- Add TLS support to the deployment chart
- Enable TLS on k8s in production
- Add Additional LVS endpoint configuration
- Switch services to use the TLS LVS
- Remove non-TLS LVS endpoint configuration
- Remove the non-TLS k8s service
Description
Description
Details
Details
Customize query in gerrit
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | JMeybohm | T235411 Add TLS termination to services running on kubernetes | |||
| Resolved | JMeybohm | T255878 Move wikifeeds to use TLS only |
Event Timeline
Comment Actions
Change 626132 had a related patch set uploaded (by Giuseppe Lavagetto; owner: Giuseppe Lavagetto):
[operations/deployment-charts@master] wikifeeds: use the service proxy in staging
Comment Actions
Change 626132 merged by jenkins-bot:
[operations/deployment-charts@master] wikifeeds: use the service proxy in staging
Comment Actions
Change 627517 had a related patch set uploaded (by Giuseppe Lavagetto; owner: Giuseppe Lavagetto):
[operations/deployment-charts@master] wikifeeds: use the service proxy everywhere
Comment Actions
Change 627517 merged by jenkins-bot:
[operations/deployment-charts@master] wikifeeds: use the service proxy everywhere
Comment Actions
Change 628756 had a related patch set uploaded (by Giuseppe Lavagetto; owner: Giuseppe Lavagetto):
[operations/deployment-charts@master] wikifeeds: use the service proxy for reaching the MediaWiki api
Comment Actions
Change 629154 had a related patch set uploaded (by Giuseppe Lavagetto; owner: Giuseppe Lavagetto):
[operations/puppet@production] services: add TLS encrypted endpoint for wikifeeds (1/2)
Comment Actions
Change 629155 had a related patch set uploaded (by Giuseppe Lavagetto; owner: Giuseppe Lavagetto):
[operations/puppet@production] services: add TLS encrypted endpoint for wikifeeds (2/2)
Comment Actions
Change 629154 merged by Giuseppe Lavagetto:
[operations/puppet@production] services: add TLS encrypted endpoint for wikifeeds (1/2)
Comment Actions
Change 629155 merged by Giuseppe Lavagetto:
[operations/puppet@production] services: add TLS encrypted endpoint for wikifeeds (2/2)
Comment Actions
Change 628756 abandoned by Giuseppe Lavagetto:
[operations/deployment-charts@master] wikifeeds: use the service proxy for reaching the MediaWiki api
Reason:
Comment Actions
Change 631405 had a related patch set uploaded (by JMeybohm; owner: JMeybohm):
[operations/puppet@production] lvs: Remove wikifeeds non-TLS endpoint 1/2
Comment Actions
Change 631406 had a related patch set uploaded (by JMeybohm; owner: JMeybohm):
[operations/puppet@production] lvs: Remove wikifeeds non-TLS endpoint 2/2
Comment Actions
Change 631405 merged by JMeybohm:
[operations/puppet@production] lvs: Remove wikifeeds non-TLS endpoint 1/2
Comment Actions
Change 631406 merged by JMeybohm:
[operations/puppet@production] lvs: Remove wikifeeds non-TLS endpoint 2/2
Comment Actions
Mentioned in SAL (#wikimedia-operations) [2020-10-01T14:42:42Z] <jayme> running puppet on lvs servers - T244843 T255878
Comment Actions
Mentioned in SAL (#wikimedia-operations) [2020-10-01T14:48:36Z] <jayme> restarting pybal on lvs2010.codfw.wmnet - T244843 T255878
Comment Actions
Mentioned in SAL (#wikimedia-operations) [2020-10-01T14:50:02Z] <jayme> restarting pybal on lvs1015.eqiad.wmnet,lvs2009.codfw.wmnet - T244843 T255878
Comment Actions
Mentioned in SAL (#wikimedia-operations) [2020-10-01T14:53:48Z] <jayme> running ipvsadm -D -t 10.2.1.10:8081; ipvsadm -D -t 10.2.1.47:8889 on lvs2010.codfw.wmnet,lvs2009.codfw.wmnet - T244843 T255878
Comment Actions
Mentioned in SAL (#wikimedia-operations) [2020-10-01T14:55:43Z] <jayme> running ipvsadm -D -t 10.2.2.10:8081; ipvsadm -D -t 10.2.2.47:8889 on lvs1015.eqiad.wmnet - T244843 T255878
Comment Actions
Change 715452 had a related patch set uploaded (by JMeybohm; author: JMeybohm):
[operations/deployment-charts@master] wikifeeds: Remove HTTP service from kubernetes
Comment Actions
Change 715452 merged by jenkins-bot:
[operations/deployment-charts@master] wikifeeds: Remove HTTP service from kubernetes