Please create a additional network port in the project devtools.
Network: private network (lan-flat-cloudinstances2b?)
Name: gitlab-prod-1001-eth1
Assign to instance gitlab-prod-1001 (uuid 66fc4883-87ff-446a-bdc6-04201e393a44)
Description
Description
Details
Details
| Subject | Repo | Branch | Lines +/- | |
|---|---|---|---|---|
| gitlab: update sevice_ip and ferm_drange for wmcs | operations/puppet | production | +3 -3 |
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | Jelto | T297411 Migrate gitlab-test instance to puppet | |||
| Resolved | taavi | T302803 Create additional network port in project devtools |
Event Timeline
Comment Actions
Mentioned in SAL (#wikimedia-cloud) [2022-03-01T18:16:17Z] <taavi> allocated secondary IP for gitlab-prod-1001 per request on T302803
Comment Actions
Done:
- Reserved secondary IP 172.16.7.146 by creating a new Neutron port
- Configured the primary port of gitlab-prod-1001 to allow listening on that IP
- Updated floating IP 185.15.56.79 to point to the new secondary IP via Horizon.
Feel free to re-open if you have any issues.
Comment Actions
Thanks a lot for setting up the additional port! I can confirm that the port is present in Horizon Interface.
However the port is marked as down and is not associated with the instance gitlab-prod-1001.
Name Fixed IPs MAC Address Attached Device Status Admin State gitlab-prod-1001-eth1 172.16.7.146 fa:16:3e:71:0b:30 Detached Down UP
And instance gitlab-prod-1001 seem to only have a single port/IP address 172.16.2.73.
When I try to reach my services they stopped working and I get a Destination Host Unreachable for the floating IP.
Could you please check if both ports (with address 172.16.2.73 and 172.16.7.146) are assigned to instance gitlab-prod-1001 and that the floating IP is mapped to the second port (gitlab-prod-1001-eth1, IP 172.16.7.146).
Comment Actions
Right. I initially configured the IP and the port like we usually do for secondary Keepalived VIPs, where instead of a secondary interface you can listen on the secondary IP on the primary interface/port. AIUI that's how it's implemented on production GitLab too (at least the Puppet manifests are using interface::alias). I can also configure it as a secondary interface if you confirm you prefer that.
Comment Actions
The keepalived VIP configuration was not clear for me from looking at the horizon interface.
I configured the additional IP 172.16.7.146 on the first NIC for the instance and can receive traffic! Thanks a lot and sorry for the confusion.
I'm closing the task again.
Comment Actions
Change 767473 had a related patch set uploaded (by Jelto; author: Jelto):
[operations/puppet@production] gitlab: update sevice_ip and ferm_drange for wmcs
Comment Actions
Change 767473 merged by Jelto:
[operations/puppet@production] gitlab: update sevice_ip and ferm_drange for wmcs