Page MenuHomePhabricator
Create Task
Maniphest T131906

Tool Labs elasticsearch cluster broken by production Puppet changes
Closed, ResolvedPublic
Actions

Description

The introduction of an nginx instance to ::elasticsearch for T124444: Look into encrypting Elasticsearch traffic conflicts with the existing nginx reverse proxy implemented for T120040: Setup an experimental, user accessible (read+write) ES cluster for Tool Labs.

Details

SubjectRepoBranchLines +/-
Moving elasticsearch::https instatiation to elasticsearch roleoperations/puppetproduction+2 -8
Customize query in gerrit

Related Objects

Event Timeline

bd808 created this task.Apr 6 2016, 12:09 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 6 2016, 12:09 AM
bd808 added projects: Elasticsearch, Toolforge.Apr 6 2016, 12:09 AM
Restricted Application added projects: Cloud-Services, Discovery-ARCHIVED, Discovery-Search. · View Herald TranscriptApr 6 2016, 12:09 AM
gerritbot subscribed.Apr 6 2016, 12:09 AM

Change 281824 had a related patch set uploaded (by BryanDavis):
Moving elasticsearch::https instatiation to elasticsearch role

https://gerrit.wikimedia.org/r/281824

gerritbot added a project: Patch-For-Review.Apr 6 2016, 12:09 AM
bd808 assigned this task to Gehel.Apr 6 2016, 12:14 AM
bd808 added a subscriber: Gehel.

This has been temporarily hacked around with this local patch on tools-puppetmaster-01:

commit e7789171b6efe3b828738ea9b638c571a427a48e
Author: Bryan Davis <bd808@wikimedia.org>
Date:   Tue Apr 5 21:22:34 2016 +0000

    [HACK] Disable elasticsaerch::https

    Needs to be fixed upstream by moving to a role or something

diff --git a/modules/elasticsearch/manifests/init.pp b/modules/elasticsearch/manifests/init.pp
index 80eb707..3159c2e 100644
--- a/modules/elasticsearch/manifests/init.pp
+++ b/modules/elasticsearch/manifests/init.pp
@@ -115,7 +115,8 @@ class elasticsearch($cluster_name,
     }

     include ::elasticsearch::packages
-    include ::elasticsearch::https
+    # bd808: Breaks stuff in tool labs
+    # include ::elasticsearch::https

     file { '/etc/elasticsearch/elasticsearch.yml':
         ensure  => file,

@Gehel has a patch up for review in gerrit that will provide a better fix by moving the use of ::elasticsearch::https from ::elasticsearch to ::role::elasticsearch::server. Once that lands we will need to pull the local hack patch from tools-puppetmaster-01.

gerritbot added a comment.Apr 6 2016, 8:29 AM

Change 281824 merged by Gehel:
Moving elasticsearch::https instatiation to elasticsearch role

https://gerrit.wikimedia.org/r/281824

Gehel mentioned this in T131644: Puppet fails on tools-elastic-01, tools-elastic-02 and tools-elastic-03: "Class[Nginx] is already declared".Apr 6 2016, 8:34 AM
Gehel reassigned this task from Gehel to bd808.Apr 6 2016, 8:40 AM
Restricted Application added a project: User-bd808. · View Herald TranscriptApr 6 2016, 8:40 AM
Gehel added a comment.Apr 6 2016, 8:41 AM

As I don't have acccess to tools-puppetmaster-01, I'll let you do the cleanup (access requested, we'll see if I get it before you clean my mess).

Stashbot subscribed.Apr 6 2016, 3:20 PM

Mentioned in SAL [2016-04-06T15:20:16Z] <bd808> Removed local hack for T131906 from tools-puppetmaster-01

bd808 closed this task as Resolved.Apr 6 2016, 3:23 PM
bd808 reassigned this task from bd808 to Gehel.
bd808 moved this task from To Do to Done on the User-bd808 board.
bd808 moved this task from Done to Archive on the User-bd808 board.Apr 13 2016, 4:08 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL