action #120270
Updated by livdywan over 2 years ago
## Motivation See parent #116623 ## Acceptance criteria * **AC1:** All IPMI interfaces of openQA machines in Nbg SRV1 are in new security zones * **AC2:** All IPMI interfaces of openQA machines in Nbg SRV1 are fully usable in production * **AC3:** All documentation referencing O3+OSD ipmi interfaces are up-to-date * **AC4:** Our Add automated tools using O3+OSD ipmi interfaces are up-to-date e.g. GitLab pipelines and salt states ## Suggestions * Monitor [Slack #discuss-qe-new-security-zones](https://suse.slack.com/archives/C0488BZNA5S) * Ensure access over the new way is possible * Document changes in our infrastructure documentation, e.g. progress.opensuse.org/projects/openqav3/wiki/, https://wiki.suse.net/index.php/OpenQA, https://gitlab.suse.de/openqa/salt-pillars-openqa/-/blob/master/openqa/workerconf.sls * Ensure https://gitlab.suse.de/openqa/salt-pillars-openqa#get-ipmi-definition-aliases works the new way * Update https://gitlab.suse.de/openqa/grafana-webhook-actions ## Open points 1. Where is the documentation by SUSE-IT 1. Where is the git repo handling ssh keys 1. Fix the multi-second login time over ssh (workaround: use `ssh -4`)