X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/c21a2c2cfbf709d99825cfa376f9d6afa707636e..315ae24f6372e75330817711384c1632887ea0ff:/roles/ironbelly.rb diff --git a/roles/ironbelly.rb b/roles/ironbelly.rb index c22a3c6c4..e6b27496c 100644 --- a/roles/ironbelly.rb +++ b/roles/ironbelly.rb @@ -2,60 +2,77 @@ name "ironbelly" description "Master role applied to ironbelly" default_attributes( - :apt => { - :sources => [ "ubuntugis-unstable" ] + :bind => { + :clients => "equinix-ams" + }, + :dhcpd => { + :first_address => "10.0.63.1", + :last_address => "10.0.63.254" + }, + :elasticsearch => { + :cluster => { + :routing => { + :allocation => { + :disk => { + :watermark => { + :low => "95%", + :high => "98%", + :flood_stage => "99%" + } + } + } + } + }, + :path => { + :data => "/store/elasticsearch" + } }, :networking => { :interfaces => { :internal_ipv4 => { - :interface => "eth0", + :interface => "bond0", :role => :internal, :family => :inet, - :address => "146.179.159.177" + :address => "10.0.48.10", + :bond => { + :mode => "802.3ad", + :lacprate => "fast", + :xmithashpolicy => "layer3+4", + :slaves => %w[eth0 eth1] + } }, :external_ipv4 => { - :interface => "eth1", + :interface => "bond0.2", :role => :external, :family => :inet, - :address => "193.63.75.107" + :address => "130.117.76.10" }, :external_ipv6 => { - :interface => "eth1", + :interface => "bond0.2", :role => :external, :family => :inet6, - :address => "2001:630:12:500:225:90ff:fec4:f6ef" + :address => "2001:978:2:2C::172:A" } } }, - :openvpn => { - :address => "10.0.16.2", - :tunnels => { - :ic2ucl => { - :port => "1194", - :mode => "server", - :peer => { - :host => "ridley.openstreetmap.org" - } + :planet => { + :replication => "enabled" + }, + :prometheus => { + :snmp => { + "pdu1" => { :address => "10.0.48.100", :modules => %w[apcups], :labels => { "site" => "amsterdam" } }, + "pdu2" => { :address => "10.0.48.101", :modules => %w[apcups], :labels => { "site" => "amsterdam" } }, + "switch1" => { :address => "130.117.76.2", :modules => %w[if_mib juniper_ex4300], :labels => { "site" => "amsterdam" } } + }, + :metrics => { + :uplink_interface => { + :help => "Site uplink interface name", + :labels => { :site => "amsterdam", :name => "ge-[01]/2/0" } } } }, :rsyncd => { :modules => { - :hosts => { - :comment => "Host data", - :path => "/home/hosts", - :read_only => true, - :write_only => false, - :list => false, - :uid => "tomh", - :gid => "tomh", - :transfer_logging => false, - :hosts_allow => [ - "89.16.179.150", # shenron - "2001:41c8:10:996:21d:7dff:fec3:df70", # shenron - "212.159.112.221" # grant - ] - }, :logs => { :comment => "Log files", :path => "/store/logs", @@ -66,28 +83,32 @@ default_attributes( :gid => "www-data", :transfer_logging => false, :hosts_allow => [ - "128.40.168.0/24", # ucl external - "146.179.159.160/27", # ic internal - "193.63.75.96/27", # ic external - "2001:630:12:500::/64", # ic external - "127.0.0.0/8", # localhost - "::1" # localhost + "193.60.236.0/24", # ucl external + "10.0.48.0/20", # amsterdam internal + "130.117.76.0/27", # amsterdam external + "2001:978:2:2C::172:0/112", # amsterdam external + "10.0.64.0/20", # dublin internal + "184.104.226.96/27", # dublin external + "2001:470:1:b3b::/64", # dublin external + "10.0.32.0/20", # bytemark internal + "89.16.162.16/28", # bytemark external + "2001:41c9:2:d6::/64", # bytemark external + "127.0.0.0/8", # localhost + "::1" # localhost ] } } } -); +) run_list( - "role[ic]", + "role[equinix-ams]", "role[gateway]", - "role[chef-server]", - "role[chef-repository]", - "role[web-storage]", "role[supybot]", "role[backup]", - "role[stats]", "role[planet]", + "role[planetdump]", "recipe[rsyncd]", - "recipe[openvpn]" + "recipe[dhcpd]", + "recipe[tilelog]" )