Merge "Rename install-ansible to bootstrap-bridge"
This commit is contained in:
Zuul
Gerrit Code Review
commit
e758d24fa7
@ -1,5 +1,5 @@
|
|||||||
- hosts: bridge.openstack.org:!disabled
|
- hosts: bridge.openstack.org:!disabled
|
||||||
name: "Bridge: boostrap the bastion host"
|
name: "Bridge: bootstrap the bastion host"
|
||||||
become: true
|
become: true
|
||||||
roles:
|
roles:
|
||||||
- pip3
|
- pip3
|
||||||
@ -1,4 +1,4 @@
|
|||||||
- import_playbook: ../install-ansible.yaml
|
- import_playbook: ../bootstrap-bridge.yaml
|
||||||
vars:
|
vars:
|
||||||
root_rsa_key: "{{ lookup('file', zuul.executor.work_root + '/' + zuul.build + '_id_rsa', rstrip=False) }}"
|
root_rsa_key: "{{ lookup('file', zuul.executor.work_root + '/' + zuul.build + '_id_rsa', rstrip=False) }}"
|
||||||
ansible_cron_disable_job: true
|
ansible_cron_disable_job: true
|
||||||
|
|||||||
@ -30,17 +30,28 @@
|
|||||||
nodes: []
|
nodes: []
|
||||||
|
|
||||||
- job:
|
- job:
|
||||||
name: infra-prod-install-ansible
|
name: infra-prod-bootstrap-bridge
|
||||||
parent: infra-prod-playbook
|
parent: infra-prod-playbook
|
||||||
description: Install ansible on bridge.
|
description: |
|
||||||
|
Configure the bastion host (bridge)
|
||||||
|
|
||||||
|
This job does minimal configuration on the bastion host
|
||||||
|
(bridge.openstack.org) to allow it to run system-config
|
||||||
|
playbooks against our production hosts. It sets up Ansible on
|
||||||
|
the host.
|
||||||
|
|
||||||
|
Note that this is separate to infra-prod-service-bridge;
|
||||||
|
bridge in it's role as the bastion host actaully runs that
|
||||||
|
against itself; it includes things not strictly needed to make
|
||||||
|
the host able to deploy system-config.
|
||||||
vars:
|
vars:
|
||||||
playbook_name: install-ansible.yaml
|
playbook_name: bootstrap-bridge.yaml
|
||||||
files:
|
files:
|
||||||
- inventory/
|
- inventory/
|
||||||
- roles/
|
- roles/
|
||||||
- install_modules.sh
|
- install_modules.sh
|
||||||
- modules.env
|
- modules.env
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/roles/pip3/
|
- playbooks/roles/pip3/
|
||||||
- playbooks/roles/install-ansible/
|
- playbooks/roles/install-ansible/
|
||||||
- playbooks/roles/logrotate/
|
- playbooks/roles/logrotate/
|
||||||
@ -363,7 +374,6 @@
|
|||||||
playbook_name: service-zuul.yaml
|
playbook_name: service-zuul.yaml
|
||||||
files:
|
files:
|
||||||
- inventory/base
|
- inventory/base
|
||||||
- playbooks/install-ansible.yaml
|
|
||||||
- playbooks/service-zuul.yaml
|
- playbooks/service-zuul.yaml
|
||||||
- inventory/service/group_vars/zuul
|
- inventory/service/group_vars/zuul
|
||||||
- inventory/service/group_vars/zookeeper.yaml
|
- inventory/service/group_vars/zookeeper.yaml
|
||||||
|
|||||||
@ -358,12 +358,12 @@
|
|||||||
# This installs the ansible on bridge that all the infra-prod
|
# This installs the ansible on bridge that all the infra-prod
|
||||||
# jobs will run with. Note the jobs use this ansible to then
|
# jobs will run with. Note the jobs use this ansible to then
|
||||||
# run against zuul's checkout of system-config.
|
# run against zuul's checkout of system-config.
|
||||||
- infra-prod-install-ansible
|
- infra-prod-bootstrap-bridge
|
||||||
|
|
||||||
# From now on, all jobs should depend on base
|
# From now on, all jobs should depend on base
|
||||||
- infra-prod-base: &infra-prod-base
|
- infra-prod-base: &infra-prod-base
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: infra-prod-install-ansible
|
- name: infra-prod-bootstrap-bridge
|
||||||
soft: true
|
soft: true
|
||||||
|
|
||||||
# Legacy puppet hosts
|
# Legacy puppet hosts
|
||||||
@ -611,7 +611,7 @@
|
|||||||
- zuul-ci-goaccess-report
|
- zuul-ci-goaccess-report
|
||||||
# Nightly runs of ansible things for catchup
|
# Nightly runs of ansible things for catchup
|
||||||
# Keep in order from above
|
# Keep in order from above
|
||||||
- infra-prod-install-ansible
|
- infra-prod-bootstrap-bridge
|
||||||
- infra-prod-base: *infra-prod-base
|
- infra-prod-base: *infra-prod-base
|
||||||
- infra-prod-remote-puppet-else: *infra-prod-remote-puppet-else
|
- infra-prod-remote-puppet-else: *infra-prod-remote-puppet-else
|
||||||
- infra-prod-letsencrypt: *infra-prod-letsencrypt
|
- infra-prod-letsencrypt: *infra-prod-letsencrypt
|
||||||
@ -649,7 +649,7 @@
|
|||||||
|
|
||||||
opendev-prod-hourly:
|
opendev-prod-hourly:
|
||||||
jobs:
|
jobs:
|
||||||
- infra-prod-install-ansible
|
- infra-prod-bootstrap-bridge
|
||||||
- infra-prod-service-bridge: *infra-prod-service-bridge
|
- infra-prod-service-bridge: *infra-prod-service-bridge
|
||||||
- infra-prod-service-nodepool: *infra-prod-service-nodepool
|
- infra-prod-service-nodepool: *infra-prod-service-nodepool
|
||||||
- infra-prod-service-registry: *infra-prod-service-registry
|
- infra-prod-service-registry: *infra-prod-service-registry
|
||||||
|
|||||||
@ -212,7 +212,7 @@
|
|||||||
host_copy_output:
|
host_copy_output:
|
||||||
'/var/log/acme.sh': logs
|
'/var/log/acme.sh': logs
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- inventory/service/group_vars/letsencrypt.yaml
|
- inventory/service/group_vars/letsencrypt.yaml
|
||||||
# This is split because we ant to avoid
|
# This is split because we ant to avoid
|
||||||
# ...create-certs/handlers/main.yaml matching since every
|
# ...create-certs/handlers/main.yaml matching since every
|
||||||
@ -243,7 +243,7 @@
|
|||||||
required-projects:
|
required-projects:
|
||||||
- opendev/system-config
|
- opendev/system-config
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- inventory/service/host_vars/lists.openstack.org.yaml
|
- inventory/service/host_vars/lists.openstack.org.yaml
|
||||||
- inventory/service/host_vars/lists.katacontainers.io.yaml
|
- inventory/service/host_vars/lists.katacontainers.io.yaml
|
||||||
- inventory/service/group_vars/mailman.yaml
|
- inventory/service/group_vars/mailman.yaml
|
||||||
@ -296,7 +296,7 @@
|
|||||||
# Test our ad hoc restart playbook works
|
# Test our ad hoc restart playbook works
|
||||||
- playbooks/nodepool_restart.yaml
|
- playbooks/nodepool_restart.yaml
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- inventory/service/group_vars/nodepool.yaml
|
- inventory/service/group_vars/nodepool.yaml
|
||||||
- inventory/service/group_vars/nodepool-builder.yaml
|
- inventory/service/group_vars/nodepool-builder.yaml
|
||||||
- inventory/service/group_vars/nodepool-launcher.yaml
|
- inventory/service/group_vars/nodepool-launcher.yaml
|
||||||
@ -331,7 +331,7 @@
|
|||||||
'/etc/bind/named.conf': logs
|
'/etc/bind/named.conf': logs
|
||||||
'/var/lib/bind/zones': logs
|
'/var/lib/bind/zones': logs
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- inventory/service/group_vars/adns.yaml
|
- inventory/service/group_vars/adns.yaml
|
||||||
- inventory/service/group_vars/dns.yaml
|
- inventory/service/group_vars/dns.yaml
|
||||||
- inventory/service/host_vars/(ad)?ns\d+.opendev.org.yaml
|
- inventory/service/host_vars/(ad)?ns\d+.opendev.org.yaml
|
||||||
@ -364,7 +364,7 @@
|
|||||||
files:
|
files:
|
||||||
- playbooks/service-borg-backup.yaml
|
- playbooks/service-borg-backup.yaml
|
||||||
- playbooks/test-borg-bcakup.yaml
|
- playbooks/test-borg-bcakup.yaml
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/roles/install-borg
|
- playbooks/roles/install-borg
|
||||||
- playbooks/roles/borg-backup
|
- playbooks/roles/borg-backup
|
||||||
- playbooks/zuul/templates/host_vars/borg-backup
|
- playbooks/zuul/templates/host_vars/borg-backup
|
||||||
@ -404,7 +404,7 @@
|
|||||||
'/var/log/acme.sh': logs
|
'/var/log/acme.sh': logs
|
||||||
'/etc/apache2/sites-available/mirror.conf': logs
|
'/etc/apache2/sites-available/mirror.conf': logs
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- roles/
|
- roles/
|
||||||
- playbooks/roles/base/
|
- playbooks/roles/base/
|
||||||
- inventory/service/group_vars/mirror.yaml
|
- inventory/service/group_vars/mirror.yaml
|
||||||
@ -454,7 +454,7 @@
|
|||||||
run_playbooks:
|
run_playbooks:
|
||||||
- playbooks/service-mirror-update.yaml
|
- playbooks/service-mirror-update.yaml
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- roles/
|
- roles/
|
||||||
- playbooks/roles/mirror-update/
|
- playbooks/roles/mirror-update/
|
||||||
- playbooks/roles/reprepro/
|
- playbooks/roles/reprepro/
|
||||||
@ -482,7 +482,7 @@
|
|||||||
'/var/registry/auth': logs
|
'/var/registry/auth': logs
|
||||||
'/var/registry/certs': logs
|
'/var/registry/certs': logs
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- inventory/service/group_vars/registry.yaml
|
- inventory/service/group_vars/registry.yaml
|
||||||
- inventory/service/host_vars/insecure-ci-registry\d+.opendev.org.yaml
|
- inventory/service/host_vars/insecure-ci-registry\d+.opendev.org.yaml
|
||||||
- playbooks/zuul/templates/group_vars/registry.yaml.j2
|
- playbooks/zuul/templates/group_vars/registry.yaml.j2
|
||||||
@ -512,7 +512,7 @@
|
|||||||
- playbooks/letsencrypt.yaml
|
- playbooks/letsencrypt.yaml
|
||||||
- playbooks/service-codesearch.yaml
|
- playbooks/service-codesearch.yaml
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/letsencrypt.yaml
|
- playbooks/letsencrypt.yaml
|
||||||
- playbooks/service-codesearch.yaml
|
- playbooks/service-codesearch.yaml
|
||||||
- playbooks/roles/codesearch/
|
- playbooks/roles/codesearch/
|
||||||
@ -539,7 +539,7 @@
|
|||||||
- playbooks/letsencrypt.yaml
|
- playbooks/letsencrypt.yaml
|
||||||
- playbooks/service-etherpad.yaml
|
- playbooks/service-etherpad.yaml
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/letsencrypt.yaml
|
- playbooks/letsencrypt.yaml
|
||||||
- playbooks/service-etherpad.yaml
|
- playbooks/service-etherpad.yaml
|
||||||
- playbooks/roles/etherpad/
|
- playbooks/roles/etherpad/
|
||||||
@ -592,7 +592,7 @@
|
|||||||
host_copy_output:
|
host_copy_output:
|
||||||
'/var/haproxy/etc': logs
|
'/var/haproxy/etc': logs
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/letsencrypt.yaml
|
- playbooks/letsencrypt.yaml
|
||||||
- playbooks/service-gitea-lb.yaml
|
- playbooks/service-gitea-lb.yaml
|
||||||
- playbooks/service-gitea.yaml
|
- playbooks/service-gitea.yaml
|
||||||
@ -643,7 +643,7 @@
|
|||||||
- playbooks/service-grafana.yaml
|
- playbooks/service-grafana.yaml
|
||||||
run_test_playbook: playbooks/test-grafana.yaml
|
run_test_playbook: playbooks/test-grafana.yaml
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/letsencrypt.yaml
|
- playbooks/letsencrypt.yaml
|
||||||
- playbooks/service-grafana.yaml
|
- playbooks/service-grafana.yaml
|
||||||
- playbooks/roles/grafana/
|
- playbooks/roles/grafana/
|
||||||
@ -675,7 +675,7 @@
|
|||||||
host_copy_output:
|
host_copy_output:
|
||||||
'/var/log/graphite': logs
|
'/var/log/graphite': logs
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/letsencrypt.yaml
|
- playbooks/letsencrypt.yaml
|
||||||
- playbooks/service-graphite.yaml
|
- playbooks/service-graphite.yaml
|
||||||
- playbooks/roles/graphite
|
- playbooks/roles/graphite
|
||||||
@ -735,7 +735,7 @@
|
|||||||
host_copy_output:
|
host_copy_output:
|
||||||
'/var/jitsi-meet': logs
|
'/var/jitsi-meet': logs
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- inventory/service/group_vars/meetpad.yaml
|
- inventory/service/group_vars/meetpad.yaml
|
||||||
- inventory/service/host_vars/meetpad\d+.opendev.org.yaml
|
- inventory/service/host_vars/meetpad\d+.opendev.org.yaml
|
||||||
- playbooks/roles/letsencrypt-create-certs/handlers/restart_jitsi_meet.yaml
|
- playbooks/roles/letsencrypt-create-certs/handlers/restart_jitsi_meet.yaml
|
||||||
@ -767,7 +767,7 @@
|
|||||||
- playbooks/service-paste.yaml
|
- playbooks/service-paste.yaml
|
||||||
run_test_playbook: playbooks/test-paste.yaml
|
run_test_playbook: playbooks/test-paste.yaml
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/letsencrypt.yaml
|
- playbooks/letsencrypt.yaml
|
||||||
- playbooks/service-paste.yaml
|
- playbooks/service-paste.yaml
|
||||||
- playbooks/roles/lodgeit
|
- playbooks/roles/lodgeit
|
||||||
@ -791,7 +791,7 @@
|
|||||||
run_playbooks:
|
run_playbooks:
|
||||||
- playbooks/service-zookeeper.yaml
|
- playbooks/service-zookeeper.yaml
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- inventory/service/group_vars/zookeeper.yaml
|
- inventory/service/group_vars/zookeeper.yaml
|
||||||
- ^inventory/service/host_vars/zk\d+\..*
|
- ^inventory/service/host_vars/zk\d+\..*
|
||||||
- playbooks/roles/zookeeper/
|
- playbooks/roles/zookeeper/
|
||||||
@ -817,7 +817,7 @@
|
|||||||
run_playbooks:
|
run_playbooks:
|
||||||
- playbooks/service-zuul-preview.yaml
|
- playbooks/service-zuul-preview.yaml
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/roles/zuul-preview/
|
- playbooks/roles/zuul-preview/
|
||||||
- playbooks/roles/pip3/
|
- playbooks/roles/pip3/
|
||||||
- playbooks/roles/install-docker/
|
- playbooks/roles/install-docker/
|
||||||
@ -871,7 +871,7 @@
|
|||||||
host_copy_output:
|
host_copy_output:
|
||||||
'/etc/hosts': logs
|
'/etc/hosts': logs
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/service-zookeeper.yaml
|
- playbooks/service-zookeeper.yaml
|
||||||
- playbooks/service-zuul.yaml
|
- playbooks/service-zuul.yaml
|
||||||
- inventory/service/group_vars/zuul
|
- inventory/service/group_vars/zuul
|
||||||
@ -918,7 +918,7 @@
|
|||||||
'/var/log/apache2/': logs
|
'/var/log/apache2/': logs
|
||||||
'/var/log/acme.sh': logs
|
'/var/log/acme.sh': logs
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/letsencrypt.yaml
|
- playbooks/letsencrypt.yaml
|
||||||
- playbooks/service-review.*.yaml
|
- playbooks/service-review.*.yaml
|
||||||
- playbooks/test-review.yaml
|
- playbooks/test-review.yaml
|
||||||
@ -984,7 +984,7 @@
|
|||||||
- playbooks/letsencrypt.yaml
|
- playbooks/letsencrypt.yaml
|
||||||
- playbooks/service-static.yaml
|
- playbooks/service-static.yaml
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/roles/static/
|
- playbooks/roles/static/
|
||||||
- playbooks/roles/letsencrypt
|
- playbooks/roles/letsencrypt
|
||||||
- playbooks/letsencrypt.yaml
|
- playbooks/letsencrypt.yaml
|
||||||
@ -1023,7 +1023,7 @@
|
|||||||
- playbooks/service-refstack.yaml
|
- playbooks/service-refstack.yaml
|
||||||
container_command: docker
|
container_command: docker
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- inventory/service/group-vars/refstack.yaml
|
- inventory/service/group-vars/refstack.yaml
|
||||||
- playbooks/zuul/templates/group_vars/refstack.yaml.j2
|
- playbooks/zuul/templates/group_vars/refstack.yaml.j2
|
||||||
- playbooks/roles/refstack/
|
- playbooks/roles/refstack/
|
||||||
@ -1063,5 +1063,5 @@
|
|||||||
- playbooks/service-kerberos.yaml
|
- playbooks/service-kerberos.yaml
|
||||||
run_test_playbook: playbooks/test-kerberos.yaml
|
run_test_playbook: playbooks/test-kerberos.yaml
|
||||||
files:
|
files:
|
||||||
- playbooks/install-ansible.yaml
|
- playbooks/bootstrap-bridge.yaml
|
||||||
- playbooks/roles/kerberos-kdc/
|
- playbooks/roles/kerberos-kdc/
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user