Skip to content

Expose a read-only cassandra storage

Vincent Sellier requested to merge storage-cassandra-ro into production

Related to swh/infra/sysadm-environment#5199 (closed)

octocatalog-diff
*** Running octocatalog-diff on host moma.softwareheritage.org
I, [2024-01-10T14:32:05.416280 #2241564]  INFO -- : Catalogs compiled for moma.softwareheritage.org
I, [2024-01-10T14:32:06.054507 #2241564]  INFO -- : Diffs computed for moma.softwareheritage.org
diff origin/production/moma.softwareheritage.org current/moma.softwareheritage.org
*******************************************
+ Concat::Fragment[/etc/varnish/includes.vcl:storage-cassandra-ro] =>
   parameters =>
     "content": "include \"includes/01_storage-cassandra-ro.vcl\";",
     "order": "01",
     "target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat::Fragment[/etc/varnish/includes.vcl:vhost_storage-cassandra-ro.softwareheritage.org] =>
   parameters =>
     "content": "include \"includes/50_vhost_storage-cassandra-ro.softwareheritag...
     "order": "50",
     "target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat::Fragment[hitch::domain storage_cassandra_ro] =>
   parameters =>
     "content": "pem-file = \"/etc/hitch/storage_cassandra_ro.pem\"\n",
     "notify": "Class[Hitch::Service]",
     "order": "10",
     "target": "/etc/hitch/hitch.conf"
*******************************************
+ Concat::Fragment[storage_cassandra_ro cacert] =>
   parameters =>
     "notify": "Class[Hitch::Service]",
     "order": "03",
     "source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/chain.pem",
     "target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat::Fragment[storage_cassandra_ro cert] =>
   parameters =>
     "notify": "Class[Hitch::Service]",
     "order": "02",
     "source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/cert.pem",
     "target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat::Fragment[storage_cassandra_ro dhparams] =>
   parameters =>
     "notify": "Class[Hitch::Service]",
     "order": "04",
     "source": "/etc/hitch/dhparams.pem",
     "target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat::Fragment[storage_cassandra_ro key] =>
   parameters =>
     "notify": "Class[Hitch::Service]",
     "order": "01",
     "source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/privkey.pem",
     "target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat[/etc/hitch/storage_cassandra_ro.pem] =>
   parameters =>
     "backup": "puppet",
     "ensure": "present",
     "ensure_newline": false,
     "force": false,
     "format": "plain",
     "group": "_hitch",
     "mode": "0640",
     "notify": "Class[Hitch::Service]",
     "order": "alpha",
     "owner": "root",
     "path": "/etc/hitch/storage_cassandra_ro.pem",
     "replace": true,
     "show_diff": true,
     "warn": false
*******************************************
+ Concat_file[/etc/hitch/storage_cassandra_ro.pem] =>
   parameters =>
     "backup": "puppet",
     "ensure_newline": false,
     "force": false,
     "format": "plain",
     "group": "_hitch",
     "mode": "0640",
     "order": "alpha",
     "owner": "root",
     "replace": true,
     "show_diff": true,
     "tag": "_etc_hitch_storage_cassandra_ro.pem"
*******************************************
+ Concat_fragment[/etc/varnish/includes.vcl:storage-cassandra-ro] =>
   parameters =>
     "content": "include \"includes/01_storage-cassandra-ro.vcl\";",
     "order": "01",
     "tag": "_etc_varnish_includes.vcl",
     "target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat_fragment[/etc/varnish/includes.vcl:vhost_storage-cassandra-ro.softwareheritage.org] =>
   parameters =>
     "content": "include \"includes/50_vhost_storage-cassandra-ro.softwareheritag...
     "order": "50",
     "tag": "_etc_varnish_includes.vcl",
     "target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat_fragment[hitch::domain storage_cassandra_ro] =>
   parameters =>
     "content": "pem-file = \"/etc/hitch/storage_cassandra_ro.pem\"\n",
     "order": "10",
     "tag": "_etc_hitch_hitch.conf",
     "target": "/etc/hitch/hitch.conf"
*******************************************
+ Concat_fragment[storage_cassandra_ro cacert] =>
   parameters =>
     "order": "03",
     "source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/chain.pem",
     "tag": "_etc_hitch_storage_cassandra_ro.pem",
     "target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat_fragment[storage_cassandra_ro cert] =>
   parameters =>
     "order": "02",
     "source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/cert.pem",
     "tag": "_etc_hitch_storage_cassandra_ro.pem",
     "target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat_fragment[storage_cassandra_ro dhparams] =>
   parameters =>
     "order": "04",
     "source": "/etc/hitch/dhparams.pem",
     "tag": "_etc_hitch_storage_cassandra_ro.pem",
     "target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat_fragment[storage_cassandra_ro key] =>
   parameters =>
     "order": "01",
     "source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/privkey.pem",
     "tag": "_etc_hitch_storage_cassandra_ro.pem",
     "target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ File[/etc/ssl/certs/letsencrypt/storage_cassandra_ro/cert.pem] =>
   parameters =>
     "ensure": "present",
     "group": "root",
     "mode": "0644",
     "owner": "root",
     "source": "puppet:///le_certs/storage_cassandra_ro/cert.pem"
*******************************************
+ File[/etc/ssl/certs/letsencrypt/storage_cassandra_ro/chain.pem] =>
   parameters =>
     "ensure": "present",
     "group": "root",
     "mode": "0644",
     "owner": "root",
     "source": "puppet:///le_certs/storage_cassandra_ro/chain.pem"
*******************************************
+ File[/etc/ssl/certs/letsencrypt/storage_cassandra_ro/fullchain.pem] =>
   parameters =>
     "ensure": "present",
     "group": "root",
     "mode": "0644",
     "owner": "root",
     "source": "puppet:///le_certs/storage_cassandra_ro/fullchain.pem"
*******************************************
+ File[/etc/ssl/certs/letsencrypt/storage_cassandra_ro/privkey.pem] =>
   parameters =>
     "ensure": "present",
     "group": "root",
     "mode": "0600",
     "owner": "root",
     "source": "puppet:///le_certs/storage_cassandra_ro/privkey.pem"
*******************************************
+ File[/etc/ssl/certs/letsencrypt/storage_cassandra_ro] =>
   parameters =>
     "ensure": "directory",
     "group": "root",
     "mode": "0755",
     "owner": "root"
*******************************************
+ File[/etc/varnish/includes/01_storage-cassandra-ro.vcl] =>
   parameters =>
     "content": "# backend_default.vcl\n#\n# Default backend definition.\n#\n# Fi...
     "group": "root",
     "mode": "0644",
     "notify": "Exec[vcl_reload]",
     "owner": "root"
*******************************************
+ File[/etc/varnish/includes/50_vhost_storage-cassandra-ro.softwareheritage.org.vcl] =>
   parameters =>
     "content": "# vhost_storage-cassandra-ro.softwareheritage.org.vcl\n#\n# Sett...
     "group": "root",
     "mode": "0644",
     "notify": "Exec[vcl_reload]",
     "owner": "root"
*******************************************
+ Hitch::Domain[storage_cassandra_ro] =>
   parameters =>
     "cacert_source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/chain.pem"...
     "cert_source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/cert.pem",
     "default": false,
     "ensure": "present",
     "key_source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/privkey.pem"
*******************************************
+ Icinga2::Object::Service[storage-cassandra-ro http redirect on moma.softwareheritage.org] =>
   parameters =>
     "apply": false,
     "assign": [
    
     ],
     "check_command": "http",
     "ensure": "present",
     "export_to": [
       "pergamon.softwareheritage.org"
     ],
     "host_name": "moma.softwareheritage.org",
     "ignore": [
    
     ],
     "import": [
       "generic-service"
     ],
     "order": 60,
     "prefix": false,
     "service_name": "swh storage-cassandra-ro http redirect",
     "target": "/etc/icinga2/zones.d/master/exported-checks.conf",
     "template": false,
     "vars": {
       "http_address": "storage-cassandra-ro.softwareheritage.org",
       "http_vhost": "storage-cassandra-ro.softwareheritage.org",
       "http_port": 80,
       "http_uri": "/"
     }
*******************************************
+ Icinga2::Object::Service[swh-storage-cassandra-ro https certificate moma.softwareheritage.org] =>
   parameters =>
     "apply": false,
     "assign": [
    
     ],
     "check_command": "http",
     "ensure": "present",
     "export_to": [
       "pergamon.softwareheritage.org"
     ],
     "host_name": "moma.softwareheritage.org",
     "ignore": [
    
     ],
     "import": [
       "generic-service"
     ],
     "order": 60,
     "prefix": false,
     "service_name": "swh storage-cassandra-ro https certificate",
     "target": "/etc/icinga2/zones.d/master/exported-checks.conf",
     "template": false,
     "vars": {
       "http_address": "storage-cassandra-ro.softwareheritage.org",
       "http_vhost": "storage-cassandra-ro.softwareheritage.org",
       "http_port": 443,
       "http_ssl": true,
       "http_sni": true,
       "http_certificate": 15
     }
*******************************************
+ Icinga2::Object::Service[swh-storage-cassandra-ro https on moma.softwareheritage.org] =>
   parameters =>
     "apply": false,
     "assign": [
    
     ],
     "check_command": "http",
     "ensure": "present",
     "export_to": [
       "pergamon.softwareheritage.org"
     ],
     "host_name": "moma.softwareheritage.org",
     "ignore": [
    
     ],
     "import": [
       "generic-service"
     ],
     "order": 60,
     "prefix": false,
     "service_name": "swh storage-cassandra-ro",
     "target": "/etc/icinga2/zones.d/master/exported-checks.conf",
     "template": false,
     "vars": {
       "http_address": "storage-cassandra-ro.softwareheritage.org",
       "http_vhost": "storage-cassandra-ro.softwareheritage.org",
       "http_port": 443,
       "http_ssl": true,
       "http_sni": true,
       "http_uri": "/",
       "http_string": "Storage-cassandra-ro",
       "http_onredirect": "sticky",
       "http_expect": "401 Restricted"
     }
*******************************************
+ Profile::Hitch::Ssl_cert[storage_cassandra_ro] =>
   parameters =>
     "ssl_cert_name": "storage_cassandra_ro"
*******************************************
+ Profile::Letsencrypt::Certificate[storage_cassandra_ro] =>
   parameters =>
     "basename": "storage_cassandra_ro",
     "privkey_group": "root",
     "privkey_mode": "0600",
     "privkey_owner": "root",
     "source_cert": "storage_cassandra_ro"
*******************************************
+ Profile::Varnish::Vcl_include[storage-cassandra-ro] =>
   parameters =>
     "basename": "storage-cassandra-ro",
     "content": "# backend_default.vcl\n#\n# Default backend definition.\n#\n# Fi...
     "order": "01"
*******************************************
+ Profile::Varnish::Vcl_include[vhost_storage-cassandra-ro.softwareheritage.org] =>
   parameters =>
     "basename": "vhost_storage-cassandra-ro.softwareheritage.org",
     "content": "# vhost_storage-cassandra-ro.softwareheritage.org.vcl\n#\n# Sett...
     "order": "50"
*******************************************
+ Profile::Varnish::Vhost[storage-cassandra-ro.softwareheritage.org] =>
   parameters =>
     "aliases": [
    
     ],
     "backend_http_host": "storage-cassandra-ro.internal.softwareheritage.org",
     "backend_http_port": "80",
     "backend_name": "storage-cassandra-ro",
     "basic_auth": false,
     "hsts_max_age": 15768000,
     "order": "50",
     "servername": "storage-cassandra-ro.softwareheritage.org",
     "websocket_support": false
*******************************************
+ Varnish::Vcl[/etc/varnish/includes/01_storage-cassandra-ro.vcl] =>
   parameters =>
     "content": "# backend_default.vcl\n#\n# Default backend definition.\n#\n# Fi...
     "file": "/etc/varnish/includes/01_storage-cassandra-ro.vcl"
*******************************************
+ Varnish::Vcl[/etc/varnish/includes/50_vhost_storage-cassandra-ro.softwareheritage.org.vcl] =>
   parameters =>
     "content": "# vhost_storage-cassandra-ro.softwareheritage.org.vcl\n#\n# Sett...
     "file": "/etc/varnish/includes/50_vhost_storage-cassandra-ro.softwareheritag...
*******************************************
*** End octocatalog-diff on moma.softwareheritage.org

Merge request reports

Loading