opendev/system-config
Code Issues Proposed changes
system-config/inventory/service/groups.yaml
Ian Wienand 7683fa11b3 openafs-server : add ansible roles for OpenAFS servers 
This starts at migrating OpenAFS server setup to Ansible.

Firstly we split up the groups and explicitly name hosts, as we will
me migrating each one step-by-step.  We split out 1.8 hosts into a new
afs-1.8 group; the first host is afs01.ord.openstack.org which already
has openafs 1.8 installed manually.

An openafs-server role is introduced that does the same setup as the
extant puppet.

The AFS job is renamed to infra-prod-afs as the puppet component will
eventually disappear.  Otherwise it runs in the same way, but also
runs the openafs-server role for the 1.8 servers.

Once this is merged, we can run it against afs01.ord.openstack.org to
ensure it works and is idempotent.  We can then take on upgrading the
other file servers, and work further on the database servers.

Change-Id: I7998af43961999412f58a78214f4b5387713d30e
2021-01-19 08:08:33 +11:00

290 lines
7.9 KiB
YAML
Raw Blame History

plugin: yamlgroup
groups:
adns: adns*.open*.org
afs-1.8:
- afs01.ord.openstack.org
afs:
- afs01.dfw.openstack.org
- afs02.dfw.openstack.org
- afsdb01.openstack.org
- afsdb02.openstack.org
afs-client:
- review-dev[0-9]*.open*.org
- mirror[0-9]*.opendev.org
- mirror-update[0-9]*.opendev.org
- ze[0-9]*.open*.org
- afsdb*.open*.org
- afs[0-9]*.open*.org
- static[0-9]*.opendev.org
afsadmin: mirror-update[0-9]*.openstack.org
afsdb: afsdb[0-9]*.open*.org
ask: ask*.open*.org
# NOTE: By default we keep the backup-server group empty as an
# emergency escape hatch if a problem were to propage through
# production servers. However, this also means if you add a server to
# the "backup" group to be backed up, you should uncomment the
# "backup-server" group for an Ansible pulse so the users & keys are
# setup on the server(s). You can submit a follow-on change to revert
# this at the same time.
backup:
- gitea01.opendev.org
- review[0-9]*.openstack.org
- review-dev[0-9]*.open*.org
- zuul[0-9]*.open*.org
# All these servers are "special-cased" in specifically
# as they are puppet and should be replaced "soon"
- ethercalc02.openstack.org
- ask01.openstack.org
- lists.openstack.org
- storyboard01.opendev.org
- translate01.openstack.org
backup-server:
- backup01.ca-ymq-1.vexxhost.opendev.org
borg-backup:
- etherpad[0-9]*.opendev.org
- gitea01.opendev.org
- review[0-9]*.openstack.org
- review-dev[0-9]*.open*.org
- zuul[0-9]*.open*.org
# All these servers are "special-cased" in specifically
# as they are puppet and should be replaced "soon"
- ethercalc02.openstack.org
- ask01.openstack.org
- lists.openstack.org
- storyboard01.opendev.org
- translate01.openstack.org
borg-backup-server:
- backup02.ca-ymq-1.vexxhost.opendev.org
- backup01.ord.rax.opendev.org
cacti: cacti[0-9]*.open*.org
certcheck:
- cacti[0-9]*.open*.org
cloud-launcher:
- bridge.openstack.org
codesearch:
- codesearch[0-9]*.opendev.org
control-plane-clouds:
- bridge.openstack.org
disabled:
- backup01.ord.rax.ci.openstack.org
- corvustest
- ethercalc01.openstack.org
- idp.openstackid.org
- lists-dev01.openstack.org
- wiki-dev01.openstack.org
- wiki-upgrade-test.openstack.org
dns:
- adns*.opendev.org
- ns*.opendev.org
eavesdrop: eavesdrop[0-9]*.open*.org
elasticsearch: elasticsearch[0-9]*.open*.org
ethercalc: ethercalc*.open*.org
etherpad: etherpad[0-9]*.open*.org
firehose: firehose[0-9]*.open*.org
gerrit:
- review-dev[0-9]*.open*.org
- review[0-9]*.open*.org
gitea:
- gitea[0-9]*.opendev.org
gitea-lb:
- gitea-lb[0-9]*.opendev.org
grafana:
- grafana[0-9]*.opendev.org
graphite:
- graphite*.opendev.org
health:
- health[0-9]*.openstack.org
jvb:
- jvb[0-9]*.opendev.org
kdc:
- kdc[0-9]*.open*.org
letsencrypt:
- codesearch[0-9]*.opendev.org
- etherpad[0-9]*.opendev.org
- gitea[0-9]*.opendev.org
- graphite[0-9]*.opendev.org
- grafana[0-9]*.opendev.org
- insecure-ci-registry[0-9]*.opendev.org
- meetpad[0-9]*.opendev.org
- mirror[0-9]*.opendev.org
- nb[0-9]*.opendev.org
- review-dev[0-9]*.open*.org
- review[0-9]*.open*.org
- review-test.opendev.org
- static[0-9]*.opendev.org
- zuul[0-9]*.open*.org
logstash:
- logstash[0-9]*.open*.org
logstash-worker:
- logstash-worker[0-9]*.open*.org
mailman:
- lists*.katacontainers.io
- lists*.open*.org
meetpad:
- meetpad[0-9]*.opendev.org
mirror:
- mirror[0-9]*.opendev.org
mirror-update:
- mirror-update[0-9]*.opendev.org
nodepool:
- nb[0-9]*.opendev.org
- nl[0-9]*.open*.org
nodepool-builder:
- nb[0-9]*.opendev.org
nodepool-launcher:
- nl[0-9]*.open*.org
ns:
- ns[0-9]*.open*.org
openstackid-dev:
- openstackid-dev*.openstack.org
openstackid:
- openstackid.org
- openstackid[0-9]*.openstack.org
paste:
- paste[0-9]*.open*.org
pbx:
- pbx[0-9]*.opendev.org
puppet:
- afs01.dfw.openstack.org
- afs02.dfw.openstack.org
- afsdb01.openstack.org
- afsdb02.openstack.org
- ask*.open*.org
- backup[0-9]*.openstack.org
- cacti[0-9]*.open*.org
- corvustest
- eavesdrop[0-9]*.open*.org
- elasticsearch[0-9]*.open*.org
- ethercalc[0-9]*.open*.org
- firehose[0-9]*.open*.org
- health[0-9]*.openstack.org
- kdc[0-9]*.open*.org
- lists*.katacontainers.io
- lists*.open*.org
- logstash-worker[0-9]*.open*.org
- logstash[0-9]*.open*.org
- mirror-update[0-9]*.openstack.org
- openstackid-dev*.openstack.org
- openstackid.org
- openstackid[0-9]*.openstack.org
- paste[0-9]*.open*.org
- pbx[0-9]*.opendev.org
- planet[0-9]*.open*.org
- refstack*.open*.org
- status*.open*.org
- storyboard-dev[0-9]*.opendev.org
- storyboard[0-9]*.opendev.org
- subunit-worker[0-9]*.open*.org
- survey[0-9]*.open*.org
- translate-dev[0-9]*.open*.org
- translate[0-9]*.open*.org
- wiki-dev[0-9]*.openstack.org
- wiki[0-9]*.openstack.org
puppet4:
- afs01.dfw.openstack.org
- afs02.dfw.openstack.org
- afsdb01.openstack.org
- afsdb02.openstack.org
- ask*.open*.org
- ask-staging[0-9]*.open*.org
- cacti[0-9]*.open*.org
- eavesdrop[0-9]*.open*.org
- elasticsearch[0-9]*.open*.org
- ethercalc[0-9]*.open*.org
- firehose[0-9]*.open*.org
- health[0-9]*.openstack.org
- kdc[0-9]*.open*.org
- lists*.katacontainers.io
- lists*.open*.org
- lists-dev[0-9]*.open*.org
- logstash-worker[0-9]*.open*.org
- logstash[0-9]*.open*.org
- mirror-update[0-9]*.openstack.org
- openstackid[0-9]*.openstack.org
- openstackid-dev[0-9]*.openstack.org
- paste[0-9]*.open*.org
- pbx[0-9]*.opendev.org
- planet[0-9]*.open*.org
- refstack*.open*.org
- status*.open*.org
- storyboard[0-9]*.opendev.org
- storyboard-dev[0-9]*.opendev.org
- subunit-worker[0-9]*.open*.org
- survey[0-9]*.open*.org
- translate[0-9]*.open*.org
- translate-dev[0-9]*.open*.org
- wiki[0-9]*.openstack.org
- wiki-dev[0-9]*.openstack.org
refstack:
- refstack*.open*.org
registry:
- insecure-ci-registry[0-9]*.opendev.org
review-dev:
- review-dev[0-9]*.open*.org
review:
- review[0-9]*.open*.org
- review-test.opendev.org
static:
- static[0-9]*.opendev.org
status:
- status*.open*.org
storyboard:
- storyboard[0-9]*.opendev.org
storyboard-dev:
- storyboard-dev[0-9]*.opendev.org
subunit-worker:
- subunit-worker[0-9]*.open*.org
survey:
- survey[0-9]*.open*.org
translate-dev:
- translate-dev[0-9]*.open*.org
translate:
- translate[0-9]*.open*.org
webservers:
- ask*.open*.org
- cacti[0-9]*.open*.org
- codesearch[0-9]*.opendev.org
- eavesdrop[0-9]*.open*.org
- ethercalc[0-9]*.open*.org
- etherpad[0-9]*.open*.org
- grafana[0-9]*.opendev.org
- graphite*.opendev.org
- health[0-9]*.openstack.org
- nb[0-9]*.opendev.org
- nl[0-9]*.open*.org
- openstackid-dev*.openstack.org
- openstackid.org
- openstackid[0-9]*.openstack.org
- paste[0-9]*.open*.org
- planet[0-9]*.open*.org
- refstack*.open*.org
- static[0-9]*.opendev.org
- status*.open*.org
- storyboard-dev[0-9]*.opendev.org
- storyboard[0-9]*.opendev.org
- survey[0-9]*.open*.org
- translate-dev[0-9]*.open*.org
- translate[0-9]*.open*.org
- wiki-dev[0-9]*.openstack.org
- wiki[0-9]*.openstack.org
wiki:
- wiki[0-9]*.openstack.org
wiki-dev:
- wiki-dev[0-9]*.openstack.org
zookeeper:
- zk[0-9]*.open*.org
zuul:
- ze[0-9]*.open*.org
- zm[0-9]*.open*.org
- zuul[0-9]*.open*.org
zuul-executor:
- ze[0-9]*.open*.org
zuul-merger:
- zm[0-9]*.open*.org
zuul-preview:
- zp[0-9]*.open*.org
zuul-scheduler:
- zuul[0-9]*.open*.org
zuul-web:
- zuul[0-9]*.open*.org
View Git Blame Copy Permalink