Page MenuHomePhabricator
Create Task
Maniphest T209424

Permit routing from eqiad1-r instances to labnet1001
Closed, ResolvedPublic
Actions

Description

In order to support some intermittent states during the migration between regions we need VMs in eqiad1-r to be able to talk to the nova API in eqiad.

In particular, our shinken host is now in eqiad1-r and it needs to know about all VMs in both regions.

Shinken-02 is on 172.16.7.178 and the nova api in eqiad runs on labnet1001.eqiad.wmnet.

Related Objects

Event Timeline

Andrew created this task.Nov 13 2018, 10:02 PM
Restricted Application added a project: SRE. · View Herald TranscriptNov 13 2018, 10:02 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Krenair added a subscriber: Krenair.Nov 13 2018, 10:08 PM
Stashbot added a subscriber: Stashbot.Nov 13 2018, 10:24 PM

Mentioned in SAL (#wikimedia-operations) [2018-11-13T22:24:45Z] <XioNoX> add term labnet-nova-api to cloud-in4 on cr1/2-eqiad - T209424

ayounsi added a comment.Nov 13 2018, 10:30 PM

Pushed to cr1/2-eqiad

[edit firewall family inet filter cloud-in4]
[...]
+      term labnet-nova-api {
+          from {
+              destination-address {
+                  /* labnet1001 */
+                  10.64.20.13/32;
+              }
+              protocol tcp;
+              destination-port 8774;
+          }
+          then accept;
+      }
[...]
ayounsi closed this task as Resolved.Nov 13 2018, 10:33 PM
faidon mentioned this in rOHPU8722ac305823: Add term labnet-nova-api to cloud-in4.Oct 3 2019, 11:11 AM
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL