Page MenuHomePhabricator

orchestrator: Upgrade to v3.2.6
Closed, ResolvedPublic

Description

v3.2.6 has been released.

It doesn't contain the TLS cipher fix we require (https://github.com/openark/orchestrator/pull/1295), so we'll need to build a patched version of it.

Event Timeline

Marostegui triaged this task as Medium priority.Feb 26 2021, 5:53 AM
Marostegui moved this task from Triage to Ready on the DBA board.

https://github.com/openark/orchestrator/releases/tag/v3.2.5

This version does include our patch.
I think we've never upgraded orchestrator since it was installed, it would be a good practice to upgrade and document the upgrade process.

For the record:

Changes since https://github.com/openark/orchestrator/releases/tag/v3.2.4: v3.2.4...v3.2.5

Notable:

Introducing RecoverNonWriteableMaster flag #1332
Drop fixed list of cipher suites. #1295, thanks @kormat
If access to ORCHESTRATOR_API fails do not expose the password(s) #1319, thanks @sjmudd
Expose Binlog Coordinates at time of promotion as Environment Variable #1323, thanks @gsraman
Fix filter match logic, be strict about IP addresses #1318
ConsulTxnStore: batch KV updates by key-prefix to avoid ops limit #1311, thanks @timvaillancourt
Use RaftHttpTransport for reverse-proxy #1344, thanks @akatashev
Remove resetting Auth credentials in reverse-proxy #1349, thanks @akatashev
Bump Bootstrap version, per CVE-2018-14040 #1336
docs/spelling, thanks @wreiske, michaelcoburn

https://github.com/openark/orchestrator/releases/tag/v3.2.5

This version does include our patch.
I think we've never upgraded orchestrator since it was installed, it would be a good practice to upgrade and document the upgrade process.

And maybe agree on the expectations going forward (do we upgrade immediately after release, wait a set amount of time, etc.).

Kormat renamed this task from orchestrator: Upgrade to v3.2.4 (ish) to orchestrator: Upgrade to v3.2.5.Jun 25 2021, 9:44 AM
Kormat updated the task description. (Show Details)
Kormat renamed this task from orchestrator: Upgrade to v3.2.5 to orchestrator: Upgrade to v3.2.6.Oct 13 2021, 8:48 AM
Kormat updated the task description. (Show Details)

Mentioned in SAL (#wikimedia-operations) [2021-10-14T13:14:30Z] <kormat> uploaded orchestrator 3.2.6-1 packages to apt.wm.o (buster) T275784

Mentioned in SAL (#wikimedia-operations) [2021-10-14T14:53:52Z] <kormat> upgrading orchestrator.wm.o to 3.2.6-1 T275784

This is now done and the process is documented: https://wikitech.wikimedia.org/wiki/Orchestrator

And maybe agree on the expectations going forward (do we upgrade immediately after release, wait a set amount of time, etc.).

I'd suggest that unless the new release has a feature/fix we need ASAP, that we wait for, say, a couple of weeks before upgrading.