Page MenuHomePhabricator
Create Task
Maniphest T274314

relforge: open up access to relforge100[3,4]
Closed, ResolvedPublic2 Estimated Story Points
Actions

Description

I'm gonna be a bit lazy and copy-paste some irc context:

seems we also need to update ferm rules, can't access relforge from an-airflow1001 or stat1007.

typical operations ... would be for airflow to run something in the hadoop cluster, and that thing would talk to relfroge

We use https://wikitech.wikimedia.org/wiki/Homer to manage our networking configuration. There is a repo for the software itself, a public repo, a private repo (like the puppet private one), a public mock of the private repo, and data in netbox that gets automatically pulled in to generate the junos configuration.

Thus using the above context:

What to do

AC

  • relforge100[3,4] can be reached from an-airflow1001 or stat1007 and hadoop workers (figure out if there's other hosts we should check reachability from as well)

Details

SubjectRepoBranchLines +/-
relforge: New hosts are relforge100[3,4]operations/homer/publicmaster+11 -9
Customize query in gerrit

Related Objects
Search...

Event Timeline

RKemper created this task.Feb 9 2021, 11:07 PM
Restricted Application removed a project: Patch-For-Review. · View Herald TranscriptFeb 9 2021, 11:07 PM
gerritbot added a comment.Feb 9 2021, 11:17 PM

Change 663054 had a related patch set uploaded (by Ryan Kemper; owner: Ryan Kemper):
[operations/homer/public@master] relforge: New hosts are relforge100[3,4]

https://gerrit.wikimedia.org/r/663054

gerritbot added a project: Patch-For-Review.Feb 9 2021, 11:17 PM
RKemper updated the task description. (Show Details)Feb 9 2021, 11:48 PM
RKemper updated the task description. (Show Details)
Gehel updated the task description. (Show Details)Feb 15 2021, 4:14 PM
Gehel set the point value for this task to 2.Feb 15 2021, 4:16 PM

After discussion with @RKemper: it looks like the firewalls we need to open are the local ferm / iptables. The homer rules discussed above would be about opening access to WMCS, which we don't want.

Gehel moved this task from Incoming to Ready for Dev -- SWE on the Discovery-Search (Current work) board.Feb 15 2021, 4:16 PM
EBernhardson added a comment.Mar 2 2021, 6:27 PM

Fixed in https://gerrit.wikimedia.org/r/c/operations/puppet/+/666775

EBernhardson moved this task from Ready for Dev -- SWE to Needs Reporting on the Discovery-Search (Current work) board.Mar 2 2021, 6:28 PM
Gehel closed this task as Resolved.Mar 3 2021, 2:12 PM
gerritbot added a comment.Apr 20 2021, 12:12 AM

Change 663054 abandoned by Ryan Kemper:

[operations/homer/public@master] relforge: New hosts are relforge100[3,4]

Reason:

https://phabricator.wikimedia.org/T274314#6831090

https://gerrit.wikimedia.org/r/663054

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits