infra -
here is the diffs for csi vars for group: dns
applicable when we come out of freez.
diff --git a/inventory/group_vars/dns b/inventory/group_vars/dns
index 17da9d0..db01b32 100644
--- a/inventory/group_vars/dns
+++ b/inventory/group_vars/dns
@@ -16,3 +16,7 @@ nrpe_procs_warn: 300
nrpe_procs_crit: 500
sudoers: "{{ private }}/files/sudo/sysadmin-dns"
+
+csi_security_category: High
+csi_primary_contact: Fedora Admins - admin(a)fedoraproject.org
+csi_purpose: Domain Name Service
diff --git
a/inventory/host_vars/ns02.fedoraproject.org
b/inventory/host_vars/ns02.fedoraproject.org
index ec29b7e..ffc9479 100644
---
a/inventory/host_vars/ns02.fedoraproject.org
+++
b/inventory/host_vars/ns02.fedoraproject.org
@@ -15,3 +15,19 @@ datacenter: ibiblio
ks_url:
http://209.132.181.6/repo/rhel/ks/kvm-rhel-7-ext
ks_repo:
http://209.132.181.6/repo/rhel/RHEL7-x86_64/
+
+
+csi_relationship: |
+
+ ns02 is a master dns server.
+ It serves about every domain under fedoraproject, fedo*, as well
as others, both forward and reverse.
+
+ * This host relies on:
+ - The virthost it's hosted on (
ibiblio03.fedoraproject.org)
+ - batcave for dns git and keys
+ - connectivity to maxmind to create geoIP dns acl
+
+ * Things that rely on this host:
+ - The Internet/Community to resolve everything related to fedora
and reverse-IP for allocated subnets
+ - If this host is down, dns queries will slow down by the portion
of this host to the total name servers responsible for the same domain
set.
+ - secodary/slave dns servers
diff --git
a/inventory/host_vars/ns03.phx2.fedoraproject.org
b/inventory/host_vars/ns03.phx2.fedoraproject.org
index 4515d5e..669b5ff 100644
---
a/inventory/host_vars/ns03.phx2.fedoraproject.org
+++
b/inventory/host_vars/ns03.phx2.fedoraproject.org
@@ -10,3 +10,18 @@ ansible_ssh_host:
ns03.phx2.fedoraproject.org
vmhost:
virthost21.phx2.fedoraproject.org
datacenter: phx2
+
+csi_relationship: |
+
+ ns03 is a master dns server.
+ It serves about every domain under fedoraproject, fedo*, as well
as others, both forward and reverse.
+
+ * This host relies on:
+ - The virthost it's hosted on (
virthost21.phx2.fedoraproject.org)
+ - batcave for dns git and keys
+ - connectivity to maxmind to create geoIP dns acl
+
+ * Things that rely on this host:
+ - The Internet/Community to resolve everything related to fedora
and reverse-IP for allocated subnets
+ - If this host is down, dns queries will slow down by the portion
of this host to the total name servers responsible for the same domain
set.
+ - secodary/slave dns servers
diff --git
a/inventory/host_vars/ns04.phx2.fedoraproject.org
b/inventory/host_vars/ns04.phx2.fedoraproject.org
index 9c72ca9..1a4089f 100644
---
a/inventory/host_vars/ns04.phx2.fedoraproject.org
+++
b/inventory/host_vars/ns04.phx2.fedoraproject.org
@@ -10,3 +10,18 @@ ansible_ssh_host:
ns04.phx2.fedoraproject.org
vmhost:
virthost15.phx2.fedoraproject.org
datacenter: phx2
+
+csi_relationship: |
+
+ ns04 is a master dns server.
+ It serves about every domain under fedoraproject, fedo*, as well
as others, both forward and reverse.
+
+ * This host relies on:
+ - The virthost it's hosted on (
virthost15.phx2.fedoraproject.org)
+ - batcave for dns git and keys
+ - connectivity to maxmind to create geoIP dns acl
+
+ * Things that rely on this host:
+ - The Internet/Community to resolve everything related to fedora
and reverse-IP for allocated subnets
+ - If this host is down, dns queries will slow down by the portion
of this host to the total name servers responsible for the same domain
set.
+ - secodary/slave dns servers
diff --git
a/inventory/host_vars/ns05.fedoraproject.org
b/inventory/host_vars/ns05.fedoraproject.org
index 3955f44..e02f9a9 100644
---
a/inventory/host_vars/ns05.fedoraproject.org
+++
b/inventory/host_vars/ns05.fedoraproject.org
@@ -12,3 +12,18 @@ postfix_group: vpn
vmhost:
internetx01.fedoraproject.org
datacenter: internetx
+
+csi_relationship: |
+
+ ns05 is a master dns server.
+ It serves about every domain under fedoraproject, fedo*, as well
as others, both forward and reverse.
+
+ * This host relies on:
+ - The virthost it's hosted on (
internetx01.fedoraproject.org)
+ - batcave for dns git and keys
+ - connectivity to maxmind to create geoIP dns acl
+
+ * Things that rely on this host:
+ - The Internet/Community to resolve everything related to fedora
and reverse-IP for allocated subnets
+ - If this host is down, dns queries will slow down by the portion
of this host to the total name servers responsible for the same domain
set.
+ - secodary/slave dns servers