Page MenuHomePhabricator
Create Task
Maniphest T1154

Make labs salt use instance names than ids
Closed, ResolvedPublic
Actions

Description

Currently they use instance ids, which are horrible, horrible things.

Details

SubjectRepoBranchLines +/-
salt: Use fqdn as client id for labs as welloperations/puppetproduction+0 -3
Customize query in gerrit

Related Objects
Search...

Event Timeline

yuvipanda created this task.Nov 7 2014, 10:17 PM
yuvipanda raised the priority of this task from to Needs Triage.
yuvipanda updated the task description. (Show Details)
yuvipanda added a project: acl*sre-team.
yuvipanda changed Security from none to None.
yuvipanda added a subscriber: yuvipanda.
ArielGlenn added a subscriber: ArielGlenn.Nov 7 2014, 10:31 PM
yuvipanda added a project: Cloud-Services.Dec 13 2014, 8:29 AM
gerritbot added a project: Patch-For-Review.Dec 13 2014, 8:31 AM

Change 179592 had a related patch set uploaded (by Yuvipanda):
salt: Use fqdn as client id for labs as well

https://gerrit.wikimedia.org/r/179592

Patch-For-Review

yuvipanda added a comment.Dec 15 2014, 11:50 PM

So... talked to Ryan Lane some more and this is more complicated than expected ;)

Problem with fqdn is that deleting and creating an instance will cause complications because the salt (and puppet too, for that matter) certificates for the old instance won't be purged, so puppet/salt won't work.

Solution to this is to write a nova plugin that purges salt/puppet certs when an instance gets deleted.

fgiunchedi triaged this task as Low priority.Dec 22 2014, 10:14 AM
fgiunchedi added a subscriber: fgiunchedi.
coren moved this task from Triage to Backlog on the Cloud-Services board.Feb 10 2015, 9:24 PM
ArielGlenn added a comment.Feb 23 2015, 3:29 PM

I have a draft of that plugin which I need to test.

gerritbot added a subscriber: gerritbot.Mar 4 2015, 11:21 AM

Change 179592 abandoned by Yuvipanda:
salt: Use fqdn as client id for labs as well

Reason:
Issss uselessssss

https://gerrit.wikimedia.org/r/179592

yuvipanda removed a project: Patch-For-Review.Mar 16 2015, 1:48 PM
yuvipanda added a subscriber: Andrew.Jun 9 2015, 11:10 AM

@Andrew is this fixed with the switch to designate?

MoritzMuehlenhoff added a subscriber: MoritzMuehlenhoff.Jun 9 2015, 11:18 AM
MoritzMuehlenhoff added a comment.Jun 9 2015, 2:08 PM

I've setup a salt environment today: The DNS seems to work fine with a minor tweak: In the pre-generated /etc/salt/minion there's a line starting with "id:" which sets the ec2id. If I remove these salt only uses the proper hostnames in salt-key.

Andrew added a comment.Jun 9 2015, 2:11 PM

This will be a part of the roll-out of https://gerrit.wikimedia.org/r/#/c/202924/ on Thursday.

Andrew added a subtask: T95480: Abolish use of ec2id in cert names.Jun 9 2015, 2:16 PM
Andrew closed this task as Resolved.Jun 18 2015, 2:38 PM
Andrew claimed this task.
Andrew closed subtask T95480: Abolish use of ec2id in cert names as Resolved.
Phabricator_maintenance removed a subscriber: yuvipanda.Jun 7 2017, 7:05 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL