Page MenuHomePhabricator
Create Task
Maniphest T255873

Move eventgate-main to use TLS only
Closed, ResolvedPublic
Actions

Description

  • Add TLS support to the deployment chart
  • Enable TLS on k8s in production
  • Add Additional LVS endpoint configuration
  • Switch services to use the TLS LVS
  • Remove non-TLS LVS endpoint configuration
  • Remove the non-TLS k8s service

Details

SubjectRepoBranchLines +/-
lvs: Remove eventgate-main non-TLS endpoint from LVS 2/2operations/puppetproduction+0 -37
lvs: Remove eventgate-main non-TLS endpoint from LVS 1/2operations/puppetproduction+1 -1
lvs: Remove check_eventgate_main_http_cluster monitoringoperations/puppetproduction+1 -7
Customize query in gerrit

Related Objects
Search...

Event Timeline

JMeybohm created this task.Jun 19 2020, 3:42 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 19 2020, 3:42 PM
JMeybohm triaged this task as Medium priority.Jul 21 2020, 7:54 AM
jijiki moved this task from Incoming 🐫 to cross-team active on the serviceops board.Aug 17 2020, 11:45 PM
JMeybohm claimed this task.Sep 15 2020, 3:18 PM
JMeybohm updated the task description. (Show Details)
gerritbot added a comment.Sep 15 2020, 3:23 PM

Change 627536 had a related patch set uploaded (by JMeybohm; owner: JMeybohm):
[operations/puppet@production] lvs: Remove check_eventgate_main_http_cluster monitoring

https://gerrit.wikimedia.org/r/627536

gerritbot added a project: Patch-For-Review.Sep 15 2020, 3:23 PM

Change 627537 had a related patch set uploaded (by JMeybohm; owner: JMeybohm):
[operations/puppet@production] lvs: Remove eventgate-main non-TLS endpoint from LVS 1/2

https://gerrit.wikimedia.org/r/627537

gerritbot added a comment.Sep 15 2020, 3:23 PM

Change 627538 had a related patch set uploaded (by JMeybohm; owner: JMeybohm):
[operations/puppet@production] lvs: Remove eventgate-main non-TLS endpoint from LVS 2/2

https://gerrit.wikimedia.org/r/627538

gerritbot added a comment.Sep 16 2020, 8:41 AM

Change 627536 merged by JMeybohm:
[operations/puppet@production] lvs: Remove check_eventgate_main_http_cluster monitoring

https://gerrit.wikimedia.org/r/627536

gerritbot added a comment.Sep 22 2020, 9:26 AM

Change 627537 merged by JMeybohm:
[operations/puppet@production] lvs: Remove eventgate-main non-TLS endpoint from LVS 1/2

https://gerrit.wikimedia.org/r/627537

gerritbot added a comment.Sep 22 2020, 9:48 AM

Change 627538 merged by JMeybohm:
[operations/puppet@production] lvs: Remove eventgate-main non-TLS endpoint from LVS 2/2

https://gerrit.wikimedia.org/r/627538

Stashbot mentioned this in T255870: Move eventgate-analytics to use TLS only.Sep 22 2020, 9:51 AM

Mentioned in SAL (#wikimedia-operations) [2020-09-22T09:51:12Z] <jayme> running puppet on lvs servers - T255873 T255870

Stashbot added a comment.Sep 22 2020, 9:55 AM

Mentioned in SAL (#wikimedia-operations) [2020-09-22T09:55:22Z] <jayme> restarting pybal on lvs1016.eqiad.wmnet,lvs2010.codfw.wmnet - T255873 T255870

Stashbot added a comment.Sep 22 2020, 9:57 AM

Mentioned in SAL (#wikimedia-operations) [2020-09-22T09:57:17Z] <jayme> restarting pybal on lvs1015.eqiad.wmnet,lvs2009.codfw.wmnet - T255873 T255870

Stashbot added a comment.Sep 22 2020, 9:59 AM

Mentioned in SAL (#wikimedia-operations) [2020-09-22T09:59:04Z] <jayme> running ipvsadm -D -t 10.2.2.45:34192; ipvsadm -D -t 10.2.2.42:35192 on lvs1016.eqiad.wmnet,lvs1015.eqiad.wmnet - T255873 T255870

Stashbot added a comment.Sep 22 2020, 9:59 AM

Mentioned in SAL (#wikimedia-operations) [2020-09-22T09:59:44Z] <jayme> running ipvsadm -D -t 10.2.1.45:34192; ipvsadm -D -t 10.2.1.42:35192 on lvs2010.codfw.wmnet,lvs2009.codfw.wmnet - T255873 T255870

JMeybohm updated the task description. (Show Details)Sep 22 2020, 10:02 AM
Maintenance_bot removed a project: Patch-For-Review.Sep 22 2020, 10:10 AM
JMeybohm closed this task as Resolved.Aug 30 2021, 8:05 AM

Remove the non-TLS k8s service will be handled via T255871

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits