Page MenuHomePhabricator

public dns for codfw1dev vms
Open, MediumPublic

Description

We plan on naming eqiad instances *.wmcloud.org. For codfw1dev do we want to register wmcloud-dev.org or something like that?

Event Timeline

From my understanding of https://wikitech.wikimedia.org/wiki/Wikimedia_Cloud_Services_team/EnhancementProposals/DNS_domain_usage#Resolution is that we could replicate the model we use with *.wikimediacloud.org and introduce subdomain per deployment:

  • bastion.eqiad1.wmcloud.org
  • bastion.codfw1dev.wmcloud.org

Because you are thinking on floating IPs and other proxied FQDNs, right?

Anyway, I don't think it is a big deal to don't use subdomains at all, and identify the [very few] uses we have in codfw1dev with a keyword:

  • bastion.wmcloud.org (eqiad1)
  • bastion-codfw1dev.wmcloud.org (codfw1dev)

The agreed instance naming plan from https://wikitech.wikimedia.org/wiki/Wikimedia_Cloud_Services_team/EnhancementProposals/DNS_domain_usage#Resolution is to use *.{deployment}.wikimedia.cloud.

In practice this would mean <host>.<project>.<deployment>.wikimedia.cloud as the FQDN for an instance:

  • bastion-eqiad1-01.bastion.eqiad.wmflabs would become bastion-01.bastion.eqiad1.wikimedia.cloud
  • tools-acme-chief-01.tools.eqiad.wmflabs would become acme-chief-01.tools.eqiad1.wikimedia.cloud
  • bastion01.bastion.codfw1dev.wikimedia.cloud

We should completely stop making the <host>.<deployment>.<domain> DNS entries that we have kept to match the legacy naming convention that was used before introducing per-project subdomains.

For Public (floating) addresses we resolved to use *.wmcloud.org and subdomains for deployments outside of eqiad1:

  • bastion.wmflabs.org would become bastion.wmcloud.org
  • login.tools.wmflabs.org would become login.tools.wmcloud.org
  • A bastion in codfw1dev would be bastion.codfw1dev.wmcloud.org

We need to do some thinking on our strategy for rolling out the new domains and naming conventions for instances in eqiad1. For codfw1dev we should fix all the existing naming I think as soon as someone has the time to do so.

Mentioned in SAL (#wikimedia-cloud) [2020-01-28T09:47:44Z] <arturo> created DNS zone wmcloud.org in eqiad1, transfer it to the cloudinfra project (T242976) right now only use is to delegate codfw1dev.wmcloud.org subdomain to designate in the other deployment

Mentioned in SAL (#wikimedia-cloud) [2020-01-28T09:53:13Z] <arturo> the DNS zone wmcloud.org now belongs to this project (T242976)

Mentioned in SAL (#wikimedia-cloud) [2020-01-28T10:03:54Z] <arturo> delegated codfw1dev.wmcloud.org to designate @ codfw1dev ns0.openstack.codfw1dev.wikimediacloud.org (T242976 and T243766)

Mentioned in SAL (#wikimedia-cloud) [2020-01-28T10:11:00Z] <arturo> [codfw1dev] root@cloudcontrol2001-dev:~# openstack zone create --description "main DNS domain for public addresses" --email "root@wmflabs.org" --type PRIMARY --ttl 3600 codfw1dev.wmcloud.org. (T242976 and T243766)

Mentioned in SAL (#wikimedia-cloud) [2020-01-28T10:13:03Z] <arturo> [codfw1dev] the zone codfw1dev.wmcloud.org belongs now to the cloudinfra-codfw1dev project (T242976)

Mentioned in SAL (#wikimedia-cloud) [2020-01-28T10:18:30Z] <arturo> [codfw1dev] created DNS record bastion-codfw1dev-01.codfw1dev.wmcloud.org A 185.15.57.2 (T242976, T229441)

Bstorm triaged this task as Medium priority.Feb 11 2020, 4:13 PM

There is an Icinga alert since about 11 hours that the IP "208.80.153.83 " is down.

This is in Icinga just as an IP address not a hostname. So i resolved it manually and found "ns-recursor1.openstack.codfw1dev.wikimediacloud.org."

Then searching Phabricator for "codfw1dev" i found this ticket but no recent updates.

Is there ongoing work / should i be able to find something in SAL?

Should this be a hostname and not an IP in Icinga? Do people get email notifications about this?

@Dzahn this is a new host currently under construction. Not related to this task especially.