Page MenuHomePhabricator
Create Task
Maniphest T264846

sre.dns.netbox cookbook emergency improvements
Closed, ResolvedPublic
Actions

Description

As discussed on IRC we need to improve the current sre.dns.netbox cookbook to cope with emergency scenarios with the following:

  • allow to run it and merge and push the changes without deploying them to the actual gdnsd (basically skiiping the authdns-update). This will allow to stage some automated changes that require also a commit in the manual repository. The workflow would be as follows:
    • perform changes in Netbox
    • run the sre.dns.netbox cookbook with the --skip-authdns-update flag
    • merge the related manual patch needed in the operations/dns repository
    • manually run the authdns-update script that will deploy both changes at the same time
  • add an emergency edit mode to the cookbook that will generate all the records as usual but then stop to allow the user to ssh into netbox1001 in a temporary path, manually edit any file, commit --amend them and give back to the cookbook the SHA1 of the new commit to push. At this point the cookbook will continue it's usual deploy with the modified files.

Details

SubjectRepoBranchLines +/-
sre.dns.netbox: improve user messageoperations/cookbooksmaster+1 -1
added prefix 91.198.174.224/27, adapt INCLUDEoperations/dnsmaster+1 -1
sre.dns.netbox: add --emergency-manual-edit optionoperations/cookbooksmaster+18 -3
sre.dns.netbox: add --skip-authdns-update optionoperations/cookbooksmaster+12 -3
dns: add --keep-files optionoperations/software/netbox-extrasmaster+10 -3
Customize query in gerrit

Related Objects

Event Timeline

Volans triaged this task as High priority.Oct 7 2020, 8:37 AM
Volans created this task.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 7 2020, 8:37 AM
gerritbot added a comment.Oct 7 2020, 11:21 AM

Change 632697 had a related patch set uploaded (by Volans; owner: Volans):
[operations/cookbooks@master] sre.dns.netbox: add --skip-authdns-update option

https://gerrit.wikimedia.org/r/632697

gerritbot added a project: Patch-For-Review.Oct 7 2020, 11:21 AM
gerritbot added a comment.Oct 7 2020, 3:50 PM

Change 632745 had a related patch set uploaded (by Volans; owner: Volans):
[operations/software/netbox-extras@master] dns: add --keep-files option

https://gerrit.wikimedia.org/r/632745

gerritbot added a comment.Oct 7 2020, 3:53 PM

Change 632746 had a related patch set uploaded (by Volans; owner: Volans):
[operations/cookbooks@master] sre.dns.netbox: add --emergency-manual-edit option

https://gerrit.wikimedia.org/r/632746

gerritbot added a comment.Oct 8 2020, 4:02 PM

Change 632745 merged by Volans:
[operations/software/netbox-extras@master] dns: add --keep-files option

https://gerrit.wikimedia.org/r/632745

gerritbot added a comment.Oct 8 2020, 4:05 PM

Change 632697 merged by jenkins-bot:
[operations/cookbooks@master] sre.dns.netbox: add --skip-authdns-update option

https://gerrit.wikimedia.org/r/632697

gerritbot added a comment.Oct 8 2020, 4:05 PM

Change 632746 merged by jenkins-bot:
[operations/cookbooks@master] sre.dns.netbox: add --emergency-manual-edit option

https://gerrit.wikimedia.org/r/632746

Maintenance_bot removed a project: Patch-For-Review.Oct 8 2020, 4:10 PM
gerritbot added a comment.Oct 8 2020, 4:13 PM

Change 632950 had a related patch set uploaded (by Volans; owner: Volans):
[operations/dns@master] added prefix 91.198.174.224/27, adapt INCLUDE

https://gerrit.wikimedia.org/r/632950

gerritbot added a project: Patch-For-Review.Oct 8 2020, 4:13 PM
gerritbot added a comment.Oct 8 2020, 4:16 PM

Change 632950 merged by Volans:
[operations/dns@master] added prefix 91.198.174.224/27, adapt INCLUDE

https://gerrit.wikimedia.org/r/632950

Maintenance_bot removed a project: Patch-For-Review.Oct 8 2020, 5:10 PM
gerritbot added a comment.Oct 8 2020, 5:46 PM

Change 632971 had a related patch set uploaded (by Volans; owner: Volans):
[operations/cookbooks@master] sre.dns.netbox: improve user message

https://gerrit.wikimedia.org/r/632971

gerritbot added a project: Patch-For-Review.Oct 8 2020, 5:46 PM
gerritbot added a comment.Oct 8 2020, 5:50 PM

Change 632971 merged by jenkins-bot:
[operations/cookbooks@master] sre.dns.netbox: improve user message

https://gerrit.wikimedia.org/r/632971

Volans closed this task as Resolved.Oct 8 2020, 5:50 PM

Both scenarios are now covered by the cookbook and described in wikitech:

Maintenance_bot removed a project: Patch-For-Review.Oct 8 2020, 6:10 PM
Volans mentioned this in rCCKBff6ccdc62f54: sre.dns.netbox: add --skip-authdns-update option.Dec 14 2022, 3:26 PM
Volans mentioned this in rCCKB41e42d36c6e8: sre.dns.netbox: add --emergency-manual-edit option.
Volans mentioned this in rCCKBa7a55a31b7bf: sre.dns.netbox: improve user message.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL