Since the switch to Horizon, project admins can only easily manipulate records under *.<projectname>.wmflabs.org rather than just *.wmflabs.org. The latter is in a special org that requires commandline access on labcontrol1001 to manipulate. This makes it unusable for tools admins.
- Deprecate use of tools-login.wmflabs.org, tools-dev.wmflabs.org, switch to login.tools.wmflabs.org and dev.tools.wmflabs.org
- Find other things that need deprecation, and deprecate them in all our docs as well
- Set them to be CNAMEs - so tools-login.wmflabs.org points to login.tools.wmflabs.org, etc. This way, projectadmins can control which target IP the target hostname points to.
We should probably do this for the tools proxy as well (at tools.wmflabs.org -> proxy.tools.wmflabs.org), but need to investigate possible performance implications of CNAMEs for web requests.