Page MenuHomePhabricator
Create Task
Maniphest T123712

Reimage hooft with jessie and rename to bast3001
Closed, ResolvedPublic
Actions

Description

hooft.esams.wikimedia.org should be re-imaged with jessie. Also, for consistency with the other bastion hosts, rename it to bast3001

Details

Show related patches Customize query in gerrit

Related Objects
Search...

Event Timeline

MoritzMuehlenhoff created this task.Jan 15 2016, 11:02 AM
MoritzMuehlenhoff raised the priority of this task from to Medium.
MoritzMuehlenhoff updated the task description. (Show Details)
MoritzMuehlenhoff added a project: SRE.
MoritzMuehlenhoff subscribed.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 15 2016, 11:02 AM
MoritzMuehlenhoff added a parent task: T123525: reduce amount of remaining Ubuntu 12.04 (precise) systems in production.Jan 15 2016, 11:02 AM
Southparkfan updated the task description. (Show Details)Jan 15 2016, 2:51 PM
Southparkfan set Security to None.
Southparkfan awarded a token.
Southparkfan subscribed.
Krenair subscribed.Jan 15 2016, 3:50 PM
faidon subscribed.Jan 20 2016, 6:31 PM

Note that hooft is the last of the legacy .esams.wikimedia.org hostnames. Whether we rename it to bast3001 or not, we should drop that suffix (look at older commits where I did the same with e.g. nescio). After it's done, we should drop the .esams.wikimedia.org suffix from everywhere (at least base::resolving::domain_search under hieradata, modules/install_server/files/dhcpd/dhcpd.conf; possibly others)

Moreover, hooft's (and other bastions') SLAAC addresses should be dropped from network.pp after the reinstall is over (the SLAAC addresses are only needed for precises).

Dzahn closed subtask T124197: Port Ganglia aggregator setup to systemd as Resolved.Mar 15 2016, 7:09 PM
Dzahn reopened subtask T124197: Port Ganglia aggregator setup to systemd as Open.Mar 15 2016, 10:26 PM
Dzahn closed subtask T124197: Port Ganglia aggregator setup to systemd as Resolved.Mar 15 2016, 10:43 PM
Dzahn subscribed.Mar 30 2016, 5:00 PM

Once we drop the .esams. from hooft, what would we do with these?

; esams Service aliases
; FIXME: all 3 of these are suspect, we don't do these per-subdomain elsewhere..
puppet.esams           1H  IN CNAME    palladium.eqiad.wmnet.
recursor0.esams        1H  IN A        91.198.174.216  ; esams LVS (dns-rec-lb)
recursor1.esams        1H  IN A        208.80.154.239  ; eqiad LVS (dns-rec-lb)

; esams Servers
; FIXME: these stay under .esams.wikimedia.org until they get reprovisioned
slauerhoff.esams       1H  IN A    91.198.174.108
slauerhoff-array.esams 1H  IN A    91.198.174.107
hooft.esams            1H  IN A    91.198.174.113
                       1H  IN AAAA 2620:0:862:1:91:198:174:113
; esams Management
scs-oe11-esams.esams   1H  IN A    10.21.0.102
gerritbot subscribed.Mar 30 2016, 5:08 PM

Change 280464 had a related patch set uploaded (by Dzahn):
rename hooft.esams to bast3001

https://gerrit.wikimedia.org/r/280464

gerritbot added a project: Patch-For-Review.Mar 30 2016, 5:08 PM
gerritbot added a comment.Mar 30 2016, 5:26 PM

Change 280466 had a related patch set uploaded (by Dzahn):
hooft->bast3001 in smokeping,dhcp/network comments

https://gerrit.wikimedia.org/r/280466

gerritbot added a comment.Mar 30 2016, 5:55 PM

Change 280472 had a related patch set uploaded (by Dzahn):
site.pp/hiera: rename hooft to bast3001

https://gerrit.wikimedia.org/r/280472

gerritbot added a comment.Mar 30 2016, 6:04 PM

Change 280466 merged by Dzahn:
hooft->bast3001 in smokeping,dhcp/network comments

https://gerrit.wikimedia.org/r/280466

gerritbot added a comment.Mar 30 2016, 6:31 PM

Change 280478 had a related patch set uploaded (by Dzahn):
install_server: rename hooft to bast3001

https://gerrit.wikimedia.org/r/280478

gerritbot added a comment.Mar 30 2016, 7:01 PM

Change 280478 merged by Dzahn:
install_server: rename hooft to bast3001

https://gerrit.wikimedia.org/r/280478

gerritbot added a comment.Mar 30 2016, 7:07 PM

Change 280491 had a related patch set uploaded (by Dzahn):
DHCP: set next-server for public-esams subnet to carbon

https://gerrit.wikimedia.org/r/280491

gerritbot added a comment.Mar 30 2016, 7:16 PM

Change 280491 merged by Dzahn:
DHCP: set next-server for public-esams subnet to carbon

https://gerrit.wikimedia.org/r/280491

gerritbot added a comment.Mar 30 2016, 7:36 PM

Change 280464 merged by Dzahn:
rename hooft.esams to bast3001

https://gerrit.wikimedia.org/r/280464

gerritbot added a comment.Mar 30 2016, 7:43 PM

Change 280472 merged by Dzahn:
site.pp/hiera: rename hooft to bast3001

https://gerrit.wikimedia.org/r/280472

gerritbot added a comment.Mar 30 2016, 8:00 PM

Change 280503 had a related patch set uploaded (by Dzahn):
resolving::domain_search: drop esams.wikimedia.org

https://gerrit.wikimedia.org/r/280503

Dzahn added a comment.Mar 30 2016, 8:10 PM
In T123712#1948876, @faidon wrote:

After it's done, we should drop the .esams.wikimedia.org suffix from everywhere (at least base::resolving::domain_search under hieradata,

https://gerrit.wikimedia.org/r/#/c/280503/

modules/install_server/files/dhcpd/dhcpd.conf`; possibly others)

https://gerrit.wikimedia.org/r/280505

Moreover, hooft's (and other bastions') SLAAC addresses should be dropped from network.pp after the reinstall is over (the SLAAC addresses are only needed for precises).

https://gerrit.wikimedia.org/r/#/c/280506/1

gerritbot added a comment.Mar 31 2016, 3:00 PM

Change 280674 had a related patch set uploaded (by Dzahn):
install_server: make multatuli the new bast, not hooft

https://gerrit.wikimedia.org/r/280674

gerritbot added a comment.Mar 31 2016, 3:05 PM

Change 280674 merged by Dzahn:
install_server: make multatuli the new bast, not hooft

https://gerrit.wikimedia.org/r/280674

gerritbot added a comment.Mar 31 2016, 11:57 PM

Change 280791 had a related patch set uploaded (by Dzahn):
install_server: re-use amslvs1 for bast3001

https://gerrit.wikimedia.org/r/280791

gerritbot added a comment.Apr 1 2016, 12:13 AM

Change 280791 merged by Dzahn:
install_server: re-use amslvs1 for bast3001

https://gerrit.wikimedia.org/r/280791

gerritbot added a comment.Apr 1 2016, 12:54 AM

Change 280797 had a related patch set uploaded (by Dzahn):
assign IP to bast3001, v4 and v6

https://gerrit.wikimedia.org/r/280797

gerritbot added a comment.Apr 1 2016, 12:56 AM

Change 280797 merged by Dzahn:
assign IP to bast3001, v4 and v6

https://gerrit.wikimedia.org/r/280797

gerritbot added a comment.Apr 1 2016, 1:13 AM

Change 280798 had a related patch set uploaded (by Dzahn):
install/ganglia/network: adjust bast3001 IP address

https://gerrit.wikimedia.org/r/280798

gerritbot added a comment.Apr 1 2016, 1:48 AM

Change 280799 had a related patch set uploaded (by Dzahn):
site.pp: temp add hooft back as install-server

https://gerrit.wikimedia.org/r/280799

gerritbot added a comment.Apr 1 2016, 1:50 AM

Change 280799 merged by Dzahn:
site.pp: temp add hooft back as install-server

https://gerrit.wikimedia.org/r/280799

gerritbot added a comment.Apr 1 2016, 2:19 AM

Change 280803 had a related patch set uploaded (by Dzahn):
ganglia: leave aggregator on hooft until bast3001 works

https://gerrit.wikimedia.org/r/280803

gerritbot added a comment.Apr 1 2016, 2:26 AM

Change 280803 merged by Dzahn:
ganglia: leave aggregator on hooft until bast3001 works

https://gerrit.wikimedia.org/r/280803

gerritbot added a comment.Apr 1 2016, 6:29 PM

Change 280955 had a related patch set uploaded (by Dzahn):
install: update MAC address bast3001 from amslvs2

https://gerrit.wikimedia.org/r/280955

gerritbot added a comment.Apr 1 2016, 6:30 PM

Change 280955 merged by Dzahn:
install: update MAC address bast3001 from amslvs2

https://gerrit.wikimedia.org/r/280955

gerritbot added a comment.Apr 1 2016, 7:04 PM

Change 280959 had a related patch set uploaded (by Dzahn):
install: update MAC for bast3001 from slauerhoff

https://gerrit.wikimedia.org/r/280959

gerritbot added a comment.Apr 1 2016, 7:05 PM

Change 280959 merged by Dzahn:
install: update MAC for bast3001 from slauerhoff

https://gerrit.wikimedia.org/r/280959

Dzahn claimed this task.Apr 1 2016, 7:20 PM
RobH mentioned this in T131543: update hostname label on system bast3001, was slauerhoff.Apr 1 2016, 7:21 PM
gerritbot added a comment.Apr 1 2016, 8:20 PM

Change 280506 had a related patch set uploaded (by Dzahn):
network.pp: new IP bast3001 & drop former hooft SLAAC addr

https://gerrit.wikimedia.org/r/280506

gerritbot added a comment.Apr 1 2016, 8:27 PM

Change 280506 merged by Dzahn:
network.pp: new IP bast3001 & drop former hooft SLAAC addr

https://gerrit.wikimedia.org/r/280506

gerritbot added a comment.Apr 1 2016, 8:38 PM

Change 281029 had a related patch set uploaded (by Dzahn):
site.pp: remove hooft from puppet

https://gerrit.wikimedia.org/r/281029

gerritbot added a comment.Apr 1 2016, 8:42 PM

Change 280798 merged by Dzahn:
dhcp: update install-server IP for esams subnets

https://gerrit.wikimedia.org/r/280798

gerritbot added a comment.Apr 1 2016, 8:53 PM

Change 281035 had a related patch set uploaded (by Dzahn):
ganglia: switch esams aggregator to bast3001

https://gerrit.wikimedia.org/r/281035

gerritbot added a comment.Apr 1 2016, 9:29 PM

Change 281029 merged by Dzahn:
site.pp: remove hooft from puppet

https://gerrit.wikimedia.org/r/281029

gerritbot added a comment.Apr 1 2016, 9:37 PM

Change 281035 merged by Dzahn:
ganglia: switch esams aggregator to bast3001

https://gerrit.wikimedia.org/r/281035

Dzahn added a comment.Apr 1 2016, 10:08 PM

bast3001 is up with jessie and can be used now.

+---------+---------+-------------------------------------------------+
| Cipher  | Algo    | Fingerprint                                     |
+---------+---------+-------------------------------------------------+
| RSA     | MD5     | 4c:a2:57:bf:63:65:bf:81:f6:8d:2c:cd:38:c8:12:e1 |
| RSA     | SHA-256 | pkB6Pon2AgneGIz0CVLmb/ZDKkPME6NfVzEA72//KyE=    |
+---------+---------+-------------------------------------------------+
| DSA     | MD5     | 5b:3b:0d:67:c7:d6:14:dd:af:d3:fb:76:dc:31:34:29 |
| DSA     | SHA-256 | xpEfNJkAcr0xG8NccCLgGfCB3q3smslkMsVBIG8frV8=    |
+---------+---------+-------------------------------------------------+
| ECDSA   | MD5     | 88:e5:f1:72:61:f0:b8:b4:42:39:05:07:c4:10:33:22 |
| ECDSA   | SHA-256 | lu0DufB2NZ7NBdkwqIA5KVBgRh1wT5QqZsPnB6PLdSY=    |
+---------+---------+-------------------------------------------------+
| ED25519 | MD5     | 92:3d:7c:05:7c:c0:bb:b0:1d:b5:84:e4:38:fa:3f:3e |
| ED25519 | SHA-256 | dp/xa9vLQGNHEP1Wo6+rsliTbfAkwceHMYHfgDq49N0=    |
+---------+---------+-------------------------------------------------+
Dzahn closed this task as Resolved.Apr 1 2016, 10:14 PM

So, we ended up turning slauerhoff into bast3001 and installed that from hooft. (because installing cross-dc didnt work).

Now bast3001 is the new bastion and tftp and hooft has been removed from puppet/icinga, is shutdown.

The end result is the same.

Dzahn created subtask T131560: redeploy hooft as bast3002.Apr 1 2016, 11:08 PM
Dzahn removed a project: Patch-For-Review.Apr 1 2016, 11:11 PM
gerritbot added a comment.Apr 1 2016, 11:30 PM

Change 281057 had a related patch set uploaded (by Dzahn):
rename mgmt interface slauerhoff->bast3001

https://gerrit.wikimedia.org/r/281057

gerritbot added a project: Patch-For-Review.Apr 1 2016, 11:30 PM

Change 281057 merged by Dzahn:
rename mgmt interface slauerhoff->bast3001

https://gerrit.wikimedia.org/r/281057

gerritbot added a comment.Apr 4 2016, 11:01 PM

Change 280503 merged by Faidon Liambotis:
resolving::domain_search: drop esams.wikimedia.org

https://gerrit.wikimedia.org/r/280503

Dzahn closed subtask T131560: redeploy hooft as bast3002 as Invalid.Mar 2 2017, 11:16 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits