System configuration for the OpenDev Collaboratory
670107045a
This impelements mirrors to live in the opendev.org namespace. The implementation is Ansible native for deployment on a Bionic node. The hostname prefix remains the same (mirrorXX.region.provider.) but the groups.yaml splits the opendev.org mirrors into a separate group. The matches in the puppet group are also updated so to not run puppet on the hosts. The kerberos and openafs client parts do not need any updating and works on the Bionic host. The hosts are setup to provision certificates for themselves from letsencrypt. Note we've added a new handler for mirror nodes to use that restarts apache on certificate issue/renewal. The new "mirror" role is a port of the existing puppet mirror.pp. It installs apache, sets up some modules, makes some symlinks, sets up a cleanup cron job and installs the apache vhost configuration. The vhost configuration is also ported from the extant puppet. It is simplified somewhat; but the biggest change is that we have extracted the main port 80 configuration into a macro which is applied to both port 80 and 443; i.e. the host will have SSL support. The other ports are left alone for now, but can be updated in due course. Thus we should be able to CNAME the existing mirrors to new nodes, and any existing http access can continue. We can update our mirror setup scripts to point to https resources as appropriate. Change-Id: Iec576d631dd5b02f6b9fb445ee600be060f9cf1e |
||
|---|---|---|
| doc | ||
| docker | ||
| hiera | ||
| inventory | ||
| kubernetes | ||
| launch | ||
| manifests | ||
| modules/openstack_project | ||
| playbooks | ||
| roles | ||
| roles-test | ||
| testinfra | ||
| tools | ||
| .gitignore | ||
| .gitreview | ||
| .zuul.yaml | ||
| bindep.txt | ||
| COPYING.GPL | ||
| Gemfile | ||
| install_modules.sh | ||
| install_puppet.sh | ||
| make_swap.sh | ||
| modules.env | ||
| mount_volume.sh | ||
| Rakefile | ||
| README.rst | ||
| roles.yaml | ||
| run_all.sh | ||
| run_cloud_launcher.sh | ||
| run_k8s_ansible.sh | ||
| run_puppet.sh | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
Puppet Modules
These are a set of puppet manifests and modules that are currently being used to manage the OpenStack Project infrastructure.
The main entry point is in manifests/site.pp.
In general, most of the modules here are designed to be able to be run either in agent or apply mode.
These puppet modules require puppet 2.7 or greater. Additionally, the site.pp manifest assumes the existence of hiera.
See http://docs.openstack.org/infra/system-config for more information.
Documentation
The documentation presented at http://docs.openstack.org/infra/system-config comes from https://opendev.org/opendev/system-config repo's docs/source. To build the documentation use
tox -evenv python setup.py build_sphinx