Page MenuHomePhabricator
Create Task
Maniphest T260388

HTTP proxy can't be created matching a Cloud VPS project name if it has a Designate zone as well
Closed, ResolvedPublic
Actions

Description

[19:05]  <   Ed6767> Hi - I'm trying to set up a web proxy per the help pages, have Apache and the security rules set fine, but creating the proxy on Horizon fails with "Error: RecordSet belongs in a child zone: redwarn.wmcloud.org.
[19:06]  <  mutante> Ed6767: what is the proxy name you are trying to use?
[19:06]  <  mutante> redwarn ?
[19:06]  <   Ed6767> redwarn
[19:06]  <   Ed6767> Yeah
[19:08]  <  mutante> hmm. my proxy is still in wmflabs.org. it sounds like it would be connected to the migration from wmflabs to wmcloud domain
[19:09]  <   Ed6767> I could try the other domain but it wouldn't be ideal with it being legacy and all
[19:09]  <  mutante> Ed6767: i just checked and see both domains in the menu still
[19:09]  <  mutante> yes, try it
[19:09]  <  mutante> let's just see if it has that same error or not
[19:09]  <   Ed6767> Nope same error Error: RecordSet belongs in a child zone: redwarn.wmflabs.org.
[19:10]  <  mutante> did you do anyting in the "Zones" menu item before doing "Web Proxies" ?
[19:10]  <   Ed6767> Nope all default - did I miss something?
[19:11]  <  mutante> Ed6767: i dont know yet, but i just tried to create a proxy myself in a random project and it works
[19:11]  <  mutante> could not confirm the issue there
[19:11]  <   Ed6767> hm weird
[19:12]  <  mutante> did "redwarn" exist before and was then deleted? maybe a remnant?
[19:12]  <  mutante> would be tempted to try "redwarn2"
[19:13]  <   Ed6767> Could try rw Idk
[19:13]  <   Ed6767> Well that worked
[19:13]  <   Ed6767> Just doesn't really like redwarn then
[19:14]  <  mutante> Ed6767: well.. confirmed. 'redwarn' the word is bad :)
[19:14]  <  mutante> i get the same error when i try that
[19:14]  <   Ed6767> Thanks for you help!
[19:14]  <  mutante> it seems like this has been used before
[19:14]  <  mutante> it might still be worth a bug report though
[19:16]  <   Ed6767> Yh would be slightly useful if it said it had already been taken
[19:16]  <   Ed6767> Thanks again
[19:17]  <  mutante> i am not sure if this is just "already taken" or if it is a bug that an old thing never gets cleaned up all the way
[19:17]  <  mutante> you're welcome

The underlying problem here is that our OpenStack automation around project creation has created Designate (DNS) zones named redwarn.wmcloud.org and redwarn.wmflabs.org and transferred control of those zones to the redwarn project. Our Horizon dashboard for creating HTTP proxy records tries to create an A record in the wmflabs.org or wmcloud.org zone directly and this will fail if there is zone with the same name.

Details

SubjectRepoBranchLines +/-
Handle changing a proxy in a zone owned by the current projectopenstack/horizon/wmf-proxy-dashboardmain+27 -5
Update wmf-proxy-dashboard submoduleopenstack/horizon/deploytrain+1 -1
Handle changing a proxy in a zone owned by the current projectopenstack/horizon/wmf-proxy-dashboardtrain+27 -5
Handle changing a proxy in a zone owned by the current projectopenstack/horizon/wmf-proxy-dashboardmaster+27 -5
Customize query in gerrit

Related Objects

Event Timeline

bd808 created this task.Aug 13 2020, 7:48 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 13 2020, 7:48 PM
bd808 added a comment.Aug 13 2020, 7:49 PM

