On Sep 26, 2011, at 10:55 AM, Kevin Fenzi <kevin@xxxxxxxxx> wrote: > I'd like to setup a ask01 production instance this week. > > This entails adding it to dns, etc. Almost all of the changes don't > affect our freeze, except one: I have to add the host to the phx > service file, which affects frozen hosts. > > Here's the commit (along with new files under modules/askbot/ and a new > node under manifests/nodes/ask01.phx2.fedoraproject.org.pp). > > comments welcome. > > kevin > -- > diff --git a/manifests/services/phx.pp b/manifests/services/phx.pp > index 73aeb11..1fd24cd 100644 > --- a/manifests/services/phx.pp > +++ b/manifests/services/phx.pp > @@ -154,6 +154,12 @@ class phx { > host_aliases => ['git', 'svn.fedoraproject.org', 'svn', 'hg.fedoraproject.org', 'hg'], > ensure => absent, > } > + host { 'ask01.fedoraproject.org': > + ip => '10.5.126.79', > + host_aliases => [ > + 'ask01', > + ] > + } > # we have gateway.phx2.fedoraproject.org now. > #host { 'gateway.fedoraproject.org': > # ip => '10.8.34.50', > diff --git a/manifests/services/proxy.pp b/manifests/services/proxy.pp > index b397bf5..bc8a591 100644 > --- a/manifests/services/proxy.pp > +++ b/manifests/services/proxy.pp > @@ -345,6 +345,11 @@ class proxy { > cert_name => "wildcard.fedoraproject.org", > sSLCertificateChainFile => "wildcard.fedoraproject.org.intermediate.cert", > } > + httpd::website { "ask.fedoraproject.org": > + ips => $wildcard_fpo_ips, > + server_aliases => [ "ask.stg.fedoraproject.org" ], > + ssl => false, > + } > > httpd::mime-type { "site icon": > website => "fedoraproject.org", > @@ -352,6 +357,12 @@ class proxy { > extensions => [ ".ico" ], > } > > + askbot::proxy { "ask.fedoraproject.org": > + website => "ask.fedoraproject.org", > + path => "/", > + proxyurl => "http://ask01", > + } > + > fedora-web::proxy { "fedoraproject.org": > website => "fedoraproject.org", > } > diff --git a/modules/bind/files/master/126.5.10.in-addr.arpa b/modules/bind/files/master/126.5.10.in-addr.arpa > index a7c1bb2..12dc200 100644 > --- a/modules/bind/files/master/126.5.10.in-addr.arpa > +++ b/modules/bind/files/master/126.5.10.in-addr.arpa > @@ -2,7 +2,7 @@ $TTL 86400 > @ IN SOA 126.5.10.in-addr.arpa. hostmaster.fedoraproject.org. ( > ; Make SURE to update the serial # when changes are made. Format is YYYYMMDDNN > ; (NN is just a counter to handle multiple changes in one day). > - 2011092202 ; Serial > + 2011092301 ; Serial > 28800 ; Refresh > 14400 ; Retry > 1000000 ; Expire > @@ -82,7 +82,7 @@ $TTL 86400 > 76 IN PTR db05.phx2.fedoraproject.org. > 77 IN PTR unused. > 78 IN PTR unused. > -79 IN PTR unused. > +79 IN PTR ask01.phx2.fedoraproject.org. > 80 IN PTR ask01.stg.phx2.fedoraproject.org. > 81 IN PTR app01.stg.phx2.fedoraproject.org. > 82 IN PTR app02.stg.phx2.fedoraproject.org. > diff --git a/modules/bind/files/master/168.192.in-addr.arpa b/modules/bind/files/master/168.192.in-addr.arpa > index 436bb70..adacffa 100644 > --- a/modules/bind/files/master/168.192.in-addr.arpa > +++ b/modules/bind/files/master/168.192.in-addr.arpa > @@ -2,7 +2,7 @@ $TTL 86400 > @ IN SOA 168.192.in-addr.arpa. hostmaster.fedoraproject.org. ( > ; Make SURE to update the serial # when changes are made. Format is YYYYMMDDNN > ; (NN is just a counter to handle multiple changes in one day). > - 2011092201 ; Serial > + 2011092301 ; Serial > 3600 ; Refresh > 600 ; Retry > 1000000 ; Expire > @@ -62,9 +62,9 @@ $TTL 86400 > 48.1 IN PTR bodhost01.vpn.fedoraproject.org. > 49.1 IN PTR fas03.vpn.fedoraproject.org. > 50.1 IN PTR unused. > -51.1 IN PTR unused. > +51.1 IN PTR ask01.vpn.fedoraproject.org. > 52.1 IN PTR proxy07.vpn.fedoraproject.org. > -53.1 IN PTR unused. > +53.1 IN PTR db04.vpn.fedoraproject.org. > 54.1 IN PTR memcached03.vpn.fedoraproject.org. > 55.1 IN PTR db05.vpn.fedoraproject.org. > 56.1 IN PTR log02.vpn.fedoraproject.org. > diff --git a/modules/bind/files/master/fedoraproject.org b/modules/bind/files/master/fedoraproject.org > index 5602c6c..f4c1b95 100644 > --- a/modules/bind/files/master/fedoraproject.org > +++ b/modules/bind/files/master/fedoraproject.org > @@ -1,6 +1,6 @@ > $TTL 3600 > @ IN SOA ns01.fedoraproject.org. hostmaster.fedoraproject.org. ( > - 2011092202 ; Serial > + 2011092301 ; Serial > 1H ; refresh > 10M ; retry > 4W ; expire > @@ -78,6 +78,7 @@ app6 IN CNAME app06 > archive IN CNAME secondary01 > archives IN CNAME secondary01 > astronomy IN CNAME wildcard > +ask IN CNAME wildcard > ask.stg IN A 209.132.181.14 > autoqa IN A 209.132.181.29 > autoqa-stg IN A 209.132.181.9 > diff --git a/modules/bind/files/master/phx2.fedoraproject.org b/modules/bind/files/master/phx2.fedoraproject.org > index 07f35f0..03ed2d5 100644 > --- a/modules/bind/files/master/phx2.fedoraproject.org > +++ b/modules/bind/files/master/phx2.fedoraproject.org > @@ -11,6 +11,7 @@ $TTL 3600 > @ IN NS ns03.phx2.fedoraproject.org. > @ IN NS ns04.phx2.fedoraproject.org. > > +ask01 IN A 10.5.126.79 > ask01.stg IN A 10.5.126.80 > app01 IN A 10.5.126.31 > app1 IN CNAME app01 > diff --git a/modules/bind/files/master/vpn.fedoraproject.org b/modules/bind/files/master/vpn.fedoraproject.org > index ca11118..202e36e 100644 > --- a/modules/bind/files/master/vpn.fedoraproject.org > +++ b/modules/bind/files/master/vpn.fedoraproject.org > @@ -27,6 +27,7 @@ app06 IN A 192.168.1.24 > app6 IN CNAME app06 > app07 IN A 192.168.1.23 > app7 IN CNAME app07 > +ask01 IN A 192.168.1.51 > asterisk01 IN A 192.168.1.34 > asterisk1 IN CNAME asterisk01 > asterisk02 IN A 192.168.1.36 > @@ -47,10 +48,10 @@ collab01 IN A 192.168.1.21 > collab1 IN CNAME collab01 > collab02 IN A 192.168.1.37 > collab2 IN CNAME collab02 > -cstore01 IN A 192.168.1.50 > -cstore1 IN CNAME cstore01 > -cstore02 IN A 192.168.1.51 > -cstore2 IN CNAME cstore02 > +;cstore01 IN A 192.168.1.50 > +;cstore1 IN CNAME cstore01 > +;cstore02 IN A 192.168.1.51 > +;cstore2 IN CNAME cstore02 > db01 IN A 192.168.1.18 > ;db02 IN A 192.168.1.19 > ;db2 IN CNAME db02 > _______________________________________________ > infrastructure mailing list > infrastructure@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/infrastructure +1, looks good to me. Just make sure the dns serial is still something higher than current since the 23rd is a few days back. Oh and it looks like you forgot to bump it in the .phx and .vpn zonefiles. -re _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure