Page MenuHomePhabricator
Create Task
Maniphest T105756

Mailman Upgrade (Jessie & Mailman 2.x) and migration to a VM
Closed, ResolvedPublic
Actions

Description

This is the tracking task for the migration of mailman from sodium onto a production ganeti vm & current/stable release of mailman2.x.

The following people are involved in this project: @Dzahn, @JohnLewis, @RobH & @faidon.

#taskticketdone?
1request new VM for staging/testingT108065yes
2install jessie on new VMT108070yes
3let JohnLewis sign L2T108057yes
3give JohnLewis shell access on new VM and sudo to execute things as "list" and view log filesT108082yes
4basic semi-manual mailman 2.1.8 setup on new VMT108383yes
5setup rsyncd on fermium (via puppet) to be able to copy files directly without agent forwardingT109921yes
6export list configs and archives from sodium, rsync them all over to fermiumT108071yes
7write script to import listsT109922yes
8test importing of list configs and archives on fermium for all lists (public and private)T108073yes
9rename lists with invalid namesT109539, T109393yes
10move hardcoded IP configuration (server and service name) to hiera to be able to run more than 1 mailman instance from puppet roleT109624yes
11clean up mailman data directory on sodium (over 0.5 million held messages)T109838, T83967yes
12write this plan :)T109467yes
13go through all directories in /var/lib/mailman and decide whether they need to be imported or can be skippedT109399yes
14figure out which new service IP to use, v4 and v6, set it in hiera?T108080yes
15add public IP for fermium (DNS change, installserver/DHCP change)T109923yes
16reinstall OS (jessie) on fermiumT109924yes
17apply regular mailman role on fermiumT109925yes
18test ferm rules are sufficientT104980yes
19rsync all configs and archives one more timeT110129yes
20import all lists with the script we wrote for thatT110131no
21one day before: lower lists.wikimedia.org TTL to 5 minT110132yes
22announce scheduled downtime - need to debate and decide on a worst-case length.T110133yes
23right before the switch: lower TTL to 10 secondsT110135n/a
24hold lists.wikimedia.org with exim (disable puppet on sodium; apply locally rather via operations/puppet unless we want to hold all emails to fermium as well for 'safety'?)T110136invalid
25shut down mailman on sodiumT110137yes
26rsync one more time, this time only the diff since it was shutdownT110138yes
27rsync exim spool directoryT110440yes
28run ./bin/update and ./bin/check_permsT113020yes
29test sending individual mails from fermiumT110441yes
30switch over service IPT110139yes
31re-enable exim on fermiumT113045yes
31send follow-up email, announce changes with new mailman version if any that have user impact ?T110140yes
32profit? maybe - revert ideas for worst cases?yes

Not blockers, just follow-up:

33TTL back up to normal 1HT110141no
34shutdown sodium, celebrate "no more lucid", close all resolved ticketsT110142

Details

SubjectRepoBranchLines +/-
mailman: no more importing to an import diroperations/puppetproduction+13 -5
Customize query in gerrit

Related Objects
Search...

StatusSubtypeAssignedTask
 ResolvedfaidonT84041 Replace all instances of lighttpd with nginx
 ResolvedfaidonT84053 mailman - replace lighttpd
 ResolvedLSobanskiT111653 Encrypt all the things
 ResolvedfaidonT82576 Enable STARTTLS (both inbound and outbound) on lists
 ResolvedJanZerebeckiT55259 Add Forward Secrecy to all HTTPS sites
 ResolvedDzahnT90351 Improve SSL of lists.wikimedia.org
 ResolvedDzahnT83541 Upgrade Exim to >=4.73
 DuplicateNoneT97492 Upgrade to Mailman 3.0
 ResolvedDzahnT110141 TTL back up to normal 1H
 Resolved MZMcBrideT27231 Mailman mailing list archiver truncates if a line begins with "From"
 ResolvedNoneT66818 Mitigate strict DMARC policy on the mailing lists
 ResolvedDzahnT80945 Get rid of all Ubuntu Lucid (10.04) installs
 ResolvedDzahnT82698 shutdown sodium after mailman has migrated to jessie VM
 ResolvedDzahnT105756 Mailman Upgrade (Jessie & Mailman 2.x) and migration to a VM
 ResolvedDzahnT108057 Phabricator NDA for John Lewis
Restricted Task
 ResolvedDzahnT108073 test importing of mailing list configs and archives on staging VM
 ResolvedDzahnT108071 export config and archive data from sodium
 ResolvedDzahnT108080 service IP can't be switched over
 ResolvedDzahnT108082 give John Lewis shell access on the mailman staging VM
 ResolvedDzahnT108070 install jessie on new VM for mailman
 ResolvedRobHT108065 eqiad: 1 VM request for mailman
 ResolvedDzahnT108383 create basic mailman setup on fermium (jessie) for testing import
 ResolvedRobHT109393 rename wikitech-announce.disabled.T100503
 ResolvedDzahnT109399 go through all directories in /var/lib/mailman and decide if migration is needed
ResolvedDzahnT109467 write migration plan for mailman
 ResolvedDzahnT109539 rename lists mwapi-team.disabled.T97148 and flowfunding.disabled.T97328 ?
 Resolved JohnLewisT109624 move mailman server and service IPs to hiera / make it possible to run multiple instances at once
 ResolvedDzahnT109838 clean up mailman data directory (moderated messages > 0.5 million)
Restricted Task
 ResolvedDzahnT109890 reinstall fermium with public IP
ResolvedDzahnT109923 add public IP for fermium - DNS and DHCP change for reinstall
 DuplicateDzahnT109891 announce mailman downtime
 ResolvedDzahnT109921 setup rsyncd on fermium to copy files from sodium
 ResolvedDzahnT109922 write script to import mailing lists from other server
 DuplicateDzahnT109924 reinstall fermium with jessie and public IP
 ResolvedDzahnT109925 apply regular lists role on fermium and confirm no issues
 ResolvedDzahnT110695 mailman: listinfo template encoding
 ResolvedDzahnT110129 rsync all configs and archives one more time
 InvalidDzahnT110131 import all lists with the script we wrote for that
 ResolvedDzahnT110132 lower lists.wikimedia.org TTL to 5 min
 ResolvedDzahnT110133 announce scheduled downtime
 DeclinedDzahnT110135 right before the switch: lower TTL to 10 seconds
 ResolvedDzahnT110136 hold lists.wikimedia.org with exim
 ResolvedDzahnT110137 shut down mailman on sodium
 ResolvedDzahnT110138 rsync the diff since mail was held on sodium
 ResolvedDzahnT110139 switch over mailman service IP
 ResolvedDzahnT110140 send follow-up email, announce changes with new mailman version if any that have user impact
 Resolved JohnLewisT110382 mailman cronjobs not running?
 ResolvedDzahnT110440 rsync exim spool directory
ResolvedDzahnT110441 test sending individual mails from fermium during migration
 ResolvedDzahnT112229 fermium needs to have exim4-daemon-heavy installed, not -light
 ResolvedDzahnT113020 run /var/lib/mailman/bin/update and ./check_perms
 ResolvedDzahnT113045 start exim on fermium / revert migration hack

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
Dzahn added a subtask: Restricted Task.Aug 5 2015, 5:56 PM
Dzahn renamed this task from Mailman Upgrade (Jessie & Mailman 2.x) to Mailman Upgrade (Jessie & Mailman 2.x) and migration to a VM.Aug 5 2015, 6:38 PM
Dzahn closed subtask T108065: eqiad: 1 VM request for mailman as Resolved.Aug 6 2015, 10:55 PM
Dzahn closed subtask T108070: install jessie on new VM for mailman as Resolved.Aug 6 2015, 11:19 PM
Dzahn closed subtask T108082: give John Lewis shell access on the mailman staging VM as Resolved.Aug 6 2015, 11:21 PM
JohnLewis reopened subtask T108082: give John Lewis shell access on the mailman staging VM as Open.Aug 7 2015, 4:59 PM
Dzahn closed subtask T108383: create basic mailman setup on fermium (jessie) for testing import as Resolved.Aug 7 2015, 9:09 PM
Dzahn closed subtask T108082: give John Lewis shell access on the mailman staging VM as Resolved.Aug 7 2015, 9:12 PM
Dzahn claimed this task.Aug 8 2015, 2:17 AM
Dzahn closed subtask T108073: test importing of mailing list configs and archives on staging VM as Resolved.Aug 15 2015, 2:30 AM
ori subscribed.Aug 16 2015, 9:52 PM

The setup should be resilient to entropy starvation, so we can enable STARTTLS. I am not sure if this requires any explicit action on our part, but one possible requirement is to have haveged running on the virtualization host and the virtio-rng kernel module loaded in guests. This allows guests to use the host's /dev/random.

Dzahn reopened subtask T108073: test importing of mailing list configs and archives on staging VM as Open.Aug 18 2015, 4:38 PM
RobH closed subtask T109393: rename wikitech-announce.disabled.T100503 as Resolved.Aug 18 2015, 6:32 PM
Dzahn removed a subtask: T109395: import old staff list archives ?.Aug 18 2015, 10:21 PM
Dzahn closed subtask T108073: test importing of mailing list configs and archives on staging VM as Resolved.Aug 19 2015, 12:11 AM
Dzahn closed subtask T109624: move mailman server and service IPs to hiera / make it possible to run multiple instances at once as Resolved.Aug 19 2015, 8:31 PM
Dzahn added a parent task: T80945: Get rid of all Ubuntu Lucid (10.04) installs.Aug 21 2015, 7:18 PM
Dzahn closed subtask T109399: go through all directories in /var/lib/mailman and decide if migration is needed as Resolved.Aug 21 2015, 7:24 PM
Dzahn removed a parent task: Restricted Task.Aug 21 2015, 7:35 PM
Dzahn added a subtask: Restricted Task.
Dzahn closed subtask T109921: setup rsyncd on fermium to copy files from sodium as Resolved.Aug 22 2015, 12:35 AM
Dzahn closed subtask T109922: write script to import mailing lists from other server as Resolved.Aug 22 2015, 12:38 AM
Dzahn added a subtask: T110129: rsync all configs and archives one more time.Aug 24 2015, 11:26 PM
Dzahn removed a subtask: T109239: Ensure mailman VM setup has adequate entropy for STARTTLS.Aug 24 2015, 11:47 PM
Dzahn closed subtask T109838: clean up mailman data directory (moderated messages > 0.5 million) as Resolved.Aug 25 2015, 12:00 AM
Dzahn closed subtask T109539: rename lists mwapi-team.disabled.T97148 and flowfunding.disabled.T97328 ? as Resolved.Aug 25 2015, 12:22 AM
Dzahn closed subtask T108080: service IP can't be switched over as Resolved.Aug 25 2015, 12:25 AM
akosiaris closed subtask T109923: add public IP for fermium - DNS and DHCP change for reinstall as Resolved.Aug 25 2015, 12:11 PM
akosiaris closed subtask T109890: reinstall fermium with public IP as Resolved.Aug 25 2015, 2:06 PM
Dzahn closed subtask T108071: export config and archive data from sodium as Resolved.Aug 26 2015, 4:08 PM
JohnLewis closed subtask T110382: mailman cronjobs not running? as Resolved.Aug 26 2015, 7:46 PM
Dzahn closed subtask T110129: rsync all configs and archives one more time as Resolved.Aug 27 2015, 12:48 AM
Dzahn closed subtask T109467: write migration plan for mailman as Resolved.
Dzahn reopened subtask T110129: rsync all configs and archives one more time as Open.Aug 27 2015, 1:20 AM
Dzahn closed subtask T109925: apply regular lists role on fermium and confirm no issues as Resolved.Aug 28 2015, 6:18 PM
Dzahn closed subtask Restricted Task as Resolved.Aug 28 2015, 6:38 PM
Dzahn reopened subtask T109925: apply regular lists role on fermium and confirm no issues as Open.Aug 29 2015, 12:00 AM
Dzahn closed subtask T110135: right before the switch: lower TTL to 10 seconds as Declined.Aug 31 2015, 10:14 PM
Ariconte subscribed.Aug 31 2015, 11:04 PM
Dzahn closed subtask T109925: apply regular lists role on fermium and confirm no issues as Resolved.Aug 31 2015, 11:16 PM
Dzahn updated the task description. (Show Details)Sep 1 2015, 8:44 PM
Dzahn updated the task description. (Show Details)
JohnLewis updated the task description. (Show Details)Sep 1 2015, 8:45 PM
Ricordisamoa subscribed.Sep 2 2015, 11:56 PM
Dzahn closed subtask T110133: announce scheduled downtime as Resolved.Sep 3 2015, 12:02 AM
Dzahn closed subtask T110129: rsync all configs and archives one more time as Resolved.Sep 3 2015, 12:04 AM
Ariconte added a comment.Sep 3 2015, 12:29 AM

"Daniel Zahn 9:56 AM (31 minutes ago)

(back to just announcements on this list but this is one)

We have scheduled an upgrade of mailman (https://lists.wikimedia.org) for:

Wednesday, September 9, 2015 at 2:00:00 PM UTC ( 7:00 AM PDT, 16:00 CEST)"

Are you going to tell the readers??? To forestall all the 'The list is not working messages....

Regards, Richard

Dzahn added a comment.Sep 3 2015, 1:28 AM
In T105756#1600447, @Ariconte wrote:

Are you going to tell the readers??? To forestall all the 'The list is not working messages....

While i understand this concern, mailing all 500+ lists with the same message seemed excessive to me.

saper subscribed.Sep 3 2015, 1:33 AM

Can we add checking web/email interface i18n encoding to the "it works" checklist? Caused some issues in the past (not only on our mailman install)

Dzahn added a comment.Sep 3 2015, 1:40 AM
In T105756#1600624, @saper wrote:

Can we add checking web/email interface i18n encoding to the "it works" checklist?

See T110131#1599716 for a related comment. I ran into issues with one of the listinfo templates (French) on the puppet level and fixed that by converting it to UTF-8. But just this one file. If you see more issues i'm glad if we can fix them but for the migration day specifically i just want to promise they are just like they were on sodium before. we can go from there. see current status on P1944

Platonides mentioned this in T39817: lists.wikimedia.org encoding issues in descriptions.Sep 3 2015, 7:52 PM
Dzahn closed subtask T110132: lower lists.wikimedia.org TTL to 5 min as Resolved.Sep 9 2015, 1:10 AM
Dzahn updated the task description. (Show Details)Sep 9 2015, 1:12 AM
Dzahn closed subtask T110136: hold lists.wikimedia.org with exim as Resolved.Sep 9 2015, 2:14 PM
Dzahn closed subtask T110137: shut down mailman on sodium as Resolved.Sep 9 2015, 2:18 PM
Dzahn closed subtask T110138: rsync the diff since mail was held on sodium as Resolved.Sep 9 2015, 3:11 PM
Dzahn closed subtask T110440: rsync exim spool directory as Resolved.Sep 9 2015, 3:16 PM
Dzahn updated the task description. (Show Details)
Elitre subscribed.Sep 9 2015, 3:55 PM
In T105756#1600617, @Dzahn wrote:
In T105756#1600447, @Ariconte wrote:

Are you going to tell the readers??? To forestall all the 'The list is not working messages....

While i understand this concern, mailing all 500+ lists with the same message seemed excessive to me.

