Page MenuHomePhabricator

Rancid improvements
Closed, ResolvedPublic

Description

I'd like bring the following improvements to Rancid:

  • Upgrade to 3.6.2 (present in Jessie backports)
  • Switch from CVS to GIT

That will allow people to clone the repository directly on their computer, as well as display a "config" tab for each device in LibreNMS.
I don't think there is value in converting the existing CVS repository, but only archive it (in case it's needed) and start a new GIT folder.

  • Replace password auth with ssh key auth

Details

Related Gerrit Patches:
operations/puppet : productionRancid: set configs world readable
operations/puppet : productionRancid improvements

Event Timeline

ayounsi created this task.Jun 7 2017, 12:58 PM
Restricted Application added a project: Operations. · View Herald TranscriptJun 7 2017, 12:58 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
faidon added a comment.Jun 7 2017, 1:02 PM

Why not convert? I think there's a lot of value in doing so. Agreed on the rest.

Moreover, it would be nice if we could filter the output and remove some of the known artifacts (cr2-ulsfo's TFEB -/+, LLDP core files on asw-*-eqiad etc.) in order to remove some of the noise and diffs we've been receiving.

Change 357825 had a related patch set uploaded (by Ayounsi; owner: Ayounsi):
[operations/puppet@production] Rancid improvements

https://gerrit.wikimedia.org/r/357825

Mentioned in SAL (#wikimedia-operations) [2017-06-08T15:11:13Z] <XioNoX> Upgrading rancid to 3 - T167288

Change 357825 merged by Ayounsi:
[operations/puppet@production] Rancid improvements

https://gerrit.wikimedia.org/r/357825

I think there's a lot of value in doing so. Agreed on the rest.

Converted!

Upgrade to 3.6.2

Done

Switch from CVS to GIT

Done

Replace password auth with ssh key auth

Done, only asw-b-codfw needs the pubkey pushed but it has unrelated outstanding changes

Todo:

  • Change file permissions so git repo is readable by anyone with access to netmon (librenms and user's git clone)
  • Remove rancid's password on network devices and private repo

Change 357969 had a related patch set uploaded (by Ayounsi; owner: Ayounsi):
[operations/puppet@production] Rancid: set configs world readable

https://gerrit.wikimedia.org/r/357969

Change 357969 merged by Ayounsi:
[operations/puppet@production] Rancid: set configs world readable

https://gerrit.wikimedia.org/r/357969

For reference, this is now possible: git clone ssh://netmon1001.wikimedia.org:/var/lib/rancid/core/ rancid-configs
Devices also now have a "config" tab in LibreNMS.

ayounsi closed this task as Resolved.Jun 9 2017, 9:21 AM

All done.