X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/ba1ebf773fd90cb0480e6f79ef6ba2001f039c51..ed6585ed67b9855b2535a99b6b08ce8826eead68:/roles/ironbelly.rb?ds=inline diff --git a/roles/ironbelly.rb b/roles/ironbelly.rb index e3c8ef2c0..558495859 100644 --- a/roles/ironbelly.rb +++ b/roles/ironbelly.rb @@ -2,8 +2,9 @@ name "ironbelly" description "Master role applied to ironbelly" default_attributes( - :apt => { - :sources => ["ubuntugis-unstable"] + :dhcpd => { + :first_address => "10.0.63.1", + :last_address => "10.0.63.254" }, :elasticsearch => { :cluster => { @@ -12,7 +13,8 @@ default_attributes( :disk => { :watermark => { :low => "95%", - :high => "98%" + :high => "98%", + :flood_stage => "99%" } } } @@ -24,76 +26,58 @@ default_attributes( }, :networking => { :interfaces => { - :internal_ipv4 => { + :internal => { :interface => "bond0", :role => :internal, - :family => :inet, - :address => "10.0.48.10", + :inet => { + :address => "10.0.48.10" + }, :bond => { - :slaves => %w[eth0 eth1] + :mode => "802.3ad", + :lacprate => "fast", + :xmithashpolicy => "layer3+4", + :slaves => %w[enp2s0f0 enp2s0f1] } }, - :external_ipv4 => { - :interface => "bond0.2", + :external => { + :interface => "bond0.3", :role => :external, - :family => :inet, - :address => "130.117.76.10" - }, - :external_ipv6 => { - :interface => "bond0.2", - :role => :external, - :family => :inet6, - :address => "2001:978:2:2C::172:A" + :inet => { + :address => "184.104.179.138" + }, + :inet6 => { + :address => "2001:470:1:fa1::a" + } } } }, - :openvpn => { - :address => "10.0.16.2", - :tunnels => { - :ic2ucl => { - :port => "1194", - :mode => "server", - :peer => { - :host => "ridley.openstreetmap.org" - } - }, - :aws2ic => { - :port => "1195", - :mode => "server", - :peer => { - :host => "fafnir.openstreetmap.org" - } - }, - :ic2bm => { - :port => "1196", - :mode => "client", - :peer => { - :host => "grisu.openstreetmap.org", - :port => "1194" - } + :prometheus => { + :junos => { + "switch1" => { :address => "184.104.179.129", :labels => { "site" => "amsterdam" } } + }, + :snmp => { + "pdu1" => { :address => "10.0.48.100", :modules => %w[apcups], :labels => { "site" => "amsterdam" } }, + "pdu2" => { :address => "10.0.48.101", :modules => %w[apcups], :labels => { "site" => "amsterdam" } } + }, + :metrics => { + :uplink_interface => { + :help => "Site uplink interface name", + :labels => { :site => "amsterdam", :name => "ge-[01]/2/[02]" } } } }, - :planet => { - :replication => "disabled" + :nginx => { + :cache => { + :proxy => { + :enable => true, + :keys_zone => "proxy_cache_zone:256M", + :inactive => "180d", + :max_size => "51200M" + } + } }, :rsyncd => { :modules => { - :hosts => { - :comment => "Host data", - :path => "/home/hosts", - :read_only => true, - :write_only => false, - :list => false, - :uid => "tomh", - :gid => "tomh", - :transfer_logging => false, - :hosts_allow => [ - "212.110.172.32", # shenron - "2001:41c9:1:400::32", # shenron - "212.159.112.221" # grant - ] - }, :logs => { :comment => "Log files", :path => "/store/logs", @@ -105,32 +89,27 @@ default_attributes( :transfer_logging => false, :hosts_allow => [ "193.60.236.0/24", # ucl external - "10.0.48.0/20", # equinix internal - "130.117.76.0/27", # equinix external - "2001:978:2:2C::172:0/112", # equinix external + "10.0.48.0/20", # amsterdam internal + "184.104.179.128/27", # amsterdam external + "2001:470:1:fa1::/64", # amsterdam external + "10.0.64.0/20", # dublin internal + "184.104.226.96/27", # dublin external + "2001:470:1:b3b::/64", # dublin external "10.0.32.0/20", # bytemark internal "89.16.162.16/28", # bytemark external "2001:41c9:2:d6::/64", # bytemark external "127.0.0.0/8", # localhost "::1" # localhost - ], - :nodes_allow => "roles:tilecache" + ] } } } ) run_list( - "role[equinix]", + "role[equinix-ams]", "role[gateway]", - "role[web-storage]", - "role[supybot]", - "role[backup]", - "role[stats]", - "role[planet]", - # "role[planetdump]", - "role[logstash]", "recipe[rsyncd]", - "recipe[openvpn]", - "recipe[tilelog]" + "recipe[dhcpd]", + "recipe[imagery::za_ngi_aerial]" )