T110133 is the related task. (I would have included the ambassadors list, FWIW).

Dzahn reopened subtask T110440: rsync exim spool directory as Open.Sep 9 2015, 6:46 PM
Dzahn reopened subtask T110138: rsync the diff since mail was held on sodium as Open.
Dzahn reopened subtask T110137: shut down mailman on sodium as Open.
Dzahn added a comment.Sep 9 2015, 7:01 PM

Unfortunately the migration didn't work out this time. We made some last minute changes to the rsync/import scripts to use mv instead of rsync to make things faster, then messed up syntax slightly so a trailing / with the mv command meant things were moved in subdirectories where they shouldn't have. In the end we ran out of time to rsync it again before the end of the scheduled window.

Dzahn mentioned this in rOPUPbd87a2a18034: mailman: don't run service on migration host.Sep 9 2015, 9:59 PM
gerritbot subscribed.Sep 9 2015, 10:00 PM

Change 237276 had a related patch set uploaded (by Dzahn):
mailman: no more importing to an import dir

https://gerrit.wikimedia.org/r/237276

gerritbot added a project: Patch-For-Review.Sep 9 2015, 10:00 PM
gerritbot added a comment.Sep 9 2015, 10:03 PM

Change 237276 merged by Dzahn:
mailman: no more importing to an import dir

https://gerrit.wikimedia.org/r/237276

Dzahn mentioned this in rOPUP3b16e48ed852: mailman: no more importing to an import dir.Sep 9 2015, 10:04 PM
Dzahn closed subtask T110131: import all lists with the script we wrote for that as Invalid.Sep 10 2015, 2:10 AM
Dzahn closed subtask T112229: fermium needs to have exim4-daemon-heavy installed, not -light as Resolved.Sep 16 2015, 12:26 AM
Jay8g subscribed.Sep 16 2015, 3:42 AM
Dzahn updated the task description. (Show Details)Sep 18 2015, 5:27 AM
Dzahn updated the task description. (Show Details)
Dzahn closed subtask T110137: shut down mailman on sodium as Resolved.Sep 18 2015, 2:59 PM
Dzahn closed subtask T110138: rsync the diff since mail was held on sodium as Resolved.
Dzahn closed subtask T110440: rsync exim spool directory as Resolved.
Dzahn updated the task description. (Show Details)Sep 18 2015, 3:02 PM
Dzahn removed a project: Patch-For-Review.
Dzahn closed subtask T113020: run /var/lib/mailman/bin/update and ./check_perms as Resolved.Sep 18 2015, 3:26 PM
Dzahn closed subtask T110441: test sending individual mails from fermium during migration as Resolved.
Dzahn updated the task description. (Show Details)Sep 18 2015, 3:30 PM
Dzahn closed subtask T110139: switch over mailman service IP as Resolved.Sep 18 2015, 3:45 PM
JohnLewis added a comment.Sep 18 2015, 4:32 PM

Migration is over, things seem working (receiving emails, tailing logs on fermium show a bit of activity), so I feel confident saying we're on Jessie now, on .18 and have an unused Lucid box in the datacenter. Daniel's final call for this ticks my boxes.

Dzahn closed subtask T113045: start exim on fermium / revert migration hack as Resolved.Sep 18 2015, 4:39 PM
Dzahn removed a subtask: T110142: Decommission sodium.Sep 18 2015, 4:42 PM
Dzahn closed subtask Restricted Task as Resolved.
Dzahn closed subtask T110140: send follow-up email, announce changes with new mailman version if any that have user impact as Resolved.Sep 18 2015, 5:16 PM
Dzahn removed a subtask: T110141: TTL back up to normal 1H.Sep 18 2015, 10:04 PM
Dzahn updated the task description. (Show Details)
Dzahn closed this task as Resolved.Sep 18 2015, 10:06 PM

all blockers closed. that closes the tracking ticket :)

Krenair awarded a token.Sep 18 2015, 10:10 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL