Services without a service IP cannot automatically be switched by the switchdc cookbook
Open, MediumPublic
Actions

Assigned To

None

Authored By

	Legoktm
	Jun 28 2021, 5:41 PM

Description

During the DC switchover today, the helm-charts service failed verification causing the cookbook to abort because it doesn't have a service IP

Either:

the cookbook/spicerack should support services without a service IP
all services must have a service IP, whether it's otherwise technically needed or not

Details

	Subject	Repo	Branch	Lines +/-
	sre.switchdc.services: Exclude helm-charts, lacking a service IP	operations/cookbooks	master	+1 -0

Customize query in gerrit

Related Objects

Mentioned In: rCCKB269a0e30d99c: sre.switchdc.services: Exclude helm-charts, lacking a service IP

Event Timeline

Legoktm created this task.Jun 28 2021, 5:41 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 28 2021, 5:41 PM

helm-charts not having a service IP was a design decision because we only have (and need) one replica per DC. IIRC there are already other "services" following this approach (@Dzahn, maybe) and I think we should support it.

In T285707#7182854, @JMeybohm wrote:

helm-charts not having a service IP was a design decision because we only have (and need) one replica per DC. IIRC there are already other "services" following this approach (@Dzahn, maybe) and I think we should support it.

In order to do that, we'd need to change the logic of the dns module in spicerack quite a bit. I think for the switchback we can just add it to the excluded services.

Volans subscribed.Jun 30 2021, 8:15 AM

I guess that the important part here is to make an explicit decision if the setup for heml-charts (discovery record without svc records) is just an exception or an additional standard way to setup things that we want to support.
Based on that we should either fix helm-charts to not be an exception or support the new use case properly.

Volans added a project: Traffic.Jun 30 2021, 8:57 AM

taavi subscribed.Jun 30 2021, 9:00 AM

Maintenance_bot added a project: SRE.Jun 30 2021, 9:45 AM

It would also be nice if the cookbook could check all services, and then fail if at least one didn't verify properly. Right now it just aborts at the first failure, which gives you no indication about the services that came after it in the list.

Legoktm triaged this task as High priority.Jul 27 2021, 6:09 PM

Legoktm added a parent task: T287539: September 2021 Datacenter switchover (codfw -> eqiad).Aug 4 2021, 9:24 PM

Change 710235 had a related patch set uploaded (by Legoktm; author: Legoktm):

[operations/cookbooks@master] sre.switchdc.services: Exclude helm-charts, lacking a service IP

https://gerrit.wikimedia.org/r/710235

gerritbot added a project: Patch-For-Review.Aug 5 2021, 10:48 AM

Change 710235 merged by jenkins-bot:

[operations/cookbooks@master] sre.switchdc.services: Exclude helm-charts, lacking a service IP

https://gerrit.wikimedia.org/r/710235

Legoktm renamed this task from During DC switch, helm-charts failed verification because it doesn't have a service IP to Services without a service IP cannot automatically be switched by the switchdc cookbook.Aug 10 2021, 6:54 PM

Legoktm lowered the priority of this task from High to Medium.

Legoktm updated the task description. (Show Details)

Maintenance_bot removed a project: Patch-For-Review.Aug 10 2021, 7:11 PM

Legoktm removed a parent task: T287539: September 2021 Datacenter switchover (codfw -> eqiad).Aug 27 2021, 11:09 PM

BBlack removed a project: Traffic.Oct 8 2021, 7:23 PM

jijiki moved this task from Incoming 🐫 to 🙈🙉🙊Backlog on the serviceops board.Sep 28 2022, 2:23 PM

Legoktm mentioned this in rCCKB269a0e30d99c: sre.switchdc.services: Exclude helm-charts, lacking a service IP.Dec 14 2022, 3:28 PM

Clement_Goubert moved this task from Backlog to Automation improvements on the Datacenter-Switchover board.Mar 27 2023, 1:21 PM