Project creation: T260007: Request creation of RedWarn VPS project

$ sudo wmcs-openstack zone list --sudo-project-id redwarn
+--------------------------------------+-------------------------------------+---------+------------+--------+--------+
| id                                   | name                                | type    |     serial | status | action |
+--------------------------------------+-------------------------------------+---------+------------+--------+--------+
| c29f47c4-b73b-4ec6-9d40-bace2e10aaf6 | redwarn.eqiad1.wmcloud.org.         | PRIMARY | 1597336268 | ACTIVE | NONE   |
| 4b53a937-17c1-4689-9e80-b53a3371249c | svc.redwarn.eqiad1.wikimedia.cloud. | PRIMARY | 1597336277 | ACTIVE | NONE   |
| 9415efd5-36ea-4dc4-a6fd-65d117d3073a | redwarn.wmcloud.org.                | PRIMARY | 1597336286 | ACTIVE | NONE   |
| bae88f08-5947-458f-96ac-afc2bd22dd0e | redwarn.wmflabs.org.                | PRIMARY | 1597336296 | ACTIVE | NONE   |
+--------------------------------------+-------------------------------------+---------+------------+--------+--------+
bd808 added a comment.Aug 13 2020, 7:51 PM

one "fix" I could see for this is actually rolling back the automatic creation of the public IP zones (<project>.wmcloud.org, <project>.wmflabs.org) as part of the project creation work. These zones are mostly useless for projects which are not using floating IPs.

gerritbot added a comment.Aug 13 2020, 9:30 PM

Change 620121 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[openstack/horizon/wmf-proxy-dashboard@master] Handle changing a proxy in a zone owned by the current project

https://gerrit.wikimedia.org/r/620121

gerritbot added a project: Patch-For-Review.Aug 13 2020, 9:30 PM
gerritbot added a comment.Aug 13 2020, 9:47 PM

Change 620121 merged by Andrew Bogott:
[openstack/horizon/wmf-proxy-dashboard@master] Handle changing a proxy in a zone owned by the current project

https://gerrit.wikimedia.org/r/620121

gerritbot added a comment.Aug 13 2020, 9:47 PM

Change 620124 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[openstack/horizon/wmf-proxy-dashboard@train] Handle changing a proxy in a zone owned by the current project

https://gerrit.wikimedia.org/r/620124

gerritbot added a comment.Aug 13 2020, 9:47 PM

Change 620124 merged by Andrew Bogott:
[openstack/horizon/wmf-proxy-dashboard@train] Handle changing a proxy in a zone owned by the current project

https://gerrit.wikimedia.org/r/620124

gerritbot added a comment.Aug 13 2020, 9:49 PM

Change 620125 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[openstack/horizon/deploy@train] Update wmf-proxy-dashboard submodule

https://gerrit.wikimedia.org/r/620125

gerritbot added a comment.Aug 13 2020, 9:49 PM

Change 620125 merged by Andrew Bogott:
[openstack/horizon/deploy@train] Update wmf-proxy-dashboard submodule

https://gerrit.wikimedia.org/r/620125

Stashbot added a comment.Aug 13 2020, 9:50 PM

Mentioned in SAL (#wikimedia-operations) [2020-08-13T21:50:25Z] <andrew@deploy1001> Started deploy [horizon/deploy@f3dcb29]: fix proxy in project-local domain --bug T260388

Stashbot added a comment.Aug 13 2020, 9:54 PM

Mentioned in SAL (#wikimedia-operations) [2020-08-13T21:54:17Z] <andrew@deploy1001> Finished deploy [horizon/deploy@f3dcb29]: fix proxy in project-local domain --bug T260388 (duration: 03m 53s)

Andrew closed this task as Resolved.Aug 13 2020, 9:59 PM
Andrew claimed this task.
Andrew subscribed.

This is a regression that I introduced when adding in-place editing of existing proxies. It should be fixed now. Please re-open if you run into more trouble.

Maintenance_bot removed a project: Patch-For-Review.Aug 13 2020, 10:10 PM
gerritbot added a comment.May 10 2021, 8:15 PM

Change 688408 had a related patch set uploaded (by Andrew Bogott; author: Andrew Bogott):

[openstack/horizon/wmf-proxy-dashboard@main] Handle changing a proxy in a zone owned by the current project

https://gerrit.wikimedia.org/r/688408

gerritbot added a project: Patch-For-Review.May 10 2021, 8:15 PM

Change 688408 merged by Andrew Bogott:

[openstack/horizon/wmf-proxy-dashboard@main] Handle changing a proxy in a zone owned by the current project

https://gerrit.wikimedia.org/r/688408

Maintenance_bot removed a project: Patch-For-Review.May 10 2021, 9:10 PM
Bstorm mentioned this in T288962: Cannot create web proxy because of Duplicate RecordSet.Aug 19 2021, 4:47 PM
MusikAnimal mentioned this in T291886: WikiWho tool is down on English Wikipedia.Sep 27 2021, 10:04 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL