Ipsilon is configured to store its data in db-fas01. If we still want it to be in a separate DB server (since FAS isn't here anymore, it may be ipsilon alone) for what I suppose are security reasons, could you please bring it back up?
When you can
PS: I know I have the permissions to do is now, but bringing back up a DB server seems like a big thing. If it's just running a playbook, I can do it.
That host is up and running (it has the FAS db as well as ipsilon as far as I can see).
What's the issue?
Ah, right, I did not check. From openshift I get:
sqlalchemy.exc.OperationalError: (psycopg2.OperationalError) could not connect to server: No route to host. Is the server running on host "db-fas01.stg.iad2.fedoraproject.org" (10.3.166.34) and accepting TCP/IP connections on port 5432?
Maybe a routing issue then?
Let's see with @kevin I hope it's not firewall-related
It is firewall related I think, but our firewall. ;)
look in inventory/host_vars/db-fas01.stg.iad2.fedoraproject.org:
custom_rules: - '-A INPUT -p tcp -m tcp -s 10.5.128.129 --dport 5432 -j ACCEPT' - '-A INPUT -p tcp -m tcp -s 10.5.128.137 --dport 5432 -j ACCEPT' - '-A INPUT -p tcp -m tcp -s 10.5.128.82 --dport 5432 -j ACCEPT' - '-A INPUT -p tcp -m tcp -s 10.5.128.104 --dport 5432 -j ACCEPT' - '-A INPUT -p tcp -m tcp -s 10.5.128.105 --dport 5432 -j ACCEPT' - '-A INPUT -p tcp -m tcp -s 10.5.128.106 --dport 5432 -j ACCEPT' - '-A INPUT -p tcp -m tcp -s 10.5.128.107 --dport 5432 -j ACCEPT'
Those are all phx2 ips. ;( They need to be changed to the iad2 ones. For now, you could just replace them all with a 10.3.166.0/24 to allow that stg net and we can lock it down more later?
Done, it's running now, thanks!
Metadata Update from @abompard: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.