Expose a read-only cassandra storage
Related to swh/infra/sysadm-environment#5199 (closed)
octocatalog-diff
*** Running octocatalog-diff on host moma.softwareheritage.org
I, [2024-01-10T14:32:05.416280 #2241564] INFO -- : Catalogs compiled for moma.softwareheritage.org
I, [2024-01-10T14:32:06.054507 #2241564] INFO -- : Diffs computed for moma.softwareheritage.org
diff origin/production/moma.softwareheritage.org current/moma.softwareheritage.org
*******************************************
+ Concat::Fragment[/etc/varnish/includes.vcl:storage-cassandra-ro] =>
parameters =>
"content": "include \"includes/01_storage-cassandra-ro.vcl\";",
"order": "01",
"target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat::Fragment[/etc/varnish/includes.vcl:vhost_storage-cassandra-ro.softwareheritage.org] =>
parameters =>
"content": "include \"includes/50_vhost_storage-cassandra-ro.softwareheritag...
"order": "50",
"target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat::Fragment[hitch::domain storage_cassandra_ro] =>
parameters =>
"content": "pem-file = \"/etc/hitch/storage_cassandra_ro.pem\"\n",
"notify": "Class[Hitch::Service]",
"order": "10",
"target": "/etc/hitch/hitch.conf"
*******************************************
+ Concat::Fragment[storage_cassandra_ro cacert] =>
parameters =>
"notify": "Class[Hitch::Service]",
"order": "03",
"source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/chain.pem",
"target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat::Fragment[storage_cassandra_ro cert] =>
parameters =>
"notify": "Class[Hitch::Service]",
"order": "02",
"source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/cert.pem",
"target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat::Fragment[storage_cassandra_ro dhparams] =>
parameters =>
"notify": "Class[Hitch::Service]",
"order": "04",
"source": "/etc/hitch/dhparams.pem",
"target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat::Fragment[storage_cassandra_ro key] =>
parameters =>
"notify": "Class[Hitch::Service]",
"order": "01",
"source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/privkey.pem",
"target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat[/etc/hitch/storage_cassandra_ro.pem] =>
parameters =>
"backup": "puppet",
"ensure": "present",
"ensure_newline": false,
"force": false,
"format": "plain",
"group": "_hitch",
"mode": "0640",
"notify": "Class[Hitch::Service]",
"order": "alpha",
"owner": "root",
"path": "/etc/hitch/storage_cassandra_ro.pem",
"replace": true,
"show_diff": true,
"warn": false
*******************************************
+ Concat_file[/etc/hitch/storage_cassandra_ro.pem] =>
parameters =>
"backup": "puppet",
"ensure_newline": false,
"force": false,
"format": "plain",
"group": "_hitch",
"mode": "0640",
"order": "alpha",
"owner": "root",
"replace": true,
"show_diff": true,
"tag": "_etc_hitch_storage_cassandra_ro.pem"
*******************************************
+ Concat_fragment[/etc/varnish/includes.vcl:storage-cassandra-ro] =>
parameters =>
"content": "include \"includes/01_storage-cassandra-ro.vcl\";",
"order": "01",
"tag": "_etc_varnish_includes.vcl",
"target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat_fragment[/etc/varnish/includes.vcl:vhost_storage-cassandra-ro.softwareheritage.org] =>
parameters =>
"content": "include \"includes/50_vhost_storage-cassandra-ro.softwareheritag...
"order": "50",
"tag": "_etc_varnish_includes.vcl",
"target": "/etc/varnish/includes.vcl"
*******************************************
+ Concat_fragment[hitch::domain storage_cassandra_ro] =>
parameters =>
"content": "pem-file = \"/etc/hitch/storage_cassandra_ro.pem\"\n",
"order": "10",
"tag": "_etc_hitch_hitch.conf",
"target": "/etc/hitch/hitch.conf"
*******************************************
+ Concat_fragment[storage_cassandra_ro cacert] =>
parameters =>
"order": "03",
"source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/chain.pem",
"tag": "_etc_hitch_storage_cassandra_ro.pem",
"target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat_fragment[storage_cassandra_ro cert] =>
parameters =>
"order": "02",
"source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/cert.pem",
"tag": "_etc_hitch_storage_cassandra_ro.pem",
"target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat_fragment[storage_cassandra_ro dhparams] =>
parameters =>
"order": "04",
"source": "/etc/hitch/dhparams.pem",
"tag": "_etc_hitch_storage_cassandra_ro.pem",
"target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ Concat_fragment[storage_cassandra_ro key] =>
parameters =>
"order": "01",
"source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/privkey.pem",
"tag": "_etc_hitch_storage_cassandra_ro.pem",
"target": "/etc/hitch/storage_cassandra_ro.pem"
*******************************************
+ File[/etc/ssl/certs/letsencrypt/storage_cassandra_ro/cert.pem] =>
parameters =>
"ensure": "present",
"group": "root",
"mode": "0644",
"owner": "root",
"source": "puppet:///le_certs/storage_cassandra_ro/cert.pem"
*******************************************
+ File[/etc/ssl/certs/letsencrypt/storage_cassandra_ro/chain.pem] =>
parameters =>
"ensure": "present",
"group": "root",
"mode": "0644",
"owner": "root",
"source": "puppet:///le_certs/storage_cassandra_ro/chain.pem"
*******************************************
+ File[/etc/ssl/certs/letsencrypt/storage_cassandra_ro/fullchain.pem] =>
parameters =>
"ensure": "present",
"group": "root",
"mode": "0644",
"owner": "root",
"source": "puppet:///le_certs/storage_cassandra_ro/fullchain.pem"
*******************************************
+ File[/etc/ssl/certs/letsencrypt/storage_cassandra_ro/privkey.pem] =>
parameters =>
"ensure": "present",
"group": "root",
"mode": "0600",
"owner": "root",
"source": "puppet:///le_certs/storage_cassandra_ro/privkey.pem"
*******************************************
+ File[/etc/ssl/certs/letsencrypt/storage_cassandra_ro] =>
parameters =>
"ensure": "directory",
"group": "root",
"mode": "0755",
"owner": "root"
*******************************************
+ File[/etc/varnish/includes/01_storage-cassandra-ro.vcl] =>
parameters =>
"content": "# backend_default.vcl\n#\n# Default backend definition.\n#\n# Fi...
"group": "root",
"mode": "0644",
"notify": "Exec[vcl_reload]",
"owner": "root"
*******************************************
+ File[/etc/varnish/includes/50_vhost_storage-cassandra-ro.softwareheritage.org.vcl] =>
parameters =>
"content": "# vhost_storage-cassandra-ro.softwareheritage.org.vcl\n#\n# Sett...
"group": "root",
"mode": "0644",
"notify": "Exec[vcl_reload]",
"owner": "root"
*******************************************
+ Hitch::Domain[storage_cassandra_ro] =>
parameters =>
"cacert_source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/chain.pem"...
"cert_source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/cert.pem",
"default": false,
"ensure": "present",
"key_source": "/etc/ssl/certs/letsencrypt/storage_cassandra_ro/privkey.pem"
*******************************************
+ Icinga2::Object::Service[storage-cassandra-ro http redirect on moma.softwareheritage.org] =>
parameters =>
"apply": false,
"assign": [
],
"check_command": "http",
"ensure": "present",
"export_to": [
"pergamon.softwareheritage.org"
],
"host_name": "moma.softwareheritage.org",
"ignore": [
],
"import": [
"generic-service"
],
"order": 60,
"prefix": false,
"service_name": "swh storage-cassandra-ro http redirect",
"target": "/etc/icinga2/zones.d/master/exported-checks.conf",
"template": false,
"vars": {
"http_address": "storage-cassandra-ro.softwareheritage.org",
"http_vhost": "storage-cassandra-ro.softwareheritage.org",
"http_port": 80,
"http_uri": "/"
}
*******************************************
+ Icinga2::Object::Service[swh-storage-cassandra-ro https certificate moma.softwareheritage.org] =>
parameters =>
"apply": false,
"assign": [
],
"check_command": "http",
"ensure": "present",
"export_to": [
"pergamon.softwareheritage.org"
],
"host_name": "moma.softwareheritage.org",
"ignore": [
],
"import": [
"generic-service"
],
"order": 60,
"prefix": false,
"service_name": "swh storage-cassandra-ro https certificate",
"target": "/etc/icinga2/zones.d/master/exported-checks.conf",
"template": false,
"vars": {
"http_address": "storage-cassandra-ro.softwareheritage.org",
"http_vhost": "storage-cassandra-ro.softwareheritage.org",
"http_port": 443,
"http_ssl": true,
"http_sni": true,
"http_certificate": 15
}
*******************************************
+ Icinga2::Object::Service[swh-storage-cassandra-ro https on moma.softwareheritage.org] =>
parameters =>
"apply": false,
"assign": [
],
"check_command": "http",
"ensure": "present",
"export_to": [
"pergamon.softwareheritage.org"
],
"host_name": "moma.softwareheritage.org",
"ignore": [
],
"import": [
"generic-service"
],
"order": 60,
"prefix": false,
"service_name": "swh storage-cassandra-ro",
"target": "/etc/icinga2/zones.d/master/exported-checks.conf",
"template": false,
"vars": {
"http_address": "storage-cassandra-ro.softwareheritage.org",
"http_vhost": "storage-cassandra-ro.softwareheritage.org",
"http_port": 443,
"http_ssl": true,
"http_sni": true,
"http_uri": "/",
"http_string": "Storage-cassandra-ro",
"http_onredirect": "sticky",
"http_expect": "401 Restricted"
}
*******************************************
+ Profile::Hitch::Ssl_cert[storage_cassandra_ro] =>
parameters =>
"ssl_cert_name": "storage_cassandra_ro"
*******************************************
+ Profile::Letsencrypt::Certificate[storage_cassandra_ro] =>
parameters =>
"basename": "storage_cassandra_ro",
"privkey_group": "root",
"privkey_mode": "0600",
"privkey_owner": "root",
"source_cert": "storage_cassandra_ro"
*******************************************
+ Profile::Varnish::Vcl_include[storage-cassandra-ro] =>
parameters =>
"basename": "storage-cassandra-ro",
"content": "# backend_default.vcl\n#\n# Default backend definition.\n#\n# Fi...
"order": "01"
*******************************************
+ Profile::Varnish::Vcl_include[vhost_storage-cassandra-ro.softwareheritage.org] =>
parameters =>
"basename": "vhost_storage-cassandra-ro.softwareheritage.org",
"content": "# vhost_storage-cassandra-ro.softwareheritage.org.vcl\n#\n# Sett...
"order": "50"
*******************************************
+ Profile::Varnish::Vhost[storage-cassandra-ro.softwareheritage.org] =>
parameters =>
"aliases": [
],
"backend_http_host": "storage-cassandra-ro.internal.softwareheritage.org",
"backend_http_port": "80",
"backend_name": "storage-cassandra-ro",
"basic_auth": false,
"hsts_max_age": 15768000,
"order": "50",
"servername": "storage-cassandra-ro.softwareheritage.org",
"websocket_support": false
*******************************************
+ Varnish::Vcl[/etc/varnish/includes/01_storage-cassandra-ro.vcl] =>
parameters =>
"content": "# backend_default.vcl\n#\n# Default backend definition.\n#\n# Fi...
"file": "/etc/varnish/includes/01_storage-cassandra-ro.vcl"
*******************************************
+ Varnish::Vcl[/etc/varnish/includes/50_vhost_storage-cassandra-ro.softwareheritage.org.vcl] =>
parameters =>
"content": "# vhost_storage-cassandra-ro.softwareheritage.org.vcl\n#\n# Sett...
"file": "/etc/varnish/includes/50_vhost_storage-cassandra-ro.softwareheritag...
*******************************************
*** End octocatalog-diff on moma.softwareheritage.org