Major changes
- The Calculon cluster is EOL and was replaced by the new nibbler_cluster stack.
- New GD stacks were added: betabarrel_cluster, copperfist_cluster and wingedhelix_cluster.
What's Changed
- Removed boxy and umcg from calculon vars and added both gattaca machines by @marieke-bijlsma in #426
- new user and small bug fix by @kdelange in #427
- Fix/mkdocs by @pneerincx in #428
- Pulp version locking of pulp_installer, pulpcore and pulp-rpm. Working solution for now by @scimerman in #432
- Fix/new lobby by @pneerincx in #433
- Added certs for NEMI irods + README (WIP). by @pneerincx in #429
- Feature/cineca ega client by @pneerincx in #434
- Changes needed for deployment of a Hyperchicken by @scimerman in #435
- Copied ega fuse client credentials from talos. by @erijpkema in #437
- Created pull request: changes in Cinder storage for compute nodes to work for Embassy, edited configuration for new Fender, created Fender CA, minor bug fixes by @scimerman in #438
- Fix/cleanup by @pneerincx in #439
- Feature/isilonquota by @pneerincx in #436
- Update/slurm by @pneerincx in #440
- Switched LDAP for Hyperchicken and Fender from ldap to ldaps with TLS certificate. by @pneerincx in #441
- FD deployment, HC & FD root pulp certificates, FD slurm, corrected generate password script by @scimerman in #442
- Fixed setting TMOUT env variable in slurm.taskprolog. by @pneerincx in #443
- Fix/ldapdhparams by @pneerincx in #444
- Latest changes in DAI and SAI deployment playbook, and tested on Fender DAI by @scimerman in #445
- Updated configs for new EGA Fuse client version 2.1.0. by @pneerincx in #446
- The import from test.test_sax fails after following the instructions. by @FokkeDijkstra in #450
- Added the upgrade of pip, the installation of wheel and the installation of ansible by @FokkeDijkstra in #448
- Added comment to README with regard to installing Ansible with pip. by @pneerincx in #452
- Feature: new data transfer servers by @pneerincx in #451
- Adjust characters used in passphrases by @FokkeDijkstra in #453
- Add rsc01 mount for umcg-pub group on Gearshift. by @pneerincx in #455
- Added missing email addresses for several users. by @pneerincx in #456
- Updated documentation for the adding custom rpm to the pulp repository by @scimerman in #457
- Feature: email by @pneerincx in #458
- Minor updates. by @pneerincx in #460
- Added gecos attribute. by @pneerincx in #459
- Bugfix for chrooted rsync by @pneerincx in #462
- Make sure the ssh_host_signer role does not error due to undefined variable. by @pneerincx in #463
- Added group_vars/template/users.yml. by @pneerincx in #454
- Wingedhelix: created vars, secrets and ssh-CA by @scimerman in #464
- Updating documentation: irods and pulp by @scimerman in #466
- Added hopko as an admin again. by @erijpkema in #467
- Fixed for loop to loop over jumphosts in documentation. by @pneerincx in #468
- Added extra notes from hackathon. by @pneerincx in #470
- irods parameters and icat vm deployment playbook by @Gerbenvandervries in #461
- Updated irods documentation from 2nd hackaton by @scimerman in #471
- Feature/nfs by @pneerincx in #472
- Updated email address for user. by @pneerincx in #473
- Added missing if to make irods group optional in template for /etc/hosts. by @pneerincx in #474
- Fixed config files for LDAP client by @pneerincx in #475
- Updated one public key. by @pneerincx in #476
- Updated Fender playbook by @scimerman in #477
- Added script + cronjob to recycle chrooted home dirs by @pneerincx in #465
- Added explicit settings for mount point root folders. by @pneerincx in #478
- Storage update by @pneerincx in #479
- Fix/slurm logrotate by @pneerincx in #480
- Wingedhelix: update after finished deployment by @scimerman in #481
