Page MenuHomePhabricator
Create Task
Maniphest T232429

Create in-cloud, cloud-vps-wide cumin masters
Closed, ResolvedPublic
Actions

Description

Once we have these we can decom or reclaim labpuppetmaster1001/1002

Details

SubjectRepoBranchLines +/-
Labs cumin masters: Remove config associated with proxying via bastionoperations/puppetproduction+0 -16
cloud cumin: add a second cumin masteroperations/puppetproduction+2 -1
cloud cumin: don't use a bastion if cumin is already running in the cloudoperations/puppetproduction+2 -2
Labs cumin masters: Only set openstack project filter if we're project-specificoperations/puppetproduction+1 -1
cloud cumin: add cloud-cumin-01.cloudinfra as a cumin masteroperations/puppetproduction+1 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

Andrew created this task.Sep 10 2019, 3:24 AM
Restricted Application removed a project: Patch-For-Review. · View Herald TranscriptSep 10 2019, 3:25 AM
gerritbot added a comment.Sep 10 2019, 6:57 PM

Change 535670 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[operations/puppet@production] cloud cumin: don't use a bastion if cumin is already running in the cloud

https://gerrit.wikimedia.org/r/535670

gerritbot added a project: Patch-For-Review.Sep 10 2019, 6:57 PM
gerritbot added a comment.Sep 10 2019, 7:18 PM

Change 535677 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[operations/puppet@production] cloud cumin: add cloud-cumin-01.cloudinfra as a cumin master

https://gerrit.wikimedia.org/r/535677

gerritbot added a comment.Sep 10 2019, 7:28 PM

Change 535670 merged by Andrew Bogott:
[operations/puppet@production] cloud cumin: don't use a bastion if cumin is already running in the cloud

https://gerrit.wikimedia.org/r/535670

gerritbot added a comment.Sep 10 2019, 7:28 PM

Change 535677 merged by Andrew Bogott:
[operations/puppet@production] cloud cumin: add cloud-cumin-01.cloudinfra as a cumin master

https://gerrit.wikimedia.org/r/535677

Andrew closed this task as Resolved.Sep 10 2019, 8:20 PM

There's now a cumin master on cloud-cumon-01.cloudinfra.eqiad.wmflabs that seems to work just fine.

Krenair reopened this task as Open.Sep 10 2019, 10:53 PM

It seems to work within cloudinfra but I think we have a little bit of config tweaking to do.

gerritbot added a comment.Sep 10 2019, 10:53 PM

Change 535727 had a related patch set uploaded (by Alex Monk; owner: Alex Monk):
[operations/puppet@production] Labs cumin masters: Only set project filter if we're a project-specific cumin master

https://gerrit.wikimedia.org/r/535727

gerritbot added a comment.Sep 10 2019, 10:58 PM

Change 535733 had a related patch set uploaded (by Alex Monk; owner: Alex Monk):
[operations/puppet@production] Labs cumin masters: Remove config associated with proxying via bastion

https://gerrit.wikimedia.org/r/535733

Krenair added a comment.EditedSep 10 2019, 10:59 PM

https://gerrit.wikimedia.org/r/535727 should make it behave like the existing cumin master, https://gerrit.wikimedia.org/r/535733 is tidyup of historical stuff

Krenair mentioned this in T219421: Work out what we're going to do with the cumin master functionality currently on labpuppetmaster1001.Sep 10 2019, 11:04 PM
Krenair added a comment.Sep 10 2019, 11:14 PM

(I tried applying the first of those manually on the new instance, ran cumin '*' id and saw 814 hosts will be targeted so that looks good - 664 of those hosts even respond how you'd expect with uid=0(root) gid=0(root) groups=0(root), we should go through the ones that don't later in a different task)

gerritbot added a comment.Sep 10 2019, 11:54 PM

Change 535727 merged by Andrew Bogott:
[operations/puppet@production] Labs cumin masters: Only set openstack project filter if we're project-specific

https://gerrit.wikimedia.org/r/535727

gerritbot added a comment.Sep 11 2019, 2:48 PM

Change 535866 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[operations/puppet@production] cloud cumin: add a second cumin master

https://gerrit.wikimedia.org/r/535866

gerritbot added a comment.Sep 11 2019, 2:50 PM

Change 535866 merged by Andrew Bogott:
[operations/puppet@production] cloud cumin: add a second cumin master

https://gerrit.wikimedia.org/r/535866

bd808 moved this task from Inbox to Doing on the cloud-services-team (Kanban) board.Sep 11 2019, 3:13 PM
Andrew added a comment.Sep 11 2019, 3:43 PM

I built a second cumin host, cloud-cumin-02.cloudinfra.eqiad.wmflabs. It's partly for backup, and partly because I wanted to confirm that the existing puppetization is sufficient. It turns out that it is! The new host just required a reboot to get keyholder on board.

-02 doesn't reach quite as many hosts since I haven't hand-tuned the exceptions, but as puppet does its work it should eventually be equivalent to -01.

gerritbot added a comment.Sep 11 2019, 3:51 PM

Change 535733 merged by Andrew Bogott:
[operations/puppet@production] Labs cumin masters: Remove config associated with proxying via bastion

https://gerrit.wikimedia.org/r/535733

Andrew reassigned this task from Andrew to Krenair.Sep 11 2019, 3:57 PM

I think this task is done but I'll let @Krenair comment and close :)

Krenair closed this task as Resolved.Sep 11 2019, 8:18 PM
Krenair reassigned this task from Krenair to Andrew.

with the merging of https://gerrit.wikimedia.org/r/535727 I think it's done :)

Krenair mentioned this in T232676: af-nb-db-2.automation-framework.eqiad.wmflabs has broken network.Sep 11 2019, 9:01 PM
DannyS712 removed a project: Patch-For-Review.Nov 18 2019, 11:34 AM
DannyS712 subscribed.

[batch] remove patch for review tag from resolved tasks

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits