30
 

- 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ public_ip: 209.132.184.53
 

+ root_auth_users: msuchy pingou frostyx praiskup schlupov
 

+ security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent,fedmsg-relay-persistent,node-exporter-persistent
 

+ tcp_ports: ['22', '80', '443', '2003', '4001',
 

+   # this port is used by node_exporter whose metrics are used by prometheus
 

+   '9100']
 

+ # volumes: copr-be-dev-data
 

+ volumes: [{device: '/dev/vdc', volume_id: '09c74876-d691-487e-a54b-070b08e87719'}]
 

+ zone: nova

file modified
+21 -24 
@@ -1,37 +1,34 @@
 

  ---
 

- instance_type: m1.xlarge
 

- image: "{{ fedora28_x86_64 }}"
 

- keypair: fedora-admin-20130801
 

- security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent,fedmsg-relay-persistent
 

- zone: nova
 

- hostbase: copr-be-stg-
 

- public_ip: 209.132.184.44
 

- root_auth_users: msuchy pingou frostyx praiskup schlupov
 

- description: copr dispatcher and repo server - stg instance
 

- tcp_ports: ['22', '80', '443', '2003', '4001']
 

- # volumes: copr-be-stg-data
 

- volumes: [ {volume_id: 'a3325e22-bdc0-4eeb-bb73-45365ddb7a01', device: '/dev/vdc'} ]
 

- 

- inventory_tenant: persistent
 

- # name of machine in OpenStack
 

- inventory_instance_name: copr-be-stg
 

+ _copr_be_conf: copr-be.conf-stg
 

  cloud_networks:
 

    # persistent-net
 

    - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
 

    # coprdev-net
 

    - net-id: "a440568f-b90a-46af-8ca6-d8fa743a7e7a"
 

- 

  # Copr vars
 

  copr_hostbase: copr-be-stg
 

- _copr_be_conf: copr-be.conf-stg
 

- 

+ description: copr dispatcher and repo server - stg instance
 

+ hostbase: copr-be-stg-
 

+ image: "{{ fedora28_x86_64 }}"
 

+ instance_type: m1.xlarge
 

+ # name of machine in OpenStack
 

+ inventory_instance_name: copr-be-stg
 

+ inventory_tenant: persistent
 

+ keypair: fedora-admin-20130801
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ public_ip: 209.132.184.44
 

+ root_auth_users: msuchy pingou frostyx praiskup schlupov
 

+ security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent,fedmsg-relay-persistent
 

+ tcp_ports: ['22', '80', '443', '2003', '4001']
 

+ # volumes: copr-be-stg-data
 

+ volumes: [{device: '/dev/vdc', volume_id: 'a3325e22-bdc0-4eeb-bb73-45365ddb7a01'}]
 

+ zone: nova

file modified
+8 -10 
@@ -1,16 +1,14 @@
 

- swap_file_size_mb: 16384
 

- swap_file_path: /swap
 

- 

  hostbase: copr-be-
 

- public_ip: 52.44.175.77
 

- 

  nagios_Check_Services:
 

+   dhcpd: false
 

+   httpd: true
 

    mail: false
 

-   nrpe: true
 

-   sshd: false
 

    named: false
 

-   dhcpd: false
 

-   httpd: false
 

-   swap: false
 

+   nrpe: true
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ public_ip: 52.44.175.77
 

+ swap_file_path: /swap
 

+ swap_file_size_mb: 16384

file modified
+30 -33 
@@ -1,48 +1,45 @@
 

  ---
 

- 

- instance_type: ms1.xlarge
 

- image: "{{ fedora30_x86_64 }}"
 

- keypair: fedora-admin-20130801
 

- security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent
 

- zone: nova
 

- hostbase: copr-be-
 

- public_ip: 209.132.184.48
 

- root_auth_users: msuchy frostyx praiskup schlupov
 

- description: copr dispatcher and repo server
 

- volumes: [ {volume_id: '63c3a40c-e228-417a-97a2-e2c34730bf3b', device: '/dev/vdc'} ]
 

- inventory_tenant: persistent
 

- inventory_instance_name: copr-be
 

+ _copr_be_conf: copr-be.conf
 

  cloud_networks:
 

    # persistent-net
 

    - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
 

    # copr-net
 

    - net-id: "24699649-0e05-4fd3-98a3-86a75ec49f6e"
 

- 

- tcp_ports: [ 22, 80, 443,
 

- # These 8 ports are used by fedmsg.  One for each wsgi thread.
 

-          3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007]
 

- 

- # consumed by roles/messaging/base
 

- messaging:
 

-   certificates:
 

-   - key: copr
 

-     username: copr
 

-     app_name: Copr build system
 

- 

  # Copr vars
 

  copr_hostbase: copr-be
 

- 

+ description: copr dispatcher and repo server
 

  host_backup_targets: ['/var/lib/copr/public_html/results']
 

- _copr_be_conf: copr-be.conf
 

- 

+ hostbase: copr-be-
 

+ image: "{{ fedora30_x86_64 }}"
 

+ instance_type: ms1.xlarge
 

+ inventory_instance_name: copr-be
 

+ inventory_tenant: persistent
 

+ keypair: fedora-admin-20130801
 

+ # consumed by roles/messaging/base
 

+ messaging:
 

+   certificates:
 

+     - app_name: Copr build system
 

+       key: copr
 

+       username: copr
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

  # There is no python2 on F30
 

+ 

+ public_ip: 209.132.184.48
 

+ root_auth_users: msuchy frostyx praiskup schlupov
 

+ security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent,node-exporter-persistent
 

+ tcp_ports: [22, 80, 443,
 

+   # These 8 ports are used by fedmsg.  One for each wsgi thread.
 

+   3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
 

+   # this port is used by node_exporter whose metrics are used by prometheus
 

+   '9100']
 

+ volumes: [{device: '/dev/vdc', volume_id: '63c3a40c-e228-417a-97a2-e2c34730bf3b'}]
 

+ zone: nova

file modified
+27 -36 
@@ -1,49 +1,40 @@
 

  ---
 

- ansible_user: ec2-user
 

- ansible_become_user: root
 

  ansible_become: yes
 

- 

- datacenter: aws
 

- inventory_hostname: "copr-db-stg.aws.fedoraproject.org"
 

- inventory_instance_name: copr-db-stg
 

- 

- nm_controlled_resolv: True
 

+ ansible_become_user: root
 

  ansible_ifcfg_blocklist: True
 

- 

- swap_file_size_mb: 4096
 

- swap_file_path: /swap
 

- 

- hostbase: copr-db-stg-
 

- public_ip: 52.200.82.86
 

- root_auth_users: msuchy frostyx praiskup schlupov
 

- description: copr database - staging instance
 

- 

+ ansible_user: ec2-user
 

  # Copr vars
 

  copr_hostbase: copr-db-stg
 

- 

- nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

-   dhcpd: false
 

-   httpd: false
 

-   swap: false
 

-   ping: false
 

-   raid: false
 

- 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - coprdb
 

- 

- # This is a more strict list of databases to backup every day
 

- dbs_to_backup:
 

- - coprdb
 

- 

- 

+   - coprdb
 

+ datacenter: aws
 

  db_backup_dir: ['/backups']
 

  # Should be 0.25 of memory
 

  #shared_buffers: "16GB"
 

  # Should be 0.80 of memory
 

  #effective_cache_size: "50GB"
 

  #max_stack_depth: "6MB"
 

+ 

+ # This is a more strict list of databases to backup every day
 

+ dbs_to_backup:
 

+   - coprdb
 

+ description: copr database - staging instance
 

+ hostbase: copr-db-stg-
 

+ inventory_hostname: "copr-db-stg.aws.fedoraproject.org"
 

+ inventory_instance_name: copr-db-stg
 

+ nagios_Check_Services:
 

+   dhcpd: false
 

+   httpd: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

+   ping: false
 

+   raid: false
 

+   sshd: false
 

+   swap: false
 

+ nm_controlled_resolv: True
 

+ public_ip: 52.200.82.86
 

+ root_auth_users: msuchy frostyx praiskup schlupov
 

+ swap_file_path: /swap
 

+ swap_file_size_mb: 4096

file modified
+18 -23 
@@ -1,35 +1,30 @@
 

  ---
 

- ansible_ssh_user: fedora
 

- ansible_become_user: root
 

  ansible_become: yes
 

- datacenter: aws
 

- inventory_hostname: "copr-dist-git-dev.aws.fedoraproject.org"
 

- inventory_instance_name: copr-dist-git-dev
 

- nm_controlled_resolv: True
 

+ ansible_become_user: root
 

  ansible_ifcfg_blocklist: True
 

- 

- swap_file_size_mb: 2048
 

- swap_file_path: /swap
 

- 

+ ansible_ssh_user: fedora
 

+ # Copr vars
 

+ copr_hostbase: copr-dist-git-dev
 

+ datacenter: aws
 

+ description: copr dist git - dev instance
 

  #instance_type: t3a.medium
 

  #image: "{{ fedora31_x86_64 }}"
 

  #keypair: fedora-admin-20130801
 

  hostbase: copr-dist-git-dev-
 

- public_ip: 54.243.51.13
 

- root_auth_users: msuchy frostyx praiskup schlupov
 

- description: copr dist git - dev instance
 

- 

- 

- # Copr vars
 

- copr_hostbase: copr-dist-git-dev
 

- 

+ inventory_hostname: "copr-dist-git-dev.aws.fedoraproject.org"
 

+ inventory_instance_name: copr-dist-git-dev
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: true
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: true
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ nm_controlled_resolv: True
 

+ public_ip: 54.243.51.13
 

+ root_auth_users: msuchy frostyx praiskup schlupov
 

+ swap_file_path: /swap
 

+ swap_file_size_mb: 2048

file modified
+21 -23 
@@ -1,34 +1,32 @@
 

  ---
 

- instance_type: ms1.small
 

- image: "{{ fedora30_x86_64 }}"
 

- #image: rhel7-20141015
 

- keypair: fedora-admin-20130801
 

- security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

- zone: nova
 

- hostbase: copr-dist-git-dev-
 

- public_ip: 209.132.184.179
 

- root_auth_users:  ryanlerch pingou msuchy frostyx praiskup schlupov
 

- description: dist-git for copr service - dev instance
 

- tcp_ports: [22, 80, 443]
 

- # volumes:  copr-dist-git-dev
 

- volumes: [ {volume_id: '64f21445-d758-4b19-8401-e497cd0ae012', device: '/dev/vdc'} ]
 

- inventory_tenant: persistent
 

- # name of machine in OpenStack
 

- inventory_instance_name: copr-dist-git-dev
 

  cloud_networks:
 

    # persistent-net
 

    - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
 

- 

  # Copr vars
 

  copr_hostbase: copr-dist-git-dev
 

- 

+ description: dist-git for copr service - dev instance
 

+ hostbase: copr-dist-git-dev-
 

+ image: "{{ fedora30_x86_64 }}"
 

+ instance_type: ms1.small
 

+ # name of machine in OpenStack
 

+ inventory_instance_name: copr-dist-git-dev
 

+ inventory_tenant: persistent
 

+ #image: rhel7-20141015
 

+ keypair: fedora-admin-20130801
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ public_ip: 209.132.184.179
 

+ root_auth_users: ryanlerch pingou msuchy frostyx praiskup schlupov
 

+ security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

+ tcp_ports: [22, 80, 443]
 

+ # volumes:  copr-dist-git-dev
 

+ volumes: [{device: '/dev/vdc', volume_id: '64f21445-d758-4b19-8401-e497cd0ae012'}]
 

+ zone: nova

file modified
+20 -22 
@@ -1,33 +1,31 @@
 

  ---
 

- instance_type: ms1.small
 

- image: "{{ fedora28_x86_64 }}"
 

- keypair: fedora-admin-20130801
 

- security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

- zone: nova
 

- hostbase: copr-dist-git-stg-
 

- public_ip: 209.132.184.57
 

- root_auth_users:  ryanlerch pingou msuchy frostyx frostyx praiskup schlupov
 

- description: dist-git for copr service - stg instance
 

- tcp_ports: [22, 80, 443]
 

- # volumes:  copr-dist-git-stg
 

- volumes: [ {volume_id: '0cb506b9-3931-47fa-b6d3-a0ad2614f221', device: '/dev/vdc'} ]
 

- inventory_tenant: persistent
 

- # name of machine in OpenStack
 

- inventory_instance_name: copr-dist-git-stg
 

  cloud_networks:
 

    # persistent-net
 

    - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
 

- 

  # Copr vars
 

  copr_hostbase: copr-dist-git-stg
 

- 

+ description: dist-git for copr service - stg instance
 

+ hostbase: copr-dist-git-stg-
 

+ image: "{{ fedora28_x86_64 }}"
 

+ instance_type: ms1.small
 

+ # name of machine in OpenStack
 

+ inventory_instance_name: copr-dist-git-stg
 

+ inventory_tenant: persistent
 

+ keypair: fedora-admin-20130801
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ public_ip: 209.132.184.57
 

+ root_auth_users: ryanlerch pingou msuchy frostyx frostyx praiskup schlupov
 

+ security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

+ tcp_ports: [22, 80, 443]
 

+ # volumes:  copr-dist-git-stg
 

+ volumes: [{device: '/dev/vdc', volume_id: '0cb506b9-3931-47fa-b6d3-a0ad2614f221'}]
 

+ zone: nova

file modified
+16 -20 
@@ -1,13 +1,12 @@
 

  ---
 

- ansible_ssh_user: fedora
 

- ansible_become_user: root
 

  ansible_become: yes
 

- datacenter: aws
 

- inventory_hostname: "copr-dist-git.aws.fedoraproject.org"
 

- inventory_instance_name: copr-dist-git
 

- nm_controlled_resolv: True
 

+ ansible_become_user: root
 

  ansible_ifcfg_blocklist: True
 

- 

+ ansible_ssh_user: fedora
 

+ # Copr vars
 

+ copr_hostbase: copr-dist-git
 

+ datacenter: aws
 

+ description: copr dist git - prod instance
 

  #swap_file_size_mb: 2048
 

  #swap_file_path: /swap
 

  
@@ -15,21 +14,18 @@
 

  #image: "{{ fedora31_x86_64 }}"
 

  #keypair: fedora-admin-20130801
 

  hostbase: copr-dist-git
 

- public_ip: 3.89.184.181
 

- root_auth_users: msuchy frostyx praiskup schlupov
 

- description: copr dist git - prod instance
 

- 

- 

- # Copr vars
 

- copr_hostbase: copr-dist-git
 

- 

+ inventory_hostname: "copr-dist-git.aws.fedoraproject.org"
 

+ inventory_instance_name: copr-dist-git
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: true
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: true
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ nm_controlled_resolv: True
 

+ public_ip: 3.89.184.181
 

+ root_auth_users: msuchy frostyx praiskup schlupov

file modified
+21 -23 
@@ -1,36 +1,34 @@
 

  ---
 

- instance_type: ms1.medium.bigswap
 

- image: "{{ fedora30_x86_64 }}"
 

- keypair: fedora-admin-20130801
 

- security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

- zone: nova
 

- hostbase: copr-dist-git
 

- public_ip: 209.132.184.163
 

- root_auth_users: msuchy frostyx praiskup schlupov
 

- description: dist-git for copr service - prod instance
 

- tcp_ports: [22, 80, 443]
 

- # volumes:  copr-dist-git, copr-dist-git-log
 

- volumes: [ {volume_id: '0ee0735e-0ce5-4e4e-8f52-bc62bf4a0968', device: '/dev/vdc'}, {volume_id: 'e712828f-998f-49aa-85a6-aeb42a7d1843', device: '/dev/vdd'} ]
 

- inventory_tenant: persistent
 

- # name of machine in OpenStack
 

- inventory_instance_name: copr-dist-git
 

  cloud_networks:
 

    # persistent-net
 

    - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
 

- 

  # Copr vars
 

  copr_hostbase: copr-dist-git
 

- 

+ description: dist-git for copr service - prod instance
 

  host_backup_targets: ['/var/lib/dist-git/git', '/var/lib/dist-git/cache']
 

- 

+ hostbase: copr-dist-git
 

+ image: "{{ fedora30_x86_64 }}"
 

+ instance_type: ms1.medium.bigswap
 

+ # name of machine in OpenStack
 

+ inventory_instance_name: copr-dist-git
 

+ inventory_tenant: persistent
 

+ keypair: fedora-admin-20130801
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

  # There is no python2 on F30
 

+ 

+ public_ip: 209.132.184.163
 

+ root_auth_users: msuchy frostyx praiskup schlupov
 

+ security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

+ tcp_ports: [22, 80, 443]
 

+ # volumes:  copr-dist-git, copr-dist-git-log
 

+ volumes: [{device: '/dev/vdc', volume_id: '0ee0735e-0ce5-4e4e-8f52-bc62bf4a0968'}, {device: '/dev/vdd', volume_id: 'e712828f-998f-49aa-85a6-aeb42a7d1843'}]
 

+ zone: nova

file modified
+16 -21 
@@ -1,30 +1,25 @@
 

  ---
 

- datacenter: aws
 

- inventory_hostname: "copr-fe-dev.aws.fedoraproject.org"
 

- inventory_instance_name: copr-fe-dev
 

- principal_alias: "HTTP/copr-fe-dev.cloud.fedoraproject.org@STG.FEDORAPROJECT.ORG"
 

- 

- nm_controlled_resolv: True
 

  ansible_ifcfg_blocklist: True
 

- 

- swap_file_size_mb: 4096
 

- swap_file_path: /swap
 

- 

- hostbase: copr-fe-dev-
 

- public_ip: 18.208.24.211
 

- root_auth_users: msuchy frostyx praiskup schlupov ttomecek
 

- description: copr frontend - dev instance
 

- 

  # Copr vars
 

  copr_hostbase: copr-fe-dev
 

- 

+ datacenter: aws
 

+ description: copr frontend - dev instance
 

+ hostbase: copr-fe-dev-
 

+ inventory_hostname: "copr-fe-dev.aws.fedoraproject.org"
 

+ inventory_instance_name: copr-fe-dev
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: true
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: true
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ nm_controlled_resolv: True
 

+ principal_alias: "HTTP/copr-fe-dev.cloud.fedoraproject.org@STG.FEDORAPROJECT.ORG"
 

+ public_ip: 18.208.24.211
 

+ root_auth_users: msuchy frostyx praiskup schlupov ttomecek
 

+ swap_file_path: /swap
 

+ swap_file_size_mb: 4096

file modified
+20 -23 
@@ -1,35 +1,32 @@
 

  ---
 

- instance_type: m1.medium
 

- image: "{{ fedora30_x86_64 }}"
 

- keypair: fedora-admin-20130801
 

- security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

- zone: nova
 

- hostbase: copr-fe-dev-
 

- public_ip: 209.132.184.55
 

- root_auth_users:  ryanlerch pingou msuchy frostyx praiskup schlupov
 

- description: copr frontend server - dev instance
 

- tcp_ports: [22, 80, 443]
 

- # volumes: copr-fe-dev-db
 

- volumes: [ {volume_id: 'c0f338f4-b59e-4b58-8f86-47011eaa0fab', device: '/dev/vdc'} ]
 

- inventory_tenant: persistent
 

- # name of machine in OpenStack
 

- inventory_instance_name: copr-fe-dev
 

  cloud_networks:
 

    # persistent-net
 

    - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
 

- 

  # Copr vars
 

  copr_hostbase: copr-fe-dev
 

- 

+ description: copr frontend server - dev instance
 

+ hostbase: copr-fe-dev-
 

+ image: "{{ fedora30_x86_64 }}"
 

+ instance_type: m1.medium
 

+ # name of machine in OpenStack
 

+ inventory_instance_name: copr-fe-dev
 

+ inventory_tenant: persistent
 

+ keypair: fedora-admin-20130801
 

  # There is no python2 on F30
 

- 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ public_ip: 209.132.184.55
 

+ root_auth_users: ryanlerch pingou msuchy frostyx praiskup schlupov
 

+ security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

+ tcp_ports: [22, 80, 443]
 

+ # volumes: copr-fe-dev-db
 

+ volumes: [{device: '/dev/vdc', volume_id: 'c0f338f4-b59e-4b58-8f86-47011eaa0fab'}]
 

+ zone: nova

file modified
+20 -29 
@@ -1,43 +1,34 @@
 

  ---
 

- datacenter: aws
 

- inventory_hostname: "copr-fe.aws.fedoraproject.org"
 

- inventory_instance_name: copr-fe
 

- 

- nm_controlled_resolv: True
 

  ansible_ifcfg_blocklist: True
 

- 

- swap_file_size_mb: 8192
 

- swap_file_path: /swap
 

- 

- hostbase: copr-fe-
 

- public_ip: 3.225.109.36
 

- root_auth_users: msuchy frostyx praiskup schlupov ttomecek
 

- description: copr frontend server - prod instance
 

- 

+ # this overrides vars/Fedora.yml
 

+ base_pkgs_erase: ['PackageKit*', 'sendmail', 'at']
 

  # Copr vars
 

  copr_hostbase: copr-fe
 

- 

+ datacenter: aws
 

+ db_backup_dir: ['/backups']
 

  # dbs to be backed up on this host
 

  dbs_to_backup:
 

- - coprdb
 

- 

- db_backup_dir: ['/backups']
 

- 

+   - coprdb
 

+ description: copr frontend server - prod instance
 

+ hostbase: copr-fe-
 

+ inventory_hostname: "copr-fe.aws.fedoraproject.org"
 

+ inventory_instance_name: copr-fe
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: true
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: true
 

    ping: false
 

    raid: false
 

- 

- # this overrides vars/Fedora.yml
 

- base_pkgs_erase: ['PackageKit*', 'sendmail', 'at']
 

- 

+   sshd: false
 

+   swap: false
 

+ nm_controlled_resolv: True
 

+ public_ip: 3.225.109.36
 

+ root_auth_users: msuchy frostyx praiskup schlupov ttomecek
 

+ sar_output_file: copr.json
 

  # GDPR SAR variables
 

  sar_script: /usr/share/copr/coprs_frontend/run/copr-gdpr-sar.sh
 

  sar_script_user: copr-fe
 

- sar_output_file: copr.json
 

+ swap_file_path: /swap
 

+ swap_file_size_mb: 8192

file modified
+25 -31 
@@ -1,47 +1,41 @@
 

  ---
 

  # this overrides vars/Fedora.yml
 

  base_pkgs_erase: ['PackageKit*', 'sendmail', 'at']
 

- 

- instance_type: ms1.large
 

- image: "{{ fedora30_x86_64 }}"
 

- keypair: fedora-admin-20130801
 

- security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent
 

- zone: nova
 

- hostbase: copr-fe-
 

- public_ip: 209.132.184.54
 

- root_auth_users: msuchy frostyx praiskup schlupov
 

- description: copr frontend server - prod instance
 

- tcp_ports: [22, 80, 443]
 

- volumes: [ {volume_id: '8f790db7-8294-4d2b-8bae-7af5961ce0f8', device: '/dev/vdc'} ]
 

- inventory_tenant: persistent
 

- inventory_instance_name: copr-fe
 

  cloud_networks:
 

    # persistent-net
 

    - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
 

- 

  # Copr vars
 

- 

  copr_hostbase: copr-fe
 

- 

+ db_backup_dir: ['/backups']
 

  # dbs to be backed up on this host
 

  dbs_to_backup:
 

- - coprdb
 

- 

- db_backup_dir: ['/backups']
 

- 

- # GDPR SAR variables
 

- sar_script: /usr/share/copr/coprs_frontend/run/copr-gdpr-sar.sh
 

- sar_script_user: copr-fe
 

- sar_output_file: copr.json
 

- 

+   - coprdb
 

+ description: copr frontend server - prod instance
 

+ hostbase: copr-fe-
 

+ image: "{{ fedora30_x86_64 }}"
 

+ instance_type: ms1.large
 

+ inventory_instance_name: copr-fe
 

+ inventory_tenant: persistent
 

+ keypair: fedora-admin-20130801
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

  # There is no python2 on F30
 

+ 

+ public_ip: 209.132.184.54
 

+ root_auth_users: msuchy frostyx praiskup schlupov
 

+ sar_output_file: copr.json
 

+ # GDPR SAR variables
 

+ sar_script: /usr/share/copr/coprs_frontend/run/copr-gdpr-sar.sh
 

+ sar_script_user: copr-fe
 

+ security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent
 

+ tcp_ports: [22, 80, 443]
 

+ volumes: [{device: '/dev/vdc', volume_id: '8f790db7-8294-4d2b-8bae-7af5961ce0f8'}]
 

+ zone: nova

file modified
+15 -17 
@@ -1,29 +1,27 @@
 

  ---
 

- ansible_ssh_user: fedora
 

- ansible_become_user: root
 

  ansible_become: yes
 

- datacenter: aws
 

- inventory_hostname: "copr-keygen-dev.aws.fedoraproject.org"
 

- inventory_instance_name: copr-keygen-dev
 

- nm_controlled_resolv: True
 

+ ansible_become_user: root
 

  ansible_ifcfg_blocklist: True
 

- 

+ ansible_ssh_user: fedora
 

+ datacenter: aws
 

+ #volumes: [ {volume_id: '9e2b4c55-9ec3-4508-af46-a40f3a5bd982', device: '/dev/vdc'} ]
 

+ description: copr key gen and sign host - dev instance
 

  #instance_type: t3a.small
 

  #image: "{{ fedora31_x86_64 }}"
 

  #keypair: fedora-admin-20130801
 

  hostbase: copr-keygen-dev-
 

- public_ip: 54.225.23.248
 

- root_auth_users: msuchy frostyx praiskup schlupov
 

- #volumes: [ {volume_id: '9e2b4c55-9ec3-4508-af46-a40f3a5bd982', device: '/dev/vdc'} ]
 

- description: copr key gen and sign host - dev instance
 

- 

+ inventory_hostname: "copr-keygen-dev.aws.fedoraproject.org"
 

+ inventory_instance_name: copr-keygen-dev
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: true
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: true
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ nm_controlled_resolv: True
 

+ public_ip: 54.225.23.248
 

+ root_auth_users: msuchy frostyx praiskup schlupov

file modified
+19 -23 
@@ -1,35 +1,31 @@
 

  ---
 

- instance_type: ms1.small
 

- image: "{{ fedora30_x86_64 }}"
 

- keypair: fedora-admin-20130801
 

- # todo: remove some security groups ?
 

- security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

- zone: nova
 

- hostbase: copr-keygen-dev-
 

- public_ip: 209.132.184.46
 

- root_auth_users: msuchy frostyx praiskup schlupov
 

- volumes: [ {volume_id: '9e2b4c55-9ec3-4508-af46-a40f3a5bd982', device: '/dev/vdc'} ]
 

- description: copr key gen and sign host - dev instance
 

- 

- inventory_tenant: persistent
 

- # name of machine in OpenStack
 

- inventory_instance_name: copr-keygen-dev
 

  cloud_networks:
 

    # persistent-net
 

    - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
 

- 

  # Copr vars
 

  copr_hostbase: copr-keygen-dev
 

- 

+ description: copr key gen and sign host - dev instance
 

+ hostbase: copr-keygen-dev-
 

+ image: "{{ fedora30_x86_64 }}"
 

+ instance_type: ms1.small
 

+ # name of machine in OpenStack
 

+ inventory_instance_name: copr-keygen-dev
 

+ inventory_tenant: persistent
 

+ keypair: fedora-admin-20130801
 

  # There is no python2 on F30
 

- 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ public_ip: 209.132.184.46
 

+ root_auth_users: msuchy frostyx praiskup schlupov
 

+ # todo: remove some security groups ?
 

+ security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

+ volumes: [{device: '/dev/vdc', volume_id: '9e2b4c55-9ec3-4508-af46-a40f3a5bd982'}]
 

+ zone: nova

file modified
+19 -22 
@@ -1,33 +1,30 @@
 

  ---
 

- instance_type: ms1.small
 

- image: "{{ fedora28_x86_64 }}"
 

- keypair: fedora-admin-20130801
 

- # todo: remove some security groups ?
 

- security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

- zone: nova
 

- hostbase: copr-keygen-stg-
 

- public_ip: 209.132.184.56
 

- root_auth_users: msuchy frostyx praiskup schlupov
 

- volumes: [ {volume_id: '5424ff3c-b1c6-4291-a0ed-2d30924f4f88', device: '/dev/vdc'} ]
 

- description: copr keygen and sign host - stg instance
 

- 

- inventory_tenant: persistent
 

- # name of machine in OpenStack
 

- inventory_instance_name: copr-keygen-stg
 

  cloud_networks:
 

    # persistent-net
 

    - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
 

- 

  # Copr vars
 

  copr_hostbase: copr-keygen-stg
 

- 

+ description: copr keygen and sign host - stg instance
 

+ hostbase: copr-keygen-stg-
 

+ image: "{{ fedora28_x86_64 }}"
 

+ instance_type: ms1.small
 

+ # name of machine in OpenStack
 

+ inventory_instance_name: copr-keygen-stg
 

+ inventory_tenant: persistent
 

+ keypair: fedora-admin-20130801
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ public_ip: 209.132.184.56
 

+ root_auth_users: msuchy frostyx praiskup schlupov
 

+ # todo: remove some security groups ?
 

+ security_group: web-80-anywhere-persistent,web-443-anywhere-persistent,ssh-anywhere-persistent,default,all-icmp-persistent
 

+ volumes: [{device: '/dev/vdc', volume_id: '5424ff3c-b1c6-4291-a0ed-2d30924f4f88'}]
 

+ zone: nova

file modified
+14 -16 
@@ -1,29 +1,27 @@
 

  ---
 

- ansible_ssh_user: fedora
 

- ansible_become_user: root
 

  ansible_become: yes
 

- datacenter: aws
 

- inventory_hostname: "copr-keygen.aws.fedoraproject.org"
 

- inventory_instance_name: copr-keygen
 

- nm_controlled_resolv: True
 

+ ansible_become_user: root
 

  ansible_ifcfg_blocklist: True
 

+ ansible_ssh_user: fedora
 

+ datacenter: aws
 

  db_backup_dir: ['/backup']
 

- 

+ description: copr key gen and sign host - prod instance
 

  #instance_type: t3a.small
 

  #image: "{{ fedora31_x86_64 }}"
 

  #keypair: fedora-admin-20130801
 

  hostbase: copr-keygen-dev-
 

- public_ip: 54.83.48.73
 

- root_auth_users: msuchy frostyx praiskup schlupov
 

- description: copr key gen and sign host - prod instance
 

- 

+ inventory_hostname: "copr-keygen.aws.fedoraproject.org"
 

+ inventory_instance_name: copr-keygen
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: true
 

    ping: false
 

    raid: false
 

+   sshd: true
 

+   swap: false
 

+ nm_controlled_resolv: True
 

+ public_ip: 54.83.48.73
 

+ root_auth_users: msuchy frostyx praiskup schlupov

file modified
+21 -28 
@@ -1,39 +1,32 @@
 

  ---
 

- instance_type: ms1.small
 

- image: "{{ fedora30_x86_64 }}"
 

- keypair: fedora-admin-20130801
 

- zone: nova
 

- hostbase: copr-keygen-
 

- public_ip: 209.132.184.49
 

- root_auth_users: msuchy frostyx praiskup schlupov
 

- description: copr key gen instance
 

- volumes: [ {volume_id: '761175dc-daaf-48c0-be09-5799990f97a7', device: '/dev/vdc'} ]
 

- # security_group: default
 

- security_group: web-80-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent,keygen-persistent
 

- 

- inventory_tenant: persistent
 

- # name of machine in OpenStack
 

- inventory_instance_name: copr-keygen
 

  cloud_networks:
 

    # persistent-net
 

    - net-id: "67b77354-39a4-43de-b007-bb813ac5c35f"
 

- 

- 

- host_backup_targets: ['/backup/']
 

- datacenter: cloud
 

- 

  # Copr vars
 

  copr_hostbase: copr-keygen
 

- 

+ datacenter: cloud
 

+ description: copr key gen instance
 

+ host_backup_targets: ['/backup/']
 

+ hostbase: copr-keygen-
 

+ image: "{{ fedora30_x86_64 }}"
 

+ instance_type: ms1.small
 

+ # name of machine in OpenStack
 

+ inventory_instance_name: copr-keygen
 

+ inventory_tenant: persistent
 

+ keypair: fedora-admin-20130801
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: true
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

- 

- # There is no python2 on F30
 

+   sshd: true
 

+   swap: false
 

+ public_ip: 209.132.184.49
 

+ root_auth_users: msuchy frostyx praiskup schlupov
 

+ # security_group: default
 

+ security_group: web-80-anywhere-persistent,ssh-anywhere-persistent,default,allow-nagios-persistent,keygen-persistent
 

+ volumes: [{device: '/dev/vdc', volume_id: '761175dc-daaf-48c0-be09-5799990f97a7'}]
 

+ zone: nova

file modified
+7 -10 
@@ -1,13 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

  datacenter: iad2
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

+ dns: 10.3.163.33
 

  eth0_ip: 10.3.163.48
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -10 
@@ -1,13 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

- dns: 10.3.163.33
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: vmhost-x86-10.stg.iad2.fedoraproject.org
 

  datacenter: iad2
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

+ dns: 10.3.163.33
 

  eth0_ip: 10.3.166.60
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-10.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -10 
@@ -1,13 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

  datacenter: iad2
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

+ dns: 10.3.163.33
 

  eth0_ip: 10.3.163.103
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+21 -28 
@@ -1,40 +1,33 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.163.43
 

- vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - datanommer
 

- 

+   - datanommer
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

  # This is a more strict list, to be made publicly available
 

  dbs_to_backup:
 

- - datanommer
 

- 

+   - datanommer
 

+ dns: 10.3.163.33
 

+ effective_cache_size: "12GB"
 

+ eth0_ip: 10.3.163.43
 

+ gw: 10.3.163.254
 

+ # kernel SHMMAX value
 

+ kernel_shmmax: 68719476736
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 1000000
 

  mem_size: 65536
 

+ nagios_Check_Services:
 

+   swap: false
 

+ nm: 255.255.255.0
 

  num_cpus: 8
 

- tcp_ports: [ 5432, 443 ]
 

- 

- # kernel SHMMAX value
 

- kernel_shmmax: 68719476736
 

- 

- db_backup_dir: ['/backups']
 

- shared_buffers: "4GB"
 

- effective_cache_size: "12GB"
 

- 

+ sar_huge: true
 

+ sar_output_file: datagrepper.csv
 

  # GDPR SAR variables - datanommer/datagrepper
 

  sar_script: /usr/local/bin/datagrepper_sar.py
 

  sar_script_user: root
 

- sar_output_file: datagrepper.csv
 

- sar_huge: true
 

- 

- nagios_Check_Services:
 

-   swap: false
 

+ shared_buffers: "4GB"
 

+ tcp_ports: [5432, 443]
 

+ vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+20 -26 
@@ -1,38 +1,32 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.166.59
 

- vmhost: vmhost-x86-10.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - datanommer
 

- 

+   - datanommer
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

  # This is a more strict list, to be made publicly available
 

  dbs_to_backup:
 

- - datanommer
 

- 

+   - datanommer
 

+ dns: 10.3.163.33
 

+ effective_cache_size: "12GB"
 

+ eth0_ip: 10.3.166.59
 

+ gw: 10.3.166.254
 

+ # kernel SHMMAX value
 

+ kernel_shmmax: 68719476736
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 1000000
 

- mem_size: 65536
 

  max_mem_size: 98304
 

+ mem_size: 65536
 

+ nm: 255.255.255.0
 

  num_cpus: 8
 

- tcp_ports: [ 5432, 443 ]
 

- 

- # kernel SHMMAX value
 

- kernel_shmmax: 68719476736
 

- 

- db_backup_dir: ['/backups']
 

- shared_buffers: "4GB"
 

- effective_cache_size: "12GB"
 

- 

+ sar_huge: true
 

+ sar_output_file: datagrepper.csv
 

  # GDPR SAR variables - datanommer/datagrepper
 

  sar_script: /usr/local/bin/datagrepper_sar.py
 

  sar_script_user: root
 

- sar_output_file: datagrepper.csv
 

- sar_huge: true
 

+ shared_buffers: "4GB"
 

+ tcp_ports: [5432, 443]
 

+ vmhost: vmhost-x86-10.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+24 -31 
@@ -1,43 +1,36 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.163.111
 

- vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

- datacenter: iad2
 

- eth0_ipv4: "{{eth0_ip}}"
 

- eth0_ipv4_nm: "{{nm}}"
 

- eth0_ipv4_gw: "{{gw}}"
 

- 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - datanommer
 

- 

+   - datanommer
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

  # This is a more strict list, to be made publicly available
 

  dbs_to_backup:
 

- - datanommer
 

- 

+   - datanommer
 

+ dns: 10.3.163.33
 

+ effective_cache_size: "12GB"
 

+ eth0_ip: 10.3.163.111
 

+ eth0_ipv4: "{{eth0_ip}}"
 

+ eth0_ipv4_gw: "{{gw}}"
 

+ eth0_ipv4_nm: "{{nm}}"
 

+ gw: 10.3.163.254
 

+ # kernel SHMMAX value
 

+ kernel_shmmax: 68719476736
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 1500g
 

  mem_size: 65536
 

+ nagios_Check_Services:
 

+   swap: false
 

+ nm: 255.255.255.0
 

  num_cpus: 8
 

- tcp_ports: [ 5432, 443 ]
 

- 

- # kernel SHMMAX value
 

- kernel_shmmax: 68719476736
 

- 

- db_backup_dir: ['/backups']
 

- shared_buffers: "4GB"
 

- effective_cache_size: "12GB"
 

- 

+ sar_huge: true
 

+ sar_output_file: datagrepper.csv
 

  # GDPR SAR variables - datanommer/datagrepper
 

  sar_script: /usr/local/bin/datagrepper_sar.py
 

  sar_script_user: root
 

- sar_output_file: datagrepper.csv
 

- sar_huge: true
 

- 

- nagios_Check_Services:
 

-   swap: false
 

+ shared_buffers: "4GB"
 

+ tcp_ports: [5432, 443]
 

+ vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+26 -38 
@@ -1,52 +1,40 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.163.42
 

- vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

+ #
 

+ # Only allow postgresql access from the frontend nodes and hosted.
 

+ #
 

+ custom_rules: [
 

+   # Openshift nodes (egress policy will block connection from non-authorized projects)
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.69   --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.70   --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.71   --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.72   --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.73   --dport 5432 -j ACCEPT',
 

+   # noc01 needs to connect to check the db
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.10   --dport 5432 -j ACCEPT',
 

+   # Ipsilon VMs
 

+   '-A INPUT -p tcp -m tcp -s 10.3.163.105  --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.106  --dport 5432 -j ACCEPT']
 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - fas2
 

- 

+   - fas2
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

  # This is a more strict list, to be made publicly available
 

  dbs_to_backup:
 

- - fas2
 

- 

+   - fas2
 

+ dns: 10.3.163.33
 

+ effective_cache_size: "6GB"
 

+ eth0_ip: 10.3.163.42
 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 100000
 

+ max_stack_depth: "4MB"
 

  mem_size: 16384
 

- num_cpus: 8
 

- 

- #
 

- # Only allow postgresql access from the frontend nodes and hosted.
 

- #
 

- custom_rules: [
 

-     # Openshift nodes (egress policy will block connection from non-authorized projects)
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.69   --dport 5432 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.70   --dport 5432 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.71   --dport 5432 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.72   --dport 5432 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.73   --dport 5432 -j ACCEPT',
 

-     # noc01 needs to connect to check the db
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.10   --dport 5432 -j ACCEPT',
 

-     # Ipsilon VMs
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.105  --dport 5432 -j ACCEPT',
 

-     '-A INPUT -p tcp -m tcp -s 10.3.163.106  --dport 5432 -j ACCEPT',
 

- ]
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 800
 

  #
 

  # Large updates pushes cause lots of db threads doing the tag moves, so up this from default.
 

  #
 

  nrpe_procs_warn: 600
 

- nrpe_procs_crit: 800
 

- 

- db_backup_dir: ['/backups']
 

+ num_cpus: 8
 

  shared_buffers: "2GB"
 

- effective_cache_size: "6GB"
 

  temp_buffers: "8MB"
 

- max_stack_depth: "4MB"
 

+ vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+29 -36 
@@ -1,49 +1,42 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

- dns: 10.3.163.33
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.166.34
 

- vmhost: vmhost-x86-02.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- 

+ #
 

+ # Only allow postgresql access from the frontend node and ipsilon01.stg and
 

+ # fas3-01.stg and openshift
 

+ #
 

+ custom_rules:
 

+   # - '-A INPUT -p tcp -m tcp -s 10.5.128.129 --dport 5432 -j ACCEPT'
 

+   # - '-A INPUT -p tcp -m tcp -s 10.5.128.137 --dport 5432 -j ACCEPT'
 

+   # - '-A INPUT -p tcp -m tcp -s 10.5.128.82 --dport 5432 -j ACCEPT'
 

+   # - '-A INPUT -p tcp -m tcp -s 10.5.128.104 --dport 5432 -j ACCEPT'
 

+   # - '-A INPUT -p tcp -m tcp -s 10.5.128.105 --dport 5432 -j ACCEPT'
 

+   # - '-A INPUT -p tcp -m tcp -s 10.5.128.106 --dport 5432 -j ACCEPT'
 

+   # - '-A INPUT -p tcp -m tcp -s 10.5.128.107 --dport 5432 -j ACCEPT'
 

+   # TODO: lock it down more
 

+   - '-A INPUT -p tcp -m tcp -s 10.3.166.0/24 --dport 5432 -j ACCEPT'
 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - fas2
 

- 

+   - fas2
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

  # This is a more strict list, to be made publicly available
 

  dbs_to_backup:
 

- - fas2
 

- 

+   - fas2
 

+ dns: 10.3.163.33
 

+ effective_cache_size: "3GB"
 

+ eth0_ip: 10.3.166.34
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 30000
 

  mem_size: 4096
 

- num_cpus: 2
 

- 

- #
 

- # Only allow postgresql access from the frontend node and ipsilon01.stg and
 

- # fas3-01.stg and openshift
 

- #
 

- custom_rules:
 

- # - '-A INPUT -p tcp -m tcp -s 10.5.128.129 --dport 5432 -j ACCEPT'
 

- # - '-A INPUT -p tcp -m tcp -s 10.5.128.137 --dport 5432 -j ACCEPT'
 

- # - '-A INPUT -p tcp -m tcp -s 10.5.128.82 --dport 5432 -j ACCEPT'
 

- # - '-A INPUT -p tcp -m tcp -s 10.5.128.104 --dport 5432 -j ACCEPT'
 

- # - '-A INPUT -p tcp -m tcp -s 10.5.128.105 --dport 5432 -j ACCEPT'
 

- # - '-A INPUT -p tcp -m tcp -s 10.5.128.106 --dport 5432 -j ACCEPT'
 

- # - '-A INPUT -p tcp -m tcp -s 10.5.128.107 --dport 5432 -j ACCEPT'
 

- # TODO: lock it down more
 

- - '-A INPUT -p tcp -m tcp -s 10.3.166.0/24 --dport 5432 -j ACCEPT'
 

- 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 500
 

  #
 

  # Large updates pushes cause lots of db threads doing the tag moves, so up this from default.
 

  #
 

  nrpe_procs_warn: 400
 

- nrpe_procs_crit: 500
 

- 

- db_backup_dir: ['/backups']
 

+ num_cpus: 2
 

  shared_buffers: "1GB"
 

- effective_cache_size: "3GB"
 

+ vmhost: vmhost-x86-02.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+27 -41 
@@ -1,54 +1,40 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

- dns: 10.3.163.33
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.169.103
 

- vmhost: bvmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- 

+ #
 

+ # Only allow postgresql access from the frontend node.
 

+ #
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.169.104 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.169.105 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.169.10 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.10 --dport 5432 -j ACCEPT']
 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - koji
 

- 

+   - koji
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

  # This is a more strict list, to be made publicly available
 

  dbs_to_backup:
 

- - koji
 

- 

+   - koji
 

+ dns: 10.3.163.33
 

+ effective_cache_size: "100GB"
 

+ eth0_ip: 10.3.169.103
 

+ gw: 10.3.169.254
 

+ # kernel SHMMAX value
 

+ kernel_shmmax: 68719476736
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 1500000
 

- mem_size: 131070
 

- num_cpus: 72
 

  max_cpu: 96
 

- 

- # kernel SHMMAX value
 

- kernel_shmmax: 68719476736
 

- 

- #
 

- # Only allow postgresql access from the frontend node.
 

- #
 

- custom_rules: [
 

- '-A INPUT -p tcp -m tcp -s 10.3.169.104 --dport 5432 -j ACCEPT',
 

- '-A INPUT -p tcp -m tcp -s 10.3.169.105 --dport 5432 -j ACCEPT',
 

- '-A INPUT -p tcp -m tcp -s 10.3.169.10 --dport 5432 -j ACCEPT',
 

- '-A INPUT -p tcp -m tcp -s 10.3.163.10 --dport 5432 -j ACCEPT',
 

- ]
 

- 

+ max_parallel_maintenance_workers: 8
 

+ max_parallel_workers: 64
 

+ max_parallel_workers_per_gather: 32
 

+ max_stack_depth: "6MB"
 

+ max_worker_processes: 64
 

+ mem_size: 131070
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 700
 

  #
 

  # Large updates pushes cause lots of db threads doing the tag moves, so up this from default.
 

  #
 

  nrpe_procs_warn: 600
 

- nrpe_procs_crit: 700
 

- 

- db_backup_dir: ['/backups']
 

+ num_cpus: 72
 

  shared_buffers: "32GB"
 

- effective_cache_size: "100GB"
 

- max_stack_depth: "6MB"
 

- 

- max_worker_processes: 64
 

- max_parallel_workers_per_gather: 32
 

- max_parallel_maintenance_workers: 8
 

- max_parallel_workers: 64
 

+ vmhost: bvmhost-x86-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+20 -28 
@@ -1,40 +1,32 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ #
 

+ # Only allow postgresql access from the frontend node.
 

+ #
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.167.64 --dport 5432 -j ACCEPT']
 

+ # This is a generic list, monitored by collectd
 

+ databases:
 

+   - koji
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- volgroup: /dev/vg_guests
 

+ effective_cache_size: "12GB"
 

  eth0_ip: 10.3.167.65
 

- #mac_address: 52:54:00:71:a6:eb
 

- vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ gw: 10.3.167.254
 

+ # kernel SHMMAX value
 

+ kernel_shmmax: 68719476736
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- 

- # This is a generic list, monitored by collectd
 

- databases:
 

- - koji
 

- 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 1500000
 

- mem_size: 16384
 

  max_mem_size: "{{ mem_size }}"
 

- num_cpus: 8
 

- 

- # kernel SHMMAX value
 

- kernel_shmmax: 68719476736
 

- 

- #
 

- # Only allow postgresql access from the frontend node.
 

- #
 

- custom_rules: [
 

-    '-A INPUT -p tcp -m tcp -s 10.3.167.64 --dport 5432 -j ACCEPT',
 

- ]
 

- 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 700
 

  #
 

  # Large updates pushes cause lots of db threads doing the tag moves, so up this from default.
 

  #
 

  nrpe_procs_warn: 600
 

- nrpe_procs_crit: 700
 

+ num_cpus: 8
 

  shared_buffers: "4GB"
 

- effective_cache_size: "12GB"
 

+ #mac_address: 52:54:00:71:a6:eb
 

+ vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+23 -28 
@@ -1,38 +1,33 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.174.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.174.51
 

- vmhost: qvmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - postgres
 

- - openqa
 

- 

+   - postgres
 

+   - openqa
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

  # This is a more strict list, to be made publicly available
 

  dbs_to_backup:
 

- - postgres
 

- # these names are also stored as host vars 'openqa_dbname',
 

- # make sure to keep in sync
 

- - openqa
 

- - openqa-stg
 

- 

+   - postgres
 

+   # these names are also stored as host vars 'openqa_dbname',
 

+   # make sure to keep in sync
 

+   - openqa
 

+   - openqa-stg
 

+ dns: 10.3.163.33
 

+ effective_cache_size: "6GB"
 

+ eth0_ip: 10.3.174.51
 

+ gw: 10.3.174.254
 

+ host_backup_targets: ['/backups']
 

+ # kernel SHMMAX value
 

+ kernel_shmmax: 68719476736
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 300000
 

  mem_size: 16384
 

+ nm: 255.255.255.0
 

  num_cpus: 10
 

- tcp_ports: [ 5432, 443, 3306 ]
 

- sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

- 

- # kernel SHMMAX value
 

- kernel_shmmax: 68719476736
 

- 

- db_backup_dir: ['/backups']
 

  shared_buffers: "2GB"
 

- effective_cache_size: "6GB"
 

- host_backup_targets: ['/backups']
 

+ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

+ tcp_ports: [5432, 443, 3306]
 

+ vmhost: qvmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+20 -27 
@@ -1,37 +1,30 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.174.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.174.54
 

- vmhost: qvmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- 

- 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - resultsdb
 

- 

+   - resultsdb
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

  # This is a more strict list, to be made publicly available
 

  dbs_to_backup:
 

- - postgres
 

- - resultsdb
 

- 

+   - postgres
 

+   - resultsdb
 

+ dns: 10.3.163.33
 

+ effective_cache_size: "6GB"
 

+ eth0_ip: 10.3.174.54
 

+ gw: 10.3.174.254
 

+ host_backup_targets: ['/backups']
 

+ # kernel SHMMAX value
 

+ kernel_shmmax: 68719476736
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 300000
 

- mem_size: 16384
 

  max_mem_size: "{{ mem_size * 2 }}"
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

  num_cpus: 6
 

- tcp_ports: [ 5432, 443, 3306 ]
 

- sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

- 

- # kernel SHMMAX value
 

- kernel_shmmax: 68719476736
 

- 

- db_backup_dir: ['/backups']
 

  shared_buffers: "2GB"
 

- effective_cache_size: "6GB"
 

- host_backup_targets: ['/backups']
 

+ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

+ tcp_ports: [5432, 443, 3306]
 

+ vmhost: qvmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+19 -24 
@@ -1,34 +1,29 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.174.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-iad2
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.174.55
 

- vmhost: qvmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - postgres
 

- 

+   - postgres
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

  # This is a more strict list, to be made publicly available
 

  dbs_to_backup:
 

- - postgres
 

- 

+   - postgres
 

+ dns: 10.3.163.33
 

+ effective_cache_size: "6GB"
 

+ eth0_ip: 10.3.174.55
 

+ gw: 10.3.174.254
 

+ host_backup_targets: ['/backups']
 

+ # kernel SHMMAX value
 

+ kernel_shmmax: 68719476736
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-iad2
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 300000
 

- mem_size: 16384
 

  max_mem_size: "{{ mem_size * 2 }}"
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

  num_cpus: 6
 

- tcp_ports: [ 5432, 443, 3306 ]
 

- sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

- 

- # kernel SHMMAX value
 

- kernel_shmmax: 68719476736
 

- 

- db_backup_dir: ['/backups']
 

  shared_buffers: "2GB"
 

- effective_cache_size: "6GB"
 

- host_backup_targets: ['/backups']
 

+ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

+ tcp_ports: [5432, 443, 3306]
 

+ vmhost: qvmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+63 -71 
@@ -1,85 +1,77 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.163.41
 

- vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- 

+ #
 

+ # We should narrow this down at some point
 

+ #
 

+ custom_rules: ['-A INPUT -p tcp -m tcp --dport 5432 -j ACCEPT']
 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - anitya
 

- - blockerbugs
 

- - bodhi2
 

- - elections
 

- - fedocal
 

- - hyperkitty
 

- - kerneltest
 

- - koschei
 

- - mailman
 

- - mbs
 

- - mirrormanager2
 

- - notifications
 

- - nuancier_lite
 

- - odcs
 

- - pagure
 

- - pdc
 

- - tahrir
 

- - waiverdb
 

- - transtats
 

- - resultsdb
 

- - zezere
 

- 

+   - anitya
 

+   - blockerbugs
 

+   - bodhi2
 

+   - elections
 

+   - fedocal
 

+   - hyperkitty
 

+   - kerneltest
 

+   - koschei
 

+   - mailman
 

+   - mbs
 

+   - mirrormanager2
 

+   - notifications
 

+   - nuancier_lite
 

+   - odcs
 

+   - pagure
 

+   - pdc
 

+   - tahrir
 

+   - waiverdb
 

+   - transtats
 

+   - resultsdb
 

+   - zezere
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

  # This is a more strict list of databases to backup every day
 

  dbs_to_backup:
 

- - anitya
 

- - blockerbugs
 

- - bodhi2
 

- - elections
 

- - fedocal
 

- - hyperkitty
 

- - kerneltest
 

- - koschei
 

- - mailman
 

- - mbs
 

- - mirrormanager2
 

- - notifications
 

- - nuancier_lite
 

- - odcs
 

- - pagure
 

- - pdc
 

- - tahrir
 

- - waiverdb
 

- - transtats
 

- - resultsdb
 

- - zezere
 

- 

+   - anitya
 

+   - blockerbugs
 

+   - bodhi2
 

+   - elections
 

+   - fedocal
 

+   - hyperkitty
 

+   - kerneltest
 

+   - koschei
 

+   - mailman
 

+   - mbs
 

+   - mirrormanager2
 

+   - notifications
 

+   - nuancier_lite
 

+   - odcs
 

+   - pagure
 

+   - pdc
 

+   - tahrir
 

+   - waiverdb
 

+   - transtats
 

+   - resultsdb
 

+   - zezere
 

+ dns: 10.3.163.33
 

+ # Should be 0.80 of memory
 

+ effective_cache_size: "50GB"
 

+ eth0_ip: 10.3.163.41
 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 500000
 

+ max_stack_depth: "6MB"
 

  mem_size: 65536
 

- num_cpus: 24
 

- 

- #
 

- # We should narrow this down at some point
 

- #
 

- custom_rules: [ '-A INPUT -p tcp -m tcp --dport 5432 -j ACCEPT' ]
 

- 

+ nagios_Check_Services:
 

+   swap: false
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 900
 

  #
 

  # db01 handles lots of apps, could have many procs if they are busy.
 

  #
 

  nrpe_procs_warn: 800
 

- nrpe_procs_crit: 900
 

- 

- nagios_Check_Services:
 

-   swap: false
 

- 

- db_backup_dir: ['/backups']
 

+ num_cpus: 24
 

  # Should be 0.25 of memory
 

  shared_buffers: "16GB"
 

- # Should be 0.80 of memory
 

- effective_cache_size: "50GB"
 

- max_stack_depth: "6MB"
 

+ vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+26 -30 
@@ -1,42 +1,38 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ #
 

+ # We should narrow this down at some point
 

+ #
 

+ custom_rules: ['-A INPUT -p tcp -m tcp --dport 5432 -j ACCEPT']
 

+ # This is a generic list, monitored by collectd
 

+ databases:
 

+   - askfedora
 

+   - blockerbugs
 

+   - bodhi
 

+   - elections
 

+   - fedocal
 

+   - kerneltest
 

+   - mailman
 

+   - mirrormanager
 

+   - notifications
 

+   - nuancier_lite
 

+   - tahrir
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

+ effective_cache_size: "12GB"
 

  eth0_ip: 10.3.166.32
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ gw: 10.3.166.254
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

- vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- # This is a generic list, monitored by collectd
 

- databases:
 

- - askfedora
 

- - blockerbugs
 

- - bodhi
 

- - elections
 

- - fedocal
 

- - kerneltest
 

- - mailman
 

- - mirrormanager
 

- - notifications
 

- - nuancier_lite
 

- - tahrir
 

- 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 500000
 

  mem_size: 16384
 

- num_cpus: 4
 

- 

- #
 

- # We should narrow this down at some point
 

- #
 

- custom_rules: [ '-A INPUT -p tcp -m tcp --dport 5432 -j ACCEPT' ]
 

- 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 900
 

  #
 

  # db01 handles lots of apps, could have many procs if they are busy.
 

  #
 

  nrpe_procs_warn: 800
 

- nrpe_procs_crit: 900
 

+ num_cpus: 4
 

  shared_buffers: "4GB"
 

- effective_cache_size: "12GB"
 

+ vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+18 -24 
@@ -1,34 +1,28 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.163.44
 

- vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - mysql
 

- - fpo-mediawiki
 

- 

+   - mysql
 

+   - fpo-mediawiki
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

  # This is a more strict list of db to backup to /backups
 

  dbs_to_backup:
 

- - fpo-mediawiki
 

- 

- mariadb_root_password: "{{ db03_mysql_root_password }}"
 

- 

+   - fpo-mediawiki
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.163.44
 

+ extra_enablerepos: ''
 

+ gw: 10.3.163.254
 

+ # kernel SHMMAX value
 

+ kernel_shmmax: 68719476736
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

  # These are normally group variables, but in this case db servers are often different
 

  lvm_size: 300000
 

+ mariadb_root_password: "{{ db03_mysql_root_password }}"
 

  mem_size: 8192
 

+ nm: 255.255.255.0
 

  num_cpus: 2
 

- tcp_ports: [ 5432, 443, 3306 ]
 

- 

- # kernel SHMMAX value
 

- kernel_shmmax: 68719476736
 

- 

- db_backup_dir: ['/backups']
 

  shared_buffers: "4GB"
 

- extra_enablerepos: ''
 

+ tcp_ports: [5432, 443, 3306]
 

+ vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+17 -23 
@@ -1,32 +1,26 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.166.35
 

- vmhost: vmhost-x86-06.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  # This is a generic list, monitored by collectd
 

  databases:
 

- - postgres
 

- 

+   - postgres
 

+ datacenter: iad2
 

+ db_backup_dir: ['/backups']
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.166.35
 

+ extra_enablerepos: ''
 

+ gw: 10.3.166.254
 

+ # kernel SHMMAX value
 

+ kernel_shmmax: 68719476736
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ # These are normally group variables, but in this case db servers are often different
 

+ lvm_size: 300000
 

  # This is a more strict list, to be made publicly available
 

  #dbs_to_backup:
 

- 

  mariadb_root_password: "{{ db03_stg_mysql_root_password }}"
 

- 

- # These are normally group variables, but in this case db servers are often different
 

- lvm_size: 300000
 

  mem_size: 8192
 

+ nm: 255.255.255.0
 

  num_cpus: 2
 

- tcp_ports: [ 5432, 443, 3306 ]
 

- 

- # kernel SHMMAX value
 

- kernel_shmmax: 68719476736
 

- 

- db_backup_dir: ['/backups']
 

  shared_buffers: "4GB"
 

- extra_enablerepos: ''
 

+ tcp_ports: [5432, 443, 3306]
 

+ vmhost: vmhost-x86-06.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+8 -8 
@@ -1,12 +1,12 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.109
 

- vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

- datacenter: iad2
 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33
 

+ nm: 255.255.255.0
 

  sar_script_user: root
 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -6 
@@ -1,10 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.62
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-08.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+27 -37 
@@ -1,53 +1,43 @@
 

  ---
 

+ br0_ipv4: 67.219.144.66
 

+ br0_ipv4_gw: 67.219.144.65
 

+ br0_ipv4_nm: 29
 

+ br0_ipv6: "2604:1580:fe00:0:dead:beef:cafe:fe01"
 

+ br0_ipv6_gw: "2604:1580:fe00::1"
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: dedicatedsolutions
 

- virthost: true
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

- postfix_group: vpn
 

- vpn: true
 

- 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

- 

  dns_search1: "vpn.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 67.219.144.66
 

- br0_ipv4_nm: 29
 

- br0_ipv4_gw: 67.219.144.65
 

- 

  has_ipv6: yes
 

- br0_ipv6: "2604:1580:fe00:0:dead:beef:cafe:fe01"
 

- br0_ipv6_gw: "2604:1580:fe00::1"
 

- 

  mac1: d8:d3:85:b8:d9:00
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       - "{{ br0_ipv6 }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

-       gateway6: "{{ br0_ipv6_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+         - "{{ br0_ipv6 }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+       gateway6: "{{ br0_ipv6_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-      

\ No newline at end of file
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: vpn
 

+ virthost: true
 

+ vpn: true

file modified
+13 -20 
@@ -1,27 +1,20 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.34
 

  eth0_ip: 10.3.163.49
 

- datacenter: iad2
 

- 

- 

- vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ gw: 10.3.163.254
 

  ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- 

- tcp_ports: [80, 443, 873]
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- mem_size: 16384
 

- max_mem_size: 20480
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

  lvm_size: 20000
 

+ max_mem_size: 20480
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

  num_cpus: 8
 

- 

- vpn: false
 

- 

  public_hostname: dl-iad01.fedoraproject.org
 

+ tcp_ports: [80, 443, 873]
 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+13 -20 
@@ -1,28 +1,21 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.34
 

  eth0_ip: 10.3.163.50
 

- datacenter: iad2
 

- 

- 

- vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ gw: 10.3.163.254
 

  ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ lvm_size: 20000
 

  main_bridge: br0
 

- 

- tcp_ports: [80, 443, 873]
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- mem_size: 16384
 

  max_mem_size: 20480
 

- lvm_size: 20000
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

  num_cpus: 8
 

- 

- vpn: false
 

- 

  public_hostname: dl-iad01.fedoraproject.org
 

+ tcp_ports: [80, 443, 873]
 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+13 -20 
@@ -1,28 +1,21 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.34
 

  eth0_ip: 10.3.163.51
 

- datacenter: iad2
 

- 

- 

- vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ gw: 10.3.163.254
 

  ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ lvm_size: 20000
 

  main_bridge: br0
 

- 

- tcp_ports: [80, 443, 873]
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- mem_size: 16384
 

  max_mem_size: 20480
 

- lvm_size: 20000
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

  num_cpus: 8
 

- 

- vpn: false
 

- 

  public_hostname: dl-iad01.fedoraproject.org
 

+ tcp_ports: [80, 443, 873]
 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+13 -20 
@@ -1,28 +1,21 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.34
 

  eth0_ip: 10.3.163.85
 

- datacenter: iad2
 

- 

- 

- vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ gw: 10.3.163.254
 

  ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ lvm_size: 20000
 

  main_bridge: br0
 

- 

- tcp_ports: [80, 443, 873]
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- mem_size: 16384
 

  max_mem_size: 20480
 

- lvm_size: 20000
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

  num_cpus: 8
 

- 

- vpn: false
 

- 

  public_hostname: dl-iad01.fedoraproject.org
 

+ tcp_ports: [80, 443, 873]
 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+13 -20 
@@ -1,28 +1,21 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.34
 

  eth0_ip: 10.3.163.84
 

- datacenter: iad2
 

- 

- 

- vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ gw: 10.3.163.254
 

  ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ lvm_size: 20000
 

  main_bridge: br0
 

- 

- tcp_ports: [80, 443, 873]
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- mem_size: 16384
 

  max_mem_size: 20480
 

- lvm_size: 20000
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

  num_cpus: 8
 

- 

- vpn: false
 

- 

  public_hostname: dl-iad01.fedoraproject.org
 

+ tcp_ports: [80, 443, 873]
 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+18 -28 
@@ -1,36 +1,26 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 8.43.85.254
 

+ datacenter: rdu-cc
 

  dns: 8.8.8.8
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- vmhost: virthost-cc-rdu03.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 8.43.85.72
 

- eth0_nm: 255.255.255.0
 

- 

- has_ipv6: yes
 

  eth0_ipv6: "2620:52:3:1:dead:beef:cafe:fed1"
 

  eth0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

- datacenter: rdu-cc
 

- postfix_group: vpn
 

- vpn: true
 

- 

- tcp_ports: [80, 443, 873]
 

- rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- mem_size: 16384
 

- max_mem_size: 20480
 

+ eth0_nm: 255.255.255.0
 

+ gw: 8.43.85.254
 

+ has_ipv6: yes
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

  lvm_size: 20000
 

- num_cpus: 8
 

- 

  mac_address: "52:54:00:30:a6:43"
 

- 

+ max_mem_size: 20480
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

+ postfix_group: vpn
 

  public_hostname: download-cc-rdu01.fedoraproject.org
 

+ rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

+ tcp_ports: [80, 443, 873]
 

+ vmhost: virthost-cc-rdu03.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+36 -47 
@@ -1,58 +1,47 @@
 

  ---
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- vmhost: ibiblio01.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

- eth0_ipv4: 152.19.134.145
 

- eth0_ipv4_nm: 25
 

- eth0_ipv4_gw: 152.19.134.129
 

- has_ipv6: yes
 

- eth0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fed6"
 

- eth0_ipv6_nm: 104
 

- eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

- 

  datacenter: ibiblio
 

- postfix_group: vpn
 

- vpn: true
 

- 

- tcp_ports: [80, 443, 873]
 

- rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- mem_size: 4096
 

- max_mem_size: 20480
 

- lvm_size: 20000
 

- num_cpus: 8
 

- 

- public_hostname: download-ib01.fedoraproject.org
 

- 

  dns1: 152.2.21.1
 

  dns2: 152.2.253.100
 

- 

  dns_search1: vpn.fedoraproject.org
 

  dns_search2: fedoraproject.org
 

- 

+ eth0_ipv4: 152.19.134.145
 

+ eth0_ipv4_gw: 152.19.134.129
 

+ eth0_ipv4_nm: 25
 

+ eth0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fed6"
 

+ eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

+ eth0_ipv6_nm: 104
 

+ has_ipv6: yes
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

+ lvm_size: 20000
 

+ max_mem_size: 20480
 

+ mem_size: 4096
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ ansible_default_ipv4.macaddress }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     type: ethernet
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

+ postfix_group: vpn
 

+ public_hostname: download-ib01.fedoraproject.org
 

+ rsyncd_conf: "rsyncd.conf.download-{{ datacenter }}"
 

+ tcp_ports: [80, 443, 873]
 

+ vmhost: ibiblio01.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+43 -54 
@@ -1,66 +1,55 @@
 

  ---
 

  datacenter: rdu
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- postfix_group: vpn
 

- vpn: true
 

- 

- public_ip: 209.132.190.4
 

- 

- nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   ping: true
 

- 

- public_hostname: download-rdu01.fedoraproject.org
 

- 

  dns1: 172.31.2.24
 

- 

  dns_search1: "vpn.fedoraproject.org"
 

  dns_search2: "rdu2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 172.31.2.31
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 172.31.2.254
 

+ eth0_ipv4_nm: 24
 

  eth1_ipv4: 172.31.1.1
 

- eth1_ipv4_nm: 24
 

  eth1_ipv4_gw: 172.31.1.254
 

- 

+ eth1_ipv4_nm: 24
 

+ has_ipv4: yes
 

  mac0: e4:1f:13:6a:e3:a0
 

- 

+ nagios_Check_Services:
 

+   mail: false
 

+   nrpe: false
 

+   ping: true
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     - "{{ dns_search3 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   state: down
 

-   type: ethernet
 

-   ip:
 

-     address:
 

-     - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

-     gateway4: "{{ eth1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     - "{{ dns_search3 }}"
 

-     dhcp4: no
 

-     auto6: no
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ eth0_mac }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - ip:
 

+       address:
 

+         - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth1_ipv4_gw }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: vpn
 

+ public_hostname: download-rdu01.fedoraproject.org
 

+ public_ip: 209.132.190.4
 

+ vpn: true

file modified
+10 -12 
@@ -1,19 +1,17 @@
 

  ---
 

- tcp_ports: [22]
 

- 

+ ansible_become: true
 

+ ansible_become_method: sudo
 

+ ansible_become_user: root
 

+ ansible_ssh_user: centos
 

  datacenter: aws
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

- 

- ansible_ssh_user: centos
 

- ansible_become: true
 

- ansible_become_user: root
 

- ansible_become_method: sudo
 

+   sshd: false
 

+   swap: false
 

+ tcp_ports: [22]

file modified
+11 -13 
@@ -1,20 +1,18 @@
 

  ---
 

- tcp_ports: [22]
 

- 

+ ansible_become: true
 

+ ansible_become_method: sudo
 

+ ansible_become_user: root
 

+ ansible_ssh_user: centos
 

+ baseiptables: false
 

  datacenter: aws
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

- 

- ansible_ssh_user: centos
 

- ansible_become: true
 

- ansible_become_user: root
 

- ansible_become_method: sudo
 

- baseiptables: false
 

+   sshd: false
 

+   swap: false
 

+ tcp_ports: [22]

inventory/host_vars/f34-test.fedorainfracloud.org inventory/host_vars/f32-test.fedorainfracloud.org
file renamed
+1 -1 
@@ -1,2 +1,2 @@
 

  datacenter: aws
 

- inventory_hostname: "f32-test.fedorainfracloud.org"
 

+ inventory_hostname: "f34-test.fedorainfracloud.org"

file modified
+5 -7 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ eth0_ip: 10.3.163.52
 

+ gw: 10.3.163.254
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- datacenter: iad2
 

- 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

  volgroup: /dev/vg_guests
 

- 

- eth0_ip: 10.3.163.52

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.97
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.98
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ eth0_ip: 10.3.163.53
 

+ gw: 10.3.163.254
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- eth0_ip: 10.3.163.53
 

+ volgroup: /dev/vg_guests

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ eth0_ip: 10.3.166.39
 

+ gw: 10.3.166.254
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- eth0_ip: 10.3.166.39
 

+ volgroup: /dev/vg_guests

file modified
+6 -6 
@@ -1,10 +1,10 @@
 

  ---
 

- datacenter: host1plus
 

- virthost: true
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

  br0_ip: 5.175.150.48
 

- br0_nm: 255.255.255.240
 

- has_ipv6: yes
 

  br0_ipv6: "2a00:d1a0:1::130"
 

  br0_ipv6_gw: "2a00:d1a0:1::1"
 

+ br0_nm: 255.255.255.240
 

+ datacenter: host1plus
 

+ has_ipv6: yes
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ virthost: true

file modified
+35 -42 
@@ -1,49 +1,42 @@
 

  ---
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

+ br0_ipv4: 152.19.134.138
 

+ br0_ipv4_gw: 152.19.134.129
 

+ br0_ipv4_nm: 25
 

+ br0_ipv6: 2600:2701:4000:5211:dead:beef:00fe:fe01
 

+ br0_ipv6_gw: 2600:2701:4000:5211::1
 

+ br0_ipv6_nm: 104
 

+ br0_port0_mac: '{{ mac0 }}'
 

  datacenter: ibiblio
 

- 

- postfix_group: vpn
 

- vpn: true
 

- 

  dns1: 8.8.8.8
 

- 

  dns_search1: fedoraproject.org
 

  dns_search2: vpn.fedoraproject.org
 

- 

- has_ipv4: yes
 

- br0_ipv4: 152.19.134.138
 

- br0_ipv4_nm: 25
 

- br0_ipv4_gw: 152.19.134.129
 

- has_ipv6: yes
 

- br0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fe01"
 

- br0_ipv6_nm: 104
 

- br0_ipv6_gw: "2600:2701:4000:5211::1"
 

- 

+ has_ipv4: true
 

+ has_ipv6: true
 

  mac0: 24:6e:96:69:3b:58
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

- - name: br0
 

-   state: up
 

-   type: bridge
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-     - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

-     gateway4: "{{ br0_ipv4_gw }}"
 

-     gateway6: "{{ br0_ipv6_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: br0-port0
 

-   state: up
 

-   type: ethernet
 

-   master: br0
 

-   mac: "{{ br0_port0_mac }}"
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+         - '{{ br0_ipv4 }}/{{ br0_ipv4_nm }}'
 

+         - '{{ br0_ipv6 }}/{{ br0_ipv6_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+         - '{{ dns1 }}'
 

+       dns_search:
 

+         - '{{ dns_search1 }}'
 

+         - '{{ dns_search2 }}'
 

+       gateway4: '{{ br0_ipv4_gw }}'
 

+       gateway6: '{{ br0_ipv6_gw }}'
 

+     name: br0
 

+     state: up
 

+     type: bridge
 

+   - mac: '{{ br0_port0_mac }}'
 

+     master: br0
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: vpn
 

+ vpn: true

file modified
+35 -42 
@@ -1,49 +1,42 @@
 

  ---
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

+ br0_ipv4: 152.19.134.137
 

+ br0_ipv4_gw: 152.19.134.129
 

+ br0_ipv4_nm: 25
 

+ br0_ipv6: 2600:2701:4000:5211:dead:beef:00fe:fe05/104
 

+ br0_ipv6_gw: 2600:2701:4000:5211::1
 

+ br0_ipv6_nm: 104
 

+ br0_port0_mac: '{{ mac0 }}'
 

  datacenter: ibiblio
 

- 

- postfix_group: vpn
 

- vpn: true
 

- 

  dns1: 152.2.21.1
 

- 

  dns_search1: fedoraproject.org
 

  dns_search2: vpn.fedoraproject.org
 

- 

- has_ipv4: yes
 

- br0_ipv4: 152.19.134.137
 

- br0_ipv4_nm: 25
 

- br0_ipv4_gw: 152.19.134.129
 

- has_ipv6: yes
 

- br0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fe05/104"
 

- br0_ipv6_nm: 104
 

- br0_ipv6_gw: "2600:2701:4000:5211::1"
 

- 

+ has_ipv4: true
 

+ has_ipv6: true
 

  mac0: ec:f4:bb:e1:58:22
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

- - name: br0
 

-   state: up
 

-   type: bridge
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-     - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

-     gateway4: "{{ br0_ipv4_gw }}"
 

-     gateway6: "{{ br0_ipv6_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: br0-port0
 

-   state: up
 

-   type: ethernet
 

-   master: br0
 

-   mac: "{{ br0_port0_mac }}"
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+         - '{{ br0_ipv4 }}/{{ br0_ipv4_nm }}'
 

+         - '{{ br0_ipv6 }}/{{ br0_ipv6_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+         - '{{ dns1 }}'
 

+       dns_search:
 

+         - '{{ dns_search1 }}'
 

+         - '{{ dns_search2 }}'
 

+       gateway4: '{{ br0_ipv4_gw }}'
 

+       gateway6: '{{ br0_ipv6_gw }}'
 

+     name: br0
 

+     state: up
 

+     type: bridge
 

+   - mac: '{{ br0_port0_mac }}'
 

+     master: br0
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: vpn
 

+ vpn: true

file modified
+6 -7 
@@ -1,15 +1,14 @@
 

  ---
 

  ansible_ifcfg_blocklist: true
 

- tcp_ports: [22, 80, 443]
 

- 

  datacenter: aws
 

  nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

-   swap: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

    ping: false
 

    raid: false
 

+   sshd: false
 

+   swap: false
 

+ tcp_ports: [22, 80, 443]

file modified
+35 -42 
@@ -1,49 +1,42 @@
 

  ---
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

+ br0_ipv4: 85.236.55.4
 

+ br0_ipv4_gw: 152.19.134.129
 

+ br0_ipv4_nm: 28
 

+ br0_ipv6: 2001:4178:2:1269::10
 

+ br0_ipv6_gw: 2001:4178:2:1269::1
 

+ br0_port0_mac: '{{ mac0 }}'
 

  datacenter: internetx
 

- 

- postfix_group: vpn
 

- vpn: true
 

- virthost: true
 

- 

  dns1: 8.8.8.8
 

- 

  dns_search1: fedoraproject.org
 

  dns_search2: vpn.fedoraproject.org
 

- 

- has_ipv4: yes
 

- br0_ipv4: 85.236.55.4
 

- br0_ipv4_nm: 28
 

- br0_ipv4_gw: 152.19.134.129
 

- has_ipv6: yes
 

- br0_ipv6: "2001:4178:2:1269::10"
 

- br0_ipv6_gw: "2001:4178:2:1269::1"
 

- 

+ has_ipv4: true
 

+ has_ipv6: true
 

  mac0: 00:26:b9:89:62:5e
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

- - name: br0
 

-   state: up
 

-   type: bridge
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-     - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

-     gateway4: "{{ br0_ipv4_gw }}"
 

-     gateway6: "{{ br0_ipv6_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: br0-port0
 

-   state: up
 

-   type: ethernet
 

-   master: br0
 

-   mac: "{{ br0_port0_mac }}"
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+         - '{{ br0_ipv4 }}/{{ br0_ipv4_nm }}'
 

+         - '{{ br0_ipv6 }}/{{ br0_ipv6_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+         - '{{ dns1 }}'
 

+       dns_search:
 

+         - '{{ dns_search1 }}'
 

+         - '{{ dns_search2 }}'
 

+       gateway4: '{{ br0_ipv4_gw }}'
 

+       gateway6: '{{ br0_ipv6_gw }}'
 

+     name: br0
 

+     state: up
 

+     type: bridge
 

+   - mac: '{{ br0_port0_mac }}'
 

+     master: br0
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: vpn
 

+ virthost: true
 

+ vpn: true

file modified
+6 -7 
@@ -1,11 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.54
 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ volgroup: /dev/vg_guests

file modified
+7 -7 
@@ -1,12 +1,12 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.21
 

- vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.166.254
 

  ## REMEMBER ONLY SET THIS TO TRUE WHEN WIPING SYSTEM TO MINIMUM
 

  ipa_initial: false
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -7 
@@ -1,11 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.55
 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ volgroup: /dev/vg_guests

file modified
+7 -7 
@@ -1,12 +1,12 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.63
 

- vmhost: vmhost-x86-02.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.166.254
 

  ## REMEMBER ONLY SET THIS TO TRUE WHEN WIPING SYSTEM TO MINIMUM
 

  ipa_initial: false
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-02.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -7 
@@ -1,11 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.104
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ volgroup: /dev/vg_guests

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.105
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.30
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.106
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+4 -5 
@@ -1,8 +1,7 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.174.254
 

- eth0_ip: 10.3.174.129
 

- dns: 10.3.163.33
 

- 

  datacenter: iad2
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.174.129
 

+ gw: 10.3.174.254
 

+ nm: 255.255.255.0
 

  resolvconf: "resolv.conf/iad2"

file modified
+7 -9 
@@ -1,13 +1,11 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ eth0_ip: 10.3.163.90
 

+ gw: 10.3.163.254
 

+ kerneltest_db_host: db01.iad2.fedoraproject.org
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

- datacenter: iad2
 

- kerneltest_db_host: db01.iad2.fedoraproject.org
 

- 

- eth0_ip: 10.3.163.90
 

+ volgroup: /dev/vg_guests

file modified
+11 -15 
@@ -1,23 +1,19 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.169.104
 

- vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

  fedmsg_koji_instance: primary
 

- 

- koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

+ gw: 10.3.169.254
 

  koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

+ koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

  koji_weburl: "https://koji.fedoraproject.org/koji"
 

- 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  # we need sftp here in order to support the sshfs mount on buildvm-s390x-01
 

  sshd_sftp: true
 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+11 -15 
@@ -1,21 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-kojistg
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.167.64
 

- vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  fedmsg_koji_instance: primary
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

- lvm_size: 1.5t
 

- 

- koji_topurl: "https://kojipkgs.stg.fedoraproject.org/"
 

+ gw: 10.3.167.254
 

  koji_server_url: "https://koji.stg.fedoraproject.org/kojihub"
 

+ koji_topurl: "https://kojipkgs.stg.fedoraproject.org/"
 

  koji_weburl: "https://koji.stg.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-kojistg
 

+ lvm_size: 1.5t
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+11 -14 
@@ -1,20 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.169.105
 

- vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

  fedmsg_koji_instance: primary
 

- 

- koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

+ gw: 10.3.169.254
 

  koji_server_url: "https://koji.fedoraproject.org/kojihub"
 

+ koji_topurl: "https://kojipkgs.fedoraproject.org/"
 

  koji_weburl: "https://koji.fedoraproject.org/koji"
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -13 
@@ -1,19 +1,13 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.3.169.106
 

- 

- vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ gw: 10.3.169.254
 

  ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

- nrpe_procs_warn: 900
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1000
 

- 

+ nrpe_procs_warn: 900
 

  virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -13 
@@ -1,19 +1,13 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.3.169.107
 

- 

- vmhost: bvmhost-x86-05.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ gw: 10.3.169.254
 

  ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

- nrpe_procs_warn: 900
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1000
 

- 

+ nrpe_procs_warn: 900
 

  virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: bvmhost-x86-05.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+12 -18 
@@ -1,26 +1,20 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.39
 

- vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- tcp_ports: [ 80, 443, 514, 6514 ]
 

- udp_ports: [ 514, 25826 ]
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

  lvm_size: 1048576
 

  mem_size: 16384
 

- num_cpus: 16
 

- 

  #host_backup_targets: ['/var/log']
 

- 

  nagios_Check_Services:
 

    swap: false
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ num_cpus: 16
 

+ tcp_ports: [80, 443, 514, 6514]
 

+ udp_ports: [514, 25826]
 

+ vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+8 -9 
@@ -1,16 +1,15 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.57
 

- vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  lvm_size: 750000
 

- 

+ nm: 255.255.255.0
 

+ sar_output_file: mailinglists.json
 

  # GDPR SAR variables
 

  sar_script: /srv/webui/bin/mailman-sar.py
 

  sar_script_user: apache
 

- sar_output_file: mailinglists.json
 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -6 
@@ -1,10 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.40
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-03.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -9 
@@ -1,13 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 10.3.169.108
 

- 

- volgroup: /dev/vg_guests
 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -7 
@@ -1,11 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.167.30
 

+ gw: 10.3.167.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -9 
@@ -1,13 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 10.3.169.109
 

- 

- volgroup: /dev/vg_guests
 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -7 
@@ -1,11 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.167.31
 

+ gw: 10.3.167.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: bvmhost-x86-03.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ eth0_ip: 10.3.163.59
 

+ gw: 10.3.163.254
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- eth0_ip: 10.3.163.59
 

+ volgroup: /dev/vg_guests

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ eth0_ip: 10.3.166.41
 

+ gw: 10.3.166.254
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-05.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- eth0_ip: 10.3.166.41
 

+ volgroup: /dev/vg_guests

file modified
+10 -11 
@@ -1,17 +1,16 @@
 

  ---
 

- lvm_size: 20000
 

- num_cpus: 2
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.60
 

- vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

- mem_size: 16384
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ lvm_size: 20000
 

  max_mem_size: 16384
 

- 

+ mem_size: 16384
 

  # nfs mount options, overrides the all/default
 

  nfs_mount_opts: "ro,hard,bg,intr,nodev,nosuid,nfsvers=3"
 

+ nm: 255.255.255.0
 

+ num_cpus: 2
 

+ vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -11 
@@ -1,17 +1,16 @@
 

  ---
 

- lvm_size: 20000
 

- num_cpus: 2
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.25
 

- vmhost: vmhost-x86-10.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- mem_size: 16384
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ lvm_size: 20000
 

  max_mem_size: 16384
 

- 

+ mem_size: 16384
 

  # nfs mount options, overrides the all/default
 

  nfs_mount_opts: "ro,hard,bg,intr,nodev,nosuid,nfsvers=3"
 

+ nm: 255.255.255.0
 

+ num_cpus: 2
 

+ vmhost: vmhost-x86-10.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+8 -8 
@@ -1,13 +1,13 @@
 

  ---
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.163.62
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  lvm_size: 20000
 

  mem_size: 40960
 

- num_cpus: 4
 

  nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.163.62
 

+ num_cpus: 4
 

  vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+9 -9 
@@ -1,14 +1,14 @@
 

  ---
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.166.26
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  lvm_size: 20000
 

- mem_size: 40960
 

  max_mem_size: 65536
 

- num_cpus: 4
 

+ mem_size: 40960
 

  nm: 255.255.255.0
 

- gw: 10.3.166.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.166.26
 

+ num_cpus: 4
 

  vmhost: vmhost-x86-09.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+8 -8 
@@ -1,13 +1,13 @@
 

  ---
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.163.96
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  lvm_size: 20000
 

  mem_size: 40960
 

- num_cpus: 4
 

  nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.163.96
 

+ num_cpus: 4
 

  vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+17 -20 
@@ -1,25 +1,22 @@
 

  ---
 

- lvm_size: 20000
 

- mem_size: 8192
 

- num_cpus: 2
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

+ csi_purpose: MirrorManager Checkin endpoint
 

+ csi_relationship: |
 

+   Has a very restricted set of in/out communication allowed, due to
 

+   special circumstances. For details, ask puiterwijk.
 

+ csi_security_category: High
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.91
 

- vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- tcp_ports: [ 80, 443 ]
 

  fedmsg_certs: []
 

- 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ lvm_size: 20000
 

+ mem_size: 8192
 

  mm2_checkin: true
 

- 

- csi_security_category: High
 

- csi_primary_contact: Fedora Admins - admin@fedoraproject.org
 

- csi_purpose: MirrorManager Checkin endpoint
 

- csi_relationship: |
 

-     Has a very restricted set of in/out communication allowed, due to
 

-     special circumstances. For details, ask puiterwijk.
 

+ nm: 255.255.255.0
 

+ num_cpus: 2
 

+ tcp_ports: [80, 443]
 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+9 -10 
@@ -1,15 +1,14 @@
 

  ---
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.163.61
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  lvm_size: 20000
 

  mem_size: 8192
 

- num_cpus: 2
 

  nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.163.61
 

+ num_cpus: 2
 

+ tcp_ports: [80, 443]
 

  vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- tcp_ports: [ 80, 443 ]
 

+ volgroup: /dev/vg_guests

file modified
+9 -10 
@@ -1,15 +1,14 @@
 

  ---
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.166.27
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  lvm_size: 20000
 

  mem_size: 8192
 

- num_cpus: 2
 

  nm: 255.255.255.0
 

- gw: 10.3.166.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.166.27
 

+ num_cpus: 2
 

+ tcp_ports: [80, 443]
 

  vmhost: vmhost-x86-08.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- tcp_ports: [ 80, 443 ]
 

+ volgroup: /dev/vg_guests

file modified
+10 -18 
@@ -1,27 +1,19 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

+ custom_rules: ['-A INPUT -p tcp -m tcp -s 192.168.1.20 --dport 5666 -j ACCEPT']
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

  eth0_ip: 10.3.163.10
 

- vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- 

- nm: 255.255.255.0
 

  gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- 

- datacenter: iad2
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

  ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

  # Define resources for this group of hosts here.
 

  lvm_size: 20000
 

  mem_size: 8192
 

+ nagios_location: 'iad2_internal'
 

+ nagios_srcdir: 'nagios'
 

+ nm: 255.255.255.0
 

  num_cpus: 4
 

- 

  tcp_ports: ['22', '80', '443', '67', '68']
 

- udp_ports: ['67','68','69']
 

- custom_rules: [
 

-     '-A INPUT -p tcp -m tcp -s 192.168.1.20 --dport 5666 -j ACCEPT',
 

- ]
 

- 

- nagios_srcdir: 'nagios'
 

- nagios_location: 'iad2_internal'
 

+ udp_ports: ['67', '68', '69']
 

+ vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+41 -48 
@@ -1,61 +1,54 @@
 

  ---
 

- eth0_ipv4_nm: 25
 

- eth0_ipv4_gw: 152.19.134.129
 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ipv4: 152.19.134.192
 

- has_ipv6: yes
 

- eth0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fed9"
 

- eth0_ipv6_nm: 104
 

- eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

- postfix_maincf: "postfix/main.cf/main.cf.noc02.fedoraproject.org"
 

- postfix_mastercf: "postfix/master.cf/master.cf.noc02.fedoraproject.org"
 

- postfix_transport_filename: transports.noc02.fedoraproject.org
 

+ csi_relationship: |
 

+   noc02 is the external monitoring nagios instance.
 

  

+   * This host relies on:
 

+   - the virthost it's hosted on (ibiblio04.fedoraproject.org)
 

+   - FAS to authenticate users
 

+   - VPN connectivity
 

+ 

+   * Things that rely on this host:
 

+   - Infrastructure team to be awair of the infra status. operations control process will be affected
 

+   - if this host is down, it will be difficult to know the status of infra and provide reactive/proactive support
 

+ datacenter: ibiblio
 

  dns1: 152.2.21.1
 

  dns2: 152.2.253.100
 

- 

  dns_search1: vpn.fedoraproject.org
 

  dns_search2: fedoraproject.org
 

- 

+ eth0_ipv4: 152.19.134.192
 

+ eth0_ipv4_gw: 152.19.134.129
 

+ eth0_ipv4_nm: 25
 

+ eth0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fed9"
 

+ eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

+ eth0_ipv6_nm: 104
 

+ has_ipv6: yes
 

+ ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

+ nagios_location: 'external'
 

+ nagios_srcdir: 'nagios'
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ ansible_default_ipv4.macaddress }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- vmhost: ibiblio01.fedoraproject.org
 

- datacenter: ibiblio
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     type: ethernet
 

  postfix_group: vpn
 

+ postfix_maincf: "postfix/main.cf/main.cf.noc02.fedoraproject.org"
 

+ postfix_mastercf: "postfix/master.cf/master.cf.noc02.fedoraproject.org"
 

+ postfix_transport_filename: transports.noc02.fedoraproject.org
 

+ vmhost: ibiblio01.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true
 

- csi_relationship: |
 

-     noc02 is the external monitoring nagios instance.
 

- 

-     * This host relies on:
 

-     - the virthost it's hosted on (ibiblio04.fedoraproject.org)
 

-     - FAS to authenticate users
 

-     - VPN connectivity
 

- 

-     * Things that rely on this host:
 

-     - Infrastructure team to be awair of the infra status. operations control process will be affected
 

-     - if this host is down, it will be difficult to know the status of infra and provide reactive/proactive support
 

- 

- nagios_srcdir: 'nagios'
 

- nagios_location: 'external'
 

-

file modified
+5 -9 
@@ -1,14 +1,10 @@
 

  ---
 

- nm:  255.255.255.0
 

- gw:  10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.3.163.63
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-27
 

+ gw: 10.3.163.254
 

  ks_repo: http://10.3.163.35/pub/archive/fedora/linux/releases/27/Server/x86_64/os/
 

- 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-27
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+5 -9 
@@ -1,14 +1,10 @@
 

  ---
 

- nm:  255.255.255.0
 

- gw:  10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.3.163.107
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ gw: 10.3.163.254
 

  ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+11 -13 
@@ -1,20 +1,18 @@
 

  ---
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.163.64
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  lvm_size: 20000
 

  mem_size: 8192
 

- num_cpus: 2
 

  nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.163.64
 

- vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- tcp_ports: [ 80, 443 ]
 

- 

+ num_cpus: 2
 

+ sar_output_file: fmn.json
 

  # GDPR SAR variables
 

  sar_script: /usr/local/bin/fmn-sar.py
 

  sar_script_user: apache
 

- sar_output_file: fmn.json
 

+ tcp_ports: [80, 443]
 

+ vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+11 -13 
@@ -1,20 +1,18 @@
 

  ---
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.163.108
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  lvm_size: 20000
 

  mem_size: 8192
 

- num_cpus: 2
 

  nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.163.108
 

- vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- tcp_ports: [ 80, 443 ]
 

- 

+ num_cpus: 2
 

+ sar_output_file: fmn.json
 

  # GDPR SAR variables
 

  sar_script: /usr/local/bin/fmn-sar.py
 

  sar_script_user: apache
 

- sar_output_file: fmn.json
 

+ tcp_ports: [80, 443]
 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+5 -10 
@@ -1,15 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ gw: 10.3.163.254
 

  ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ volgroup: /dev/vg_guests

file modified
+40 -50 
@@ -1,61 +1,51 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

- 

- eth0_ipv4: 152.19.134.139
 

- eth0_ipv4_nm: 25
 

- eth0_ipv4_gw: 152.19.134.129
 

- has_ipv6: yes
 

- eth0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fed7"
 

- eth0_ipv6_nm: 104
 

- eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

- 

- postfix_group: vpn
 

- vpn: true
 

- 

- vmhost: ibiblio05.fedoraproject.org
 

+ csi_relationship: |2
 

+   ns02 is a master dns server.
 

+   It serves about every domain under fedoraproject, fedo*, as well as others, both forward and reverse.
 

+ 

+   * This host relies on:
 

+   - The virthost it's hosted on (ibiblio05.fedoraproject.org)
 

+   - batcave for dns git and keys
 

+   - connectivity to maxmind to create geoIP dns acl
 

+ 

+   * Things that rely on this host:
 

+   - The Internet/Community to resolve everything related to fedora and reverse-IP for allocated subnets
 

+   - If this host is down, dns queries will slow down by the portion of this host to the total name servers responsible for the same domain set.
 

+   - secodary/slave dns servers
 

  datacenter: ibiblio
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

  dns1: 152.2.21.1
 

  dns2: 152.2.253.100
 

- 

  dns_search1: vpn.fedoraproject.org
 

  dns_search2: fedoraproject.org
 

- 

+ eth0_ipv4: 152.19.134.139
 

+ eth0_ipv4_gw: 152.19.134.129
 

+ eth0_ipv4_nm: 25
 

+ eth0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fed7"
 

+ eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

+ eth0_ipv6_nm: 104
 

+ has_ipv6: yes
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ ansible_default_ipv4.macaddress }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- csi_relationship: |
 

- 

-     ns02 is a master dns server.
 

-     It serves about every domain under fedoraproject, fedo*, as well as others, both forward and reverse.
 

- 

-     * This host relies on:
 

-     - The virthost it's hosted on (ibiblio05.fedoraproject.org)
 

-     - batcave for dns git and keys
 

-     - connectivity to maxmind to create geoIP dns acl
 

- 

-     * Things that rely on this host:
 

-     - The Internet/Community to resolve everything related to fedora and reverse-IP for allocated subnets
 

-     - If this host is down, dns queries will slow down by the portion of this host to the total name servers responsible for the same domain set.
 

-     - secodary/slave dns servers
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     type: ethernet
 

+ postfix_group: vpn
 

+ vmhost: ibiblio05.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+5 -10 
@@ -1,15 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.3.163.34
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ gw: 10.3.163.254
 

  ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ volgroup: /dev/vg_guests

file modified
+22 -29 
@@ -1,36 +1,29 @@
 

  ---
 

- nm: 255.255.255.240
 

- gw: 85.236.55.1
 

+ csi_relationship: |2
 

+   ns05 is a master dns server.
 

+   It serves about every domain under fedoraproject, fedo*, as well as others, both forward and reverse.
 

+ 

+   * This host relies on:
 

+   - The virthost it's hosted on (internetx01.fedoraproject.org)
 

+   - batcave for dns git and keys
 

+   - connectivity to maxmind to create geoIP dns acl
 

+ 

+   * Things that rely on this host:
 

+   - The Internet/Community to resolve everything related to fedora and reverse-IP for allocated subnets
 

+   - If this host is down, dns queries will slow down by the portion of this host to the total name servers responsible for the same domain set.
 

+   - secodary/slave dns servers
 

+ datacenter: internetx
 

  dns: 62.116.130.3
 

- 

- volgroup: /dev/vg_Server
 

- 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 85.236.55.10
 

- eth0_nm: 255.255.255.240
 

- has_ipv6: yes
 

  eth0_ipv6: "2001:4178:2:1269:dead:beef:cafe:fed5"
 

  eth0_ipv6_gw: "2001:4178:2:1269::1"
 

- 

+ eth0_nm: 255.255.255.240
 

+ gw: 85.236.55.1
 

+ has_ipv6: yes
 

+ ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

+ nm: 255.255.255.240
 

  postfix_group: vpn
 

- vpn: true
 

- 

  vmhost: internetx01.fedoraproject.org
 

- datacenter: internetx
 

- 

- csi_relationship: |
 

- 

-     ns05 is a master dns server.
 

-     It serves about every domain under fedoraproject, fedo*, as well as others, both forward and reverse.
 

- 

-     * This host relies on:
 

-     - The virthost it's hosted on (internetx01.fedoraproject.org)
 

-     - batcave for dns git and keys
 

-     - connectivity to maxmind to create geoIP dns acl
 

- 

-     * Things that rely on this host:
 

-     - The Internet/Community to resolve everything related to fedora and reverse-IP for allocated subnets
 

-     - If this host is down, dns queries will slow down by the portion of this host to the total name servers responsible for the same domain set.
 

-     - secodary/slave dns servers
 

+ volgroup: /dev/vg_Server
 

+ vpn: true

file modified
+16 -25 
@@ -1,36 +1,27 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 172.31.2.254
 

+ ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q root@bastion13.fedoraproject.org"'
 

+ datacenter: rdu
 

  dns: 8.8.8.8
 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- vmhost: virthost-rdu01.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 172.31.2.24
 

  eth0_nm: 255.255.255.0
 

- 

- public_ip: 209.132.190.1
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: redhat
 

- datacenter: rdu
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q root@bastion13.fedoraproject.org"'
 

- 

+ gw: 172.31.2.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

  nagios_Can_Connect: false
 

- 

  nagios_Check_Services:
 

-   nrpe: false
 

    mail: false
 

+   nrpe: false
 

+   ping: false
 

    sshd: false
 

    swap: false
 

-   ping: false
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ public_ip: 209.132.190.1
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: redhat
 

+ vmhost: virthost-rdu01.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+7 -11 
@@ -1,17 +1,13 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.99
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

+ tcp_ports: [80]
 

  vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ volgroup: /dev/vg_guests
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]

file modified
+7 -11 
@@ -1,17 +1,13 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.100
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

+ tcp_ports: [80]
 

  vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ volgroup: /dev/vg_guests
 

  wsgi_procs: 2
 

  wsgi_threads: 2
 

- 

- tcp_ports: [ 80 ]

file modified
+10 -12 
@@ -1,18 +1,16 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.169.102
 

- vmhost: bvmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  lvm_size: 750g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-x86-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,18 +1,16 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.167.34
 

- vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.167.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  lvm_size: 120g
 

- mem_size: 8192
 

  max_mem_size: 16384
 

+ mem_size: 8192
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,18 +1,16 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.169.119
 

- vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,18 +1,16 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.167.35
 

- vmhost: bvmhost-x86-03.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.167.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  lvm_size: 120g
 

- mem_size: 8192
 

  max_mem_size: 16384
 

+ mem_size: 8192
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-x86-03.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,18 +1,16 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.169.127
 

- vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+32 -44 
@@ -1,60 +1,48 @@
 

  ---
 

- freezes: false
 

- 

  datacenter: iad2
 

- 

- vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- lvm_size: 120g
 

- mem_size: 16384
 

- max_mem_size: 16384
 

- num_cpus: 4
 

- 

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.163.120
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.163.254
 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ eth0_ipv4_nm: 24
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

- 

+ has_ipv4: yes
 

+ lvm_size: 120g
 

  mac0: "{{ ansible_default_ipv4.macaddress }}"
 

- 

- rhcos_ignition_file_url: "http://10.3.163.65/rhcos/controlplane.ign"
 

- rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_install_url: "http://10.3.163.65/rhcos/"
 

- 

- virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

- 

+ max_mem_size: 16384
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/controlplane.ign"
 

+ rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.163.65/rhcos/"
 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+32 -44 
@@ -1,60 +1,48 @@
 

  ---
 

- freezes: false
 

-  

  datacenter: iad2
 

-  

- vmhost: vmhost-x86-05.stg.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- lvm_size: 120g
 

- mem_size: 16384
 

- max_mem_size: 16384
 

- num_cpus: 4
 

-  

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

-  

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

-  

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.166.115
 

+ eth0_ipv4_gw: 10.3.166.254
 

  eth0_ipv4_nm: 24
 

- eth0_ipv4_gw: 10.3.166.254 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

-  

+ has_ipv4: yes
 

+ lvm_size: 120g
 

  mac0: "{{ ansible_default_ipv4.macaddress }}"
 

- 

- rhcos_ignition_file_url: "http://10.3.166.50/rhcos/controlplane.ign"
 

- rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_install_url: "http://10.3.166.50/rhcos/"
 

- 

- virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

-  

+ max_mem_size: 16384
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-  

- vpn: true
 

-  

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ rhcos_ignition_file_url: "http://10.3.166.50/rhcos/controlplane.ign"
 

+ rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.166.50/rhcos/"
 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

+ vmhost: vmhost-x86-05.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+32 -44 
@@ -1,60 +1,48 @@
 

  ---
 

- freezes: false
 

- 

  datacenter: iad2
 

- 

- vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- lvm_size: 120g
 

- mem_size: 16384
 

- max_mem_size: 16384
 

- num_cpus: 4
 

- 

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.163.121
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.163.254
 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ eth0_ipv4_nm: 24
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

- 

+ has_ipv4: yes
 

+ lvm_size: 120g
 

  mac0: "{{ ansible_default_ipv4.macaddress }}"
 

- 

- rhcos_ignition_file_url: "http://10.3.163.65/rhcos/controlplane.ign"
 

- rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_install_url: "http://10.3.163.65/rhcos/"
 

- 

- virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

- 

+ max_mem_size: 16384
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/controlplane.ign"
 

+ rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.163.65/rhcos/"
 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

+ vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+32 -44 
@@ -1,60 +1,48 @@
 

  ---
 

- freezes: false
 

-  

  datacenter: iad2
 

-  

- vmhost: vmhost-x86-06.stg.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- lvm_size: 120g
 

- mem_size: 16384
 

- max_mem_size: 16384
 

- num_cpus: 4
 

-  

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

-  

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

-  

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.166.116
 

+ eth0_ipv4_gw: 10.3.166.254
 

  eth0_ipv4_nm: 24
 

- eth0_ipv4_gw: 10.3.166.254 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

-  

+ has_ipv4: yes
 

+ lvm_size: 120g
 

  mac0: "{{ ansible_default_ipv4.macaddress }}"
 

- 

- rhcos_ignition_file_url: "http://10.3.166.50/rhcos/controlplane.ign"
 

- rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_install_url: "http://10.3.166.50/rhcos/"
 

- 

- virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

-  

+ max_mem_size: 16384
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-  

- vpn: true
 

-  

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ rhcos_ignition_file_url: "http://10.3.166.50/rhcos/controlplane.ign"
 

+ rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.166.50/rhcos/"
 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

+ vmhost: vmhost-x86-06.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+32 -44 
@@ -1,60 +1,48 @@
 

  ---
 

- freezes: false
 

- 

  datacenter: iad2
 

- 

- vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- lvm_size: 120g
 

- mem_size: 16384
 

- max_mem_size: 16384
 

- num_cpus: 4
 

- 

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.163.122
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.163.254
 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ eth0_ipv4_nm: 24
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

- 

+ has_ipv4: yes
 

+ lvm_size: 120g
 

  mac0: "{{ ansible_default_ipv4.macaddress }}"
 

- 

- rhcos_ignition_file_url: "http://10.3.163.65/rhcos/controlplane.ign"
 

- rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_install_url: "http://10.3.163.65/rhcos/"
 

- 

- virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

- 

+ max_mem_size: 16384
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/controlplane.ign"
 

+ rhcos_install_img_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.163.65/rhcos/"
 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

+ vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+32 -44 
@@ -1,60 +1,48 @@
 

  ---
 

- freezes: false
 

-  

  datacenter: iad2
 

-  

- vmhost: vmhost-x86-07.stg.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- lvm_size: 120g
 

- mem_size: 16384
 

- max_mem_size: 16384
 

- num_cpus: 4
 

-  

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

-  

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

-  

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.166.117
 

+ eth0_ipv4_gw: 10.3.166.254
 

  eth0_ipv4_nm: 24
 

- eth0_ipv4_gw: 10.3.166.254 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

-  

+ has_ipv4: yes
 

+ lvm_size: 120g
 

  mac0: "{{ ansible_default_ipv4.macaddress }}"
 

- 

- rhcos_ignition_file_url: "http://10.3.166.50/rhcos/controlplane.ign"
 

- rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_install_url: "http://10.3.166.50/rhcos/"
 

- 

- virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

-  

+ max_mem_size: 16384
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-  

- vpn: true
 

-  

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ rhcos_ignition_file_url: "http://10.3.166.50/rhcos/controlplane.ign"
 

+ rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.166.50/rhcos/"
 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

+ vmhost: vmhost-x86-07.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+7 -12 
@@ -1,18 +1,13 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-iad2
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

- 

  eth0_ip: 10.3.169.130
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-08.iad2.fedoraproject.org
 

- 

- datacenter: iad2
 

- 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-iad2
 

  lvm_size: 200000
 

  mem_size: 65536
 

+ nm: 255.255.255.0
 

  num_cpus: 16
 

+ vmhost: bvmhost-x86-08.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -12 
@@ -1,16 +1,11 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- 

  eth0_ip: 10.3.169.110
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

- 

- datacenter: iad2
 

- 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -10 
@@ -1,14 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- 

  eth0_ip: 10.3.167.36
 

- 

- volgroup: /dev/vg_guests
 

+ gw: 10.3.167.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ volgroup: /dev/vg_guests

file modified
+7 -12 
@@ -1,16 +1,11 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- 

  eth0_ip: 10.3.169.111
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

- 

- datacenter: iad2
 

- 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -10 
@@ -1,14 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- 

  eth0_ip: 10.3.167.37
 

- 

- volgroup: /dev/vg_guests
 

+ gw: 10.3.167.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: bvmhost-x86-02.stg.iad2.fedoraproject.org
 

- 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+41 -55 
@@ -1,78 +1,64 @@
 

  ---
 

- freezes: false
 

- # eth0 is disabled/nothing
 

- # eth1 is active network
 

- # eth2 is disabled/nothing
 

- # NOTE network configuration beyond the scope of linux-system-roles on
 

- # this host is performed by the openqa/worker role
 

- 

  datacenter: iad2
 

- 

- mac1: 00:1b:21:e0:78:b2
 

- mac2: 50:6b:4b:7f:96:30
 

- mac3: 50:6b:4b:7f:96:31
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

- 

  eth0_mac: "{{ mac1 }}"
 

- 

  eth1_ipv4: 10.3.174.61
 

- eth1_ipv4_nm: 24
 

  eth1_ipv4_gw: 10.3.174.254
 

+ eth1_ipv4_nm: 24
 

  eth1_mac: "{{ mac2 }}"
 

- 

  eth2_mac: "{{ mac3 }}"
 

+ freezes: false
 

+ # eth0 is disabled/nothing
 

+ # eth1 is active network
 

+ # eth2 is disabled/nothing
 

+ # NOTE network configuration beyond the scope of linux-system-roles on
 

+ # this host is performed by the openqa/worker role
 

  

+ has_ipv4: yes
 

+ mac1: 00:1b:21:e0:78:b2
 

+ mac2: 50:6b:4b:7f:96:30
 

+ mac3: 50:6b:4b:7f:96:31
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: eth1
 

-   mac: "{{ eth1_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

-     gateway4: "{{ eth1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth2
 

-   mac: "{{ eth2_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- 

- nrpe_procs_warn: 250
 

+   - autoconnect: no
 

+     mac: "{{ eth0_mac }}"
 

+     name: eth0
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth1_ipv4_gw }}"
 

+     mac: "{{ eth1_mac }}"
 

+     name: eth1
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ eth2_mac }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

  nrpe_procs_crit: 300
 

- 

- sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

- 

+ nrpe_procs_warn: 250
 

+ # has an HW RNG, so let's have rngd
 

+ openqa_rngd: true
 

  openqa_tap_iface: eth1
 

- 

  # this is a powerful machine, can handle more openQA workers
 

  openqa_workers: 15
 

+ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

  # firewall ports for server->worker websockets connections
 

  # this port is 'QEMUPORT plus 1'
 

  # QEMUPORT is:
 

  # $ENV{QEMUPORT} = ($options{instance}) * 10 + 20002;
 

  # so for worker 1 it's 20012, for worker 2 it's 20022, etc etc
 

  tcp_ports: ['20013', '20023', '20033', '20043', '20053', '20063', '20073', '20083', '20093', '20103', '20113', '20123', '20133', '20143', '20153']
 

- 

- # has an HW RNG, so let's have rngd
 

- openqa_rngd: true

file modified
+41 -55 
@@ -1,78 +1,64 @@
 

  ---
 

- freezes: false
 

- # eth0 is disabled/nothing
 

- # eth1 is active network
 

- # eth2 is disabled/nothing
 

- # NOTE network configuration beyond the scope of linux-system-roles on
 

- # this host is performed by the openqa/worker role
 

- 

  datacenter: iad2
 

- 

- mac1: 00:1b:21:e0:6a:72
 

- mac2: 50:6b:4b:7f:a8:b0
 

- mac3: 50:6b:4b:7f:a8:b1
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

- 

  eth0_mac: "{{ mac1 }}"
 

- 

  eth1_ipv4: 10.3.174.62
 

- eth1_ipv4_nm: 24
 

  eth1_ipv4_gw: 10.3.174.254
 

+ eth1_ipv4_nm: 24
 

  eth1_mac: "{{ mac2 }}"
 

- 

  eth2_mac: "{{ mac3 }}"
 

+ freezes: false
 

+ # eth0 is disabled/nothing
 

+ # eth1 is active network
 

+ # eth2 is disabled/nothing
 

+ # NOTE network configuration beyond the scope of linux-system-roles on
 

+ # this host is performed by the openqa/worker role
 

  

+ has_ipv4: yes
 

+ mac1: 00:1b:21:e0:6a:72
 

+ mac2: 50:6b:4b:7f:a8:b0
 

+ mac3: 50:6b:4b:7f:a8:b1
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: eth1
 

-   mac: "{{ eth1_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

-     gateway4: "{{ eth1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth2
 

-   mac: "{{ eth2_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- 

- nrpe_procs_warn: 250
 

+   - autoconnect: no
 

+     mac: "{{ eth0_mac }}"
 

+     name: eth0
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth1_ipv4_gw }}"
 

+     mac: "{{ eth1_mac }}"
 

+     name: eth1
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ eth2_mac }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

  nrpe_procs_crit: 300
 

- 

- sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

- 

+ nrpe_procs_warn: 250
 

+ # has an HW RNG, so let's have rngd
 

+ openqa_rngd: true
 

  openqa_tap_iface: eth1
 

- 

  # this is a powerful machine, can handle more openQA workers
 

  openqa_workers: 15
 

+ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

  # firewall ports for server->worker websockets connections
 

  # this port is 'QEMUPORT plus 1'
 

  # QEMUPORT is:
 

  # $ENV{QEMUPORT} = ($options{instance}) * 10 + 20002;
 

  # so for worker 1 it's 20012, for worker 2 it's 20022, etc etc
 

  tcp_ports: ['20013', '20023', '20033', '20043', '20053', '20063', '20073', '20083', '20093', '20103', '20113', '20123', '20133', '20143', '20153']
 

- 

- # has an HW RNG, so let's have rngd
 

- openqa_rngd: true

file modified
+39 -53 
@@ -1,76 +1,62 @@
 

  ---
 

- freezes: false
 

- # eth0 is disabled/nothing
 

- # eth1 is active network
 

- # eth2 is disabled/nothing
 

- 

  datacenter: iad2
 

- 

- mac1: 00:1b:21:e0:6e:5b
 

- mac2: 50:6b:4b:7f:98:30
 

- mac3: 50:6b:4b:7f:98:31
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

- 

  eth0_mac: "{{ mac1 }}"
 

- 

  eth1_ipv4: 10.3.174.63
 

- eth1_ipv4_nm: 24
 

  eth1_ipv4_gw: 10.3.174.254
 

+ eth1_ipv4_nm: 24
 

  eth1_mac: "{{ mac2 }}"
 

- 

  eth2_mac: "{{ mac3 }}"
 

+ freezes: false
 

+ # eth0 is disabled/nothing
 

+ # eth1 is active network
 

+ # eth2 is disabled/nothing
 

  

+ has_ipv4: yes
 

+ mac1: 00:1b:21:e0:6e:5b
 

+ mac2: 50:6b:4b:7f:98:30
 

+ mac3: 50:6b:4b:7f:98:31
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: eth1
 

-   mac: "{{ eth1_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

-     gateway4: "{{ eth1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth2
 

-   mac: "{{ eth2_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- 

- nrpe_procs_warn: 250
 

+   - autoconnect: no
 

+     mac: "{{ eth0_mac }}"
 

+     name: eth0
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth1_ipv4 }}/{{ eth1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth1_ipv4_gw }}"
 

+     mac: "{{ eth1_mac }}"
 

+     name: eth1
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ eth2_mac }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

  nrpe_procs_crit: 300
 

- 

- sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

- 

+ nrpe_procs_warn: 250
 

+ # has an HW RNG, so let's have rngd
 

+ openqa_rngd: true
 

  openqa_tap_iface: eth1
 

- 

  # this is a powerful machine, can handle more openQA workers
 

  openqa_workers: 15
 

+ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

  # firewall ports for server->worker websockets connections
 

  # this port is 'QEMUPORT plus 1'
 

  # QEMUPORT is:
 

  # $ENV{QEMUPORT} = ($options{instance}) * 10 + 20002;
 

  # so for worker 1 it's 20012, for worker 2 it's 20022, etc etc
 

  tcp_ports: ['20013', '20023', '20033', '20043', '20053', '20063', '20073', '20083', '20093', '20103', '20113', '20123', '20133', '20143', '20153']
 

- 

- # has an HW RNG, so let's have rngd
 

- openqa_rngd: true

file modified
+10 -17 
@@ -2,32 +2,25 @@
 

  ############################################################
 

  # networking
 

  ############################################################
 

- 

- nm: 255.255.255.0
 

- gw: 10.3.174.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.174.57
 

- 

+ gw: 10.3.174.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

  ############################################################
 

  # install
 

  ############################################################
 

- 

  ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-iad2
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

- vmhost: qvmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  ############################################################
 

  # virtual machine
 

  ############################################################
 

- 

- 

  lvm_size: 1750000
 

- mem_size: 262144
 

- max_mem_size: 383216
 

- num_cpus: 60
 

  max_cpu: 60
 

- 

- nrpe_procs_warn: 1000
 

+ max_mem_size: 383216
 

+ mem_size: 262144
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1200
 

+ nrpe_procs_warn: 1000
 

+ num_cpus: 60
 

+ vmhost: qvmhost-x86-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+41 -55 
@@ -1,78 +1,64 @@
 

  ---
 

- freezes: false
 

- # eth0 is default network
 

- # eth1 is disabled/nothing
 

- # eth2 is disabled/nothing
 

- # NOTE network configuration beyond the scope of linux-system-roles on
 

- # this host is performed by the openqa/worker role
 

- 

  datacenter: iad2
 

- 

- mac1: 40:a6:b7:18:87:24
 

- mac2: 40:a6:b7:18:87:25
 

- mac3: ac:1f:6b:56:e5:90
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

- 

  eth0_ipv4: 10.3.174.42
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.174.254
 

+ eth0_ipv4_nm: 24
 

  eth0_mac: "{{ mac1 }}"
 

- 

  eth1_mac: "{{ mac2 }}"
 

- 

  eth2_mac: "{{ mac3 }}"
 

+ freezes: false
 

+ # eth0 is default network
 

+ # eth1 is disabled/nothing
 

+ # eth2 is disabled/nothing
 

+ # NOTE network configuration beyond the scope of linux-system-roles on
 

+ # this host is performed by the openqa/worker role
 

  

+ has_ipv4: yes
 

+ mac1: 40:a6:b7:18:87:24
 

+ mac2: 40:a6:b7:18:87:25
 

+ mac3: ac:1f:6b:56:e5:90
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ eth1_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: eth2
 

-   mac: "{{ eth2_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- 

- nrpe_procs_warn: 250
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ eth0_mac }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ eth1_mac }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ eth2_mac }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

  nrpe_procs_crit: 300
 

- 

- sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

- 

+ nrpe_procs_warn: 250
 

+ # has an HW RNG, so let's have rngd
 

+ openqa_rngd: true
 

  openqa_tap_iface: eth0
 

- 

  # this is a powerful machine, can handle more openQA workers
 

  openqa_workers: 15
 

+ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

  # firewall ports for server->worker websockets connections
 

  # this port is 'QEMUPORT plus 1'
 

  # QEMUPORT is:
 

  # $ENV{QEMUPORT} = ($options{instance}) * 10 + 20002;
 

  # so for worker 1 it's 20012, for worker 2 it's 20022, etc etc
 

  tcp_ports: ['20013', '20023', '20033', '20043', '20053', '20063', '20073', '20083', '20093', '20103', '20113', '20123', '20133', '20143', '20153']
 

- 

- # has an HW RNG, so let's have rngd
 

- openqa_rngd: true

file modified
+39 -53 
@@ -1,76 +1,62 @@
 

  ---
 

- freezes: false
 

- # eth0 is default network
 

- # eth1 is disabled/nothing
 

- # eth2 is disabled/nothing
 

- 

  datacenter: iad2
 

- 

- mac1: 40:a6:b7:18:86:b8
 

- mac2: 40:a6:b7:18:86:b9
 

- mac3: ac:1f:6b:59:70:6e
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

- 

  eth0_ipv4: 10.3.174.43
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.174.254
 

+ eth0_ipv4_nm: 24
 

  eth0_mac: "{{ mac1 }}"
 

- 

  eth1_mac: "{{ mac2 }}"
 

- 

  eth2_mac: "{{ mac3 }}"
 

+ freezes: false
 

+ # eth0 is default network
 

+ # eth1 is disabled/nothing
 

+ # eth2 is disabled/nothing
 

  

+ has_ipv4: yes
 

+ mac1: 40:a6:b7:18:86:b8
 

+ mac2: 40:a6:b7:18:86:b9
 

+ mac3: ac:1f:6b:59:70:6e
 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ eth0_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth1
 

-   mac: "{{ eth1_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: eth2
 

-   mac: "{{ eth2_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- 

- nrpe_procs_warn: 250
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ eth0_mac }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ eth1_mac }}"
 

+     name: eth1
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ eth2_mac }}"
 

+     name: eth2
 

+     state: down
 

+     type: ethernet
 

  nrpe_procs_crit: 300
 

- 

- sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

- 

+ nrpe_procs_warn: 250
 

+ # has an HW RNG, so let's have rngd
 

+ openqa_rngd: true
 

  openqa_tap_iface: eth0
 

- 

  # this is a powerful machine, can handle more openQA workers
 

  openqa_workers: 15
 

+ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

  # firewall ports for server->worker websockets connections
 

  # this port is 'QEMUPORT plus 1'
 

  # QEMUPORT is:
 

  # $ENV{QEMUPORT} = ($options{instance}) * 10 + 20002;
 

  # so for worker 1 it's 20012, for worker 2 it's 20022, etc etc
 

  tcp_ports: ['20013', '20023', '20033', '20043', '20053', '20063', '20073', '20083', '20093', '20103', '20113', '20123', '20133', '20143', '20153']
 

- 

- # has an HW RNG, so let's have rngd
 

- openqa_rngd: true

file modified
+47 -62 
@@ -1,84 +1,69 @@
 

  ---
 

- freezes: false
 

- # em1 is default network
 

- # em2 is disabled/nothing
 

- # em3 is disabled/nothing
 

- # em4 is disabled/nothing
 

- # NOTE network configuration beyond the scope of linux-system-roles on
 

- # this host is performed by the openqa/worker role
 

- 

  datacenter: iad2
 

- 

- mac1: e4:43:4b:a7:98:66
 

- mac2: e4:43:4b:a7:98:68
 

- mac3: e4:43:4b:a7:98:86
 

- mac4: e4:43:4b:a7:98:87
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

- 

  em1_ipv4: 10.3.174.21
 

- em1_ipv4_nm: 24
 

  em1_ipv4_gw: 10.3.174.254
 

+ em1_ipv4_nm: 24
 

  em1_mac: "{{ mac1 }}"
 

- 

  em2_mac: "{{ mac2 }}"
 

- 

  em3_mac: "{{ mac3 }}"
 

- 

  em4_mac: "{{ mac4 }}"
 

+ freezes: false
 

+ # em1 is default network
 

+ # em2 is disabled/nothing
 

+ # em3 is disabled/nothing
 

+ # em4 is disabled/nothing
 

+ # NOTE network configuration beyond the scope of linux-system-roles on
 

+ # this host is performed by the openqa/worker role
 

  

+ has_ipv4: yes
 

+ mac1: e4:43:4b:a7:98:66
 

+ mac2: e4:43:4b:a7:98:68
 

+ mac3: e4:43:4b:a7:98:86
 

+ mac4: e4:43:4b:a7:98:87
 

  network_connections:
 

- - name: em1
 

-   mac: "{{ em1_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ em1_ipv4 }}/{{ em1_ipv4_nm }}"
 

-     gateway4: "{{ em1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: em2
 

-   mac: "{{ em2_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: em3
 

-   mac: "{{ em3_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: em4
 

-   mac: "{{ em4_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- 

- nrpe_procs_warn: 1400
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ em1_ipv4 }}/{{ em1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ em1_ipv4_gw }}"
 

+     mac: "{{ em1_mac }}"
 

+     name: em1
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ em2_mac }}"
 

+     name: em2
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ em3_mac }}"
 

+     name: em3
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ em4_mac }}"
 

+     name: em4
 

+     state: down
 

+     type: ethernet
 

  nrpe_procs_crit: 1600
 

- 

- sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

- 

- openqa_tap_iface: em1
 

- 

+ nrpe_procs_warn: 1400
 

  # Has a hardware RNG
 

  openqa_rngd: true
 

- 

+ openqa_tap_iface: em1
 

  # this is a powerful machine, can handle more openQA workers
 

  openqa_workers: 30
 

+ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

  # firewall ports for server->worker websockets connections
 

  # this port is 'QEMUPORT plus 1'
 

  # QEMUPORT is:

file modified
+45 -60 
@@ -1,82 +1,67 @@
 

  ---
 

- freezes: false
 

- # em1 is default network
 

- # em2 is disabled/nothing
 

- # em3 is disabled/nothing
 

- # em4 is disabled/nothing
 

- 

  datacenter: iad2
 

- 

- mac1: e4:43:4b:23:e8:cc
 

- mac2: e4:43:4b:23:e8:ce
 

- mac3: e4:43:4b:23:e8:ec
 

- mac4: e4:43:4b:23:e8:ed
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

- 

  em1_ipv4: 10.3.174.22
 

- em1_ipv4_nm: 24
 

  em1_ipv4_gw: 10.3.174.254
 

+ em1_ipv4_nm: 24
 

  em1_mac: "{{ mac1 }}"
 

- 

  em2_mac: "{{ mac2 }}"
 

- 

  em3_mac: "{{ mac3 }}"
 

- 

  em4_mac: "{{ mac4 }}"
 

+ freezes: false
 

+ # em1 is default network
 

+ # em2 is disabled/nothing
 

+ # em3 is disabled/nothing
 

+ # em4 is disabled/nothing
 

  

+ has_ipv4: yes
 

+ mac1: e4:43:4b:23:e8:cc
 

+ mac2: e4:43:4b:23:e8:ce
 

+ mac3: e4:43:4b:23:e8:ec
 

+ mac4: e4:43:4b:23:e8:ed
 

  network_connections:
 

- - name: em1
 

-   mac: "{{ em1_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ em1_ipv4 }}/{{ em1_ipv4_nm }}"
 

-     gateway4: "{{ em1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: em2
 

-   mac: "{{ em2_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: em3
 

-   mac: "{{ em3_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: em4
 

-   mac: "{{ em4_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- 

- nrpe_procs_warn: 1400
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ em1_ipv4 }}/{{ em1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ em1_ipv4_gw }}"
 

+     mac: "{{ em1_mac }}"
 

+     name: em1
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ em2_mac }}"
 

+     name: em2
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ em3_mac }}"
 

+     name: em3
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ em4_mac }}"
 

+     name: em4
 

+     state: down
 

+     type: ethernet
 

  nrpe_procs_crit: 1600
 

- 

- sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

- 

- openqa_tap_iface: em1
 

- 

+ nrpe_procs_warn: 1400
 

  # Has a hardware RNG
 

  openqa_rngd: true
 

- 

+ openqa_tap_iface: em1
 

  # this is a powerful machine, can handle more openQA workers
 

  openqa_workers: 30
 

+ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

  # firewall ports for server->worker websockets connections
 

  # this port is 'QEMUPORT plus 1'
 

  # QEMUPORT is:

file modified
+49 -64 
@@ -1,87 +1,72 @@
 

  ---
 

- freezes: false
 

- # em1 is default network
 

- # em2 is disabled/nothing
 

- # em3 is disabled/nothing
 

- # em4 is disabled/nothing
 

- # NOTE network configuration beyond the scope of linux-system-roles on
 

- # this host is performed by the openqa/worker role
 

- 

  datacenter: iad2
 

- 

- mac1: e4:43:4b:24:10:aa
 

- mac2: e4:43:4b:24:10:ca
 

- mac3: e4:43:4b:24:10:ac
 

- mac4: e4:43:4b:24:10:cb
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

- 

  em1_ipv4: 10.3.174.24
 

- em1_ipv4_nm: 24
 

  em1_ipv4_gw: 10.3.174.254
 

+ em1_ipv4_nm: 24
 

  em1_mac: "{{ mac1 }}"
 

- 

  em2_mac: "{{ mac2 }}"
 

- 

  em3_mac: "{{ mac3 }}"
 

- 

  em4_mac: "{{ mac4 }}"
 

+ freezes: false
 

+ # em1 is default network
 

+ # em2 is disabled/nothing
 

+ # em3 is disabled/nothing
 

+ # em4 is disabled/nothing
 

+ # NOTE network configuration beyond the scope of linux-system-roles on
 

+ # this host is performed by the openqa/worker role
 

  

+ has_ipv4: yes
 

+ mac1: e4:43:4b:24:10:aa
 

+ mac2: e4:43:4b:24:10:ca
 

+ mac3: e4:43:4b:24:10:ac
 

+ mac4: e4:43:4b:24:10:cb
 

  network_connections:
 

- - name: em1
 

-   mac: "{{ em1_mac }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ em1_ipv4 }}/{{ em1_ipv4_nm }}"
 

-     gateway4: "{{ em1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: em2
 

-   mac: "{{ em2_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: em3
 

-   mac: "{{ em3_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- - name: em4
 

-   mac: "{{ em4_mac }}"
 

-   state: down
 

-   type: ethernet
 

-   autoconnect: no
 

- 

- nrpe_procs_warn: 1400
 

+   - autoconnect: yes
 

+     ip:
 

+       address:
 

+         - "{{ em1_ipv4 }}/{{ em1_ipv4_nm }}"
 

+       dhcp4: no
 

+       dns:
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+       dns_search:
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ em1_ipv4_gw }}"
 

+     mac: "{{ em1_mac }}"
 

+     name: em1
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ em2_mac }}"
 

+     name: em2
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ em3_mac }}"
 

+     name: em3
 

+     state: down
 

+     type: ethernet
 

+   - autoconnect: no
 

+     mac: "{{ em4_mac }}"
 

+     name: em4
 

+     state: down
 

+     type: ethernet
 

  nrpe_procs_crit: 1600
 

- 

- sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

- 

- openqa_tap_iface: em1
 

- 

+ nrpe_procs_warn: 1400
 

  # Has a hardware RNG
 

  openqa_rngd: true
 

- 

+ openqa_tap_iface: em1
 

  # this is a powerful machine, can handle more openQA workers
 

- openqa_workers: 20
 

+ openqa_workers: 30
 

+ sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

  # firewall ports for server->worker websockets connections
 

  # this port is 'QEMUPORT plus 1'
 

  # QEMUPORT is:
 

  # $ENV{QEMUPORT} = ($options{instance}) * 10 + 20002;
 

  # so for worker 1 it's 20012, for worker 2 it's 20022, etc etc
 

- tcp_ports: ['20013', '20023', '20033', '20043', '20053', '20063', '20073', '20083', '20093', '20103', '20113', '20123', '20133', '20143', '20153', '20163', '20173', '20183', '20193', '20203']
 

+ tcp_ports: ['20013', '20023', '20033', '20043', '20053', '20063', '20073', '20083', '20093', '20103', '20113', '20123', '20133', '20143', '20153', '20163', '20173', '20183', '20193', '20203', '20213', '20223', '20233', '20243', '20253', '20263', '20273', '20283', '20293', '20303']

file modified
+8 -15 
@@ -2,30 +2,23 @@
 

  ############################################################
 

  # networking
 

  ############################################################
 

- 

- nm: 255.255.255.0
 

- gw: 10.3.174.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.174.52
 

- 

+ gw: 10.3.174.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

  ############################################################
 

  # install
 

  ############################################################
 

- 

  ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-iad2
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

- vmhost: qvmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  ############################################################
 

  # virtual machine
 

  ############################################################
 

- 

- 

  lvm_size: 800000
 

  mem_size: 16384
 

- num_cpus: 8
 

- 

- nrpe_procs_warn: 250
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 300
 

+ nrpe_procs_warn: 250
 

+ num_cpus: 8
 

+ vmhost: qvmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+12 -18 
@@ -1,25 +1,19 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ baseiptables: true
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.65
 

- vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- baseiptables: true
 

- vpn: false
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

- 

  resolvconf: "resolv.conf/iad2"
 

+ vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+8 -11 
@@ -1,16 +1,13 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ baseiptables: true
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.50
 

- vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  lvm_size: 100g
 

  mem_size: 4096
 

- 

- baseiptables: true
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+12 -18 
@@ -1,25 +1,19 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ baseiptables: false
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.66
 

- vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- baseiptables: false
 

- vpn: false
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

- 

  resolvconf: "resolv.conf/iad2"
 

+ vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+10 -12 
@@ -1,19 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.51
 

- vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.166.254
 

  host_group: os-stg
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+12 -18 
@@ -1,25 +1,19 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ baseiptables: false
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.67
 

- vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- baseiptables: false
 

- vpn: false
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

- 

  resolvconf: "resolv.conf/iad2"
 

+ vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+10 -12 
@@ -1,19 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.52
 

- vmhost: vmhost-x86-02.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.166.254
 

  host_group: os-stg
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: vmhost-x86-02.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+12 -18 
@@ -1,25 +1,19 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ baseiptables: false
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.68
 

- vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- baseiptables: false
 

- vpn: false
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

- 

  resolvconf: "resolv.conf/iad2"
 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+10 -12 
@@ -1,19 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.53
 

- vmhost: vmhost-x86-03.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.166.254
 

  host_group: os-stg
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: vmhost-x86-03.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+12 -19 
@@ -1,26 +1,19 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ baseiptables: false
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.69
 

- vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- baseiptables: false
 

- vpn: false
 

- 

- mem_size: 24576
 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

+ lvm_size: 120g
 

  max_mem_size: 24576
 

- 

- nrpe_procs_warn: 900
 

+ mem_size: 24576
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1000
 

- 

- lvm_size: 120g
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

- 

  resolvconf: "resolv.conf/iad2"
 

+ vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+11 -14 
@@ -1,20 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.54
 

- vmhost: vmhost-x86-04.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.166.254
 

+ host_group: os-stg
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 49152
 

  max_mem_size: 73728
 

+ mem_size: 49152
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 16
 

- 

- host_group: os-stg
 

+ vmhost: vmhost-x86-04.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+12 -19 
@@ -1,26 +1,19 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ baseiptables: false
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.70
 

- vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- baseiptables: false
 

- vpn: false
 

- 

- mem_size: 24576
 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

+ lvm_size: 120g
 

  max_mem_size: 24576
 

- 

- nrpe_procs_warn: 900
 

+ mem_size: 24576
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1000
 

- 

- lvm_size: 120g
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

- 

  resolvconf: "resolv.conf/iad2"
 

+ vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+11 -14 
@@ -1,20 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.55
 

- vmhost: vmhost-x86-05.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.166.254
 

+ host_group: os-stg
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 49152
 

  max_mem_size: 73728
 

+ mem_size: 49152
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 16
 

- 

- host_group: os-stg
 

+ vmhost: vmhost-x86-05.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+12 -19 
@@ -1,26 +1,19 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ baseiptables: false
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.71
 

- vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- baseiptables: false
 

- vpn: false
 

- 

- mem_size: 24576
 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

+ lvm_size: 120g
 

  max_mem_size: 24576
 

- 

- nrpe_procs_warn: 900
 

+ mem_size: 24576
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1000
 

- 

- lvm_size: 120g
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

- 

  resolvconf: "resolv.conf/iad2"
 

+ vmhost: vmhost-x86-07.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+11 -14 
@@ -1,20 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.56
 

- vmhost: vmhost-x86-06.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.166.254
 

+ host_group: os-stg
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 49152
 

  max_mem_size: 73728
 

+ mem_size: 49152
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 16
 

- 

- host_group: os-stg
 

+ vmhost: vmhost-x86-06.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+12 -19 
@@ -1,26 +1,19 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ baseiptables: false
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.72
 

- vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- baseiptables: false
 

- vpn: false
 

- 

- mem_size: 24576
 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

+ lvm_size: 120g
 

  max_mem_size: 24576
 

- 

- nrpe_procs_warn: 900
 

+ mem_size: 24576
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1000
 

- 

- lvm_size: 120g
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

- 

  resolvconf: "resolv.conf/iad2"
 

+ vmhost: vmhost-x86-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+11 -14 
@@ -1,20 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.57
 

- vmhost: vmhost-x86-07.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.166.254
 

+ host_group: os-stg
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 49152
 

  max_mem_size: 73728
 

+ mem_size: 49152
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 16
 

- 

- host_group: os-stg
 

+ vmhost: vmhost-x86-07.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+12 -19 
@@ -1,26 +1,19 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ baseiptables: false
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.73
 

- vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- baseiptables: false
 

- vpn: false
 

- 

- mem_size: 24576
 

+ gw: 10.3.163.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

+ lvm_size: 120g
 

  max_mem_size: 24576
 

- 

- nrpe_procs_warn: 900
 

+ mem_size: 24576
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1000
 

- 

- lvm_size: 120g
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

- 

  resolvconf: "resolv.conf/iad2"
 

+ vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+11 -14 
@@ -1,20 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.58
 

- vmhost: vmhost-x86-08.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.166.254
 

+ host_group: os-stg
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 49152
 

  max_mem_size: 73728
 

+ mem_size: 49152
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 16
 

- 

- host_group: os-stg
 

+ vmhost: vmhost-x86-08.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+16 -23 
@@ -1,30 +1,23 @@
 

  ---
 

- nm: 255.255.254.0
 

- gw: 38.145.49.254
 

  dns: 8.8.8.8
 

- num_cpus: 4
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-fedora-29-ext
 

- ks_repo: http://209.132.181.6/pub/fedora/linux/releases/29/Server/x86_64/os/
 

- 

- vmhost: virthost-os01.fedorainfracloud.org
 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 38.145.48.42
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- vpn: false
 

- 

- # Keepalived variables for os
 

- keepalived_interface: eth0
 

- keepalived_priority: 100
 

- keepalived_ipaddress: 38.145.48.40
 

- keepalived_routerid: 20
 

- 

+ gw: 38.145.49.254
 

  # Keepalived variables for app.os
 

  keepalived2_interface: eth0
 

- keepalived2_priority: 50
 

  keepalived2_ipaddress: 38.145.48.41
 

+ keepalived2_priority: 50
 

  keepalived2_routerid: 25
 

+ # Keepalived variables for os
 

+ keepalived_interface: eth0
 

+ keepalived_ipaddress: 38.145.48.40
 

+ keepalived_priority: 100
 

+ keepalived_routerid: 20
 

+ ks_repo: http://209.132.181.6/pub/fedora/linux/releases/29/Server/x86_64/os/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-fedora-29-ext
 

+ nm: 255.255.254.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ vmhost: virthost-os01.fedorainfracloud.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+16 -23 
@@ -1,30 +1,23 @@
 

  ---
 

- nm: 255.255.254.0
 

- gw: 38.145.49.254
 

  dns: 8.8.8.8
 

- num_cpus: 4
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-fedora-31-ext
 

- ks_repo: http://209.132.181.6/pub/fedora/linux/releases/31/Server/x86_64/os/
 

- 

- vmhost: virthost-os03.fedorainfracloud.org
 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 38.145.48.43
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- vpn: false
 

- 

- # Keepalived variables for os
 

- keepalived_interface: eth0
 

- keepalived_priority: 50
 

- keepalived_ipaddress: 38.145.48.40
 

- keepalived_routerid: 20
 

- 

+ gw: 38.145.49.254
 

  # Keepalived variables for app.os
 

  keepalived2_interface: eth0
 

- keepalived2_priority: 100
 

  keepalived2_ipaddress: 38.145.48.41
 

+ keepalived2_priority: 100
 

  keepalived2_routerid: 25
 

+ # Keepalived variables for os
 

+ keepalived_interface: eth0
 

+ keepalived_ipaddress: 38.145.48.40
 

+ keepalived_priority: 50
 

+ keepalived_routerid: 20
 

+ ks_repo: http://209.132.181.6/pub/fedora/linux/releases/31/Server/x86_64/os/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-fedora-31-ext
 

+ nm: 255.255.254.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ vmhost: virthost-os03.fedorainfracloud.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: false

file modified
+10 -13 
@@ -1,20 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.170.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.170.147
 

- vmhost: bvmhost-a64-osbs-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.170.254
 

  host_group: osbs-aarch64-masters
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

  lvm_size: 60g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

- 

+ vmhost: bvmhost-a64-osbs-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -13 
@@ -1,20 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.167.42
 

- vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.167.254
 

  host_group: osbs-aarch64-masters-stg
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

  lvm_size: 60g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

- 

+ vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,19 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.170.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.170.148
 

- vmhost: bvmhost-a64-osbs-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.170.254
 

  host_group: osbs-aarch64-nodes
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

  lvm_size: 60g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-a64-osbs-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,19 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.167.43
 

- vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.167.254
 

  host_group: osbs-aarch64-nodes-stg
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

  lvm_size: 60g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,19 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.170.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.170.149
 

- vmhost: bvmhost-a64-osbs-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.170.254
 

  host_group: osbs-aarch64-nodes
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

  lvm_size: 60g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-a64-osbs-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,19 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.167.44
 

- vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.167.254
 

  host_group: osbs-aarch64-nodes-stg
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/33/Everything/aarch64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-33-aarch64-osbs
 

  lvm_size: 60g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-a64-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+9 -13 
@@ -1,19 +1,15 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.169.112
 

- vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- mem_size: 4096
 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  max_mem_size: 4096
 

- 

+ mem_size: 4096
 

  nagios_Check_Services:
 

-   nrpe: false
 

    mail: false
 

+   nrpe: false
 

+ nm: 255.255.255.0
 

+ vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -10 
@@ -1,15 +1,12 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.167.38
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ gw: 10.3.167.254
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- mem_size: 4096
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  max_mem_size: 4096
 

+ mem_size: 4096
 

+ nm: 255.255.255.0
 

+ vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,18 +1,16 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.169.113
 

- vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -15 
@@ -1,22 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.167.39
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ gw: 10.3.167.254
 

  host_group: osbs-stg
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,18 +1,16 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.169.114
 

- vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 240g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -15 
@@ -1,22 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.167.40
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ gw: 10.3.167.254
 

  host_group: osbs-stg
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -12 
@@ -1,18 +1,16 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.169.115
 

- vmhost: bvmhost-x86-05.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 240g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-x86-05.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -15 
@@ -1,22 +1,17 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.167.41
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ gw: 10.3.167.254
 

  host_group: osbs-stg
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-osbs-iad2
 

  lvm_size: 120g
 

- mem_size: 16384
 

  max_mem_size: 16384
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  num_cpus: 4
 

+ vmhost: bvmhost-x86-01.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+21 -28 
@@ -1,40 +1,33 @@
 

  ---
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

+ br0_ipv4: 140.211.169.194
 

+ br0_ipv4_gw: 140.211.169.193
 

+ br0_ipv4_nm: 26
 

+ br0_port0_mac: '{{ mac0 }}'
 

  datacenter: osuosl
 

- 

- virthost: true
 

- 

  dns1: 8.8.8.8
 

- 

  dns_search1: fedoraproject.org
 

- 

- has_ipv4: yes
 

- br0_ipv4: 140.211.169.194
 

- br0_ipv4_nm: 26
 

- br0_ipv4_gw: 140.211.169.193
 

- 

+ has_ipv4: true
 

  mac0: e4:43:4b:23:cb:b6
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: true
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - '{{ br0_ipv4 }}/{{ br0_ipv4_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

        dns:
 

-       - "{{ dns1 }}"
 

+         - '{{ dns1 }}'
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - '{{ dns_search1 }}'
 

+       gateway4: '{{ br0_ipv4_gw }}'
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: '{{ br0_port0_mac }}'
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ virthost: true

file modified
+27 -34 
@@ -1,40 +1,33 @@
 

  ---
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

+ br0_ipv4: 140.211.169.195
 

+ br0_ipv4_gw: 140.211.169.193
 

+ br0_ipv4_nm: 26
 

+ br0_port0_mac: '{{ mac0 }}'
 

  datacenter: osuosl
 

- 

- virthost: true
 

- 

  dns1: 8.8.8.8
 

- 

  dns_search1: fedoraproject.org
 

- 

- has_ipv4: yes
 

- br0_ipv4: 140.211.169.195
 

- br0_ipv4_nm: 26
 

- br0_ipv4_gw: 140.211.169.193
 

- 

+ has_ipv4: true
 

  mac0: 34:40:b5:ac:a8:a0
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

- - name: br0
 

-   state: up
 

-   type: bridge
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-     gateway4: "{{ br0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: br0-port0
 

-   state: up
 

-   type: ethernet
 

-   master: br0
 

-   mac: "{{ br0_port0_mac }}"
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+         - '{{ br0_ipv4 }}/{{ br0_ipv4_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+         - '{{ dns1 }}'
 

+       dns_search:
 

+         - '{{ dns_search1 }}'
 

+       gateway4: '{{ br0_ipv4_gw }}'
 

+     name: br0
 

+     state: up
 

+     type: bridge
 

+   - mac: '{{ br0_port0_mac }}'
 

+     master: br0
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ virthost: true

file modified
+4 -4 
@@ -1,7 +1,7 @@
 

  ---
 

- datacenter: osuosl
 

- virthost: true
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

  br0_ip: 140.211.169.200
 

  br0_nm: 140.211.169.195
 

+ datacenter: osuosl
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ virthost: true

file modified
+13 -22 
@@ -1,32 +1,23 @@
 

  ---
 

- nm: 255.255.255.0
 

+ datacenter: rdu-cc
 

  dns: 8.8.8.8
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- 

- volgroup: /dev/vg_server
 

- 

- eth0_nm: 255.255.255.0
 

+ effective_cache_size: "6GB"
 

  eth0_ip: 8.43.85.77
 

- gw: 8.43.85.254
 

- 

- has_ipv6: yes
 

  eth0_ipv6: "2620:52:3:1:dead:beef:cafe:fed3"
 

  eth0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

- vmhost: virthost-cc-rdu02.fedoraproject.org
 

- datacenter: rdu-cc
 

- 

+ eth0_nm: 255.255.255.0
 

+ gw: 8.43.85.254
 

+ has_ipv6: yes
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

+ nm: 255.255.255.0
 

+ # DB host:
 

+ pagure_db_host: 127.0.0.1
 

  #
 

  # PostgreSQL configuration
 

  #
 

- 

  shared_buffers: "2GB"
 

- effective_cache_size: "6GB"
 

- 

  ssh_hostnames:
 

- - stg.pagure.io
 

- 

- # DB host:
 

- pagure_db_host: 127.0.0.1
 

+   - stg.pagure.io
 

+ vmhost: virthost-cc-rdu02.fedoraproject.org
 

+ volgroup: /dev/vg_server

file modified
+21 -31 
@@ -1,41 +1,31 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 8.43.85.254
 

+ datacenter: rdu-cc
 

  dns: 8.8.8.8
 

- 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-8-ext
 

- ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL8-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

- 

+ effective_cache_size: 1
 

  eth0_ip: 8.43.85.76
 

- eth0_nm: 255.255.255.0
 

- has_ipv6: yes
 

  eth0_ipv6: "2620:52:3:1:dead:beef:cafe:fed8"
 

  eth0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

- vmhost: virthost-cc-rdu02.fedoraproject.org
 

- datacenter: rdu-cc
 

- 

+ eth0_nm: 255.255.255.0
 

+ gw: 8.43.85.254
 

+ has_ipv6: yes
 

+ ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-8-ext
 

+ max_stack_depth: "4MB"
 

+ nagios_Check_Services:
 

+   swap: false
 

+ nm: 255.255.255.0
 

+ # DB used:
 

+ pagure_db_host: 127.0.0.1
 

+ sar_output_file: pagure.json
 

+ # GDPR SAR variables - datanommer/datagrepper
 

+ sar_script: /usr/local/bin/pagure_sar.py
 

+ sar_script_user: git
 

  #
 

  # PostgreSQL configuration
 

  #
 

- 

  shared_buffers: "512MB"
 

- effective_cache_size: 1
 

- temp_buffers: "8MB"
 

- max_stack_depth: "4MB"
 

- 

  ssh_hostnames:
 

- - pagure.io
 

- 

- # GDPR SAR variables - datanommer/datagrepper
 

- sar_script: /usr/local/bin/pagure_sar.py
 

- sar_script_user: git
 

- sar_output_file: pagure.json
 

- 

- # DB used:
 

- pagure_db_host: 127.0.0.1
 

- 

- nagios_Check_Services:
 

-   swap: false
 

+   - pagure.io
 

+ temp_buffers: "8MB"
 

+ vmhost: virthost-cc-rdu02.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+9 -13 
@@ -1,18 +1,14 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 10.3.169.117
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-01.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  # These people get told when something goes wrong.
 

  fedmsg_error_recipients:
 

- - ralph@fedoraproject.org
 

- - mohanboddu@fedoraproject.org
 

+   - ralph@fedoraproject.org
 

+   - mohanboddu@fedoraproject.org
 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

+ vmhost: bvmhost-x86-01.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+11 -15 
@@ -1,20 +1,16 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 10.3.169.125
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-05.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  # These people get told when something goes wrong.
 

  fedmsg_error_recipients:
 

- - ralph@fedoraproject.org
 

- - mprahl@redhat.com
 

- - jkaluza@redhat.com
 

- - fvalder@redhat.com
 

+   - ralph@fedoraproject.org
 

+   - mprahl@redhat.com
 

+   - jkaluza@redhat.com
 

+   - fvalder@redhat.com
 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

+ vmhost: bvmhost-x86-05.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+11 -15 
@@ -1,20 +1,16 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 10.3.169.126
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

  # These people get told when something goes wrong.
 

  fedmsg_error_recipients:
 

- - ralph@fedoraproject.org
 

- - mprahl@redhat.com
 

- - jkaluza@redhat.com
 

- - fvalder@redhat.com
 

+   - ralph@fedoraproject.org
 

+   - mprahl@redhat.com
 

+   - jkaluza@redhat.com
 

+   - fvalder@redhat.com
 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

+ vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -10 
@@ -1,14 +1,11 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 10.3.169.118
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  mem_size: 32768
 

+ nm: 255.255.255.0
 

+ vmhost: bvmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -9 
@@ -1,13 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 10.3.167.26
 

- 

- volgroup: /dev/vg_guests
 

+ gw: 10.3.167.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: bvmhost-x86-02.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+7 -10 
@@ -1,14 +1,11 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 10.3.169.129
 

- 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.169.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  mem_size: 32768
 

+ nm: 255.255.255.0
 

+ vmhost: bvmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+41 -53 
@@ -1,67 +1,55 @@
 

  ---
 

- freezes: false
 

- #host_backup_targets: ['/srv/web']
 

- 

- volgroup: /dev/vg_guests
 

+ datacenter: ibiblio
 

+ dns1: 152.2.21.1
 

+ dns2: 152.2.253.100
 

+ dns_search1: vpn.fedoraproject.org
 

+ dns_search2: fedoraproject.org
 

  eth0_ipv4: 152.19.134.199
 

- eth0_ipv4_nm: 25
 

  eth0_ipv4_gw: 152.19.134.129
 

- has_ipv6: yes
 

+ eth0_ipv4_nm: 25
 

  eth0_ipv6: "2600:2701:4000:5211:dead:beef:00a7:9474"
 

- eth0_ipv6_nm: 104
 

  eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-people
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- postfix_group: vpn
 

- vpn: true
 

- vmhost: ibiblio05.fedoraproject.org
 

- datacenter: ibiblio
 

- 

+ eth0_ipv6_nm: 104
 

  fedmsg_fqdn: people01.vpn.fedoraproject.org
 

+ freezes: false
 

+ #host_backup_targets: ['/srv/web']
 

  

- tcp_ports: [80, 443, 9418, 873]
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

+ has_ipv6: yes
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-people
 

  lvm_size: 1t
 

  mem_size: 8192
 

- num_cpus: 4
 

- 

- rsyncd_conf: "rsyncd.conf.people01.fedoraproject.org"
 

- 

- ssh_hostnames:
 

- - fedorapeople.org
 

- 

- # GDPR SAR vars
 

- sar_script: "/usr/bin/tree /home/fedora/$SAR_USERNAME -DFgXfpsu --timefmt %Y-%m-%dT%H:%M:%SZ"
 

- sar_script_user: "root"
 

- sar_output_file: "fedora_people.xml"
 

- 

- dns1: 152.2.21.1
 

- dns2: 152.2.253.100
 

- 

- dns_search1: vpn.fedoraproject.org
 

- dns_search2: fedoraproject.org
 

- 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ ansible_default_ipv4.macaddress }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ num_cpus: 4
 

+ postfix_group: vpn
 

+ rsyncd_conf: "rsyncd.conf.people01.fedoraproject.org"
 

+ sar_output_file: "fedora_people.xml"
 

+ # GDPR SAR vars
 

+ sar_script: "/usr/bin/tree /home/fedora/$SAR_USERNAME -DFgXfpsu --timefmt %Y-%m-%dT%H:%M:%SZ"
 

+ sar_script_user: "root"
 

+ ssh_hostnames:
 

+   - fedorapeople.org
 

+ tcp_ports: [80, 443, 9418, 873]
 

+ vmhost: ibiblio05.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+16 -24 
@@ -1,34 +1,26 @@
 

  ---
 

+ additional_host_keytabs:
 

+   - pkgs.fedoraproject.org
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

  eth0_ip: 10.3.169.116
 

- nm: 255.255.255.0
 

  gw: 10.3.169.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ host_backup_targets: ['/srv/cache/lookaside']
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-05.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  mem_size: 16384
 

- num_cpus: 8
 

- 

- host_backup_targets: ['/srv/cache/lookaside']
 

  nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

- ssh_hostnames:
 

- - pkgs.fedoraproject.org
 

- 

- additional_host_keytabs:
 

- - pkgs.fedoraproject.org
 

- 

- nrpe_procs_warn: 500
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 600
 

- 

+ nrpe_procs_warn: 500
 

+ num_cpus: 8
 

+ # DB used by pagure
 

+ pagure_db_host: db01.iad2.fedoraproject.org
 

+ sar_output_file: dist_git.json
 

  # GDPR SAR variables - dist_dit
 

  sar_script: /usr/local/bin/pagure_sar.py
 

  sar_script_user: root
 

- sar_output_file: dist_git.json
 

- 

- # DB used by pagure
 

- pagure_db_host: db01.iad2.fedoraproject.org
 

- 

+ ssh_hostnames:
 

+   - pkgs.fedoraproject.org
 

+ vmhost: bvmhost-x86-05.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+10 -13 
@@ -1,19 +1,16 @@
 

  ---
 

+ # temp fix to get htis box working
 

+ baseiptables: False
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

  eth0_ip: 10.3.167.74
 

- nm: 255.255.255.0
 

  gw: 10.3.167.254
 

- dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

- vmhost: bvmhost-x86-03.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- ssh_hostnames:
 

- - pkgs.stg.fedoraproject.org
 

- 

- # temp fix to get htis box working
 

- baseiptables: False
 

- 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  # DB used by pagure
 

  pagure_db_host: db01.stg.iad2.fedoraproject.org
 

+ ssh_hostnames:
 

+   - pkgs.stg.fedoraproject.org
 

+ vmhost: bvmhost-x86-03.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
-1 
@@ -1,5 +1,4 @@
 

  ---
 

  nagios_Can_Connect: false
 

- 

  nagios_Check_Services:
 

    nrpe: false

file modified
+25 -37 
@@ -1,53 +1,41 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: iad2
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: redhat
 

- 

- vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- num_cpus: 8
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "vpn.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.163.74
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.163.254
 

- 

+ eth0_ipv4_nm: 24
 

+ freezes: true
 

+ has_ipv4: yes
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  mac0: 52:54:00:76:9f:85
 

- 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: redhat
 

+ vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+8 -14 
@@ -1,20 +1,14 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

- vmhost: vmhost-x86-02.stg.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.3.166.74
 

- 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

  # This is consumed by the roles/fedora-web/main role
 

  sponsor: redhat
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

+ vmhost: vmhost-x86-02.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: false

file modified
+31 -45 
@@ -1,63 +1,49 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: internetx
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: internetx
 

- 

- vmhost: internetx01.fedoraproject.org
 

- volgroup: /dev/vg_Server
 

- 

- mem_size: 8192
 

- max_mem_size: 8192
 

- num_cpus: 6
 

- 

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

- 

  dns_search1: "vpn.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 85.236.55.6
 

- eth0_ipv4_nm: 28
 

  eth0_ipv4_gw: 85.236.55.1
 

- 

- has_ipv6: true
 

+ eth0_ipv4_nm: 28
 

  eth0_ipv6: "2001:4178:2:1269::fed2"
 

- eth0_ipv6_nm: 64
 

  eth0_ipv6_gw: "2001:4178:2:1269::1"
 

- 

+ eth0_ipv6_nm: 64
 

+ freezes: true
 

+ has_ipv4: yes
 

+ has_ipv6: true
 

+ ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  mac0: 52:54:00:8c:7c:1b
 

- public_hostname: proxy02.fedoraproject.org
 

- 

+ max_mem_size: 8192
 

+ mem_size: 8192
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 6
 

  postfix_group: vpn
 

+ public_hostname: proxy02.fedoraproject.org
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: internetx
 

+ vmhost: internetx01.fedoraproject.org
 

+ volgroup: /dev/vg_Server
 

  vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400

file modified
+8 -15 
@@ -1,21 +1,14 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

- 

- vmhost: vmhost-x86-03.stg.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 10.3.166.75
 

- 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

  # This is consumed by the roles/fedora-web/main role
 

  sponsor: redhat
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

+ vmhost: vmhost-x86-03.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: false

file modified
+31 -45 
@@ -1,63 +1,49 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: rdu-cc
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: redhat
 

- 

- vmhost: virthost-cc-rdu02.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

- mem_size: 16384
 

- max_mem_size: 32768
 

- num_cpus: 8
 

- 

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

- 

  dns_search1: "vpn.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 8.43.85.73
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 8.43.85.254
 

- 

- has_ipv6: true
 

+ eth0_ipv4_nm: 24
 

  eth0_ipv6: "2620:52:3:1:dead:beef:cafe:fed6"
 

- eth0_ipv6_nm: 64
 

  eth0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

+ eth0_ipv6_nm: 64
 

+ freezes: true
 

+ has_ipv4: yes
 

+ has_ipv6: true
 

+ ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  mac0: "52:54:00:c1:18:c6"
 

- public_hostname: proxy03.fedoraproject.org
 

- 

+ max_mem_size: 32768
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

  postfix_group: vpn
 

+ public_hostname: proxy03.fedoraproject.org
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: redhat
 

+ vmhost: virthost-cc-rdu02.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400

file modified
+31 -45 
@@ -1,63 +1,49 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: ibiblio
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: ibiblio
 

- 

- vmhost: ibiblio01.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

- mem_size: 16384
 

- max_mem_size: 20000
 

- num_cpus: 8
 

- 

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  dns1: 152.2.21.1
 

  dns2: 152.2.153.100
 

- 

  dns_search1: "vpn.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 152.19.134.142
 

- eth0_ipv4_nm: 25
 

  eth0_ipv4_gw: 152.19.134.129
 

- 

- has_ipv6: yes
 

+ eth0_ipv4_nm: 25
 

  eth0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fed3"
 

- eth0_ipv6_nm: 104
 

  eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

- 

+ eth0_ipv6_nm: 104
 

+ freezes: true
 

+ has_ipv4: yes
 

+ has_ipv6: yes
 

+ ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  mac0: "52:54:00:e3:bb:8f"
 

- public_hostname: proxy04.fedoraproject.org
 

- 

+ max_mem_size: 20000
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

  postfix_group: vpn
 

+ public_hostname: proxy04.fedoraproject.org
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: ibiblio
 

+ vmhost: ibiblio01.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400

file modified
+29 -40 
@@ -1,56 +1,45 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: host1plus
 

- 

- # This is now a cloud instance provided by host1plus
 

- # vmhost: none
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: host1plus
 

- 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

- 

  dns_search1: "vpn.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 185.141.165.254
 

- eth0_ipv4_nm: 23
 

  eth0_ipv4_gw: 185.141.164.1
 

- 

+ eth0_ipv4_nm: 23
 

+ freezes: true
 

+ has_ipv4: yes
 

  mac0: "06:5b:86:00:06:60"
 

- public_hostname: proxy05.fedoraproject.org
 

- 

+ nagios_Check_Services:
 

+   dhcpd: false
 

+   httpd: true
 

+   named: false
 

+   nrpe: true
 

+   sshd: true
 

+   swap: false
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

+ public_hostname: proxy05.fedoraproject.org
 

+ # This is now a cloud instance provided by host1plus
 

+ # vmhost: none
 

  

- nagios_Check_Services:
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

-   dhcpd: false
 

-   httpd: true
 

-   swap: false
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: host1plus
 

+ vpn: true

file modified
+31 -45 
@@ -1,63 +1,49 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: osuosl
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: osuosl
 

- 

- vmhost: osuosl01.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

- mem_size: 16384
 

- max_mem_size: 20000
 

- num_cpus: 8
 

- 

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

- 

  dns_search1: "vpn.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 140.211.169.196
 

- eth0_ipv4_nm: 26
 

  eth0_ipv4_gw: 140.211.169.193
 

- 

- has_ipv6: yes
 

+ eth0_ipv4_nm: 26
 

  eth0_ipv6: "2605:bc80:3010:600:dead:beef:cafe:fed9"
 

- eth0_ipv6_nm: 64
 

  eth0_ipv6_gw: "2605:bc80:3010:600::1"
 

- 

+ eth0_ipv6_nm: 64
 

+ freezes: true
 

+ has_ipv4: yes
 

+ has_ipv6: yes
 

+ ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  mac0: 52:54:00:fd:23:7f
 

- public_hostname: proxy06.fedoraproject.org
 

- 

+ max_mem_size: 20000
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

  postfix_group: vpn
 

+ public_hostname: proxy06.fedoraproject.org
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: osuosl
 

+ vmhost: osuosl01.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400

file modified
+8 -10 
@@ -1,17 +1,15 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 174.141.234.1
 

+ datacenter: bodhost
 

  dns: 8.8.8.8
 

- 

- eth0_ip: 174.141.234.172
 

- eth0_nm: 255.255.255.0
 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

+ eth0_ip: 174.141.234.172
 

+ eth0_nm: 255.255.255.0
 

+ gw: 174.141.234.1
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  # This is consumed by the roles/fedora-web/main role
 

  sponsor: bodhost
 

- datacenter: bodhost
 

- postfix_group: vpn
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

  vpn: true

file modified
+31 -45 
@@ -1,63 +1,49 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: osuosl
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: osuosl
 

- 

- vmhost: osuosl02.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

- mem_size: 16384
 

- max_mem_size: 20000
 

- num_cpus: 8
 

- 

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

- 

  dns_search1: "vpn.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 140.211.169.206
 

- eth0_ipv4_nm: 26
 

  eth0_ipv4_gw: 140.211.169.193
 

- 

- has_ipv6: yes
 

+ eth0_ipv4_nm: 26
 

  eth0_ipv6: "2605:bc80:3010:600:dead:beef:cafe:feda"
 

- eth0_ipv6_nm: 64
 

  eth0_ipv6_gw: "2605:bc80:3010:600::1"
 

- 

+ eth0_ipv6_nm: 64
 

+ freezes: true
 

+ has_ipv4: yes
 

+ has_ipv6: yes
 

+ ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  mac0: 52:54:00:67:b2:6f
 

- public_hostname: proxy09.fedoraproject.org
 

- 

+ max_mem_size: 20000
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

  postfix_group: vpn
 

+ public_hostname: proxy09.fedoraproject.org
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: osuosl
 

+ vmhost: osuosl02.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400

file modified
+24 -36 
@@ -1,53 +1,41 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: iad2
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: redhat
 

- 

- vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- num_cpus: 8
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "vpn.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.163.75
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.163.254
 

- 

+ eth0_ipv4_nm: 24
 

+ freezes: true
 

+ has_ipv4: yes
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  mac0: 52:54:00:55:8d:ca
 

- 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

  nrpe_procs_crit: 1400
 

- 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: redhat
 

+ vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true

file modified
+23 -35 
@@ -1,52 +1,40 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: iad2
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: redhat
 

- 

- vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "vpn.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.163.76
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.163.254
 

- 

+ eth0_ipv4_nm: 24
 

+ freezes: true
 

+ has_ipv4: yes
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  mac0: 52:54:00:1F:48:0A
 

- 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

  nrpe_procs_crit: 1400
 

- 

+ nrpe_procs_warn: 1200
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: redhat
 

+ vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true

file modified
+31 -45 
@@ -1,63 +1,49 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: dedicatedsolutions
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: dedicatedsolutions
 

- 

- vmhost: dedicatedsolutions01.fedoraproject.org
 

- volgroup: /dev/vg_virthost
 

- 

- mem_size: 16384
 

- max_mem_size: 32768
 

- num_cpus: 10
 

- 

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

- 

  dns_search1: "vpn.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 67.219.144.68
 

- eth0_ipv4_nm: 28
 

  eth0_ipv4_gw: 67.219.144.65
 

- 

- has_ipv6: yes
 

+ eth0_ipv4_nm: 28
 

  eth0_ipv6: "2604:1580:fe00:0:dead:beef:cafe:fed1"
 

- eth0_ipv6_nm: 64
 

  eth0_ipv6_gw: "2604:1580:fe00::1"
 

- 

+ eth0_ipv6_nm: 64
 

+ freezes: true
 

+ has_ipv4: yes
 

+ has_ipv6: yes
 

+ ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  mac0: "52:54:00:96:fb:f7"
 

- public_hostname: proxy11.fedoraproject.org
 

- 

+ max_mem_size: 32768
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 10
 

  postfix_group: vpn
 

+ public_hostname: proxy11.fedoraproject.org
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: dedicatedsolutions
 

+ vmhost: dedicatedsolutions01.fedoraproject.org
 

+ volgroup: /dev/vg_virthost
 

  vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400

file modified
+23 -36 
@@ -1,53 +1,40 @@
 

  ---
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

- freezes: true
 

- 

  datacenter: iad2
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: redhat
 

- 

- vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "vpn.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 10.3.163.77
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.163.254
 

- 

+ eth0_ipv4_nm: 24
 

+ freezes: true
 

+ has_ipv4: yes
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  mac0: 52:54:00:04:49:7a
 

- 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

  nrpe_procs_crit: 1400
 

- 

+ nrpe_procs_warn: 1200
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: redhat
 

+ vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true

file modified
+31 -45 
@@ -1,63 +1,49 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: ibiblio
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: ibiblio
 

- 

- vmhost: ibiblio05.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

- mem_size: 16384
 

- max_mem_size: 20000
 

- num_cpus: 8
 

- 

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  dns1: 152.2.21.1
 

  dns2: 152.2.153.100
 

- 

  dns_search1: "vpn.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 152.19.134.198
 

- eth0_ipv4_nm: 25
 

  eth0_ipv4_gw: 152.19.134.129
 

- 

- has_ipv6: yes
 

+ eth0_ipv4_nm: 25
 

  eth0_ipv6: "2600:2701:4000:5211:dead:beef:00da:bbd8"
 

- eth0_ipv6_nm: 104
 

  eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

- 

+ eth0_ipv6_nm: 104
 

+ freezes: true
 

+ has_ipv4: yes
 

+ has_ipv6: yes
 

+ ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  mac0: "52:54:00:84:5d:9f"
 

- public_hostname: proxy12.fedoraproject.org
 

- 

+ max_mem_size: 20000
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     type: ethernet
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

  postfix_group: vpn
 

+ public_hostname: proxy12.fedoraproject.org
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: ibiblio
 

+ vmhost: ibiblio05.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400

file modified
+13 -20 
@@ -1,30 +1,23 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 172.31.2.254
 

+ datacenter: rdu
 

  dns: 8.8.8.8
 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

- 

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

- vmhost: virthost-rdu01.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- 

  eth0_ip: 172.31.2.22
 

  eth0_nm: 255.255.255.0
 

- 

+ gw: 172.31.2.254
 

+ ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

+ max_mem_size: 32768
 

+ mem_size: 16384
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

+ postfix_group: vpn
 

  public_ip: 209.132.190.2
 

- 

  # This is consumed by the roles/fedora-web/main role
 

  sponsor: redhat
 

- datacenter: rdu
 

- postfix_group: vpn
 

+ vmhost: virthost-rdu01.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

- mem_size: 16384
 

- max_mem_size: 32768
 

- num_cpus: 8

file modified
+31 -45 
@@ -1,64 +1,50 @@
 

  ---
 

- freezes: true
 

- 

  datacenter: rdu-cc
 

- 

- # This is consumed by the roles/fedora-web/main role
 

- sponsor: redhat
 

- 

- vmhost: vmhost-x86-cc05.rdu-cc.fedoraproject.org
 

- volgroup: /dev/rhel_vmhost-x86-05
 

- 

- mem_size: 16384
 

- max_mem_size: 32768
 

- num_cpus: 8
 

- 

- ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- 

  dns: 8.8.8.8
 

  dns1: 8.8.8.8
 

  dns2: 8.8.4.4
 

- 

  dns_search1: "vpn.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 8.43.85.67
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 8.43.85.254
 

- 

- has_ipv6: yes
 

+ eth0_ipv4_nm: 24
 

  eth0_ipv6: "2620:52:3:1:dead:beef:cafe:fed7"
 

- eth0_ipv6_nm: 64
 

  eth0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

+ eth0_ipv6_nm: 64
 

+ freezes: true
 

+ has_ipv4: yes
 

+ has_ipv6: yes
 

+ ks_repo: http://38.145.60.16/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora
 

  mac0: "52:54:00:19:67:0C"
 

- public_hostname: proxy14.fedoraproject.org
 

- 

+ max_mem_size: 32768
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ ansible_default_ipv4.macaddress }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     type: ethernet
 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 8
 

  postfix_group: vpn
 

+ public_hostname: proxy14.fedoraproject.org
 

+ # This is consumed by the roles/fedora-web/main role
 

+ sponsor: redhat
 

+ vmhost: vmhost-x86-cc05.rdu-cc.fedoraproject.org
 

+ volgroup: /dev/rhel_vmhost-x86-05
 

  vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400

file modified
+5 -8 
@@ -2,15 +2,12 @@
 

  # Skipping all the network stuff. Amazon does that all via DHCP.
 

  

  # This is consumed by the roles/fedora-web/main role
 

- sponsor: amazon
 

  datacenter: aws
 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  public_ip: 13.250.126.156
 

+ sponsor: amazon
 

+ vpn: true

file modified
+5 -8 
@@ -2,15 +2,12 @@
 

  # Skipping all the network stuff. Amazon does that all via DHCP.
 

  

  # This is consumed by the roles/fedora-web/main role
 

- sponsor: amazon
 

  datacenter: aws
 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  public_ip: 13.125.120.8
 

+ sponsor: amazon
 

+ vpn: true

file modified
+5 -8 
@@ -2,15 +2,12 @@
 

  # Skipping all the network stuff. Amazon does that all via DHCP.
 

  

  # This is consumed by the roles/fedora-web/main role
 

- sponsor: amazon
 

  datacenter: aws
 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  public_ip: 18.185.136.17
 

+ sponsor: amazon
 

+ vpn: true

file modified
+5 -9 
@@ -2,16 +2,12 @@
 

  # Skipping all the network stuff. Amazon does that all via DHCP.
 

  

  # This is consumed by the roles/fedora-web/main role
 

- sponsor: amazon
 

  datacenter: aws
 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  public_ip: 13.244.113.71
 

- 

+ sponsor: amazon
 

+ vpn: true

file modified
+5 -9 
@@ -2,16 +2,12 @@
 

  # Skipping all the network stuff. Amazon does that all via DHCP.
 

  

  # This is consumed by the roles/fedora-web/main role
 

- sponsor: amazon
 

  datacenter: aws
 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  public_ip: 18.230.149.104
 

- 

+ sponsor: amazon
 

+ vpn: true

file modified
+5 -9 
@@ -2,16 +2,12 @@
 

  # Skipping all the network stuff. Amazon does that all via DHCP.
 

  

  # This is consumed by the roles/fedora-web/main role
 

- sponsor: amazon
 

  datacenter: aws
 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  public_ip: 18.133.140.134
 

- 

+ sponsor: amazon
 

+ vpn: true

file modified
+5 -9 
@@ -2,16 +2,12 @@
 

  # Skipping all the network stuff. Amazon does that all via DHCP.
 

  

  # This is consumed by the roles/fedora-web/main role
 

- sponsor: amazon
 

  datacenter: aws
 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  public_ip: 18.159.254.57
 

- 

+ sponsor: amazon
 

+ vpn: true

file modified
+5 -9 
@@ -2,16 +2,12 @@
 

  # Skipping all the network stuff. Amazon does that all via DHCP.
 

  

  # This is consumed by the roles/fedora-web/main role
 

- sponsor: amazon
 

  datacenter: aws
 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  public_ip: 13.233.183.170
 

- 

+ sponsor: amazon
 

+ vpn: true

file modified
+5 -9 
@@ -2,16 +2,12 @@
 

  # Skipping all the network stuff. Amazon does that all via DHCP.
 

  

  # This is consumed by the roles/fedora-web/main role
 

- sponsor: amazon
 

  datacenter: aws
 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  public_ip: 13.212.21.54
 

- 

+ sponsor: amazon
 

+ vpn: true

file modified
+5 -9 
@@ -2,16 +2,12 @@
 

  # Skipping all the network stuff. Amazon does that all via DHCP.
 

  

  # This is consumed by the roles/fedora-web/main role
 

- sponsor: amazon
 

  datacenter: aws
 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  public_ip: 13.245.77.95
 

- 

+ sponsor: amazon
 

+ vpn: true

file modified
+5 -9 
@@ -2,16 +2,12 @@
 

  # Skipping all the network stuff. Amazon does that all via DHCP.
 

  

  # This is consumed by the roles/fedora-web/main role
 

- sponsor: amazon
 

  datacenter: aws
 

- postfix_group: vpn
 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

- nrpe_procs_crit: 1400
 

- 

  nagios_Check_Services:
 

    swap: false
 

- 

+ nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ postfix_group: vpn
 

  public_ip: 15.228.51.95
 

- 

+ sponsor: amazon
 

+ vpn: true

file modified
+18 -25 
@@ -1,40 +1,33 @@
 

  ---
 

- datacenter: iad2
 

- 

+ br0_dev: eno1
 

+ br0_gw: 10.3.174.254
 

  br0_ip: 10.3.174.11
 

  br0_nm: 255.255.255.0
 

- br0_gw: 10.3.174.254
 

- br0_dev: eno1
 

- 

+ br0_port0_mac: "{{ mac1 }}"
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

  mac1: e4:43:4b:a8:c1:fe
 

  mac2: e4:43:4b:a8:c2:00
 

  mac3: e4:43:4b:a8:c2:1e
 

  mac4: e4:43:4b:a8:c2:1f
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ip }}/24"
 

-       gateway4: "{{ br0_gw }}"
 

+         - "{{ br0_ip }}/24"
 

+       dhcp4: no
 

        dns:
 

-       - 10.3.163.33
 

-       - 10.3.163.34
 

+         - 10.3.163.33
 

+         - 10.3.163.34
 

        dns_search:
 

-       - iad2.fedoraproject.org
 

-       - fedoraproject.org
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ br0_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

- 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+25 -31 
@@ -1,43 +1,37 @@
 

  ---
 

- datacenter: iad2
 

- 

+ br0_dev: eno1
 

+ br0_gw: 10.3.174.254
 

  br0_ip: 10.3.174.12
 

  br0_nm: 255.255.255.0
 

- br0_gw: 10.3.174.254
 

- br0_dev: eno1
 

- 

+ br0_port0_mac: '{{ mac1 }}'
 

+ datacenter: iad2
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.33
 

- 

  dns_search1: iad2.fedoraproject.org
 

  dns_search2: fedoraproject.org
 

- 

  mac1: e4:43:4b:a8:b3:0e
 

  mac2: e4:43:4b:a8:b3:10
 

  mac3: e4:43:4b:a8:b3:2e
 

  mac4: e4:43:4b:a8:b3:2f
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

- - name: br0
 

-   state: up
 

-   type: bridge
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ br0_ip }}/24"
 

-     gateway4: "{{ br0_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     - "{{ dns_search2 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: br0-port0
 

-   state: up
 

-   type: ethernet
 

-   master: br0
 

-   mac: "{{ br0_port0_mac }}"
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+         - '{{ br0_ip }}/24'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+         - '{{ dns1 }}'
 

+         - '{{ dns2 }}'
 

+       dns_search:
 

+         - '{{ dns_search1 }}'
 

+         - '{{ dns_search2 }}'
 

+       gateway4: '{{ br0_gw }}'
 

+     name: br0
 

+     state: up
 

+     type: bridge
 

+   - mac: '{{ br0_port0_mac }}'
 

+     master: br0
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+6 -6 
@@ -1,10 +1,10 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

- vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

  eth0_ip: 10.3.163.78
 

  gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- datacenter: iad2
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  nm: 255.255.255.0
 

+ vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+1 -1 
@@ -1,4 +1,4 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.78
 

  vmhost: vmhost-x86-03.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -6 
@@ -1,10 +1,10 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

- vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

  eth0_ip: 10.3.163.79
 

  gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- datacenter: iad2
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  nm: 255.255.255.0
 

+ vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+1 -1 
@@ -1,4 +1,4 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.79
 

  vmhost: vmhost-x86-04.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -6 
@@ -1,10 +1,10 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

- vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

  eth0_ip: 10.3.163.80
 

  gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- datacenter: iad2
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  nm: 255.255.255.0
 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+1 -1 
@@ -1,4 +1,4 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.80
 

  vmhost: vmhost-x86-05.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -12 
@@ -2,28 +2,22 @@
 

  ############################################################
 

  # networking
 

  ############################################################
 

- 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.163.89
 

- 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/31/Server/x86_64/os/
 

  ############################################################
 

  # install
 

  ############################################################
 

- 

  ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-31-iad2
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/31/Server/x86_64/os/
 

- 

- volgroup: /dev/vg_guests
 

- datacenter: iad2
 

- vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

- 

  ############################################################
 

  # virtual machine
 

  ############################################################
 

- 

  lvm_size: 50000
 

  mem_size: 16384
 

+ nm: 255.255.255.0
 

  num_cpus: 4
 

  sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 

+ vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -12 
@@ -2,27 +2,21 @@
 

  ############################################################
 

  # networking
 

  ############################################################
 

- 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

  eth0_ip: 10.3.166.36
 

- 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/31/Server/x86_64/os/
 

  ############################################################
 

  # install
 

  ############################################################
 

- 

  ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-31-iad2
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/31/Server/x86_64/os/
 

- 

- volgroup: /dev/vg_guests
 

- datacenter: iad2
 

- vmhost: vmhost-x86-05.stg.iad2.fedoraproject.org
 

- 

  ############################################################
 

  # virtual machine
 

  ############################################################
 

- 

  lvm_size: 50000
 

  mem_size: 16384
 

+ nm: 255.255.255.0
 

  num_cpus: 4
 

+ vmhost: vmhost-x86-05.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+53 -61 
@@ -2,92 +2,84 @@
 

  #ansible_ssh_user: ec2-user
 

  #ansible_become_user: root
 

  #ansible_become: yes
 

- nm_controlled_resolv: True
 

  ansible_ifcfg_blocklist: True
 

- public_ip: 3.228.218.234
 

  datacenter: aws
 

- vpn: True
 

- 

- public_hostname: retrace-stg.aws.fedoraproject.org
 

- faf_server_name: retrace-stg.aws.fedoraproject.org/faf
 

- rs_use_faf_packages: true
 

- 

- # Staging only has a little storage, so we only support one release at a time.
 

- rs_internal_fedora_vers: [34]
 

- rs_internal_fedora_vers_removed: [31, 32, 33, rawhide]
 

- rs_internal_centos_vers: []
 

- rs_internal_arch_list: [source, x86_64]
 

- 

- # List of supported operating systems
 

- faf_opsys_list:
 

-   - fedora
 

-   - centos
 

- 

  # Clean-up packages of following EOLed operating systems
 

  eol_opsys: []
 

  # When not empty, the array should have the following form:
 

  #   - { opsys: "Fedora", release: "36" }
 

  

- # GDPR SAR variables
 

- sar_script: '/usr/bin/faf sar'
 

- sar_script_user: faf
 

- sar_output_file: faf.json
 

- 

- # consumed by roles/copr/certbot
 

- letsencrypt:
 

-   predefined_deploy_script: httpd
 

-   certificates:
 

-     retrace-stg.aws.fedoraproject.org:
 

-       domains:
 

-       - retrace-stg.aws.fedoraproject.org
 

-       challenge_dir: /var/www/html
 

-       mail: mfabik@redhat.com
 

- 

- nagios_Check_Services:
 

-   mail: false
 

-   nrpe: false
 

-   sshd: false
 

-   named: false
 

-   dhcpd: false
 

-   httpd: false
 

-   swap: false
 

-   ping: false
 

-   raid: false
 

- 

+ # List of supported operating systems
 

+ faf_opsys_list:
 

+   - fedora
 

+   - centos
 

  faf_repos:
 

-   - name: 'fedora-34-source'
 

+   - arch: 'src'
 

+     name: 'fedora-34-source'
 

+     opsys: 'Fedora 34'
 

      url:
 

        - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/34/Everything/source/tree/'
 

-     arch: 'src'
 

+   - arch: 'x86_64'
 

+     name: 'fedora-34-x86_64'
 

      opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64'
 

      url:
 

        - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/34/Everything/x86_64/os/'
 

-     arch: 'x86_64'
 

+   - arch: 'x86_64'
 

+     name: 'fedora-34-x86_64-debug'
 

      opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64-debug'
 

      url:
 

        - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/34/Everything/x86_64/debug/tree/'
 

-     arch: 'x86_64'
 

+   - arch: 'x86_64'
 

+     name: 'fedora-34-x86_64-updates'
 

      opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64-updates'
 

      url:
 

        - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/34/Everything/x86_64/'
 

-     arch: 'x86_64'
 

+   - arch: 'x86_64'
 

+     name: 'fedora-34-x86_64-updates-debug'
 

      opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64-updates-debug'
 

      url:
 

        - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/34/Everything/x86_64/debug/'
 

-     arch: 'x86_64'
 

+   - arch: 'x86_64'
 

+     name: 'fedora-34-x86_64-testing'
 

      opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64-testing'
 

      url:
 

        - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/34/Everything/x86_64/'
 

-     arch: 'x86_64'
 

+   - arch: 'x86_64'
 

+     name: 'fedora-34-x86_64-testing-debug'
 

      opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64-testing-debug'
 

      url:
 

        - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/34/Everything/x86_64/debug/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 34'
 

- ...
 

+ faf_server_name: retrace-stg.aws.fedoraproject.org/faf
 

+ # consumed by roles/copr/certbot
 

+ letsencrypt:
 

+   certificates:
 

+     retrace-stg.aws.fedoraproject.org:
 

+       challenge_dir: /var/www/html
 

+       domains:
 

+         - retrace-stg.aws.fedoraproject.org
 

+       mail: mfabik@redhat.com
 

+   predefined_deploy_script: httpd
 

+ nagios_Check_Services:
 

+   dhcpd: false
 

+   httpd: false
 

+   mail: false
 

+   named: false
 

+   nrpe: false
 

+   ping: false
 

+   raid: false
 

+   sshd: false
 

+   swap: false
 

+ nm_controlled_resolv: True
 

+ public_hostname: retrace-stg.aws.fedoraproject.org
 

+ public_ip: 3.228.218.234
 

+ rs_internal_arch_list: [source, x86_64]
 

+ rs_internal_centos_vers: []
 

+ # Staging only has a little storage, so we only support one release at a time.
 

+ rs_internal_fedora_vers: [34]
 

+ rs_internal_fedora_vers_removed: [31, 32, 33, rawhide]
 

+ rs_use_faf_packages: true
 

+ sar_output_file: faf.json
 

+ # GDPR SAR variables
 

+ sar_script: '/usr/bin/faf sar'
 

+ sar_script_user: faf
 

+ vpn: True

file modified
+171 -186 
@@ -1,206 +1,191 @@
 

  ---
 

  datacenter: rdu-cc
 

- public_hostname: retrace03.rdu-cc.fedoraproject.org
 

- faf_server_name: retrace.fedoraproject.org/faf
 

- rs_use_faf_packages: true
 

- 

+ # Clean-up packages of following EOLed operating systems
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: fedoraproject.org
 

- 

- has_ipv4: yes
 

+ eol_opsys: []
 

+ # When not empty, the array should have the following form:
 

+ #   - { opsys: "Fedora", release: "36" }
 

  eth2_ipv4: 8.43.85.61
 

- eth2_ipv4_nm: 23
 

  eth2_ipv4_gw: 8.43.85.254
 

- 

- has_ipv6: no
 

- 

- mac0: f4:02:70:fa:79:84
 

- 

- network_connections:
 

- - name: eth2
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth2_ipv4 }}/{{ eth2_ipv4_nm }}"
 

-     gateway4: "{{ eth2_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- 

- # we do not have enough storage on stg
 

- rs_internal_fedora_vers: [33, 34, 35, rawhide]
 

- rs_internal_fedora_vers_removed: [30, 31, 32]
 

- rs_internal_centos_vers: [7, 8]
 

- rs_internal_arch_list: [source, x86_64]
 

- 

+ eth2_ipv4_nm: 23
 

+ # List of supported operating systems
 

+ faf_opsys_list:
 

+   - fedora
 

+   - centos
 

+ faf_repos:
 

+   # Fedora 33 repositories ------------------------------------------------
 

+   - arch: src
 

+     name: fedora-33-source
 

+     opsys: Fedora 33
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/releases/33/Everything/source/tree/
 

+   - arch: x86_64
 

+     name: fedora-33-x86_64
 

+     opsys: Fedora 33
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/releases/33/Everything/x86_64/os/
 

+   - arch: x86_64
 

+     name: fedora-33-x86_64-debug
 

+     opsys: Fedora 33
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/releases/33/Everything/x86_64/debug/tree/
 

+   - arch: x86_64
 

+     name: fedora-33-x86_64-testing-debug
 

+     opsys: Fedora 33
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/33/Everything/x86_64/debug/
 

+   - arch: x86_64
 

+     name: fedora-33-x86_64-testing
 

+     opsys: Fedora 33
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/33/Everything/x86_64/
 

+   - arch: x86_64
 

+     name: fedora-33-x86_64-updates-debug
 

+     opsys: Fedora 33
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/33/Everything/x86_64/debug/
 

+   - arch: x86_64
 

+     name: fedora-33-x86_64-updates
 

+     opsys: Fedora 33
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/33/Everything/x86_64/
 

+   - arch: src
 

+     name: fedora-34-source
 

+     opsys: Fedora 34
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/releases/34/Everything/source/tree/
 

+   - arch: x86_64
 

+     name: fedora-34-x86_64
 

+     opsys: Fedora 34
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/releases/34/Everything/x86_64/os/
 

+   - arch: x86_64
 

+     name: fedora-34-x86_64-debug
 

+     opsys: Fedora 34
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/releases/34/Everything/x86_64/debug/tree/
 

+   - arch: x86_64
 

+     name: fedora-34-x86_64-updates
 

+     opsys: Fedora 34
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/34/Everything/x86_64/
 

+   - arch: x86_64
 

+     name: fedora-34-x86_64-updates-debug
 

+     opsys: Fedora 34
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/34/Everything/x86_64/debug/
 

+   - arch: x86_64
 

+     name: fedora-34-x86_64-testing
 

+     opsys: Fedora 34
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/34/Everything/x86_64/
 

+   - arch: x86_64
 

+     name: fedora-34-x86_64-testing-debug
 

+     opsys: Fedora 34
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/34/Everything/x86_64/debug/
 

+   - arch: src
 

+     name: fedora-35-source
 

+     opsys: Fedora 35
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/releases/35/Everything/source/tree/
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/development/35/Everything/source/tree/
 

+   - arch: x86_64
 

+     name: fedora-35-x86_64
 

+     opsys: Fedora 35
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/releases/35/Everything/x86_64/os/
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/development/35/Everything/x86_64/os/
 

+   - arch: x86_64
 

+     name: fedora-35-x86_64-debug
 

+     opsys: Fedora 35
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/releases/35/Everything/x86_64/debug/tree/
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/development/35/Everything/x86_64/debug/tree/
 

+   - arch: x86_64
 

+     name: fedora-35-x86_64-testing-debug
 

+     opsys: Fedora 35
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/35/Everything/x86_64/debug/
 

+   - arch: x86_64
 

+     name: fedora-35-x86_64-testing
 

+     opsys: Fedora 35
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/35/Everything/x86_64/
 

+   - arch: x86_64
 

+     name: fedora-35-x86_64-updates-debug
 

+     opsys: Fedora 35
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/35/Everything/x86_64/debug/
 

+   - arch: x86_64
 

+     name: fedora-35-x86_64-updates
 

+     opsys: Fedora 35
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/updates/35/Everything/x86_64/
 

+   - arch: src
 

+     name: fedora-rawhide-source
 

+     opsys: Fedora Rawhide
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/source/tree/
 

+   - arch: x86_64
 

+     name: fedora-rawhide-x86_64
 

+     opsys: Fedora Rawhide
 

+     url: 

+       - null
 

+   - arch: x86_64
 

+     name: fedora-rawhide-x86_64-debug
 

+     opsys: Fedora Rawhide
 

+     url:
 

+       - http://dl01.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/debug/tree/
 

+ faf_server_name: retrace.fedoraproject.org/faf
 

  # consumed by roles/copr/certbot
 

+ has_ipv4: true
 

+ has_ipv6: false
 

  letsencrypt:
 

-   predefined_deploy_script: httpd
 

    certificates:
 

      retrace03.rdu-cc.fedoraproject.org:
 

+       challenge_dir: /var/www/html
 

        domains:
 

        - retrace03.rdu-cc.fedoraproject.org
 

        - retrace.fedoraproject.org
 

-       challenge_dir: /var/www/html
 

        mail: msuchy@redhat.com
 

- 

+   predefined_deploy_script: httpd
 

+ mac0: f4:02:70:fa:79:84
 

  nagios_Check_Services:
 

-   nrpe: true
 

-   sshd: true
 

-   named: false
 

    dhcpd: false
 

    httpd: false
 

+   named: false
 

+   nrpe: true
 

+   sshd: true
 

    swap: false
 

- 

- # List of supported operating systems
 

- faf_opsys_list:
 

-   - fedora
 

-   - centos
 

- 

- # Clean-up packages of following EOLed operating systems
 

- eol_opsys: []
 

- # When not empty, the array should have the following form:
 

- #   - { opsys: "Fedora", release: "36" }
 

- 

- # GDPR SAR variables
 

- sar_script: '/usr/bin/faf sar'
 

- sar_script_user: faf
 

+ network_connections:
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+       - '{{ eth2_ipv4 }}/{{ eth2_ipv4_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+       - '{{ dns1 }}'
 

+       - '{{ dns2 }}'
 

+       dns_search:
 

+       - '{{ dns_search1 }}'
 

+       gateway4: '{{ eth2_ipv4_gw }}'
 

+     mac: '{{ mac0 }}'
 

+     name: eth2
 

+     state: up
 

+     type: ethernet
 

+ public_hostname: retrace03.rdu-cc.fedoraproject.org
 

+ rs_internal_arch_list:
 

+ - source
 

+ - x86_64
 

+ rs_internal_centos_vers: [7, 8]
 

+ # we do not have enough storage on stg
 

+ rs_internal_fedora_vers: [33, 34, 35, rawhide]
 

+ rs_internal_fedora_vers_removed: [30, 31, 32]
 

+ rs_use_faf_packages: true
 

  sar_output_file: faf.json
 

- 

- faf_repos:
 

-   # Fedora 33 repositories ------------------------------------------------
 

-   - name: 'fedora-33-source'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/33/Everything/source/tree/'
 

-     arch: 'src'
 

-     opsys: 'Fedora 33'
 

-   - name: 'fedora-33-x86_64'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/33/Everything/x86_64/os/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 33'
 

-   - name: 'fedora-33-x86_64-debug'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/33/Everything/x86_64/debug/tree/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 33'
 

-   - name: 'fedora-33-x86_64-testing-debug'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/33/Everything/x86_64/debug/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 33'
 

-   - name: 'fedora-33-x86_64-testing'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/33/Everything/x86_64/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 33'
 

-   - name: 'fedora-33-x86_64-updates-debug'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/33/Everything/x86_64/debug/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 33'
 

-   - name: 'fedora-33-x86_64-updates'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/33/Everything/x86_64/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 33'
 

-   # Fedora 34 repositories ------------------------------------------------
 

-   - name: 'fedora-34-source'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/34/Everything/source/tree/'
 

-     arch: 'src'
 

-     opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/34/Everything/x86_64/os/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64-debug'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/34/Everything/x86_64/debug/tree/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64-updates'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/34/Everything/x86_64/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64-updates-debug'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/34/Everything/x86_64/debug/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64-testing'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/34/Everything/x86_64/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 34'
 

-   - name: 'fedora-34-x86_64-testing-debug'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/34/Everything/x86_64/debug/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 34'
 

-   # Fedora 35 repositories ------------------------------------------------
 

-   - name: 'fedora-35-source'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/35/Everything/source/tree/'
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/development/35/Everything/source/tree/'
 

-     arch: 'src'
 

-     opsys: 'Fedora 35'
 

-   - name: 'fedora-35-x86_64'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/35/Everything/x86_64/os/'
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/development/35/Everything/x86_64/os/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 35'
 

-   - name: 'fedora-35-x86_64-debug'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/releases/35/Everything/x86_64/debug/tree/'
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/development/35/Everything/x86_64/debug/tree/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 35'
 

-   - name: 'fedora-35-x86_64-testing-debug'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/35/Everything/x86_64/debug/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 35'
 

-   - name: 'fedora-35-x86_64-testing'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/testing/35/Everything/x86_64/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 35'
 

-   - name: 'fedora-35-x86_64-updates-debug'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/35/Everything/x86_64/debug/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 35'
 

-   - name: 'fedora-35-x86_64-updates'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/updates/35/Everything/x86_64/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora 35'
 

-   # Fedora Rawhide repositories -------------------------------------------
 

-   - name: 'fedora-rawhide-source'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/source/tree/'
 

-     arch: 'src'
 

-     opsys: 'Fedora Rawhide'
 

-   - name: 'fedora-rawhide-x86_64'
 

-     url:
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora Rawhide'
 

-   - name: 'fedora-rawhide-x86_64-debug'
 

-     url:
 

-       - 'http://dl01.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/debug/tree/'
 

-     arch: 'x86_64'
 

-     opsys: 'Fedora Rawhide'
 

- ... 

\ No newline at end of file
 

+ sar_script: /usr/bin/faf sar
 

+ sar_script_user: faf

file modified
+9 -14 
@@ -1,19 +1,14 @@
 

  ---
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

+ eth0_ip: 10.3.163.86
 

+ gw: 10.3.163.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

  lvm_size: 40000
 

  mem_size: 10240
 

- num_cpus: 4
 

- 

  nm: 255.255.255.0
 

- gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- 

- volgroup: /dev/vg_guests
 

- eth0_ip: 10.3.163.86
 

- 

- vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

+ num_cpus: 4
 

  public_hostname: secondary01.fedoraproject.org
 

+ vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.169.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ eth0_ip: 10.3.169.120
 

+ gw: 10.3.169.254
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: bvmhost-x86-03.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- eth0_ip: 10.3.169.120
 

+ volgroup: /dev/vg_guests

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ eth0_ip: 10.3.167.27
 

+ gw: 10.3.167.254
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: bvmhost-x86-02.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- eth0_ip: 10.3.167.27
 

+ volgroup: /dev/vg_guests

file modified
+2 -4 
@@ -1,8 +1,6 @@
 

  ---
 

  br0_dev: eno1
 

- 

- br0_ip: 10.3.169.26
 

  br0_gw: 10.3.169.254
 

- br0_nm:  255.255.255.0
 

- 

+ br0_ip: 10.3.169.26
 

+ br0_nm: 255.255.255.0
 

  dns: 10.3.163.33

file modified
+6 -8 
@@ -1,12 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.167.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ eth0_ip: 10.3.167.28
 

+ gw: 10.3.167.254
 

  ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: bvmhost-x86-02.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

- 

- eth0_ip: 10.3.167.28
 

+ volgroup: /dev/vg_guests

file modified
+6 -9 
@@ -1,15 +1,12 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 8.43.85.254
 

+ datacenter: rdu-cc
 

  dns: 1.1.1.1
 

- 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

- 

  eth0_ip: 8.43.85.70
 

  eth0_nm: 255.255.255.0
 

- 

- volgroup: /dev/vg_guests
 

+ gw: 8.43.85.254
 

+ ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

+ nm: 255.255.255.0
 

  vmhost: virthost-cc-rdu01.fedoraproject.org
 

- datacenter: rdu-cc
 

+ volgroup: /dev/vg_guests
 

  vpn: true

file modified
+25 -30 
@@ -1,41 +1,36 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

- eth0_ipv4: 152.19.134.143
 

- eth0_ipv4_nm: 25
 

- eth0_ipv4_gw: 152.19.134.129
 

- has_ipv6: yes
 

- eth0_ipv6: "2600:2701:4000:5211:dead:beef:0058:5c17"
 

- eth0_ipv6_nm: 104
 

- eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

- 

- vmhost: ibiblio05.fedoraproject.org
 

  datacenter: ibiblio
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

  dns1: 152.2.21.1
 

  dns2: 152.2.253.100
 

- 

  dns_search1: vpn.fedoraproject.org
 

  dns_search2: fedoraproject.org
 

- 

+ eth0_ipv4: 152.19.134.143
 

+ eth0_ipv4_gw: 152.19.134.129
 

+ eth0_ipv4_nm: 25
 

+ eth0_ipv6: "2600:2701:4000:5211:dead:beef:0058:5c17"
 

+ eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

+ eth0_ipv6_nm: 104
 

+ has_ipv6: yes
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ ansible_default_ipv4.macaddress }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     type: ethernet
 

+ vmhost: ibiblio05.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+8 -9 
@@ -1,16 +1,15 @@
 

  ---
 

- nm: 255.255.255.192
 

- gw: 140.211.169.193
 

+ datacenter: osuosl
 

  dns: 8.8.8.8
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 140.211.169.205
 

- eth0_nm: 255.255.255.128
 

- has_ipv6: yes
 

  eth0_ipv6: "2605:bc80:3010:600:dead:beef:cafe:fedb"
 

  eth0_ipv6_gw: "2605:bc80:3010:600::1"
 

- 

+ eth0_nm: 255.255.255.128
 

+ gw: 140.211.169.193
 

+ has_ipv6: yes
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

+ nm: 255.255.255.192
 

  vmhost: osuosl02.fedoraproject.org
 

- datacenter: osuosl
 

+ volgroup: /dev/vg_guests
 

  vpn: true

file modified
+32 -43 
@@ -1,55 +1,44 @@
 

  ---
 

  # this box is not currently mission critical
 

- freezes: false
 

- 

- # this box mounts a large share from the netapp to store combined http
 

- # logs from the proxies.
 

- 

- nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3"
 

- 

- # general configs
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

- tcp_ports_eth2: [ 111, 2049 ]
 

- udp_ports_eth2: [ 111, 2049 ]
 

- 

- vpn: true
 

  datacenter: rdu-cc
 

- 

  dns1: 8.8.8.8
 

- 

  dns_search1: fedoraproject.org
 

- 

- has_ipv4: yes
 

  eth0_ipv4: 8.43.85.62
 

- eth0_ipv4_nm: 23
 

  eth0_ipv4_gw: 8.43.85.254
 

+ eth0_ipv4_nm: 23
 

  eth2_ipv4: 172.23.5.25
 

  eth2_ipv4_nm: 24
 

- 

- has_ipv6: no
 

- 

+ freezes: false
 

+ has_ipv4: true
 

+ has_ipv6: false
 

  mac0: ac:1f:6b:b0:6a:12
 

  mac1: ac:1f:6b:ac:67:ec
 

- 

  network_connections:
 

- - name: eth0
 

-   mac: "{{ mac0 }}"
 

-   state: up
 

-   type: ethernet
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-     gateway4: "{{ eth0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: eth2
 

-   type: ethernet
 

-   autoconnect: no
 

-   mac: "{{ mac1 }}"
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+       - '{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+       - '{{ dns1 }}'
 

+       dns_search:
 

+       - '{{ dns_search1 }}'
 

+       gateway4: '{{ eth0_ipv4_gw }}'
 

+     mac: '{{ mac0 }}'
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: false
 

+     mac: '{{ mac1 }}'
 

+     name: eth2
 

+     type: ethernet
 

+   	

+ # this box mounts a large share from the netapp to store combined http
 

+ # logs from the proxies.
 

+ nfs_mount_opts: rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ tcp_ports_eth2: [111, 2049]
 

+ udp_ports_eth2: [111, 2049]
 

+ vpn: true

file modified
+7 -11 
@@ -1,18 +1,14 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.34
 

  eth0_ip: 10.3.163.81
 

- datacenter: iad2
 

- 

- 

- vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-iad2
 

+ gw: 10.3.163.254
 

  ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

- 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-iad2
 

  # This overrides a group var and lets the playbook know that we should
 

  # install special cron jobs here.
 

  master_sundries_node: True
 

- 

+ nm: 255.255.255.0
 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -7 
@@ -1,14 +1,14 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.33
 

- vmhost: vmhost-x86-02.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

  # This overrides a group var and lets the playbook know that we should
 

  # install special cron jobs here.
 

  master_sundries_node: True
 

  mirrorlist_procs: 45
 

+ nm: 255.255.255.0
 

+ vmhost: vmhost-x86-02.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+7 -11 
@@ -1,18 +1,14 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.34
 

  eth0_ip: 10.3.163.101
 

- datacenter: iad2
 

- 

- 

- vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- virt_install_command: "{{ virt_install_command_one_nic }}"
 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-iad2
 

+ gw: 10.3.163.254
 

  ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

- 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-iad2
 

  # This overrides a group var and lets the playbook know that we should
 

  # install special cron jobs here.
 

  master_sundries_node: True
 

- 

+ nm: 255.255.255.0
 

+ virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: vmhost-x86-05.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -10 
@@ -1,18 +1,14 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

  eth0_ip: 10.3.163.37
 

- vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- 

- nm: 255.255.255.0
 

  gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- 

- datacenter: iad2
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

  ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

  # Define resources for this group of hosts here.
 

  lvm_size: 20000
 

  mem_size: 4096
 

+ nm: 255.255.255.0
 

  num_cpus: 2
 

+ vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -10 
@@ -1,18 +1,14 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

+ datacenter: iad2
 

+ dns: 10.3.163.33
 

  eth0_ip: 10.3.163.38
 

- vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

- 

- nm: 255.255.255.0
 

  gw: 10.3.163.254
 

- dns: 10.3.163.33
 

- 

- datacenter: iad2
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

  ks_repo: http://209.132.181.6/repo/rhel/RHEL8-x86_64/
 

- 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-8-ext
 

  # Define resources for this group of hosts here.
 

  lvm_size: 20000
 

  mem_size: 4096
 

+ nm: 255.255.255.0
 

  num_cpus: 2
 

+ vmhost: vmhost-x86-03.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+37 -47 
@@ -1,60 +1,50 @@
 

  ---
 

- volgroup: /dev/vg_guests
 

- 

- eth0_ipv4: 152.19.134.148
 

- eth0_ipv4_nm: 25
 

- eth0_ipv4_gw: 152.19.134.129
 

- has_ipv6: yes
 

- eth0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fed7"
 

- eth0_ipv6_nm: 104
 

- eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

- 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- 

- postfix_group: vpn
 

- vpn: true
 

- 

- ssh_hostnames:
 

- - torrent.fedoraproject.org
 

- 

- vmhost: ibiblio05.fedoraproject.org
 

- datacenter: ibiblio
 

  csi_relationship: |
 

-     torrent02 is the master torrent server for Fedora releases
 

- 

-     * This host relies on:
 

-     - the virthost it's hosted on (ibiblio05.fedoraproject.org)
 

-     - FAS to authenticate users
 

-     - VPN connectivity
 

+   torrent02 is the master torrent server for Fedora releases
 

  

-     * Things that rely on this host:
 

-     - if this host is down, Fedora will lose a release distribution channel
 

+   * This host relies on:
 

+   - the virthost it's hosted on (ibiblio05.fedoraproject.org)
 

+   - FAS to authenticate users
 

+   - VPN connectivity
 

  

+   * Things that rely on this host:
 

+   - if this host is down, Fedora will lose a release distribution channel
 

+ datacenter: ibiblio
 

  dns1: 152.2.21.1
 

  dns2: 152.2.253.100
 

- 

  dns_search1: vpn.fedoraproject.org
 

  dns_search2: fedoraproject.org
 

- 

+ eth0_ipv4: 152.19.134.148
 

+ eth0_ipv4_gw: 152.19.134.129
 

+ eth0_ipv4_nm: 25
 

+ eth0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fed7"
 

+ eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

+ eth0_ipv6_nm: 104
 

+ has_ipv6: yes
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ ansible_default_ipv4.macaddress }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     type: ethernet
 

+ postfix_group: vpn
 

+ ssh_hostnames:
 

+   - torrent.fedoraproject.org
 

+ vmhost: ibiblio05.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+6 -6 
@@ -1,12 +1,12 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 8.43.85.254
 

+ datacenter: rdu-cc
 

  dns: 8.8.8.8
 

- ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 8.43.85.74
 

  eth0_nm: 255.255.255.0
 

+ gw: 8.43.85.254
 

+ ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
 

+ nm: 255.255.255.0
 

  vmhost: virthost-cc-rdu02.fedoraproject.org
 

- datacenter: rdu-cc
 

+ volgroup: /dev/vg_guests
 

  vpn: true

file modified
+27 -32 
@@ -1,43 +1,38 @@
 

  ---
 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

- eth0_ipv4: 152.19.134.150
 

- eth0_ipv4_nm: 25
 

- eth0_ipv4_gw: 152.19.134.129
 

- has_ipv6: yes
 

- eth0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fed1"
 

- eth0_ipv6_nm: 104
 

- eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

- vmhost: ibiblio05.fedoraproject.org
 

  datacenter: ibiblio
 

- postfix_group: vpn
 

- vpn: true
 

- 

  dns1: 152.2.21.1
 

  dns2: 152.2.253.100
 

- 

  dns_search1: vpn.fedoraproject.org
 

  dns_search2: fedoraproject.org
 

- 

+ eth0_ipv4: 152.19.134.150
 

+ eth0_ipv4_gw: 152.19.134.129
 

+ eth0_ipv4_nm: 25
 

+ eth0_ipv6: "2600:2701:4000:5211:dead:beef:00fe:fed1"
 

+ eth0_ipv6_gw: "2600:2701:4000:5211::1"
 

+ eth0_ipv6_nm: 104
 

+ has_ipv6: yes
 

+ ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ ansible_default_ipv4.macaddress }}"
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

-       gateway6: "{{ eth0_ipv6_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+         - "{{ eth0_ipv6 }}/{{ eth0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

-       - 2001:4860:4860::8888
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+       gateway6: "{{ eth0_ipv6_gw }}"
 

+     mac: "{{ ansible_default_ipv4.macaddress }}"
 

+     name: eth0
 

+     type: ethernet
 

+ postfix_group: vpn
 

+ vmhost: ibiblio05.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+7 -7 
@@ -1,13 +1,13 @@
 

  ---
 

- nm: 255.255.255.128
 

- gw: 140.211.169.193
 

+ datacenter: osuosl
 

  dns: 8.8.8.8
 

- ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

- ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 140.211.169.201
 

  eth0_nm: 255.255.255.128
 

- vmhost: osuosl02.fedoraproject.org
 

- datacenter: osuosl
 

+ gw: 140.211.169.193
 

+ ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7-ext
 

+ nm: 255.255.255.128
 

  postfix_group: vpn
 

+ vmhost: osuosl02.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

  vpn: true

file modified
+8 -11 
@@ -1,18 +1,15 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.163.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.163.82
 

- vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ gw: 10.3.163.254
 

  host_backup_targets: ['/srv', '/var/lib/zodbot']
 

- 

- 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

+ sar_output_file: meetbot.json
 

  # GDPR SAR variables - meetbot
 

  sar_script: /usr/local/bin/meetbot_sar.py
 

  sar_script_user: root
 

- sar_output_file: meetbot.json
 

- 

+ vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -6 
@@ -1,11 +1,11 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.23
 

  eth0_nm: 255.255.255.0
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL7-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-7-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-06.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -6 
@@ -1,11 +1,11 @@
 

  ---
 

- nm: 255.255.255.0
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ipv4: 10.3.163.110
 

- eth0_ipv4_nm: 255.255.255.0
 

  eth0_ipv4_gw: 10.3.163.254
 

+ eth0_ipv4_nm: 255.255.255.0
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-04.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -6 
@@ -1,11 +1,11 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.64
 

  eth0_nm: 255.255.255.0
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-06.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+27 -33 
@@ -1,40 +1,34 @@
 

  ---
 

- datacenter: rdu-cc
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- postfix_group: vpn
 

- vpn: true
 

- 

+ br0_dev: eno1
 

  br0_ipv4: 8.43.85.65
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: 8.43.85.254
 

- br0_dev: eno1
 

- 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: '{{ mac0 }}'
 

+ datacenter: rdu-cc
 

  dns1: 8.8.8.8
 

- 

  dns_search1: fedoraproject.org
 

- 

  mac0: ec:f4:bb:e1:6a:a4
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

- - name: br0
 

-   state: up
 

-   type: bridge
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-     gateway4: "{{ br0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: br0-port0
 

-   state: up
 

-   type: ethernet
 

-   master: br0
 

-   mac: "{{ br0_port0_mac }}"
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+       - '{{ br0_ipv4 }}/{{ br0_ipv4_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+       - '{{ dns1 }}'
 

+       dns_search:
 

+       - '{{ dns_search1 }}'
 

+       gateway4: '{{ br0_ipv4_gw }}'
 

+     name: br0
 

+     state: up
 

+     type: bridge
 

+   - mac: '{{ br0_port0_mac }}'
 

+     master: br0
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: vpn
 

+ vpn: true

file modified
+26 -32 
@@ -1,39 +1,33 @@
 

  ---
 

- datacenter: rdu-cc
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- postfix_group: vpn
 

- vpn: true
 

- 

  br0_ipv4: 8.43.85.66
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: 8.43.85.254
 

- 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: '{{ mac0 }}'
 

+ datacenter: rdu-cc
 

  dns1: 8.8.8.8
 

- 

  dns_search1: fedoraproject.org
 

- 

  mac0: 24:6e:96:d5:a4:0a
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

- - name: br0
 

-   state: up
 

-   type: bridge
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-     gateway4: "{{ br0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: br0-port0
 

-   state: up
 

-   type: ethernet
 

-   master: br0
 

-   mac: "{{ br0_port0_mac }}"
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+       - '{{ br0_ipv4 }}/{{ br0_ipv4_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+       - '{{ dns1 }}'
 

+       dns_search:
 

+       - '{{ dns_search1 }}'
 

+       gateway4: '{{ br0_ipv4_gw }}'
 

+     name: br0
 

+     state: up
 

+     type: bridge
 

+   - mac: '{{ br0_port0_mac }}'
 

+     master: br0
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: vpn
 

+ vpn: true

file modified
+27 -33 
@@ -1,41 +1,35 @@
 

  ---
 

- datacenter: rdu-cc
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- postfix_group: vpn
 

- vpn: true
 

- 

  br0_ipv4: 8.43.85.64
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: 8.43.85.254
 

- 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: '{{ mac0 }}'
 

+ datacenter: rdu-cc
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: fedoraproject.org
 

- 

  mac0: e4:1f:13:ba:b1:b8
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

- - name: br0
 

-   state: up
 

-   type: bridge
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-     gateway4: "{{ br0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: br0-port0
 

-   state: up
 

-   type: ethernet
 

-   master: br0
 

-   mac: "{{ br0_port0_mac }}"
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+       - '{{ br0_ipv4 }}/{{ br0_ipv4_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+       - '{{ dns1 }}'
 

+       - '{{ dns2 }}'
 

+       dns_search:
 

+       - '{{ dns_search1 }}'
 

+       gateway4: '{{ br0_ipv4_gw }}'
 

+     name: br0
 

+     state: up
 

+     type: bridge
 

+   - mac: '{{ br0_port0_mac }}'
 

+     master: br0
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: vpn
 

+ vpn: true

file modified
+6 -7 
@@ -1,14 +1,13 @@
 

  ---
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- datacenter: cloud
 

  br0_ip: 38.145.48.5
 

  br0_nm: 255.255.254.0
 

  br1_ip: 172.24.0.17
 

  br1_nm: 255.255.254.0
 

- gw: 8.43.49.254
 

+ datacenter: cloud
 

  dns: 8.8.8.8
 

- 

- vpn: false
 

- postfix_group: cloud
 

  freezes: false
 

+ gw: 8.43.49.254
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: cloud
 

+ vpn: false

file modified
+52 -60 
@@ -1,71 +1,63 @@
 

  ---
 

- datacenter: rdu
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- postfix_group: vpn
 

- vpn: true
 

- 

- public_ip: 209.132.190.11
 

- 

- nagios_Check_Services:
 

-   nrpe: false
 

-   mail: false
 

- 

  br0_ipv4: 172.31.2.11
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: 172.31.2.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: '{{ mac0 }}'
 

  br1_ipv4: 172.31.1.2
 

- br1_ipv4_nm: 24
 

  br1_ipv4_gw: 172.31.2.254
 

- 

+ br1_ipv4_nm: 24
 

+ br1_port0_mac: '{{ mac1 }}'
 

+ datacenter: rdu
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: fedoraproject.org
 

- 

  mac0: ec:f4:bb:e1:6d:e4
 

  mac1: ec:f4:bb:e1:6d:e5
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- br1_port0_mac: "{{ mac1 }}"
 

- 

+ nagios_Check_Services:
 

+   mail: false
 

+   nrpe: false
 

  network_connections:
 

- - name: br0
 

-   state: up
 

-   type: bridge
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-     gateway4: "{{ br0_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: br0-port0
 

-   state: up
 

-   type: ethernet
 

-   master: br0
 

-   mac: "{{ br0_port0_mac }}"
 

- - name: br1
 

-   state: up
 

-   type: bridge
 

-   autoconnect: yes
 

-   ip:
 

-     address:
 

-     - "{{ br1_ipv4 }}/{{ br1_ipv4_nm }}"
 

-     gateway4: "{{ br1_ipv4_gw }}"
 

-     dns:
 

-     - "{{ dns1 }}"
 

-     - "{{ dns2 }}"
 

-     dns_search:
 

-     - "{{ dns_search1 }}"
 

-     dhcp4: no
 

-     auto6: no
 

- - name: br1-port0
 

-   state: up
 

-   type: ethernet
 

-   master: br1
 

-   mac: "{{ br1_port0_mac }}"
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+       - '{{ br0_ipv4 }}/{{ br0_ipv4_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+       - '{{ dns1 }}'
 

+       dns_search:
 

+       - '{{ dns_search1 }}'
 

+       gateway4: '{{ br0_ipv4_gw }}'
 

+     name: br0
 

+     state: up
 

+     type: bridge
 

+   - mac: '{{ br0_port0_mac }}'
 

+     master: br0
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet
 

+   - autoconnect: true
 

+     ip:
 

+       address:
 

+       - '{{ br1_ipv4 }}/{{ br1_ipv4_nm }}'
 

+       auto6: false
 

+       dhcp4: false
 

+       dns:
 

+       - '{{ dns1 }}'
 

+       - '{{ dns2 }}'
 

+       dns_search:
 

+       - '{{ dns_search1 }}'
 

+       gateway4: '{{ br1_ipv4_gw }}'
 

+     name: br1
 

+     state: up
 

+     type: bridge
 

+   - mac: '{{ br1_port0_mac }}'
 

+     master: br1
 

+     name: br1-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: vpn
 

+ public_ip: 209.132.190.11
 

+ vpn: true

file modified
+7 -8 
@@ -1,15 +1,14 @@
 

  ---
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

+ br0_ip: 172.31.2.12
 

+ br0_nm: 255.255.255.0
 

  datacenter: rdu
 

- nm: 255.255.255.0
 

- gw: 172.31.2.254
 

  dns: 8.8.8.8
 

+ gw: 172.31.2.254
 

+ nm: 255.255.255.0
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

  postfix_group: vpn
 

- br0_ip: 172.31.2.12
 

- br0_nm: 255.255.255.0
 

+ public_ip: 209.132.190.12
 

  #br1_ip: 172.31.1.2
 

  #br1_nm: 255.255.255.0
 

  vpn: true
 

- 

- public_ip: 209.132.190.12

file modified
+23 -31 
@@ -1,45 +1,37 @@
 

  ---
 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

+ br0_ipv4: 8.43.85.69
 

+ br0_ipv4_gw: 8.43.85.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: rdu-cc
 

- 

  dns1: 8.8.8.8
 

- 

  dns_search1: "rdu-cc.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 8.43.85.69
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 8.43.85.254
 

- 

  mac1: 68:05:ca:8a:f2:05
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

- vpn: true
 

- postfix_group: cloud
 

- freezes: false
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: cloud
 

+ vpn: true

file modified
+4 -4 
@@ -1,9 +1,9 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- dns: 10.3.163.33
 

+ br0_dev: eno1
 

  br0_gw: 10.3.166.254
 

  br0_ip: 10.3.166.90
 

  br0_nm: 255.255.255.0
 

- br0_dev: eno1
 

+ dns: 10.3.163.33
 

+ freezes: false
 

+ nested: true

file modified
+4 -4 
@@ -1,9 +1,9 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- dns: 10.3.163.33
 

+ br0_dev: eno1
 

  br0_gw: 10.3.166.254
 

  br0_ip: 10.3.166.91
 

  br0_nm: 255.255.255.0
 

- br0_dev: eno1
 

+ dns: 10.3.163.33
 

+ freezes: false
 

+ nested: true

file modified
+4 -4 
@@ -1,9 +1,9 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- dns: 10.3.163.33
 

+ br0_dev: eno1
 

  br0_gw: 10.3.166.254
 

  br0_ip: 10.3.166.92
 

  br0_nm: 255.255.255.0
 

- br0_dev: eno1
 

+ dns: 10.3.163.33
 

+ freezes: false
 

+ nested: true

file modified
+4 -4 
@@ -1,9 +1,9 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- dns: 10.3.163.33
 

+ br0_dev: eno1
 

  br0_gw: 10.3.166.254
 

  br0_ip: 10.3.166.93
 

  br0_nm: 255.255.255.0
 

- br0_dev: eno1
 

+ dns: 10.3.163.33
 

+ freezes: false
 

+ nested: true

file modified
+35 -43 
@@ -1,21 +1,19 @@
 

  ---
 

- datacenter: rdu-cc
 

- 

- gw: 8.43.85.254
 

- dns: 8.8.8.8
 

- 

- has_ipv4: yes
 

  br0_ipv4: 8.43.85.55
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: "{{ gw }}"
 

+ br0_ipv4_nm: 24
 

+ br0_ipv6: "2620:52:3:1:dead:beef:cafe:c007"
 

+ br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

+ br0_ipv6_nm: 64
 

+ br0_port0_mac: "{{ mac4 }}"
 

  br1_ipv4: 172.23.5.101
 

  br1_ipv4_nm: 24
 

- 

+ br1_port0_mac: "{{ mac0 }}"
 

+ datacenter: rdu-cc
 

+ dns: 8.8.8.8
 

+ gw: 8.43.85.254
 

+ has_ipv4: yes
 

  has_ipv6: yes
 

- br0_ipv6: "2620:52:3:1:dead:beef:cafe:c007"
 

- br0_ipv6_nm: 64
 

- br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

  mac0: "40:f2:e9:5d:52:70"
 

  mac1: "40:f2:e9:5d:52:71"
 

  mac2: "40:f2:e9:5d:52:72"
 
@@ -24,47 +22,41 @@
 

  mac5: "40:f2:e9:5d:50:f9"
 

  mac6: "40:f2:e9:5d:50:fa"
 

  mac7: "40:f2:e9:5d:50:fb"
 

- 

- br0_port0_mac: "{{ mac4 }}"
 

- br1_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

-       gateway6: "{{ br0_ipv6_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+         - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - 8.8.8.8
 

-       - 8.8.4.4
 

-       - 2001:4860:4860::8888
 

+         - 8.8.8.8
 

+         - 8.8.4.4
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - fedoraproject.org
 

-       - vpn.fedoraproject.org
 

-       - rdu-cc.fedoraproject.org
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - fedoraproject.org
 

+         - vpn.fedoraproject.org
 

+         - rdu-cc.fedoraproject.org
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+       gateway6: "{{ br0_ipv6_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-   - name: br1
 

+     name: br0-port0
 

      state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+     type: ethernet
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br1_ipv4 }}/{{ br1_ipv4_nm }}"
 

+         - "{{ br1_ipv4 }}/{{ br1_ipv4_nm }}"
 

        dhcp4: no
 

-       auto6: no
 

-   - name: br1-port0
 

+     name: br1
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br1_port0_mac }}"
 

      master: br1
 

-     mac: "{{ br1_port0_mac }}"
 

+     name: br1-port0
 

+     state: up
 

+     type: ethernet

file modified
+35 -43 
@@ -1,21 +1,19 @@
 

  ---
 

- datacenter: rdu-cc
 

- 

- gw: 8.43.85.254
 

- dns: 8.8.8.8
 

- 

- has_ipv4: yes
 

  br0_ipv4: 8.43.85.54
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: "{{ gw }}"
 

+ br0_ipv4_nm: 24
 

+ br0_ipv6: "2620:52:3:1:dead:beef:cafe:c008"
 

+ br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

+ br0_ipv6_nm: 64
 

+ br0_port0_mac: "{{ mac4 }}"
 

  br1_ipv4: 172.23.5.117
 

  br1_ipv4_nm: 24
 

- 

+ br1_port0_mac: "{{ mac0 }}"
 

+ datacenter: rdu-cc
 

+ dns: 8.8.8.8
 

+ gw: 8.43.85.254
 

+ has_ipv4: yes
 

  has_ipv6: yes
 

- br0_ipv6: "2620:52:3:1:dead:beef:cafe:c008"
 

- br0_ipv6_nm: 64
 

- br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

  mac0: "40:f2:e9:5d:53:64"
 

  mac1: "40:f2:e9:5d:53:65"
 

  mac2: "40:f2:e9:5d:53:66"
 
@@ -24,47 +22,41 @@
 

  mac5: "40:f2:e9:5d:53:5d"
 

  mac6: "40:f2:e9:5d:53:5e"
 

  mac7: "40:f2:e9:5d:53:5f"
 

- 

- br0_port0_mac: "{{ mac4 }}"
 

- br1_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

-       gateway6: "{{ br0_ipv6_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+         - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - 8.8.8.8
 

-       - 8.8.4.4
 

-       - 2001:4860:4860::8888
 

+         - 8.8.8.8
 

+         - 8.8.4.4
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - fedoraproject.org
 

-       - vpn.fedoraproject.org
 

-       - rdu-cc.fedoraproject.org
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - fedoraproject.org
 

+         - vpn.fedoraproject.org
 

+         - rdu-cc.fedoraproject.org
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+       gateway6: "{{ br0_ipv6_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-   - name: br1
 

+     name: br0-port0
 

      state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+     type: ethernet
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br1_ipv4 }}/{{ br1_ipv4_nm }}"
 

+         - "{{ br1_ipv4 }}/{{ br1_ipv4_nm }}"
 

        dhcp4: no
 

-       auto6: no
 

-   - name: br1-port0
 

+     name: br1
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br1_port0_mac }}"
 

      master: br1
 

-     mac: "{{ br1_port0_mac }}"
 

+     name: br1-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -25 
@@ -1,40 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.163.11
 

+ br0_ipv4_gw: 10.3.163.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.163.11
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.163.254
 

- 

  mac1: e4:43:4b:b1:70:88
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+23 -31 
@@ -1,54 +1,46 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.166.11
 

+ br0_ipv4_gw: 10.3.166.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac3 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.166.11
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.166.254
 

- 

- install_noc: noc01.iad2.fedoraproject.org
 

- install_mac: 24-6E-96-B1-C7-F4
 

  # Inside this, expect /vmlinuz and /initrd.img
 

  install_binpath: /uefi/x86_64/el8
 

  install_ks: http://10.5.126.23/repo/rhel/ks/hardware-rhel-8-08disk
 

+ install_mac: 24-6E-96-B1-C7-F4
 

+ install_noc: noc01.iad2.fedoraproject.org
 

  install_repo: http://10.5.126.23/repo/rhel/RHEL8-x86_64/
 

- 

  mac1: ec:f4:bb:d2:85:ec
 

  mac2: ec:f4:bb:d2:85:ed
 

  mac3: ec:f4:bb:d2:85:e8
 

  mac4: ec:f4:bb:d2:85:ea
 

- 

- br0_port0_mac: "{{ mac3 }}"
 

- 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -25 
@@ -1,40 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.163.12
 

+ br0_ipv4_gw: 10.3.163.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.163.12
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.163.254
 

- 

  mac1: e4:43:4b:ba:e8:44
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+21 -28 
@@ -1,47 +1,40 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.166.12
 

+ br0_ipv4_gw: 10.3.166.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac3 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.166.12
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.166.254
 

- 

  mac1: 24:6e:96:13:ed:dc
 

  mac2: 24:6e:96:13:ed:dd
 

  mac3: 24:6e:96:13:ed:d8
 

  mac4: 24:6e:96:13:ed:da
 

- 

- br0_port0_mac: "{{ mac3 }}"
 

- 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -25 
@@ -1,40 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.163.13
 

+ br0_ipv4_gw: 10.3.163.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.163.13
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.163.254
 

- 

  mac1: e4:43:4b:b1:28:cc
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+21 -28 
@@ -1,47 +1,40 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.166.13
 

+ br0_ipv4_gw: 10.3.166.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac3 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.166.13
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.166.254
 

- 

  mac1: 24:6e:96:05:d9:fc
 

  mac2: 24:6e:96:05:d9:fd
 

  mac3: 24:6e:96:05:d9:f8
 

  mac4: 24:6e:96:05:d9:fa
 

- 

- br0_port0_mac: "{{ mac3 }}"
 

- 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -25 
@@ -1,40 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.163.14
 

+ br0_ipv4_gw: 10.3.163.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.163.14
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.163.254
 

- 

  mac1: e4:43:4b:b1:62:a8
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+21 -28 
@@ -1,47 +1,40 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.166.14
 

+ br0_ipv4_gw: 10.3.166.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac3 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.166.14
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.166.254
 

- 

  mac1: 24:6e:96:05:d7:84
 

  mac2: 24:6e:96:05:d7:85
 

  mac3: 24:6e:96:05:d7:80
 

  mac4: 24:6e:96:05:d7:82
 

- 

- br0_port0_mac: "{{ mac3 }}"
 

- 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -25 
@@ -1,40 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.163.15
 

+ br0_ipv4_gw: 10.3.163.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.163.15
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.163.254
 

- 

  mac1: e4:43:4b:ae:4b:b8
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+21 -28 
@@ -1,49 +1,42 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.166.15
 

+ br0_ipv4_gw: 10.3.166.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac5 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.166.15
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.166.254
 

- 

  mac1: 18:66:da:f7:7a:58
 

  mac2: 18:66:da:f7:7a:59
 

  mac3: 18:66:da:f7:7a:5a
 

  mac4: 18:66:da:f7:7a:5b
 

  mac5: a0:36:9f:de:88:28
 

  mac6: a0:36:9f:de:88:2a
 

- 

- br0_port0_mac: "{{ mac5 }}"
 

- 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -25 
@@ -1,40 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.163.16
 

+ br0_ipv4_gw: 10.3.163.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.163.16
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.163.254
 

- 

  mac1: e4:43:4b:b1:28:ee
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+21 -28 
@@ -1,49 +1,42 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.166.16
 

+ br0_ipv4_gw: 10.3.166.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac5 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.166.16
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.166.254
 

- 

  mac1: 18:66:da:f7:61:58
 

  mac2: 18:66:da:f7:61:59
 

  mac3: 18:66:da:f7:61:5a
 

  mac4: 18:66:da:f7:61:5b
 

  mac5: a0:36:9f:de:85:bc
 

  mac6: a0:36:9f:de:85:be
 

- 

- br0_port0_mac: "{{ mac5 }}"
 

- 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -25 
@@ -1,40 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.163.17
 

+ br0_ipv4_gw: 10.3.163.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.163.17
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.163.254
 

- 

  mac1: e4:43:4b:22:ce:ca
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+21 -28 
@@ -1,49 +1,42 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.166.17
 

+ br0_ipv4_gw: 10.3.166.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac4 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.166.17
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.166.254
 

- 

  mac1: 80:18:44:de:4d:fc
 

  mac2: 80:18:44:de:4d:fd
 

  mac3: 80:18:44:de:4d:fe
 

  mac4: a0:36:9f:f1:83:e0
 

  mac5: 80:18:44:de:4d:ff
 

  mac6: a0:36:9f:f1:83:e2
 

- 

- br0_port0_mac: "{{ mac4 }}"
 

- 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -25 
@@ -1,40 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.163.28
 

+ br0_ipv4_gw: 10.3.163.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.163.28
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.163.254
 

- 

  mac1: 24:6e:96:b1:61:f8
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+21 -28 
@@ -1,47 +1,40 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.166.18
 

+ br0_ipv4_gw: 10.3.166.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac3 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.166.18
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.166.254
 

- 

  mac1: 24:6e:96:c1:6e:bc
 

  mac2: 24:6e:96:c1:6e:bd
 

  mac3: 24:6e:96:c1:6e:b8
 

  mac4: 24:6e:96:c1:6e:ba
 

- 

- br0_port0_mac: "{{ mac3 }}"
 

- 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+18 -25 
@@ -1,40 +1,33 @@
 

  ---
 

+ br0_ipv4: 10.3.163.29
 

+ br0_ipv4_gw: 10.3.163.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac2 }}"
 

  datacenter: iad2
 

- 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search2: "fedoraproject.org"
 

- 

  has_ipv4: yes
 

- br0_ipv4: 10.3.163.29
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.163.254
 

- 

  mac2: 24:6e:96:b1:61:c0
 

- 

- br0_port0_mac: "{{ mac2 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+21 -28 
@@ -1,47 +1,40 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.166.19
 

+ br0_ipv4_gw: 10.3.166.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac3 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.166.19
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.166.254
 

- 

  mac1: ec:f4:bb:e1:c8:f4
 

  mac2: ec:f4:bb:e1:c8:f5
 

  mac3: ec:f4:bb:e1:c8:f0
 

  mac4: ec:f4:bb:e1:c8:f2
 

- 

- br0_port0_mac: "{{ mac3 }}"
 

- 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+21 -28 
@@ -1,47 +1,40 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.166.20
 

+ br0_ipv4_gw: 10.3.166.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac3 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.166.20
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.166.254
 

- 

  mac1: ec:f4:bb:e1:cb:8c
 

  mac2: ec:f4:bb:e1:cb:8d
 

  mac3: ec:f4:bb:e1:cb:88
 

  mac4: ec:f4:bb:e1:cb:8a
 

- 

- br0_port0_mac: "{{ mac3 }}"
 

- 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+23 -30 
@@ -1,49 +1,42 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- 

+ br0_ipv4: 10.3.166.28
 

+ br0_ipv4_gw: 10.3.166.254
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search2: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

+ freezes: false
 

  has_ipv4: yes
 

- br0_ipv4: 10.3.166.28
 

- br0_ipv4_nm: 24
 

- br0_ipv4_gw: 10.3.166.254
 

- 

- mgmt_mac: 2c:ea:7f:f3:6c:be
 

- mgmt_ipv4: 10.3.160.46
 

  mac1: E4:43:4B:F7:B7:B8
 

  mac2: E4:43:4B:F7:B7:BA
 

  mac3: E4:43:4B:F7:B7:D8
 

  mac4: E4:43:4B:F7:B7:D9
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

+ mgmt_ipv4: 10.3.160.46
 

+ mgmt_mac: 2c:ea:7f:f3:6c:be
 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+22 -27 
@@ -1,42 +1,37 @@
 

  ---
 

  # This virthost only has stg instances, so it doesn't freeze
 

- freezes: false
 

- nested: true
 

- dns: 10.3.163.33
 

- 

- has_ipv4: yes
 

  br0_ipv4: 10.3.166.29
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: 10.3.166.254
 

- 

- mgmt_mac: 2c:ea:7f:f3:82:fc
 

- mgmt_ipv4: 10.3.160.47
 

+ br0_ipv4_nm: 24
 

+ br0_port0_mac: "{{ mac1 }}"
 

+ dns: 10.3.163.33
 

+ freezes: false
 

+ has_ipv4: yes
 

  mac1: E4:43:4B:F7:AD:10
 

  mac2: E4:43:4B:F7:AD:12
 

  mac3: E4:43:4B:F7:AD:30
 

  mac4: E4:43:4B:F7:AD:31
 

- 

- br0_port0_mac: "{{ mac1 }}"
 

- 

+ mgmt_ipv4: 10.3.160.47
 

+ mgmt_mac: 2c:ea:7f:f3:82:fc
 

+ nested: true
 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns }}"
 

+         - "{{ dns }}"
 

        dns_search:
 

-       - stg.iad2.fedoraproject.org
 

-       - iad2.fedoraproject.org
 

-       - fedoraproject.org
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - stg.iad2.fedoraproject.org
 

+         - iad2.fedoraproject.org
 

+         - fedoraproject.org
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+48 -59 
@@ -1,90 +1,79 @@
 

  ---
 

- datacenter: rdu-cc
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

- vpn: true
 

- postfix_group: cloud
 

- freezes: false
 

- 

- gw: 8.43.85.254
 

- dns: 8.8.8.8
 

- 

- has_ipv4: yes
 

  br0_ipv4: 8.43.85.84
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: "{{ gw }}"
 

+ br0_ipv4_nm: 24
 

+ br0_ipv6: "2620:52:3:1:dead:beef:cafe:f005"
 

+ br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

+ br0_ipv6_nm: 64
 

+ br0_port0_mac: "{{ mac0 }}"
 

  br1_ipv4: 172.23.1.1
 

  br1_ipv4_nm: 24
 

+ br1_port0_mac: "{{ mac1 }}"
 

  br2_ipv4: 172.23.5.1
 

  br2_ipv4_nm: 24
 

- 

+ br2_port0_mac: "{{ mac2 }}"
 

+ datacenter: rdu-cc
 

+ dns: 8.8.8.8
 

+ freezes: false
 

+ gw: 8.43.85.254
 

+ has_ipv4: yes
 

  has_ipv6: yes
 

- br0_ipv6: "2620:52:3:1:dead:beef:cafe:f005"
 

- br0_ipv6_nm: 64
 

- br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

  mac0: "ec:f4:bb:d2:97:7c"
 

  mac1: "ec:f4:bb:d2:97:7d"
 

  mac2: "ec:f4:bb:d2:97:78"
 

  mac3: "ec:f4:bb:d2:97:7a"
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- br1_port0_mac: "{{ mac1 }}"
 

- br2_port0_mac: "{{ mac2 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

-       gateway6: "{{ br0_ipv6_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+         - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - 8.8.8.8
 

-       - 8.8.4.4
 

-       - 2001:4860:4860::8888
 

+         - 8.8.8.8
 

+         - 8.8.4.4
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - fedoraproject.org
 

-       - vpn.fedoraproject.org
 

-       - rdu-cc.fedoraproject.org
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - fedoraproject.org
 

+         - vpn.fedoraproject.org
 

+         - rdu-cc.fedoraproject.org
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+       gateway6: "{{ br0_ipv6_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-   - name: br1
 

+     name: br0-port0
 

      state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+     type: ethernet
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br1_ipv4 }}/{{ br1_ipv4_nm }}"
 

+         - "{{ br1_ipv4 }}/{{ br1_ipv4_nm }}"
 

        dhcp4: no
 

-       auto6: no
 

-   - name: br1-port0
 

+     name: br1
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br1_port0_mac }}"
 

      master: br1
 

-     mac: "{{ br1_port0_mac }}"
 

-   - name: br2
 

+     name: br1-port0
 

      state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+     type: ethernet
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br2_ipv4 }}/{{ br2_ipv4_nm }}"
 

+         - "{{ br2_ipv4 }}/{{ br2_ipv4_nm }}"
 

        dhcp4: no
 

-       auto6: no
 

-   - name: br2-port0
 

+     name: br2
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br2_port0_mac }}"
 

      master: br2
 

-     mac: "{{ br2_port0_mac }}"
 

+     name: br2-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: cloud
 

+ vpn: true

file modified
+48 -59 
@@ -1,90 +1,79 @@
 

  ---
 

- datacenter: rdu-cc
 

- 

- nrpe_procs_warn: 900
 

- nrpe_procs_crit: 1000
 

- 

- vpn: true
 

- postfix_group: cloud
 

- freezes: false
 

- 

- gw: 8.43.85.254
 

- dns: 8.8.8.8
 

- 

- has_ipv4: yes
 

  br0_ipv4: 8.43.85.85
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: "{{ gw }}"
 

+ br0_ipv4_nm: 24
 

+ br0_ipv6: "2620:52:3:1:dead:beef:cafe:f006"
 

+ br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

+ br0_ipv6_nm: 64
 

+ br0_port0_mac: "{{ mac0 }}"
 

  br1_ipv4: 172.23.1.2
 

  br1_ipv4_nm: 24
 

+ br1_port0_mac: "{{ mac1 }}"
 

  br2_ipv4: 172.23.5.2
 

  br2_ipv4_nm: 24
 

- 

+ br2_port0_mac: "{{ mac2 }}"
 

+ datacenter: rdu-cc
 

+ dns: 8.8.8.8
 

+ freezes: false
 

+ gw: 8.43.85.254
 

+ has_ipv4: yes
 

  has_ipv6: yes
 

- br0_ipv6: "2620:52:3:1:dead:beef:cafe:f006"
 

- br0_ipv6_nm: 64
 

- br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

  mac0: "ec:f4:bb:cd:aa:a4"
 

  mac1: "ec:f4:bb:cd:aa:a5"
 

  mac2: "ec:f4:bb:cd:aa:a0"
 

  mac3: "ec:f4:bb:cd:aa:a2"
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- br1_port0_mac: "{{ mac1 }}"
 

- br2_port0_mac: "{{ mac2 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

-       gateway6: "{{ br0_ipv6_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+         - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - 8.8.8.8
 

-       - 8.8.4.4
 

-       - 2001:4860:4860::8888
 

+         - 8.8.8.8
 

+         - 8.8.4.4
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - fedoraproject.org
 

-       - vpn.fedoraproject.org
 

-       - rdu-cc.fedoraproject.org
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - fedoraproject.org
 

+         - vpn.fedoraproject.org
 

+         - rdu-cc.fedoraproject.org
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+       gateway6: "{{ br0_ipv6_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

-   - name: br1
 

+     name: br0-port0
 

      state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+     type: ethernet
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br1_ipv4 }}/{{ br1_ipv4_nm }}"
 

+         - "{{ br1_ipv4 }}/{{ br1_ipv4_nm }}"
 

        dhcp4: no
 

-       auto6: no
 

-   - name: br1-port0
 

+     name: br1
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br1_port0_mac }}"
 

      master: br1
 

-     mac: "{{ br1_port0_mac }}"
 

-   - name: br2
 

+     name: br1-port0
 

      state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+     type: ethernet
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br2_ipv4 }}/{{ br2_ipv4_nm }}"
 

+         - "{{ br2_ipv4 }}/{{ br2_ipv4_nm }}"
 

        dhcp4: no
 

-       auto6: no
 

-   - name: br2-port0
 

+     name: br2
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br2_port0_mac }}"
 

      master: br2
 

-     mac: "{{ br2_port0_mac }}"
 

+     name: br2-port0
 

+     state: up
 

+     type: ethernet
 

+ nrpe_procs_crit: 1000
 

+ nrpe_procs_warn: 900
 

+ postfix_group: cloud
 

+ vpn: true

file modified
+26 -33 
@@ -1,19 +1,16 @@
 

  ---
 

- datacenter: rdu-cc
 

- 

- gw: 8.43.85.254
 

- dns: 8.8.8.8
 

- 

- has_ipv4: yes
 

  br0_ipv4: 8.43.85.57
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: "{{ gw }}"
 

- 

- has_ipv6: yes
 

+ br0_ipv4_nm: 24
 

  br0_ipv6: "2620:52:3:1:dead:beef:cafe:c001"
 

- br0_ipv6_nm: 64
 

  br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

+ br0_ipv6_nm: 64
 

+ br0_port0_mac: "{{ mac0 }}"
 

+ datacenter: rdu-cc
 

+ dns: 8.8.8.8
 

+ gw: 8.43.85.254
 

+ has_ipv4: yes
 

+ has_ipv6: yes
 

  mac0: "f4:02:70:d0:05:00"
 

  mac1: "f4:02:70:d0:05:01"
 

  mac2: "b0:26:28:d1:df:00"
 
@@ -22,32 +19,28 @@
 

  mac5: "b4:96:91:63:3b:e9"
 

  mac6: "b4:96:91:63:3b:ea"
 

  mac7: "b4:96:91:63:3b:eb"
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

-       gateway6: "{{ br0_ipv6_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+         - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - 8.8.8.8
 

-       - 8.8.4.4
 

-       - 2001:4860:4860::8888
 

+         - 8.8.8.8
 

+         - 8.8.4.4
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - fedoraproject.org
 

-       - vpn.fedoraproject.org
 

-       - rdu-cc.fedoraproject.org
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - fedoraproject.org
 

+         - vpn.fedoraproject.org
 

+         - rdu-cc.fedoraproject.org
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+       gateway6: "{{ br0_ipv6_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+26 -36 
@@ -1,54 +1,44 @@
 

  ---
 

- datacenter: rdu-cc
 

- 

- gw: 8.43.85.254
 

- dns: 8.8.8.8
 

- 

- has_ipv4: yes
 

  br0_ipv4: 8.43.85.58
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: "{{ gw }}"
 

- 

- has_ipv6: yes
 

+ br0_ipv4_nm: 24
 

  br0_ipv6: "2620:52:3:1:dead:beef:cafe:c002"
 

- br0_ipv6_nm: 64
 

  br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

- 

+ br0_ipv6_nm: 64
 

+ br0_port0_mac: "{{ mac0 }}"
 

+ datacenter: rdu-cc
 

+ dns: 8.8.8.8
 

+ gw: 8.43.85.254
 

+ has_ipv4: yes
 

+ has_ipv6: yes
 

  mac0: "f4:02:70:d0:04:5e"
 

  mac1: "f4:02:70:d0:04:5f"
 

  mac2: "b4:96:91:63:3b:9c"
 

  mac3: "b4:96:91:63:3b:9d"
 

  mac4: "b4:96:91:63:3b:9e"
 

  mac5: "b4:96:91:63:3b:9f"
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

-       gateway6: "{{ br0_ipv6_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+         - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - 8.8.8.8
 

-       - 8.8.4.4
 

-       - 2001:4860:4860::8888
 

+         - 8.8.8.8
 

+         - 8.8.4.4
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - fedoraproject.org
 

-       - vpn.fedoraproject.org
 

-       - rdu-cc.fedoraproject.org
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - fedoraproject.org
 

+         - vpn.fedoraproject.org
 

+         - rdu-cc.fedoraproject.org
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+       gateway6: "{{ br0_ipv6_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

- 

- 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+26 -33 
@@ -1,19 +1,16 @@
 

  ---
 

- datacenter: rdu-cc
 

- 

- gw: 8.43.85.254
 

- dns: 8.8.8.8
 

- 

- has_ipv4: yes
 

  br0_ipv4: 8.43.85.59
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: "{{ gw }}"
 

- 

- has_ipv6: yes
 

+ br0_ipv4_nm: 24
 

  br0_ipv6: "2620:52:3:1:dead:beef:cafe:c003"
 

- br0_ipv6_nm: 64
 

  br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

+ br0_ipv6_nm: 64
 

+ br0_port0_mac: "{{ mac0 }}"
 

+ datacenter: rdu-cc
 

+ dns: 8.8.8.8
 

+ gw: 8.43.85.254
 

+ has_ipv4: yes
 

+ has_ipv6: yes
 

  mac0: "f4:02:70:d3:42:48"
 

  mac1: "f4:02:70:d3:42:49"
 

  mac2: "b0:26:28:d1:dd:c0"
 
@@ -22,32 +19,28 @@
 

  mac5: "b4:96:91:63:3b:51"
 

  mac6: "b4:96:91:63:3b:52"
 

  mac7: "b4:96:91:63:3b:53"
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

-       gateway6: "{{ br0_ipv6_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+         - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - 8.8.8.8
 

-       - 8.8.4.4
 

-       - 2001:4860:4860::8888
 

+         - 8.8.8.8
 

+         - 8.8.4.4
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - fedoraproject.org
 

-       - vpn.fedoraproject.org
 

-       - rdu-cc.fedoraproject.org
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - fedoraproject.org
 

+         - vpn.fedoraproject.org
 

+         - rdu-cc.fedoraproject.org
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+       gateway6: "{{ br0_ipv6_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+26 -33 
@@ -1,19 +1,16 @@
 

  ---
 

- datacenter: rdu-cc
 

- 

- gw: 8.43.85.254
 

- dns: 8.8.8.8
 

- 

- has_ipv4: yes
 

  br0_ipv4: 8.43.85.60
 

- br0_ipv4_nm: 24
 

  br0_ipv4_gw: "{{ gw }}"
 

- 

- has_ipv6: yes
 

+ br0_ipv4_nm: 24
 

  br0_ipv6: "2620:52:3:1:dead:beef:cafe:c004"
 

- br0_ipv6_nm: 64
 

  br0_ipv6_gw: "2620:52:3:1:ffff:ffff:ffff:fffe"
 

- 

+ br0_ipv6_nm: 64
 

+ br0_port0_mac: "{{ mac0 }}"
 

+ datacenter: rdu-cc
 

+ dns: 8.8.8.8
 

+ gw: 8.43.85.254
 

+ has_ipv4: yes
 

+ has_ipv6: yes
 

  mac0: "70:b5:e8:d0:a4:06"
 

  mac1: "70:b5:e8:d0:a4:07"
 

  mac2: "b0:26:28:d1:e0:f0"
 
@@ -22,32 +19,28 @@
 

  mac5: "b4:96:91:63:3a:a1"
 

  mac6: "b4:96:91:63:3a:a2"
 

  mac7: "b4:96:91:63:3a:a3"
 

- 

- br0_port0_mac: "{{ mac0 }}"
 

- 

  network_connections:
 

-   - name: br0
 

-     state: up
 

-     type: bridge
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

-       - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

-       gateway4: "{{ br0_ipv4_gw }}"
 

-       gateway6: "{{ br0_ipv6_gw }}"
 

+         - "{{ br0_ipv4 }}/{{ br0_ipv4_nm }}"
 

+         - "{{ br0_ipv6 }}/{{ br0_ipv6_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - 8.8.8.8
 

-       - 8.8.4.4
 

-       - 2001:4860:4860::8888
 

+         - 8.8.8.8
 

+         - 8.8.4.4
 

+         - 2001:4860:4860::8888
 

        dns_search:
 

-       - fedoraproject.org
 

-       - vpn.fedoraproject.org
 

-       - rdu-cc.fedoraproject.org
 

-       dhcp4: no
 

-       auto6: no
 

-   - name: br0-port0
 

+         - fedoraproject.org
 

+         - vpn.fedoraproject.org
 

+         - rdu-cc.fedoraproject.org
 

+       gateway4: "{{ br0_ipv4_gw }}"
 

+       gateway6: "{{ br0_ipv6_gw }}"
 

+     name: br0
 

      state: up
 

-     type: ethernet
 

+     type: bridge
 

+   - mac: "{{ br0_port0_mac }}"
 

      master: br0
 

-     mac: "{{ br0_port0_mac }}"
 

+     name: br0-port0
 

+     state: up
 

+     type: ethernet

file modified
+6 -6 
@@ -1,11 +1,11 @@
 

  ---
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ipv4: 10.3.163.83
 

- eth0_ipv4_nm: 255.255.255.0
 

  eth0_ipv4_gw: 10.3.163.254
 

- vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ eth0_ipv4_nm: 255.255.255.0
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: vmhost-x86-02.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+6 -6 
@@ -1,10 +1,10 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.24
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-07.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+6 -6 
@@ -1,11 +1,11 @@
 

  ---
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

- ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

- volgroup: /dev/vg_guests
 

  eth0_ipv4: 10.3.163.102
 

- eth0_ipv4_nm: 255.255.255.0
 

  eth0_ipv4_gw: 10.3.163.254
 

- vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ eth0_ipv4_nm: 255.255.255.0
 

+ ks_repo: http://10.3.163.35/pub/fedora/linux/releases/34/Server/x86_64/os/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora
 

  virt_install_command: "{{ virt_install_command_one_nic }}"
 

+ vmhost: vmhost-x86-06.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests

file modified
+29 -40 
@@ -1,57 +1,46 @@
 

  ---
 

- freezes: true
 

- 

- datacenter: iad2
 

- 

  arch: x86_64
 

- 

+ datacenter: iad2
 

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.163.123
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.163.254
 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ eth0_ipv4_nm: 24
 

+ freezes: true
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

- 

- pxe_bootdev: eno34
 

+ has_ipv4: yes
 

  install_dev: /dev/sda
 

  mac0: "68:05:CA:CE:A3:C9"
 

- 

- rhcos_install_img_url: "http://10.3.163.165/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_url: "http://10.3.163.65/rhcos/"
 

- rhcos_kernel_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

- rhcos_initrd_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

- rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_ignition_file_url: "http://10.3.163.65/rhcos/worker.ign"
 

- 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ pxe_bootdev: eno34
 

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/worker.ign"
 

+ rhcos_initrd_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

+ rhcos_install_img_url: "http://10.3.163.165/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.163.65/rhcos/"
 

+ rhcos_kernel_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

+ vpn: true

file modified
+29 -40 
@@ -1,57 +1,46 @@
 

  ---
 

- freezes: false
 

-  

- datacenter: iad2
 

-  

  arch: x86_64
 

-  

+ datacenter: iad2
 

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

-  

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

-  

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.166.118
 

+ eth0_ipv4_gw: 10.3.166.254
 

  eth0_ipv4_nm: 24
 

- eth0_ipv4_gw: 10.3.166.254 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

- 

- pxe_bootdev: eno1 

+ has_ipv4: yes
 

  install_dev: /dev/sda
 

  mac0: "68:05:CA:CE:A2:AC"
 

- 

- rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_url: "http://10.3.166.50/rhcos/"
 

- rhcos_kernel_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

- rhcos_initrd_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

- rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_ignition_file_url: "http://10.3.166.50/rhcos/worker.ign"
 

-  

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-  

- vpn: true
 

-  

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ pxe_bootdev: eno1
 

+ rhcos_ignition_file_url: "http://10.3.166.50/rhcos/worker.ign"
 

+ rhcos_initrd_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

+ rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.166.50/rhcos/"
 

+ rhcos_kernel_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

+ vpn: true

file modified
+29 -40 
@@ -1,57 +1,46 @@
 

  ---
 

- freezes: true
 

- 

- datacenter: iad2
 

- 

  arch: x86_64
 

- 

+ datacenter: iad2
 

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.163.124
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.163.254
 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ eth0_ipv4_nm: 24
 

+ freezes: true
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

- 

- pxe_bootdev: eno33
 

+ has_ipv4: yes
 

  install_dev: /dev/sda
 

  mac0: "68:05:CA:CE:A2:90"
 

- 

- rhcos_install_img_url: "http://10.3.163.165/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_url: "http://10.3.163.65/rhcos/"
 

- rhcos_kernel_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

- rhcos_initrd_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

- rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_ignition_file_url: "http://10.3.163.65/rhcos/worker.ign"
 

- 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ pxe_bootdev: eno33
 

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/worker.ign"
 

+ rhcos_initrd_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

+ rhcos_install_img_url: "http://10.3.163.165/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.163.65/rhcos/"
 

+ rhcos_kernel_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

+ vpn: true

file modified
+29 -40 
@@ -1,57 +1,46 @@
 

  ---
 

- freezes: false
 

-  

- datacenter: iad2
 

-  

  arch: x86_64
 

-  

+ datacenter: iad2
 

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

-  

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

-  

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.166.119
 

+ eth0_ipv4_gw: 10.3.166.254
 

  eth0_ipv4_nm: 24
 

- eth0_ipv4_gw: 10.3.166.254 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

- 

- pxe_bootdev: eno1 

+ has_ipv4: yes
 

  install_dev: /dev/sda
 

  mac0: "68:05:CA:CE:A3:24"
 

- 

- rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_url: "http://10.3.166.50/rhcos/"
 

- rhcos_kernel_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

- rhcos_initrd_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

- rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_ignition_file_url: "http://10.3.166.50/rhcos/worker.ign"
 

-  

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-  

- vpn: true
 

-  

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ pxe_bootdev: eno1
 

+ rhcos_ignition_file_url: "http://10.3.166.50/rhcos/worker.ign"
 

+ rhcos_initrd_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

+ rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.166.50/rhcos/"
 

+ rhcos_kernel_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

+ vpn: true

file modified
+29 -40 
@@ -1,57 +1,46 @@
 

  ---
 

- freezes: true
 

- 

- datacenter: iad2
 

- 

  arch: x86_64
 

- 

+ datacenter: iad2
 

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

- 

  dns_search1: "iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

- 

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.163.125
 

- eth0_ipv4_nm: 24
 

  eth0_ipv4_gw: 10.3.163.254
 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ eth0_ipv4_nm: 24
 

+ freezes: true
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

- 

- pxe_bootdev: eno33
 

+ has_ipv4: yes
 

  install_dev: /dev/sda
 

  mac0: "68:05:CA:CE:A7:4C"
 

- 

- rhcos_install_img_url: "http://10.3.163.165/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_url: "http://10.3.163.65/rhcos/"
 

- rhcos_kernel_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

- rhcos_initrd_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

- rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_ignition_file_url: "http://10.3.163.65/rhcos/worker.ign"
 

- 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

- 

- vpn: true
 

- 

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ pxe_bootdev: eno33
 

+ rhcos_ignition_file_url: "http://10.3.163.65/rhcos/worker.ign"
 

+ rhcos_initrd_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

+ rhcos_install_img_url: "http://10.3.163.165/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.163.65/rhcos/"
 

+ rhcos_kernel_url: "http://10.3.163.65/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

+ vpn: true

file modified
+29 -40 
@@ -1,57 +1,46 @@
 

  ---
 

- freezes: false
 

-  

- datacenter: iad2
 

-  

  arch: x86_64
 

-  

+ datacenter: iad2
 

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

-  

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

-  

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.166.120
 

+ eth0_ipv4_gw: 10.3.166.254
 

  eth0_ipv4_nm: 24
 

- eth0_ipv4_gw: 10.3.166.254 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

- 

- pxe_bootdev: eno1 

+ has_ipv4: yes
 

  install_dev: /dev/sda
 

  mac0: "68:05:CA:CE:A5:10"
 

- 

- rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_url: "http://10.3.166.50/rhcos/"
 

- rhcos_kernel_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

- rhcos_initrd_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

- rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_ignition_file_url: "http://10.3.166.50/rhcos/worker.ign"
 

-  

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-  

- vpn: true
 

-  

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ pxe_bootdev: eno1
 

+ rhcos_ignition_file_url: "http://10.3.166.50/rhcos/worker.ign"
 

+ rhcos_initrd_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-initramfs.x86_64.img"
 

+ rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.166.50/rhcos/"
 

+ rhcos_kernel_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-kernel.x86_64"
 

+ vpn: true

file modified
+32 -44 
@@ -1,60 +1,48 @@
 

  ---
 

- freezes: false
 

-  

  datacenter: iad2
 

-  

- vmhost: vmhost-x86-06.stg.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- lvm_size: 120g
 

- mem_size: 16384
 

- max_mem_size: 16384
 

- num_cpus: 4
 

-  

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

-  

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

-  

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.166.122
 

+ eth0_ipv4_gw: 10.3.166.254
 

  eth0_ipv4_nm: 24
 

- eth0_ipv4_gw: 10.3.166.254 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

-  

+ has_ipv4: yes
 

+ lvm_size: 120g
 

  mac0: "{{ ansible_default_ipv4.macaddress }}"
 

- 

- rhcos_ignition_file_url: "http://10.3.166.50/rhcos/worker.ign"
 

- rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_install_url: "http://10.3.166.50/rhcos/"
 

- 

- virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

-  

+ max_mem_size: 16384
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-  

- vpn: true
 

-  

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ rhcos_ignition_file_url: "http://10.3.166.50/rhcos/worker.ign"
 

+ rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.166.50/rhcos/"
 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

+ vmhost: vmhost-x86-06.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+32 -44 
@@ -1,60 +1,48 @@
 

  ---
 

- freezes: false
 

-  

  datacenter: iad2
 

-  

- vmhost: vmhost-x86-07.stg.iad2.fedoraproject.org
 

- volgroup: /dev/vg_guests
 

- lvm_size: 120g
 

- mem_size: 16384
 

- max_mem_size: 16384
 

- num_cpus: 4
 

-  

+ dns: "{{ dns1 }}"
 

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34
 

-  

  dns_search1: "stg.iad2.fedoraproject.org"
 

  dns_search3: "fedoraproject.org"
 

-  

- has_ipv4: yes
 

+ eth0_ip: "{{eth0_ipv4}}"
 

  eth0_ipv4: 10.3.166.123
 

+ eth0_ipv4_gw: 10.3.166.254
 

  eth0_ipv4_nm: 24
 

- eth0_ipv4_gw: 10.3.166.254 

- eth0_ip: "{{eth0_ipv4}}"
 

- nm: 255.255.255.0
 

+ freezes: false
 

  gw: "{{ eth0_ipv4_gw }}"
 

- dns: "{{ dns1 }}"
 

-  

+ has_ipv4: yes
 

+ lvm_size: 120g
 

  mac0: "{{ ansible_default_ipv4.macaddress }}"
 

- 

- rhcos_ignition_file_url: "http://10.3.166.50/rhcos/worker.ign"
 

- rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

- rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

- rhcos_install_url: "http://10.3.166.50/rhcos/"
 

- 

- virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

-  

+ max_mem_size: 16384
 

+ mem_size: 16384
 

  network_connections:
 

-   - name: eth0
 

-     mac: "{{ mac0 }}"
 

-     state: up
 

-     type: ethernet
 

-     autoconnect: yes
 

+   - autoconnect: yes
 

      ip:
 

        address:
 

-       - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

-       gateway4: "{{ eth0_ipv4_gw }}"
 

+         - "{{ eth0_ipv4 }}/{{ eth0_ipv4_nm }}"
 

+       dhcp4: no
 

        dns:
 

-       - "{{ dns1 }}"
 

-       - "{{ dns2 }}"
 

+         - "{{ dns1 }}"
 

+         - "{{ dns2 }}"
 

        dns_search:
 

-       - "{{ dns_search1 }}"
 

-       - "{{ dns_search2 }}"
 

-       - "{{ dns_search3 }}"
 

-       dhcp4: no
 

-       auto6: no
 

-  

- vpn: true
 

-  

- nrpe_procs_warn: 1200
 

+         - "{{ dns_search1 }}"
 

+         - "{{ dns_search2 }}"
 

+         - "{{ dns_search3 }}"
 

+       gateway4: "{{ eth0_ipv4_gw }}"
 

+     mac: "{{ mac0 }}"
 

+     name: eth0
 

+     state: up
 

+     type: ethernet
 

+ nm: 255.255.255.0
 

  nrpe_procs_crit: 1400
 

+ nrpe_procs_warn: 1200
 

+ num_cpus: 4
 

+ rhcos_ignition_file_url: "http://10.3.166.50/rhcos/worker.ign"
 

+ rhcos_install_img_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-metal.x86_64.raw.gz"
 

+ rhcos_install_rootfs_url: "http://10.3.166.50/rhcos/rhcos-{{ rhcos_version }}-x86_64-live-rootfs.x86_64.img"
 

+ rhcos_install_url: "http://10.3.166.50/rhcos/"
 

+ virt_install_command: "{{ virt_install_command_pxe_rhcos }}"
 

+ vmhost: vmhost-x86-07.stg.iad2.fedoraproject.org
 

+ volgroup: /dev/vg_guests
 

+ vpn: true

file modified
+6 -6 
@@ -1,11 +1,11 @@
 

  ---
 

- nm: 255.255.255.0
 

- gw: 10.3.166.254
 

+ datacenter: iad2
 

  dns: 10.3.163.33
 

- ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

- ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

- volgroup: /dev/vg_guests
 

  eth0_ip: 10.3.166.61
 

  eth0_nm: 255.255.255.0
 

+ gw: 10.3.166.254
 

+ ks_repo: http://10.3.163.35/repo/rhel/RHEL8-x86_64/
 

+ ks_url: http://10.3.163.35/repo/rhel/ks/kvm-rhel-8-iad2
 

+ nm: 255.255.255.0
 

  vmhost: vmhost-x86-07.stg.iad2.fedoraproject.org
 

- datacenter: iad2
 

+ volgroup: /dev/vg_guests

file modified
+3 -1 
@@ -632,6 +632,7 @@
 

  busgateway01.stg.iad2.fedoraproject.org
 

  compose-x86-01.stg.iad2.fedoraproject.org
 

  copr-be-dev.aws.fedoraproject.org
 

+ #copr-be-dev-temp.aws.fedoraproject.org
 

  copr-db-stg.aws.fedoraproject.org
 

  copr-dist-git-dev.aws.fedoraproject.org
 

  copr-fe-dev.aws.fedoraproject.org
 
@@ -872,8 +873,8 @@
 

  pdc-web01.stg.iad2.fedoraproject.org
 

  

  [maintainer_test]
 

- f32-test.fedorainfracloud.org
 

  f33-test.fedorainfracloud.org
 

+ f34-test.fedorainfracloud.org
 

  f35-test.fedorainfracloud.org
 

  rawhide-test.fedorainfracloud.org
 

  el7-test.fedorainfracloud.org
 
@@ -937,6 +938,7 @@
 

  

  [copr_back_aws]
 

  copr-be.aws.fedoraproject.org
 

+ #copr-be-temp.aws.fedoraproject.org
 

  

  [copr_dist_git_aws]
 

  copr-dist-git.aws.fedoraproject.org

file modified
+8 
@@ -41,6 +41,14 @@
 

    - name: install debuginfod configuration
 

      copy: src="{{ files }}/debuginfod/sysconfig.debuginfod" dest=/etc/sysconfig/debuginfod owner=root group=root mode=644
 

  

+   - name: ensure systemd drop-in directory exists
 

+     file: >
 

+       dest=/etc/systemd/system/debuginfod.service.d
 

+       state=directory
 

+     

+   - name: install debuginfod systemd drop-in
 

+     copy: src="{{ files }}/debuginfod/debuginfod.service.d" dest=/etc/systemd/system/debuginfod.service.d/override.conf owner=root group=root mode=644    

+ 

    - name: ensure debuginfod is enabled and started
 

      service:
 

        name: debuginfod

file modified
+7 -17 
@@ -44,10 +44,7 @@
 

    - role: rabbit/queue
 

      username: "openqa"
 

      queue_name: "openqa{{ openqa_env_suffix }}_scheduler"
 

-     routing_keys:
 

-         - "org.fedoraproject.prod.pungi.compose.status.change"
 

-         - "org.fedoraproject.prod.bodhi.update.request.testing"
 

-         - "org.fedoraproject.prod.bodhi.update.edit"
 

+     routing_keys: "{{ openqa_amqp_scheduler_routing_keys }}"
 

      write_queues:
 

          - "ci"
 

          - "openqa"
 
@@ -60,8 +57,7 @@
 

    - role: rabbit/queue
 

      username: "openqa{{ openqa_env_suffix }}"
 

      queue_name: "openqa{{ openqa_env_suffix }}_resultsdb_reporter"
 

-     routing_keys:
 

-         - "org.fedoraproject.{{ deployment_type }}.openqa.job.done"
 

+     routing_keys: "{{ openqa_amqp_resultsdb_reporter_routing_keys }}"
 

      write_queues:
 

          - "ci"
 

          - "openqa"
 
@@ -74,8 +70,7 @@
 

    - role: rabbit/queue
 

      username: "openqa{{ openqa_env_suffix }}"
 

      queue_name: "openqa{{ openqa_env_suffix }}_wiki_reporter"
 

-     routing_keys:
 

-         - "org.fedoraproject.{{ deployment_type }}.openqa.job.done"
 

+     routing_keys: "{{ openqa_amqp_wiki_reporter_routing_keys }}"
 

      write_queues:
 

          - "ci"
 

          - "openqa"
 
@@ -90,8 +85,7 @@
 

    - role: rabbit/queue
 

      username: "openqa"
 

      queue_name: "openqa_relvalconsumer{{ relvalconsumer_env_suffix }}"
 

-     routing_keys:
 

-         - "org.fedoraproject.prod.pungi.compose.status.change"
 

+     routing_keys: "{{ relvalconsumer_amqp_routing_keys }}"
 

      write_queues:
 

          - "ci"
 

          - "openqa"
 
@@ -107,8 +101,7 @@
 

    - role: rabbit/queue
 

      username: "openqa"
 

      queue_name: "openqa_relvalamiconsumer{{ relvalconsumer_env_suffix }}"
 

-     routing_keys:
 

-         - "org.fedoraproject.prod.fedimg.image.publish"
 

+     routing_keys: "{{ relvalamiconsumer_amqp_routing_keys }}"
 

      write_queues:
 

          - "ci"
 

          - "openqa"
 
@@ -125,8 +118,7 @@
 

    - role: rabbit/queue
 

      username: "openqa{{ checkcompose_env_suffix }}"
 

      queue_name: "openqa{{ checkcompose_env_suffix }}_checkcomp"
 

-     routing_keys:
 

-         - "org.fedoraproject.{{ deployment_type }}.openqa.job.done"
 

+     routing_keys: "{{ checkcompose_amqp_routing_keys }}"
 

      write_queues:
 

          - "ci"
 

          - "openqa"
 
@@ -143,9 +135,7 @@
 

    - role: rabbit/queue
 

      username: "openqa"
 

      queue_name: "openqa_fedora_nightlies"
 

-     routing_keys:
 

-         - "org.fedoraproject.prod.openqa.job.done"
 

-         - "org.fedoraproject.prod.pungi.compose.status.change"
 

+     routing_keys: "{{ fedora_nightlies_amqp_routing_keys }}"
 

      write_queues:
 

          - "ci"
 

          - "openqa"

file modified
+4 -2 
@@ -254,12 +254,14 @@
 

    - role: httpd/redirect
 

      shortname: join-fedora
 

      website: join.fedoraproject.org
 

-     target: https://fedoraproject.org/wiki/Join
 

+     target: https://docs.fedoraproject.org/en-US/project/join/
 

+     tags: join-fedora
 

  

    - role: httpd/redirect
 

      shortname: get-help
 

      website: help.fedoraproject.org
 

-     target: https://fedoraproject.org/get-help
 

+     target: https://ask.fedoraproject.org
 

+     tags: ask-fedora
 

  

    # This is just a redirect to developer, to make it easier for people to get
 

    # here from Red Hat's developers.redhat.com (ticket #5216).

file modified
+20 
@@ -94,6 +94,7 @@
 

      remotepath: /meetbot/
 

      # Talk directly to the app server, not haproxy
 

      proxyurl: http://value01
 

+     when: env != "staging"
 

  

    # The place for the fancy mote view
 

    - role: httpd/reverseproxy
 
@@ -102,6 +103,25 @@
 

      #remotepath: /mote/
 

      # Talk directly to the app server, not haproxy
 

      proxyurl: http://value01
 

+     when: env != "staging"
 

+ 

+   # The place for the raw originals
 

+   - role: httpd/reverseproxy
 

+     website: meetbot-raw.fedoraproject.org
 

+     destname: meetbot
 

+     remotepath: /meetbot/
 

+     # Talk directly to the app server, not haproxy
 

+     proxyurl: http://value02
 

+     when: env == "staging"
 

+ 

+   # The place for the fancy mote view
 

+   - role: httpd/reverseproxy
 

+     website: meetbot.fedoraproject.org
 

+     destname: mote
 

+     #remotepath: /mote/
 

+     # Talk directly to the app server, not haproxy
 

+     proxyurl: http://value02
 

+     when: env == "staging"
 

  

    - role: httpd/reverseproxy
 

      website: apps.fedoraproject.org

file modified
+6 -5 
@@ -5,12 +5,13 @@
 

    roles:
 

    - role: openshift/sysadmin-openshift
 

      appowners:
 

-     - mobrien
 

-     - siddharthvipul1
 

-     - kevin
 

+     - asaleh
 

+     - darknao
 

      - dkirwan
 

      - jrichardson
 

-     - scoady
 

+     - kevin
 

      - lenkaseg
 

-     - asaleh
 

+     - mobrien
 

+     - scoady
 

+     - siddharthvipul1
 

      - t0xic0der

file removed
-9 
@@ -1,9 +0,0 @@
 

- ---
 

- - include: koschei.yml
 

-   vars:
 

-     fedora_repos:
 

-     - updates
 

-     - updates-testing
 

-     - msimacek-koschei
 

-     koschei_backend_hosts: koschei_backend_stg
 

-     koschei_web_hosts: koschei_web_stg

file removed
-90 
@@ -1,90 +0,0 @@
 

- - name: apply koschei/frontend role
 

-   hosts: "{{ koschei_web_hosts | default('koschei_web:koschei_web_stg') }}"
 

-   vars_files:
 

-   - /srv/web/infra/ansible/vars/global.yml
 

-   - /srv/private/ansible/vars.yml
 

-   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
 

-   roles:
 

-   - koschei/frontend
 

- 

- - name: apply koschei/backend role
 

-   hosts: "{{ koschei_backend_hosts | default('koschei_backend:koschei_backend_stg') }}"
 

-   vars_files:
 

-   - /srv/web/infra/ansible/vars/global.yml
 

-   - /srv/private/ansible/vars.yml
 

-   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
 

-   roles:
 

-   - koschei/backend
 

- 

- - name: upgrade packages
 

-   hosts: "{{ koschei_web_hosts | default('koschei_web:koschei_web_stg') }}:{{ koschei_backend_hosts | default('koschei_backend:koschei_backend_stg') }}"
 

-   vars:
 

-     fedora_repos:
 

-     - updates
 

-   tasks:
 

-   - name: clean dnf metadata
 

-     command: dnf {% for repo in fedora_repos %}--enablerepo {{ repo }} {% endfor %} clean all
 

-     warn: False
 

-   - name: create dnf metadata cache
 

-     command: dnf {% for repo in fedora_repos %}--enablerepo {{ repo }} {% endfor %} makecache
 

-     warn: False
 

-   - name: list installed koschei packages
 

-     dnf:
 

-       list: "koschei*"
 

-       disablerepo: "*"
 

-     register: koschei_packages
 

-   - name: update koschei packages
 

-     dnf:
 

-       name: "{{ item.name }}"
 

-       state: latest
 

-       enablerepo: "{{ fedora_repos | join(',') }}"
 

-     register: koschei_upgrade
 

-     with_items: "{{ koschei_packages.results }}"
 

- 

- - name: stop backend services
 

-   hosts: "{{ koschei_backend_hosts | default('koschei_backend:koschei_backend_stg') }}"
 

-   tasks:
 

-   - name: stop services
 

-     service: name="{{ item }}" state=stopped
 

-     with_items: "{{ koschei_backend_services }}"
 

- 

- - name: stop httpd
 

-   hosts: "{{ koschei_web_hosts | default('koschei_web:koschei_web_stg') }}"
 

-   tasks:
 

-   - name: stop httpd
 

-     service: name="httpd" state=stopped
 

- 

- - name: run DB migration
 

-   hosts: "{{ koschei_backend_hosts | default('koschei_backend:koschei_backend_stg') }}"
 

-   tasks:
 

-   - name: run db migration
 

-     become: yes
 

-     become_user: koschei
 

-     command: koschei-admin alembic upgrade head
 

- 

- - name: restart httpd
 

-   hosts: "{{ koschei_web_hosts | default('koschei_web:koschei_web_stg') }}"
 

-   vars_files:
 

-   - /srv/web/infra/ansible/vars/global.yml
 

-   - /srv/private/ansible/vars.yml
 

-   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
 

-   tasks:
 

-   - name: start httpd
 

-     service: name="httpd" state=started
 

- 

- - name: restart backend services
 

-   hosts: "{{ koschei_backend_hosts | default('koschei_backend:koschei_backend_stg') }}"
 

-   vars_files:
 

-   - /srv/web/infra/ansible/vars/global.yml
 

-   - /srv/private/ansible/vars.yml
 

-   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
 

-   tasks:
 

-   - name: start services
 

-     service: name="{{ item }}" state=started
 

-     with_items: "{{ koschei_backend_services }}"
 

- 

- - name: Check whether backend update
 

-   hosts: "{{ koschei_web_hosts | default('koschei_web:koschei_web_stg') }}:{{ koschei_backend_hosts | default('koschei_backend:koschei_backend_stg') }}"
 

-   tasks:
 

-   - assert:
 

-       that: koschei_upgrade.changed

file modified
+1 -1 
@@ -60,7 +60,7 @@
 

    - role: openshift/route
 

      app: discourse2fedmsg
 

      routename: discourse2fedmsg
 

-     host: "discourse2fedmsg{{ env_suffix }}.fedoraproject.org"
 

+     host: "discourse2fedmsg.app.os{{ env_suffix }}.fedoraproject.org"
 

      serviceport: web
 

      servicename: discourse2fedmsg-web

file modified
+7 -1 
@@ -5,9 +5,15 @@
 

  

    roles:
 

    - role: openshift-apps/fcos-pipeline
 

-     project_name: fcos-pipeline
 

+     project_name: fedora-coreos
 

      project_description: Jenkins pipeline configuration for Fedora CoreOS.
 

      appowners:
 

      - dustymabe
 

      - jlebon
 

      - cverna
 

+     - aaradhak
 

+     - bgilbert
 

+     - jmarrero
 

+     - kevin
 

+     - lucab
 

+     - misc

file modified
+1 
@@ -41,6 +41,7 @@
 

          - imagestream
 

          - frontend-config
 

          - backend-config
 

+         - admin-config
 

          - admin-deployment
 

          - frontend-deployment
 

          - frontend-service

file modified
+18 -1 
@@ -2,7 +2,8 @@
 

    hosts: os_masters_stg[0]:os_masters[0]
 

    user: root
 

    gather_facts: False
 

- 

+   vars:
 

+     ssh_key_path: "{{ private }}/files/websites/id_rsa_web_trans_{{ env_short }}"
 

    vars_files:
 

      - /srv/web/infra/ansible/vars/global.yml
 

      - "/srv/private/ansible/vars.yml"
 
@@ -15,6 +16,7 @@
 

      appowners:
 

      - codeblock
 

      - ryanlerch
 

+     - darknao
 

  

    - role: openshift/object
 

      app: websites
 
@@ -42,5 +44,20 @@
 

  

    - role: openshift/object
 

      app: websites
 

+     template: gitconfig.yml
 

+     objectname: gitconfig.yml
 

+ 

+   - role: openshift/object
 

+     app: websites
 

+     template: sshconfig.yml
 

+     objectname: sshconfig.yml
 

+ 

+   - role: openshift/object
 

+     app: websites
 

      template: cron.yml
 

      objectname: cron.yml
 

+ 

+   - role: openshift/object
 

+     app: websites
 

+     template: cron-updatepot.yml
 

+     objectname: cron-updatepot.yml

file added
+6 
@@ -0,0 +1,6 @@
 

+ # Adjust rate-limiting settings to prevent dropped messages under load 

+ # Reduce rate-limit interval from default 600 seconds to 300 seconds
 

+ $imjournalRatelimitInterval 300
 

+ 

+ # Increase burst limit size from default 20000 to 30000
 

+ $imjournalRatelimitBurst 30000

file modified
+1 
@@ -173,6 +173,7 @@
 

  require ip 13.244.113.71
 

  require ip 13.245.77.95
 

  require ip 38.145.60.11
 

+ require ip 34.217.21.196
 

  

  #
 

  # We put this at the end because it fails for hosts with no reverse dns

file modified
+1 -1 
@@ -33,7 +33,7 @@
 

  

      # Setup the repos you are going to sync out of the config file in
 

      # this pattern. This makes it easier for koji configs later
 

-     REPOS="rhel-8-for-${A}-appstream-rpms rhel-8-for-${A}-baseos-rpms codeready-builder-for-rhel-8-${A}-rpms"
 

+     REPOS="rhel-8-for-${A}-appstream-rpms rhel-8-for-${A}-baseos-rpms codeready-builder-for-rhel-8-${A}-rpms rhel-8-advanced-virt"
 

  

      # We do a 2 level reposync because batcave is RHEL-7 and reposync
 

      # is what is default. However reposync does not pull in certain

file modified
+33 -52 
@@ -120,50 +120,6 @@
 

                                  'dest': os.path.join(FEDORAALTDEST, 'testing', '34', 'Modular')}
 

                                ]}}
 

                     },
 

-             'f33': {'topic': 'fedora',
 

-                     'version': '33',
 

-                     'modules': ['fedora', 'fedora-secondary'],
 

-                     'repos': {'updates': {
 

-                         'from': 'f33-updates',
 

-                         'ostrees': [{'ref': 'fedora/33/%(arch)s/updates/silverblue',
 

-                                      'dest': OSTREEDEST,
 

-                                      'arches': ['x86_64', 'ppc64le', 'aarch64']}],
 

-                         'to': [{'arches': ['x86_64', 'armhfp', 'aarch64', 'source'],
 

-                                 'dest': os.path.join(FEDORADEST, '33', 'Everything')},
 

-                                {'arches': ['ppc64le', 's390x'],
 

-                                 'dest': os.path.join(FEDORAALTDEST, '33', 'Everything')}
 

-                               ]},
 

-                               'updates-testing': {
 

-                         'from': 'f33-updates-testing',
 

-                         'ostrees': [{'ref': 'fedora/33/%(arch)s/testing/silverblue',
 

-                                      'dest': OSTREEDEST,
 

-                                      'arches': ['x86_64', 'ppc64le', 'aarch64']}],
 

-                         'to': [{'arches': ['x86_64', 'aarch64', 'armhfp', 'source'],
 

-                                 'dest': os.path.join(FEDORADEST, 'testing', '33', 'Everything')},
 

-                                {'arches': ['ppc64le', 's390x'],
 

-                                 'dest': os.path.join(FEDORAALTDEST, 'testing', '33', 'Everything')}
 

-                               ]}}
 

-                    },
 

-             'f33m': {'topic': 'fedora',
 

-                     'version': '33m',
 

-                     'modules': ['fedora', 'fedora-secondary'],
 

-                     'repos': {'updates': {
 

-                         'from': 'f33-modular-updates',
 

-                         'ostrees': [],
 

-                         'to': [{'arches': ['x86_64', 'aarch64', 'armhfp', 'source'],
 

-                                 'dest': os.path.join(FEDORADEST, '33', 'Modular')},
 

-                                {'arches': ['ppc64le', 's390x'],
 

-                                 'dest': os.path.join(FEDORAALTDEST, '33', 'Modular')}
 

-                               ]},
 

-                               'updates-testing': {
 

-                         'from': 'f33-modular-updates-testing',
 

-                         'ostrees': [],
 

-                         'to': [{'arches': ['x86_64', 'aarch64', 'armhfp', 'source'],
 

-                                 'dest': os.path.join(FEDORADEST, 'testing', '33', 'Modular')},
 

-                                {'arches': ['ppc64le', 's390x'],
 

-                                 'dest': os.path.join(FEDORAALTDEST, 'testing', '33', 'Modular')}
 

-                               ]}}
 

-                    },
 

              'epel9n': {'topic': 'epel',
 

                        'version': '9',
 

                        'modules': ['epel'],
 
@@ -475,19 +431,44 @@
 

      return needssync
 

  

  def update_epel_release_latest(releases):
 

+     """
 

+     This function, creates or updates a symbolic links for epel-release, latest and next, packages.
 

+ 

+     Creates or updates a symbolic link pointing to the latest release of the epel-release package and 

+     another pointing to the next release of the epel-release package.
 

+     

+     The symbolic link will be created or updated if:
 

+     - There isn't a symbolic link for the latest package;
 

+     - Current symbolic link is pointing to an outdated package;
 

+     - Current symbolic link is broken;
 

+     - There is a file that isn't a link with the same name of the symbolic link.
 

+ 

+     If the symbolic link is pointing to the latest release already, this function will do nothing.
 

+ 

+     Parameters:
 

+     releases (dict): contains similar information of global variable RELEASES
 

+     """    

      for release in releases:
 

          if 'epel' in release:
 

-             for path in Path(RELEASES[release]['repos']['epel']['to'][0]['dest']).rglob('epel-release*noarch*'):
 

+             for path in Path(RELEASES[release]['repos']['epel']['to'][0]['dest']).rglob('epel-*release*noarch*'):
 

                  if 'Packages' in str(path) and 'x86_64' in str(path):
 

-                     dest = '/pub/epel/epel-release-latest-' + release[4]+ '.noarch.rpm'
 

-                     if os.path.lexists(dest):
 

-                         if not os.path.islink(dest) or not os.path.exists(os.path.join(EPELDEST,os.readlink(dest))):
 

+                     if "next" in str(path):
 

+                         dest = '/pub/epel/epel-next-release-latest-' + release[4] + '.noarch.rpm'
 

+                     else:
 

+                         dest = '/pub/epel/epel-release-latest-' + release[4] + '.noarch.rpm'
 

+ 

+                     pkg_relpath = os.path.relpath(path,EPELDEST)
 

+ 

+                     if os.path.lexists(dest) and os.path.islink(dest):
 

+                         origin_dest = os.path.join(EPELDEST,os.readlink(dest))
 

+                         if origin_dest != str(path):
 

                              os.remove(dest)
 

-                             os.symlink(os.path.relpath(path, os.path.dirname(dest)), dest)
 

-                             break
 

+                             os.symlink(pkg_relpath, dest)
 

+                     elif os.path.lexists(dest) and not os.path.islink(dest):
 

+                         os.remove(dest)
 

+                         os.symlink(pkg_relpath, dest)
 

                      else:
 

-                         os.symlink(os.path.relpath(path, os.path.dirname(dest)), dest)
 

-                         break
 

+                         os.symlink(pkg_relpath, dest)
 

  

  def main():
 

      parser = argparse.ArgumentParser()

file modified
+1 -1 
@@ -87,7 +87,7 @@
 

    # bodhi2/backend/files/koji_sync_listener.py
 

    # This cronjob runs only once a day.  The listener script runs reactively.
 

    cron: name="owner-sync" minute="15" hour="4" user="root"
 

-       job="/usr/local/bin/lock-wrapper owner-sync '/usr/local/bin/owner-sync-pagure f36 f36-container f36-modular f35 f35-container f35-modular f34 f34-container f34-modular f33 f33-container f33-modular f33-flatpak epel9 epel9-next epel8 epel8-next epel8-playground epel8-modular epel7 module-package-list modular'"
 

+       job="/usr/local/bin/lock-wrapper owner-sync '/usr/local/bin/owner-sync-pagure f36 f36-container f36-modular f35 f35-container f35-modular f34 f34-container f34-modular epel9 epel9-next epel8 epel8-next epel8-playground epel8-modular epel7 module-package-list modular'"
 

        cron_file=update-koji-owner
 

    when: env == "production"
 

    tags:

file modified
-3 
@@ -49,9 +49,6 @@
 

      "f34-modular",
 

      "f34-flatpak",
 

      "f33",
 

-     "f33-container",
 

-     "f33-modular",
 

-     "f33-flatpak",
 

      "epel9",
 

      "epel9-next",
 

      "epel8",

file modified
+3 
@@ -10,3 +10,6 @@
 

  

  - name: restart lighttpd
 

    action: service name=lighttpd state=restarted
 

+ 

+ - name: restart node_exporter
 

+   action: service name=node_exporter state=restarted

file modified
+4 -4 
@@ -10,6 +10,10 @@
 

    register: ping_log_check
 

    tags: copr_ping
 

  

+ - name: create the user ping user
 

+   user: name={{ ping_user }}
 

+   tags: copr_ping
 

+ 

  - name: pre-create ping log file
 

    file:
 

      path: "{{ ping_log }}"
 
@@ -21,10 +25,6 @@
 

    when: not ping_log_check.stat.exists
 

    tags: copr_ping
 

  

- - name: create the user ping user
 

-   user: name={{ ping_user }}
 

-   tags: copr_ping
 

- 

  - name: install copr-cli package
 

    dnf: name=copr-cli state=latest
 

    tags: copr_ping

file modified
+17 -1 
@@ -31,6 +31,7 @@
 

        - php-cli
 

        - cronolog
 

        - nfs-utils
 

+       - golang-github-prometheus-node-exporter
 

  

  #- name: patch for prunerepo, issue 1090
 

  #  patch: src=patches/prunerepo-dataloss.patch
 
@@ -124,7 +125,11 @@
 

  

  - name: letsencrypt cert
 

    include_role: name=copr/certbot
 

-   when: devel|bool
 

+   when:
 

+   - devel|bool
 

+   # When we have birthday for backend, we use a temporary copr-be-dev-temp
 

+   # hostname for it and we don't want to generate a certificate for that.
 

+   - birthday is not defined
 

    tags:
 

    - config
 

  
@@ -154,6 +159,17 @@
 

  - name: start webserver
 

    service: state=started enabled=yes name=lighttpd
 

  

+ - name: start node exporter
 

+   service: state=started enabled=yes name=node_exporter
 

+ 

+ - name: configure options in node exporter
 

+   lineinfile:
 

+     path: /etc/sysconfig/node_exporter
 

+     regexp: '^OPTIONS='
 

+     line: 'OPTIONS=--collector.textfile.directory /var/lib/node_exporter/textfile_collector --collector.systemd'
 

+     backrefs: yes
 

+   notify: restart node_exporter
 

+ 

  # setup dirs for the ansible execution off of provisioning
 

  #- name: dirs from provision
 

  #  file: state=directory path="/home/copr/provision/{{ item }}" owner=copr group=copr

file modified
+3 
@@ -1,4 +1,7 @@
 

  ---
 

+ - name: install nrpe
 

+   dnf: name=nrpe state=present
 

+ 

  - name: install nrpe checks
 

    template: src=copr_backend_nrpe.cfg
 

              dest=/etc/nrpe.d/copr_backend_nrpe.cfg

file modified
+9 -13 
@@ -15,7 +15,7 @@
 

  ##
 

  var.log_root    = "/var/log/lighttpd"
 

  var.server_root = "/var/www"
 

- var.state_dir   = "/var/run"
 

+ var.state_dir   = "/run"
 

  var.home_dir    = "/var/lib/lighttpd"
 

  var.conf_dir    = "/etc/lighttpd"
 

  
@@ -319,14 +319,14 @@
 

  # 'cgi.assign' conditionally - the trick is to do this only on paths that both
 

  # (a) end with slash (= directories) and (b) do not contain 'dir-generator'
 

  # string (guard against '/some/dir-generator.php/' or alike hacks).
 

- index-file.names = (
 

-   "/dir-generator.php"
 

- )
 

- $HTTP["url"] =~ "/$" {
 

-   $HTTP["url"] !~ "dir-generator" {
 

-     cgi.assign = ( "/dir-generator.php" => "/usr/bin/php-cgi" )
 

-   }
 

- }
 

+ # index-file.names = (
 

+ #   "/dir-generator.php"
 

+ # )
 

+ # $HTTP["url"] =~ "/$" {
 

+ #   $HTTP["url"] !~ "dir-generator" {
 

+ #     cgi.assign = ( "/dir-generator.php" => "/usr/bin/php-cgi" )
 

+ #   }
 

+ # }
 

  

  ##
 

  ## deny access the file-extensions
 
@@ -484,8 +484,6 @@
 

    ssl.pemfile = "/etc/lighttpd/copr-be.cloud.fedoraproject.org.pem"
 

    ssl.ca-file = "/etc/lighttpd/copr-be.cloud.fedoraproject.org.intermediate.cert"
 

    ssl.disable-client-renegotiation = "enable"
 

-   ssl.use-sslv2 = "disable"
 

-   ssl.use-sslv3 = "disable"
 

    ssl.cipher-list             = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
 

  }
 

  {% else %}
 
@@ -504,8 +502,6 @@
 

      # The following is OPTIONAL
 

      ssl.cipher-list         = "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128:AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"
 

      ssl.use-compression     = "disable"
 

-     ssl.use-sslv2           = "disable"
 

-     ssl.use-sslv3           = "disable"
 

  }
 

  {% endif %}
 

  {% endfor %}

file modified
+23 -8 
@@ -49,14 +49,6 @@
 

    tags:
 

    - packages
 

  

- - name: install common copr packages
 

-   dnf:
 

-     state: present
 

-     pkg:
 

-       - "nrpe"
 

-   tags:
 

-   - packages
 

- 

  - name: install dev helper packages
 

    dnf:
 

      state: present
 
@@ -94,5 +86,28 @@
 

    - config
 

    when: datacenter != "aws"
 

  

+ - name: setup ipv6 networking general
 

+   lineinfile:
 

+     dest: /etc/sysconfig/network-scripts/ifcfg-eth0
 

+     backup: yes
 

+     state: present
 

+     line: "{{ item }}"
 

+   with_items:
 

+     - IPV6INIT=yes
 

+     - IPV6_DEFROUTE=yes
 

+     - IPV6_AUTOCONF=yes
 

+   when: aws_ipv6_addr is defined
 

+   tags: ipv6_config
 

+ 

+ - name: setup ipv6 address
 

+   lineinfile:
 

+     dest: /etc/sysconfig/network-scripts/ifcfg-eth0
 

+     backup: yes
 

+     state: present
 

+     line: "IPV6ADDR={{ aws_ipv6_addr }}"
 

+     regex: ^IPV6ADDR=
 

+   when: aws_ipv6_addr is defined
 

+   tags: ipv6_config
 

+ 

  # - name: enable and run logrotate service
 

  #   service: name="logrotate" state=started

file removed
-44 
@@ -1,44 +0,0 @@
 

- commit 1a04c15b1f77f908b1dd3983a27ee49c41b3a3e5
 

- Author:     Todd Zullinger <tmz@pobox.com>
 

- AuthorDate: Mon May 24 17:34:42 2021 -0400
 

- Commit:     Todd Zullinger <tmz@pobox.com>
 

- CommitDate: Tue May 25 11:42:07 2021 -0400
 

- 

-     improve index mode for files with executable bit
 

-     

-     The fix for #430 in bebc4f56 (Use correct mode for executable files,
 

-     2016-05-19) is incomplete.  It fails (in most cases) when files have
 

-     modes which are not exactly 0644 or 0755.
 

-     

-     Git only cares whether the executable bit is set (or not).  Ensure the
 

-     mode we set for the index is either 100644 or 100755 based on whether
 

-     the executable bit is set for the file owner.  Do this similarly to how
 

-     upstream git does it in cache.h¹.
 

-     

-     Add a test covering various file modes to help catch regressions.
 

-     

-     Fixes #1253
 

-     

-     ¹ https://github.com/git/git/blob/v2.31.1/cache.h#L247
 

- 

- diff --git a/git/index/fun.py b/git/index/fun.py
 

- index f40928c3..1012f480 100644
 

- --- a/git/index/fun.py
 

- +++ b/git/index/fun.py
 

- @@ -11,6 +11,7 @@ from stat import (
 

-      S_ISDIR,
 

-      S_IFMT,
 

-      S_IFREG,
 

- +    S_IXUSR,
 

-  )
 

-  import subprocess
 

-  

- @@ -115,7 +116,7 @@ def stat_mode_to_index_mode(mode):
 

-          return S_IFLNK
 

-      if S_ISDIR(mode) or S_IFMT(mode) == S_IFGITLINK:    # submodules
 

-          return S_IFGITLINK
 

- -    return S_IFREG | 0o644 | (mode & 0o111)       # blobs with or without executable bit
 

- +    return S_IFREG | (mode & S_IXUSR and 0o755 or 0o644)  # blobs with or without executable bit
 

-  

-  

-  def write_cache(entries: Sequence[Union[BaseIndexEntry, 'IndexEntry']], stream: IO[bytes],

file modified
+13 -5 
@@ -28,11 +28,6 @@
 

        - dist-git-selinux
 

        - copr-dist-git
 

  

- - name: Patch GitPython to import Thunderbird (issue 1700)
 

-   patch: src=patches/git-python-pr-1254.patch
 

-          dest=/usr/lib/python3.9/site-packages/git/index/fun.py
 

-   tags: patches
 

- 

  - name: switch selinux to enforcing
 

    selinux: policy=targeted state=enforcing
 

  
@@ -139,3 +134,16 @@
 

    copy: src="copr-dist-git.daily" dest="/etc/cron.daily/copr-dist-git" mode=755
 

    tags:
 

    - config
 

+ 

+ - name: enable copr repo for our custom python3-rpkg build
 

+   community.general.copr:
 

+     state: enabled
 

+     name: "@copr/copr-dev"
 

+ 

+ # See https://pagure.io/rpkg/issue/588
 

+ # See https://pagure.io/copr/copr/pull-request/1998
 

+ # Don't be confused by the version. It is actually rebuild of 1.62
 

+ - name: Install custom build of python3-rpkg
 

+   dnf:
 

+     name: "python3-rpkg >= 1.63.copr.666.2"
 

+     state: present

file modified
+1 
@@ -39,6 +39,7 @@
 

        - redis
 

        - pxz
 

        - python3-alembic
 

+       - mod_auth_gssapi
 

    tags:
 

    - packages

file modified
+5 -2 
@@ -115,10 +115,13 @@
 

    - buildsys.pub
 

  

  - name: add root keys for sysadmin-main and other allowed users
 

-   action: authorized_key user=copr key={{ item }}
 

+   authorized_key: user=copr key="{{ item }}"
 

    with_lines:
 

    - "{{ auth_keys_from_fas}} @sysadmin-copr"
 

-   tags: copr_admins
 

+   tags:
 

+   - copr_admins
 

+   - config
 

+   - sshkeys
 

  

  # todo: generate it's own key
 

  - name: make sure hostA can ssh to hostB

file modified
+7 
@@ -36,6 +36,7 @@
 

  

  - name: ensure services are running
 

    service: name={{ item }} state=started enabled=yes
 

+   when: not services_disabled|bool
 

    with_items:
 

    - httpd
 

    - haveged
 
@@ -58,3 +59,9 @@
 

    when: selinux_module is changed
 

  

  - selinux: policy=targeted state=enforcing
 

+ 

+ # See https://github.com/openSUSE/obs-sign/issues/32
 

+ # Sorry for writting this as `shell`. We will drop this task once it
 

+ # is in stable repos.
 

+ - name: Install gnupg2 with required bugfixes
 

+   shell: "dnf -y upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-45c44b31a2"

file modified
+2 -2 
@@ -292,12 +292,12 @@
 

  

  CSP_HEADERS = (
 

      "default-src 'self'; "
 

-     "script-src 'self' '{nonce_script}' https://apps.fedoraproject.org https://mdapi.fedoraproject.org; "
 

+     "script-src 'self' '{nonce_script}' https://apps.fedoraproject.org https://mdapi.fedoraproject.org https://transtats.fedoraproject.org; "
 

      "style-src 'self' '{nonce_style}'; "
 

      "object-src 'none'; "
 

      "base-uri 'self'; "
 

      "img-src 'self' https:; "
 

-     "connect-src 'self' https://pdc.fedoraproject.org https://apps.fedoraproject.org https://mdapi.fedoraproject.org;"
 

+     "connect-src 'self' https://pdc.fedoraproject.org https://apps.fedoraproject.org https://mdapi.fedoraproject.org https://transtats.fedoraproject.org;"
 

  )
 

  

  {% include "pagure_shared.cfg" %}

file modified
+3 
@@ -377,5 +377,8 @@
 

  releng-team: mohanboddu,kevin,humaton
 

  containerbuild: cverna
 

  

+ # copr team - https://pagure.io/fedora-infrastructure/issue/10351
 

+ coprteam: copr-team@redhat.com
 

+ 

  #### The rest of this file is automatically generated - edit using the accounts system!

file modified
+3 -9 
@@ -45,22 +45,17 @@
 

  

  /usr/bin/git clean -q -fdx || exit 1
 

  /usr/bin/git reset -q --hard || exit 1
 

- /usr/bin/git checkout -q master || exit 1
 

+ /usr/bin/git checkout -q main || exit 1
 

  

  /usr/bin/git pull -q --ff-only || exit 1
 

  build labs.fedoraproject.org
 

  build arm.fedoraproject.org
 

- #build getfedora.org
 

  build alt.fedoraproject.org
 

  

- pushd mirrors.fedoraproject.org > /dev/null
 

- rsync -qa --delete-after --delay-updates . /srv/web/mirrors.fedoraproject.org/
 

- popd > /dev/null
 

- 

- # Make sure everything else builds from master.
 

+ # Make sure everything else builds from main.
 

  /usr/bin/git clean -q -fdx || exit 1
 

  /usr/bin/git reset -q --hard || exit 1
 

- /usr/bin/git checkout -q master || exit 1
 

+ /usr/bin/git checkout -q main || exit 1
 

  

  /usr/bin/git pull -q --ff-only || exit 1
 

  
@@ -68,4 +63,3 @@
 

  build spins.fedoraproject.org
 

  build fedoracommunity.org
 

  build start.fedoraproject.org
 

- #build fedoraproject.org

file modified
+2 -8 
@@ -51,21 +51,15 @@
 

  build labs.fedoraproject.org
 

  build spins.fedoraproject.org
 

  build arm.fedoraproject.org
 

- #build getfedora.org
 

  build alt.fedoraproject.org
 

  

- pushd mirrors.fedoraproject.org > /dev/null
 

- rsync -qa --delete-after --delay-updates . /srv/web/mirrors.fedoraproject.org/
 

- popd > /dev/null
 

- 

- # Make sure everything else builds from master.
 

+ # Make sure everything else builds from main.
 

  /usr/bin/git clean -q -fdx || exit 1
 

  /usr/bin/git reset -q --hard || exit 1
 

- /usr/bin/git checkout -q master || exit 1
 

+ /usr/bin/git checkout -q main || exit 1
 

  

  /usr/bin/git pull -q --ff-only || exit 1
 

  

  build flocktofedora.org
 

  build fedoracommunity.org
 

  build start.fedoraproject.org
 

- #build fedoraproject.org

file modified
+2 
@@ -173,6 +173,8 @@
 

    - ipsilon
 

  

  - name: generate the saml2 metadata
 

+   become_user: ipsilon
 

+   become: yes
 

    command:
 

      cmd: /usr/local/bin/prepare-saml2-metadata
 

      creates: /etc/ipsilon/root/saml2/metadata.xml

file modified
+6 
@@ -73,3 +73,9 @@
 

  rhbzstage name = Bugzilla Stage Environment
 

  rhbzstage Allowed Attributes = ["email"]
 

  rhbzstage metadata = <?xml version="1.0" encoding="UTF-8"?><md:EntityDescriptor xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://bugzilla.stage.redhat.com/saml2_metadata.cgi" validUntil="2021-04-15T05:24:00Z"><md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><md:KeyDescriptor use="encryption"> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIHEjCCBfqgAwIBAgIED/8VXDANBgkqhkiG9w0BAQsFADBBMRAwDgYDVQQKDAdSZWQgSGF0MQ0wCwYDVQQLDARwcm9kMR4wHAYDVQQDDBVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMjEwMjIzMDgwNTIwWhcNMjIwMjE4MDgwNTIwWjCBpjELMAkGA1UEBhMCVVMxFzAVBgNVBAgMDk5vcnRoIENhcm9saW5hMRAwDgYDVQQHDAdSYWxlaWdoMRAwDgYDVQQKDAdSZWQgSGF0MR8wHQYDVQQLDBZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MSYwJAYJKoZIhvcNAQkBFhdidWd6aWxsYS1kZXZAcmVkaGF0LmNvbTERMA8GA1UEAwwIYnVnemlsbGEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2jH1PwIGYFryMoqNB8w++9NxCxyS/Gug59Up+n6GAHR+hnBaiN/wWi2AHTZiVq1B+uUhRbYv67S33z1hODRRMsTyVRlj0yW+TvlaGrNsyHgkPit4dlJgvkMRRId8wk1q5ihkmd64xfnSlHcA4tcp69Df6RJyfkJchtbK4qvDJsNVi3CE4Wzm+U01LVMw76noi3z4iqkkOhIQBo61YwV2noUJ5wjG7KEr/EFjjXTteCOmHoV8OyZKAwREr4j/91nm1036FN86CZtn8l2aYpQaQLaO1TvXNPejcVD7WX/7XpBGI+K4suQi5+wF9WRX4Y1WQS7OaiqlUJqdF0RmGiCtiSqyk4bTbAW9WxjCy5JhHgfnLAXSVCgMD8R4fSMK+ZvlQXSb9aCw2OYclmINpyqV2MMqp2yl7F0LosEqyaCcnyl0Nnnm3GJyUKnoMfwueLmDRplg0Oa1UYIwnhMpbZh6f7sRis2QOmUgyreDlA7Gyerr5n86k7nVGfy6Tn+3mLs0n2hxlN6ef4GMzeprb8gtvg6z7ojahVorLaeDCi9LYdofTJZ7+Qz68fB/RwO7TL71RUPZdQ/lmoIhGjaoooC76M+fdBG6QMsgMHJtt0qNdwPoIyna5w9xZZYk0/G6LMPoVTg76w+qKuy84Zc2QldS1XEhCt8ap3CPNz1UjPGolWwIDAQABo4ICqjCCAqYwHwYDVR0jBBgwFoAUe9oJ9Uld2ddcyTb4VdIbl54RL34wggIVBgNVHREEggIMMIICCII+YnotaHR0cHMtYnVnemlsbGEtLWRldi5leHQudXMtZWFzdC5hd3MucHJlcHJvZC5wYWFzLnJlZGhhdC5jb22CQmJ6LWh0dHBzLWJ1Z3ppbGxhLS1kZXYuZXh0LXdhZi51cy1lYXN0LmF3cy5wcmVwcm9kLnBhYXMucmVkaGF0LmNvbYI9YnotaHR0cHMtYnVnemlsbGEtLXFhLmV4dC51cy1lYXN0LmF3cy5wcmVwcm9kLnBhYXMucmVkaGF0LmNvbYJBYnotaHR0cHMtYnVnemlsbGEtLXFhLmV4dC13YWYudXMtZWFzdC5hd3MucHJlcHJvZC5wYWFzLnJlZGhhdC5jb22CQGJ6LWh0dHBzLWJ1Z3ppbGxhLS1zdGFnZS5leHQudXMtZWFzdC5hd3MucHJlcHJvZC5wYWFzLnJlZGhhdC5jb22CRGJ6LWh0dHBzLWJ1Z3ppbGxhLS1zdGFnZS5leHQtd2FmLnVzLWVhc3QuYXdzLnByZXByb2QucGFhcy5yZWRoYXQuY29tgjliei1odHRwcy1idWd6aWxsYS5leHQudXMtZWFzdC5hd3MucHJlcHJvZC5wYWFzLnJlZGhhdC5jb22CPWJ6LWh0dHBzLWJ1Z3ppbGxhLmV4dC13YWYudXMtZWFzdC5hd3MucHJlcHJvZC5wYWFzLnJlZGhhdC5jb20wOwYIKwYBBQUHAQEELzAtMCsGCCsGAQUFBzABhh9odHRwOi8vb2NzcC5yZWRoYXQuY29tL2NhL29jc3AvMA4GA1UdDwEB/wQEAwIE8DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAAFRZx88/G5o9IhGjjSwfxENHMLeMIUAH29fmvDk1u/+ZYAbSS9qP9lQscWd4D4SfxhiwYM3QQYgD0PF54DtmkfWfv7tgXLpQuREQ/Fw38+fmPOTsigfkdxPJ4RZG2BDoRdrm1JghpB+ZzfWEzddk9eiHCWq/T0NFb/4UnFWi70SH5WKZh8vZasPDLT8ABg6xFZbSqfCQM2SvLpVZPU6/Q6F84QCu8O8y0b2ZzwuLnvLsxZP6Ea3uKbyAgSjht4ijUZlThgCoDBA8PQuUHfqH2MDcDkeDi1DeHFrd3bSRYBdtMwb6oCiF35qfymvdwsZzKAnGB02QajjKZfLbqckThU=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="signing"> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIHEjCCBfqgAwIBAgIED/8VXDANBgkqhkiG9w0BAQsFADBBMRAwDgYDVQQKDAdSZWQgSGF0MQ0wCwYDVQQLDARwcm9kMR4wHAYDVQQDDBVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMjEwMjIzMDgwNTIwWhcNMjIwMjE4MDgwNTIwWjCBpjELMAkGA1UEBhMCVVMxFzAVBgNVBAgMDk5vcnRoIENhcm9saW5hMRAwDgYDVQQHDAdSYWxlaWdoMRAwDgYDVQQKDAdSZWQgSGF0MR8wHQYDVQQLDBZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MSYwJAYJKoZIhvcNAQkBFhdidWd6aWxsYS1kZXZAcmVkaGF0LmNvbTERMA8GA1UEAwwIYnVnemlsbGEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2jH1PwIGYFryMoqNB8w++9NxCxyS/Gug59Up+n6GAHR+hnBaiN/wWi2AHTZiVq1B+uUhRbYv67S33z1hODRRMsTyVRlj0yW+TvlaGrNsyHgkPit4dlJgvkMRRId8wk1q5ihkmd64xfnSlHcA4tcp69Df6RJyfkJchtbK4qvDJsNVi3CE4Wzm+U01LVMw76noi3z4iqkkOhIQBo61YwV2noUJ5wjG7KEr/EFjjXTteCOmHoV8OyZKAwREr4j/91nm1036FN86CZtn8l2aYpQaQLaO1TvXNPejcVD7WX/7XpBGI+K4suQi5+wF9WRX4Y1WQS7OaiqlUJqdF0RmGiCtiSqyk4bTbAW9WxjCy5JhHgfnLAXSVCgMD8R4fSMK+ZvlQXSb9aCw2OYclmINpyqV2MMqp2yl7F0LosEqyaCcnyl0Nnnm3GJyUKnoMfwueLmDRplg0Oa1UYIwnhMpbZh6f7sRis2QOmUgyreDlA7Gyerr5n86k7nVGfy6Tn+3mLs0n2hxlN6ef4GMzeprb8gtvg6z7ojahVorLaeDCi9LYdofTJZ7+Qz68fB/RwO7TL71RUPZdQ/lmoIhGjaoooC76M+fdBG6QMsgMHJtt0qNdwPoIyna5w9xZZYk0/G6LMPoVTg76w+qKuy84Zc2QldS1XEhCt8ap3CPNz1UjPGolWwIDAQABo4ICqjCCAqYwHwYDVR0jBBgwFoAUe9oJ9Uld2ddcyTb4VdIbl54RL34wggIVBgNVHREEggIMMIICCII+YnotaHR0cHMtYnVnemlsbGEtLWRldi5leHQudXMtZWFzdC5hd3MucHJlcHJvZC5wYWFzLnJlZGhhdC5jb22CQmJ6LWh0dHBzLWJ1Z3ppbGxhLS1kZXYuZXh0LXdhZi51cy1lYXN0LmF3cy5wcmVwcm9kLnBhYXMucmVkaGF0LmNvbYI9YnotaHR0cHMtYnVnemlsbGEtLXFhLmV4dC51cy1lYXN0LmF3cy5wcmVwcm9kLnBhYXMucmVkaGF0LmNvbYJBYnotaHR0cHMtYnVnemlsbGEtLXFhLmV4dC13YWYudXMtZWFzdC5hd3MucHJlcHJvZC5wYWFzLnJlZGhhdC5jb22CQGJ6LWh0dHBzLWJ1Z3ppbGxhLS1zdGFnZS5leHQudXMtZWFzdC5hd3MucHJlcHJvZC5wYWFzLnJlZGhhdC5jb22CRGJ6LWh0dHBzLWJ1Z3ppbGxhLS1zdGFnZS5leHQtd2FmLnVzLWVhc3QuYXdzLnByZXByb2QucGFhcy5yZWRoYXQuY29tgjliei1odHRwcy1idWd6aWxsYS5leHQudXMtZWFzdC5hd3MucHJlcHJvZC5wYWFzLnJlZGhhdC5jb22CPWJ6LWh0dHBzLWJ1Z3ppbGxhLmV4dC13YWYudXMtZWFzdC5hd3MucHJlcHJvZC5wYWFzLnJlZGhhdC5jb20wOwYIKwYBBQUHAQEELzAtMCsGCCsGAQUFBzABhh9odHRwOi8vb2NzcC5yZWRoYXQuY29tL2NhL29jc3AvMA4GA1UdDwEB/wQEAwIE8DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAAFRZx88/G5o9IhGjjSwfxENHMLeMIUAH29fmvDk1u/+ZYAbSS9qP9lQscWd4D4SfxhiwYM3QQYgD0PF54DtmkfWfv7tgXLpQuREQ/Fw38+fmPOTsigfkdxPJ4RZG2BDoRdrm1JghpB+ZzfWEzddk9eiHCWq/T0NFb/4UnFWi70SH5WKZh8vZasPDLT8ABg6xFZbSqfCQM2SvLpVZPU6/Q6F84QCu8O8y0b2ZzwuLnvLsxZP6Ea3uKbyAgSjht4ijUZlThgCoDBA8PQuUHfqH2MDcDkeDi1DeHFrd3bSRYBdtMwb6oCiF35qfymvdwsZzKAnGB02QajjKZfLbqckThU=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bugzilla.stage.redhat.com/saml2_acs.cgi" index="0"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bugzilla.stage.redhat.com/saml2_acs.cgi" index="1"/> </md:SPSSODescriptor> <md:ContactPerson contactType="technical"> <md:GivenName>Administrator</md:GivenName> <md:EmailAddress>bugzilla-owner@redhat.com</md:EmailAddress> </md:ContactPerson></md:EntityDescriptor>
 

+ 

+ gitlab id = https://gitlab.com/groups/fedora
 

+ gitlab type = SP
 

+ gitlab name = gitlab.com
 

+ gitlab Allowed Attributes = ["email"]
 

+ gitlab metadata = <?xml version='1.0' encoding='UTF-8'?><md:EntityDescriptor ID='_1b989820-b3a1-4fda-bed3-39c77422a44e' entityID='https://gitlab.com/groups/fedora' xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'><md:SPSSODescriptor AuthnRequestsSigned='false' WantAssertionsSigned='false' protocolSupportEnumeration='urn:oasis:names:tc:SAML:2.0:protocol'><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat><md:AssertionConsumerService Binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST' Location='https://gitlab.com/groups/fedora/-/saml/callback' index='0' isDefault='true'/><md:AttributeConsumingService index='1' isDefault='true'><md:ServiceName xml:lang='en'>Required attributes</md:ServiceName><md:RequestedAttribute FriendlyName='Email address' Name='email' NameFormat='urn:oasis:names:tc:SAML:2.0:attrname-format:basic' isRequired='false'/><md:RequestedAttribute FriendlyName='Full name' Name='name' NameFormat='urn:oasis:names:tc:SAML:2.0:attrname-format:basic' isRequired='false'/><md:RequestedAttribute FriendlyName='Given name' Name='first_name' NameFormat='urn:oasis:names:tc:SAML:2.0:attrname-format:basic' isRequired='false'/><md:RequestedAttribute FriendlyName='Family name' Name='last_name' NameFormat='urn:oasis:names:tc:SAML:2.0:attrname-format:basic' isRequired='false'/></md:AttributeConsumingService></md:SPSSODescriptor></md:EntityDescriptor>

file modified
+3 -1 
@@ -184,8 +184,10 @@
 

      tag f36-build :: allow
 

      tag f35-build :: allow
 

      tag f34-build :: allow
 

-     tag f33-build :: allow
 

      tag eln-build :: allow
 

+     tag epel9-next-build :: allow
 

+     tag epel9-build :: allow
 

+     tag epel8-next-build :: allow
 

      tag epel8-build :: allow
 

      tag epel7-build :: allow
 

      all :: deny

file removed
-28 
@@ -1,28 +0,0 @@
 

- data:
 

-   description: Fedora 33 traditional base
 

-   license:
 

-     module: [MIT]
 

-   name: platform
 

-   profiles:
 

-     buildroot:
 

-       rpms: [bash, bzip2, coreutils, cpio, diffutils, fedora-release, findutils, gawk,
 

-         glibc-minimal-langpack, grep, gzip, info, make, patch, redhat-rpm-config,
 

-         rpm-build, sed, shadow-utils, tar, unzip, util-linux, which, xz]
 

-     srpm-buildroot:
 

-       rpms: [bash, fedora-release, fedpkg-minimal, glibc-minimal-langpack, gnupg2,
 

-         redhat-rpm-config, rpm-build, shadow-utils]
 

-   stream: f33
 

-   summary: Fedora 33 traditional base
 

-   context: 00000000
 

-   version: 1
 

-   xmd:
 

-     mbs:
 

-       buildrequires: {}
 

-       commit: f33
 

-       requires: {}
 

-       koji_tag: module-f33-build
 

-       mse: TRUE
 

-       virtual_streams: [fedora]
 

- document: modulemd
 

- version: 1
 

-

file modified
+1 
@@ -51,6 +51,7 @@
 

      PDC_INSECURE = True
 

      PDC_DEVELOP = True
 

      SCMURLS = ["git+https://src.fedoraproject.org/modules/"]
 

+     RAWHIDE_BRANCH = 'rawhide'
 

  

      # How often should we resort to polling, in seconds
 

      # Set to zero to disable polling

file modified
+2 -2 
@@ -175,7 +175,7 @@
 

  - name: checkout mirrorlist-server
 

    git:
 

      repo: https://github.com/adrianreber/mirrorlist-server.git
 

-     version: 3.0.5
 

+     version: 3.0.6
 

      dest: /srv/mirrorlist-server.git
 

    become: yes
 

    become_user: mirrormanager
 
@@ -183,7 +183,7 @@
 

  - name: checkout scan-primary-mirror
 

    git:
 

      repo: https://github.com/adrianreber/scan-primary-mirror.git
 

-     version: 0.2.0
 

+     version: 0.3.0
 

      dest: /srv/scan-primary-mirror.git
 

    become: yes
 

    become_user: mirrormanager

file modified
+5 -1 
@@ -1,7 +1,7 @@
 

  common_rsync_options="--no-motd --timeout 14400"
 

  max_propagation_days = 2
 

  max_stale_days = 3
 

- skip_repository_paths = ["SIGs"]
 

+ excludes=[".*\\.snapshot", ".*/\\.~tmp~"]
 

  

  [database]
 

  url="postgresql://{{ mirrormanager_db_user }}:{{ mirrormanager_db_pass }}@{{ mirrormanager_db_host }}/{{ mirrormanager_db_name }}"
 
@@ -39,3 +39,7 @@
 

  [[repository_mapping]]
 

  regex="^\\d+(?:-stream)?/ResilientStorage/"
 

  prefix="centos-resilientstorage"
 

+ 

+ [[repository_mapping]]
 

+ regex="^SIGs/\\d+(?:-stream)?/(?P<signame>\\S+?)/(?P<arch>\\S+?)/(?P<sigrepo>[^\\s/]+)(/?.*)"
 

+ prefix="centos-${signame}-sig-${sigrepo}"

file modified
+3 -3 
@@ -143,7 +143,7 @@
 

  # authenticated to the web server.
 

  

  #authorized_for_system_commands=nagiosadmin
 

- authorized_for_system_commands=averi,codeblock,kevin,nb,pfrields,puiterwijk,smooge,tibbs,pbrobinson,spot,pingou,tflink,mizdebsk,msimacek,stickster,bstinson,mobrien
 

+ authorized_for_system_commands=averi,codeblock,kevin,nb,pfrields,puiterwijk,smooge,tibbs,pbrobinson,spot,pingou,tflink,mizdebsk,msimacek,stickster,bstinson,mobrien,praiskup,frostyx
 

  

  

  
@@ -173,9 +173,9 @@
 

  

  #authorized_for_all_service_commands=nagiosadmin
 

  #authorized_for_all_host_commands=nagiosadmin
 

- authorized_for_all_service_commands=averi,codeblock,kevin,nb,pfrields,puiterwijk,smooge,tibbs,pbrobinson,spot,pingou,tflink,mizdebsk,msimacek,stickster,bstinson,cverna,clime,mobrien
 

+ authorized_for_all_service_commands=averi,codeblock,kevin,nb,pfrields,puiterwijk,smooge,tibbs,pbrobinson,spot,pingou,tflink,mizdebsk,msimacek,stickster,bstinson,cverna,clime,mobrien,praiskup,frostyx
 

  

- authorized_for_all_host_commands=averi,codeblock,kevin,nb,pfrields,puiterwijk,smooge,tibbs,pbrobinson,spot,pingou,tflink,mizdebsk,msimacek,stickster,bstinson,cverna,clime,mobrien
 

+ authorized_for_all_host_commands=averi,codeblock,kevin,nb,pfrields,puiterwijk,smooge,tibbs,pbrobinson,spot,pingou,tflink,mizdebsk,msimacek,stickster,bstinson,cverna,clime,mobrien,praiskup,frostyx
 

  

  # STATUSMAP BACKGROUND IMAGE
 

  # This option allows you to specify an image to be used as a

file modified
+3 -2 
@@ -8,8 +8,9 @@
 

  openqa_amqp_scheduler_cert: /etc/fedora-messaging/fedora-cert.pem
 

  openqa_amqp_scheduler_routing_keys: ["org.fedoraproject.prod.pungi.compose.status.change",
 

                                       "org.fedoraproject.prod.bodhi.update.request.testing",
 

-                                      "org.fedoraproject.prod.bodhi.update.edit"]
 

- 

+                                      "org.fedoraproject.prod.bodhi.update.edit",
 

+                                      "org.fedoraproject.prod.bodhi.update.status.testing.koji-build-group.build.complete",
 

+                                      "org.fedoraproject.prod.coreos.build.state.change"]
 

  openqa_amqp_reporter_url: "amqps://fedora:@rabbitmq.fedoraproject.org/%2Fpublic_pubsub"
 

  openqa_amqp_reporter_cacert: /etc/fedora-messaging/cacert.pem
 

  openqa_amqp_reporter_key: /etc/fedora-messaging/fedora-key.pem

file removed
-7 
@@ -1,7 +0,0 @@
 

- #!/bin/sh
 

- 

- # schedule openQA jobs for the current Fedora CoreOS builds in the
 

- # various streams; if the current build has already been tested,
 

- # this will not create any new jobs
 

- 

- for stream in stable testing next; do /usr/local/bin/fedora-openqa fcosbuild --stream $stream > /dev/null 2>&1 || /usr/bin/true; done

file modified
-5 
@@ -360,11 +360,6 @@
 

    tags:
 

    - config
 

  

- - name: Set up cron job to schedule Fedora CoreOS build jobs
 

-   copy: src=schedule-fcos-builds.cron dest=/etc/cron.hourly/schedule-fcos-builds owner=root group=root mode=0755
 

-   tags:
 

-   - config
 

- 

  # This is to deal with an annoying bug in fedora-messaging: sometimes
 

  # consumers seem to get stuck allegedly running fine but not parsing
 

  # any messages. So we'll restart all running consumers every day just

file modified
+5 
@@ -13,6 +13,11 @@
 

  topic_prefix = {{ openqa_amqp_publisher_prefix }}
 

  url = {{ openqa_amqp_publisher_url }}
 

  exchange = {{ openqa_amqp_publisher_exchange }}
 

+ {% if openqa_amqp_publisher_cacertfile is defined %}
 

+ cacertfile = {{ openqa_amqp_publisher_cacertfile }}
 

+ certfile = {{ openqa_amqp_publisher_certfile }}
 

+ keyfile = {{ openqa_amqp_publisher_keyfile }}
 

+ {% endif %}
 

  

  [audit/storage_duration]
 

  startup = 7

file modified
+7 -2 
@@ -88,7 +88,7 @@
 

  

  - name: Install required packages
 

    package:
 

-     name: ['openqa-worker', 'os-autoinst', 'qemu-common']
 

+     name: ['openqa-worker', 'os-autoinst']
 

      state: latest
 

      enablerepo: "{{ openqa_repo }}"
 

    notify:
 
@@ -177,7 +177,12 @@
 

  # for now it's fine to just assume the tap host(s) is/are also the
 

  # swtpm host(s)
 

  - include_tasks: swtpm-setup.yml
 

-   when: openqa_tap|bool
 

+   when: "openqa_tap|bool and (deployment_type is not defined or deployment_type != 'stg')"
 

+ 

+ # teardown swtpm services, since os-autoinst does this for us since
 

+ # 7ae93f9f137b8cf7de22f0494a11ead5b7832e46
 

+ - include_tasks: swtpm-teardown.yml
 

+   when: "openqa_tap|bool and (deployment_type is defined and deployment_type == 'foo')"
 

  

  - name: openQA client config
 

    template: src=client.conf.j2 dest=/etc/openqa/client.conf owner=_openqa-worker group=root mode=0600

file added
+6 
@@ -0,0 +1,6 @@
 

+ - name: Stop and disable swtpm services
 

+   service: name=openqa-swtpm@{{ item }} enabled=no state=stopped
 

+   loop: "{{ range(1, openqa_workers + 1)|list }}"
 

+ 

+ - name: Remove openqa-swtpm service file
 

+   file: path=/etc/systemd/system/openqa-swtpm@.service state=absent

file modified
+2 -2 
@@ -11,12 +11,12 @@
 

      runPolicy: Serial
 

      source:
 

        dockerfile: |-
 

-         {{ load_file('dockerfile-base') | indent(8) }}
 

+         {{ load_file('dockerfile-base-hotfix') | indent(8) }}
 

        type: Dockerfile
 

      strategy:
 

        type: Docker
 

        dockerStrategy:
 

-         noCache: false
 

+         noCache: False
 

      output:
 

        to:
 

          kind: ImageStreamTag

file added
+42 
@@ -0,0 +1,42 @@
 

+ FROM fedora:34
 

+ MAINTAINER asaleh@redhat.com
 

+ ENV VERSION=5.7.2
 

+ ENV COMMIT=b758a4caeeeff639edb51e4e6ee8b634c4dce930
 

+ ENV SPECURL=https://gist.githubusercontent.com/AdamSaleh/1919b8ec41075e415613e033086a6054/raw/4795a74b9cff10e401119a4e74b1085498ad7d91/bodhi.spec
 

+ RUN  dnf -y install fedora-packager wget curl
 

+ RUN yum -y install rpm-build redhat-rpm-config make gcc git vi tar unzip rpmlint && yum clean all
 

+ RUN curl $SPECURL -o /tmp/bodhi.spec
 

+ RUN dnf -y builddep --spec /tmp/bodhi.spec
 

+ RUN useradd rpmbuild -u 5002 -g users -p rpmbuild
 

+ USER rpmbuild
 

+ ENV HOME /home/rpmbuild
 

+ WORKDIR /home/rpmbuild
 

+ RUN curl $SPECURL -o /home/rpmbuild/bodhi.spec
 

+ RUN mkdir -p /home/rpmbuild/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
 

+ RUN echo '%_topdir %{getenv:HOME}/rpmbuild' > /home/rpmbuild/.rpmmacros
 

+ RUN wget https://github.com/fedora-infra/bodhi/archive/${COMMIT}.tar.gz 

+ RUN mv ${COMMIT}.tar.gz /home/rpmbuild/rpmbuild/SOURCES/bodhi-${COMMIT}.tar.gz
 

+ RUN sed -i "s/891564724f08124c3272e2f16717b41fd9a56e78/${COMMIT}/g" /home/rpmbuild/bodhi.spec
 

+ RUN sed -i "s/5\.7\.1/${VERSION}/g" /home/rpmbuild/bodhi.spec
 

+ RUN rpmbuild --define "commit ${COMMIT}"  -ba /home/rpmbuild/bodhi.spec
 

+ 

+ FROM fedora:34
 

+ 

+ LABEL \
 

+   name="bodhi-base" \
 

+   vendor="Fedora Infrastructure" \
 

+   license="MIT"
 

+ RUN curl -o /etc/yum.repos.d/infra-tags-stg.repo https://infrastructure.fedoraproject.org/infra/ansible/files/common/fedora-infra-tags-stg.repo
 

+ 

+ # While dnf has a --nodocs, it doesen't have a --docs...
 

+ 

+ RUN sed -i '/nodocs/d' /etc/dnf/dnf.conf
 

+ COPY --from=0 /home/rpmbuild/rpmbuild/RPMS /tmp/RPMS
 

+ 

+ RUN dnf install -y /tmp/RPMS/noarch/* python3-pyramid_sawing python3-gunicorn
 

+ 

+ # Set up krb5
 

+ RUN rm -f /etc/krb5.conf && \
 

+     ln -sf /etc/bodhi/krb5.conf /etc/krb5.conf && \
 

+     ln -sf /etc/keytabs/koji-keytab /etc/krb5.bodhi_bodhi{{ env_suffix }}.fedoraproject.org.keytab
 

+ ENV USER=openshift  

\ No newline at end of file

file modified
+1 -1 
@@ -19,7 +19,7 @@
 

      dockerStrategy:
 

        from:
 

          kind: ImageStreamTag
 

-         name: fedora:33
 

+         name: fedora:34
 

    output:
 

      to:
 

        kind: ImageStreamTag

file modified
+2 -2 
@@ -12,10 +12,10 @@
 

      lookupPolicy:
 

        local: false
 

      tags:
 

-     - name: "33"
 

+     - name: "34"
 

        from:
 

          kind: DockerImage
 

-         name: registry.fedoraproject.org/fedora:33
 

+         name: registry.fedoraproject.org/fedora:34
 

        importPolicy: 

          scheduled: true
 

        referencePolicy:

file modified
+3 -3 
@@ -29,8 +29,8 @@
 

    triggers:
 

    - type: ConfigChange
 

    - type: ImageChange
 

-   {% if discourse2fedmsg_stg_github_secret is defined and env == 'staging' %}
 

+ {% if discourse2fedmsg_stg_webhook_secret is defined and env == 'staging' %}
 

    - type: GitHub
 

      github:
 

-       secret: "{{ discourse2fedmsg_stg_github_secret }}"
 

-   {% endif %}
 

+       secret: "{{ discourse2fedmsg_stg_webhook_secret }}"
 

+ {% endif %}

file modified
+4 -4 
@@ -45,12 +45,12 @@
 

            subPath: cacert.pem
 

            readOnly: true
 

          - name: fedora-messaging-crt-volume
 

-           mountPath: /etc/pki/fedora-messaging/noggin-cert.pem
 

-           subPath: noggin-cert.pem
 

+           mountPath: /etc/pki/fedora-messaging/discourse2fedmsg-cert.pem
 

+           subPath: discourse2fedmsg-cert.pem
 

            readOnly: true
 

          - name: fedora-messaging-key-volume
 

-           mountPath: /etc/pki/fedora-messaging/noggin-key.pem
 

-           subPath: noggin-key.pem
 

+           mountPath: /etc/pki/fedora-messaging/discourse2fedmsg-key.pem
 

+           subPath: discourse2fedmsg-key.pem
 

            readOnly: true
 

          readinessProbe:
 

            timeoutSeconds: 10

file modified
+1 -1 
@@ -1,4 +1,4 @@
 

- project_name: fcos-pipeline
 

+ project_name: fedora-coreos
 

  project_description: Jenkins Pipeline Configuration for FHCOS
 

  project_service_account: fcos-sa
 

  appowners: []

file added
+20 
@@ -0,0 +1,20 @@
 

+ apiVersion: v1
 

+ kind: Secret
 

+ metadata:
 

+   name: admin-config
 

+ stringData:
 

+   config-admin.cfg: |
 

+     {{ lookup('template', roles_path + '/openshift-apps/koschei/templates/config-admin.cfg.j2') | indent }}
 

+   config-backend.cfg: |
 

+     {{ lookup('template', roles_path + '/openshift-apps/koschei/templates/config-backend.cfg.j2') | indent }}
 

+   fedora-messaging.toml: |
 

+     {{ lookup('template', roles_path + '/openshift-apps/koschei/templates/fedora-messaging.toml.j2') | indent }}
 

+   krb5.conf: |
 

+     {{ lookup('template', roles_path + '/base/templates/krb5.conf.j2') | indent }}
 

+ data:
 

+   rabbitmq-ca.crt: |
 

+     {{ lookup('file', private + '/files/rabbitmq/' + env + '/pki/ca.crt', rstrip=False) | b64encode | indent }}
 

+   rabbitmq-client.crt: |
 

+     {{ lookup('file', private + '/files/rabbitmq/' + env + '/pki/issued/' + app + env_suffix + '.crt', rstrip=False) | b64encode | indent }}
 

+   rabbitmq-client.key: |
 

+     {{ lookup('file', private + '/files/rabbitmq/' + env + '/pki/private/' + app + env_suffix + '.key', rstrip=False) | b64encode | indent }}

file modified
+1 -1 
@@ -40,7 +40,7 @@
 

        volumes:
 

        - name: config
 

          secret:
 

-           secretName: backend-config
 

+           secretName: admin-config
 

        - name: keytab
 

          secret:
 

            secretName: keytab

file added
+16 
@@ -0,0 +1,16 @@
 

+ # This is a config file for Koschei that can override values in default
 

+ # configuration in /usr/share/koschei/config.cfg. It is a python file expecting
 

+ # assignment to config dictionary which will be recursively merged with the
 

+ # default one.
 

+ 

+ config = {
 

+     "database_config": {
 

+         "username": "koscheiadmin",
 

+         "password": "{{ koscheiadmin_db_password }}",
 

+     },
 

+ }
 

+ 

+ # Local Variables:
 

+ # mode: Python
 

+ # End:
 

+ # vi: ft=python

file modified
+1 -1 
@@ -11,7 +11,7 @@
 

          spec:
 

            containers:
 

            - name: "cron-{{name}}"
 

-             image: "{{ koschei_container_image }}"
 

+             image: "docker-registry.default.svc:5000/koschei/koschei:latest"
 

              command: ["/bin/bash", "-euxc", "{{command}}"]
 

              env:
 

                - name: SUDO_USER

file modified
+1 -1 
@@ -7,7 +7,7 @@
 

      spec:
 

        containers:
 

        - name: "job-{{name}}"
 

-         image: "{{ koschei_container_image }}"
 

+         image: "docker-registry.default.svc:5000/koschei/koschei:latest"
 

          command: ["/bin/bash", "-euxc", "{{command}}"]
 

          env:
 

            - name: SUDO_USER

file modified
+10 -11 
@@ -39,25 +39,18 @@
 

    - name: refresh-go
 

      schedule: "7 0-23/3 * * *"
 

      command: "koschei-refresh-distgit-group go-sig go-sig --append"
 

-   - name: refresh-ss
 

-     schedule: "9 0-23/3 * * *"
 

-     command: "koschei-refresh-distgit-group stewardship-sig stewardship-sig"
 

    - name: refresh-scitech
 

      schedule: "11 0-23/3 * * *"
 

      command: "koschei-refresh-distgit-group scitech_sig scitech_sig"
 

- # neuro-sig tracking is temporairly disabled, see #9664
 

- #  - name: refresh-neuro
 

- #    schedule: "13 0-23/3 * * *"
 

- #    command: "koschei-refresh-distgit-group neuro-sig neuro-sig"
 

+   - name: refresh-neuro
 

+     schedule: "13 0-23/3 * * *"
 

+     command: "koschei-refresh-distgit-group neuro-sig neuro-sig"
 

    - name: track-rust
 

      schedule: "15 0-23/3 * * *"
 

      command: "koschei-track-group rust-sig"
 

    - name: track-go
 

      schedule: "17 0-23/3 * * *"
 

      command: "koschei-track-group go-sig"
 

-   - name: track-ss
 

-     schedule: "19 0-23/3 * * *"
 

-     command: "koschei-track-group stewardship-sig"
 

    - name: track-scitech
 

      schedule: "21 0-23/3 * * *"
 

      command: "koschei-track-group scitech_sig"
 
@@ -69,4 +62,10 @@
 

      command: "koschei-refresh-distgit-group koschei/auto-group-python-sig python-sig"
 

    - name: track-python
 

      schedule: "27 0-23/3 * * *"
 

-     command: "koschei-admin psql <<<'UPDATE package SET tracked = TRUE WHERE NOT tracked AND id IN (SELECT p.id FROM package p JOIN package_group_relation pgr ON p.base_id = pgr.base_id WHERE pgr.group_id = 76)'"
 

+     command: "koschei-admin psql <<<'UPDATE package SET tracked = TRUE WHERE id IN (SELECT p.id FROM package p JOIN package_group_relation pgr ON p.base_id = pgr.base_id WHERE NOT p.tracked AND pgr.group_id = 76)'"
 

+   - name: refresh-churchyard
 

+     schedule: "29 0-23/3 * * *"
 

+     command: "koschei-refresh-user-group koschei/auto-group-churchyard churchyard"
 

+   - name: track-churchyard
 

+     schedule: "31 0-23/3 * * *"
 

+     command: "koschei-admin psql <<<'UPDATE package SET tracked = TRUE WHERE id IN (SELECT p.id FROM package p JOIN package_group_relation pgr ON p.base_id = pgr.base_id WHERE NOT p.tracked AND pgr.group_id = 79)'"

file modified
+1 -1 
@@ -13,7 +13,7 @@
 

  {% endif %}
 

  

  # IPA settings
 

- FREEIPA_SERVERS = ['{{ ipa_server }}']
 

+ FREEIPA_SERVERS = {{ ipa_server_nodes }}
 

  FREEIPA_CACERT = '/etc/ipa/ca.crt'
 

  

  # Cookies

file added
+53 
@@ -0,0 +1,53 @@
 

+ apiVersion: batch/v1beta1
 

+ kind: CronJob
 

+ metadata:
 

+   name: updatepot
 

+ spec:
 

+   concurrencyPolicy: Forbid
 

+   schedule: "0 20 * * *"
 

+   successfulJobsHistoryLimit: 1
 

+   failedJobsHistoryLimit: 1
 

+   activeDeadlineSeconds: 900
 

+   startingDeadlineSeconds: 300
 

+   jobTemplate:
 

+     spec:
 

+       backoffLimit: 0
 

+       template:
 

+         metadata:
 

+           labels:
 

+             parent: "updatepotcron"
 

+         spec:
 

+           containers:
 

+           - name: pushpot
 

+             image: docker-registry.default.svc:5000/websites/builder:latest
 

+             command: ["/bin/bash", "-c"]
 

+             args: 

+             - |
 

+               cd /tmp
 

+               git clone https://pagure.io/fedora-web/websites.git
 

+               cd websites
 

+               

+               for i in getfedora.org; do
 

+                 pushd sites/$i/scripts
 

+                 ./translations-source.sh
 

+                 [ -f $i.pot ] && ./push-pot.sh
 

+                 popd
 

+               done
 

+             env: []
 

+             volumeMounts: 

+             - mountPath: /.gitconfig
 

+               name: gitconfig
 

+               readOnly: true
 

+               subPath: .gitconfig
 

+             - name: sshconfig
 

+               mountPath: /.ssh
 

+               readOnly: true
 

+           restartPolicy: Never
 

+           startingDeadlineSeconds: 600
 

+           volumes: 

+           - name: sshconfig
 

+             secret:
 

+               secretName: sshconfig
 

+           - name: gitconfig
 

+             configMap:
 

+               name: gitconfig

file added
+13 
@@ -0,0 +1,13 @@
 

+ ---
 

+ apiVersion: v1
 

+ kind: ConfigMap
 

+ metadata:
 

+   name: gitconfig
 

+   labels:
 

+     app: websites
 

+ data:
 

+   .gitconfig: |-
 

+     [user]
 

+       name = ♪ I'm a bot, bot, bot ♪
 

+       email = _update_web_trans@sundries
 

+

file added
+15 
@@ -0,0 +1,15 @@
 

+ ---
 

+ apiVersion: v1
 

+ kind: Secret
 

+ metadata:
 

+   name: sshconfig
 

+   labels:
 

+     app: websites
 

+ stringData:
 

+   id_rsa_web_trans: |-
 

+     {{ lookup('file', ssh_key_path) | indent(4) }}
 

+   config: |-
 

+     Host pagure.io
 

+       User git
 

+       IdentityFile /.ssh/id_rsa_web_trans
 

+       StrictHostKeyChecking no

file modified
+1 -1 
@@ -1,4 +1,4 @@
 

- - name: Install oc-client.prm package.
 

+ - name: Install oc-client.rpm package.
 

    yum:
 

       name: /srv/web/infra/bigfiles/openshiftboot/oc-client/oc-client.rpm
 

       state: present

file modified
+1 -1 
@@ -63,7 +63,7 @@
 

        "dist_tag": ".fc33",
 

        "koji_name": "f33",
 

        "name": "Fedora",
 

-       "status": "Active",
 

+       "status": "EOL",
 

        "version": "33"
 

      },
 

      {

file modified
+1 -1 
@@ -211,4 +211,4 @@
 

    - GBDR
 

  

  - import_tasks: datanommer.yml
 

-   when: inventory_hostname.startswith('db-datanommer02')
 

+   when: inventory_hostname.startswith('db-datanommer02') or (env == "staging" and inventory_hostname.startswith('db-datanommer'))

file modified
+2 -2 
@@ -1,6 +1,6 @@
 

  # Fedora 33 Cloud nightly compose
 

- MAILTO=releng-cron@lists.fedoraproject.org
 

- 15 6 * * * root TMPDIR=`mktemp -d /tmp/CloudF33.XXXXXX` && chmod 755 $TMPDIR && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f33 && LANG=en_US.UTF-8 ./cloud-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR
 

+ #MAILTO=releng-cron@lists.fedoraproject.org
 

+ #15 6 * * * root TMPDIR=`mktemp -d /tmp/CloudF33.XXXXXX` && chmod 755 $TMPDIR && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f33 && LANG=en_US.UTF-8 ./cloud-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR
 

  

  # Fedora 35 Cloud nightly compose
 

  MAILTO=releng-cron@lists.fedoraproject.org

file modified
+2 -2 
@@ -3,8 +3,8 @@
 

  45 5 * * * root TMPDIR=`mktemp -d /tmp/containerF34.XXXXXX` && chmod 755 $TMPDIR && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f34 && LANG=en_US.UTF-8 ./container-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR
 

  

  # Fedora 33 Container Updates nightly compose
 

- MAILTO=releng-cron@lists.fedoraproject.org
 

- 45 7 * * * root TMPDIR=`mktemp -d /tmp/containerF33.XXXXXX` && chmod 755 $TMPDIR && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f33 && LANG=en_US.UTF-8 ./container-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR
 

+ #MAILTO=releng-cron@lists.fedoraproject.org
 

+ #45 7 * * * root TMPDIR=`mktemp -d /tmp/containerF33.XXXXXX` && chmod 755 $TMPDIR && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f33 && LANG=en_US.UTF-8 ./container-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR
 

  

  # Fedora 35 Container Updates nightly compose
 

  MAILTO=releng-cron@lists.fedoraproject.org

file modified
+2 -2 
@@ -1,11 +1,11 @@
 

  [bugzilla]
 

  {% if env == "production" %}
 

  bugzilla=https://bugzilla.redhat.com/
 

- tracking=1927309
 

+ tracking=1992484
 

  {% elif env == 'staging' %}
 

  bugzilla=https://bugzilla.stage.redhat.com/
 

  tracking=1732434
 

  {% endif %}
 

  username={{ ftbfs_bugzilla_account }}
 

  password={{ ftbfs_bugzilla_password }}
 

- fedora=f35
 

+ fedora=f36

file modified
-50 
@@ -108,12 +108,6 @@
 

              keyid = "{{ (env == 'production')|ternary('47dd8ef9', 'd300e724') }}"
 

  

              [[consumer_config.koji_instances.primary.tags]]
 

-             from = "f33-infra-candidate"
 

-             to = "f33-infra-stg"
 

-             key = "{{ (env == 'production')|ternary('fedora-infra', 'testkey') }}"
 

-             keyid = "{{ (env == 'production')|ternary('47dd8ef9', 'd300e724') }}"
 

- 

-             [[consumer_config.koji_instances.primary.tags]]
 

              from = "f34-infra-candidate"
 

              to = "f34-infra-stg"
 

              key = "{{ (env == 'production')|ternary('fedora-infra', 'testkey') }}"
 
@@ -134,12 +128,6 @@
 

              # Gated coreos-pool tag
 

  

              [[consumer_config.koji_instances.primary.tags]]
 

-             from = "f33-coreos-signing-pending"
 

-             to = "coreos-pool"
 

-             key = "{{ (env == 'production')|ternary('fedora-33', 'testkey') }}"
 

-             keyid = "{{ (env == 'production')|ternary('9570ff31', 'd300e724') }}"
 

- 

-             [[consumer_config.koji_instances.primary.tags]]
 

              from = "f34-coreos-signing-pending"
 

              to = "coreos-pool"
 

              key = "{{ (env == 'production')|ternary('fedora-34', 'testkey') }}"
 
@@ -264,38 +252,6 @@
 

              keyid = "{{ (env == 'production')|ternary('45719a39', 'd300e724') }}"
 

              type = "modular"
 

  

-             [[consumer_config.koji_instances.primary.tags]]
 

-             from = "f33-signing-pending"
 

-             to = "f33-updates-testing-pending"
 

-             key = "{{ (env == 'production')|ternary('fedora-33', 'testkey') }}"
 

-             keyid = "{{ (env == 'production')|ternary('9570ff31', 'd300e724') }}"
 

- 

-             [consumer_config.koji_instances.primary.tags.sidetags]
 

-             pattern = 'f33-build-side-<seq_id>'
 

-             from = '<sidetag>-signing-pending'
 

-             to = '<sidetag>-testing-pending'
 

-             trusted_taggers = ['bodhi']
 

- 

-             [[consumer_config.koji_instances.primary.tags]]
 

-             from = "f33-pending"
 

-             to = "f33"
 

-             key = "{{ (env == 'production')|ternary('fedora-33', 'testkey') }}"
 

-             keyid = "{{ (env == 'production')|ternary('9570ff31', 'd300e724') }}"
 

- 

-             [[consumer_config.koji_instances.primary.tags]]
 

-             from = "f33-modular-pending"
 

-             to = "f33-modular"
 

-             key = "{{ (env == 'production')|ternary('fedora-33', 'testkey') }}"
 

-             keyid = "{{ (env == 'production')|ternary('9570ff31', 'd300e724') }}"
 

-             type = "modular"
 

- 

-             [[consumer_config.koji_instances.primary.tags]]
 

-             from = "f33-modular-signing-pending"
 

-             to = "f33-modular-updates-testing-pending"
 

-             key = "{{ (env == 'production')|ternary('fedora-33', 'testkey') }}"
 

-             keyid = "{{ (env == 'production')|ternary('9570ff31', 'd300e724') }}"
 

-             type = "modular"
 

- 

              #epel8 modular tags
 

              [[consumer_config.koji_instances.primary.tags]]
 

              from = "epel8-modular-signing-pending"
 
@@ -412,12 +368,6 @@
 

              key = "{{ (env == 'production')|ternary('fedora-34', 'testkey') }}"
 

              keyid = "{{ (env == 'production')|ternary('45719a39', 'd300e724') }}"
 

  

-             [[consumer_config.koji_instances.primary.tags]]
 

-             from = "f33-openh264"
 

-             to = "f33-openh264"
 

-             key = "{{ (env == 'production')|ternary('fedora-33', 'testkey') }}"
 

-             keyid = "{{ (env == 'production')|ternary('9570ff31', 'd300e724') }}"
 

- 

              # Side tags created by releng
 

  

              # f35-python

file modified
+1 -1 
@@ -7,7 +7,7 @@
 

  #      If no listen option is given (here or on the command line), opentracker
 

  #      listens on 0.0.0.0:6969 tcp and udp.
 

  #
 

- listen.tcp_udp [2600:2701:4000:5211:dead:beef:00fe:fed7]:6969
 

+ listen.tcp_udp [2600:2701:4000:5211:dead:beef:fe:fed7/104]:6969
 

  # listen.tcp_udp 192.168.0.1:80
 

  # listen.tcp_udp 10.0.0.5:6969
 

  #

file modified
+14 
@@ -4,6 +4,20 @@
 

  - name: set selinux to enforcing
 

    selinux: policy=targeted state=enforcing
 

  

+ # enable the advanced virt module
 

+ - name: enable the advanced virt module
 

+   copy:
 

+     dest: /etc/dnf/modules.d/virt.module
 

+     content: |
 

+       [virt]
 

+       name=virt
 

+       stream=8.3
 

+       profiles=
 

+       state=enabled
 

+   tags:
 

+   - virthost
 

+   when: ansible_distribution == 'RedHat' and ansible_distribution_major_version|int == 8
 

+ 

  - name: install openstack 7 repo file
 

    copy: src=rhel7-os.repo dest=/etc/yum.repos.d/rhel7-os.repo
 

    tags:

file modified
+12 -6 
@@ -10,16 +10,22 @@
 

    changed_when: false
 

    check_mode: no
 

  

- - name: gather ssh host key from new instance
 

-   local_action: command ssh-keyscan -t rsa {{ inventory_hostname }}
 

-   ignore_errors: true
 

+ - name: birthday=on - drop the old known host entries
 

+   local_action: known_hosts path={{item}}
 

+                 host={{ inventory_hostname }}
 

+                 state=absent
 

+   with_items:
 

+   - /root/.ssh/known_hosts
 

+   when: birthday is defined
 

+ 

+ - name: gather the temporary ssh host key from the new instance
 

+   local_action: command ssh-keyscan -t ed25519 {{ inventory_hostname }}
 

    register: hostkey
 

    when: birthday is defined
 

  

  - name: add new ssh host key (until we can sign it)
 

    local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}"
 

                  host={{ inventory_hostname }} state=present
 

-   ignore_errors: true
 

    with_items:
 

    - /root/.ssh/known_hosts
 

    when: birthday is defined
 
@@ -66,5 +72,5 @@
 

    - birthday is defined
 

    - facts is failed
 

  

- - name: Include SSH config
 

-   import_role: name=basessh
 

+ # - name: Include SSH config
 

+ #   import_role: name=basessh

Last batch update of Ansible host_vars files for linux-system-roles/network conversion. Also integrated yaml sort of host vars.

Build failed. More information on how to proceed and troubleshoot errors available at https://fedoraproject.org/wiki/Zuul-based-ci

1 new commit added

  • null value didn't map correctly
2 years ago

Build failed. More information on how to proceed and troubleshoot errors available at https://fedoraproject.org/wiki/Zuul-based-ci

1 new commit added

  • added tab to url: line
2 years ago

Build failed. More information on how to proceed and troubleshoot errors available at https://fedoraproject.org/wiki/Zuul-based-ci

Pull-Request has been closed by petebuffon
2 years ago
Metadata
None
No Tags
Changes Summary 847
+7 -0
file changed
files/common/rhel8.repo
+10
file added
files/debuginfod/debuginfod.service.d
+2 -1
file changed
inventory/cloud
+2 -2
file changed
inventory/group_vars/aarch64_test
+191 -399
file changed
inventory/group_vars/all
+20 -27
file changed
inventory/group_vars/autosign
+0 -1
file changed
inventory/group_vars/autosign_hardware
+7 -7
file changed
inventory/group_vars/badges
+45 -54
file changed
inventory/group_vars/badges_backend
+44 -52
file changed
inventory/group_vars/badges_backend_stg
+8 -8
file changed
inventory/group_vars/badges_stg
+41 -48
file changed
inventory/group_vars/badges_web
+40 -46
file changed
inventory/group_vars/badges_web_stg
+7 -16
file changed
inventory/group_vars/basset
+7 -12
file changed
inventory/group_vars/basset_stg
+47 -65
file changed
inventory/group_vars/bastion
+41 -55
file changed
inventory/group_vars/bastion_stg
+66 -73
file changed
inventory/group_vars/batcave
+6 -8
file changed
inventory/group_vars/bkernel
+30 -39
file changed
inventory/group_vars/blockerbugs
+28 -36
file changed
inventory/group_vars/blockerbugs_stg
+26 -40
file changed
inventory/group_vars/bodhi_backend
+43 -50
file changed
inventory/group_vars/bodhi_backend_stg
+7 -8
file changed
inventory/group_vars/builders
+7 -8
file changed
inventory/group_vars/builders_stg
+13 -17
file changed
inventory/group_vars/buildhw
+22 -26
file changed
inventory/group_vars/buildvm
+23 -28
file changed
inventory/group_vars/buildvm_aarch64
+27 -32
file changed
inventory/group_vars/buildvm_aarch64_stg
+26 -31
file changed
inventory/group_vars/buildvm_armv7
+27 -32
file changed
inventory/group_vars/buildvm_armv7_stg
+28 -36
file changed
inventory/group_vars/buildvm_ppc64le
+26 -32
file changed
inventory/group_vars/buildvm_ppc64le_stg
+20 -23
file changed
inventory/group_vars/buildvm_s390x
+9 -11
file changed
inventory/group_vars/buildvm_s390x_stg
+25 -28
file changed
inventory/group_vars/buildvm_stg
+10 -12
file changed
inventory/group_vars/buildvmhost
+21 -26
file changed
inventory/group_vars/busgateway
+19 -24
file changed
inventory/group_vars/busgateway_stg
+3 -3
file changed
inventory/group_vars/bvirthost
+4 -8
file changed
inventory/group_vars/certgetter
+3 -6
file changed
inventory/group_vars/certgetter_stg
+5 -6
file changed
inventory/group_vars/checkcompose
+6 -8
file changed
inventory/group_vars/checkcompose_common
+3 -4
file changed
inventory/group_vars/checkcompose_stg
+2 -2
file changed
inventory/group_vars/cloud
+5 -6
file changed
inventory/group_vars/cloud_aws
+2 -5
file changed
inventory/group_vars/cloud_hardware
+14 -22
file changed
inventory/group_vars/copr
+1 -0
file changed
inventory/group_vars/copr_all_instances_aws
+49 -69
file changed
inventory/group_vars/copr_aws
+19 -27
file changed
inventory/group_vars/copr_back
+34 -41
file changed
inventory/group_vars/copr_back_aws
+20 -28
file changed
inventory/group_vars/copr_back_dev
+33 -40
file changed
inventory/group_vars/copr_back_dev_aws
+12 -19
file changed
inventory/group_vars/copr_back_stg
+2 -3
file changed
inventory/group_vars/copr_db_all
+13 -21
file changed
inventory/group_vars/copr_dev
+48 -69
file changed
inventory/group_vars/copr_dev_aws
+4 -5
file changed
inventory/group_vars/copr_dist_git
+7 -5
file changed
inventory/group_vars/copr_dist_git_aws
+5 -6
file changed
inventory/group_vars/copr_dist_git_dev
+8 -6
file changed
inventory/group_vars/copr_dist_git_dev_aws
+2 -3
file changed
inventory/group_vars/copr_dist_git_stg
+16 -20
file changed
inventory/group_vars/copr_front_aws
+20 -25
file changed
inventory/group_vars/copr_front_dev_aws
+19 -26
file changed
inventory/group_vars/copr_hypervisor
+2 -8
file changed
inventory/group_vars/copr_keygen
+5 -9
file changed
inventory/group_vars/copr_keygen_aws
+2 -8
file changed
inventory/group_vars/copr_keygen_dev
+5 -9
file changed
inventory/group_vars/copr_keygen_dev_aws
+3 -10
file changed
inventory/group_vars/copr_keygen_stg
+5 -9
file changed
inventory/group_vars/copr_stg
+15 -23
file changed
inventory/group_vars/datagrepper
+13 -17
file changed
inventory/group_vars/datagrepper_stg
+6 -6
file changed
inventory/group_vars/dbserver
+6 -6
file changed
inventory/group_vars/dbserver_stg
+17 -22
file changed
inventory/group_vars/debuginfod
+17 -22
file changed
inventory/group_vars/debuginfod_stg
+9 -11
file changed
inventory/group_vars/dell_fx_build
+16 -23
file changed
inventory/group_vars/dns
+91 -93
file changed
inventory/group_vars/download
+5 -8
file changed
inventory/group_vars/download_iad2
+3 -4
file changed
inventory/group_vars/download_ib
+6 -7
file changed
inventory/group_vars/download_rdu2
+27 -35
file changed
inventory/group_vars/fedimg
+28 -37
file changed
inventory/group_vars/fedimg_stg
+7 -9
file changed
inventory/group_vars/fedora_nightlies
+58 -64
file changed
inventory/group_vars/github2fedmsg
+57 -63
file changed
inventory/group_vars/github2fedmsg_stg
+5 -5
file changed
inventory/group_vars/gnome_backups
+4 -5
file changed
inventory/group_vars/greenwave
+5 -7
file changed
inventory/group_vars/greenwave_stg
+15 -23
file changed
inventory/group_vars/ipa
+11 -15
file changed
inventory/group_vars/ipa_stg
+5 -9
file changed
inventory/group_vars/ipsilon
+5 -9
file changed
inventory/group_vars/ipsilon_stg
+6 -8
file changed
inventory/group_vars/kernel_qa
+22 -27
file changed
inventory/group_vars/kerneltest
+39 -48
file changed
inventory/group_vars/koji
+47 -58
file changed
inventory/group_vars/koji_stg
+29 -37
file changed
inventory/group_vars/kojipkgs
+10 -10
file changed
inventory/group_vars/logging
+45 -55
file changed
inventory/group_vars/mailman
+40 -48
file changed
inventory/group_vars/mailman_stg
+10 -11
file changed
inventory/group_vars/maintainer_test
+9 -9
file changed
inventory/group_vars/mbs
+27 -35
file changed
inventory/group_vars/mbs_backend
+26 -33
file changed
inventory/group_vars/mbs_backend_stg
+28 -34
file changed
inventory/group_vars/mbs_frontend
+28 -34
file changed
inventory/group_vars/mbs_frontend_stg
+8 -8
file changed
inventory/group_vars/mbs_stg
+11 -15
file changed
inventory/group_vars/memcached
+10 -13
file changed
inventory/group_vars/memcached_stg
+10 -11
file changed
inventory/group_vars/mm
+15 -17
file changed
inventory/group_vars/mm_backend
+13 -15
file changed
inventory/group_vars/mm_backend_stg
+15 -18
file changed
inventory/group_vars/mm_crawler
+14 -16
file changed
inventory/group_vars/mm_crawler_stg
+20 -25
file changed
inventory/group_vars/mm_frontend
+19 -24
file changed
inventory/group_vars/mm_frontend_stg
+9 -10
file changed
inventory/group_vars/mm_stg
+62 -75
file changed
inventory/group_vars/nagios
+7 -7
file changed
inventory/group_vars/notifs
+26 -30
file changed
inventory/group_vars/notifs_backend
+24 -27
file changed
inventory/group_vars/notifs_backend_stg
+8 -8
file changed
inventory/group_vars/notifs_stg
+17 -22
file changed
inventory/group_vars/notifs_web
+17 -22
file changed
inventory/group_vars/notifs_web_stg
+7 -7
file changed
inventory/group_vars/nuancier
+6 -6
file changed
inventory/group_vars/nuancier_stg
+6 -9
file changed
inventory/group_vars/oci_registry
+5 -8
file changed
inventory/group_vars/oci_registry_stg
+5 -5
file changed
inventory/group_vars/ocp
+5 -5
file changed
inventory/group_vars/ocp_stg
+55 -60
file changed
inventory/group_vars/odcs
+37 -51
file changed
inventory/group_vars/odcs_backend
+1 -2
file changed
inventory/group_vars/odcs_backend_releng
+33 -49
file changed
inventory/group_vars/odcs_backend_stg
+30 -44
file changed
inventory/group_vars/odcs_frontend
+25 -38
file changed
inventory/group_vars/odcs_frontend_stg
+44 -49
file changed
inventory/group_vars/odcs_stg
+14 -22
file changed
inventory/group_vars/openqa
+28 -32
file changed
inventory/group_vars/openqa_lab
+18 -25
file changed
inventory/group_vars/openqa_lab_workers
+38 -52
file changed
inventory/group_vars/openqa_servers_common
+6 -13
file changed
inventory/group_vars/openqa_tap_workers
+14 -18
file changed
inventory/group_vars/openqa_workers
+3 -3
file changed
inventory/group_vars/openstack_compute
+7 -8
file changed
inventory/group_vars/os
+1 -3
file changed
inventory/group_vars/os_control
+1 -3
file changed
inventory/group_vars/os_control_stg
+13 -16
file changed
inventory/group_vars/os_masters
+8 -11
file changed
inventory/group_vars/os_masters_stg
+5 -6
file changed
inventory/group_vars/os_nodes
+4 -6
file changed
inventory/group_vars/os_nodes_stg
+11 -17
file changed
inventory/group_vars/os_proxies
+7 -8
file changed
inventory/group_vars/os_stg
+26 -37
file changed
inventory/group_vars/osbs
+30 -46
file changed
inventory/group_vars/osbs_aarch64_masters
+30 -46
file changed
inventory/group_vars/osbs_aarch64_masters_stg
+9 -12
file changed
inventory/group_vars/osbs_aarch64_node
+9 -12
file changed
inventory/group_vars/osbs_aarch64_nodes
+9 -12
file changed
inventory/group_vars/osbs_aarch64_nodes_stg
+8 -10
file changed
inventory/group_vars/osbs_control
+6 -7
file changed
inventory/group_vars/osbs_control_stg
+112 -154
file changed
inventory/group_vars/osbs_masters
+112 -154
file changed
inventory/group_vars/osbs_masters_stg
+11 -17
file changed
inventory/group_vars/osbs_nodes
+6 -9
file changed
inventory/group_vars/osbs_nodes_stg
+24 -36
file changed
inventory/group_vars/osbs_stg
+28 -35
file changed
inventory/group_vars/packages
+23 -29
file changed
inventory/group_vars/packages_stg
+75 -86
file changed
inventory/group_vars/pagure
+76 -86
file changed
inventory/group_vars/pagure_stg
+32 -40
file changed
inventory/group_vars/pdc_web
+29 -36
file changed
inventory/group_vars/pdc_web_stg
+32 -43
file changed
inventory/group_vars/people
+1 -1
file changed
inventory/group_vars/persistent_cloud
+88 -95
file changed
inventory/group_vars/pkgs
+87 -94
file changed
inventory/group_vars/pkgs_stg
+87 -146
file changed
inventory/group_vars/proxies
+84 -127
file changed
inventory/group_vars/proxies_stg
+18 -36
file changed
inventory/group_vars/rabbitmq
+24 -46
file changed
inventory/group_vars/rabbitmq_stg
+48 -57
file changed
inventory/group_vars/releng_compose
+6 -9
file changed
inventory/group_vars/releng_compose_stg
+1 -1
file changed
inventory/group_vars/relvalconsumer
+10 -12
file changed
inventory/group_vars/relvalconsumer_common
+3 -4
file changed
inventory/group_vars/relvalconsumer_test
+9 -21
file changed
inventory/group_vars/repospanner_temp
+27 -39
file changed
inventory/group_vars/resultsdb_dev
+45 -61
file changed
inventory/group_vars/resultsdb_prod
+44 -59
file changed
inventory/group_vars/resultsdb_stg
+40 -49
file changed
inventory/group_vars/retrace
+4 -8
file changed
inventory/group_vars/retrace_stg_aws
+21 -24
file changed
inventory/group_vars/secondary
+7 -10
file changed
inventory/group_vars/sign_bridge
+3 -3
file changed
inventory/group_vars/sign_vault
+18 -23
file changed
inventory/group_vars/smtp_mm
+28 -33
file changed
inventory/group_vars/staging
+20 -27
file changed
inventory/group_vars/sundries
+19 -26
file changed
inventory/group_vars/sundries_stg
+1 -3
file changed
inventory/group_vars/tang
+30 -33
file changed
inventory/group_vars/torrent
+10 -18
file changed
inventory/group_vars/unbound
+59 -70
file changed
inventory/group_vars/value
+58 -71
file changed
inventory/group_vars/value_stg
+11 -16
file changed
inventory/group_vars/virthost
+1 -2
file changed
inventory/group_vars/virthost_comm
+1 -1
file changed
inventory/group_vars/virthost_communishift
+4 -5
file changed
inventory/group_vars/waiverdb
+5 -7
file changed
inventory/group_vars/waiverdb_stg
+36 -45
file changed
inventory/group_vars/wiki
+26 -32
file changed
inventory/group_vars/wiki_stg
+19 -25
file changed
inventory/group_vars/zabbix_stg
+14 -25
file changed
inventory/host_vars/aarch64-test02.fedorainfracloud.org
+15 -20
file changed
inventory/host_vars/armv7-test01.fedorainfracloud.org
+15 -21
file changed
inventory/host_vars/armv7-test02.fedorainfracloud.org
+19 -26
file changed
inventory/host_vars/autosign01.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/autosign01.stg.iad2.fedoraproject.org
+24 -34
file changed
inventory/host_vars/backup01.iad2.fedoraproject.org
+8 -9
file changed
inventory/host_vars/badges-backend01.iad2.fedoraproject.org
+6 -7
file changed
inventory/host_vars/badges-backend01.stg.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/badges-web01.iad2.fedoraproject.org
+4 -4
file changed
inventory/host_vars/badges-web01.stg.iad2.fedoraproject.org
+8 -13
file changed
inventory/host_vars/bastion01.iad2.fedoraproject.org
+8 -13
file changed
inventory/host_vars/bastion02.iad2.fedoraproject.org
+13 -20
file changed
inventory/host_vars/bastion13.fedoraproject.org
+9 -13
file changed
inventory/host_vars/batcave01.iad2.fedoraproject.org
+19 -29
file changed
inventory/host_vars/batcave13.rdu2.fedoraproject.org
+20 -28
file changed
inventory/host_vars/bkernel01.iad2.fedoraproject.org
+20 -28
file changed
inventory/host_vars/bkernel02.iad2.fedoraproject.org
+8 -12
file changed
inventory/host_vars/blockerbugs01.iad2.fedoraproject.org
+7 -10
file changed
inventory/host_vars/blockerbugs01.stg.iad2.fedoraproject.org
+80 -87
file changed
inventory/host_vars/bodhi-backend01.iad2.fedoraproject.org
+22 -23
file changed
inventory/host_vars/bodhi-backend01.stg.iad2.fedoraproject.org
+32 -44
file changed
inventory/host_vars/bootstrap.ocp.iad2.fedoraproject.org
+32 -44
file changed
inventory/host_vars/bootstrap.ocp.stg.iad2.fedoraproject.org
+25 -27
file changed
inventory/host_vars/buildhw-a64-01.iad2.fedoraproject.org
+26 -33
file changed
inventory/host_vars/buildhw-a64-02.iad2.fedoraproject.org
+30 -37
file changed
inventory/host_vars/buildhw-a64-03.iad2.fedoraproject.org
+30 -37
file changed
inventory/host_vars/buildhw-a64-04.iad2.fedoraproject.org
+30 -38
file changed
inventory/host_vars/buildhw-a64-05.iad2.fedoraproject.org
+30 -37
file changed
inventory/host_vars/buildhw-a64-06.iad2.fedoraproject.org
+2 -2
file changed
inventory/host_vars/buildhw-a64-07.iad2.fedoraproject.org
+19 -26
file changed
inventory/host_vars/buildhw-a64-08.iad2.fedoraproject.org
+2 -2
file changed
inventory/host_vars/buildhw-a64-09.iad2.fedoraproject.org
+2 -2
file changed
inventory/host_vars/buildhw-a64-10.iad2.fedoraproject.org
+30 -37
file changed
inventory/host_vars/buildhw-a64-11.iad2.fedoraproject.org
+30 -37
file changed
inventory/host_vars/buildhw-a64-19.iad2.fedoraproject.org
+30 -37
file changed
inventory/host_vars/buildhw-a64-20.iad2.fedoraproject.org
+30 -34
file changed
inventory/host_vars/buildhw-a64-21.iad2.fedoraproject.org
+29 -34
file changed
inventory/host_vars/buildhw-a64-22.iad2.fedoraproject.org
+29 -34
file changed
inventory/host_vars/buildhw-a64-23.iad2.fedoraproject.org
+30 -34
file changed
inventory/host_vars/buildhw-a64-24.iad2.fedoraproject.org
+18 -23
file changed
inventory/host_vars/buildhw-x86-01.iad2.fedoraproject.org
+24 -29
file changed
inventory/host_vars/buildhw-x86-02.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/buildhw-x86-03.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/buildhw-x86-04.iad2.fedoraproject.org
+23 -28
file changed
inventory/host_vars/buildhw-x86-05.iad2.fedoraproject.org
+22 -28
file changed
inventory/host_vars/buildhw-x86-06.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/buildhw-x86-07.iad2.fedoraproject.org
+22 -28
file changed
inventory/host_vars/buildhw-x86-08.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/buildhw-x86-09.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/buildhw-x86-10.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/buildhw-x86-11.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/buildhw-x86-12.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/buildhw-x86-13.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/buildhw-x86-14.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/buildhw-x86-15.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/buildhw-x86-16.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-01.iad2.fedoraproject.org
+1 -3
file changed
inventory/host_vars/buildvm-a32-01.stg.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-02.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-02.stg.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-03.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-a32-03.stg.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-04.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-05.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-06.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-07.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-08.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-09.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-10.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-11.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-12.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-13.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-14.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-15.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-16.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-17.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-18.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-19.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-20.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-21.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-22.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-23.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-24.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-25.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-26.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-27.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-a32-28.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-a32-29.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-a32-30.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-31.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-32.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a32-33.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-01.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-01.stg.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-02.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-02.stg.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-03.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-a64-03.stg.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-04.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-05.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-06.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-07.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-08.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-09.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-10.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-11.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-12.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-13.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-14.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-15.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-16.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-17.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-18.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-19.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-20.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-21.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-22.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-23.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-24.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-25.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-26.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-27.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-a64-28.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-a64-29.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-a64-30.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-31.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-32.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-a64-33.iad2.fedoraproject.org
+6 -7
file changed
inventory/host_vars/buildvm-aarch64-01.stg.arm.fedoraproject.org
+6 -7
file changed
inventory/host_vars/buildvm-armv7-01.stg.arm.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-01.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-01.stg.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-02.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-02.stg.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-03.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-03.stg.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-04.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-04.stg.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-05.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-05.stg.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-06.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-07.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-08.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-09.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-10.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-11.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-12.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-13.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-14.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-15.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-16.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-17.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-18.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-19.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-20.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-21.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-22.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-23.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-24.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-25.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-26.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-27.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-28.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-29.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-30.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-31.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-32.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-33.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-34.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-35.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-36.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-37.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-38.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-39.iad2.fedoraproject.org
+1 -2
file changed
inventory/host_vars/buildvm-ppc64le-40.iad2.fedoraproject.org
+8 -8
file changed
inventory/host_vars/buildvm-s390x-01.stg.s390.fedoraproject.org
+23 -27
file changed
inventory/host_vars/buildvm-s390x-07.s390.fedoraproject.org
+18 -26
file changed
inventory/host_vars/buildvm-s390x-15.s390.fedoraproject.org
+18 -26
file changed
inventory/host_vars/buildvm-s390x-16.s390.fedoraproject.org
+18 -26
file changed
inventory/host_vars/buildvm-s390x-17.s390.fedoraproject.org
+18 -26
file changed
inventory/host_vars/buildvm-s390x-18.s390.fedoraproject.org
+18 -25
file changed
inventory/host_vars/buildvm-s390x-19.s390.fedoraproject.org
+18 -26
file changed
inventory/host_vars/buildvm-s390x-20.s390.fedoraproject.org
+18 -26
file changed
inventory/host_vars/buildvm-s390x-21.s390.fedoraproject.org
+18 -26
file changed
inventory/host_vars/buildvm-s390x-22.s390.fedoraproject.org
+18 -26
file changed
inventory/host_vars/buildvm-s390x-23.s390.fedoraproject.org
+19 -27
file changed
inventory/host_vars/buildvm-s390x-24.s390.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-01.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-02.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-03.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-04.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-05.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-06.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-07.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-08.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-09.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-10.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-11.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-12.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-13.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-14.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-15.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-16.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-17.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-18.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-19.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-20.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-21.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-22.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-23.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-24.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-25.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-26.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-27.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-28.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-29.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-30.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-31.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/buildvm-x86-32.iad2.fedoraproject.org
+6 -10
file changed
inventory/host_vars/busgateway01.iad2.fedoraproject.org
+6 -10
file changed
inventory/host_vars/busgateway01.stg.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-a64-01.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-a64-02.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-a64-03.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-a64-04.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-a64-05.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-a64-06.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-a64-07.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-a64-08.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-a64-09.iad2.fedoraproject.org
+18 -27
file changed
inventory/host_vars/bvmhost-a64-10.iad2.fedoraproject.org
+3 -5
file changed
inventory/host_vars/bvmhost-p08-03.iad2.fedoraproject.org
+3 -5
file changed
inventory/host_vars/bvmhost-p08-04.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-p09-01.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-p09-02.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-p09-03.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-p09-04.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-x86-01.iad2.fedoraproject.org
+19 -27
file changed
inventory/host_vars/bvmhost-x86-01.stg.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-x86-02.iad2.fedoraproject.org
+19 -27
file changed
inventory/host_vars/bvmhost-x86-02.stg.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-x86-03.iad2.fedoraproject.org
+19 -27
file changed
inventory/host_vars/bvmhost-x86-03.stg.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-x86-04.iad2.fedoraproject.org
+23 -30
file changed
inventory/host_vars/bvmhost-x86-04.stg.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-x86-05.iad2.fedoraproject.org
+23 -30
file changed
inventory/host_vars/bvmhost-x86-05.stg.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-x86-06.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-x86-07.iad2.fedoraproject.org
+18 -26
file changed
inventory/host_vars/bvmhost-x86-08.iad2.fedoraproject.org
+8 -13
file changed
inventory/host_vars/centos-ipa-client01.stg.iad2.fedoraproject.org
+8 -13
file changed
inventory/host_vars/centos-ipa-client02.stg.iad2.fedoraproject.org
+7 -9
file changed
inventory/host_vars/certgetter01.iad2.fedoraproject.org
+7 -9
file changed
inventory/host_vars/certgetter01.stg.iad2.fedoraproject.org
+35 -68
file changed
inventory/host_vars/cloud-noc-os01.rdu-cc.fedoraproject.org
+13 -31
file changed
inventory/host_vars/cloud-noc01.fedorainfracloud.org
+41 -47
file changed
inventory/host_vars/compose-branched01.iad2.fedoraproject.org
+26 -34
file changed
inventory/host_vars/compose-iot01.iad2.fedoraproject.org
+42 -48
file changed
inventory/host_vars/compose-rawhide01.iad2.fedoraproject.org
+52 -61
file changed
inventory/host_vars/compose-x86-01.iad2.fedoraproject.org
+17 -22
file changed
inventory/host_vars/compose-x86-01.stg.iad2.fedoraproject.org
+5 -5
file changed
inventory/host_vars/copr-be-dev-temp.aws.fedoraproject.org
+8 -10
file changed
inventory/host_vars/copr-be-dev.aws.fedoraproject.org
+28 -31
file changed
inventory/host_vars/copr-be-dev.cloud.fedoraproject.org
+21 -24
file changed
inventory/host_vars/copr-be-stg.fedorainfracloud.org
+8 -10
file changed
inventory/host_vars/copr-be.aws.fedoraproject.org
+30 -33
file changed
inventory/host_vars/copr-be.cloud.fedoraproject.org
+27 -36
file changed
inventory/host_vars/copr-db-stg.aws.fedoraproject.org
+18 -23
file changed
inventory/host_vars/copr-dist-git-dev.aws.fedoraproject.org
+21 -23
file changed
inventory/host_vars/copr-dist-git-dev.fedorainfracloud.org
+20 -22
file changed
inventory/host_vars/copr-dist-git-stg.fedorainfracloud.org
+16 -20
file changed
inventory/host_vars/copr-dist-git.aws.fedoraproject.org
+21 -23
file changed
inventory/host_vars/copr-dist-git.fedorainfracloud.org
+16 -21
file changed
inventory/host_vars/copr-fe-dev.aws.fedoraproject.org
+20 -23
file changed
inventory/host_vars/copr-fe-dev.cloud.fedoraproject.org
+20 -29
file changed
inventory/host_vars/copr-fe.aws.fedoraproject.org
+25 -31
file changed
inventory/host_vars/copr-fe.cloud.fedoraproject.org
+15 -17
file changed
inventory/host_vars/copr-keygen-dev.aws.fedoraproject.org
+19 -23
file changed
inventory/host_vars/copr-keygen-dev.cloud.fedoraproject.org
+19 -22
file changed
inventory/host_vars/copr-keygen-stg.fedorainfracloud.org
+14 -16
file changed
inventory/host_vars/copr-keygen.aws.fedoraproject.org
+21 -28
file changed
inventory/host_vars/copr-keygen.cloud.fedoraproject.org
+7 -10
file changed
inventory/host_vars/datagrepper01.iad2.fedoraproject.org
+7 -10
file changed
inventory/host_vars/datagrepper01.stg.iad2.fedoraproject.org
+7 -10
file changed
inventory/host_vars/datagrepper02.iad2.fedoraproject.org
+21 -28
file changed
inventory/host_vars/db-datanommer01.iad2.fedoraproject.org
+20 -26
file changed
inventory/host_vars/db-datanommer01.stg.iad2.fedoraproject.org
+24 -31
file changed
inventory/host_vars/db-datanommer02.iad2.fedoraproject.org
+26 -38
file changed
inventory/host_vars/db-fas01.iad2.fedoraproject.org
+29 -36
file changed
inventory/host_vars/db-fas01.stg.iad2.fedoraproject.org
+27 -41
file changed
inventory/host_vars/db-koji01.iad2.fedoraproject.org
+20 -28
file changed
inventory/host_vars/db-koji01.stg.iad2.fedoraproject.org
+23 -28
file changed
inventory/host_vars/db-openqa01.iad2.fedoraproject.org
+20 -27
file changed
inventory/host_vars/db-qa02.iad2.fedoraproject.org
+19 -24
file changed
inventory/host_vars/db-qa03.iad2.fedoraproject.org
+63 -71
file changed
inventory/host_vars/db01.iad2.fedoraproject.org
+26 -30
file changed
inventory/host_vars/db01.stg.iad2.fedoraproject.org
+18 -24
file changed
inventory/host_vars/db03.iad2.fedoraproject.org
+17 -23
file changed
inventory/host_vars/db03.stg.iad2.fedoraproject.org
+8 -8
file changed
inventory/host_vars/debuginfod01.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/debuginfod01.stg.iad2.fedoraproject.org
+27 -37
file changed
inventory/host_vars/dedicatedsolutions01.fedoraproject.org
+13 -20
file changed
inventory/host_vars/dl01.iad2.fedoraproject.org
+13 -20
file changed
inventory/host_vars/dl02.iad2.fedoraproject.org
+13 -20
file changed
inventory/host_vars/dl03.iad2.fedoraproject.org
+13 -20
file changed
inventory/host_vars/dl04.iad2.fedoraproject.org
+13 -20
file changed
inventory/host_vars/dl05.iad2.fedoraproject.org
+18 -28
file changed
inventory/host_vars/download-cc-rdu01.fedoraproject.org
+36 -47
file changed
inventory/host_vars/download-ib01.fedoraproject.org
+43 -54
file changed
inventory/host_vars/download-rdu01.fedoraproject.org
+10 -12
file changed
inventory/host_vars/el7-test.fedorainfracloud.org
+11 -13
file changed
inventory/host_vars/el8-test.fedorainfracloud.org
+1 -1
file renamed
inventory/host_vars/f32-test.fedorainfracloud.org
inventory/host_vars/f34-test.fedorainfracloud.org
+5 -7
file changed
inventory/host_vars/fedimg01.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/fedocal01.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/fedocal02.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/github2fedmsg01.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/github2fedmsg01.stg.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/host1plus01.fedoraproject.org
+35 -42
file changed
inventory/host_vars/ibiblio01.fedoraproject.org
+35 -42
file changed
inventory/host_vars/ibiblio05.fedoraproject.org
+6 -7
file changed
inventory/host_vars/iddev.fedorainfracloud.org
+35 -42
file changed
inventory/host_vars/internetx01.fedoraproject.org
+6 -7
file changed
inventory/host_vars/ipa01.iad2.fedoraproject.org
+7 -7
file changed
inventory/host_vars/ipa01.stg.iad2.fedoraproject.org
+6 -7
file changed
inventory/host_vars/ipa02.iad2.fedoraproject.org
+7 -7
file changed
inventory/host_vars/ipa02.stg.iad2.fedoraproject.org
+6 -7
file changed
inventory/host_vars/ipa03.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/ipsilon01.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/ipsilon01.stg.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/ipsilon02.iad2.fedoraproject.org
+4 -5
file changed
inventory/host_vars/kernel01.iad2.fedoraproject.org
+7 -9
file changed
inventory/host_vars/kerneltest01.iad2.fedoraproject.org
+11 -15
file changed
inventory/host_vars/koji01.iad2.fedoraproject.org
+11 -15
file changed
inventory/host_vars/koji01.stg.iad2.fedoraproject.org
+11 -14
file changed
inventory/host_vars/koji02.iad2.fedoraproject.org
+7 -13
file changed
inventory/host_vars/kojipkgs01.iad2.fedoraproject.org
+7 -13
file changed
inventory/host_vars/kojipkgs02.iad2.fedoraproject.org
+12 -18
file changed
inventory/host_vars/log01.iad2.fedoraproject.org
+8 -9
file changed
inventory/host_vars/mailman01.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/mailman01.stg.iad2.fedoraproject.org
+6 -9
file changed
inventory/host_vars/mbs-backend01.iad2.fedoraproject.org
+6 -7
file changed
inventory/host_vars/mbs-backend01.stg.iad2.fedoraproject.org
+6 -9
file changed
inventory/host_vars/mbs-frontend01.iad2.fedoraproject.org
+6 -7
file changed
inventory/host_vars/mbs-frontend01.stg.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/memcached01.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/memcached01.stg.iad2.fedoraproject.org
+10 -11
file changed
inventory/host_vars/mm-backend01.iad2.fedoraproject.org
+10 -11
file changed
inventory/host_vars/mm-backend01.stg.iad2.fedoraproject.org
+8 -8
file changed
inventory/host_vars/mm-crawler01.iad2.fedoraproject.org
+9 -9
file changed
inventory/host_vars/mm-crawler01.stg.iad2.fedoraproject.org
+8 -8
file changed
inventory/host_vars/mm-crawler02.iad2.fedoraproject.org
+17 -20
file changed
inventory/host_vars/mm-frontend-checkin01.iad2.fedoraproject.org
+9 -10
file changed
inventory/host_vars/mm-frontend01.iad2.fedoraproject.org
+9 -10
file changed
inventory/host_vars/mm-frontend01.stg.iad2.fedoraproject.org
+10 -18
file changed
inventory/host_vars/noc01.iad2.fedoraproject.org
+41 -48
file changed
inventory/host_vars/noc02.fedoraproject.org
+5 -9
file changed
inventory/host_vars/notifs-backend01.iad2.fedoraproject.org
+5 -9
file changed
inventory/host_vars/notifs-backend02.iad2.fedoraproject.org
+11 -13
file changed
inventory/host_vars/notifs-web01.iad2.fedoraproject.org
+11 -13
file changed
inventory/host_vars/notifs-web02.iad2.fedoraproject.org
+5 -10
file changed
inventory/host_vars/ns01.iad2.fedoraproject.org
+40 -50
file changed
inventory/host_vars/ns02.fedoraproject.org
+5 -10
file changed
inventory/host_vars/ns02.iad2.fedoraproject.org
+22 -29
file changed
inventory/host_vars/ns05.fedoraproject.org
+16 -25
file changed
inventory/host_vars/ns13.rdu2.fedoraproject.org
+7 -11
file changed
inventory/host_vars/nuancier01.iad2.fedoraproject.org
+7 -11
file changed
inventory/host_vars/nuancier02.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/oci-candidate-registry01.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/oci-candidate-registry01.stg.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/oci-registry01.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/oci-registry01.stg.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/oci-registry02.iad2.fedoraproject.org
+32 -44
file changed
inventory/host_vars/ocp01.ocp.iad2.fedoraproject.org
+32 -44
file changed
inventory/host_vars/ocp01.ocp.stg.iad2.fedoraproject.org
+32 -44
file changed
inventory/host_vars/ocp02.ocp.iad2.fedoraproject.org
+32 -44
file changed
inventory/host_vars/ocp02.ocp.stg.iad2.fedoraproject.org
+32 -44
file changed
inventory/host_vars/ocp03.ocp.iad2.fedoraproject.org
+32 -44
file changed
inventory/host_vars/ocp03.ocp.stg.iad2.fedoraproject.org
+7 -12
file changed
inventory/host_vars/odcs-backend-releng01.iad2.fedoraproject.org
+7 -12
file changed
inventory/host_vars/odcs-backend01.iad2.fedoraproject.org
+6 -10
file changed
inventory/host_vars/odcs-backend01.stg.iad2.fedoraproject.org
+7 -12
file changed
inventory/host_vars/odcs-frontend01.iad2.fedoraproject.org
+6 -10
file changed
inventory/host_vars/odcs-frontend01.stg.iad2.fedoraproject.org
+41 -55
file changed
inventory/host_vars/openqa-a64-worker01.iad2.fedoraproject.org
+41 -55
file changed
inventory/host_vars/openqa-a64-worker02.iad2.fedoraproject.org
+39 -53
file changed
inventory/host_vars/openqa-a64-worker03.iad2.fedoraproject.org
+10 -17
file changed
inventory/host_vars/openqa-lab01.iad2.fedoraproject.org
+41 -55
file changed
inventory/host_vars/openqa-p09-worker01.iad2.fedoraproject.org
+39 -53
file changed
inventory/host_vars/openqa-p09-worker02.iad2.fedoraproject.org
+47 -62
file changed
inventory/host_vars/openqa-x86-worker01.iad2.fedoraproject.org
+45 -60
file changed
inventory/host_vars/openqa-x86-worker02.iad2.fedoraproject.org
+49 -64
file changed
inventory/host_vars/openqa-x86-worker04.iad2.fedoraproject.org
+8 -15
file changed
inventory/host_vars/openqa01.iad2.fedoraproject.org
+12 -18
file changed
inventory/host_vars/os-control01.iad2.fedoraproject.org
+8 -11
file changed
inventory/host_vars/os-control01.stg.iad2.fedoraproject.org
+12 -18
file changed
inventory/host_vars/os-master01.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/os-master01.stg.iad2.fedoraproject.org
+12 -18
file changed
inventory/host_vars/os-master02.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/os-master02.stg.iad2.fedoraproject.org
+12 -18
file changed
inventory/host_vars/os-master03.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/os-master03.stg.iad2.fedoraproject.org
+12 -19
file changed
inventory/host_vars/os-node01.iad2.fedoraproject.org
+11 -14
file changed
inventory/host_vars/os-node01.stg.iad2.fedoraproject.org
+12 -19
file changed
inventory/host_vars/os-node02.iad2.fedoraproject.org
+11 -14
file changed
inventory/host_vars/os-node02.stg.iad2.fedoraproject.org
+12 -19
file changed
inventory/host_vars/os-node03.iad2.fedoraproject.org
+11 -14
file changed
inventory/host_vars/os-node03.stg.iad2.fedoraproject.org
+12 -19
file changed
inventory/host_vars/os-node04.iad2.fedoraproject.org
+11 -14
file changed
inventory/host_vars/os-node04.stg.iad2.fedoraproject.org
+12 -19
file changed
inventory/host_vars/os-node05.iad2.fedoraproject.org
+11 -14
file changed
inventory/host_vars/os-node05.stg.iad2.fedoraproject.org
+16 -23
file changed
inventory/host_vars/os-proxy01.fedorainfracloud.org
+16 -23
file changed
inventory/host_vars/os-proxy02.fedorainfracloud.org
+10 -13
file changed
inventory/host_vars/osbs-aarch64-master01.iad2.fedoraproject.org
+10 -13
file changed
inventory/host_vars/osbs-aarch64-master01.stg.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/osbs-aarch64-node01.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/osbs-aarch64-node01.stg.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/osbs-aarch64-node02.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/osbs-aarch64-node02.stg.iad2.fedoraproject.org
+9 -13
file changed
inventory/host_vars/osbs-control01.iad2.fedoraproject.org
+7 -10
file changed
inventory/host_vars/osbs-control01.stg.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/osbs-master01.iad2.fedoraproject.org
+10 -15
file changed
inventory/host_vars/osbs-master01.stg.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/osbs-node01.iad2.fedoraproject.org
+10 -15
file changed
inventory/host_vars/osbs-node01.stg.iad2.fedoraproject.org
+10 -12
file changed
inventory/host_vars/osbs-node02.iad2.fedoraproject.org
+10 -15
file changed
inventory/host_vars/osbs-node02.stg.iad2.fedoraproject.org
+21 -28
file changed
inventory/host_vars/osuosl01.fedoraproject.org
+27 -34
file changed
inventory/host_vars/osuosl02.fedoraproject.org
+4 -4
file changed
inventory/host_vars/osuosl03.fedoraproject.org
+13 -22
file changed
inventory/host_vars/pagure-stg01.fedoraproject.org
+21 -31
file changed
inventory/host_vars/pagure02.fedoraproject.org
+9 -13
file changed
inventory/host_vars/pdc-backend01.iad2.fedoraproject.org
+11 -15
file changed
inventory/host_vars/pdc-backend02.iad2.fedoraproject.org
+11 -15
file changed
inventory/host_vars/pdc-backend03.iad2.fedoraproject.org
+7 -10
file changed
inventory/host_vars/pdc-web01.iad2.fedoraproject.org
+6 -9
file changed
inventory/host_vars/pdc-web01.stg.iad2.fedoraproject.org
+7 -10
file changed
inventory/host_vars/pdc-web02.iad2.fedoraproject.org
+41 -53
file changed
inventory/host_vars/people02.fedoraproject.org
+16 -24
file changed
inventory/host_vars/pkgs01.iad2.fedoraproject.org
+10 -13
file changed
inventory/host_vars/pkgs01.stg.iad2.fedoraproject.org
+0 -1
file changed
inventory/host_vars/ppc64le-test.fedorainfracloud.org
+25 -37
file changed
inventory/host_vars/proxy01.iad2.fedoraproject.org
+8 -14
file changed
inventory/host_vars/proxy01.stg.iad2.fedoraproject.org
+31 -45
file changed
inventory/host_vars/proxy02.fedoraproject.org
+8 -15
file changed
inventory/host_vars/proxy02.stg.iad2.fedoraproject.org
+31 -45
file changed
inventory/host_vars/proxy03.fedoraproject.org
+31 -45
file changed
inventory/host_vars/proxy04.fedoraproject.org
+29 -40
file changed
inventory/host_vars/proxy05.fedoraproject.org
+31 -45
file changed
inventory/host_vars/proxy06.fedoraproject.org
+8 -10
file changed
inventory/host_vars/proxy07.fedoraproject.org
+31 -45
file changed
inventory/host_vars/proxy09.fedoraproject.org
+24 -36
file changed
inventory/host_vars/proxy10.iad2.fedoraproject.org
+23 -35
file changed
inventory/host_vars/proxy101.iad2.fedoraproject.org
+31 -45
file changed
inventory/host_vars/proxy11.fedoraproject.org
+23 -36
file changed
inventory/host_vars/proxy110.iad2.fedoraproject.org
+31 -45
file changed
inventory/host_vars/proxy12.fedoraproject.org
+13 -20
file changed
inventory/host_vars/proxy13.fedoraproject.org
+31 -45
file changed
inventory/host_vars/proxy14.fedoraproject.org
+5 -8
file changed
inventory/host_vars/proxy30.fedoraproject.org
+5 -8
file changed
inventory/host_vars/proxy31.fedoraproject.org
+5 -8
file changed
inventory/host_vars/proxy32.fedoraproject.org
+5 -9
file changed
inventory/host_vars/proxy33.fedoraproject.org
+5 -9
file changed
inventory/host_vars/proxy34.fedoraproject.org
+5 -9
file changed
inventory/host_vars/proxy35.fedoraproject.org
+5 -9
file changed
inventory/host_vars/proxy36.fedoraproject.org
+5 -9
file changed
inventory/host_vars/proxy37.fedoraproject.org
+5 -9
file changed
inventory/host_vars/proxy38.fedoraproject.org
+5 -9
file changed
inventory/host_vars/proxy39.fedoraproject.org
+5 -9
file changed
inventory/host_vars/proxy40.fedoraproject.org
+18 -25
file changed
inventory/host_vars/qvmhost-x86-01.iad2.fedoraproject.org
+25 -31
file changed
inventory/host_vars/qvmhost-x86-02.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/rabbitmq01.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/rabbitmq01.stg.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/rabbitmq02.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/rabbitmq02.stg.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/rabbitmq03.iad2.fedoraproject.org
+1 -1
file changed
inventory/host_vars/rabbitmq03.stg.iad2.fedoraproject.org
+6 -12
file changed
inventory/host_vars/resultsdb01.iad2.fedoraproject.org
+6 -12
file changed
inventory/host_vars/resultsdb01.stg.iad2.fedoraproject.org
+53 -61
file changed
inventory/host_vars/retrace-stg.aws.fedoraproject.org
+171 -186
file changed
inventory/host_vars/retrace03.rdu-cc.fedoraproject.org
+9 -14
file changed
inventory/host_vars/secondary01.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/sign-bridge01.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/sign-bridge01.stg.iad2.fedoraproject.org
+2 -4
file changed
inventory/host_vars/sign-vault01.iad2.fedoraproject.org
+6 -8
file changed
inventory/host_vars/sign-vault01.stg.iad2.fedoraproject.org
+6 -9
file changed
inventory/host_vars/smtp-mm-cc-rdu01.fedoraproject.org
+25 -30
file changed
inventory/host_vars/smtp-mm-ib01.fedoraproject.org
+8 -9
file changed
inventory/host_vars/smtp-mm-osuosl01.fedoraproject.org
+32 -43
file changed
inventory/host_vars/storinator01.rdu-cc.fedoraproject.org
+7 -11
file changed
inventory/host_vars/sundries01.iad2.fedoraproject.org
+7 -7
file changed
inventory/host_vars/sundries01.stg.iad2.fedoraproject.org
+7 -11
file changed
inventory/host_vars/sundries02.iad2.fedoraproject.org
+6 -10
file changed
inventory/host_vars/tang01.iad2.fedoraproject.org
+6 -10
file changed
inventory/host_vars/tang02.iad2.fedoraproject.org
+37 -47
file changed
inventory/host_vars/torrent02.fedoraproject.org
+6 -6
file changed
inventory/host_vars/unbound-cc-rdu01.fedoraproject.org
+27 -32
file changed
inventory/host_vars/unbound-ib01.fedoraproject.org
+7 -7
file changed
inventory/host_vars/unbound-osuosl01.fedoraproject.org
+8 -11
file changed
inventory/host_vars/value01.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/value01.stg.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/value02.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/value02.stg.iad2.fedoraproject.org
+27 -33
file changed
inventory/host_vars/virthost-cc-rdu01.fedoraproject.org
+26 -32
file changed
inventory/host_vars/virthost-cc-rdu02.fedoraproject.org
+27 -33
file changed
inventory/host_vars/virthost-cc-rdu03.fedoraproject.org
+6 -7
file changed
inventory/host_vars/virthost-cloud01.fedorainfracloud.org
+52 -60
file changed
inventory/host_vars/virthost-rdu01.fedoraproject.org
+7 -8
file changed
inventory/host_vars/virthost-rdu02.fedoraproject.org
+23 -31
file changed
inventory/host_vars/vmhost-a64-cc01.rdu-cc.fedoraproject.org
+4 -4
file changed
inventory/host_vars/vmhost-ocp01.stg.iad2.fedoraproject.org
+4 -4
file changed
inventory/host_vars/vmhost-ocp02.stg.iad2.fedoraproject.org
+4 -4
file changed
inventory/host_vars/vmhost-ocp03.stg.iad2.fedoraproject.org
+4 -4
file changed
inventory/host_vars/vmhost-ocp04.stg.iad2.fedoraproject.org
+35 -43
file changed
inventory/host_vars/vmhost-p08-copr01.rdu-cc.fedoraproject.org
+35 -43
file changed
inventory/host_vars/vmhost-p08-copr02.rdu-cc.fedoraproject.org
+18 -25
file changed
inventory/host_vars/vmhost-x86-01.iad2.fedoraproject.org
+23 -31
file changed
inventory/host_vars/vmhost-x86-01.stg.iad2.fedoraproject.org
+18 -25
file changed
inventory/host_vars/vmhost-x86-02.iad2.fedoraproject.org
+21 -28
file changed
inventory/host_vars/vmhost-x86-02.stg.iad2.fedoraproject.org
+18 -25
file changed
inventory/host_vars/vmhost-x86-03.iad2.fedoraproject.org
+21 -28
file changed
inventory/host_vars/vmhost-x86-03.stg.iad2.fedoraproject.org
+18 -25
file changed
inventory/host_vars/vmhost-x86-04.iad2.fedoraproject.org
+21 -28
file changed
inventory/host_vars/vmhost-x86-04.stg.iad2.fedoraproject.org
+18 -25
file changed
inventory/host_vars/vmhost-x86-05.iad2.fedoraproject.org
+21 -28
file changed
inventory/host_vars/vmhost-x86-05.stg.iad2.fedoraproject.org
+18 -25
file changed
inventory/host_vars/vmhost-x86-06.iad2.fedoraproject.org
+21 -28
file changed
inventory/host_vars/vmhost-x86-06.stg.iad2.fedoraproject.org
+18 -25
file changed
inventory/host_vars/vmhost-x86-07.iad2.fedoraproject.org
+21 -28
file changed
inventory/host_vars/vmhost-x86-07.stg.iad2.fedoraproject.org
+18 -25
file changed
inventory/host_vars/vmhost-x86-08.iad2.fedoraproject.org
+21 -28
file changed
inventory/host_vars/vmhost-x86-08.stg.iad2.fedoraproject.org
+18 -25
file changed
inventory/host_vars/vmhost-x86-09.iad2.fedoraproject.org
+21 -28
file changed
inventory/host_vars/vmhost-x86-09.stg.iad2.fedoraproject.org
+21 -28
file changed
inventory/host_vars/vmhost-x86-10.stg.iad2.fedoraproject.org
+23 -30
file changed
inventory/host_vars/vmhost-x86-11.stg.iad2.fedoraproject.org
+22 -27
file changed
inventory/host_vars/vmhost-x86-12.stg.iad2.fedoraproject.org
+48 -59
file changed
inventory/host_vars/vmhost-x86-cc05.rdu-cc.fedoraproject.org
+48 -59
file changed
inventory/host_vars/vmhost-x86-cc06.rdu-cc.fedoraproject.org
+26 -33
file changed
inventory/host_vars/vmhost-x86-copr01.rdu-cc.fedoraproject.org
+26 -36
file changed
inventory/host_vars/vmhost-x86-copr02.rdu-cc.fedoraproject.org
+26 -33
file changed
inventory/host_vars/vmhost-x86-copr03.rdu-cc.fedoraproject.org
+26 -33
file changed
inventory/host_vars/vmhost-x86-copr04.rdu-cc.fedoraproject.org
+6 -6
file changed
inventory/host_vars/wiki01.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/wiki01.stg.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/wiki02.iad2.fedoraproject.org
+29 -40
file changed
inventory/host_vars/worker01.ocp.iad2.fedoraproject.org
+29 -40
file changed
inventory/host_vars/worker01.ocp.stg.iad2.fedoraproject.org
+29 -40
file changed
inventory/host_vars/worker02.ocp.iad2.fedoraproject.org
+29 -40
file changed
inventory/host_vars/worker02.ocp.stg.iad2.fedoraproject.org
+29 -40
file changed
inventory/host_vars/worker03.ocp.iad2.fedoraproject.org
+29 -40
file changed
inventory/host_vars/worker03.ocp.stg.iad2.fedoraproject.org
+32 -44
file changed
inventory/host_vars/worker04.ocp.stg.iad2.fedoraproject.org
+32 -44
file changed
inventory/host_vars/worker05.ocp.stg.iad2.fedoraproject.org
+6 -6
file changed
inventory/host_vars/zabbix01.stg.iad2.fedoraproject.org
+3 -1
file changed
inventory/inventory
+8 -0
file changed
playbooks/groups/debuginfod.yml
+7 -17
file changed
playbooks/groups/openqa.yml
+4 -2
file changed
playbooks/include/proxies-redirects.yml
+20 -0
file changed
playbooks/include/proxies-reverseproxy.yml
+6 -5
file changed
playbooks/manual/ocp4-sysadmin-openshift.yml
-9
file removed
playbooks/manual/upgrade/koschei-testing.yml
-90
file removed
playbooks/manual/upgrade/koschei.yml
+1 -1
file changed
playbooks/openshift-apps/discourse2fedmsg.yml
+7 -1
file changed
playbooks/openshift-apps/fedora-coreos.yml
+1 -0
file changed
playbooks/openshift-apps/koschei.yml
+18 -1
file changed
playbooks/openshift-apps/websites.yml
+6
file added
roles/base/files/rsyslog/rsyslog-imjournal-limits.conf
+1 -0
file changed
roles/batcave/files/allows
+1 -1
file changed
roles/batcave/files/rhel8-sync
+33 -52
file changed
roles/bodhi2/backend/files/new-updates-sync
+1 -1
file changed
roles/bodhi2/backend/tasks/main.yml
+0 -3
file changed
roles/bodhi2/backend/templates/koji_sync_listener.toml
+3 -0
file changed
roles/copr/backend/handlers/main.yml
+4 -4
file changed
roles/copr/backend/tasks/copr-ping.yml
+17 -1
file changed
roles/copr/backend/tasks/main.yml
+3 -0
file changed
roles/copr/backend/tasks/monitoring.yml
+9 -13
file changed
roles/copr/backend/templates/lighttpd/lighttpd.conf
+23 -8
file changed
roles/copr/base/tasks/main.yml
-44
file removed
roles/copr/dist_git/files/patches/git-python-pr-1254.patch
+13 -5
file changed
roles/copr/dist_git/tasks/main.yml
+1 -0
file changed
roles/copr/frontend/tasks/main.yml
+5 -2
file changed
roles/copr/hypervisor/tasks/main.yml
+7 -0
file changed
roles/copr/keygen/tasks/main.yml
+2 -2
file changed
roles/distgit/pagure/templates/pagure.cfg
+3 -0
file changed
roles/fasjson/files/aliases.static
+3 -9
file changed
roles/fedora-web/build/files/syncStatic.sh
+2 -8
file changed
roles/fedora-web/build/files/syncStatic.stg.sh
+2 -0
file changed
roles/ipsilon/tasks/main.yml
+6 -0
file changed
roles/ipsilon/templates/saml2_data
+3 -1
file changed
roles/koji_hub/templates/hub.conf.j2
-28
file removed
roles/mbs/common/files/default-modules.production/platform-f33.yaml
+1 -0
file changed
roles/mbs/common/templates/config.py
+2 -2
file changed
roles/mirrormanager/backend/tasks/main.yml
+5 -1
file changed
roles/mirrormanager/backend/templates/scan-primary-mirror-centos.toml
+3 -3
file changed
roles/nagios_server/templates/nagios/configs/cgi.cfg.j2
+3 -2
file changed
roles/openqa/dispatcher/defaults/main.yml
-7
file removed
roles/openqa/dispatcher/files/schedule-fcos-builds.cron
+0 -5
file changed
roles/openqa/dispatcher/tasks/main.yml
+5 -0
file changed
roles/openqa/server/templates/openqa.ini.j2
+7 -2
file changed
roles/openqa/worker/tasks/main.yml
+6
file added
roles/openqa/worker/tasks/swtpm-teardown.yml
+2 -2
file changed
roles/openshift-apps/bodhi/templates/buildconfig.yml
+42
file added
roles/openshift-apps/bodhi/templates/dockerfile-base-hotfix
+1 -1
file changed
roles/openshift-apps/compose-tracker/templates/buildconfig.yml
+2 -2
file changed
roles/openshift-apps/compose-tracker/templates/imagestream.yml
+3 -3
file changed
roles/openshift-apps/discourse2fedmsg/templates/buildconfig.yml
+4 -4
file changed
roles/openshift-apps/discourse2fedmsg/templates/deploymentconfig.yml
+1 -1
file changed
roles/openshift-apps/fcos-pipeline/defaults/main.yaml
+20
file added
roles/openshift-apps/koschei/templates/admin-config.yml
+1 -1
file changed
roles/openshift-apps/koschei/templates/admin-deployment.yml
+16
file added
roles/openshift-apps/koschei/templates/config-admin.cfg.j2
+1 -1
file changed
roles/openshift-apps/koschei/templates/cronjob.yml
+1 -1
file changed
roles/openshift-apps/koschei/templates/job.yml
+10 -11
file changed
roles/openshift-apps/koschei/vars/production.yml
+1 -1
file changed
roles/openshift-apps/noggin/templates/noggin.cfg.py
+53
file added
roles/openshift-apps/websites/templates/cron-updatepot.yml
+13
file added
roles/openshift-apps/websites/templates/gitconfig.yml
+15
file added
roles/openshift-apps/websites/templates/sshconfig.yml
+1 -1
file changed
roles/openshift/sysadmin-openshift/tasks/upgrade.yaml
+1 -1
file changed
roles/pkgdb-proxy/files/pkgdb-gnome-software-collections.json
+1 -1
file changed
roles/postgresql_server/tasks/main.yml
+2 -2
file changed
roles/releng/files/cloud-updates
+2 -2
file changed
roles/releng/files/container-updates
+2 -2
file changed
roles/releng/templates/ftbfs.cfg.j2
+0 -50
file changed
roles/robosignatory/templates/robosignatory.toml.j2
+1 -1
file changed
roles/torrent/files/opentracker-ipv6.conf
+14 -0
file changed
roles/virthost/tasks/main.yml
+12 -6
file changed
tasks/aws_cloud.yml
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.