From 73a9acc7adba8a4b6f0350a2b9cf7d6a2cd66534 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Fri, 3 Dec 2021 11:32:31 +1100 Subject: [PATCH] Rename install-ansible to bootstrap-bridge This used to be called "bridge", but was then renamed with Ia7c8dd0e32b2c4aaa674061037be5ab66d9a3581 to install-ansible to be clearer. It is true that this is installing Ansible, but as part of our reworking for parallel jobs this is the also the synchronisation point where we should be deploying the system-config code to run for the buildset. Thus naming this "boostrap-bridge" should hopefully be clearer again about what's going on. I've added a note to the job calling out it's difference to the infra-prod-service-bridge job to hopefully also avoid some of the inital confusion. Change-Id: I4db1c883f237de5986edb4dc4c64860390cc8e22 --- ...all-ansible.yaml => bootstrap-bridge.yaml} | 2 +- playbooks/zuul/run-base.yaml | 2 +- zuul.d/infra-prod.yaml | 20 ++++++--- zuul.d/project.yaml | 8 ++-- zuul.d/system-config-run.yaml | 44 +++++++++---------- 5 files changed, 43 insertions(+), 33 deletions(-) rename playbooks/{install-ansible.yaml => bootstrap-bridge.yaml} (96%) diff --git a/playbooks/install-ansible.yaml b/playbooks/bootstrap-bridge.yaml similarity index 96% rename from playbooks/install-ansible.yaml rename to playbooks/bootstrap-bridge.yaml index bde5ac38d5..ef0f0b01e4 100644 --- a/playbooks/install-ansible.yaml +++ b/playbooks/bootstrap-bridge.yaml @@ -1,5 +1,5 @@ - hosts: bridge.openstack.org:!disabled - name: "Bridge: boostrap the bastion host" + name: "Bridge: bootstrap the bastion host" become: true roles: - pip3 diff --git a/playbooks/zuul/run-base.yaml b/playbooks/zuul/run-base.yaml index f0da45bad9..bd6fdfcf49 100644 --- a/playbooks/zuul/run-base.yaml +++ b/playbooks/zuul/run-base.yaml @@ -1,4 +1,4 @@ -- import_playbook: ../install-ansible.yaml +- import_playbook: ../bootstrap-bridge.yaml vars: root_rsa_key: "{{ lookup('file', zuul.executor.work_root + '/' + zuul.build + '_id_rsa', rstrip=False) }}" ansible_cron_disable_job: true diff --git a/zuul.d/infra-prod.yaml b/zuul.d/infra-prod.yaml index 0cd230917f..89a7ec4fcd 100644 --- a/zuul.d/infra-prod.yaml +++ b/zuul.d/infra-prod.yaml @@ -30,17 +30,28 @@ nodes: [] - job: - name: infra-prod-install-ansible + name: infra-prod-bootstrap-bridge parent: infra-prod-playbook - description: Install ansible on bridge. + description: | + Configure the bastion host (bridge) + + This job does minimal configuration on the bastion host + (bridge.openstack.org) to allow it to run system-config + playbooks against our production hosts. It sets up Ansible on + the host. + + Note that this is separate to infra-prod-service-bridge; + bridge in it's role as the bastion host actaully runs that + against itself; it includes things not strictly needed to make + the host able to deploy system-config. vars: - playbook_name: install-ansible.yaml + playbook_name: bootstrap-bridge.yaml files: - inventory/ - roles/ - install_modules.sh - modules.env - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/roles/pip3/ - playbooks/roles/install-ansible/ - playbooks/roles/logrotate/ @@ -363,7 +374,6 @@ playbook_name: service-zuul.yaml files: - inventory/base - - playbooks/install-ansible.yaml - playbooks/service-zuul.yaml - inventory/service/group_vars/zuul - inventory/service/group_vars/zookeeper.yaml diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index 2b83eda77d..0894e181f4 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -358,12 +358,12 @@ # This installs the ansible on bridge that all the infra-prod # jobs will run with. Note the jobs use this ansible to then # run against zuul's checkout of system-config. - - infra-prod-install-ansible + - infra-prod-bootstrap-bridge # From now on, all jobs should depend on base - infra-prod-base: &infra-prod-base dependencies: - - name: infra-prod-install-ansible + - name: infra-prod-bootstrap-bridge soft: true # Legacy puppet hosts @@ -611,7 +611,7 @@ - zuul-ci-goaccess-report # Nightly runs of ansible things for catchup # Keep in order from above - - infra-prod-install-ansible + - infra-prod-bootstrap-bridge - infra-prod-base: *infra-prod-base - infra-prod-remote-puppet-else: *infra-prod-remote-puppet-else - infra-prod-letsencrypt: *infra-prod-letsencrypt @@ -649,7 +649,7 @@ opendev-prod-hourly: jobs: - - infra-prod-install-ansible + - infra-prod-bootstrap-bridge - infra-prod-service-bridge: *infra-prod-service-bridge - infra-prod-service-nodepool: *infra-prod-service-nodepool - infra-prod-service-registry: *infra-prod-service-registry diff --git a/zuul.d/system-config-run.yaml b/zuul.d/system-config-run.yaml index c663904f63..2ff5ab8d9a 100644 --- a/zuul.d/system-config-run.yaml +++ b/zuul.d/system-config-run.yaml @@ -212,7 +212,7 @@ host_copy_output: '/var/log/acme.sh': logs files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - inventory/service/group_vars/letsencrypt.yaml # This is split because we ant to avoid # ...create-certs/handlers/main.yaml matching since every @@ -243,7 +243,7 @@ required-projects: - opendev/system-config files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - inventory/service/host_vars/lists.openstack.org.yaml - inventory/service/host_vars/lists.katacontainers.io.yaml - inventory/service/group_vars/mailman.yaml @@ -296,7 +296,7 @@ # Test our ad hoc restart playbook works - playbooks/nodepool_restart.yaml files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - inventory/service/group_vars/nodepool.yaml - inventory/service/group_vars/nodepool-builder.yaml - inventory/service/group_vars/nodepool-launcher.yaml @@ -331,7 +331,7 @@ '/etc/bind/named.conf': logs '/var/lib/bind/zones': logs files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - inventory/service/group_vars/adns.yaml - inventory/service/group_vars/dns.yaml - inventory/service/host_vars/(ad)?ns\d+.opendev.org.yaml @@ -364,7 +364,7 @@ files: - playbooks/service-borg-backup.yaml - playbooks/test-borg-bcakup.yaml - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/roles/install-borg - playbooks/roles/borg-backup - playbooks/zuul/templates/host_vars/borg-backup @@ -404,7 +404,7 @@ '/var/log/acme.sh': logs '/etc/apache2/sites-available/mirror.conf': logs files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - roles/ - playbooks/roles/base/ - inventory/service/group_vars/mirror.yaml @@ -454,7 +454,7 @@ run_playbooks: - playbooks/service-mirror-update.yaml files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - roles/ - playbooks/roles/mirror-update/ - playbooks/roles/reprepro/ @@ -482,7 +482,7 @@ '/var/registry/auth': logs '/var/registry/certs': logs files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - inventory/service/group_vars/registry.yaml - inventory/service/host_vars/insecure-ci-registry\d+.opendev.org.yaml - playbooks/zuul/templates/group_vars/registry.yaml.j2 @@ -512,7 +512,7 @@ - playbooks/letsencrypt.yaml - playbooks/service-codesearch.yaml files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/letsencrypt.yaml - playbooks/service-codesearch.yaml - playbooks/roles/codesearch/ @@ -539,7 +539,7 @@ - playbooks/letsencrypt.yaml - playbooks/service-etherpad.yaml files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/letsencrypt.yaml - playbooks/service-etherpad.yaml - playbooks/roles/etherpad/ @@ -592,7 +592,7 @@ host_copy_output: '/var/haproxy/etc': logs files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/letsencrypt.yaml - playbooks/service-gitea-lb.yaml - playbooks/service-gitea.yaml @@ -643,7 +643,7 @@ - playbooks/service-grafana.yaml run_test_playbook: playbooks/test-grafana.yaml files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/letsencrypt.yaml - playbooks/service-grafana.yaml - playbooks/roles/grafana/ @@ -675,7 +675,7 @@ host_copy_output: '/var/log/graphite': logs files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/letsencrypt.yaml - playbooks/service-graphite.yaml - playbooks/roles/graphite @@ -735,7 +735,7 @@ host_copy_output: '/var/jitsi-meet': logs files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - inventory/service/group_vars/meetpad.yaml - inventory/service/host_vars/meetpad\d+.opendev.org.yaml - playbooks/roles/letsencrypt-create-certs/handlers/restart_jitsi_meet.yaml @@ -767,7 +767,7 @@ - playbooks/service-paste.yaml run_test_playbook: playbooks/test-paste.yaml files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/letsencrypt.yaml - playbooks/service-paste.yaml - playbooks/roles/lodgeit @@ -791,7 +791,7 @@ run_playbooks: - playbooks/service-zookeeper.yaml files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - inventory/service/group_vars/zookeeper.yaml - ^inventory/service/host_vars/zk\d+\..* - playbooks/roles/zookeeper/ @@ -817,7 +817,7 @@ run_playbooks: - playbooks/service-zuul-preview.yaml files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/roles/zuul-preview/ - playbooks/roles/pip3/ - playbooks/roles/install-docker/ @@ -871,7 +871,7 @@ host_copy_output: '/etc/hosts': logs files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/service-zookeeper.yaml - playbooks/service-zuul.yaml - inventory/service/group_vars/zuul @@ -918,7 +918,7 @@ '/var/log/apache2/': logs '/var/log/acme.sh': logs files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/letsencrypt.yaml - playbooks/service-review.*.yaml - playbooks/test-review.yaml @@ -984,7 +984,7 @@ - playbooks/letsencrypt.yaml - playbooks/service-static.yaml files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/roles/static/ - playbooks/roles/letsencrypt - playbooks/letsencrypt.yaml @@ -1023,7 +1023,7 @@ - playbooks/service-refstack.yaml container_command: docker files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - inventory/service/group-vars/refstack.yaml - playbooks/zuul/templates/group_vars/refstack.yaml.j2 - playbooks/roles/refstack/ @@ -1063,5 +1063,5 @@ - playbooks/service-kerberos.yaml run_test_playbook: playbooks/test-kerberos.yaml files: - - playbooks/install-ansible.yaml + - playbooks/bootstrap-bridge.yaml - playbooks/roles/kerberos-kdc/