Page MenuHomePhabricator

PAWS: enable acme-chief in the project
Closed, ResolvedPublic

Description

This task is to track the work for enabling acme-chief in the PAWS Cloud VPS project: https://openstack-browser.toolforge.org/project/paws

I will be following the docs at wikitech: https://wikitech.wikimedia.org/wiki/Acme-chief/Cloud_VPS_setup

We need acme-chief to enable TLS termination in haproxy for the PAWS ingress.

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 12 2020, 10:58 AM
aborrero triaged this task as High priority.Jun 12 2020, 10:58 AM
aborrero moved this task from Inbox to Doing on the cloud-services-team (Kanban) board.

Mentioned in SAL (#wikimedia-cloud) [2020-06-12T11:01:18Z] <arturo> created VM paws-acme-chief-01 (T255252)

Mentioned in SAL (#wikimedia-cloud) [2020-06-12T11:02:50Z] <arturo> created puppet prefix 'paws-acme-chief' (T255252)

Mentioned in SAL (#wikimedia-cloud) [2020-06-12T11:31:57Z] <arturo> introduced acme-chief private data into labs/private in paws-puppetmaster-01 (T255252)

Change 605198 had a related patch set uploaded (by Arturo Borrero Gonzalez; owner: Arturo Borrero Gonzalez):
[operations/puppet@production] openstack: keystone: add paws-dns-manager to the safelist

https://gerrit.wikimedia.org/r/605198

Change 605198 merged by Arturo Borrero Gonzalez:
[operations/puppet@production] openstack: keystone: add paws-dns-manager to the safelist

https://gerrit.wikimedia.org/r/605198

Mentioned in SAL (#wikimedia-cloud) [2020-06-12T11:51:41Z] <arturo> created service account paws-dns-manager in wikitech (T255252)

Mentioned in SAL (#wikimedia-cloud) [2020-06-12T11:55:04Z] <arturo> aborrero@cloudcontrol1004:~ $ sudo wmcs-openstack role add --user paws-dns-manager --project paws designateadmin (T255252)

Mentioned in SAL (#wikimedia-cloud) [2020-06-12T11:55:10Z] <arturo> aborrero@cloudcontrol1004:~ $ sudo wmcs-openstack role add --user paws-dns-manager --project paws observer (T255252)

aborrero closed this task as Resolved.Jun 16 2020, 4:21 PM

This is working now!