unless this works, I guess I need to attach the patch.
---
inventory/group_vars/dns | 4 ++++
inventory/host_vars/ns02.fedoraproject.org | 16 ++++++++++++++++
inventory/host_vars/ns03.phx2.fedoraproject.org | 15 +++++++++++++++
inventory/host_vars/ns04.phx2.fedoraproject.org | 15 +++++++++++++++
inventory/host_vars/ns05.fedoraproject.org | 15 +++++++++++++++
5 files changed, 65 insertions(+)
diff --git a/inventory/group_vars/dns b/inventory/group_vars/dns
index 17da9d0..db01b32 100644
--- a/inventory/group_vars/dns
+++ b/inventory/group_vars/dns
@@ -16,3 +16,7 @@ nrpe_procs_warn: 300
nrpe_procs_crit: 500
sudoers: "{{ private }}/files/sudo/sysadmin-dns"
+
+csi_security_category: High
+csi_primary_contact: Fedora Admins - admin@xxxxxxxxxxxxxxxxx
+csi_purpose: Domain Name Service
diff --git a/inventory/host_vars/ns02.fedoraproject.org
b/inventory/host_vars/ns02.fedoraproject.org
index ec29b7e..ffc9479 100644
--- a/inventory/host_vars/ns02.fedoraproject.org
+++ b/inventory/host_vars/ns02.fedoraproject.org
@@ -15,3 +15,19 @@ datacenter: ibiblio
ks_url: http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
ks_repo: http://209.132.181.6/repo/rhel/RHEL7-x86_64/
+
+
+csi_relationship: |
+
+ ns02 is a master dns server.
+ It serves about every domain under fedoraproject, fedo*, as well
as others, both forward and reverse.
+
+ * This host relies on:
+ - The virthost it's hosted on (ibiblio03.fedoraproject.org)
+ - batcave for dns git and keys
+ - connectivity to maxmind to create geoIP dns acl
+
+ * Things that rely on this host:
+ - The Internet/Community to resolve everything related to fedora
and reverse-IP for allocated subnets
+ - If this host is down, dns queries will slow down by the portion
of this host to the total name servers responsible for the same domain
set.
+ - secodary/slave dns servers
diff --git a/inventory/host_vars/ns03.phx2.fedoraproject.org
b/inventory/host_vars/ns03.phx2.fedoraproject.org
index 4515d5e..669b5ff 100644
--- a/inventory/host_vars/ns03.phx2.fedoraproject.org
+++ b/inventory/host_vars/ns03.phx2.fedoraproject.org
@@ -10,3 +10,18 @@ ansible_ssh_host: ns03.phx2.fedoraproject.org
vmhost: virthost21.phx2.fedoraproject.org
datacenter: phx2
+
+csi_relationship: |
+
+ ns03 is a master dns server.
+ It serves about every domain under fedoraproject, fedo*, as well
as others, both forward and reverse.
+
+ * This host relies on:
+ - The virthost it's hosted on (virthost21.phx2.fedoraproject.org)
+ - batcave for dns git and keys
+ - connectivity to maxmind to create geoIP dns acl
+
+ * Things that rely on this host:
+ - The Internet/Community to resolve everything related to fedora
and reverse-IP for allocated subnets
+ - If this host is down, dns queries will slow down by the portion
of this host to the total name servers responsible for the same domain
set.
+ - secodary/slave dns servers
diff --git a/inventory/host_vars/ns04.phx2.fedoraproject.org
b/inventory/host_vars/ns04.phx2.fedoraproject.org
index 9c72ca9..1a4089f 100644
--- a/inventory/host_vars/ns04.phx2.fedoraproject.org
+++ b/inventory/host_vars/ns04.phx2.fedoraproject.org
@@ -10,3 +10,18 @@ ansible_ssh_host: ns04.phx2.fedoraproject.org
vmhost: virthost15.phx2.fedoraproject.org
datacenter: phx2
+
+csi_relationship: |
+
+ ns04 is a master dns server.
+ It serves about every domain under fedoraproject, fedo*, as well
as others, both forward and reverse.
+
+ * This host relies on:
+ - The virthost it's hosted on (virthost15.phx2.fedoraproject.org)
+ - batcave for dns git and keys
+ - connectivity to maxmind to create geoIP dns acl
+
+ * Things that rely on this host:
+ - The Internet/Community to resolve everything related to fedora
and reverse-IP for allocated subnets
+ - If this host is down, dns queries will slow down by the portion
of this host to the total name servers responsible for the same domain
set.
+ - secodary/slave dns servers
diff --git a/inventory/host_vars/ns05.fedoraproject.org
b/inventory/host_vars/ns05.fedoraproject.org
index 3955f44..e02f9a9 100644
--- a/inventory/host_vars/ns05.fedoraproject.org
+++ b/inventory/host_vars/ns05.fedoraproject.org
@@ -12,3 +12,18 @@ postfix_group: vpn
vmhost: internetx01.fedoraproject.org
datacenter: internetx
+
+csi_relationship: |
+
+ ns05 is a master dns server.
+ It serves about every domain under fedoraproject, fedo*, as well
as others, both forward and reverse.
+
+ * This host relies on:
+ - The virthost it's hosted on (internetx01.fedoraproject.org)
+ - batcave for dns git and keys
+ - connectivity to maxmind to create geoIP dns acl
+
+ * Things that rely on this host:
+ - The Internet/Community to resolve everything related to fedora
and reverse-IP for allocated subnets
+ - If this host is down, dns queries will slow down by the portion
of this host to the total name servers responsible for the same domain
set.
+ - secodary/slave dns servers
--
On Wed, Nov 4, 2015 at 6:29 PM, Kevin Fenzi <kevin@xxxxxxxxx> wrote:
> On Wed, 21 Oct 2015 17:41:31 +0300
> Ali Khalidi <ali.elkhalidi@xxxxxxxxx> wrote:
>
>> infra -
>>
>> here is the diffs for csi vars for group: dns
>>
>> applicable when we come out of freez.
>
> Now that we are out of freeze I went to apply this, but couldn't get it
> to apply cleanly. ;( It looks like your mailer wrapped the lines?
>
> Can you try rebasing the pactch and resending it?
>
> Thanks!
>
> kevin
>
>
>
> _______________________________________________
> infrastructure mailing list
> infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> http://lists.fedoraproject.org/admin/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
>
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
http://lists.fedoraproject.org/admin/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
