⚓ T153577 Make standalone puppetmasters optionally use PuppetDB

Status	Assigned	Task
Invalid	None	T108946 [Epic] Improve the development infrastructure
Declined	None	T99531 [Task] move wikiba.se webhosting to wikimedia cluster
Resolved	MasinAlDujailiWMDE	T155359 wikiba.se should use HTTPS
Resolved	ema	T108827 Investigate TCP Fast Open for tlsproxy
Open	BBlack	T107236 Switch port 80 to nginx on primary clusters
Resolved	Vgutierrez	T207050 Migrate most standard public TLS certificates to CertCentral issuance
Resolved	None	T199711 Deploy a scalable service for ACME (LetsEncrypt) certificate management
Open	None	T101048 Policy decisions for new (and current) DNS domains registered to the WMF
Open	BBlack	T104681 HTTPS Plans (tracking / high-level info)
Resolved	Vgutierrez	T214253 en.wikipedia.com [sic] serves an invalid certificate
Resolved	Vgutierrez	T190244 en-wp.org certificate error
Open	Vgutierrez	T133548 Create a secure redirect service for large count of non-canonical / junk domains
Resolved	Krenair	T194962 Create and deploy a centralized letsencrypt service
Open	None	T152866 Make clush safer
Open	Krenair	T153163 Set up and use exported resources for Tool Labs's shared knowledge
Resolved	Krenair	T72792 Set up puppet exported resources to collect ssh host keys for beta
Resolved	Krenair	T153577 Make standalone puppetmasters optionally use PuppetDB
Resolved	scfc	T154104 role::puppetmaster::puppetdb depends on Ganglia and cannot be used in Labs

scfc created this task.Dec 18 2016, 7:02 AM

scfc updated the task description. (Show Details)Dec 25 2016, 6:52 AM

scfc updated the task description. (Show Details)

scfc created subtask T154104: role::puppetmaster::puppetdb depends on Ganglia and cannot be used in Labs.Dec 25 2016, 9:45 AM

scfc created subtask T154105: role::puppetmaster::puppetdb uses nginx as reverse proxy and cannot be used together with Apache applications.

Change 329330 had a related patch set uploaded (by Tim Landscheidt):
puppetdb: Do not hardcode puppetmasters

https://gerrit.wikimedia.org/r/329330

gerritbot added a project: Patch-For-Review.Dec 27 2016, 12:48 PM

scfc claimed this task.Dec 27 2016, 12:54 PM

scfc moved this task from Triage to Waiting for code review on the Toolforge board.

scfc moved this task from Triage to In Progress on the Cloud-Services board.

Change 329330 merged by Giuseppe Lavagetto:
puppetdb: Do not hardcode puppetmasters

https://gerrit.wikimedia.org/r/329330

scfc closed subtask T154104: role::puppetmaster::puppetdb depends on Ganglia and cannot be used in Labs as Resolved.Jan 22 2017, 12:01 AM

Change 340461 had a related patch set uploaded (by Tim Landscheidt):
[operations/puppet] puppet: Make standalone puppetmasters optionally use PuppetDB

https://gerrit.wikimedia.org/r/340461

I'm pretty sure the patches work except that I can't get them to work on toolsbeta-puppetmaster7 due to some PostgreSQL hiccups (our puppetry for that is far too fragile for my taste). I'll set up a new puppetmaster and test that tomorrow.

(… or anyone else can do that.)

I think on labs we can host it on the same instance as the puppetmaster. I got it working like that and reduces the complexity of this :).

we wont need nginx installed.

I got puppetdb working on the same host as the puppetmaster as it needs the same cert as the puppetmaster for puppetdb jetty.

Change 435631 had a related patch set uploaded (by BryanDavis; owner: Alex Monk):
[operations/puppet@production] Allow PuppetDB use on standalone puppetmasters

https://gerrit.wikimedia.org/r/435631

gerritbot removed a project: Cloud-Services.Jul 12 2018, 11:53 PM

bd808 removed scfc as the assignee of this task.Jul 12 2018, 11:55 PM

bd808 added parent tasks: T72792: Set up puppet exported resources to collect ssh host keys for beta, T194962: Create and deploy a centralized letsencrypt service.

Assigning to @Krenair as he has patches in gerrit that have made this work for the deployment-prep project that I believe are ready to be merged. Maybe @chasemp can find some time at the upcoming Wikimania-Hackathon-2018 to give them a final review?

Change 435631 merged by Bstorm:
[operations/puppet@production] Allow PuppetDB use on standalone puppetmasters

https://gerrit.wikimedia.org/r/435631

Krenair closed this task as Resolved.Aug 6 2018, 10:44 AM

Krenair mentioned this in T154105: role::puppetmaster::puppetdb uses nginx as reverse proxy and cannot be used together with Apache applications.Aug 6 2018, 10:47 AM

Krenair removed a subtask: T154105: role::puppetmaster::puppetdb uses nginx as reverse proxy and cannot be used together with Apache applications.

Make standalone puppetmasters optionally use PuppetDB
Closed, ResolvedPublic
Actions

Description

Related Objects
Search...

Event Timeline

Make standalone puppetmasters optionally use PuppetDBClosed, ResolvedPublicActions

Description

Related ObjectsSearch...

Event Timeline

Make standalone puppetmasters optionally use PuppetDB
Closed, ResolvedPublic
Actions

Related Objects
Search...