Currently Fedora has 2 proxies in APAC (proxy30/31) but i would like to get an additional setup in for some in Southern Asian, Europe, South America and Africa. Each server is currently setup like any other proxy with it being built from scratch from kickstarts and copied data. This was done as a 'aaaaah no time aaaaah' fix and probably needs to be relooked at. The goal is to allow good proxy coverage and possibly cdn front end coverage of specific downloads in each region to allow easier use by people.
Metadata Update from @kevin: - Issue priority set to: Waiting on Assignee (was: Needs Review) - Issue tagged with: aws, groomed, medium-gain, medium-trouble
I am currently writing some ansible to spin up instances in a number of regions for this. I should hopefully have the PR in later today or tomorrow. Then we can run the already established playbooks you have mentioned against each of the new instances.
Managing the instances from ansible will mean we have to use a token/infra user, but we can do that I suppose.
I can do manually if you like. I just thought it may be easier for future maintenance?
I have manually created a server in frankfurt. What is the process here with running playbooks?
Do I add the IP temporarily in the hosts file or do I create a ticket for the DNS first and then wait for that to be set up before running them?
proxy32.fedoraproject.org 18.185.136.17
Wait for dns... or we can add you to do dns as well if you like.
We do not want ip's in our ansible repo... they are confusing. :)
[smooge@batcave01 fi-repo][PROD-IAD2]$ host proxy31.fedoraproject.org proxy31.fedoraproject.org has address 13.125.120.8 proxy31.fedoraproject.org has IPv6 address 2406:da12:0:c10:92a3:5a6e:221b:f9eb [smooge@batcave01 fi-repo][PROD-IAD2]$ host proxy32.fedoraproject.org proxy32.fedoraproject.org has address 18.185.136.17 [smooge@batcave01 fi-repo][PROD-IAD2]$ host proxy32.aws.fedoraproject.org proxy32.aws.fedoraproject.org has address 18.185.136.17
Thanks smooge. I don't appear to have permissions to run the proxies ansiible playbook to provision the server
Proxy32 has been created in Europe(Frankfurt)
I will do multiple in one go on the next run to speed things up a bit. Do we just want 1 per region? Or is 2 the goal?
I tried to create an instance is South America for this and got refused with the below error
You are not authorized to perform this operation. Encoded authorization failure message: JMBrN_B6AmBLmuWXN-bAtfG3rT_O4kK7W09BlYhdAOGF6veXqSA_81GQf6JPuMU3P1JlMq7DBNJrwLDI3brs69zQqzpzM5cWsGnLDHZ30u0Pr47__9VjwUf-EBq5gPLuICkXLi33LXqW0PbxbMdtPMgUvxOvm9cemaSdqOO0LV_L7uR7E0gbnHoU9aCW2CnfSR-E1hwRXNiF-MU5qsP5S597iuwBMmYCM5Ju48a3r66UbVpcI82Z-_eGzmzwdU10XtzGirax4GKoS1HWhOw01H1lfqWzNZSRfskqG6MbYhQ5_ZoHCoxTGBSthUYtgVhMYOEKjN8Z3beYvUbhxWJvqJxhjo_DcSP7znXChLOq-jyjbij2VHhh9QS21XMipcYW5_I0OKmaegUoXYgs3ZJAeAIHHjWVJHoetu2lGHwyYabDUa8CacXyiIP5Jr9wSAWkenafKHfrYAvrIv2d3ugLmiunZVPWSKgl2b_Wp3ISncQ_wWyES1Al63S3P-w8rcDR3bvMIqxwIDIA1zeI_H8cfrYIvfnj8SwajTLqqOTitRwdTG79cMVx3RZYgtPozAbGN1J6tKQpFx7UD5CrweKRS0l94xidGIR-SuEG3c-T
Metadata Update from @mobrien: - Issue assigned to mobrien
@smooge recommends to set up 2 more proxies in amazon for EU and 2 more in APAC as well as one more each in SA and AFR.
The SA zone is going to need a bunch of NA links and the AFR one will need to go to EU to provide resilience. This will be covered in #9256
Metadata Update from @mobrien: - Issue tagged with: ops
In AWS there are now 11 proxies as listed below, all the boxes are up and running and passing nagios checks. Some are not in use yet and just needed to be added to dns which will be done tomorrow.
There also needs to be a South America proxy region added which I will also do tomorrow
APAC:
EU:
AFR:
SA:
So I think this is done now?
@smooge anything else to do here?
I'm gonna close it, reopen if I missed that we still have things to do.
Metadata Update from @kevin: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.