Map of critical services

This document provides readers with a map of all critical services hosted by Fedora infra and their relationship with each other. It also contains a description of each app and reason why it’s considered critical.

fedora infra diagram.drawio
Figure: Map of critical services

Metadata providers

Name Description Why it’s critical? Hostname

PDC

PDC (Product Definition Center) provides API that contains information about composes, releases, packages, repositories etc..

Plenty of other services in Fedora Infra are depending on the information stored in PDC and will stop to work when the PDC is not available.

pdc-web01.iad2.fedoraproject.org pdc-web02.iad2.fedoraproject.org

mdapi

mdapi (MetaData API) is similar to PDC in a way that it provides API that allows users to obtain various metadata about Fedora packages. It contains information that is not available in PDC.

Plenty of other services in Fedora Infra are depending on the information stored in mdapi and will stop to work when the mdapi is not available.

Hosted in OpenShift

Monitoring

Name Description Why it’s critical? Hostname

Nagios

Nagios is used by Fedora Infrastructure to watch the state of all the hardware we have available in Fedora infrastructure. It alerts members of Fedora Infra about any potential problem happening in infrastructure.

Nagios is essential for monitoring infrastructure and without it Fedora infra team will be in dark.

noc01.iad2.fedoraproject.org - internal noc02.fedoraproject.org - external

monitor-gating

Monitor gating is service that runs dummy package through whole gating process. It files issue when any error happens.

Monitor gating helps us keeping eye on the health of the whole gating process and packaging workflow.

Hosted in OpenShift

Infra tools

Name Description Why it’s critical? Hostname

toddlers

Toddlers are a collection of fedora messaging consumers that are listening for various fedora messages and trigger tasks based on those messages.

Some of the tasks executed by toddlers are essential for whole Fedora Community.

Hosted in OpenShift

mirror_from_pagure

Mirror from Pagure is a service that is mirroring git repositories to/from pagure to another git repository.

Ansible repository containing all deployment playbooks for Fedora Infrastructure needs to be hosted on both Pagure and directly on batcave (entry machine for fedora infra) in case the Pagure wouldn’t work. mirror_from_pagure is taking care of that.

batcave01.iad2.fedoraproject.org

Authentication

Name Description Why it’s critical? Hostname

noggin

Noggin is a frontend for FreeIPA service and serves as a community facing part of Fedora Authentication Server (FAS).

Without it the users wouldn’t be able to manage or access their Fedora accounts settings.

Hosted in OpenShift

IPA

FreeIPA is an identity management service which handles authentication of Fedora users in Fedora ecosystem.

Without FreeIPA nobody would be able to authenticate with any Fedora service.

ipa01.iad2.fedoraproject.org ipa02.iad2.fedoraproject.org ipa03.iad2.fedoraproject.org

Ipsilon

Ipsilon is handling Single Sign-On (SSO) in Fedora ecosystem.

Without Ipsilon SSO in Fedora wouldn’t work. Plenty of web apps in Fedora using SSO as a main authentication system.

ipsilon01.iad2.fedoraproject.org ipsilon02.iad2.fedoraproject.org

fasjson

FASJson is a gateway that allows to query data from FreeIPA.

Without FASJson we will lack the easy way to query data from FreeIPA which will cause plenty of apps to stop working as intended.

Hosted in OpenShift

fasjson-client

Client library for FASJson.

This library is used by various applications in Fedora infrastructure to communicate with FASJson. Issue with this library could cause these applications to stop working.

Not a service

Packaging

Name Description Why it’s critical? Hostname

rpmautospec

Python Package for Automatic Generation of RPM Release Fields and Changelogs. It’s triggered during Koji build.

Without rpmautospec some projects will lose the ability to automatically generate release fields and changelogs which will render those projects unbuildable. More specifically the macros used in spec files.

Not a service

waiverdb

Companion app for ResultsDB that allows users to waive the results (allowing the packaging to continue even if the tests are failing).

Without it the users wouldn’t be able to waive results.

Hosted in OpenShift

resultsdb

Contains database of results for Fedora gating tests run by OpenQA and Fedora CI.

Without it the tests results wouldn’t be stored anywhere and the following processing of the test results wouldn’t be possible. This would render test pipelines unusable.

Hosted in OpenShift

MBS

MBS (Module Build System) is used to build modules for Fedora.

Without MBS Fedora modules couldn’t be built.

mbs-frontend01.iad2.fedoraproject.org mbs-backend01.iad2.fedoraproject.org

ci-resultsdb-listener

This component is listening for Fedora CI announcement of tests results and then stores the results in resultsdb.

Without it the tests results from Fedora CI wouldn’t be stored, which would render Fedora CI unusable.

Hosted in OpenShift

OSBS

OSBS (OpenShift Build System) is used to build container images for Fedora.

Without OSBS Fedora containers couldn’t be built.

osbs-control01.iad2.fedoraproject.org osbs-node0{1-2}.iad2.fedoraproject.org osbs-master01.iad2.fedoraproject.org osbs-aarch64-master01.iad2.fedoraproject.org osbs-aarch64-node0{1-2}.iad2.fedoraproject.org

Koji builders

Koji builders are machines of various architectures used by Koji to build the artifacts.

Without koji builders no artifact could be built.

buildvm-{x86,a64,ppc64le,a32}-{01-XX}.iad2.fedoraproject.org buildvm-s390x-{01-XX}.s390.fedoraproject.org

greenwave

Greenwave is a component that decides whether the package can pass gating or not.

Without Greenwave the packages will be stuck in the queue waiting for gating approval.

Hosted in OpenShift

Koji

Koji is a build system handling artifact building.

Without Koji we wouldn’t be able to build any artifact.

koji0{1-2}.iad2.fedoraproject.org

Bodhi

Bodhi is a system that manages package updates for Fedora distribution.

Without Bodhi packagers couldn’t submit new updates for existing packages.

bodhi-backend01.iad2.fedoraproject.org

robosignatory

Fedora messaging consumer that automatically signs artifacts.

Without Robosignatory no artifact would be automatically signed.

sign-bridge01.iad2.fedoraproject.org

tag2distrepo

Koji plugin that automatically generates dist repositories on tag operations.

Without tag2distrepo packagers wouldn’t be able to create repositories on specific tag.

koji0{1-2}.iad2.fedoraproject.org

sigul

Component that does signing of the artifacts. Called by robosignatory.

Without sigul nothing in Fedora could be signed.

sign-bridge01.iad2.fedoraproject.org

Koschei

Koschei is a software for running a service for scratch-rebuilding RPM packages in Koji instance when their build-dependencies change or after some time elapse.

Without Koschei we wouldn’t have automatic rebuild of packages on dependencies change.

Hosted in OpenShift

pagure-dist-git

Pagure-dist-git is a plugin for Pagure which forms the base for web interface of Fedora dist-git.

Without pagure-dist-git there wouldn’t be any web interface for dist-git for Fedora.

pkgs01.iad2.fedoraproject.org

dist-git

Dist-git is used to initialize distribution git repository for Fedora.

Without dist-git we wouldn’t be able to initialize new distribution git repository for Fedora.

Not a service

Messaging bus

Name Description Why it’s critical? Hostname

RabbitMQ

RabbitMQ is a message broker used by fedora messaging. It assures that the message is delivered from publisher to consumer.

Without it the messages will not be delivered and most of the infra will stop working.

rabbitmq0{1-3}.iad2.fedoraproject.org

fedora messaging

Python library for working with fedora messaging system. It helps you create fedora messaging publishers and consumers. Fedora messages are the main way the applications communicate with each other in Fedora infrastructure.

When there will be an issue with fedora messaging library it could cause issues with fedora messages and affect whole Fedora infrastructure.

Not a service

Community facing

Name Description Why it’s critical? Hostname

Mailman3

GNU Mailman 3 is a set of apps used by Fedora to manage all their mailing lists.

Without Mailman3 mailing lists and archives wouldn’t work.

mailman01.iad2.fedoraproject.org

Pagure

Pagure is a git forge used by Fedora project. It is a main component of Fedora dist-git as well.

Without pagure most of the projects git repositories and issue trackers in Fedora are not available.

pagure02.fedoraproject.org

wiki

Mediawiki is used by Fedora as their choice of Wikipedia-like web server. It’s powering Fedora wiki pages.

Without wiki Fedora wiki pages wouldn’t run.

wiki0{1-2}.iad2.fedoraproject.org

FMN

FMN (FedMSG Notifications) is an application listening for messages in Fedora infra and based on the message sends notifications to users in Fedora projects.

Without FMN no notifications will be sent in Fedora Infra.

notifs-web01.iad2.fedoraproject.org notifs-backend01.iad2.fedoraproject.org

Fedora Release

Name Description Why it’s critical? Hostname

pungi

Pungi is a tool that creates composes of Fedora. It makes sure that all required packages are included in the compose and the compose is available after finishing.

Without pungi it would be much harder to create composes of Fedora.

compose-x86-01.iad2.fedoraproject.org compose-branched01.iad2.fedoraproject.org compose-rawhide01.iad2.fedoraproject.org compose-iot01.iad2.fedoraproject.org

mirrormanager

Mirrormanager is used to manage all the mirrors that are providing fedora packages.

Without it Fedora infra wouldn’t be able to manage all the mirrors of Fedora and DNF wouldn’t be able to automatically provide the best mirror for users.

mm-frontend01.iad2.fedoraproject.org mm-backend01.iad2.fedoraproject.org

ODCS

ODCS (On Demand Compose Service) provides users Fedora composes on demand. It generates an RPM repository with packages provided by the configuration.

Without ODCS Fedora wouldn’t be able to provide composes on demand.

odcs-frontend01.iad2.fedoraproject.org odcs-backend01.iad2.fedoraproject.org odcs-backend-releng01.iad2.fedoraproject.org