diff --git a/data/hostname/cassandra01.internal.softwareheritage.org.yaml b/data/hostname/cassandra01.internal.softwareheritage.org.yaml new file mode 100644 index 00000000..e17741b2 --- /dev/null +++ b/data/hostname/cassandra01.internal.softwareheritage.org.yaml @@ -0,0 +1,6 @@ +# local cache is not compatible with rancher in docker +dns::local_cache: false + +swh::apt_config::enable_non_free: true +packages: + - zfs-dkms diff --git a/data/hostname/cassandra02.internal.softwareheritage.org.yaml b/data/hostname/cassandra02.internal.softwareheritage.org.yaml new file mode 100644 index 00000000..e17741b2 --- /dev/null +++ b/data/hostname/cassandra02.internal.softwareheritage.org.yaml @@ -0,0 +1,6 @@ +# local cache is not compatible with rancher in docker +dns::local_cache: false + +swh::apt_config::enable_non_free: true +packages: + - zfs-dkms diff --git a/data/hostname/cassandra03.internal.softwareheritage.org.yaml b/data/hostname/cassandra03.internal.softwareheritage.org.yaml new file mode 100644 index 00000000..e17741b2 --- /dev/null +++ b/data/hostname/cassandra03.internal.softwareheritage.org.yaml @@ -0,0 +1,6 @@ +# local cache is not compatible with rancher in docker +dns::local_cache: false + +swh::apt_config::enable_non_free: true +packages: + - zfs-dkms diff --git a/data/hostname/cassandra04.internal.softwareheritage.org.yaml b/data/hostname/cassandra04.internal.softwareheritage.org.yaml new file mode 100644 index 00000000..e17741b2 --- /dev/null +++ b/data/hostname/cassandra04.internal.softwareheritage.org.yaml @@ -0,0 +1,6 @@ +# local cache is not compatible with rancher in docker +dns::local_cache: false + +swh::apt_config::enable_non_free: true +packages: + - zfs-dkms diff --git a/data/hostname/cassandra05.internal.softwareheritage.org.yaml b/data/hostname/cassandra05.internal.softwareheritage.org.yaml new file mode 100644 index 00000000..e17741b2 --- /dev/null +++ b/data/hostname/cassandra05.internal.softwareheritage.org.yaml @@ -0,0 +1,6 @@ +# local cache is not compatible with rancher in docker +dns::local_cache: false + +swh::apt_config::enable_non_free: true +packages: + - zfs-dkms diff --git a/data/hostname/cassandra06.internal.softwareheritage.org.yaml b/data/hostname/cassandra06.internal.softwareheritage.org.yaml new file mode 100644 index 00000000..e17741b2 --- /dev/null +++ b/data/hostname/cassandra06.internal.softwareheritage.org.yaml @@ -0,0 +1,6 @@ +# local cache is not compatible with rancher in docker +dns::local_cache: false + +swh::apt_config::enable_non_free: true +packages: + - zfs-dkms diff --git a/data/hostname/rancher-node-cassandra1.internal.softwareheritage.org.yaml b/data/hostname/rancher-node-cassandra1.internal.softwareheritage.org.yaml new file mode 100644 index 00000000..d5948c40 --- /dev/null +++ b/data/hostname/rancher-node-cassandra1.internal.softwareheritage.org.yaml @@ -0,0 +1,2 @@ +# local cache is not compatible with rancher in docker +dns::local_cache: false diff --git a/data/hostname/rancher-node-cassandra2.internal.softwareheritage.org.yaml b/data/hostname/rancher-node-cassandra2.internal.softwareheritage.org.yaml new file mode 100644 index 00000000..d5948c40 --- /dev/null +++ b/data/hostname/rancher-node-cassandra2.internal.softwareheritage.org.yaml @@ -0,0 +1,2 @@ +# local cache is not compatible with rancher in docker +dns::local_cache: false diff --git a/data/hostname/rancher-node-cassandra3.internal.softwareheritage.org.yaml b/data/hostname/rancher-node-cassandra3.internal.softwareheritage.org.yaml new file mode 100644 index 00000000..d5948c40 --- /dev/null +++ b/data/hostname/rancher-node-cassandra3.internal.softwareheritage.org.yaml @@ -0,0 +1,2 @@ +# local cache is not compatible with rancher in docker +dns::local_cache: false diff --git a/data/subnets/vagrant.yaml b/data/subnets/vagrant.yaml index 8c53d421..3e572c6f 100644 --- a/data/subnets/vagrant.yaml +++ b/data/subnets/vagrant.yaml @@ -1,269 +1,281 @@ --- dns::local_nameservers: - 192.168.100.29 - 192.168.200.22 # forwarder for : # - swh network # - Inria network # - external network dns::forwarders: - 192.168.100.29 - 192.168.200.22 - 128.93.77.234 - 1.1.1.1 dns::forwarder_insecure: true bind::zones::masters: - 192.168.100.29 ntp::servers: - sesi-ntp1.inria.fr - sesi-ntp2.inria.fr networks::manage_interfaces: false internal_network: 10.168.128.0/16 puppet::master::codedir: /tmp/puppet networks::private_routes: {} smtp::relay_hostname: 'none' swh::postgresql::network_accesses: - 10.168.100.0/24 swh::deploy::worker::instances: - checker_deposit - lister - loader_archive - loader_cran - loader_debian - loader_deposit - loader_git - loader_mercurial - loader_nixguix - loader_opam - loader_npm - loader_pypi - loader_svn - loader_high_priority dns::forward_zones: { } netbox::mail::from: inventory+vagrant@softwareheritage.org netbox::admin::email: sysop+vagrant@softwareheritage.org kafka::cluster::public_network: 10.168.130.0/24 kafka::cluster::heap_ops: "-Xmx512m -Xms512m" puppet::master::manage_puppetdb: true puppetdb::listen_address: 0.0.0.0 swh::puppetdb::etcdir: /etc/puppetdb puppetdb::confdir: "%{lookup('swh::puppetdb::etcdir')}/conf.d" puppetdb::ssl_dir: "%{lookup('swh::puppetdb::etcdir')}/ssl" swh::puppetdb::ssl_key_path: "%{lookup('puppetdb::ssl_dir')}/key.pem" swh::puppetdb::ssl_key: "%{::puppet_vardir}/ssl/private_keys/pergamon.softwareheritage.org.pem" swh::puppetdb::ssl_cert: "%{::puppet_vardir}/ssl/certs/pergamon.softwareheritage.org.pem" swh::puppetdb::ssl_cert_path: "%{lookup('puppetdb::ssl_dir')}/cert.pem" swh::puppetdb::ssl_ca_cert: "%{::puppet_vardir}/ssl/ca/ca_crt.pem" swh::puppetdb::ssl_ca_cert_path: "%{lookup('puppetdb::ssl_dir')}/ca_crt.pem" puppet::autosign_entries: - '*.softwareheritage.org' - '*.staging.swh.network' - '*.admin.swh.network' static_hostnames: 10.168.50.10: host: bardo.internal.admin.swh.network 10.168.50.20: host: rp1.internal.admin.swh.network aliases: - hedgedoc.softwareheritage.org - grafana.softwareheritage.org - sentry.softwareheritage.org 10.168.50.30: host: grafana0.internal.admin.swh.network 10.168.50.50: host: dali.internal.admin.swh.network aliases: - db1.internal.admin.swh.network 10.168.50.70: host: riverside.internal.admin.swh.network 10.168.50.60: host: bojimans.internal.admin.swh.network aliases: - inventory.internal.admin.swh.network - inventory.internal.softwareheritage.org 10.168.100.18: host: banco.internal.softwareheritage.org aliases: - backup.internal.softwareheritage.org - kibana.internal.softwareheritage.org 10.168.100.19: host: logstash0.internal.softwareheritage.org aliases: - logstash.internal.softwareheritage.org 10.168.100.29: host: pergamon.internal.softwareheritage.org aliases: - pergamon.softwareheritage.org - icinga.internal.softwareheritage.org - stats.export.softwareheritage 10.168.100.30: host: jenkins.softwareheritage.org 10.168.100.31: host: moma.internal.softwareheritage.org aliases: - archive.internal.softwareheritage.org - deposit.internal.softwareheritage.org - objstorage.softwareheritage.org - objstorage.internal.softwareheritage.org 10.168.100.32: host: beaubourg.internal.softwareheritage.org 10.168.100.34: host: hypervisor3.internal.softwareheritage.org 10.168.100.61: host: esnode1.internal.softwareheritage.org 10.168.100.62: host: esnode2.internal.softwareheritage.org 10.168.100.63: host: esnode3.internal.softwareheritage.org 10.168.100.71: host: webapp1.internal.softwareheritage.org 10.168.100.81: host: search-esnode1.internal.softwareheritage.org 10.168.100.82: host: search-esnode2.internal.softwareheritage.org 10.168.100.83: host: search-esnode3.internal.softwareheritage.org 10.168.100.85: host: search1.internal.softwareheritage.org 10.168.100.86: host: search-esnode4.internal.softwareheritage.org 10.168.100.87: host: search-esnode5.internal.softwareheritage.org 10.168.100.88: host: search-esnode6.internal.softwareheritage.org 10.168.100.95: host: counters1.internal.softwareheritage.org 10.168.100.101: host: uffizi.internal.softwareheritage.org 10.168.100.102: host: getty.internal.softwareheritage.org 10.168.100.103: host: somerset.internal.softwareheritage.org 10.168.100.104: host: saatchi.internal.softwareheritage.org aliases: - rabbitmq.internal.softwareheritage.org 10.168.100.105: host: thyssen.internal.softwareheritage.org 10.168.100.106: host: kelvingrove.internal.softwareheritage.org aliases: - auth.softwareheritage.org 10.168.100.108: host: branly.internal.softwareheritage.org 10.168.100.109: host: saam.internal.softwareheritage.org 10.168.100.110: host: met.internal.softwareheritage.org 10.168.100.131: host: zookeeper1.internal.softwareheritage.org 10.168.100.132: host: zookeeper2.internal.softwareheritage.org 10.168.100.133: host: zookeeper3.internal.softwareheritage.org 10.168.100.150: host: jenkins1-debian.internal.softwareheritage.org 10.168.100.170: host: pompidou.internal.softwareheritage.org + 10.168.100.181: + host: cassandra01.internal.softwareheritage.org + 10.168.100.182: + host: cassandra02.internal.softwareheritage.org + 10.168.100.183: + host: cassandra03.internal.softwareheritage.org + 10.168.100.184: + host: cassandra04.internal.softwareheritage.org + 10.168.100.185: + host: cassandra05.internal.softwareheritage.org + 10.168.100.186: + host: cassandra06.internal.softwareheritage.org 10.168.100.210: host: belvedere.internal.softwareheritage.org aliases: - db.internal.softwareheritage.org 10.168.100.201: host: kafka1.internal.softwareheritage.org aliases: - broker1.journal.softwareheritage.org 10.168.100.202: host: kafka2.internal.softwareheritage.org aliases: - broker2.journal.softwareheritage.org 10.168.100.203: host: kafka3.internal.softwareheritage.org aliases: - broker3.journal.softwareheritage.org 10.168.100.204: host: kafka4.internal.softwareheritage.org aliases: - broker4.journal.softwareheritage.org 10.168.130.11: host: db1.internal.staging.swh.network 10.168.130.20: host: rp1.internal.staging.swh.network aliases: - webapp.staging.swh.network - deposit.staging.swh.network - objstorage.staging.swh.network 10.168.130.30: host: webapp.internal.staging.swh.network 10.168.130.31: host: deposit.internal.staging.swh.network 10.168.130.41: host: storage1.internal.staging.swh.network aliases: - journal1.internal.staging.swh.network 10.168.130.50: host: scheduler0.internal.staging.swh.network 10.168.130.60: host: vault.internal.staging.swh.network 10.168.130.70: host: maven-exporter0.internal.staging.swh.network aliases: - maven-exporter.internal.staging.swh.network 10.168.130.80: host: search-esnode0.internal.staging.swh.network 10.168.130.90: host: search0.internal.staging.swh.network 10.168.130.95: host: counters0.internal.staging.swh.network 10.168.130.100: host: worker0.internal.staging.swh.network 10.168.130.101: host: worker1.internal.staging.swh.network 10.168.130.102: host: worker2.internal.staging.swh.network 10.168.130.103: host: worker3.internal.staging.swh.network 10.168.130.110: host: objstorage0.internal.staging.swh.network 10.168.130.120: host: scrubber0.internal.staging.swh.network 10.168.130.130: host: elastic-worker0.internal.staging.swh.network 10.168.130.131: host: elastic-worker1.internal.staging.swh.network 10.168.130.132: host: elastic-worker2.internal.staging.swh.network 10.168.130.133: host: elastic-worker3.internal.staging.swh.network 10.168.130.140: host: rancher-node-intern0.internal.staging.swh.network 10.168.130.141: host: rancher-node-intern1.internal.staging.swh.network 10.168.130.142: host: rancher-node-intern2.internal.staging.swh.network 10.168.130.160: host: mirror-test.internal.staging.swh.network 10.168.200.22: host: ns0.euwest.azure.internal.softwareheritage.org thanos::objstore::config: # thanos sidecar will crash if the objstore is a badly configured azure bucket # (e.g. with redacted credentials) type: FILESYSTEM config: directory: "/var/tmp/thanos-objstore" diff --git a/manifests/site.pp b/manifests/site.pp index 8fe02383..141a0dca 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -1,241 +1,241 @@ node /^(pompidou|uffizi)\.(internal\.)?softwareheritage\.org$/ { include role::swh_hypervisor } node /^(beaubourg|hypervisor\d+|branly)\.(internal\.)?softwareheritage\.org$/ { include role::swh_hypervisor_with_ceph } node 'pergamon.softwareheritage.org' { include role::swh_sysadmin } node 'grafana0.internal.admin.swh.network' { include role::swh_grafana } node 'tate.softwareheritage.org' { include role::swh_forge } node 'moma.softwareheritage.org' { include role::swh_rp_webapps } node 'webapp1.internal.softwareheritage.org' { include role::swh_rp_webapp } node /^search-esnode\d\.internal\.softwareheritage\.org$/ { include role::swh_elasticsearch } node /^search\d\.internal\.softwareheritage\.org$/ { include role::swh_search_with_journal_client } node /^counters\d\.internal\.softwareheritage\.org$/ { include role::swh_counters_with_journal_client } node 'saatchi.internal.softwareheritage.org' { include role::swh_scheduler_with_journal_client } node /^(belvedere|somerset).(internal.)?softwareheritage.org$/ { include role::swh_database include profile::pgbouncer } node 'banco.softwareheritage.org' { include role::swh_backup include role::postgresql_backup } node /^esnode\d+.(internal.)?softwareheritage.org$/ { include role::swh_elasticsearch } node /^kafka\d+\./ { include role::swh_kafka_broker } -node /^cassandra\d+\./ { +node /^cassandra\d?\d+\./ { include role::swh_cassandra_node } node 'granet.internal.softwareheritage.org' { include role::swh_graph_backend } node 'met.internal.softwareheritage.org' { include role::swh_provenance } node /^(unibo-prod|vangogh).(euwest.azure.)?(internal.)?softwareheritage.org$/ { include role::swh_vault } node /^saam\.(internal\.)?softwareheritage\.org$/ { include role::swh_storage_baremetal } node 'storage01.euwest.azure.internal.softwareheritage.org' { include role::swh_storage_cloud } node /^getty.(internal.)?softwareheritage.org$/ { include role::swh_journal_orchestrator_with_backfill_config } node /^worker\d+\.(internal\.)?softwareheritage\.org$/ { include role::swh_worker_inria } node /^worker\d+\..*\.azure\.internal\.softwareheritage\.org$/ { include role::swh_worker_azure } node /^dbreplica(0|1)\.euwest\.azure\.internal\.softwareheritage\.org$/ { include role::swh_database } node /^ceph-osd\d+\.internal\.softwareheritage\.org$/ { include role::swh_ceph_osd } node /^ceph-mon\d+\.internal\.softwareheritage\.org$/ { include role::swh_ceph_mon } node /^ns\d+\.(.*\.azure\.)?internal\.softwareheritage\.org/ { include role::swh_nameserver_secondary } node 'thyssen.internal.softwareheritage.org' { include role::swh_ci_server } node 'riverside.internal.admin.swh.network' { include role::swh_sentry } node /^jenkins-debian\d+\.internal\.softwareheritage\.org$/ { include role::swh_ci_agent_debian } node 'logstash0.internal.softwareheritage.org' { include role::swh_logstash_instance } node 'kibana0.internal.softwareheritage.org' { include role::swh_kibana_instance } node 'kelvingrove.internal.softwareheritage.org' { include role::swh_idp_primary } node 'giverny.softwareheritage.org' { include role::swh_desktop } node /^db\d\.internal\.staging\.swh\.network$/ { include role::swh_database_staging } node 'dali.internal.admin.swh.network' { include role::swh_admin_database } node "bardo.internal.admin.swh.network" { include role::swh_hedgedoc } node 'scheduler0.internal.staging.swh.network' { include role::swh_scheduler_with_journal_client include profile::postgresql::client } node 'gateway.internal.staging.swh.network' { include role::swh_gateway } node /^storage\d\.internal\.staging\.swh\.network$/ { include role::swh_storage_with_journal } node /^worker\d\.internal\.staging\.swh\.network$/ { include role::swh_worker_inria } node /^search-esnode\d\.internal\.staging\.swh\.network$/ { include role::swh_elasticsearch } node /^search\d\.internal\.staging\.swh\.network$/ { include role::swh_search_with_journal_client } node /^counters\d\.internal\.staging\.swh\.network$/ { include role::swh_counters_with_journal_client } node /^scrubber\d+\.internal\.(staging\.swh\.network|softwareheritage\.org)/ { include role::swh_scrubber_checkers } node 'webapp.internal.staging.swh.network' { include role::swh_webapp } node 'deposit.internal.staging.swh.network' { include role::swh_deposit } node 'vault.internal.staging.swh.network' { include role::swh_vault } node /^rp\d\.internal\.(staging|admin)\.swh\.network$/ { include role::swh_reverse_proxy } # Read-only storage for mirrors node 'objstorage0.internal.staging.swh.network' { include role::swh_remote_objstorage } node 'bojimans.internal.admin.swh.network' { include role::swh_netbox } node /^mirror-test\.internal\.staging\.swh\.network$/ { include profile::postgresql::client } node 'backup01.euwest.azure.internal.softwareheritage.org' { include role::zfs_snapshots_storage } node 'money.internal.admin.swh.network' { include role::swh_azure_billing_report } node 'maven-exporter0.internal.staging.swh.network' { include role::swh_maven_index_exporter } node /^elastic-worker\d+\.internal\.staging\.swh\.network$/ { include role::rancher_node } node /^rancher-node-.*\.internal\.(staging\.swh\.network|softwareheritage\.org)$/ { include role::rancher_node } node default { include role::swh_base } diff --git a/site-modules/role/manifests/swh_cassandra_node.pp b/site-modules/role/manifests/swh_cassandra_node.pp index 82152fcf..1c62cc18 100644 --- a/site-modules/role/manifests/swh_cassandra_node.pp +++ b/site-modules/role/manifests/swh_cassandra_node.pp @@ -1,4 +1,5 @@ # Deployment of a cassandra node class role::swh_cassandra_node inherits role::swh_base { - include profile::cassandra::node + # include profile::cassandra::node + include profile::docker }