opendev/system-config
Code Issues Proposed changes
8361ab701c
system-config/playbooks
History
Ian Wienand 8361ab701c
backups: add retirement and purge lists 
This adds a retirement and purge list to the borg management role.

The idea here is that when a backed-up host is shut-down, we add its
backup user to the retired list.  On the next ansible run the user
will be disabled on the backup-server and the backup repo marked as
retired.  On the next prune, we will trim the backup to only the last
run to save space.  This gives us a grace period to restore if we
should need to.

When we are sure we don't want the data, we can put it in the purge
list, and the backup repo is removed on the next ansible run (hosts
can go straight into this if we want).  This allows us to have a
review process/history before we purge data.

To test, we create a fake "borg-retired" user on the backup-server,
and give it a simple backup.  This is marked as retired, which is
reflected in the testinfra run of the prune script.  Similarly a
"borg-purge" user is created, and we ensure it's backup dir is
removed.

Documentation is updated.

Change-Id: I5dff0a9d35b11a1f021048a12ecddce952c0c13c
2024-11-08 22:30:49 +11:00
..
filter_plugins dns_[a|aaaa] filter; use host for lookup 2018-09-13 22:50:40 +10:00
group_vars Track our OpenMetal environment HTTPS cert expiry 2024-08-16 18:32:18 +00:00
k8s Add resources for deploying rook and xtradb to kuberenets 2019-02-05 18:52:21 +00:00
library Add inline_python module 2022-05-25 18:14:21 +00:00
module_utils/facts/system Ensure apt is used on ubuntu hosts with zypper 2018-08-20 20:45:13 +00:00
periodic Correct static known_hosts entry for goaccess jobs 2023-08-07 21:27:40 +00:00
roles backups: add retirement and purge lists 2024-11-08 22:30:49 +11:00
templates/clouds Switch Rackspace Flex authentication to project_id 2024-08-23 17:30:03 +00:00
zuul backups: add retirement and purge lists 2024-11-08 22:30:49 +11:00
apply-package-updates.yaml launch: use apt to update packages 2023-04-13 14:14:58 +10:00
base.yaml infra-prod: run job against linaro 2023-03-15 12:00:25 +11:00
bootstrap-bridge.yaml install-ansible: overhaul install ansible requirements 2022-12-06 13:27:46 +11:00
bootstrap-k8s-nodes.yaml Stop running k8s-on-openstack nested 2019-02-12 18:17:46 +00:00
gitea-rename-setup-org.yaml Restore setup-org.yaml 2019-09-18 12:40:19 -07:00
gitea-rename-tasks.yaml Use the gitea api in the gitea renaming playbook 2021-08-03 08:47:16 -07:00
install_puppet.yaml Handle moved puppet repos 2019-05-15 16:03:07 -07:00
letsencrypt.yaml Refactor adns variables 2023-03-10 09:36:01 +11:00
manage-projects.yaml Add comments to manage-projects about project-config syncing 2021-10-21 11:44:02 -07:00
nodepool_pull.yaml Add pull tasks for nodepool/zuul 2021-02-19 15:42:40 -08:00
nodepool_restart.yaml Add stop and start playbooks for nodepool 2020-06-16 15:48:47 -05:00
nodepool_start.yaml Remove nodepool builder puppetry and nb03.openstack.org 2020-09-09 15:09:43 -07:00
nodepool_stop.yaml Remove nodepool builder puppetry and nb03.openstack.org 2020-09-09 15:09:43 -07:00
remote_puppet_adhoc.yaml Clean up puppet variables and playbooks 2018-08-17 09:41:12 -05:00
remote_puppet_else.yaml Cleanup eavesdrop puppet references 2021-06-10 09:02:23 +10:00
rename_repos.yaml Move gerrit replication waiting queue aside during project renames 2024-03-06 09:25:01 -08:00
run_cloud_launcher.yaml Use zuul checkouts of ansible roles from other repos 2020-04-30 12:39:12 -05:00
run-accessbot.yaml Sync project-config before deploying accessbot 2021-07-09 23:15:52 +00:00
service-afs.yaml Refactor AFS groups 2021-02-11 13:35:16 +11:00
service-borg-backup.yaml service-borg-backup: preload backup server facts 2021-02-23 13:04:20 +11:00
service-bridge.yaml bridge: switch OSC from container to local install 2022-11-25 09:37:40 +00:00
service-codesearch.yaml encrypt-logs: turn on for all prod playbooks 2022-02-24 09:57:55 +11:00
service-dstatlogger.yaml Use dstat to record performance of system-config-run hosts 2021-02-16 14:31:30 -08:00
service-eavesdrop.yaml ptgbot: setup web interface 2021-10-06 15:39:25 +11:00
service-etherpad.yaml Make etherpad configuration more generic for multiple hosts 2023-04-05 08:36:27 -07:00
service-gitea-lb.yaml Make haproxy role more generic 2021-12-01 09:55:45 +11:00
service-gitea.yaml Use the apache-ua-filter role on Gitea servers 2020-10-16 17:45:19 +00:00
service-grafana.yaml Cleanup grafana.openstack.org 2020-10-29 07:59:42 +11:00
service-graphite.yaml Cleanup graphite01 2020-09-30 11:55:24 +10:00
service-kerberos.yaml kerberos-kdc: role to manage Kerberos KDC servers 2021-03-17 08:30:52 +11:00
service-keycloak.yaml Add a keycloak server 2021-12-03 14:17:23 -08:00
service-lists3.yaml Add a mailman3 list server 2022-11-11 23:20:19 +00:00
service-meetpad.yaml Run iptables in service playbooks instead of base 2020-06-04 07:44:22 -05:00
service-mirror-update.yaml Add kerberos-client group 2021-03-18 11:59:30 +11:00
service-mirror.yaml Add kerberos-client group 2021-03-18 11:59:30 +11:00
service-nameserver.yaml Refactor adns variables 2023-03-10 09:36:01 +11:00
service-nodepool.yaml Auto update nodepool launchers 2022-06-16 08:23:17 -07:00
service-paste.yaml Remove paste01.openstack.org 2021-07-15 23:25:10 +00:00
service-refstack.yaml refstack: cleanup old puppet 2021-03-17 07:06:53 +11:00
service-registry.yaml Run iptables in service playbooks instead of base 2020-06-04 07:44:22 -05:00
service-review.yaml Switch router addresses for review02 to global 2021-12-17 16:32:59 +01:00
service-static.yaml Add kerberos-client group 2021-03-18 11:59:30 +11:00
service-tracing.yaml Add Jaeger tracing server 2022-09-15 19:21:33 -07:00
service-zookeeper.yaml Run iptables in service playbooks instead of base 2020-06-04 07:44:22 -05:00
service-zuul-db.yaml Add a standalone zuul db server 2024-04-04 12:25:23 -07:00
service-zuul-lb.yaml Add Zuul load balancer 2022-02-10 13:24:42 -08:00
service-zuul-preview.yaml Run iptables in service playbooks instead of base 2020-06-04 07:44:22 -05:00
service-zuul.yaml Add clouds.yaml to zuul schedulers 2024-10-14 11:32:49 -07:00
set-hostnames.yaml Split eavesdrop into its own playbook 2020-04-23 14:34:28 -05:00
start-mergers-executors.yaml Update zuul-executor stop/start playbook 2020-07-17 16:18:26 -07:00
stop-mergers-executors.yaml Update zuul-executor stop/start playbook 2020-07-17 16:18:26 -07:00
sync-gitea-projects.yaml Revert "Allow gitea_create_repos always_update to be list" 2021-10-15 13:03:59 -07:00
test-borg-backup-pre.yaml backups: add retirement and purge lists 2024-11-08 22:30:49 +11:00
test-borg-backup.yaml borg-backup: implement saving a stream, use for database backups 2021-02-03 11:43:12 +11:00
test-codesearch.yaml hound: enable detect-ref 2022-02-25 17:27:35 +11:00
test-gitea.yaml Reapply "Switch Gerrit replication to a larger RSA key" 2023-12-06 09:02:17 -08:00
test-grafana.yaml grafana: take some screenshots during testing 2021-02-17 10:43:26 +11:00
test-inline-python.yaml Add inline_python module 2022-05-25 18:14:21 +00:00
test-kerberos.yaml kerberos-kdc: role to manage Kerberos KDC servers 2021-03-17 08:30:52 +11:00
test-manage-projects.yaml Don't always update gitea project descriptions 2021-03-16 13:06:16 -07:00
test-paste.yaml Remove paste01.openstack.org 2021-07-15 23:25:10 +00:00
test-update-zuul-description.yaml Abstract name of bastion host for testing path 2022-10-20 09:00:43 +11:00
unattended_upgrades.yml Rename attended_upgrades playbook to unattended_upgrades 2016-07-19 10:41:09 +02:00
update_puppet_version.yaml Fix URLs after OpenDev rename 2020-03-18 18:23:17 +01:00
zuul_pull.yaml Run zuul-launcher 2024-09-18 16:37:40 -07:00
zuul_reboot.yaml Run zuul-launcher 2024-09-18 16:37:40 -07:00
zuul_reconfigure.yaml Stub out zuul_reconfigure playbook 2018-09-14 09:17:36 -06:00
zuul_restart.yaml Rework zuul start/stop/restart playbooks for docker 2020-04-27 09:34:50 -05:00
zuul_rolling_restart.yaml Add the start of a Zuul rolling restart playbook 2022-05-25 09:48:28 -07:00
zuul_start.yaml Run zuul-launcher 2024-09-18 16:37:40 -07:00
zuul_stop.yaml Run zuul-launcher 2024-09-18 16:37:40 -07:00