Page MenuHomePhabricator

Remove grants for the old dbproxy hosts from the misc databases
Open, NormalPublic

Description

Once the old proxies are not active, we need to remove those grants from the databases.
The list of proxies and IPs:

Event Timeline

Marostegui triaged this task as Normal priority.Tue, Aug 27, 9:19 AM
Marostegui created this task.
Marostegui moved this task from Triage to In progress on the DBA board.

Mentioned in SAL (#wikimedia-operations) [2019-08-27T09:21:30Z] <marostegui> Remove grants for dbproxy1004 and dbproxy1009 from m4 hosts (db1107 and db1108) - T231280

m4: Grants removed on db1107 and db1108 for dbproxy1004 and dbproxy1009

dbproxy1004.eqiad.wmnet has address 10.64.16.148
dbproxy1009.eqiad.wmnet has address 10.64.32.158

The users were eventlog and haproxy.

root@db1107.eqiad.wmnet[mysql]> select user,host from user where host='10.64.32.148' or host='10.64.32.158';
Empty set (0.00 sec)

root@db1107.eqiad.wmnet[mysql]>
Marostegui updated the task description. (Show Details)Tue, Aug 27, 9:24 AM

Mentioned in SAL (#wikimedia-operations) [2019-09-05T05:42:56Z] <marostegui> Remove grants for dbproxy1005 T231280 T231967

Marostegui updated the task description. (Show Details)Thu, Sep 5, 6:01 AM

I have removed the following grants that were for dbproxy1005, from m5 databases (and also checked they don't exist anywhere else):

# host 10.64.16.155
155.16.64.10.in-addr.arpa domain name pointer dbproxy1005.eqiad.wmnet.
+----------------+--------------+
| user           | host         |
+----------------+--------------+
| designate      | 10.64.16.155 |
| haproxy        | 10.64.16.155 |
| labsdbaccounts | 10.64.16.155 |
| root           | 10.64.16.155 |
| ssastry        | 10.64.16.155 |
| testreduce     | 10.64.16.155 |
+----------------+--------------+
6 rows in set (0.00 sec)
root@db1133.eqiad.wmnet[(none)]> select user,host from mysql.user where host='10.64.16.155';
Empty set (0.00 sec)
Marostegui updated the task description. (Show Details)Thu, Sep 5, 6:03 AM