launchpad-reviewers team mailing list archive
-
launchpad-reviewers team
-
Mailing list archive
-
Message #31248
[Merge] ~tushar5526/launchpad-mojo-specs/+git/private:use-noble-builders-for-boso3-riscv64 into ~launchpad/launchpad-mojo-specs/+git/private:master
Tushar Gupta has proposed merging ~tushar5526/launchpad-mojo-specs/+git/private:use-noble-builders-for-boso3-riscv64 into ~launchpad/launchpad-mojo-specs/+git/private:master.
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
For more details, see:
https://code.launchpad.net/~tushar5526/launchpad-mojo-specs/+git/private/+merge/470165
--
Your team Launchpad code reviewers is requested to review the proposed merge of ~tushar5526/launchpad-mojo-specs/+git/private:use-noble-builders-for-boso3-riscv64 into ~launchpad/launchpad-mojo-specs/+git/private:master.
diff --git a/configs/canonical-is-secgroups-production.yaml b/configs/canonical-is-secgroups-production.yaml
index f9bab64..e1c05df 100644
--- a/configs/canonical-is-secgroups-production.yaml
+++ b/configs/canonical-is-secgroups-production.yaml
@@ -1,29 +1,45 @@
all-units:
- bastions-ping
- bastions-ssh
+ - icmp
- is-prometheus
- is-vpn-ssh
- nagios
applications: {}
rules:
bastions-ping:
+ - {"protocol": "icmp", "family": "IPv4", "cidr": "10.131.0.169/32"}
- {"protocol": "icmp", "family": "IPv4", "cidr": "10.131.2.211/32"}
- {"protocol": "icmp", "family": "IPv4", "cidr": "91.189.90.46/32"}
+ - {"protocol": "ipv6-icmp", "family": "IPv6", "cidr": "2001:67c:1561:8003::11/128"}
+ - {"protocol": "icmp", "family": "IPv4", "cidr": "10.130.64.19/32"}
bastions-ssh:
- {"protocol": "tcp", "family": "IPv4", "port": 22, "cidr": "91.189.90.46/32"}
- {"protocol": "tcp", "family": "IPv4", "port": 22, "cidr": "10.131.0.169/32"}
+ - {"protocol": "tcp", "family": "IPv4", "port": 22, "cidr": "10.130.64.19/32"}
+ icmp:
+ # Since we're allowing ICMPv6, we should allow ICMP in
+ # general, mainly for path MTU and useful for network
+ # troubleshooting. We can control/block on the NGFWs.
+ - {"protocol": "icmp", "family": "IPv4", "cidr": "0.0.0.0/0"}
+ # Don't want to block ICMPv6 otherwise things may break.
+ - {"protocol": "ipv6-icmp", "family": "IPv6", "cidr": "::/0"}
is-prometheus:
+ # 3FP
+ - {"protocol": "tcp", "family": "IPv4", "port": 9103, "cidr": "91.189.94.59/32"}
- {"protocol": "tcp", "family": "IPv4", "port": 9103, "cidr": "91.189.94.60/32"}
- - {"protocol": "tcp", "family": "IPv4", "port": 9103, "cidr": "91.189.95.24/32"}
+ - {"protocol": "tcp", "family": "IPv6", "port": 9103, "cidr": "2001:67c:1561:8008::13/128"}
+ - {"protocol": "tcp", "family": "IPv6", "port": 9103, "cidr": "2001:67c:1561:8008::14/128"}
+ # IL3
+ - {"protocol": "tcp", "family": "IPv4", "port": 9103, "cidr": "185.125.190.67/32"}
+ - {"protocol": "tcp", "family": "IPv4", "port": 9103, "cidr": "185.125.190.68/32"}
+ - {"protocol": "tcp", "family": "IPv6", "port": 9103, "cidr": "2620:2d:4000:1::67/128"}
+ - {"protocol": "tcp", "family": "IPv6", "port": 9103, "cidr": "2620:2d:4000:1::68/128"}
is-vpn-ssh:
- {"protocol": "tcp", "family": "IPv4", "port": 22, "cidr": "10.172.62.0/23"}
- {"protocol": "tcp", "family": "IPv4", "port": 22, "cidr": "10.172.126.0/23"}
- {"protocol": "tcp", "family": "IPv4", "port": 22, "cidr": "10.172.190.0/23"}
- {"protocol": "tcp", "family": "IPv4", "port": 22, "cidr": "10.172.254.0/23"}
- - {"protocol": "tcp", "family": "IPv6", "port": 22, "cidr": "2001:67c:1562:8007::aac:3e00/119"}
- - {"protocol": "tcp", "family": "IPv6", "port": 22, "cidr": "2001:67c:1562:8007::aac:7e00/119"}
- - {"protocol": "tcp", "family": "IPv6", "port": 22, "cidr": "2001:67c:1561:8007::aac:be00/119"}
- - {"protocol": "tcp", "family": "IPv6", "port": 22, "cidr": "2001:67c:1560:8007::aac:fe00/119"}
nagios:
- {"protocol": "tcp", "family": "IPv4", "port": 873, "cidr": "10.131.2.211/32"}
- {"protocol": "tcp", "family": "IPv4", "port": 873, "cidr": "91.189.90.46/32"}
diff --git a/utils/utils.py b/utils/utils.py
index d09683d..724196d 100644
--- a/utils/utils.py
+++ b/utils/utils.py
@@ -70,8 +70,10 @@ def mojo_run(*args, **kwargs):
def juju_status(service_name=''):
- juju_status = run(
- None, ['juju', 'status', '--format', 'json', service_name])
+ cmd = ['juju', 'status', '--format', 'json']
+ if service_name:
+ cmd.append(service_name)
+ juju_status = run(None, cmd)
return json.loads(juju_status)
diff --git a/vbuilder/bundle.yaml b/vbuilder/bundle.yaml
new file mode 100644
index 0000000..e906d64
--- /dev/null
+++ b/vbuilder/bundle.yaml
@@ -0,0 +1,662 @@
+{%- set log_hosts_allow = "carob.canonical.com launchpad-bastion-ps5.internal" %}
+
+{%- if stage_name == "production" %}
+{%- set clamav_database_url = "http://clamav-database-mirror.lp.internal/" %}
+{%- set content_id_template = "launchpad-buildd:production" %}
+{%- set dns_update_host_bos01 = "10.189.0.2" %}
+{%- set dns_update_host_bos02 = "10.189.128.2" %}
+{%- set dns_update_host_bos03 = "10.189.128.2" %}
+{%- set dns_update_host_lcy02 = "10.131.53.11 10.131.53.12 10.131.53.13" %}
+{%- set dns_update_key_name = "vbuilder-manage" %}
+{%- set domain_bos01 = "vbuilder.bos01.scalingstack" %}
+{%- set domain_bos02 = "vbuilder.bos02.scalingstack" %}
+{%- set domain_bos03 = "vbuilder.bos03.scalingstack" %}
+{%- set domain_lcy02 = "vbuilder.lcy02.scalingstack" %}
+{%- set extra_constraints = "root-disk-source=volume" %}
+{%- set gss_series = "focal|jammy" %}
+{%- set instance_key_name_bos01 = "vbuilder-manage-bos01" %}
+{%- set instance_key_name_bos02 = "vbuilder-manage-bos02" %}
+{%- set instance_key_name_bos03 = "vbuilder-manage-bos03" %}
+{%- set instance_key_name_lcy02 = "vbuilder-manage-lcy02" %}
+{%- set instance_network_bos01 = "10.189.16.0/20" %}
+{%- set instance_network_bos02 = "10.189.144.0/20" %}
+{%- set instance_network_bos03 = "10.143.0.0/20" %}
+{%- set instance_network_lcy02 = "10.133.0.0/16" %}
+{%- set instance_router = "vbuilder_router" %}
+{%- set instance_router_bos03 = "router_launchpad-vbuilder-production" %}
+{%- set instance_router_lcy02 = "router_launchpad-vbuilder-production" %}
+{#- Output of "openstack image show -c id -f value qemu-riscv64-uboot". #}
+{%- set kernel_id_bos03_riscv64 = "c5015509-91c3-4684-80cc-b8a2ef44c8b5" %}
+{%- set launchpad_buildd_repository = "ppa:launchpad/buildd" %}
+{%- set lp_buildd_managers = "10.131.66.156 10.131.215.202" %}
+{%- set lp_environment = "production" %}
+{%- set lp_sshkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQD3tBvyEaZFX8H4krfXGhczq9q/GCfcE0kpsjK8WzM/lQOhWQAVSmm8O9gposKvu4mT28hBWI746+NOPLBrf9ax7YRoU+ZuZesyIIK6ztN07G4aK2vt+1W9yNZKgTJZ8FvxHwlbFy6wMjMP3OzuxWyh0yi03z1YiGPJt0riJRZT+QecaoyYhkTuRbcCoWbhmM0veUjCvfR7LA43YbOfmts7STNCtl1IUJErmUY6fSR1LkyF9uJSdwozAVht242vI8Yg+PrOnKCx3X5w546okP2uMDVXKWeY2g/MhUSr+ZyIaS2JxUygZ7FKS4gNLYb3O4Q6tcIwPE++zsr9HueTfjw2LyeQTZQDQjuv0kJ40B3IFF4E9FMzu8MDwArOKUGzISLrX5VtDZBKINDclfDbrFWHUlVBC2CIIjGPKj3afluP9jadWjsOQx0ooBO0tb0Se+7t3oNjKlknwD85AYCPzIlZt7wo/+e/V/Tilw+UUf00JioEceTdxuOHmbuxP5RzCleg8pYLfe5jiHfBJi0DhO61IYlFMgSToh78EShHWYEdSbD+Ve5GWKvPEU9CsSTleSSqBFdhyggfB5fHiup0efAqMnstDn5sxGYFzfFu7SNVHkMuFeiRHZK+9fF/nfzk0UK5EaGs+4IMhWS1ns8m5O5Li609c/nXK5t5fBOkiWa+RQ== lp_buildd@juju-4112d9-prod-launchpad-manual-servers-4" %}
+{%- set modifiers_bos01 = '{"arm64": "10.43.0.29", "ppc64el": "10.43.0.36", "s390x": "10.43.0.39"}' %}
+{%- set modifiers_bos02 = '{"arm64": "10.44.0.22", "ppc64el": "10.44.0.20", "s390x": "10.44.0.18"}' %}
+{%- set modifiers_bos03 = '{"arm64": "10.143.254.129", "riscv64": "10.143.254.223"}' %}
+{%- set name_prefix = "launchpad-buildd" %}
+{%- set openstack_tenant_name = "vbuilder_project" %}
+{%- set openstack_tenant_name_bos03 = "launchpad-vbuilder-production_project" %}
+{%- set openstack_tenant_name_lcy02 = "launchpad-vbuilder-production_project" %}
+{%- set openstack_username = "vbuilder" %}
+{%- set openstack_username_bos03 = "launchpad-vbuilder-production" %}
+{%- set openstack_username_lcy02 = "launchpad-vbuilder-production" %}
+{%- set vbuilders_bos01 = {"amd64": {"series": "focal", "flavor": "vbuilder-gpu", "count": 5}, "arm64": {"series": "focal", "count": 40, "config_drive": false}, "arm64-gpu": {"arch_base": "arm64", "arch_suffix": "-gpu", "series": "focal", "flavor": "vbuilder-nvidia-l4", "count": 2, "config_drive": false}, "ppc64el": {"series": "focal", "count": 20}, "s390x": {"series": "focal", "count": 20}} %}
+{%- set vbuilders_bos02 = {"arm64": {"series": "focal", "count": 80, "config_drive": false}, "ppc64el": {"series": "focal", "count": 30}, "s390x": {"series": "focal", "count": 20}} %}
+{%- set vbuilders_bos03 = {"amd64": {"series": "focal", "count": 60}, "arm64": {"series": "focal", "count": 120, "config_drive": false, "flavor": "vbuilder-arm64"}, "riscv64": {"series": "jammy", "count": 60, "config_drive": false}} %}
+{%- set vbuilders_lcy02 = {"amd64": {"series": "focal", "count": 120}} %}
+{%- set vbuilder_prefix = "" %}
+{%- elif stage_name == "staging" %}
+{#- This environment is confusingly named, and is actually connected to Launchpad dogfood. #}
+{%- set clamav_database_url = "http://clamav-database-mirror.staging.lp.internal/" %}
+{%- set content_id_template = "launchpad-buildd:staging" %}
+{%- set dns_update_host_bos01 = "10.189.0.2" %}
+{%- set dns_update_host_bos02 = "10.189.128.2" %}
+{%- set dns_update_host_bos03 = "10.189.128.2" %}
+{%- set dns_update_host_lcy02 = "10.132.31.11 10.132.31.12 10.132.31.13" %}
+{%- set dns_update_key_name = "vbuilder-staging-manage" %}
+{%- set domain_bos01 = "vbuilder.staging.bos01.scalingstack" %}
+{%- set domain_bos02 = "vbuilder.staging.bos02.scalingstack" %}
+{%- set domain_bos03 = "vbuilder.staging.bos03.scalingstack" %}
+{%- set domain_lcy02 = "vbuilder.staging.lcy02.scalingstack" %}
+{%- set extra_constraints = "" %}
+{%- set gss_series = "focal|jammy" %}
+{%- set instance_key_name_bos01 = "ppa-manage-test" %}
+{%- set instance_key_name_bos02 = "ppa-manage-test" %}
+{%- set instance_key_name_bos03 = "ppa-manage-test" %}
+{%- set instance_key_name_lcy02 = "ppa-manage-test" %}
+{%- set instance_network_bos01 = "10.189.34.0/24" %}
+{%- set instance_network_bos02 = "10.189.162.0/23" %}
+{%- set instance_network_bos03 = "10.144.2.0/23" %}
+{%- set instance_network_lcy02 = "10.134.2.0/23" %}
+{%- set instance_router = "vbuilder_staging_router" %}
+{%- set instance_router_bos03 = "router_launchpad-vbuilder-staging" %}
+{%- set instance_router_lcy02 = "router_launchpad-vbuilder-staging" %}
+{%- set launchpad_buildd_repository = "ppa:launchpad/buildd-staging" %}
+{%- set lp_buildd_managers = "91.189.90.132" %}
+{%- set lp_environment = "dogfood" %}
+{%- set lp_sshkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB3Qw9541hRDiGVLGxZm/afNsCirlM6Wa2/VkdU22KQfVu579+ek8fdgvR/si7UOTDgE4j7DGuJW+pk7z6T08Iy5feaI3JpnZV7PX0Qp8CilrcTNWPL1eBoq5HcYDzl+zyXT341l7GBFhwYQ50sF3hq0RV0XvUwxfheyBtdmzkiVE1LXT7kdFvXtxe0fR9ypw+NuMRqqFyZ9w3tee7zclDw1cCcnDf6vmIXbYLF9yNZOQQhwYQFFgIUepdkUg2onyhYXWKj8mooFVGne0WPVTJ5Sz805soh9SuUGGgpTh70EtgpJ1nxSWGtIWUtNc6mSGdZzGtgVTnbDk04J4FrVX3Bu8yetlQbNPPYuxdqaZP1anoKmgtCIhfe+xCkim5YLc+WZXVRGvk6apCLXMnj9ZhRE7fCKQO/F+aNPCONv0gUVncxuWAyiqdRuilqSA7VTEMYTv7pIYSNOjpD5eMIX2wGkYTjEXopGJouUH2nOXlhsGgssmMepSVJhOJKY1Cfq0ND4ydoDd2Mz1Yj+Us9HToqJU6DD1sAIKOV05fBqVsJEJbctI2vpRY/R1nCBySpM4KpzgkCQWwjkjR8h2/nuwDtyMsJe/BdBuDyRwJGnBLNgBUg+tnWl9yePz/ZXVGrAI7gPuc9DIiuKEvEmiO3o9yfRRjsFMWGIk2y/Hfa01V7w== launchpad@labbu" %}
+{%- set modifiers_bos01 = '{"arm64": "10.43.0.10", "ppc64el": "10.43.0.23", "s390x": "10.43.0.15"}' %}
+{%- set modifiers_bos02 = '{"arm64": "10.44.0.13", "ppc64el": "10.44.0.19", "s390x": "10.44.0.14"}' %}
+{%- set name_prefix = "launchpad-buildd-staging" %}
+{%- set openstack_tenant_name = "vbuilder_staging_project" %}
+{%- set openstack_tenant_name_bos03 = "launchpad-vbuilder-staging_project" %}
+{%- set openstack_tenant_name_lcy02 = "launchpad-vbuilder-staging_project" %}
+{%- set openstack_username = "vbuilder_staging" %}
+{%- set openstack_username_bos03 = "launchpad-vbuilder-staging" %}
+{%- set openstack_username_lcy02 = "launchpad-vbuilder-staging" %}
+{%- set vbuilders_bos01 = {"amd64": {"series": "jammy", "flavor": "vbuilder-gpu", "count": 1}, "arm64": {"series": "jammy", "count": 1, "config_drive": false}, "arm64-gpu": {"arch_base": "arm64", "arch_suffix": "-gpu", "series": "jammy", "flavor": "vbuilder-nvidia-l4", "count": 1, "config_drive": false}, "ppc64el": {"series": "jammy", "count": 1}, "s390x": {"series": "jammy", "count": 1}} %}
+{%- set vbuilders_bos02 = {"arm64": {"series": "jammy", "count": 1, "config_drive": false}, "ppc64el": {"series": "jammy", "count": 1}, "s390x": {"series": "jammy", "count": 1}} %}
+{%- set vbuilders_bos03 = {"amd64": {"series": "jammy", "count": 4}} %}
+{%- set vbuilders_lcy02 = {"amd64": {"series": "jammy", "count": 4}} %}
+{%- set vbuilder_prefix = "dogfood-" %}
+{%- elif stage_name == "qastaging" %}
+{%- set clamav_database_url = "http://clamav-database-mirror.staging.lp.internal/" %}
+{%- set content_id_template = "launchpad-buildd:qastaging" %}
+{%- set dns_update_host_bos01 = "10.189.0.2" %}
+{%- set dns_update_host_bos02 = "10.189.128.2" %}
+{%- set dns_update_host_bos03 = "10.189.128.2" %}
+{%- set dns_update_host_lcy02 = "10.132.31.11 10.132.31.12 10.132.31.13" %}
+{%- set dns_update_key_name = "vbuilder-staging-manage" %}
+{%- set domain_bos01 = "vbuilder.qastaging.bos01.scalingstack" %}
+{%- set domain_bos02 = "vbuilder.qastaging.bos02.scalingstack" %}
+{%- set domain_bos03 = "vbuilder.qastaging.bos03.scalingstack" %}
+{%- set domain_lcy02 = "vbuilder.qastaging.lcy02.scalingstack" %}
+{%- set extra_constraints = "" %}
+{%- set gss_series = "focal|jammy|noble" %}
+{%- set instance_key_name_bos01 = "ppa-manage-test-qastaging" %}
+{%- set instance_key_name_bos02 = "ppa-manage-test-qastaging" %}
+{%- set instance_key_name_bos03 = "ppa-manage-test-qastaging" %}
+{%- set instance_key_name_lcy02 = "ppa-manage-test-qastaging" %}
+{%- set instance_network_bos01 = "10.189.36.0/24" %}
+{%- set instance_network_bos02 = "10.189.164.0/23" %}
+{%- set instance_network_bos03 = "10.144.4.0/23" %}
+{%- set instance_network_lcy02 = "10.134.4.0/23" %}
+{%- set instance_router = "vbuilder_staging_router" %}
+{%- set instance_router_bos03 = "router_launchpad-vbuilder-staging" %}
+{%- set instance_router_lcy02 = "router_launchpad-vbuilder-staging" %}
+{#- Output of "openstack image show -c id -f value qemu-riscv64-uboot". #}
+{%- set kernel_id_bos03_riscv64 = "bcbb013b-9424-4f61-9fda-6374d29d3ee0" %}
+{%- set launchpad_buildd_repository = "ppa:launchpad/buildd-staging" %}
+{%- set lp_buildd_managers = "10.132.54.242" %}
+{%- set lp_environment = "qastaging" %}
+{%- set lp_sshkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFrjt0yytzrK9fQuG+6VgE6QStUbDmunlN7+Lv5XhmoL stg-launchpad@launchpad-bastion-ps5" %}
+{%- set modifiers_bos01 = '{"arm64": "10.43.0.10", "ppc64el": "10.43.0.23", "s390x": "10.43.0.15"}' %}
+{%- set modifiers_bos02 = '{"arm64": "10.44.0.13", "ppc64el": "10.44.0.19", "s390x": "10.44.0.14"}' %}
+{%- set modifiers_bos03 = '{"amd64": "10.144.0.206", "arm64": "10.144.0.127", "riscv64": "10.144.0.114"}' %}
+{%- set name_prefix = "launchpad-buildd-qastaging" %}
+{%- set openstack_tenant_name = "vbuilder_staging_project" %}
+{%- set openstack_tenant_name_bos03 = "launchpad-vbuilder-staging_project" %}
+{%- set openstack_tenant_name_lcy02 = "launchpad-vbuilder-staging_project" %}
+{%- set openstack_username = "vbuilder_staging" %}
+{%- set openstack_username_bos03 = "launchpad-vbuilder-staging" %}
+{%- set openstack_username_lcy02 = "launchpad-vbuilder-staging" %}
+{%- set vbuilders_bos01 = {"amd64": {"series": "focal", "flavor": "vbuilder-gpu", "count": 1}, "arm64": {"series": "focal", "count": 1, "config_drive": false}, "arm64-gpu": {"arch_base": "arm64", "arch_suffix": "-gpu", "series": "focal", "flavor": "vbuilder-nvidia-l4", "count": 1, "config_drive": false}, "ppc64el": {"series": "focal", "count": 1}, "s390x": {"series": "focal", "count": 1}} %}
+{%- set vbuilders_bos02 = {"arm64": {"series": "focal", "count": 1, "config_drive": false}, "ppc64el": {"series": "focal", "count": 1}, "s390x": {"series": "focal", "count": 1}} %}
+{%- set vbuilders_bos03 = {"amd64": {"series": "focal", "count": 4}, "amd64-gpu": {"arch_base": "amd64", "arch_suffix": "-gpu", "series": "focal", "flavor": "vbuilder-gpu", "count": 1}, "arm64": {"series": "focal", "count": 1, "config_drive": false, "flavor": "vbuilder-arm64"}, "riscv64": {"series": "noble", "count": 1, "config_drive": false}} %}
+{%- set vbuilders_lcy02 = {"amd64": {"series": "focal", "count": 4}} %}
+{%- set vbuilder_prefix = "qastaging-" %}
+{%- endif %}
+
+{%- macro vbuilder_hostnames(prefix, count) %}
+{%- set hostname_sep = joiner(", ") -%}
+[{% for i in range(1, count + 1) -%}
+{{ hostname_sep() }}"{{ prefix }}-{{ "%03d" % i }}"
+{%- endfor %}]
+{%- endmacro %}
+
+{%- macro vbuilders(region, arches) %}
+{%- set arch_sep = joiner(", ") -%}
+[{% for arch, properties in arches|dictsort -%}
+{{ arch_sep() }}{"image_name_prefix": "{{ name_prefix }}{{ properties.get('arch_suffix', '') }}/ubuntu-{{ properties['series'] }}-daily-{{ properties.get('arch_base', arch) }}-", "instance_flavor": "{{ properties.get('flavor', 'vbuilder') }}", "hostnames": {{ vbuilder_hostnames("%s%s-%s" % (vbuilder_prefix, region, arch), properties['count']) }}, "config_drive": {{ properties.get('config_drive', True)|tojson }}}
+{%- endfor %}]
+{%- endmacro -%}
+
+series: "{{ series }}"
+applications:
+ rabbitmq-server:
+ charm: ch:rabbitmq-server
+ constraints: "cores=2 mem=8G root-disk=20G {{ extra_constraints }}"
+ num_units: 2
+ glance-simplestreams-sync-bos01-amd64:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}"
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 3, item_filters: ["release~({{ gss_series }})", "arch~(x86_64|amd64)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "http://keystone.infra.bos01.scalingstack:5000/v3"
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name }}"
+ openstack-username: "{{ openstack_username }}"
+ region: scalingstack-bos01
+ use_swift: false
+ visibility: private
+ glance-simplestreams-sync-bos01-arm64:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}"
+ custom_properties: 'hypervisor_type=kvm hw_firmware_type=uefi'
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 2, item_filters: ["release~({{ gss_series }})", "arch~(arm64|aarch64)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "http://keystone.infra.bos01.scalingstack:5000/v3"
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name }}"
+ openstack-username: "{{ openstack_username }}"
+ region: scalingstack-bos01
+ use_swift: false
+ visibility: private
+ glance-simplestreams-sync-bos01-arm64-gpu:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}:gpu"
+ custom_properties: 'hypervisor_type=kvm hw_firmware_type=uefi'
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 2, item_filters: ["release~({{ gss_series }})", "arch~(arm64|aarch64)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}-gpu/"
+ openstack-auth-url: "http://keystone.infra.bos01.scalingstack:5000/v3"
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name }}"
+ openstack-username: "{{ openstack_username }}"
+ region: scalingstack-bos01
+ use_swift: false
+ visibility: private
+ glance-simplestreams-sync-bos01-ppc64el:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}"
+ custom_properties: 'hypervisor_type=kvm'
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 2, item_filters: ["release~({{ gss_series }})", "arch~(ppc64el)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "http://keystone.infra.bos01.scalingstack:5000/v3"
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name }}"
+ openstack-username: "{{ openstack_username }}"
+ region: scalingstack-bos01
+ use_swift: false
+ visibility: private
+ glance-simplestreams-sync-bos01-s390x:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}"
+ custom_properties: 'hypervisor_type=kvm'
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 3, item_filters: ["release~({{ gss_series }})", "arch~(s390x)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "http://keystone.infra.bos01.scalingstack:5000/v3"
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name }}"
+ openstack-username: "{{ openstack_username }}"
+ region: scalingstack-bos01
+ use_swift: false
+ visibility: private
+ glance-simplestreams-sync-bos02-arm64:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}"
+ custom_properties: 'hypervisor_type=kvm hw_firmware_type=uefi'
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 2, item_filters: ["release~({{ gss_series }})", "arch~(arm64|aarch64)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "http://keystone.infra.bos02.scalingstack:5000/v2.0"
+ openstack-tenant-name: "{{ openstack_tenant_name }}"
+ openstack-username: "{{ openstack_username }}"
+ region: scalingstack-bos02
+ use_swift: false
+ visibility: private
+ glance-simplestreams-sync-bos02-ppc64el:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}"
+ custom_properties: 'hypervisor_type=kvm'
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 2, item_filters: ["release~({{ gss_series }})", "arch~(ppc64el)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "http://keystone.infra.bos02.scalingstack:5000/v2.0"
+ openstack-tenant-name: "{{ openstack_tenant_name }}"
+ openstack-username: "{{ openstack_username }}"
+ region: scalingstack-bos02
+ use_swift: false
+ visibility: private
+ glance-simplestreams-sync-bos02-s390x:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}"
+ custom_properties: 'hypervisor_type=kvm'
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 3, item_filters: ["release~({{ gss_series }})", "arch~(s390x)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "http://keystone.infra.bos02.scalingstack:5000/v2.0"
+ openstack-tenant-name: "{{ openstack_tenant_name }}"
+ openstack-username: "{{ openstack_username }}"
+ region: scalingstack-bos02
+ use_swift: false
+ visibility: private
+ glance-simplestreams-sync-bos03-amd64:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}"
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 3, item_filters: ["release~({{ gss_series }})", "arch~(x86_64|amd64)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "https://keystone.ps6.canonical.com:5000/v3"
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name_bos03 }}"
+ openstack-username: "{{ openstack_username_bos03 }}"
+ region: scalingstack-bos03
+ use_swift: false
+ visibility: private
+ glance-simplestreams-sync-bos03-amd64-gpu:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}:gpu"
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 3, item_filters: ["release~({{ gss_series }})", "arch~(x86_64|amd64)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}-gpu/"
+ openstack-auth-url: "https://keystone.ps6.canonical.com:5000/v3"
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name_bos03 }}"
+ openstack-username: "{{ openstack_username_bos03 }}"
+ region: scalingstack-bos03
+ use_swift: false
+ visibility: private
+ glance-simplestreams-sync-bos03-arm64:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}"
+ custom_properties: "hypervisor_type=kvm hw_firmware_type=uefi"
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 3, item_filters: ["release~({{ gss_series }})", "arch~(arm64|aarch64)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "https://keystone.ps6.canonical.com:5000/v3"
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name_bos03 }}"
+ openstack-username: "{{ openstack_username_bos03 }}"
+ region: scalingstack-bos03
+ use_swift: false
+ visibility: private
+{%- if stage_name in ("production", "qastaging") %}
+ glance-simplestreams-sync-bos03-riscv64:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}"
+ custom_properties: "hw_emulation_architecture=riscv64 hw_machine_type=virt kernel_id={{ kernel_id_bos03_riscv64 }}"
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 3, item_filters: ["release~({{ gss_series }})", "arch~(riscv64)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "https://keystone.ps6.canonical.com:5000/v3"
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name_bos03 }}"
+ openstack-username: "{{ openstack_username_bos03 }}"
+ region: scalingstack-bos03
+ use_swift: false
+ visibility: private
+{%- endif %}
+ glance-simplestreams-sync-lcy02-amd64:
+ charm: {{ charm_dir }}/glance-simplestreams-sync
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ content_id_template: "{{ content_id_template }}"
+ mirror_list: |-
+ [{url: "http://cloud-images.ubuntu.com/daily/", name_prefix: "ubuntu:released", path: "streams/v1/index.sjson", max: 3, item_filters: ["release~({{ gss_series }})", "arch~(x86_64|amd64)", "ftype~(disk1.img|disk.img)"]}]
+ name_prefix: "{{ name_prefix }}/"
+ openstack-auth-url: "https://keystone.ps5.canonical.com:5000/v3"
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name_lcy02 }}"
+ openstack-username: "{{ openstack_username_lcy02 }}"
+ region: scalingstack-lcy02
+ use_swift: false
+ visibility: private
+ launchpad-buildd-image-modifier-amd64:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false"
+ launchpad-buildd-image-modifier-bos01-amd64:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ extra-keys: "-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v2\n\nmI0ESUm55wEEALrxow0PCnGeCAebH9g5+wtZBfXZdx2vZts+XsTTHxDRsMNgMC9b\n0klCgbydvkmF9WCphCjQ61Wp/Bh0C7DSXVCpA/xs55QB5VCUceIMZCbMTPq1h7Ht\ncA1f+o6+OCPUntErG6eGize6kGhdjBNPOT+q4BSIL69rPuwfM9ZyAYcBABEBAAG0\nJkxhdW5jaHBhZCBQUEEgZm9yIExhdW5jaHBhZCBEZXZlbG9wZXJziLYEEwECACAF\nAklJuecCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAtH/tsClF0rxsQA/0Q\nw0Yk+xIA1xibyf+UCF9/4fXzdo/tr76qxPRyFiv0uLbFOmW6t26jzpWBHocCHcCU\n57l7rlcEzIHFMcS9Ol6MughP4lhywf9ceeqg2SD6AXjZ0iFarwkueTcHwff5j0lG\nIzzCUVTYJ+m79f/r0dfctL2DwnX7JnT/41mEuR1qbokBHAQQAQIABgUCTB7s7wAK\nCRDFXO8hUqH8T94pCACxl/Gdo82N01H82HvNBa8zQFixNQIwNJN/VxH3WfRvissW\nOMTJnTnNOQErxUhqHrasvZf3djNoHeKRNToTTBaGiEwoySmEK05i4Toq74jWAOs6\nflD2S8natWbobK5V+B2pXZl5g/4Ay21C3H1sZlUxDCcOH9Jh8/0feAZHoSQ/V1Xa\nrEPb+TGdV0hP3Yp7+nIT91sYkj566kA8fjoxJrY/EvXGn98bhYMbMNbtS1Z0WeGp\nzG2hiL6wLSLBxz4Ae9MShOMwNyC1zmr/d1wlF0Efx1N9HaRtRq2s/zqH+ebB7Sr+\nV+SquObb0qr4eAjtslN5BxWROhf+wZM6WJO0Z6nBiQEcBBABAgAGBQJTHvsiAAoJ\nEIngjfAzAr5Z8y4H/jltxz5OwHIDoiXsyWnpjO1SZUV6I6evKpSD7huYtd7MwFZC\n0CgExsPPqLNQCUxITR+9jlqofi/QsTwP7Qq55VmIrKLrZ9KCK1qBnMa/YEXi6TeK\n65lnyN6lNOdzhcsBm3s1/U9ewWp1vsw4UAclmu6tI8GUko+e32K1QjMtIjeVejQl\nJCYDjuxfHhcFWyRo0TWu24F6VD3YxBHpne/M00yd2mLLpHdQrxw/vbvVhZkRDutQ\nemKRA81ZM2WZ1iqYOXtEs5VrD/PtU0nvSAowgeWBmcOwWn3Om+pVsnSoFo46CDvo\nC6YXOWMOMFIxfVhPWqlBkWQsnXFzgk/Xyo4vlTY=\n=Wq6H\n-----END PGP PUBLIC KEY BLOCK-----"
+ extra-packages: "nvidia-headless-525-grid nvidia-utils-525-grid"
+ # extra-sources must also be set in the secrets file, to add
+ # ppa:launchpad/ubuntu/buildd-gpu; that requires an authentication
+ # token.
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false"
+ launchpad-buildd-image-modifier-bos01-arm64:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false compat_uts_machine=armv7l"
+ remote-modifiers: '{{ modifiers_bos01 }}'
+ remote-modifier-private-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder
+ remote-modifier-public-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder.pub
+ launchpad-buildd-image-modifier-bos01-arm64-gpu:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ extra-packages: "nvidia-headless-525-server nvidia-utils-525-server"
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false compat_uts_machine=armv7l"
+ remote-modifiers: '{{ modifiers_bos01 }}'
+ remote-modifier-private-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder
+ remote-modifier-public-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder.pub
+ launchpad-buildd-image-modifier-bos01-ppc64el:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false"
+ remote-modifiers: '{{ modifiers_bos01 }}'
+ remote-modifier-private-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder
+ remote-modifier-public-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder.pub
+ launchpad-buildd-image-modifier-bos01-s390x:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false"
+ remote-modifiers: '{{ modifiers_bos01 }}'
+ remote-modifier-private-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder
+ remote-modifier-public-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder.pub
+ launchpad-buildd-image-modifier-bos02-arm64:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false compat_uts_machine=armv7l"
+ remote-modifiers: '{{ modifiers_bos02 }}'
+ remote-modifier-private-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder
+ remote-modifier-public-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder.pub
+ launchpad-buildd-image-modifier-bos02-ppc64el:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false"
+ remote-modifiers: '{{ modifiers_bos02 }}'
+ remote-modifier-private-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder
+ remote-modifier-public-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder.pub
+ launchpad-buildd-image-modifier-bos02-s390x:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false"
+ remote-modifiers: '{{ modifiers_bos02 }}'
+ remote-modifier-private-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder
+ remote-modifier-public-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder.pub
+ launchpad-buildd-image-modifier-bos03-amd64:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false"
+ launchpad-buildd-image-modifier-bos03-amd64-gpu:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ # We use here `-grid` instead of `-server` due to compatibility with
+ # amd64 (see https://launchpad.net/~launchpad/+archive/ubuntu/buildd-gpu)
+ extra-keys: "-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v2\n\nmI0ESUm55wEEALrxow0PCnGeCAebH9g5+wtZBfXZdx2vZts+XsTTHxDRsMNgMC9b\n0klCgbydvkmF9WCphCjQ61Wp/Bh0C7DSXVCpA/xs55QB5VCUceIMZCbMTPq1h7Ht\ncA1f+o6+OCPUntErG6eGize6kGhdjBNPOT+q4BSIL69rPuwfM9ZyAYcBABEBAAG0\nJkxhdW5jaHBhZCBQUEEgZm9yIExhdW5jaHBhZCBEZXZlbG9wZXJziLYEEwECACAF\nAklJuecCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAtH/tsClF0rxsQA/0Q\nw0Yk+xIA1xibyf+UCF9/4fXzdo/tr76qxPRyFiv0uLbFOmW6t26jzpWBHocCHcCU\n57l7rlcEzIHFMcS9Ol6MughP4lhywf9ceeqg2SD6AXjZ0iFarwkueTcHwff5j0lG\nIzzCUVTYJ+m79f/r0dfctL2DwnX7JnT/41mEuR1qbokBHAQQAQIABgUCTB7s7wAK\nCRDFXO8hUqH8T94pCACxl/Gdo82N01H82HvNBa8zQFixNQIwNJN/VxH3WfRvissW\nOMTJnTnNOQErxUhqHrasvZf3djNoHeKRNToTTBaGiEwoySmEK05i4Toq74jWAOs6\nflD2S8natWbobK5V+B2pXZl5g/4Ay21C3H1sZlUxDCcOH9Jh8/0feAZHoSQ/V1Xa\nrEPb+TGdV0hP3Yp7+nIT91sYkj566kA8fjoxJrY/EvXGn98bhYMbMNbtS1Z0WeGp\nzG2hiL6wLSLBxz4Ae9MShOMwNyC1zmr/d1wlF0Efx1N9HaRtRq2s/zqH+ebB7Sr+\nV+SquObb0qr4eAjtslN5BxWROhf+wZM6WJO0Z6nBiQEcBBABAgAGBQJTHvsiAAoJ\nEIngjfAzAr5Z8y4H/jltxz5OwHIDoiXsyWnpjO1SZUV6I6evKpSD7huYtd7MwFZC\n0CgExsPPqLNQCUxITR+9jlqofi/QsTwP7Qq55VmIrKLrZ9KCK1qBnMa/YEXi6TeK\n65lnyN6lNOdzhcsBm3s1/U9ewWp1vsw4UAclmu6tI8GUko+e32K1QjMtIjeVejQl\nJCYDjuxfHhcFWyRo0TWu24F6VD3YxBHpne/M00yd2mLLpHdQrxw/vbvVhZkRDutQ\nemKRA81ZM2WZ1iqYOXtEs5VrD/PtU0nvSAowgeWBmcOwWn3Om+pVsnSoFo46CDvo\nC6YXOWMOMFIxfVhPWqlBkWQsnXFzgk/Xyo4vlTY=\n=Wq6H\n-----END PGP PUBLIC KEY BLOCK-----"
+ extra-packages: "nvidia-headless-535-grid nvidia-utils-535-grid"
+ # extra-sources must also be set in the secrets file, to add
+ # ppa:launchpad/ubuntu/buildd-gpu; that requires an authentication
+ # token.
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false"
+ launchpad-buildd-image-modifier-bos03-arm64:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false compat_uts_machine=armv7l"
+ remote-modifiers: '{{ modifiers_bos03 }}'
+ remote-modifier-private-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder
+ remote-modifier-public-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder.pub
+{%- if stage_name in ("production", "qastaging") %}
+ launchpad-buildd-image-modifier-bos03-riscv64:
+ charm: {{ charm_dir }}/launchpad-buildd-image-modifier
+ options:
+ clamav-database-url: "{{ clamav_database_url }}"
+ launchpad-buildd-repository: "{{ launchpad_buildd_repository }}"
+ linux-command-line-extra: "systemd.unified_cgroup_hierarchy=false"
+ # XXX cjwatson 2023-11-15: jammy defaults to 5.0/stable, which has
+ # some race conditions affecting Launchpad builds. Change this to a
+ # more stable channel (e.g. 5.20/stable) once one exists that contains
+ # https://github.com/canonical/lxd/pull/12530.
+ lxd-channel: "latest/candidate"
+ remote-modifiers: '{{ modifiers_bos03 }}'
+ remote-modifier-private-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder
+ remote-modifier-public-key: include-base64://{{ local_dir }}/id_rsa.imagebuilder.pub
+ sbuild-stalled-package-timeout: 1500
+{%- endif %}
+ vbuilder-manage-bos01:
+ charm: {{ charm_dir }}/vbuilder-manage
+ constraints: "cores=2 mem=8G root-disk=20G {{ extra_constraints }}"
+ expose: true
+ num_units: 1
+ options:
+ amqp-username: vbuilder-manage-bos01
+ amqp-vhost: vbuilder-manage-bos01
+ celery-worker-count: "32"
+ dns-update-host: "{{ dns_update_host_bos01 }}"
+ dns-update-key-name: "{{ dns_update_key_name }}"
+ domain: "{{ domain_bos01 }}"
+ instance-key-name: "{{ instance_key_name_bos01 }}"
+ instance-network: "{{ instance_network_bos01 }}"
+ instance-router: "{{ instance_router }}"
+ log-hosts-allow: "{{ log_hosts_allow }}"
+ lp-buildd-managers: "{{ lp_buildd_managers }}"
+ lp-environment: "{{ lp_environment }}"
+ lp-sshkey: "{{ lp_sshkey }}"
+ openstack-auth-url: http://keystone.infra.bos01.scalingstack:5000/v3
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name }}"
+ openstack-username: "{{ openstack_username }}"
+ vbuilders: '{{ vbuilders("bos01", vbuilders_bos01) }}'
+ vbuilder-manage-bos02:
+ charm: {{ charm_dir }}/vbuilder-manage
+ constraints: "cores=2 mem=8G root-disk=20G {{ extra_constraints }}"
+ expose: true
+ num_units: 1
+ options:
+ amqp-username: vbuilder-manage-bos02
+ amqp-vhost: vbuilder-manage-bos02
+ celery-worker-count: "50"
+ dns-update-host: "{{ dns_update_host_bos02 }}"
+ dns-update-key-name: "{{ dns_update_key_name }}"
+ domain: "{{ domain_bos02 }}"
+ instance-key-name: "{{ instance_key_name_bos02 }}"
+ instance-network: "{{ instance_network_bos02 }}"
+ instance-router: "{{ instance_router }}"
+ log-hosts-allow: "{{ log_hosts_allow }}"
+ lp-buildd-managers: "{{ lp_buildd_managers }}"
+ lp-environment: "{{ lp_environment }}"
+ lp-sshkey: "{{ lp_sshkey }}"
+ openstack-auth-url: http://keystone.infra.bos02.scalingstack:5000/v2.0
+ openstack-tenant-name: "{{ openstack_tenant_name }}"
+ openstack-username: "{{ openstack_username }}"
+ vbuilders: '{{ vbuilders("bos02", vbuilders_bos02) }}'
+ vbuilder-manage-bos03:
+ charm: {{ charm_dir }}/vbuilder-manage
+ constraints: "cores=4 mem=8G root-disk=50G {{ extra_constraints }}"
+ expose: true
+ num_units: 1
+ options:
+ amqp-username: vbuilder-manage-bos03
+ amqp-vhost: vbuilder-manage-bos03
+ celery-worker-count: "50"
+ dns-update-host: "{{ dns_update_host_bos03 }}"
+ dns-update-key-name: "{{ dns_update_key_name }}"
+ domain: "{{ domain_bos03 }}"
+ instance-key-name: "{{ instance_key_name_bos03 }}"
+ instance-network: "{{ instance_network_bos03 }}"
+ instance-router: "{{ instance_router_bos03 }}"
+ log-hosts-allow: "{{ log_hosts_allow }}"
+ lp-buildd-managers: "{{ lp_buildd_managers }}"
+ lp-environment: "{{ lp_environment }}"
+ lp-sshkey: "{{ lp_sshkey }}"
+ openstack-auth-url: "https://keystone.ps6.canonical.com:5000/v3"
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name_bos03 }}"
+ openstack-username: "{{ openstack_username_bos03 }}"
+ vbuilders: '{{ vbuilders("bos03", vbuilders_bos03) }}'
+ vbuilder-manage-lcy02:
+ charm: {{ charm_dir }}/vbuilder-manage
+ constraints: "cores=4 mem=8G root-disk=50G {{ extra_constraints }}"
+ expose: true
+ num_units: 1
+ options:
+ amqp-username: vbuilder-manage-lcy02
+ amqp-vhost: vbuilder-manage-lcy02
+ celery-worker-count: "50"
+ dns-update-host: "{{ dns_update_host_lcy02 }}"
+ dns-update-key-name: "{{ dns_update_key_name }}"
+ domain: "{{ domain_lcy02 }}"
+ instance-key-name: "{{ instance_key_name_lcy02 }}"
+ instance-network: "{{ instance_network_lcy02 }}"
+ instance-router: "{{ instance_router_lcy02 }}"
+ log-hosts-allow: "{{ log_hosts_allow }}"
+ lp-buildd-managers: "{{ lp_buildd_managers }}"
+ lp-environment: "{{ lp_environment }}"
+ lp-sshkey: "{{ lp_sshkey }}"
+ openstack-auth-url: https://keystone.ps5.canonical.com:5000/v3
+ openstack-identity-api-version: "3"
+ openstack-tenant-name: "{{ openstack_tenant_name_lcy02 }}"
+ openstack-username: "{{ openstack_username_lcy02 }}"
+ vbuilders: '{{ vbuilders("lcy02", vbuilders_lcy02) }}'
+ clamav-database-mirror:
+ charm: ch:clamav-database-mirror
+ series: jammy
+ constraints: "{{ extra_constraints }}"
+ num_units: 1
+ options:
+ http-proxy: "http://squid.internal:3128/"
+ ntp:
+ charm: ch:ntp
+ options:
+ source: "ntp1.canonical.com ntp2.canonical.com ntp3.canonical.com ntp4.canonical.com"
+ # We need to configure telegraf explicitly here because we use custom
+ # plugins. The subordinates spec will set up the relations.
+ telegraf:
+ charm: ch:telegraf
+ channel: candidate
+ expose: true
+ options:
+ extra_plugins: |-
+ [[inputs.procstat]]
+ pattern = "celery.*--app ppareset"
+ [[inputs.procstat]]
+ pattern = "/usr/local/sbin/ppa-reset"
+ install_method: snap
+relations:
+ - ["glance-simplestreams-sync-bos01-amd64:image-modifier", "launchpad-buildd-image-modifier-bos01-amd64:image-modifier"]
+ - ["glance-simplestreams-sync-bos01-arm64:image-modifier", "launchpad-buildd-image-modifier-bos01-arm64:image-modifier"]
+ - ["glance-simplestreams-sync-bos01-arm64-gpu:image-modifier", "launchpad-buildd-image-modifier-bos01-arm64-gpu:image-modifier"]
+ - ["glance-simplestreams-sync-bos01-ppc64el:image-modifier", "launchpad-buildd-image-modifier-bos01-ppc64el:image-modifier"]
+ - ["glance-simplestreams-sync-bos01-s390x:image-modifier", "launchpad-buildd-image-modifier-bos01-s390x:image-modifier"]
+ - ["glance-simplestreams-sync-bos02-arm64:image-modifier", "launchpad-buildd-image-modifier-bos02-arm64:image-modifier"]
+ - ["glance-simplestreams-sync-bos02-ppc64el:image-modifier", "launchpad-buildd-image-modifier-bos02-ppc64el:image-modifier"]
+ - ["glance-simplestreams-sync-bos02-s390x:image-modifier", "launchpad-buildd-image-modifier-bos02-s390x:image-modifier"]
+ - ["glance-simplestreams-sync-bos03-amd64:image-modifier", "launchpad-buildd-image-modifier-bos03-amd64:image-modifier"]
+ - ["glance-simplestreams-sync-bos03-amd64-gpu:image-modifier", "launchpad-buildd-image-modifier-bos03-amd64-gpu:image-modifier"]
+ - ["glance-simplestreams-sync-bos03-arm64:image-modifier", "launchpad-buildd-image-modifier-bos03-arm64:image-modifier"]
+{%- if stage_name in ("production", "qastaging") %}
+ - ["glance-simplestreams-sync-bos03-riscv64:image-modifier", "launchpad-buildd-image-modifier-bos03-riscv64:image-modifier"]
+{%- endif %}
+ - ["glance-simplestreams-sync-lcy02-amd64:image-modifier", "launchpad-buildd-image-modifier-amd64:image-modifier"]
+ - ["vbuilder-manage-bos01:amqp", "rabbitmq-server:amqp"]
+ - ["vbuilder-manage-bos02:amqp", "rabbitmq-server:amqp"]
+ - ["vbuilder-manage-bos03:amqp", "rabbitmq-server:amqp"]
+ - ["vbuilder-manage-lcy02:amqp", "rabbitmq-server:amqp"]
+ - ["rabbitmq-server", "ntp"]
+ - ["glance-simplestreams-sync-bos01-amd64", "ntp"]
+ - ["glance-simplestreams-sync-bos01-arm64", "ntp"]
+ - ["glance-simplestreams-sync-bos01-arm64-gpu", "ntp"]
+ - ["glance-simplestreams-sync-bos01-ppc64el", "ntp"]
+ - ["glance-simplestreams-sync-bos01-s390x", "ntp"]
+ - ["glance-simplestreams-sync-bos02-arm64", "ntp"]
+ - ["glance-simplestreams-sync-bos02-ppc64el", "ntp"]
+ - ["glance-simplestreams-sync-bos02-s390x", "ntp"]
+ - ["glance-simplestreams-sync-bos03-amd64", "ntp"]
+ - ["glance-simplestreams-sync-bos03-amd64-gpu", "ntp"]
+ - ["glance-simplestreams-sync-bos03-arm64", "ntp"]
+{%- if stage_name in ("production", "qastaging") %}
+ - ["glance-simplestreams-sync-bos03-riscv64", "ntp"]
+{%- endif %}
+ - ["glance-simplestreams-sync-lcy02-amd64", "ntp"]
+ - ["vbuilder-manage-bos01", "ntp"]
+ - ["vbuilder-manage-bos02", "ntp"]
+ - ["vbuilder-manage-bos03", "ntp"]
+ - ["vbuilder-manage-lcy02", "ntp"]
+ - ["clamav-database-mirror", "ntp"]
diff --git a/vbuilder/collect b/vbuilder/collect
new file mode 100644
index 0000000..2deb9b8
--- /dev/null
+++ b/vbuilder/collect
@@ -0,0 +1,4 @@
+rabbitmq-server cs:rabbitmq-server
+glance-simplestreams-sync git+lp:~launchpad/charm-glance-simplestreams-sync;revno=scalingstack
+launchpad-buildd-image-modifier git+lp:charm-launchpad-buildd-image-modifier
+vbuilder-manage git+lp:launchpad-vbuilder-manage
diff --git a/vbuilder/configs/custom-secgroups-production.yaml b/vbuilder/configs/custom-secgroups-production.yaml
new file mode 100644
index 0000000..95a7565
--- /dev/null
+++ b/vbuilder/configs/custom-secgroups-production.yaml
@@ -0,0 +1,10 @@
+applications:
+ clamav-database-mirror:
+ type: neutron
+ rules:
+ - clamav-database-mirror
+rules:
+ clamav-database-mirror:
+ # Public HTTP. (Firewalls restrict this to builders, but there's
+ # nothing secret here.)
+ - {"protocol": "tcp", "family": "IPv4", "port": 80, "cidr": "0.0.0.0/0"}
diff --git a/vbuilder/configs/custom-secgroups-staging.yaml b/vbuilder/configs/custom-secgroups-staging.yaml
new file mode 100644
index 0000000..95a7565
--- /dev/null
+++ b/vbuilder/configs/custom-secgroups-staging.yaml
@@ -0,0 +1,10 @@
+applications:
+ clamav-database-mirror:
+ type: neutron
+ rules:
+ - clamav-database-mirror
+rules:
+ clamav-database-mirror:
+ # Public HTTP. (Firewalls restrict this to builders, but there's
+ # nothing secret here.)
+ - {"protocol": "tcp", "family": "IPv4", "port": 80, "cidr": "0.0.0.0/0"}
diff --git a/vbuilder/expand-bundle b/vbuilder/expand-bundle
new file mode 100755
index 0000000..bbbe52e
--- /dev/null
+++ b/vbuilder/expand-bundle
@@ -0,0 +1,36 @@
+#! /usr/bin/python3
+# The vbuilder bundle is heavily parameterized in order to keep its length
+# under control and reduce repetition. This provides an easy way to expand
+# the bundle to see the effect of changes.
+
+from argparse import ArgumentParser
+import sys
+
+from jinja2 import (
+ Environment,
+ FileSystemLoader,
+ )
+import yaml
+
+
+def main():
+ parser = ArgumentParser()
+ parser.add_argument("stage_name", help="Mojo stage name")
+ args = parser.parse_args()
+
+ template_env = Environment(loader=FileSystemLoader("."))
+ template = template_env.get_template("bundle.yaml")
+ rendered = template.render({
+ "charm_dir": "fake-charm-dir",
+ "stage_name": args.stage_name,
+ })
+ try:
+ yaml.safe_load(rendered)
+ except Exception as e:
+ print(f"Cannot parse rendered template: {e}", file=sys.stderr)
+ sys.exit(1)
+ print(rendered)
+
+
+if __name__ == "__main__":
+ main()
diff --git a/vbuilder/manifest b/vbuilder/manifest
new file mode 100644
index 0000000..8e13254
--- /dev/null
+++ b/vbuilder/manifest
@@ -0,0 +1,5 @@
+collect
+bundle config=bundle.yaml local=secrets
+script config=upgrade-charms
+include config=manifest-secgroups
+juju-check-wait
diff --git a/vbuilder/manifest-rebuild-images b/vbuilder/manifest-rebuild-images
new file mode 100644
index 0000000..dbb5cb1
--- /dev/null
+++ b/vbuilder/manifest-rebuild-images
@@ -0,0 +1 @@
+script config=rebuild-images
diff --git a/vbuilder/manifest-secgroups b/vbuilder/manifest-secgroups
new file mode 100644
index 0000000..8c438ee
--- /dev/null
+++ b/vbuilder/manifest-secgroups
@@ -0,0 +1 @@
+script config=utils/custom-secgroups.py SKIP_STAGES=devel
diff --git a/vbuilder/rebuild-images b/vbuilder/rebuild-images
new file mode 100755
index 0000000..666af9b
--- /dev/null
+++ b/vbuilder/rebuild-images
@@ -0,0 +1,95 @@
+#! /usr/bin/python3
+
+import os
+
+from utils import utils
+
+
+name_prefix_by_stage = {
+ "qastaging": "launchpad-buildd-qastaging",
+ "staging": "launchpad-buildd-staging",
+ "production": "launchpad-buildd",
+ }
+
+targets_by_stage = {
+ "qastaging": [
+ ("bos01", "amd64", "focal"),
+ ("bos01", "arm64", "focal"),
+ ("bos01", "arm64-gpu", "focal"),
+ ("bos01", "ppc64el", "focal"),
+ ("bos01", "s390x", "focal"),
+ ("bos02", "arm64", "focal"),
+ ("bos02", "ppc64el", "focal"),
+ ("bos02", "s390x", "focal"),
+ ("bos03", "amd64", "focal"),
+ ("bos03", "amd64-gpu", "focal"),
+ ("bos03", "arm64", "focal"),
+ ("bos03", "riscv64", "noble"),
+ ("lcy02", "amd64", "focal"),
+ ],
+ "staging": [
+ ("bos01", "amd64", "jammy"),
+ ("bos01", "arm64", "jammy"),
+ ("bos01", "arm64-gpu", "jammy"),
+ ("bos01", "ppc64el", "jammy"),
+ ("bos01", "s390x", "jammy"),
+ ("bos02", "arm64", "jammy"),
+ ("bos02", "ppc64el", "jammy"),
+ ("bos02", "s390x", "jammy"),
+ ("bos03", "amd64", "jammy"),
+ ("lcy02", "amd64", "jammy"),
+ ],
+ "production": [
+ ("bos01", "amd64", "focal"),
+ ("bos01", "arm64", "focal"),
+ ("bos01", "ppc64el", "focal"),
+ ("bos01", "s390x", "focal"),
+ ("bos02", "arm64", "focal"),
+ ("bos02", "ppc64el", "focal"),
+ ("bos02", "s390x", "focal"),
+ ("bos03", "amd64", "focal"),
+ ("bos03", "arm64", "focal"),
+ ("bos03", "riscv64", "jammy"),
+ ("lcy02", "amd64", "focal"),
+ ],
+ }
+
+
+def get_leader_unit(juju_services, application):
+ """Get the current leader unit for an application.
+
+ "juju run-action application/leader" sometimes reports "ERROR could not
+ determine leader for ..." even though a leader exists. Work around this.
+ """
+ return next(
+ name for name, status in juju_services[application]["units"].items()
+ if status.get("leader", False))
+
+
+def main():
+ stage = os.path.basename(os.environ["MOJO_STAGE"])
+ name_prefix = name_prefix_by_stage[stage]
+ targets = targets_by_stage[stage]
+ juju_services = utils.juju_services()
+ failed_target_applications = []
+ for region, arch, series in targets:
+ application = f"glance-simplestreams-sync-{region}-{arch}"
+ unit = get_leader_unit(juju_services, application)
+ rebuild_cmd = [
+ "juju", "ssh", unit, "sudo", "/usr/local/bin/rebuild-latest-image",
+ f"{name_prefix}/ubuntu-{series}-daily-{arch}-",
+ ]
+ try:
+ utils.run(None, rebuild_cmd)
+ except Exception as e:
+ failed_target_applications.append(application)
+ print(f"Command in `{application}` failed with error: {str(e)}")
+
+ print("\n\nRun completed.")
+ if failed_target_applications:
+ print("\n******* FAILED TO REBUILD IMAGES IN: *******")
+ for failed_target in failed_target_applications:
+ print(f" - {failed_target}")
+
+if __name__ == "__main__":
+ main()
diff --git a/vbuilder/upgrade-charms b/vbuilder/upgrade-charms
new file mode 100755
index 0000000..ebe3c6a
--- /dev/null
+++ b/vbuilder/upgrade-charms
@@ -0,0 +1,94 @@
+#! /usr/bin/python3
+
+import utils.check_version # noqa: F401
+
+import os.path
+import subprocess
+
+
+targets_by_stage = {
+ "qastaging": [
+ ("bos01", "amd64"),
+ ("bos01", "arm64"),
+ ("bos01", "arm64-gpu"),
+ ("bos01", "ppc64el"),
+ ("bos01", "s390x"),
+ ("bos02", "arm64"),
+ ("bos02", "ppc64el"),
+ ("bos02", "s390x"),
+ ("bos03", "amd64"),
+ ("bos03", "amd64-gpu"),
+ ("bos03", "arm64"),
+ ("bos03", "riscv64"),
+ ("lcy02", "amd64"),
+ ],
+ "staging": [
+ ("bos01", "amd64"),
+ ("bos01", "arm64"),
+ ("bos01", "arm64-gpu"),
+ ("bos01", "ppc64el"),
+ ("bos01", "s390x"),
+ ("bos02", "arm64"),
+ ("bos02", "ppc64el"),
+ ("bos02", "s390x"),
+ ("bos03", "amd64"),
+ ("lcy02", "amd64"),
+ ],
+ "production": [
+ ("bos01", "amd64"),
+ ("bos01", "arm64"),
+ ("bos01", "ppc64el"),
+ ("bos01", "s390x"),
+ ("bos02", "arm64"),
+ ("bos02", "ppc64el"),
+ ("bos02", "s390x"),
+ ("bos03", "amd64"),
+ ("bos03", "arm64"),
+ ("bos03", "riscv64"),
+ ("lcy02", "amd64"),
+ ],
+}
+
+
+upgraded = set()
+
+
+def upgrade_charm(app_name, charm_name):
+ if app_name in upgraded:
+ return
+ subprocess.check_call(
+ [
+ "juju",
+ "upgrade-charm",
+ app_name,
+ "--path=%s"
+ % os.path.join(
+ os.environ["MOJO_REPO_DIR"],
+ os.environ["MOJO_SERIES"],
+ charm_name,
+ ),
+ ]
+ )
+ upgraded.add(app_name)
+
+
+def main():
+ stage = os.path.basename(os.environ["MOJO_STAGE"])
+ targets = targets_by_stage[stage]
+ for region, arch in targets:
+ upgrade_charm(
+ f"glance-simplestreams-sync-{region}-{arch}",
+ "glance-simplestreams-sync",
+ )
+ # lcy02-amd64 uses an anomalous name for this charm; we won't follow
+ # this pattern for future regions on amd64.
+ if (region, arch) == ("lcy02", "amd64"):
+ lbim_app_name = "launchpad-buildd-image-modifier-amd64"
+ else:
+ lbim_app_name = f"launchpad-buildd-image-modifier-{region}-{arch}"
+ upgrade_charm(lbim_app_name, "launchpad-buildd-image-modifier")
+ upgrade_charm(f"vbuilder-manage-{region}", "vbuilder-manage")
+
+
+if __name__ == "__main__":
+ main()
diff --git a/vbuilder/utils b/vbuilder/utils
new file mode 120000
index 0000000..468ba70
--- /dev/null
+++ b/vbuilder/utils
@@ -0,0 +1 @@
+../utils
\ No newline at end of file
Follow ups