- new key by @kdelange in #482
- Added: Kim keys by @scimerman in #483
- Feature/dt docs by @pneerincx in #484
- Added network addresses for first client machines. by @pneerincx in #486
- Updated Gearshift config for prm02 mounts from umcgst01 on dh1 Lustre silo. by @pneerincx in #485
- removed user by @kdelange in #487
- Feature: case insensitive slurm accounts by @pneerincx in #488
- Added info for new tl-repo and gs-repo machines for Pulp. by @pneerincx in #489
- Feature/tl-repo by @pneerincx in #490
- Added new umcg-rehabiliation group on Gearshift. by @pneerincx in #491
- Temporarily relocated EGA Fuse client mounts prm03 -> prm02 by @pneerincx in #495
- Bugfixes for logins and ldap roles. by @pneerincx in #494
- Feature/extra groups on nibbler by @pneerincx in #497
- Added some additional tools. Fixes #492. by @pneerincx in #498
- Feature/sssd by @pneerincx in #493
- Updates for DNS entries for Nibbler. by @pneerincx in #499
- Small changes: the working FD variables by @scimerman in #500
- Feature/isilon quota by @pneerincx in #496
- Hostnames change: cluster playbook - when hostnames are defined, the … by @scimerman in #501
- Update MOTD on Gearshift: beta -> production. by @pneerincx in #503
- Updated SRAM LDAP config for Nibbler. by @pneerincx in #502
- new user by @Gerbenvandervries in #505
- new user: mchahdil by @BenjaminsM in #506
- iRODS: v0.9.8 by @scimerman in #504
- Feature: new docs_library group and introduced more generic stack_name for groups of machines. by @pneerincx in #507
- Fixed the comment at Hopko's name. by @erijpkema in #509
- Fix/subgroup_directories by @pneerincx in #510
- Added pip3 to list of packages installed on DAIs. Added host_vars/README.txt. by @pneerincx in #511
- Fix to allow NFS to lookup GIDs. by @pneerincx in #512
- fix SLURM lua: assigned job to correct group account by @scimerman in #513
- Updated Circle CI config. by @pneerincx in #514
- Added new umcg-fu group to Gearshift config. by @pneerincx in #516
- Pulp updates by @pneerincx in #515
- Pulp simplified by @pneerincx in #517
- Added Circle CI build status badges for develop and master branches. by @pneerincx in #518
- Cleanup by @pneerincx in #519
- added new key to user mchahdil by @BenjaminsM in #521
- Updated sssd role: make sure systemd will try to restart sssd by @pneerincx in #520
- made account for new user aesteve by @BenjaminsM in #524
- Updated Lustre source address for umcgst02 from dh2 silo -> dh4 silo. by @pneerincx in #523
- Hyperchicken updated keys and iRODS service restart bugfix by @scimerman in #525
- Added new "remove" role to delete RPM packages we (no longer) need. by @pneerincx in #526
- Feature: ssl for online docs by @pneerincx in #527
- Added patch for /etc/pam.d/sshd to allow logins from admins. by @pneerincx in #529
- Added pulp secrets, took vars from talos. by @erijpkema in #532
- Fix Lustre stable version: use 2.12.x. by @pneerincx in #533
- Fixed small bugs in code examples. by @pneerincx in #534
- Feature/datahandling 4 by @pneerincx in #535
- [Inclomplete]: Changed to new lustre configuration syntax. by @erijpkema in #522
- Switched Gearshift from SpaceWalk to Pulp [DO NOT MERGE YET] by @pneerincx in #528
- Enable prm03 from new dh4 Lustre silo. [DO NOT MERGE YET] by @pneerincx in #530
- Update Slurm on Gearshift from 18.08.8-1.el7.umcg to 20.11.8-1.el7.umcg. [DO NOT MERGE YET] by @pneerincx in #531
- Fixed accidentally reverted repo_manager variable. by @pneerincx in #536
- Fixed confusing file names. by @pneerincx in #537
- Cron (slurm group accounts), sql password (bugfix and changed HC sql root password), delete backup older than 7 days by @scimerman in #539
- Feature/ldaps for talos by @pneerincx in #540
- Feature: improved inventories. by @pneerincx in #538
