Page MenuHomePhabricator
Create Task
Maniphest T309074

Put netmon1003 in service
Closed, ResolvedPublic
Actions

Description

This task tracks putting netmon1003 (Bullseye) in service.

Prerequisites:

Failover:

Post-failover validations:

The following issues were found after the failover:

The checked issues have patches that resolve them and prevent them from happening again when doing another netmon instance deployment.

Details

Show related patches Customize query in gerrit

Related Objects
Search...

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
herron subscribed.Jun 2 2022, 8:15 PM
herron updated the task description. (Show Details)Jun 3 2022, 7:19 PM
andrea.denisse updated the task description. (Show Details)Jun 23 2022, 8:56 PM
andrea.denisse updated the task description. (Show Details)Jun 24 2022, 4:31 PM
andrea.denisse updated the task description. (Show Details)
andrea.denisse updated the task description. (Show Details)Jul 1 2022, 5:43 PM
fgiunchedi updated the task description. (Show Details)Jul 6 2022, 9:02 AM
fgiunchedi updated the task description. (Show Details)Jul 6 2022, 9:55 AM
andrea.denisse added a comment.Jul 6 2022, 8:39 PM

Approaches for putting netmon1003 in service.

a. Regular Active/Passive nodes:

  1. Fail primary to codfw.
  2. Set the netmon1003 instance as backup.
  3. Fail back to the netmon1003 instance.
  4. Live troubleshoot any issues.

b. Multiple passive nodes:

  1. Adapt Puppet to have multiple backup/passive nodes.
  2. Set the netmon1003 instance as passive node.
  3. Live troubleshoot any issues.

c. Having netmon1003 down for maintenance:

  1. Stop the netmon1002 and netmon2001 instance services.
  2. Deploy the new netmon1003 instance.
  3. Configure the netmon1003 instance as active node and netmon2001 as passive node.
  4. Live troubleshoot any issues.

After talking with the team in the weekly team we decided to proceed with approach 'b'.
More detailed steps are being added to a Google Docs document for feedback and review.

andrea.denisse updated the task description. (Show Details)Jul 8 2022, 3:59 PM
andrea.denisse updated the task description. (Show Details)
andrea.denisse updated the task description. (Show Details)Jul 11 2022, 8:27 AM
gerritbot added a comment.Jul 18 2022, 3:53 PM

Change 814848 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/puppet@production] netmon: Add suppport for multiple backup/passive nodes in Puppet

https://gerrit.wikimedia.org/r/814848

andrea.denisse updated the task description. (Show Details)Jul 20 2022, 2:07 PM
gerritbot added a comment.Jul 26 2022, 3:19 PM

Change 814848 merged by Andrea Denisse:

[operations/puppet@production] netmon: Add suppport for multiple backup/passive nodes in Puppet

https://gerrit.wikimedia.org/r/814848

andrea.denisse updated the task description. (Show Details)Jul 26 2022, 4:58 PM
gerritbot added a comment.Jul 27 2022, 6:48 PM

Change 802593 merged by Andrea Denisse:

[operations/puppet@production] Add role::netmon to the netmon1003 instance.

https://gerrit.wikimedia.org/r/802593

gerritbot added a comment.Jul 27 2022, 7:11 PM

Change 817887 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/puppet@production] netmon: Add netmon instances to Acme-chief's Hieradata for Smokeping

https://gerrit.wikimedia.org/r/817887

gerritbot added a comment.Jul 27 2022, 7:11 PM

Change 817887 merged by Andrea Denisse:

[operations/puppet@production] netmon: Add netmon instances to Acme-chief's Hieradata for Smokeping

https://gerrit.wikimedia.org/r/817887

gerritbot added a comment.Jul 27 2022, 7:26 PM

Change 817890 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/puppet@production] netmon: Add netmon1003 to scap's hieradata.

https://gerrit.wikimedia.org/r/817890

gerritbot added a comment.Jul 27 2022, 7:30 PM

Change 817890 merged by Andrea Denisse:

[operations/puppet@production] netmon: Add netmon1003 to scap's hieradata.

https://gerrit.wikimedia.org/r/817890

Maintenance_bot removed a project: Patch-For-Review.Jul 27 2022, 7:30 PM
andrea.denisse updated the task description. (Show Details)Jul 27 2022, 7:55 PM
andrea.denisse updated the task description. (Show Details)Jul 27 2022, 7:59 PM
gerritbot added a comment.Aug 1 2022, 5:41 PM

Change 819124 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/homer/public@master] netmon: Add the netmon1003 host as a syslog destination in homer

https://gerrit.wikimedia.org/r/819124

gerritbot added a project: Patch-For-Review.Aug 1 2022, 5:41 PM
andrea.denisse updated the task description. (Show Details)Aug 1 2022, 5:42 PM
lmata changed the task status from Open to In Progress.Aug 1 2022, 7:57 PM
lmata added a project: SRE Observability (FY2022/2023-Q1).
lmata moved this task from Inbox to In progress on the SRE Observability (FY2022/2023-Q1) board.
lmata subscribed.
gerritbot added a comment.Aug 1 2022, 10:07 PM

Change 819177 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/dns@master] netmon: failover to netmon1003

https://gerrit.wikimedia.org/r/819177

andrea.denisse updated the task description. (Show Details)Aug 1 2022, 10:16 PM
andrea.denisse updated the task description. (Show Details)Aug 1 2022, 10:19 PM
gerritbot added a comment.Aug 1 2022, 10:22 PM

Change 819179 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/puppet@production] netmon: failover to netmon1003

https://gerrit.wikimedia.org/r/819179

andrea.denisse updated the task description. (Show Details)Aug 1 2022, 10:22 PM
andrea.denisse updated the task description. (Show Details)
andrea.denisse updated the task description. (Show Details)Aug 1 2022, 10:25 PM
ayounsi subscribed.Aug 2 2022, 6:06 AM

I think it's great.

For the sake of completeness you should list the verification and cleanup actions to perform after the failover to ensure everything is working as expected. For example:

andrea.denisse updated the task description. (Show Details)Aug 3 2022, 4:13 AM
gerritbot added a comment.Aug 3 2022, 8:16 PM

Change 820215 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/puppet@production] netmon: Open firewall port to connecto to the LibreNMS database.

https://gerrit.wikimedia.org/r/820215

andrea.denisse updated the task description. (Show Details)Aug 3 2022, 8:18 PM
gerritbot added a comment.Aug 3 2022, 8:35 PM

Change 820215 merged by Andrea Denisse:

[operations/puppet@production] netmon: Open firewall port to connecto to the LibreNMS database.

https://gerrit.wikimedia.org/r/820215

jcrespo added subscribers: Ladsgroup, jcrespo.Aug 4 2022, 7:16 PM

Ping for @Ladsgroup as Manuel is on vacations. Obs team/netops requested overseeing to make sure grants etc. and db connections are working in general after maintenance, as they are going to switch the active mysql client to another server (librenms/m1). As it is behind a proxy probably not many changes are needed, but heads up.

I will also be standby to take a custom librenms/m1 backup before maintenance happens just in case, on their request, always a good idea to avoid problems and making recovery immediate if any problem arises (e.g. I think an upgrade will happen at the same time). :-)

gerritbot added a comment.Aug 4 2022, 8:04 PM

Change 820554 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/puppet@production] netmon: Add DNS entries to test LibreNMS in Debian Bullseye

https://gerrit.wikimedia.org/r/820554

andrea.denisse updated the task description. (Show Details)Aug 8 2022, 4:07 PM
jcrespo added a comment.Aug 9 2022, 9:36 AM

A few data precaution items that shouldn't affect the proper planned maintenance:

So backing up librenms takes around 7 minutes- if you give me some advance time for awareness ahead of the maintenance, I can take a newer last backup just after the application goes down for fast recovery. A backup was anyway taken today at 01:46:24.

Normally we also stop replication on a passive db for even faster recovery- my intention is to stop replication on db1117:m1 for some time until the new setup is confirmed as working as intended and with all data.

None of these are normally used or needed, but better safe than sorry :-D.

Stashbot added a comment.Aug 9 2022, 1:23 PM

Mentioned in SAL (#wikimedia-operations) [2022-08-09T13:23:30Z] <jynus> stop replication on db1117:m1 T309074

gerritbot added a comment.Aug 9 2022, 1:29 PM

Change 819177 merged by Andrea Denisse:

[operations/dns@master] netmon: failover to netmon1003

https://gerrit.wikimedia.org/r/819177

gerritbot added a comment.Aug 9 2022, 1:40 PM

Change 821746 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/dns@master] netmon: Smokeping failover to netmon1003

https://gerrit.wikimedia.org/r/821746

gerritbot added a comment.Aug 9 2022, 1:40 PM

Change 821746 merged by Andrea Denisse:

[operations/dns@master] netmon: Smokeping failover to netmon1003

https://gerrit.wikimedia.org/r/821746

gerritbot added a comment.Aug 9 2022, 1:44 PM

Change 819179 merged by Andrea Denisse:

[operations/puppet@production] netmon: failover to netmon1003

https://gerrit.wikimedia.org/r/819179

andrea.denisse updated the task description. (Show Details)Aug 9 2022, 1:46 PM
gerritbot added a comment.Aug 9 2022, 1:56 PM

Change 819124 merged by jenkins-bot:

[operations/homer/public@master] netmon: Add the netmon1003 host as a syslog destination in homer

https://gerrit.wikimedia.org/r/819124

gerritbot added a comment.Aug 9 2022, 3:57 PM

Change 820554 abandoned by Andrea Denisse:

[operations/puppet@production] netmon: Add DNS entries to test LibreNMS in Debian Bullseye

Reason:

Required changes were merged and it seems to be working properly now.

https://gerrit.wikimedia.org/r/820554

Stashbot added a comment.Aug 10 2022, 8:13 AM

Mentioned in SAL (#wikimedia-operations) [2022-08-10T08:13:20Z] <jynus> restart replication on db1117:m1 T309074

fgiunchedi mentioned this in T314936: Rancid on netmon1003 unable to login to network devices.Aug 10 2022, 1:47 PM
gerritbot added a comment.Aug 10 2022, 5:34 PM

Change 822124 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/puppet@production] netmon: Use netmon1003's IP address for the librenms endpoint

https://gerrit.wikimedia.org/r/822124

gerritbot added a comment.Aug 10 2022, 5:47 PM

Change 822126 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/puppet@production] netmon: Add the netmon1003 host to the alertmanager API rw

https://gerrit.wikimedia.org/r/822126

gerritbot added a comment.Aug 11 2022, 8:10 AM

Change 822124 merged by Filippo Giunchedi:

[operations/puppet@production] netmon: Use netmon1003's IP address for the librenms endpoint

https://gerrit.wikimedia.org/r/822124

gerritbot added a comment.Aug 11 2022, 8:11 AM

Change 822126 merged by Filippo Giunchedi:

[operations/puppet@production] netmon: Add the netmon1003 host to the alertmanager API rw

https://gerrit.wikimedia.org/r/822126

gerritbot added a comment.Aug 16 2022, 11:53 PM

Change 823764 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/puppet@production] netmon: Create LibreNMS logs file.

https://gerrit.wikimedia.org/r/823764

andrea.denisse added a subtask: T315393: Logrotate is unable to rotate LibreNMS logs in the netmon instances due to insuficient permissions to read and write log files in /var/log/.Aug 17 2022, 12:04 AM
andrea.denisse added a subtask: T314936: Rancid on netmon1003 unable to login to network devices.Aug 17 2022, 12:15 AM
andrea.denisse closed subtask T314936: Rancid on netmon1003 unable to login to network devices as Resolved.
andrea.denisse updated the task description. (Show Details)Aug 17 2022, 12:20 AM
cmooney reopened subtask T314936: Rancid on netmon1003 unable to login to network devices as Open.Aug 17 2022, 8:55 AM
andrea.denisse closed subtask T314972: LibreNMS seemingly not collecting data for many ports after migration to netmon1003 as Resolved.Aug 19 2022, 7:43 PM
andrea.denisse closed subtask T314936: Rancid on netmon1003 unable to login to network devices as Resolved.Aug 22 2022, 6:14 PM
andrea.denisse updated the task description. (Show Details)Aug 22 2022, 8:47 PM
andrea.denisse updated the task description. (Show Details)Aug 22 2022, 8:50 PM
andrea.denisse added a comment.EditedAug 22 2022, 8:54 PM

The following issues were found after the failover:

Those issues have patches that resolve them and prevent them from happening again when doing another netmon instance deployment.

andrea.denisse closed subtask T315393: Logrotate is unable to rotate LibreNMS logs in the netmon instances due to insuficient permissions to read and write log files in /var/log/ as Resolved.Aug 24 2022, 4:20 AM
andrea.denisse updated the task description. (Show Details)Aug 24 2022, 6:27 AM
herron reopened subtask T315393: Logrotate is unable to rotate LibreNMS logs in the netmon instances due to insuficient permissions to read and write log files in /var/log/ as Open.Aug 25 2022, 2:23 PM
andrea.denisse closed subtask T315393: Logrotate is unable to rotate LibreNMS logs in the netmon instances due to insuficient permissions to read and write log files in /var/log/ as Resolved.Aug 26 2022, 7:45 AM
andrea.denisse reopened subtask T315393: Logrotate is unable to rotate LibreNMS logs in the netmon instances due to insuficient permissions to read and write log files in /var/log/ as In Progress.Aug 27 2022, 5:31 AM
cmooney subscribed.Aug 29 2022, 1:28 PM

@andrea.denisse hey, I've hit another issue with netmon1003 and rancid.

Cloning the configs using git no longer works:

cmooney@wikilap:~/repos$ git clone ssh://netmon1003.wikimedia.org:/var/lib/rancid/core/ rancid-configs
Cloning into 'rancid-configs'...
fatal: '/var/lib/rancid/core/' does not appear to be a git repository
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

I suspect the issue is the permissions on the rancid directory:

cmooney@netmon1003:~$ cd /var/lib/rancid/core
-bash: cd: /var/lib/rancid/core: Permission denied

If you cd in there as root it is a git repo, but possibly the permissions need to be different to allow us clone it using our normal user accounts.

andrea.denisse closed subtask T315393: Logrotate is unable to rotate LibreNMS logs in the netmon instances due to insuficient permissions to read and write log files in /var/log/ as Resolved.Aug 29 2022, 4:42 PM
andrea.denisse added a comment.Aug 29 2022, 4:48 PM

I opened the T316569 task to track the issue.
Thanks for the report @cmooney !

andrea.denisse updated the task description. (Show Details)Aug 29 2022, 4:49 PM
andrea.denisse added a subtask: T316569: Unable to clone the rancid git configuration from the netmon instances.Aug 29 2022, 7:10 PM
andrea.denisse closed subtask T316569: Unable to clone the rancid git configuration from the netmon instances as Resolved.Aug 30 2022, 5:46 PM
andrea.denisse updated the task description. (Show Details)Aug 30 2022, 5:49 PM
andrea.denisse closed this task as Resolved.Aug 31 2022, 1:18 PM
andrea.denisse updated the task description. (Show Details)
gerritbot added a comment.Dec 7 2022, 5:04 PM

Change 865708 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/puppet@production] netmon: Remove rsync quickdatacopy failover restrictions

https://gerrit.wikimedia.org/r/865708

gerritbot added a comment.Dec 7 2022, 7:10 PM

Change 865708 merged by Andrea Denisse:

[operations/puppet@production] netmon: Remove rsync quickdatacopy failover restrictions

https://gerrit.wikimedia.org/r/865708

andrea.denisse closed subtask T322321: Decommission netmon1002 as Resolved.Dec 15 2022, 11:14 PM
lmata moved this task from Inbox to Done on the Observability-Metrics board.Jan 16 2023, 5:42 PM
gerritbot added a comment.Feb 7 2023, 8:53 PM

Change 887409 had a related patch set uploaded (by Andrea Denisse; author: Andrea Denisse):

[operations/puppet@production] netmon: Add netmon1003 to the ganeti rapi nodes list

https://gerrit.wikimedia.org/r/887409

andrea.denisse reopened subtask T322321: Decommission netmon1002 as Open.Feb 7 2023, 9:14 PM
gerritbot added a comment.Feb 8 2023, 12:09 AM

Change 887409 merged by Andrea Denisse:

[operations/puppet@production] netmon: Add netmon1003 to the ganeti rapi nodes list

https://gerrit.wikimedia.org/r/887409

Jclark-ctr closed subtask T322321: Decommission netmon1002 as Resolved.Feb 28 2023, 9:50 PM
gerritbot added a comment.Jun 9 2023, 7:17 PM

Change 928900 had a related patch set uploaded (by BCornwall; author: BCornwall):

[operations/dns@master] Remove leftover TODO item

https://gerrit.wikimedia.org/r/928900

gerritbot added a comment.Jun 12 2023, 3:41 PM

Change 928900 merged by BCornwall:

[operations/dns@master] Remove leftover TODO item

https://gerrit.wikimedia.org/r/928900

lmata moved this task from In progress to Done on the SRE Observability (FY2022/2023-Q1) board.Jul 18 2023, 5:01 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits