This is a catch all to get CI working again. In some cases, like
ansible-lint we will just ignore the warnings for now, and loop back to
clean them up.
Change-Id: I3e09f8c2b470062634d981f2667b913820c58f7f
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Depends on ansible-role-boto3 to install and configure the lib.
Depends-On: Id2cd819def3e83f92fcd8126a74aa19690dcf4c8
Change-Id: If66d975dedac16ba46522ab8183a7d6cff35d3d3
Continue with the change from openstack to opendev for hosting.
Change-Id: I6d3ead6a49c3460484b18f672ead0022e1dc2858
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Validate nginx service is running and also collect some logs.
Change-Id: I3d3daf0344d978cf72ea171e84e3f1439725d990
Depends-On: https://review.openstack.org/648850
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We seem to be leaking old files when removed from git.
Change-Id: Ifb380d22b8300cd40f8fbcf92fcc68256d158d69
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This is for when we move our zookeeper information into secure.conf.
Change-Id: Ic68661933edd0738118c58c6a6c38e1c4afb0a04
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
As we try to run a windmill in zuul, it doesn't make sense to also run
our testing roles. For now, we can move these into our prove playbook,
however long term I think we want to move to testinfra. Then people can
decide to also run testinfra against their production control plane.
Change-Id: I783e2e3b5f6fba224d761446c66aa9a58ecec9ca
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We didn't look in the right directory, if nodepool was installed into
something other then /opt/venv/nodepool.
Change-Id: Id06e2a807e4a798c9fefd552882e66ba74e242db
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Since the statsd client only support a single server, we have to use the
first server in the statsd group.
Change-Id: Iebc7a89e7ce7fcb8d30208dd55a7013007cadf93
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This has moved into windmill-config repo.
Change-Id: Ica10636cf6f5cf20c2a620b2e13a22222e03b9cc
Depends-On: https://review.openstack.org/643948
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This really isn't needed for production deployments, it is more to make
sure our testing in the gate is happy.
Change-Id: Ic8e367892fbb54a57d9864e9cdb8579783a5d83f
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Currently, we only need to give nodepool-builder sudoers access, so move
the code into that play only.
Change-Id: I0a39c8ec476e89c11bc758f000b89267d37183e3
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Like we did with zuul, we also need to do for nodepool.
Change-Id: Id065a1e56484973e9dd9e7cee1026639abbd7c68
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We cannot expect users to use /opt/venv/zuul by default, instead use
zuul_pip_virtualenv setting.
Change-Id: I7ab71ed89248796936ae129c6da92eced9730108
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Now that we allow users to set zuul service state to false, don't try to
validate services are enabled.
Change-Id: Id7e4cde03f1148761c0fe16937e286fdfd446ca2
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
It is possible, you don't want to run windmill on a specific host.
Rather then removing the host from the inventory file, you can now place
it in the disabled inventory group and our playbooks will skip it.
This logic is used by the opendev team when running ansible-playbooks
against their control plane.
Change-Id: I717fc4b951c16c5df6286bfe13f0fe5701cf7abb
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This is because the openstack.ssh role uses False with when statements,
otherwise we get errors with these keys are missing.
Change-Id: Iad35362b0c7f5d5862f17a919e23a8e291560c7d
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
It is possible a user wants to update known_hosts for zuul-connections.
Change-Id: Ia74e1cccda7deb395eb71ef647c7dd3464d6e579
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This group will be used to manage SSH keys needed for github / gerrit
connections.
Change-Id: I17364e75e107cfb1bbe8fed7c3f0fff6c0eb5771
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Our zuul-web nodes will actually require nginx to help serve the static
content from zuul.
Change-Id: I6afaa78968fef59286412c7410a26605d3c971a3
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Because we us a single VM for all-in-one testing, switch to forks to
ensure we only run 1 task at a time.
Change-Id: Ia933ec0efc6d04ac02300f3d82faf26cd583d1d1
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Based on how our inventory file is defined now, we can rework the
playbook process here and save some time.
Change-Id: I0852b3cd6b49c7ac57e1db2c1f3114d563515d84
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We don't actually need different plays for these servers, we can just
group them differently. This should save some time off job runs.
Change-Id: I5e7763e7b406569ed39f6bdd0e381eee1eaabee3
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This adds and enabled strict yamllinting on our playbooks / roles.
Change-Id: Ie66ab53c7d6ed4dee1d18a30bdadd9c679549d47
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We no longer support ubuntu-xenial, so we can remove this package repo.
Change-Id: I2b06e281fce4bf91f5aa78f7f280e1fce9a72c33
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Again, if statsd group doesn't have any hosts, don't enable it for our
services.
Change-Id: Ideea60580b37365c006d344ef8d8d2286181f0bf
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We can move this logic into the role now.
Change-Id: I7bcc2b700a3d06ce662dc5a7fb3c938657a7fbf1
Depends-On: https://review.openstack.org/623532
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
There is no need to do this in both groups, we can move up to the
top-level nodepool one.
Change-Id: I038062eb2409bacfb3e25a69eaa8f1b27c75665f
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
For example, zookeeper nodes don't actually need to install the
virtualenv role because zookeeper is java.
Change-Id: I71318029fb558a7087cc2f8db625b48592615ad4
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
It is possible a user doesn't want to install statsd, if so don't setup
systemd to use it.
Change-Id: I99c2995069ee70dfa1c24c5a4fb5e93c128e6313
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Bionic has been working for some time, lets switch to using it.
Change-Id: I33ee5e113bcd08da4216ca4880af480c0912272b
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Nodepool no longer depends on shade. It has been updated to use
openstacksdk.
Change-Id: I0b3b021eebd31e5fb176da95f6726ffbe2f5d625
Depends-On: https://review.openstack.org/588413
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Make site.yaml much simpler, incase somebody wants to use
nodepool.yaml or zuul.yaml directly.
Change-Id: I4337c962f7cb9353a73bc598c4b29d33f3fa828c
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Geard logging configuration is not enabled by default. This results in
geard floods /var/log/messages with debug info.
Change 568234 provides default geard logging configuration file. With
this change this configuration is being enabled.
Also collect additional logs for gear.
Depends-On: https://review.openstack.org/568234/
Change-Id: I0bfdb398dd806ec92f15eaff67ca5f8251ec193f
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Both services will launch external applications, but because we didn't
properly include the $PATH to each virtualenv, we had to create
symlinks (we missed ansible-playbook).
We can properly fix this by setting up the PATH variable in our
systemd unit file override.
Change-Id: Ice32334a75c6e7f3bc996e11ac7f4fd73844388e
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
It's possible we want to install things like ssh keys or clouds.yaml
files into nodepool / zuul hosts before even starting the installation
process. This is mostly to workaround issues where nodepool / zuul
will fail to start properly if they are missing.
Change-Id: Ieada13b11678147e9a556f7e76ea17a53bff1010
Signed-off-by: Paul Belanger <pabelanger@redhat.com>