Currently haproxy config is written using a puppet resource which reads from hiera. This means that when clouddb hosts are to be depooled (for example updating views like https://phabricator.wikimedia.org/T302233), we have to create a puppet patch like this one and apply it. This is manual and makes automating depooling in a cookbook difficult (the first pass at a cookbook tried to use haproxy commands directly which did not work with our haproxy permissions and would make haproxy out of sync with the filesystem).
A better approach would be to put the configuration in etcd and use confd to write the latest etcd values to disk (/etc/haproxy/conf.d/multi-db-replicas.cfg) and reload haproxy when etcd changes. This way etcd can be manually updated which is easy to do programmatically.
Rough outline of steps:
- copy the hiera data about which servers are depooled in etcd
- make confd write etcd to disk (we can use a different name, like /etc/haproxy/conf.d/wikireplicas.cfg, so that the current system is undisturbed)
- this should be configured to watch the key(s) we chose to rewrite the config files
- when we're happy with the new config file, switch haproxy to read from the new config, and remove the old
- make haproxy reload when the config file changes
- test depooling a clouddb server by using etcdctl; once this works update the cookbook to depool using this command