fedimg ansible files, take 2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hey squad,

First, apologies to the list, since I sent the initial draft of this patch to the internal Red Hat fedora-eng list when it should have gone here. My bad.

Fixed up the Fedimg ansible files as per threebean's suggestions and gracious assistance. The patch is attached. If a pair or two of eyes wouldn't mind checking it out, that'd be swell. Got the +1 from threebean in IRC, at least at a glance.

I'm working out some boot issues with a couple image types in EC2 right now, so if this is plugged in as things are now, some image uploads will invariably fail, so perhaps we want to wait on launching this until I have better results with AMI booting.

If things look good, I can send threebean the creds/variables that would be needed for the config setup, since I'm not in sysadmin-main.

Thanks!
-- oddshocks
From 88963c6ff0fe12f12b7eef8babef3050c894ea93 Mon Sep 17 00:00:00 2001
From: David Gay <oddshocks@xxxxxxxxxx>
Date: Mon, 15 Sep 2014 12:47:29 -0700
Subject: [PATCH] fedimg ansible files, take 2

add a fedimg.cfg template

add comment about unused config vars

need check for denyhosts and fas_client needs to be before nagios_client

maybe this template setup is proper?

fedmsg.d/ template

fedimg.cfg should be owned by fedmsg and have more strict perms
---
 playbooks/groups/fedimg.yml               | 15 ++++++---
 roles/fedimg/tasks/main.yml               | 25 ++++++++++++++
 roles/fedimg/templates/fedimg.cfg         | 54 +++++++++++++++++++++++++++++++
 roles/fedimg/templates/fedmsg.d/fedimg.py | 24 ++++++++++++++
 4 files changed, 114 insertions(+), 4 deletions(-)
 create mode 100644 roles/fedimg/tasks/main.yml
 create mode 100644 roles/fedimg/templates/fedimg.cfg
 create mode 100644 roles/fedimg/templates/fedmsg.d/fedimg.py

diff --git a/playbooks/groups/fedimg.yml b/playbooks/groups/fedimg.yml
index 03e7079..bde0ee7 100644
--- a/playbooks/groups/fedimg.yml
+++ b/playbooks/groups/fedimg.yml
@@ -1,3 +1,6 @@
+# create a new fedimg server
+# NOTE: make sure there is room/space for this server on the vmhost
+
 - name: make fedimg server
   hosts: fedimg;fedimg-stg
   user: root
@@ -36,6 +39,10 @@
   - collectd/base
   - fedmsg/base
   - sudo
+  # The proxies don't actually need to talk to these hosts so we won't bother
+  # putting them on the vpn.
+  #- { role: openvpn/client,
+  #    when: env != "staging" }
 
   tasks:
   - include: "{{ tasks }}/yumrepos.yml"
@@ -53,14 +60,14 @@
 
   roles:
   - fedmsg/hub
-  #- fedimg
-  #- role: collectd/fedmsg-service
-  #  process: fedmsg-hub
+  - fedimg
+  - role: collectd/fedmsg-service
+    process: fedmsg-hub
 
   vars_files: 
    - /srv/web/infra/ansible/vars/global.yml
    - "{{ private }}/vars.yml"
-   - "{{ vars_path }}/{{ ansible_distribution }}.yml"
+   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
 
   handlers:
   - include: "{{ handlers }}/restart_services.yml"
diff --git a/roles/fedimg/tasks/main.yml b/roles/fedimg/tasks/main.yml
new file mode 100644
index 0000000..ee40fd8
--- /dev/null
+++ b/roles/fedimg/tasks/main.yml
@@ -0,0 +1,25 @@
+---
+# Configuration for the notifications consumer
+
+- name: install needed packages
+  yum: pkg={{ item }} state=installed
+  with_items:
+  - koji
+  - fedmsg
+  - python-paramiko
+  - python-libcloud
+  - python-fedimg
+
+- name: copy base configuration
+  template: >
+    src=fedimg.cfg dest=/etc/fedimg.cfg
+    owner=fedmsg group=fedmsg mode=0700
+  notify:
+  - restart fedmsg-hub
+
+- name: copy koji fedmsg consumer
+  template: >
+    src=fedmsg.d/fedimg.py dest=/etc/fedmsg.d/fedimg.py
+    owner=fedmsg group=fedmsg mode=0600
+  notify:
+  - restart fedmsg-hub
diff --git a/roles/fedimg/templates/fedimg.cfg b/roles/fedimg/templates/fedimg.cfg
new file mode 100644
index 0000000..05b83d8
--- /dev/null
+++ b/roles/fedimg/templates/fedimg.cfg
@@ -0,0 +1,54 @@
+[koji]
+{% if env == 'staging' %}
+server = https://koji.stg.fedoraproject.org/kojihub
+# The two adjacent slashes in the below URL are _not_ a typo.
+base_task_url = https://kojipkgs.stg.fedoraproject.org//work/tasks
+{% else %}
+server = https://koji.fedoraproject.org/kojihub
+# The two adjacent slashes in the below URL are _not_ a typo.
+base_task_url = https://kojipkgs.fedoraproject.org//work/tasks
+{% endif %}
+
+[aws]
+util_username = {{aws_util_username}}
+test_username = {{aws_test_username}}
+access_id = {{aws_access_id}}
+secret_key = {{aws_secret_key}}
+iam_profile = {{aws_iam_profile}}
+keyname = {{aws_keyname}}
+keypath = {{aws_keypath}}
+pubkeypath = {{aws_pubkeypath}}
+test = /bin/true
+amis = ap-northeast-1|RHEL|6.5|x86_64|ami-e7aee0e6|aki-176bf516
+       ap-southeast-1|RHEL|6.5|x86_64|ami-c683df94|aki-503e7402
+       ap-southeast-2|RHEL|6.5|x86_64|ami-41ra8f7b|aki-c362fff9
+       eu-west-1|RHEL|6.5|x86_64|ami-81f23cf6|aki-52a34525
+       sa-east-1|RHEL|6.5|x86_64|ami-b7ec43aa|aki-5553f448
+       us-east-1|RHEL|6.5|x86_64|ami-be6a98d6|aki-919dcaf8
+       us-west-1|RHEL|6.5|x86_64|ami-fc393eb9|aki-880531cd
+       us-west-2|RHEL|6.5|x86_64|ami-79daa849|aki-fc8f11cc
+       ap-northeast-1|RHEL|6.5|i386|ami-c7bff1c6|aki-136bf512
+       ap-southeast-1|RHEL|6.5|i386|ami-9eb8e4cc|aki-ae3973fc
+       ap-southeast-2|RHEL|6.5|i386|ami-87f194bd|aki-cd62fff7
+       eu-west-1|RHEL|6.5|i386|ami-7101cf06|aki-68a3451f
+       sa-east-1|RHEL|6.5|i386|ami-e9e847f4|aki-5b53f446
+       us-east-1|RHEL|6.5|i386|ami-acac51c4|aki-8f9dcae6
+       us-west-1|RHEL|6.5|i386|ami-eacfc8af|aki-8e0531cb
+       us-west-2|RHEL|6.5|i386|ami-25cab815|aki-f08f11c0
+
+# none of the stuff below this line is used right now,
+# so these placeholders can stay
+
+[rackspace]
+username = someuser
+api_key = secretk3y
+
+[gce]
+email = someacct@xxxxxxxxxxxx
+keypath = /path/to/pem/file
+project_id = someprojectid
+
+[hp]
+username = aperson
+password = somecoolpassword
+tenant = theprojectname
diff --git a/roles/fedimg/templates/fedmsg.d/fedimg.py b/roles/fedimg/templates/fedmsg.d/fedimg.py
new file mode 100644
index 0000000..2b4c6a6
--- /dev/null
+++ b/roles/fedimg/templates/fedmsg.d/fedimg.py
@@ -0,0 +1,24 @@
+# This file is part of fedimg.
+# Copyright (C) 2014 Red Hat, Inc.
+#
+# fedimg is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# fedimg is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public
+# License along with fedimg; if not, see http://www.gnu.org/licenses,
+# or write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+#
+# Authors:  David Gay <dgay@xxxxxxxxxx>
+#
+
+config = dict(
+    kojiconsumer=True,
+)
-- 
1.9.3


_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux