Describe what you need us to do: I need admin access to the release-monitoring project on stg.os.fedoraproject.org
When do you need this? (YYYY/MM/DD) As soon as possible
When is this no longer needed or useful? (YYYY/MM/DD) NA
If we cannot complete your request, what is the impact? I can't do any administration on Anitya if needed
Done. I have added you as appowner.
I have also added you to sysadmin and sysadmin-releasemonitoring groups. You can now ssh into batcave01.phx2.fedoraproject.org (see https://docs.pagure.org/infra-docs/sysadmin-guide/sops/sshaccess.html for info on how to set that up) and then setup a 2fa token: https://docs.pagure.org/infra-docs/sysadmin-guide/sops/2-factor.html and then can use 'sudo rbac-playbook openshift-apps/release-monitoring.yml to run the playbook and deploy.
Before we go to production and replace the prod vm with a prod openshift instance, we need to sort out the cron job, which is enabled in openshift, but it's unclear if it's working.
Metadata Update from @kevin: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
I was able to login to batcave01 - but I was a little confused by seeing [PROD] in terminal. Although I tried to run sudo rbac-playbook openshift-apps/release-monitoring.yml And I'm getting this: Sorry, user zlopez is not allowed to execute '/bin/rbac-playbook openshift-apps/release-monitoring.yml' as root on batcave01.phx2.fedoraproject.org.
sudo rbac-playbook openshift-apps/release-monitoring.yml
Metadata Update from @zlopez: - Issue status updated to: Open (was: Closed)
I'm reopening this, because I only have partial access as described above. I can login to batcave, but I can't run ansible playbook.
ok, I think I have tracked this down and fixed it.
Can you try again now?
Now I'm able to run sudo rbac-playbook openshift-apps/release-monitoring.yml, but it fails on: fatal: [os-master01.stg.phx2.fedoraproject.org]: UNREACHABLE! => {"changed": false, "msg": "SSH Error: data could not be sent to remote host \"os-master01.stg.phx2.fedoraproject.org\". Make sure this host can be reached over ssh", "unreachable": true}
fatal: [os-master01.stg.phx2.fedoraproject.org]: UNREACHABLE! => {"changed": false, "msg": "SSH Error: data could not be sent to remote host \"os-master01.stg.phx2.fedoraproject.org\". Make sure this host can be reached over ssh", "unreachable": true}
This should be fixed now. It was due to a namespace change I made and have now reverted.
Sorry about that. Please do check again and confirm it's working...
I got a little further, but now I'm getting this error on ansible: TASK [openshift/object : Call 'oc apply' on the copied file] ****************************************************************************************************************************************************** Tuesday 28 August 2018 07:03:23 +0000 (0:00:00.055) 0:00:06.636 ******** fatal: [os-master01.stg.phx2.fedoraproject.org]: FAILED! => {"changed": true, "cmd": "oc -n release-monitoring apply -f /etc/openshift_apps/release-monitoring/role-appowners.yml", "delta": "0:00:00.220839", "end": "2018-08-28 07:03:23.908169", "msg": "non-zero return code", "rc": 1, "start": "2018-08-28 07:03:23.687330", "stderr": "error: error when retrieving current configuration of:\n&{0xc4208b86c0 0xc420520a80 release-monitoring appowner /etc/openshift_apps/release-monitoring/role-appowners.yml 0xc420ee4118 false}\nfrom server for: \"/etc/openshift_apps/release-monitoring/role-appowners.yml\": Get https://os-masters.stg.phx2.fedoraproject.org:443/apis/authorization.openshift.io/v1/namespaces/release-monitoring/roles/appowner: dial tcp 10.5.128.103:443: getsockopt: connection refused", "stderr_lines": ["error: error when retrieving current configuration of:", "&{0xc4208b86c0 0xc420520a80 release-monitoring appowner /etc/openshift_apps/release-monitoring/role-appowners.yml 0xc420ee4118 false}", "from server for: \"/etc/openshift_apps/release-monitoring/role-appowners.yml\": Get https://os-masters.stg.phx2.fedoraproject.org:443/apis/authorization.openshift.io/v1/namespaces/release-monitoring/roles/appowner: dial tcp 10.5.128.103:443: getsockopt: connection refused"], "stdout": "", "stdout_lines": []}
TASK [openshift/object : Call 'oc apply' on the copied file] ****************************************************************************************************************************************************** Tuesday 28 August 2018 07:03:23 +0000 (0:00:00.055) 0:00:06.636 ******** fatal: [os-master01.stg.phx2.fedoraproject.org]: FAILED! => {"changed": true, "cmd": "oc -n release-monitoring apply -f /etc/openshift_apps/release-monitoring/role-appowners.yml", "delta": "0:00:00.220839", "end": "2018-08-28 07:03:23.908169", "msg": "non-zero return code", "rc": 1, "start": "2018-08-28 07:03:23.687330", "stderr": "error: error when retrieving current configuration of:\n&{0xc4208b86c0 0xc420520a80 release-monitoring appowner /etc/openshift_apps/release-monitoring/role-appowners.yml 0xc420ee4118 false}\nfrom server for: \"/etc/openshift_apps/release-monitoring/role-appowners.yml\": Get https://os-masters.stg.phx2.fedoraproject.org:443/apis/authorization.openshift.io/v1/namespaces/release-monitoring/roles/appowner: dial tcp 10.5.128.103:443: getsockopt: connection refused", "stderr_lines": ["error: error when retrieving current configuration of:", "&{0xc4208b86c0 0xc420520a80 release-monitoring appowner /etc/openshift_apps/release-monitoring/role-appowners.yml 0xc420ee4118 false}", "from server for: \"/etc/openshift_apps/release-monitoring/role-appowners.yml\": Get https://os-masters.stg.phx2.fedoraproject.org:443/apis/authorization.openshift.io/v1/namespaces/release-monitoring/roles/appowner: dial tcp 10.5.128.103:443: getsockopt: connection refused"], "stdout": "", "stdout_lines": []}
There is still some connection refused error.
ok, this was caused by some issues with staging openshift. ;(
I have corrected all those now... and the playbook completes correctly for me now.
Please give it a try and confirm. Thanks.
It's working now. Thanks for your time.
Metadata Update from @zlopez: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.