| RobH | |
| Nov 9 2018, 8:45 PM |
| F27153470: Screen Shot 2018-11-09 at 12.44.49 PM.png | |
| Nov 9 2018, 8:45 PM |
When attempting to upload a photo of the rear of the ulsfo rack 103.02.22, I received the following error:
<class 'PermissionError'> [Errno 13] Permission denied: '/srv/deployment/netbox/deploy-cache/revs/1cd4d43dd1bdf32e81af0318f479890cf23e2ee5/src/netbox/media/image-attachments/rack_33_103.02.22_rear.jpg'
This likely needs some puppetization of the directory permissions, or a review if we want to allow uploads to it at all.
@RobH yep, known issue, the immediate fix was already scheduled in https://gerrit.wikimedia.org/r/c/operations/puppet/+/463820 but then we decided to go directly in the direction of using swift as a backend for attachments to avoid to setup and rsync between the two netbox hosts. For that I preferred to leave it "broken" on purpose to avoid having then to migrate existing attachments to swift. I just din't had yet time to set it up, I hope in the next week or two to be able set everything up, but please let me know also how much is a blocker so I can prioritize accordingly.
okay so this works, mostly, in labs when manually configured to operate against the deployment-prep Swift cluster. Netbox lets me upload images and shows them associated with the object in question - except that viewing fails because they are served from a URL in the swift cluster that is unavailable. We'll look at this part more next week no doubt.
There is a niggle, though. Netbox does a strange thing in that it imports only parts of configuration.py into the settings module, explicitly selecting them from the configuration module and sanitizing and fixing them, so I had to add a broad import to pull the swift settings also. I'm not sure of the best way to approach this in actual production. We could override the settings.py, or patch it to explicitly support the swift settings in general. Some discussion is needed.
Change 518785 had a related patch set uploaded (by CRusnov; owner: CRusnov):
[operations/software/netbox@master] Add a passthrough configuration system
Change 518785 merged by CRusnov:
[operations/software/netbox@master] Add a passthrough configuration system
Change 520296 had a related patch set uploaded (by CRusnov; owner: CRusnov):
[operations/puppet@production] netbox: Add parameters and settings for storing things in Swift
Mentioned in SAL (#wikimedia-operations) [2019-07-03T06:55:05Z] <godog> depool and roll-restart swift proxy - T209182
Change 520296 merged by CRusnov:
[operations/puppet@production] netbox: Add parameters and settings for storing things in Swift
Change 527576 had a related patch set uploaded (by CRusnov; owner: CRusnov):
[operations/puppet@production] netbox: Fix additional swift parameters.
Change 527576 merged by CRusnov:
[operations/puppet@production] netbox: Fix additional swift parameters
Okay after some finagling, uploading (and downloading) images should work. A particularity of swift storage is that they download instead of viewing, but they work!
A later optimal solution would be to provide an end point for netbox to proxy through to swift, but this isn't as off the shelf and will require patching netbox and/or django-swift-storage.
Re-opening as there is still some work to do given that as it is right now is less redundant that it was before.
Namely I think we need:
I have confirmed content-type is set correctly, however Swift sets a content-disposition to attachment which causes browser to download. Incoming patch to sttrip this at the apache level.
Netbox does not appear to have thumbnails, but there is a feature request open: https://github.com/netbox-community/netbox/issues/2050
Replication and backups: @fgiunchedi halp.
Change 532509 had a related patch set uploaded (by CRusnov; owner: CRusnov):
[operations/puppet@production] profile::netbox: Fix swift proxy content-disposition
Change 532509 merged by CRusnov:
[operations/puppet@production] profile::netbox: Fix swift proxy content-disposition
Had a chat with @crusnov about swift replication and backups, to summarize:
I'm assuming the container isn't expected to get too big (by big I mean > 100G) so we could do either option for backups.
Thanks for the update.
For the replication I guess one-way it's ok, we don't plan to have a/a backend in Netbox anyway (Postgres), but we were thinking to do a/a frontend (Django), although that means cross-DC connections, so is not yet set in stones.
But even in that scenario I don't see a big issue to point both a/a frontend to the single DB/storage active backend and as it would require a manual intervention to failover the DB backend seems ok to me that it would require a manual intervention to failover the storage backend too, pointing to the other swift cluster and inverting the replication.
Sounds good to me for the backups, I'll probably pick 2.A just to have those in our usual backup infrastructure and not depending on the same software where we keep the live ones. We'll most likely upload only pictures of racks and I don't expect it to be large at all.
So the task for this is:
And then it will be resolved, afaict.
Hi everyone,
Since the last comment is from 2 years ago from a person no longer with the foundation, is there someone who can summarize what the state of this is?
This can be solved, was just forgotten AFAICT.
We do use a swift container in Netbox settings for images, see https://gerrit.wikimedia.org/r/plugins/gitiles/operations/puppet/+/refs/heads/production/modules/netbox/templates/configuration.py.erb#212
and that is populated from hiera and private puppet repo and AFAIK works just fine.
That said we're not using much images in Netbox.