Page MenuHomePhabricator
Create Task
Maniphest T245059

depool / confctl commands should print warnings or errors if too many nodes from that service are already depooled
Open, LowPublic
Actions

Description

AI from https://wikitech.wikimedia.org/wiki/Incident_documentation/20200211-caching-proxies

Related Objects

Event Timeline

CDanis created this task.Feb 12 2020, 9:20 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 12 2020, 9:20 PM
jbond triaged this task as Medium priority.Feb 13 2020, 11:46 AM
Krinkle moved this task from Active investigation to Follow-up prevention on the Wikimedia-Incident board.Apr 20 2020, 12:54 AM
Krinkle edited projects, added Sustainability (Incident Followup); removed Wikimedia-Incident.Apr 28 2020, 9:50 PM
akosiaris edited projects, added serviceops; removed SRE.Mar 14 2023, 5:24 PM
akosiaris subscribed.

Triaging to serviceops because of conftool

Clement_Goubert moved this task from Incoming 🐫 to serviceops-radar on the serviceops board.Mar 15 2023, 12:10 PM
Clement_Goubert edited projects, added serviceops-radar; removed serviceops.
Joe lowered the priority of this task from Medium to Low.Mar 21 2023, 8:34 AM
Joe added a project: SRE-Sprint-Week-Sustainability-March2023.
Joe subscribed.

This task as written is not very well defined. How do we define "too many"? Via what pybal says? I am against tying fundamental conftool actions to the logic of a specific software; we can however add warnings to the pool/depool scripts if we really want to.

There's a few more complications also to consider:

  • Do we want the depool to still proceed or fail?
  • Do we want to just consider the depool_threshold of pybal or some form of "cluster should be larger than X?" which we've never codified anywhere?

I would anyways consider this quite low-priority given most services are now on k8s where this is mostly irrelevant.

Joe added a comment.Mar 24 2023, 9:56 AM

On further thoughts:

  • confctl is considered a low-level army knife that should be allowed to modify everything, regardless of operational constraints. I don't think it should refuse a write action by itself
  • For new, more complex stuff, we added extensions to conftool. Maybe we can create a lbctl extension that does, better, everything the pool/depool/safe_restart scripts do in puppet. That should refuse action in case something is looking iffy
  • lbctl should also allow us to check the status of the pool and export it to a prometheus-format file, so that we can solve T245058 as well
Joe claimed this task.Mar 24 2023, 10:01 AM
Joe moved this task from Backlog to Doing on the SRE-Sprint-Week-Sustainability-March2023 board.
fgiunchedi subscribed.Mar 24 2023, 10:13 AM
Vgutierrez subscribed.Oct 2 2023, 1:31 AM

the idea of creating something called lbctl also appeared while discussing the anti-stampede mechanism implementation for Liberica (T332027) in relation to the very same issue that this task aims to fix.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL