Page MenuHomePhabricator
Create Task
Maniphest T260533

Add alert[12]001 to network ACLs
Closed, ResolvedPublic
Actions

Description

These hosts will be replacing icinga* hosts in parent task, namely:

alert1001.wikimedia.org has address 208.80.154.88
alert1001.wikimedia.org has IPv6 address 2620:0:861:3:208:80:154:88

alert2001.wikimedia.org has address 208.80.153.84
alert2001.wikimedia.org has IPv6 address 2620:0:860:3:208:80:153:84

Please add to network ACLs where needed, we'll followup with decom'ing icinga* hosts when the time comes, thanks!

Details

ProjectBranchLines +/-Subject
operations/homer/publicmaster+8 -0Add alert[12]001 to existing icinga ACL terms
Customize query in gerrit

Related Objects
Search...

Event Timeline

fgiunchedi created this task.Aug 17 2020, 12:52 PM
Restricted Application added a project: SRE. · View Herald TranscriptAug 17 2020, 12:52 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
gerritbot added a comment.Aug 18 2020, 8:23 AM

Change 620883 had a related patch set uploaded (by Ayounsi; owner: Ayounsi):
[operations/homer/public@master] Add alert[12]001 to existing icinga ACL terms

https://gerrit.wikimedia.org/r/620883

gerritbot added a project: Patch-For-Review.Aug 18 2020, 8:23 AM
gerritbot added a comment.Aug 18 2020, 8:55 AM

Change 620883 merged by jenkins-bot:
[operations/homer/public@master] Add alert[12]001 to existing icinga ACL terms

https://gerrit.wikimedia.org/r/620883

ayounsi closed this task as Resolved.Aug 18 2020, 9:01 AM
ayounsi claimed this task.
ayounsi added a subscriber: ayounsi.

Deployed!

Maintenance_bot removed a project: Patch-For-Review.Aug 18 2020, 9:10 AM
fgiunchedi reopened this task as Open.Aug 18 2020, 9:12 AM
fgiunchedi added subscribers: Dwisehaupt, Jgreen.

Thanks @ayounsi !

Reopening since we'll need to add these hosts to pfw devices as well, cc @Jgreen and @Dwisehaupt could you help with that ? Thanks!

fgiunchedi removed ayounsi as the assignee of this task.Aug 18 2020, 9:13 AM
fgiunchedi added a project: fundraising-tech-ops.
fgiunchedi added a comment.Aug 18 2020, 9:42 AM

@ayounsi looks like mgmt access isn't permitted yet, can't ping mgmt.eqiad.wmnet e.g.

alert1001# ping ps1-c1-eqiad.mgmt.eqiad.wmnet
PING ps1-c1-eqiad.mgmt.eqiad.wmnet (10.65.0.48) 56(84) bytes of data.
^C
--- ps1-c1-eqiad.mgmt.eqiad.wmnet ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 24ms
Stashbot added a comment.Aug 18 2020, 11:53 AM

Mentioned in SAL (#wikimedia-operations) [2020-08-18T11:53:56Z] <XioNoX> add new icinga hosts to mr policies - T260533

fgiunchedi triaged this task as Medium priority.Aug 19 2020, 9:05 AM
Jgreen moved this task from Triage to Watching on the fundraising-tech-ops board.Aug 19 2020, 4:25 PM
lmata moved this task from Inbox to Radar on the observability board.Aug 27 2020, 2:19 PM
lmata added a subscriber: lmata.Sep 8 2020, 6:57 PM
Jgreen closed subtask T262291: update nagios_nsca configuration in frack for new nsca servers as Resolved.Sep 9 2020, 2:12 PM
ayounsi added a comment.Oct 26 2020, 9:54 AM

@herron anything left to do?

herron closed this task as Resolved.Oct 26 2020, 1:32 PM
herron claimed this task.

Nope! I think we're good here

Jgreen moved this task from Watching to Done on the fundraising-tech-ops board.Dec 4 2020, 5:46 PM
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL