Page MenuHomePhabricator

Set up TLS for eventgate-main and eventgate-analytics
Closed, ResolvedPublic8 Estimated Story Points

Description

We've already set up TLS for eventgate-logging-external, we should do the same for the other two existent eventgate services.

  • Add the TLS sidecar listening on new TLS port.
  • Change LVS to use the new TLS port.

Event Timeline

Change 559118 had a related patch set uploaded (by Ottomata; owner: Ottomata):
[operations/deployment-charts@master] Enable TLS for eventgate-main and eventgate-analytics

https://gerrit.wikimedia.org/r/559118

Change 559118 merged by Ottomata:
[operations/deployment-charts@master] Enable TLS for eventgate-main and eventgate-analytics

https://gerrit.wikimedia.org/r/559118

Change 559167 had a related patch set uploaded (by Ottomata; owner: Ottomata):
[operations/puppet@production] Switch eventgate-analytics LVS to use TLS port 4192

https://gerrit.wikimedia.org/r/559167

Change 559168 had a related patch set uploaded (by Ottomata; owner: Ottomata):
[operations/puppet@production] Switch eventgate-main LVS to use TLS port 4292

https://gerrit.wikimedia.org/r/559168

@akosiaris TLS is ready to go, perhaps we can switch LVS for these first thing after coming back from holidays?

@akosiaris TLS is ready to go, perhaps we can switch LVS for these first thing after coming back from holidays?

+1

Change 562792 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] lvs: Remove unused eventgate-analytics-http service

https://gerrit.wikimedia.org/r/562792

Change 559167 merged by Alexandros Kosiaris:
[operations/puppet@production] Set up new LVS service eventgate-analytics-https

https://gerrit.wikimedia.org/r/559167

Change 562805 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] lvs: Append -http to eventgate-main

https://gerrit.wikimedia.org/r/562805

Change 562810 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] lvs: Remove unused eventgate-main-http service

https://gerrit.wikimedia.org/r/562810

Change 562805 merged by Alexandros Kosiaris:
[operations/puppet@production] lvs: Append -http to eventgate-main

https://gerrit.wikimedia.org/r/562805

Change 559168 merged by Alexandros Kosiaris:
[operations/puppet@production] Switch eventgate-main LVS to use TLS port 4292

https://gerrit.wikimedia.org/r/559168

Ottomata set the point value for this task to 8.Jan 8 2020, 5:06 PM

Change 562810 abandoned by Alexandros Kosiaris:
[operations/puppet@production] lvs: Remove unused eventgate-main-http service

Reason:
Already done in another patch

https://gerrit.wikimedia.org/r/562810

Change 562792 abandoned by Alexandros Kosiaris:
[operations/puppet@production] lvs: Remove unused eventgate-analytics-http service

Reason:
Has already been done for some time now

https://gerrit.wikimedia.org/r/562792