Page MenuHomePhabricator

sre.ganeti.makevm cookbook should sanity check VM name
Closed, ResolvedPublic

Description

The sre.ganeti.makevm cookbook should have prevented me from creating a host named registry2004.eqiad.wmnet in codfw_B.

Something like host.endswith(('.wikimedia.org', f'.{dc}.wmnet')) would've caught it.

Event Timeline

Another option would be to reuse the regexes from ops/puppet:

(?<!WMF)[^1][[:digit:]]{3}\.eqiad\.wmnet
(?<!WMF)[^2][[:digit:]]{3}\.codfw\.wmnet
(?<!WMF)[^3][[:digit:]]{3}\.(esams|knams)\.wmnet
(?<!WMF)[^4][[:digit:]]{3}\.ulsfo\.wmnet
(?<!WMF)[^5][[:digit:]]{3}\.eqsin\.wmnet

I agree with the requirement, disagree with the approach, we should change the cookbook parameters to accept only the hostname and generate the FQDN automatically based on the location and network.
We could optionally add also a sanity check on the integer part, but should be quite fuzzy because we also have an inconsistent list of cases that don't match the above regexes. I'd say just checking that there are 4 integers or none at all ( we still need to support the use case of misc names) and that the first integer (if there) matches the location.

Change 668867 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[operations/cookbooks@master] sre.ganeti.makevm: Automatically generate fqdn from hostname

https://gerrit.wikimedia.org/r/668867

I agree with the requirement, disagree with the approach, we should change the cookbook parameters to accept only the hostname and generate the FQDN automatically based on the location and network.
We could optionally add also a sanity check on the integer part, but should be quite fuzzy because we also have an inconsistent list of cases that don't match the above regexes. I'd say just checking that there are 4 integers or none at all ( we still need to support the use case of misc names) and that the first integer (if there) matches the location.

Sounds even better :) This is what I implemented in the patch.

Change 668867 merged by jenkins-bot:
[operations/cookbooks@master] sre.ganeti.makevm: Automatically generate fqdn from hostname

https://gerrit.wikimedia.org/r/668867

I tested this while creating lists1002.wikimedia.org today, worked as intended :)

Updated documentation: https://wikitech.wikimedia.org/w/index.php?title=Ganeti&type=revision&diff=1904470&oldid=1901141