- Feature/security group for repo servers by @pneerincx in #541
- Changed static inventories for new dynamic inventory by @scimerman in #542
- Fixed comment on wrong line. by @pneerincx in #543
- Added new umcg-immunogenetics group. by @pneerincx in #546
- Improved Java for EGA Fuse client by @pneerincx in #545
- Create VM for Jenkins by @marieke-bijlsma in #544
- Small bugfix for Fender inventory. by @pneerincx in #547
- Feature/umcg shares by @pneerincx in #548
- Added new user to Fender. by @pneerincx in #549
- Feature/2fa by @pneerincx in #550
- Create initial single_role_playbook for Jenkins and fix config to work on tunnel/nibbler by @marieke-bijlsma in #551
- Update users: added pub key scimerman by @scimerman in #552
- Added three groups by @scimerman in #553
- 2FA documentation by @scimerman in #554
- Added new user on Fender by @scimerman in #555
- added new group umcg-nawijn by @BenjaminsM in #556
- added user gerieke by @BenjaminsM in #558
- Changed Ansible "default" to OpenSSH default SSH ControlPath by @pneerincx in #559
- Updated shared storage role, configs and documentation by @pneerincx in #557
- Removed ACCRUE_ALWAYS PriorityFlag for Slurm scheduler. by @pneerincx in #561
- Improved sshd_config template by @pneerincx in #560
- Bugfix for group_vars/gearshift_cluster/vars.yml: added missing "name" attribute. by @pneerincx in #563
- Rsyslog by @scimerman in #562
- Fix permissions for "releases" and "projects" folder when a group uses sub groups. by @pneerincx in #564
- Refactored subgroup_directories role to remove redundant tasks and improve speed. by @pneerincx in #565
- Re-added missing tl-repo server to Talos inventory. by @pneerincx in #566
- Rsyslog by @scimerman in #567
- Added new slurm.conf updated for 21.08.x. by @pneerincx in #568
- Disabled users no longer working for project on Fender. by @pneerincx in #569
- new user key by @Gerbenvandervries in #570
- Fixed incorrect activation of mitogen plugin when it is not installed. by @pneerincx in #571
- Updated 2 internal IP addresses for machines that had to be redeployed. by @pneerincx in #573
- Fixed some dependencies by @pneerincx in #574
- WH: NFS fix by @scimerman in #575
- Switched Winged-Helix to use SSSD. by @pneerincx in #576
- Rsyslog server: secure logs are now redirected into 'secure', instead… by @scimerman in #577
- Initial config files for Beta-Barrel. by @pneerincx in #578
- Jenkins by @pneerincx in #579
- Install Jenkins by @marieke-bijlsma in #572
- Feature/firewall by @pneerincx in #581
- Develop by @marieke-bijlsma in #582
- Switched from advisory quota to enforced quota limits for Isilon storage. by @pneerincx in #583
- Bugfix for fetching public keys from LDAP with sssd role. by @pneerincx in #584
- Fix/shared storage for new chaperones by @pneerincx in #585
- WH redeploy by @scimerman in #586
- WH & BB: hostname typo by @scimerman in #587
- WH redeploy: storage ip change for sai's pfs by @scimerman in #588
- Nibbler: redeploy vcomputes after OS issues by @scimerman in #589
- WH: geerlingguy.security fix sshd_config 2FA by @scimerman in #590
- Rsyslog: updated playbook and deployed on wingedhelix by @scimerman in #591
- New user for solve-rd by @marieke-bijlsma in #592
- Gearshift and Talos: Added missing network ID vars. by @pneerincx in #593
- Add Pulp root certificate by @bedroge in #594
- Added several WOM keys. by @pneerincx in #596
- Updated WOM key for gerben. by @pneerincx in #597
- Yum local by @scimerman in #598
- iRODS: v2 (remote pgsql, tiering, bugfixes, variables and new certificate) by @scimerman in #580
- Feature/slurm 22.05.2 by @pneerincx in #600
- Feature/smb by @pneerincx in #595
- yum_local: relocate directory and fix triggers by @scimerman in #601
- Disable RedHat subscription-manager. by @pneerincx in #602
- Fix: swap for repo vms by @pneerincx in #603
- Upgraded Slurm 20.11.8-1.el7.umcg -> 22.05.2-1.el7.umcg for various clusters by @pneerincx in #604
- yum_local path fix: readme from var to usr by @scimerman in #605
- Feature/sram pam weblogin by @pneerincx in #606
- Updated MobaXterm screenshots for generating key pairs. by @pneerincx in #607
- Reverted permission change on PNG image files. by @pneerincx in #609
- Update: exclude irods from updates by @scimerman in #610
- Pieter now admin on gearshift and removed marlies. by @erijpkema in #608
- Update for network interfaces by @pneerincx in #613
- Feature/new fw continued by @pneerincx in #611
- Freeze OpenStack versions and fix for missing security groups. by @pneerincx in #614
- Changed a list of packages into variable that can be defined per cluster/server by @scimerman in #615
- Feature/new admins by @pneerincx in #617
- Improved sshd role by @pneerincx in #618
- Configuration of projects in Jenkins by @marieke-bijlsma in #616
- Fixed wrong PFS for dat[0-9] mounts on wh-chaperone. by @pneerincx in #619
- Added functional_users_group on Winged Helix. by @pneerincx in #620
- Fixes for Winged Helix by @pneerincx in #622
- Add automatic fill of plugin name and version (if defined) in XML tem… by @marieke-bijlsma in #621
- Fix for irods security group assignment by @pneerincx in #623
- Fixed issue with variable values not getting picked up from the static inventory due to precedence. by @pneerincx in #624
- Irods and davrods: bigger update #3 by @scimerman in #612
- Fix/missing groups on wh by @pneerincx in #625
- Fixed group perms for CIFS "dat[0-9]" mounts on Winged-Helix. by @pneerincx in #626
- backup_local: a role for /apps hardlink differential backups by @scimerman in #627
- Added task to reboot machine when SELinux changed. by @pneerincx in #629
- Bb initial commit by @scimerman in #630
- Feature/added groups for cc by @pneerincx in #628
- Copperfist: new variables by @scimerman in #631
- Updated online documentation for the totp file location by @scimerman in #632
- Betabarrel added missing configuration by @scimerman in #633
- Docs online: ssl fix by @scimerman in #635
- Jenkins: noSSL & TLS >=1.2 by @scimerman in #636
- Betabarrel: fix mounts and changed backup destination by @scimerman in #637
- Forkhead by @scimerman in #634
- Added 2 new users for Fender by @marieke-bijlsma in #639
- Forkhead: updated mount points by @scimerman in #638
- Fender by @scimerman in #640
- Local backup: path corrected by @scimerman in #643
- new user asalazarvillacorta by @BenjaminsM in #642
- Update root password (if different) to match the one from the secrets by @scimerman in #641
- Betabarrel: fixed core count from 128 to 64 per socket by @scimerman in #644
- Added umcg-gsad group for talos by @marieke-bijlsma in #645
- Added tmp LFS mounts to DAI machines. by @pneerincx in #646
- Bugfix for roles/slurm_management/files/job_submit.lua by @pneerincx in #647
- Betabarrel: slurm.conf fix, NHC update (created one nhc.conf) template by @scimerman in #648
- Fixed tmp05 or tmp06 Slurm features in static inventories of Beta-Barrel and Copper-Fist. by @pneerincx in #650
- Forkhead: update by @scimerman in #649
- Fixed conditional check in slurm.conf. by @pneerincx in #652
- Add mbenjamins to hyperchicken by @marieke-bijlsma in #651
- Workaround for Ansible control hosts that do not have Python installed in /usr/bin/python. by @pneerincx in #653
- Yum local: readme simple update by @scimerman in #655
- Forkhead by @scimerman in #654
- Betabarrel: updated slurm to new version by @scimerman in #656
- Updates for Beta Barrel and Copper Fist. by @pneerincx in #658
- Added missing functionality for Samba shares. by @pneerincx in #659
- Docker: update service to have iptable dependecy by @scimerman in #661
- Removed stack_domain for Winged Helis as we do not have DNS entries yet. by @pneerincx in #660
- Davrods: networking update to work with new iptables by @scimerman in #662
- Updated config files and plugins by @marieke-bijlsma in #663
- Added installing of python package netaddr by @marieke-bijlsma in #664
- Fix to prevent NHC from taking hyperchicken offline. by @pneerincx in #665
- Update config file for Jenkins by @marieke-bijlsma in #667
- Add ssh outbound airlock to jenkins iptables by @marieke-bijlsma in #668
- Remove user from sandbox by @marieke-bijlsma in #669
- Various small bug fixes. by @pneerincx in #671
- Updated list of RPMs to install for rebranding of Singularity to Apptainer. by @pneerincx in #672
- Feature: dedockerized LDAP server by @pneerincx in #666
- Updated public key for one user. by @pneerincx in #673
- Slurm: kill jobs that has invalid dependencies by @scimerman in #674
- Fix for compilation issues. by @pneerincx in #675
- Create storage network security group. by @pneerincx in #676
- Feature: project quota for Lustre by @pneerincx in #677
- Added console root password for shikra by @erijpkema in #678
- Gearshift upgrade by @pneerincx in #679
- Only try to install the lustre client when a lustre mount is specified for inventory_hostname. by @pneerincx in #680
- Updated LDAP credentials. by @pneerincx in #681
- Temporarily disabled "use_ssh_args: true". by @pneerincx in #682
- Disabled two expired accounts, and updated smb server cred. by @Gerbenvandervries in #683
- Fix for error AuthorizedKeysCommand signal 13 by @scimerman in #685
- Create /etc/openldap/readonly-ldapsearch-credentials.bash on various clusters. by @pneerincx in #684
- Fixed bug resulting in /etc/quota.conf not getting deployed on SAI machines. by @pneerincx in #686
- Bugfix for configuring quota by @pneerincx in #687
- Switched prm03 from group to project quota. by @pneerincx in #688
- Copperfist: lor deploy by @scimerman in #689
- new user, and fix wrong delete by @Gerbenvandervries in #691
- Added two users to Fender by @scimerman in #692
- GPU role (first part) by @scimerman in #670
- Feature/cocktail by @pneerincx in #693
- Improved /etc/hosts files. by @pneerincx in #695
- Added two solved-rd fender users by @scimerman in #697
- Fixed wrong password for array CIFS shares. by @pneerincx in #696
- Updated Nibbler configs to add vlan1068. by @pneerincx in #698
- Hc update by @scimerman in #699
- Migrated shared storage for Hyperchicken and Fender to use a different NFS server IP. by @pneerincx in #700
- Configure github webhook ip-addresses to sendpayload to jenkins by @marieke-bijlsma in #701
- Hc update by @scimerman in #702
- Improved handling of minimal quota limits. by @pneerincx in #703
- Bump certifi from 2021.10.8 to 2022.12.7 in /roles/pulp_server/files by @dependabot in #704
- Updated LDAP password for replication account. by @pneerincx in #706
- Feature/fh_ldap by @pneerincx in #708
- Dhparam created by @scimerman in #709
- Added missing (needed) package for ldap server by @scimerman in #710
- add key for druvolo by @kdelange in #711
- Nibbler updates for new Lustre file system and vlan1068. by @pneerincx in #707
- Feature/cgroup role by @pneerincx in #705
- Added umcg-franke-scrna to Nibbler cluster config. by @pneerincx in #712
- Update Configuring_Pulp.md by @scimerman in #713
- Bugfix for handling multipe public key LDAP attributes. by @pneerincx in #714
- Develop by @marieke-bijlsma in #715
- new user svandenhoek by @BenjaminsM in #716
- Added apptainer documentation by @scimerman in #694
- Added hlhs and grip groups by @scimerman in #718
- Added 5 solve-rd users by @Gerbenvandervries in #719
- add wouter by @wgroenewold in #724
- Fh by @scimerman in #720
- wh-, cf-, bb-chaperone's defined and deployed by @scimerman in #721
- new solve-rd user by @Gerbenvandervries in #722
- Added new Solve-RD user to Fender. by @pneerincx in #725
- Added rsc01 mounts for new umcg-grip and umcg-hlhs groups. by @pneerincx in #726
- Improved handling of chaperone machines. by @pneerincx in #727
- Fix/disable stack ldap on wh by @pneerincx in #728
- Nibbler compute nodes are using cloud_flavor: htc-node. Synced config with reality. by @pneerincx in #729
- Added workaround for frequent timeouts when fetching collections from Ansible Galaxy. by @pneerincx in #730
- Replaced public key for a Fender user. by @pneerincx in #731
- new fender users by @Gerbenvandervries in #732
- new fender user by @Gerbenvandervries in #735
- New chaperones by @pneerincx in #733
- Fix/lustre by @pneerincx in #737
- Fixed changed Slurm RealMemory after reboot. by @pneerincx in #738
- Improved hpc-environment-permissions.bash by @pneerincx in #736
- Added new Solve-RD user to Fender. by @pneerincx in #740
- Various updates and fixes for new GD infra. by @pneerincx in #739
- Small improvements by @pneerincx in #742
- Prevent dhcp-client from messing up our /etc/resolv.conf on reboot. by @pneerincx in #743
- Slurm merged client and management roles - talk before merge! by @scimerman in #744
- Chaperone aliases and attempt at making CircleCI jobs with ansible-lint more robust by @pneerincx in #745
- Removed unused local disk mounted in /apps from imperator. by @pneerincx in #746
- Gpu/Slurm implementation and tested by @scimerman in #747
- Improved configuration of functional accounts on chaperone machines. by @pneerincx in #748
- Updated a public key. by @pneerincx in #749
- Small compatibility fixes by @pneerincx in #752
- Removed umcg-mmbimg group. by @pneerincx in #750
- Create new build server and adjustments to sudoers role by @marieke-bijlsma in #741
- Added wouter admin to several stacks. by @pneerincx in #751
- Improved Node Health Check (NHC) config template. by @pneerincx in #753
- Add new build server as additional_etc_host for nibbler by @marieke-bijlsma in #754
- Added gerben admin on Gearshift. by @pneerincx in #756
- Bugfix: Create dir for totp config if it does not exist yet. by @pneerincx in #757
- Updated Nibbler settings by @pneerincx in #755
- Added old code to maintain mailinglist subscriptions. by @pneerincx in #758
- work in progress, role the deploy LDAP2LISTSERV script and config, an… by @Gerbenvandervries in #759
- Added 2 VIP members to various groups on the new chaperone machines. by @pneerincx in #762
- Filtering out the RSA keys in the cloud-init by @scimerman in #760
- Created temporary Azure jumphost for BB and CF by @scimerman in #761
- Dh migration part1 by @pneerincx in #764
- Fix/quota by @pneerincx in #763
- Added CommunicationParameters option to increase Slurm security. by @pneerincx in #765
- Data Handling dh1 migration part 2. by @pneerincx in #767
- Add users to vipt group on build server by @marieke-bijlsma in #768
- Added logic to remove shared storage mounts that are no longer configured for a machine. by @pneerincx in #769
- Added new group on Gearshift and Nibbler. by @pneerincx in #770
- Small changes to users and groups for build server by @marieke-bijlsma in #771
- Add extra key to user by @marieke-bijlsma in #772
- Bugfix for LDAP2LISTSERV.bash by @pneerincx in #773
- Feature: datatransfer servers for new GD infra. by @pneerincx in #775
- Improved secrets by @pneerincx in #776
- New PR in preparation for new release by @pneerincx in #774
New Contributors
- @bedroge made their first contribution in #594
- @dependabot made their first contribution in #704
- @wgroenewold made their first contribution in #724
Full Changelog: 21.06.1...23.04.1