Page MenuHomePhabricator
Create Task
Maniphest T320508

Core routers: replace bootp with dhcp-relay
Closed, ResolvedPublic
Actions

Description

The SRXs are moving toward dhcp-relay with https://gerrit.wikimedia.org/r/c/operations/homer/public/+/841460 and the QFX switches already use that feature.
bootp is not an option anymore on multiple platforms

To keep the configuration consistent we should migrate the core routers to use dhcp-relay

Details

SubjectRepoBranchLines +/-
Automate and update DHCP relay configurationoperations/homer/publicmaster+87 -58
Add trust-option-82 to dhcp relay conf for core routersoperations/homer/publicmaster+4 -0
cr: switch bootp to dhcp-relay; asw-drmrs: manage dhcpoperations/homer/publicmaster+33 -14
Customize query in gerrit

Related Objects
Search...

StatusSubtypeAssignedTask
 ResolvedcmooneyT320508 Core routers: replace bootp with dhcp-relay
Restricted Task
 ResolvedPapaulT304851 codfw: setup a HP server to test PXE/DHCP

Event Timeline

ayounsi triaged this task as Low priority.Oct 11 2022, 1:55 PM
ayounsi created this task.
Restricted Application added a project: Infrastructure-Foundations. · View Herald TranscriptOct 11 2022, 1:55 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
cmooney added a comment.Oct 11 2022, 2:25 PM

Agreed we should add it to the CRs, no reason I can think of not to.

Also I'll think about it in terms of the l3_switch template consolidation. They should get the same but have an 'if' around the section to add the option 82 info:

cmooney@asw1-b13-drmrs> show configuration forwarding-options dhcp-relay relay-option-82 
circuit-id {
    prefix {
        host-name;
    }
}
Maintenance_bot added a project: SRE.Oct 11 2022, 2:29 PM
ayounsi moved this task from Backlog to Next quarter on the netops board.Dec 22 2022, 3:50 PM
ayounsi added a subtask: Restricted Task.Dec 23 2022, 1:48 PM

Marking this task dependent on DHCP option 97 to reduce the risk of DHCP oddities related to Option 82.

ayounsi moved this task from Next quarter to This quarter on the netops board.Feb 20 2023, 3:32 PM
gerritbot added a comment.Apr 5 2023, 9:22 AM

Change 905946 had a related patch set uploaded (by Ayounsi; author: Ayounsi):

[operations/homer/public@master] cr: switch bootp to dhcp-relay; asw-drmrs: manage dhcp

https://gerrit.wikimedia.org/r/905946

gerritbot added a project: Patch-For-Review.Apr 5 2023, 9:22 AM
ayounsi claimed this task.Apr 5 2023, 12:06 PM
gerritbot added a comment.Apr 14 2023, 6:12 AM

Change 905946 abandoned by Ayounsi:

[operations/homer/public@master] cr: switch bootp to dhcp-relay; asw-drmrs: manage dhcp

Reason:

Fixed in If0a55fa9b9ea038e77ceb896c7a0046f24cae884

https://gerrit.wikimedia.org/r/905946

Maintenance_bot removed a project: Patch-For-Review.Apr 14 2023, 6:30 AM
ayounsi reassigned this task from ayounsi to cmooney.Apr 14 2023, 6:55 AM
gerritbot added a comment.May 17 2023, 12:29 PM

Change 908346 had a related patch set uploaded (by Cathal Mooney; author: Cathal Mooney):

[operations/homer/public@master] Automate and update DHCP relay configuration

https://gerrit.wikimedia.org/r/908346

gerritbot added a project: Patch-For-Review.May 17 2023, 12:29 PM
gerritbot added a comment.May 18 2023, 11:38 AM

Change 908346 merged by jenkins-bot:

[operations/homer/public@master] Automate and update DHCP relay configuration

https://gerrit.wikimedia.org/r/908346

Stashbot added a comment.May 18 2023, 11:56 AM

Mentioned in SAL (#wikimedia-operations) [2023-05-18T11:56:25Z] <topranks> reconfiguring DHCP relay function on eqiad core routers (T320508)

Maintenance_bot removed a project: Patch-For-Review.May 18 2023, 12:10 PM
ops-monitoring-bot added a comment.May 18 2023, 12:12 PM

Cookbook cookbooks.sre.hosts.reimage was started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm

ops-monitoring-bot added a comment.May 18 2023, 12:17 PM

Cookbook cookbooks.sre.hosts.reimage started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm executed with errors:

  • sretest1002 (FAIL)
    • Downtimed on Icinga/Alertmanager
    • Disabled Puppet
    • Removed from Puppet and PuppetDB if present
    • Deleted any existing Puppet certificate
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details
ops-monitoring-bot added a comment.May 18 2023, 12:19 PM

Cookbook cookbooks.sre.hosts.reimage was started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm

ops-monitoring-bot added a comment.May 18 2023, 12:24 PM

Cookbook cookbooks.sre.hosts.reimage started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm executed with errors:

  • sretest1002 (FAIL)
    • Removed from Puppet and PuppetDB if present
    • Deleted any existing Puppet certificate
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details
ops-monitoring-bot added a comment.May 18 2023, 12:24 PM

Cookbook cookbooks.sre.hosts.reimage was started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm

ops-monitoring-bot added a comment.May 18 2023, 12:44 PM

Cookbook cookbooks.sre.hosts.reimage started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm executed with errors:

  • sretest1002 (FAIL)
    • Removed from Puppet and PuppetDB if present
    • Deleted any existing Puppet certificate
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details
ops-monitoring-bot added a comment.May 18 2023, 12:44 PM

Cookbook cookbooks.sre.hosts.reimage was started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm

ops-monitoring-bot added a comment.May 18 2023, 12:51 PM

Cookbook cookbooks.sre.hosts.reimage started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm executed with errors:

  • sretest1002 (FAIL)
    • Removed from Puppet and PuppetDB if present
    • Deleted any existing Puppet certificate
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details
ops-monitoring-bot added a comment.May 18 2023, 12:51 PM

Cookbook cookbooks.sre.hosts.reimage was started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm

ops-monitoring-bot added a comment.May 18 2023, 12:56 PM

Cookbook cookbooks.sre.hosts.reimage started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm executed with errors:

  • sretest1002 (FAIL)
    • Removed from Puppet and PuppetDB if present
    • Deleted any existing Puppet certificate
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details
ops-monitoring-bot added a comment.May 18 2023, 12:57 PM

Cookbook cookbooks.sre.hosts.reimage was started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm

ops-monitoring-bot added a comment.May 18 2023, 1:02 PM

Cookbook cookbooks.sre.hosts.reimage started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm executed with errors:

  • sretest1002 (FAIL)
    • Removed from Puppet and PuppetDB if present
    • Deleted any existing Puppet certificate
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details
ops-monitoring-bot added a comment.May 18 2023, 1:07 PM

Cookbook cookbooks.sre.hosts.reimage was started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm

ops-monitoring-bot added a comment.May 18 2023, 2:31 PM

Cookbook cookbooks.sre.hosts.reimage started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm executed with errors:

  • sretest1002 (FAIL)
    • Removed from Puppet and PuppetDB if present
    • Deleted any existing Puppet certificate
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details
ops-monitoring-bot added a comment.May 18 2023, 2:31 PM

Cookbook cookbooks.sre.hosts.reimage was started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm

gerritbot added a comment.May 18 2023, 2:47 PM

Change 921054 had a related patch set uploaded (by Cathal Mooney; author: Cathal Mooney):

[operations/homer/public@master] Add trust-option-82 to dhcp relay conf for core routers

https://gerrit.wikimedia.org/r/921054

gerritbot added a project: Patch-For-Review.May 18 2023, 2:47 PM
gerritbot added a comment.May 18 2023, 2:54 PM

Change 921054 merged by jenkins-bot:

[operations/homer/public@master] Add trust-option-82 to dhcp relay conf for core routers

https://gerrit.wikimedia.org/r/921054

Maintenance_bot removed a project: Patch-For-Review.May 18 2023, 3:11 PM
cmooney added a comment.May 18 2023, 3:18 PM
In T320508#8488549, @ayounsi wrote:

Marking this task dependent on DHCP option 97 to reduce the risk of DHCP oddities related to Option 82.

Ironic I hadn't seen this comment until today for some reason. Then spent the whole morning and afternoon dealing with DHCP oddities related to Option 82 :)

Anyway things are now working good with the 'dhcp relay' config on the core routers in place of the old 'bootp' setup. An additional piece of config is required on the core routers we don't have on the L3 switches - to trust DHCP packets with option 82 already set. That's merged now and reimage is working in tests.

Anyway we seem to be good here as things are, so we can remove the dependency and work on the Option 97 stuff separately.

cmooney closed this task as Resolved.May 18 2023, 3:19 PM
ops-monitoring-bot added a comment.May 18 2023, 3:25 PM

Cookbook cookbooks.sre.hosts.reimage started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bookworm executed with errors:

  • sretest1002 (FAIL)
    • Removed from Puppet and PuppetDB if present
    • Deleted any existing Puppet certificate
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • Host up (Debian installer)
    • Checked BIOS boot parameters are back to normal
    • The reimage failed, see the cookbook logs for the details
ops-monitoring-bot added a comment.May 18 2023, 3:37 PM

Cookbook cookbooks.sre.hosts.reimage was started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bullseye

ops-monitoring-bot added a comment.May 18 2023, 4:10 PM

Cookbook cookbooks.sre.hosts.reimage started by cmooney@cumin1001 for host sretest1002.eqiad.wmnet with OS bullseye completed:

  • sretest1002 (PASS)
    • Removed from Puppet and PuppetDB if present
    • Deleted any existing Puppet certificate
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • Host up (Debian installer)
    • Checked BIOS boot parameters are back to normal
    • Host up (new fresh bullseye OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202305181553_cmooney_1698881_sretest1002.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL