Labs Project Tested: deployment-prep
Site/Location:EQIAD and CODFW
Number of systems: 4, 2 per DC
Service: kubernetes
Networking Requirements: internal IP
Processor Requirements: 2
Memory: 4G
Disks: 10G
Other Requirements:
Description
Description
Details
Details
Customize query in gerrit
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Open | None | T198901 Migrate production services to kubernetes using the pipeline | |||
| Resolved | akosiaris | T220401 Introduce kask session storage service to kubernetes | |||
| Resolved | akosiaris | T220821 Add security sensitive nodes to our kubernetes cluster | |||
| Resolved | ayounsi | T220822 Site: 4 VM request for kubernetes |
Event Timeline
Comment Actions
Change 504311 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/dns@master] Introduce kubernetes{1,2}00{5,6}.{eqiad,codfw}.wmnet
Comment Actions
Change 504311 merged by Alexandros Kosiaris:
[operations/dns@master] Introduce kubernetes{1,2}00{5,6}.{eqiad,codfw}.wmnet
Comment Actions
Change 504342 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] Add kubernetes[12]00[56]
Comment Actions
Change 504851 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] Give roles to the new kubernetes[12]00[56] VMs
Comment Actions
Change 504342 merged by Alexandros Kosiaris:
[operations/puppet@production] Add kubernetes[12]00[56]
Comment Actions
Change 504872 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] Fixup for kubernetes-node-virtual.cfg
Comment Actions
Change 504872 merged by Alexandros Kosiaris:
[operations/puppet@production] Fixup for kubernetes-node-virtual.cfg
Comment Actions
Change 504877 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] More fixes to kubernetes-node-virtual.cfg
Comment Actions
Change 504877 merged by Alexandros Kosiaris:
[operations/puppet@production] More fixes to kubernetes-node-virtual.cfg
Comment Actions
Change 504851 merged by Alexandros Kosiaris:
[operations/puppet@production] Give roles to the new kubernetes[12]00[56] VMs
Comment Actions
This is almost done. That only thing missing seems to be the peering with the juniper routers.
@ayounsi, could you please have a look? What we need is essentially
EQIAD:
set protocols bgp group Kubernetes4 neighbor 10.64.0.145 set protocols bgp group Kubernetes6 neighbor 2620:0:861:101:10:64:0:145 set protocols bgp group Kubernetes4 neighbor 10.64.32.18 set protocols bgp group Kubernetes6 neighbor 2620:0:861:103:10:64:32:18
If you like to keep the current comment stanzas the hosts are kubernetes1005, kubernetes1006 respectively
CODFW:
set protocols bgp group Kubernetes4 neighbor 10.64.32.18 set protocols bgp group Kubernetes6 neighbor 2620:0:861:103:10:64:32:18 set protocols bgp group Kubernetes4 neighbor 10.192.16.102 set protocols bgp group Kubernetes6 neighbor 2620:0:860:102:10:192:16:102
If you like to keep the current comment stanzas the hosts are kubernetes2005, kubernetes2006 respectively
I would do it myself but I am unsure of the way we use currently to update our routers. It used to be jnt, but I haven't used it in a pretty long time. Sorry!
Comment Actions
One typo:
codfw has 10.64.32.18 and 2620:0:861:103:10:64:32:18
Other than that it looks all good. Some questions:
Can it be done anytime?
Is your side already listening?
Are the import policy still good or do they need to be update? (eg. import 10.64.64.0/21 and 2620:0:861:cabe::/64` in eqiad.
jnt doesn't manage BGP so it still needs to be done manually.
Comment Actions
Indeed it's 10.192.0.117 and 2620:0:860:101:10:192:0:117
Other than that it looks all good. Some questions:
Can it be done anytime?
Yes.
Is your side already listening?
Yes
Are the import policy still good or do they need to be update? (eg. import 10.64.64.0/21 and 2620:0:861:cabe::/64` in eqiad.
They are still good. There aren't going to be any changes there anytime soon fwiw.
jnt doesn't manage BGP so it still needs to be done manually.
Ah, ok, good to know.
Comment Actions
Mentioned in SAL (#wikimedia-operations) [2019-04-22T18:15:10Z] <XioNoX> Add k8s BGP neighbors on cr1/2-codfw - T220822
Comment Actions
Mentioned in SAL (#wikimedia-operations) [2019-04-22T18:22:24Z] <XioNoX> Add k8s BGP neighbors on cr1/2-eqiad - T220822