system-config/inventory/service/groups.yaml

plugin: yamlgroup
groups:
  adns: adns*.open*.org
  afs-server-common:
    - afs[0-9]*.openstack.org
    - afsdb[0-9]*.openstack.org
  afs-file-server:
    - afs[0-9]*.openstack.org
  afs-db-server:
    - afsdb[0-9]*.openstack.org
  afs-client:
    - mirror[0-9]*.opendev.org
    - mirror-update[0-9]*.opendev.org
    - ze[0-9]*.open*.org
    - afsdb*.open*.org
    - afs[0-9]*.open*.org
    - static[0-9]*.opendev.org
  # bastion group should should only have one entry because we assume
  # groups['bastion'][0] is the bastion host name in several places.
  bastion:
    - bridge.openstack.org
  borg-backup:
    - etherpad[0-9]*.opendev.org
    - gitea01.opendev.org
    - review02.opendev.org
    - zuul[0-9]*.opendev.org
    - refstack01.openstack.org
    - kdc03.openstack.org
    - eavesdrop01.opendev.org
    - paste01.opendev.org
    # These are test specific hosts that we add to the backup
    # group to mimic as much as possible what their prod version
    # end up doing.
    - gitea99.opendev.org
    - review99.opendev.org
    # All these servers are "special-cased" in specifically
    # as they are puppet and should be replaced "soon"
    - lists.openstack.org
    - storyboard01.opendev.org
    - translate01.openstack.org
  borg-backup-server:
    - backup02.ca-ymq-1.vexxhost.opendev.org
    - backup01.ord.rax.opendev.org
  cacti: cacti[0-9]*.open*.org
  certcheck:
    - cacti[0-9]*.open*.org
  cloud-launcher:
    - bridge*.open*.org
  codesearch:
    - codesearch[0-9]*.opendev.org
  control-plane-clouds:
    - bridge*.open*.org
  disabled: []
  dns:
    - adns*.opendev.org
    - ns*.opendev.org
  eavesdrop: eavesdrop[0-9]*.opendev.org
  etherpad: etherpad[0-9]*.open*.org
  gitea:
    - gitea[0-9]*.opendev.org
  gitea-lb:
    - gitea-lb[0-9]*.opendev.org
  grafana:
    - grafana[0-9]*.opendev.org
  graphite:
    - graphite*.opendev.org
  jvb:
    - jvb[0-9]*.opendev.org
  kerberos-client:
    - afs[0-9]*.open*.org
    - afsdb*.open*.org
    - kdc[0-9]*.openstack.org
    - mirror[0-9]*.opendev.org
    - mirror-update[0-9]*.opendev.org
    - static[0-9]*.opendev.org
    - ze[0-9]*.open*.org
  kerberos-kdc:
    - kdc03.openstack.org
    - kdc04.openstack.org
  kerberos-kdc-primary:
    - kdc03.openstack.org
  kerberos-kdc-replica:
    - kdc04.openstack.org
  keycloak: keycloak[0-9]*.opendev.org
  letsencrypt:
    - codesearch[0-9]*.opendev.org
    - eavesdrop[0-9]*.opendev.org
    - etherpad[0-9]*.opendev.org
    - gitea[0-9]*.opendev.org
    - grafana[0-9]*.opendev.org
    - graphite[0-9]*.opendev.org
    - insecure-ci-registry[0-9]*.opendev.org
    - keycloak[0-9]*.opendev.org
    - lists.katacontainers.io
    - lists.openstack.org
    - meetpad[0-9]*.opendev.org
    - mirror[0-9]*.opendev.org
    - nb[0-9]*.opendev.org
    - paste[0-9]*.opendev.org
    - refstack[0-9]*.openstack.org
    - review[0-9]*.opendev.org
    - static[0-9]*.opendev.org
    - storyboard[0-9]*.opendev.org
    - tracing[0-9]*.opendev.org
    - translate[0-9]*.open*.org
    - zuul[0-9]*.opendev.org
  mailman:
    - lists*.katacontainers.io
    - lists*.open*.org
  meetpad:
    - meetpad[0-9]*.opendev.org
  mirror:
    - mirror[0-9]*.opendev.org
  mirror-update:
    - mirror-update[0-9]*.opendev.org
  nodepool:
    - nb[0-9]*.opendev.org
    - nl[0-9]*.open*.org
  nodepool-builder:
    - nb[0-9]*.opendev.org
  nodepool-launcher:
    - nl[0-9]*.open*.org
  ns:
    - ns[0-9]*.open*.org
  paste:
    - paste[0-9]*.opendev.org
  puppet:
    - cacti[0-9]*.open*.org
    - storyboard-dev[0-9]*.opendev.org
    - storyboard[0-9]*.opendev.org
    - translate-dev[0-9]*.open*.org
    - translate[0-9]*.open*.org
  puppet4:
    - cacti[0-9]*.open*.org
    - storyboard[0-9]*.opendev.org
    - storyboard-dev[0-9]*.opendev.org
    - translate[0-9]*.open*.org
    - translate-dev[0-9]*.open*.org
  refstack:
    - refstack[0-9]*.openstack.org
  registry:
    - insecure-ci-registry[0-9]*.opendev.org
  review:
    - review[0-9]*.opendev.org
  # This group disables operations like project-managment and
  # replication.  It is intended for staging new production servers.
  #review-staging:
  static:
    - static[0-9]*.opendev.org
  storyboard:
    - storyboard[0-9]*.opendev.org
  storyboard-dev:
    - storyboard-dev[0-9]*.opendev.org
  tracing: tracing[0-9]*.opendev.org
  translate-dev:
    - translate-dev[0-9]*.open*.org
  translate:
    - translate[0-9]*.open*.org
  webservers:
    - cacti[0-9]*.open*.org
    - codesearch[0-9]*.opendev.org
    # eavesdrop has its own group with custom ports
    - etherpad[0-9]*.open*.org
    - grafana[0-9]*.opendev.org
    - graphite*.opendev.org
    - keycloak[0-9]*.opendev.org
    - nb[0-9]*.opendev.org
    - nl[0-9]*.open*.org
    - paste[0-9]*.opendev.org
    - refstack[0-9]*.openstack.org
    - static[0-9]*.opendev.org
    - storyboard-dev[0-9]*.opendev.org
    - storyboard[0-9]*.opendev.org
    - tracing[0-9]*.opendev.org
    - translate-dev[0-9]*.open*.org
    - translate[0-9]*.open*.org
  zookeeper:
    - zk[0-9]*.open*.org
  zuul-lb:
    - zuul-lb[0-9]*.opendev.org
  zuul:
    - ze[0-9]*.opendev.org
    - zm[0-9]*.opendev.org
    - zuul[0-9]*.opendev.org
  zuul-executor:
    - ze[0-9]*.opendev.org
  zuul-merger:
    - zm[0-9]*.opendev.org
  zuul-preview:
    - zp[0-9]*.opendev.org
  zuul-scheduler:
    - zuul[0-9]*.opendev.org
  zuul-web:
    - zuul[0-9]*.opendev.org