Replicate the same deployment we have in toolsbeta but in tools.
This will require also createing the proxy harbor.tools.wmflabs.org.
- Create tools-harbor-1.tools.eqiad1.wikimedia.cloud VM in the tools project
- Add a 500GB volume for the images (feel free to do some calculations to guess a good size)
- Add the hiera value profile::toolforge::harbor::cinder_attached: true to the instance puppet
- Create a prefix puppet config in horizon for the prefix tools-harbor- with the puppetclass role::wmcs::toolforge::harbor
- Run puppet on the new VM
- Run the script /srv/ops/harbor/prepare and run puppet again
- Check that harbor is up and running on that VM
- Add a proxy from horizon named tools-harbor.wmflabs.org pointing to the new harbor instance
- Create a security group in horizon allowing access on port 80 from 172.16.0.0/21 (would be nice to be more specific but I'm not really sure how)
- Create a Trove database and add the credentials to /etc/puppet/private in toolsbeta-puppetmaster-04 (profile::toolforge::harbor::db_harbor_pwd)
- Generate an admin password for Harbor and add that password to /etc/puppet/private in toolsbeta-puppetmaster-04 as profile::toolforge::harbor::admin_pwd
Duplicate the maintain-harbor deployment for tools (TBD)moved to its own task: T332347