Adding cache stats for port 80 requires a little refactoring to
account for the lack of a port number in the 80/tcp (default port)
proxy logs. This also slightly alters the output for the sake of
keeping the script simple.
Change-Id: I431a54445ff5bcb7f4a38bd30b73f00e4d7892f7
The GWDG mirror is heavily outdated and this is impacting the infra
mirrors. As such, lets switch to a US mirrors which is also maintained
by the openSUSE project in order to resolve the problem.
Change-Id: I62c17c8ddf2f7b900a76ce6e06030ec61dc3fd08
This reverts commit de9c7a7c6b22813f2c0d742d61f93a4d0eec9eb8.
The kernel.org mirror is outdated again so we switch to another US
mirror that seems to be up to date.
Change-Id: Iaffc1fa94ea0e01c62b38ce1870b6c40c0c8fb7b
Mirrors still contain repositories from distributions which we do not
mirror anymore. As such, lets make sure that we wipe them if necessary.
Change-Id: I35f7e1659ab4e22fb4ef6c1b5673085354df4050
Thats a minor repo, and normally entirely empty. We should
be able to ignore syncing issues and still release the rest
of the AFS store successfully.
Change-Id: I96516cb8fef6ea1bdd0cf53799202e365b46142c
We do not use pypi-mirror anymore, there's also no usage of pypimirror
in jeepyb. Remove the now obsolete module.
Related change: https://review.openstack.org/597370/
Change-Id: I13423bf55eac57da18449852e2102c9633d595bb
The continuous release centos repo allows
for early testing against pre-released rpms
and updates to minor releases. This is
quite handy when trying to prevent jobs from
going down when CentOS is updated.
https://wiki.centos.org/AdditionalResources/Repositories/CR
Related-Bug: #1788675
Closes-Bug: #1789218
Change-Id: I56e346376976f890899de0cfb47b0612fa5fbb84
We don't manage the ssl cert (or anything else) on
openstackid-resources.openstack.org. Lets stop checking when its cert
expires as it appears to have auto renewing short term cert validity
(which results in a lot of email).
Change-Id: I9f08a09d76b2862de89a6ee022ade1ac637d9aeb
We have a bunch of this handled now in ansible, so remove the old stuff.
Remove puppetmaster group management files. It's confusing for there to
be two files. Remove the old one.
Remove mqtt config. This isn't really a thing currently, and we're
eyeing running things from zuul anyway, so no need to port to ansible.
Change-Id: I8b64d21eadcc4a08bd5e5440fc5f756ae5bcd46b
The mirror that we were using seems to be out of date and not
properly updated, causing jobs to fail.
This fixes this issue by updating from the mirror from Kernel.org
which seems to stable and it has all the needed updated packages.
Change-Id: I079d9dd8a34e24b33ee35d4dad934e8ca4b60cee
Now that we've got base server stuff rewritten in ansible, remove the
old puppet versions.
Depends-On: https://review.openstack.org/588326
Change-Id: I5c82fe6fd25b9ddaa77747db377ffa7e8bf23c7b
Instead of just having bridge be disabled, make a puppet group that it's
not a part of and switch the remote_puppet_else playbook to use that.
Change-Id: Ifb96ce483fc5675d095723bda70242a425bdc619
The puppet 4 tests are passing for etherpad_lite so let's try it out for
real.
Depends-on: https://review.openstack.org/590023
Change-Id: Ia91bd3950c9f48505a3024a16300091cf42d7f69
The Cloud Master repository contains the packages for the development
cycle so we should mirror that in order to minimize our dependency to
external resources. This brings openSUSE closer to the rest of the
distros which use the bleeding edge repositories for the CI.
Change-Id: Id087b0712887061bbc30187534820858b0c99a19
We want to launch a new bastion host to run ansible on. Because we're
working on the transition to ansible, it seems like being able to do
that without needing puppet would be nice. This gets user management,
base repo setup and whatnot installed. It doesn't remove them from the
existing puppet, nor does it change the way we're calling anything that
currently exists.
Add bridge.openstack.org to the disabled group so that we don't try to
run puppet on it.
Change-Id: I3165423753009c639d9d2e2ed7d9adbe70360932
Although a few issues have been uncovered for askbot on Xenial or in
testing scenarios with SSL parameters, those shouldn't affect the
production trusty nodes, so flip the switch for ask-staging.
Change-Id: I5603fae2ea7bb67d233939323fa38816cd5aa016
This patch adds groups.o.o to the futureparser ansible group to have
ansible set parser = future in its puppet.conf.
Change-Id: I5a59f5855c42372cd16682ea7cb859c0ed38fa1d
This patch adds groups-dev to the futureparser ansible group to have
ansible set parser = future in its puppet.conf.
Change-Id: Ide789a7f5751714adb913ebc50e965f21f09bc48
Depends-On: https://review.openstack.org/584341
This change will configure puppet.conf with parser = future to turn on
the future parser with puppet 3 on review-dev.openstack.org without
upgrading puppet.
Change-Id: I36833385b94ba37823abe59936ccc11a98f36f52
We have new domains hosted as vhosts on git.openstack.org. Add
certchecks for them. Also add zuul-ci.org.
Change-Id: I462d8464707d6427b4d88528a7914e03f184a89b
As a follow-on to Ic33bca431ae19b44e5bc2938de425cc68785b331
... (reprepro configuration really is quite inscrutable outside "try
it and see if it works")
The update is just called "debian-security", no codename.
We want to use the debian-security key to validate the gpg signatures,
update that.
Use the "updates" suite, which seems to be where debian-security is
Add the symlink for mirror
Change-Id: Ice2a06f4274cdad766f427df70d9fe3e92f62e8c
The mirror was put in place for OpenStack Ansible however the project
is not consuming it anymore. In the parent change of this commit, the
addition of a reverse proxy cache will be used instead in the project
and it will allow usage across all distributions.
Change-Id: I30bd6b658d87abc765b5caee5003e387981850b4
As a follow-on to Id918597aecc5114791811c7f30b6109da6a8d0af, re-add
the debian-security mirror. We have problems with transparent caches
getting to http://security.debian.org, and it doesn't have https, so
we really need this cached locally for reliable operation.
This adds debian-security as a separate mirror due to the conflicts we
saw in the prior change.
The keys are updated for stretch (check against
https://ftp-master.debian.org/keys.html)
Change-Id: Ic33bca431ae19b44e5bc2938de425cc68785b331
Change I76b1099bf0cf3bfead17f96e456cdce87d0e8a49 altered the name of
the inventory script, so reflect that in the corresponding
subprocess call in launch-node.py and a comment in the
expand-groups.sh script.
Change-Id: I4c2c762716813b5d59dcc1b623f5988c8aa7d490
This is a first step in exposing cache hits and misses statistics. This
will grab raw numbers that we can publish or do other crunching on.
Change-Id: Id306f4cc71f48a7ced49fdba8824b533b78e0561
By default this sends out each stat in a single UDP packet. I found
with the AFS monitoring, blasting these out in very quick succession
can result in stats getting lost fairly easily.
statsd's pipelines are really designed for this. It batches up all
the stats and then sends them out combined in reasonable MTU sized
chunks.
Change-Id: Ife520d549da3a1a667be15e95a747e313825ac20
Ceph Mimic is now release and the official mirror
is available. This adds the Ceph Mimic mirror so we
sync the version for Stretch, Xenial and Bionic.
Change-Id: Id358d657b6d1daed3bc72447fa94aef198928e50
This repo isn't available for the new 15 release. As we're migrating
away from 42.3 just remove the repo so the mirroring works.
Change-Id: I2f5877f6b179cacfdf3c05aa7d00a6e7652d596d
We should only clone packages from the distributions we are interested
in instead of everything that's being published by OBS. This also adds
support for mirroring packages for the latest openSUSE Leap release
(15.0)
Change-Id: Ie7cf6b4bdc8d92e95131b899433527cfea8a4b2a
