User Details
User Details
- User Since
- Sep 5 2023, 11:23 AM (33 w, 3 d)
- Availability
- Available
- IRC Nick
- brouberol
- LDAP User
- Brouberol
- MediaWiki User
- BRouberol-WMF [ Global Accounts ]
Yesterday
Yesterday
brouberol moved T361345: Create the MPIC docker image build pipeline from Backlog to Done on the Data-Platform-SRE (2024.04.15 - 2024.05.05) board.
mpic:v0.0.1 was just released!
brouberol closed T361345: Create the MPIC docker image build pipeline, a subtask of T361335: Deploy the MP Instrumentation Configuration application to the DSE k8s cluster, as Resolved.
I'm going to call this done for now, as both the DB user password and OIDC client secret have been committed to the private puppet repo and rendered on the deployment server, and it's not clear that we need anything else atm. Please re-open if we need other secrets.
brouberol moved T361955: Create an `mpic` MariaDB database from Blocked / Waiting to Done on the Data-Platform-SRE (2024.04.15 - 2024.05.05) board.
brouberol closed T361955: Create an `mpic` MariaDB database, a subtask of T361335: Deploy the MP Instrumentation Configuration application to the DSE k8s cluster, as Resolved.
Thu, Apr 25
Thu, Apr 25
brouberol placed T363299: create Internal service DNS record for datahub pointing to dse-k8s up for grabs.
Fri, Apr 19
Fri, Apr 19
brouberol added a comment to T361955: Create an `mpic` MariaDB database.
That'd be perfect!
brouberol added a comment to T361342: Provision the MPIC secrets in the private puppet repository.
I have added the DB user passwords in the private puppet repo
brouberol moved T361955: Create an `mpic` MariaDB database from Backlog to Blocked / Waiting on the Data-Platform-SRE (2024.04.15 - 2024.05.05) board.
brouberol added a comment to T361955: Create an `mpic` MariaDB database.
create database mpic_staging; grant all privileges on mpic_next.* to `mpic_staging`@`10.%` identified by '[REDACTED]'; flush privileges;
brouberol updated the task description for T362954: Fix rendering issue in modules.app.job when cronjobs are enabled and private values are defined.
Mon, Apr 8
Mon, Apr 8
brouberol closed T361894: Superset account does not receive sql_lab role despite wmf LDAP membership as Resolved.
This should be fixed now. Please re-open if you're seeing the same bug reoccur. Thanks for the report!
Sat, Apr 6
Sat, Apr 6
brouberol added a comment to T361894: Superset account does not receive sql_lab role despite wmf LDAP membership.
We identified the root cause: in the case of users belonging to a single LDAP group (which is the case for Neil), CAS returns a role list as a string, instead of a list containing a single string.
Fri, Apr 5
Fri, Apr 5
brouberol updated the task description for T361955: Create an `mpic` MariaDB database.
brouberol updated subscribers of T361342: Provision the MPIC secrets in the private puppet repository.
@Sfaci could we sync up so that I can get access to the MariaDB user password assigned to your app user, and commit it into the private puppet repo?
Thu, Apr 4
Thu, Apr 4
brouberol added a comment to T361343: Create the MPIC Kubernetes chart.
The way the chart is rendered by injecting the values into the templates is by running (when located in ~/path/to/deployment-charts)
brouberol added a comment to P59428 Kafka configuration diff between 1.1 and 3.5.
❯ cat kafka-config-diff-from-1_1-to-3_5.json | jq 'map(select(.name | contains("socket") or contains("buffer") or contains("thread")))' [ { "name": "sasl.login.refresh.buffer.seconds", "status": "new", "description": "The amount of buffer time before credential expiration to maintain when refreshing a credential, in seconds. If a refresh would otherwise occur closer to expiration than the number of buffer seconds then the refresh will be moved up to maintain as much of the buffer time as possible. Legal values are between 0 and 3600 (1 hour); a default value of 300 (5 minutes) is used if no value is specified. This value and sasl.login.refresh.min.period.seconds are both ignored if their sum exceeds the remaining lifetime of a credential. Currently applies only to OAUTHBEARER.", "scope": "broker", "type": "short", "valid_values": null, "importance": "medium", "update_mode": "per-broker", "default (1.1)": "[ABSENT]", "default (3.5)": "300" }, { "name": "socket.connection.setup.timeout.max.ms", "status": "new", "description": "The maximum amount of time the client will wait for the socket connection to be established. The connection setup timeout will increase exponentially for each consecutive connection failure up to this maximum. To avoid connection storms, a randomization factor of 0.2 will be applied to the timeout resulting in a random range between 20% below and 20% above the computed value.", "scope": "broker", "type": "long", "valid_values": null, "importance": "medium", "update_mode": "read-only", "default (1.1)": "[ABSENT]", "default (3.5)": "30000 (30 seconds)" }, { "name": "socket.connection.setup.timeout.ms", "status": "new", "description": "The amount of time the client will wait for the socket connection to be established. If the connection is not built before the timeout elapses, clients will close the socket channel.", "scope": "broker", "type": "long", "valid_values": null, "importance": "medium", "update_mode": "read-only", "default (1.1)": "[ABSENT]", "default (3.5)": "10000 (10 seconds)" }, { "name": "socket.listen.backlog.size", "status": "new", "description": "The maximum number of pending connections on the socket. In Linux, you may also need to configure `somaxconn` and `tcp_max_syn_backlog` kernel parameters accordingly to make the configuration takes effect.", "scope": "broker", "type": "int", "valid_values": "[1,...]", "importance": "medium", "update_mode": "read-only", "default (1.1)": "[ABSENT]", "default (3.5)": "50" } ]
brouberol moved T361341: Add the MPIC idp client configuration from In Progress to Done on the Data-Platform-SRE (2024.03.25 - 2024.04.14) board.
brouberol closed T361341: Add the MPIC idp client configuration, a subtask of T361335: Deploy the MP Instrumentation Configuration application to the DSE k8s cluster, as Resolved.
brouberol added a comment to T361343: Create the MPIC Kubernetes chart.
The philosophy of the scaffolding tools is that is most cases, you should mostly need to tweak things in values.yaml (the chart default values).
brouberol added a comment to T361343: Create the MPIC Kubernetes chart.
https://gerrit.wikimedia.org/r/1017034 introduces a lot of YAML, but bear in mind that this is fully automatically generated, via the following command:
brouberol moved T361338: Create the MPIC wikimedia.org subdomains DNS records from In Progress to Done on the Data-Platform-SRE (2024.03.25 - 2024.04.14) board.
brouberol moved T361336: Create Kubernetes view/deploy users from In Progress to Done on the Data-Platform-SRE (2024.03.25 - 2024.04.14) board.
brouberol moved T361337: Create MPIC Kubernetes namespaces from In Progress to Done on the Data-Platform-SRE (2024.03.25 - 2024.04.14) board.
brouberol added a comment to T361337: Create MPIC Kubernetes namespaces.
root@deploy2002:~# kube_env admin dse-k8s-eqiad root@deploy2002:~# kubectl get namespaces | grep mpic mpic Active 78m mpic-next Active 78m
brouberol closed T361336: Create Kubernetes view/deploy users, a subtask of T361335: Deploy the MP Instrumentation Configuration application to the DSE k8s cluster, as Resolved.
brouberol added a comment to T361336: Create Kubernetes view/deploy users.
brouberol@deploy2002:~$ ls -alh /etc/kubernetes/mpic*-dse-k8s-eqiad.config -rw-r----- 1 mwdeploy deployment 451 Apr 4 09:40 /etc/kubernetes/mpic-deploy-dse-k8s-eqiad.config -rw-r----- 1 mwdeploy deployment 423 Apr 4 09:40 /etc/kubernetes/mpic-dse-k8s-eqiad.config -rw-r----- 1 mwdeploy deployment 476 Apr 4 09:40 /etc/kubernetes/mpic-next-deploy-dse-k8s-eqiad.config -rw-r----- 1 mwdeploy deployment 448 Apr 4 09:40 /etc/kubernetes/mpic-next-dse-k8s-eqiad.config
brouberol added a comment to T361338: Create the MPIC wikimedia.org subdomains DNS records.
brouberol@dns1004:~$ host mpic.wikimedia.org mpic.wikimedia.org is an alias for dyna.wikimedia.org. dyna.wikimedia.org has address 208.80.154.224 dyna.wikimedia.org has IPv6 address 2620:0:861:ed1a::1 brouberol@dns1004:~$ host mpic-next.wikimedia.org mpic-next.wikimedia.org is an alias for dyna.wikimedia.org. dyna.wikimedia.org has address 208.80.154.224 dyna.wikimedia.org has IPv6 address 2620:0:861:ed1a::1
brouberol added a comment to T361339: Create the internal service DNS records for the MPIC application.
brouberol@dns1004:~$ host mpic-next.svc.eqiad.wmnet mpic-next.svc.eqiad.wmnet is an alias for k8s-ingress-dse.svc.eqiad.wmnet. k8s-ingress-dse.svc.eqiad.wmnet has address 10.2.2.91 brouberol@dns1004:~$ host mpic.svc.eqiad.wmnet mpic.svc.eqiad.wmnet is an alias for k8s-ingress-dse.svc.eqiad.wmnet. k8s-ingress-dse.svc.eqiad.wmnet has address 10.2.2.91
brouberol closed T361339: Create the internal service DNS records for the MPIC application as Resolved.
brouberol closed T361337: Create MPIC Kubernetes namespaces, a subtask of T361335: Deploy the MP Instrumentation Configuration application to the DSE k8s cluster, as Resolved.
brouberol updated the title for P59428 Kafka configuration diff between 1.1 and 3.5 from untitled to Kafka configuration diff between 1.1 and 3.5.
brouberol added a comment to P59428 Kafka configuration diff between 1.1 and 3.5.
Also available as JSON
brouberol moved T361341: Add the MPIC idp client configuration from Backlog to In Progress on the Data-Platform-SRE (2024.03.25 - 2024.04.14) board.
brouberol moved T361337: Create MPIC Kubernetes namespaces from Backlog to In Progress on the Data-Platform-SRE (2024.03.25 - 2024.04.14) board.
brouberol moved T361336: Create Kubernetes view/deploy users from Backlog to In Progress on the Data-Platform-SRE (2024.03.25 - 2024.04.14) board.
brouberol triaged T361339: Create the internal service DNS records for the MPIC application as High priority.
brouberol triaged T361342: Provision the MPIC secrets in the private puppet repository as High priority.
brouberol triaged T361340: Add the MPIC wikimedia.org subdomains to the trafficserver configuration as High priority.
Wed, Apr 3
Wed, Apr 3
brouberol edited projects for T361336: Create Kubernetes view/deploy users, added: Data-Platform-SRE (2024.03.25 - 2024.04.14); removed Data-Platform-SRE.
brouberol added a comment to T360531: [Commons Impact Metrics] Refactor/create helm config for AQS service accessing both Cassandra and Druid.
@mforns I can pick up this work until Ben comes back if necessary, depending on whether you're still blocked or if you have enough to proceed.
brouberol added a project to T361346: Setup monitoring for the MPIC applications: Metrics Platform Backlog.
brouberol added a comment to T361335: Deploy the MP Instrumentation Configuration application to the DSE k8s cluster.
On slack, @Sfaci mentioned
About how the application is configured, at this moment, we have only a config.yaml file per environment but I don't know if we should declare some environment variables.
brouberol added a comment to T361335: Deploy the MP Instrumentation Configuration application to the DSE k8s cluster.
Is there a standard way to use config files for storing environment variables (db connection creds)?
Fri, Mar 29
Fri, Mar 29
brouberol added a comment to T341895: Deprecate Hue and stop the services.
I've taken care of archiving the gerrit repo
brouberol created T361344: Create MPIC helmfiles.
brouberol added a comment to T361338: Create the MPIC wikimedia.org subdomains DNS records.
What subdomains will be required @WDoranWMF ?