From de0bbda9d5ec288b9311fa9aa81ff6019ac663d6 Mon Sep 17 00:00:00 2001 From: Alex Welsh Date: Thu, 30 Apr 2026 08:37:42 +0100 Subject: [PATCH 1/2] AIO: Use pull-through cache on SMS After recent changes at leafcloud, we're regularly getting rate-limited by the RGW backend on Ark. This change makes AIOs pull through a new authenticating caching proxy on SMS, which should reduce load on Ark greatly, and maybe improve performance at the same time. --- .../environments/ci-aio/stackhpc-ci.yml | 34 ++++++++----------- 1 file changed, 15 insertions(+), 19 deletions(-) diff --git a/etc/kayobe/environments/ci-aio/stackhpc-ci.yml b/etc/kayobe/environments/ci-aio/stackhpc-ci.yml index 28755aac7..2d4d5c2fe 100644 --- a/etc/kayobe/environments/ci-aio/stackhpc-ci.yml +++ b/etc/kayobe/environments/ci-aio/stackhpc-ci.yml @@ -8,18 +8,14 @@ kolla_docker_namespace: stackhpc-dev ############################################################################### # StackHPC configuration. +# AIOs currently run on SMS, and pull packages and containers through an +# authenticating caching proxy. # Host and port of a package repository mirror. -# Build and deploy the development Pulp service repositories. -# Use Ark's package repositories to install packages. -stackhpc_repo_mirror_url: "{{ stackhpc_release_pulp_url }}" -stackhpc_repo_mirror_username: "skc-ci-aio-epoxy" -stackhpc_repo_mirror_password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 66666132666635313565646233353065623465316332323337356366303262363437353162643430 - 3138303131313865646532633063666539306332663933340a386131316664663238633534623862 - 65303835626463356666623563333464623630633936663162353935633132376634666463633139 - 3363383033613330360a356639333463643461353462346466633365626333393331633833326634 - 64366233653036333032323334353332643735623264376137383564383361303462 +stackhpc_aio_proxy_address: "192.168.46.157" +stackhpc_repo_mirror_url: "http://{{ stackhpc_aio_proxy_address }}:80" +# Host and port of container registry. +stackhpc_docker_registry: "{{ stackhpc_aio_proxy_address }}:5000" +docker_registry_insecure: true # Build against released Pulp repository versions. stackhpc_repo_grafana_version: "{{ stackhpc_pulp_repo_grafana_version }}" @@ -57,17 +53,17 @@ stackhpc_repo_rhel9_doca_modules_version: "{{ stackhpc_pulp_repo_rhel9_doca_modu # Rocky-and-CI-specific Pulp urls stackhpc_include_os_minor_version_in_repo_url: true -# Host and port of container registry. -# Push built images to the development Pulp service registry. -stackhpc_docker_registry: "{{ stackhpc_repo_mirror_url | regex_replace('^https?://', '') }}" -stackhpc_docker_registry_username: "{{ stackhpc_repo_mirror_username }}" -stackhpc_docker_registry_password: "{{ stackhpc_repo_mirror_password }}" - # Override Pulp credentials to allow querying container image tags in the # check-tags.yml custom playbook. pulp_url: "{{ stackhpc_repo_mirror_url }}" -pulp_username: "{{ stackhpc_repo_mirror_username }}" -pulp_password: "{{ stackhpc_repo_mirror_password }}" +pulp_username: "skc-ci-aio-epoxy" +pulp_password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 66666132666635313565646233353065623465316332323337356366303262363437353162643430 + 3138303131313865646532633063666539306332663933340a386131316664663238633534623862 + 65303835626463356666623563333464623630633936663162353935633132376634666463633139 + 3363383033613330360a356639333463643461353462346466633365626333393331633833326634 + 64366233653036333032323334353332643735623264376137383564383361303462 # Ensure Blackbox monitoring configuration is generated correctly seed_pulp_container_enabled: false From c2cea180d3bbec57651dffbd479d77ad13dda910 Mon Sep 17 00:00:00 2001 From: Alex Welsh Date: Wed, 6 May 2026 14:32:02 +0100 Subject: [PATCH 2/2] Fix image tags CI check --- etc/kayobe/environments/ci-aio/stackhpc-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/kayobe/environments/ci-aio/stackhpc-ci.yml b/etc/kayobe/environments/ci-aio/stackhpc-ci.yml index 2d4d5c2fe..416f5be0d 100644 --- a/etc/kayobe/environments/ci-aio/stackhpc-ci.yml +++ b/etc/kayobe/environments/ci-aio/stackhpc-ci.yml @@ -55,7 +55,7 @@ stackhpc_include_os_minor_version_in_repo_url: true # Override Pulp credentials to allow querying container image tags in the # check-tags.yml custom playbook. -pulp_url: "{{ stackhpc_repo_mirror_url }}" +pulp_url: "{{ stackhpc_release_pulp_url }}" pulp_username: "skc-ci-aio-epoxy" pulp_password: !vault | $ANSIBLE_VAULT;1.1;AES256