opendev/system-config
Code Issues Proposed changes
cef46d70ac
system-config/playbooks/zuul/run-base.yaml
Clark Boylan eb22e01f31 Add support for multiple jvbs behind meetpad 
The jitsi video bridge (jvb) appears to be the main component we'll need
to scale up to handle more users on meetpad. Start preliminary
ansiblification of scale out jvb hosts.

Note this requires each new jvb to run on a separate host as the jvb
docker images seem to rely on $HOSTNAME to uniquely identify each jvb.

Change-Id: If6d055b6ec163d4a9d912bee9a9912f5a7b58125
2020-05-20 13:41:30 -07:00

125 lines
5.0 KiB
YAML
Raw Blame History

- import_playbook: ../install-ansible.yaml
vars:
root_rsa_key: "{{ lookup('file', zuul.executor.work_root + '/' + zuul.build + '_id_rsa') }}"
ansible_cron_disable_job: true
cloud_launcher_disable_job: true
- hosts: bridge.openstack.org
become: true
tasks:
- name: Write inventory on bridge
include_role:
name: write-inventory
vars:
write_inventory_dest: /etc/ansible/hosts/inventory.yaml
write_inventory_exclude_hostvars:
- ansible_user
- ansible_python_interpreter
write_inventory_additional_hostvars:
public_v4: nodepool.public_ipv4
public_v6: nodepool.public_ipv6
- name: Add groups config for test nodes
template:
src: "templates/gate-groups.yaml.j2"
dest: "/etc/ansible/hosts/gate-groups.yaml"
- name: Update ansible.cfg to use job inventory
ini_file:
path: /etc/ansible/ansible.cfg
section: defaults
option: inventory
value: /etc/ansible/hosts/inventory.yaml,/etc/ansible/hosts/groups.yaml,/etc/ansible/hosts/gate-groups.yaml
- name: Make host_vars directory
file:
path: "/etc/ansible/hosts/host_vars"
state: directory
- name: Make group_vars directory
file:
path: "/etc/ansible/hosts/group_vars"
state: directory
- name: Write hostvars files
vars:
bastion_ipv4: "{{ nodepool['public_ipv4'] }}"
bastion_ipv6: "{{ nodepool['public_ipv6'] }}"
bastion_public_key: "{{ lookup('file', zuul.executor.work_root + '/' + zuul.build + '_id_rsa.pub') }}"
iptables_test_public_tcp_ports: [19885]
template:
src: "templates/{{ item }}.j2"
dest: "/etc/ansible/hosts/{{ item }}"
loop:
- group_vars/all.yaml
- group_vars/adns.yaml
- group_vars/eavesdrop.yaml
- group_vars/nodepool.yaml
- group_vars/ns.yaml
- group_vars/registry.yaml
- group_vars/gitea.yaml
- group_vars/gitea-lb.yaml
- group_vars/letsencrypt.yaml
- group_vars/meetpad.yaml
- group_vars/jvb.yaml
- group_vars/nodepool-launcher.yaml
- group_vars/registry.yaml
- group_vars/review.yaml
- group_vars/review-dev.yaml
- group_vars/control-plane-clouds.yaml
- group_vars/afs-client.yaml
- group_vars/zuul.yaml
- group_vars/zuul-executor.yaml
- group_vars/zuul-merger.yaml
- group_vars/zuul-scheduler.yaml
- group_vars/zuul-web.yaml
- host_vars/bridge.openstack.org.yaml
- host_vars/etherpad01.opendev.org.yaml
- host_vars/letsencrypt01.opendev.org.yaml
- host_vars/letsencrypt02.opendev.org.yaml
- host_vars/lists.openstack.org.yaml
- host_vars/gitea99.opendev.org.yaml
- host_vars/mirror01.openafs.provider.opendev.org.yaml
- host_vars/mirror02.openafs.provider.opendev.org.yaml
- host_vars/mirror-update01.opendev.org.yaml
- host_vars/backup-test01.opendev.org.yaml
- host_vars/backup-test02.opendev.org.yaml
- name: Display group membership
command: ansible localhost -m debug -a 'var=groups'
# In prod, bridge installs a zuul user, but in zuul we already have a zuul user, so we really need
# to not modify it.
- name: Load bridge hostvars
slurp:
path: /home/zuul/src/opendev.org/opendev/system-config/playbooks/host_vars/bridge.openstack.org.yaml
register: bridge_hostvar_content
- name: Parse bridge_hostvars
set_fact:
bridge_hostvars: "{{ bridge_hostvar_content.content | b64decode | from_yaml }}"
- name: Overwrite extra_users
vars:
new_config:
extra_users: []
set_fact:
bridge_hostvars: "{{ bridge_hostvars | combine(new_config) }}"
- name: Save bridge hostvars
copy:
content: "{{ bridge_hostvars | to_nice_yaml }}"
dest: /home/zuul/src/opendev.org/opendev/system-config/playbooks/host_vars/bridge.openstack.org.yaml
become: true
- name: Run base.yaml
command: ansible-playbook -f 50 -v /home/zuul/src/opendev.org/opendev/system-config/playbooks/base.yaml
- name: Run bridge service playbook
command: ansible-playbook -v /home/zuul/src/opendev.org/opendev/system-config/playbooks/service-bridge.yaml
- name: Run playbook
when: run_playbooks is defined
loop: "{{ run_playbooks }}"
command: "ansible-playbook -f 50 -v /home/zuul/src/opendev.org/opendev/system-config/{{ item }}"
- name: Run test playbook
when: run_test_playbook is defined
shell: "ANSIBLE_ROLES_PATH=/home/zuul/src/opendev.org/opendev/system-config/playbooks/roles ansible-playbook -v /home/zuul/src/opendev.org/opendev/system-config/{{ run_test_playbook }}"
- name: Run testinfra to validate configuration
include_role:
name: tox
vars:
tox_envlist: testinfra
# This allows us to run from external projects (like testinfra
# itself)
zuul_work_dir: src/opendev.org/opendev/system-config
View Git Blame Copy Permalink