Page MenuHomePhabricator
Create Task
Maniphest T134807

Replace test hostnames in datecenter-specific subdomains with dashed names
Open, LowPublic
Actions

Description

We have a bunch of hostnames in wikimedia.org that are similar to: text-lb.eqiad.wikimedia.org. These have never been meant for user requests in URIs, and with our HTTPS redirects and certificates they can't legitimately serve requests anyways. They serve two basic purposes:

  1. They're the matching forward-DNS for reverse lookups of our real service IPs, so that DNS can tell you which datacenter a service IP maps to.
  2. When trying to debug or test things that are datacenter-specific, these hostnames are useful in scenarios like curl -k -v -H 'Host: en.wikipedia.org' https://text-lb.esams.wikimedia.org/. This lets one bypass geographic routing/failover and test on a specific DC. The -k there lets curl ignore that the certificate is invalid for the URI's hostname.

They're still kind of "ugly" though, in that they are hostnames which exist in our domains, in our authdns, there are HTTP[S] listeners reachable at the IPs of those hostnames, and they're not legal for our certificates. It would be better to replace them all with names like text-lb-eqiad.wikimedia.org. Then we wouldn't need -k, and we wouldn't need a little asterisk-explanation every time we say that everything in all of our domains are legitimately HTTPS/redirect/preload -compatible.

We'll probably have to add the new names first, fix up reverse DNS to point at the new names, then go through a slow process of fixing documentation/debugging links here there and everywhere, and wait a while before removing the old ones to reduce confusion.

Event Timeline

BBlack created this task.May 9 2016, 7:42 PM
Restricted Application added a project: SRE. · View Herald TranscriptMay 9 2016, 7:42 PM
Restricted Application added subscribers: Zppix, Aklapper. · View Herald Transcript
BBlack triaged this task as Low priority.May 9 2016, 7:43 PM
BBlack moved this task from Backlog to Domain name registration on the Traffic board.Oct 3 2016, 3:09 PM
Phabricator_maintenance moved this task from Backlog to Acknowledged on the SRE board.Jan 26 2019, 8:39 PM
BBlack edited projects, added Traffic-Icebox; removed Traffic.Sep 1 2021, 11:21 PM

The swap of Traffic for Traffic-Icebox in this ticket's set of tags was based on a bulk action for all such tickets that haven't been updated in 6 months or more. This does not imply any human judgement about the validity or importance of the task, and is simply the first step in a larger task cleanup effort. Further manual triage and/or requests for updates will happen this month for all such tickets. For more detail, have a look at the extended explanation on the main page of Traffic-Icebox . Thank you!

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL