They have been added with IPv6 which will likely mess up with the grants
- dbproxy1022
- dbproxy1023
- dbproxy1024
- dbproxy1025
- dbproxy1026
- dbproxy1027
They have been added with IPv6 which will likely mess up with the grants
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Unknown Object (Task) | |||||
Resolved | Jclark-ctr | T326346 Q4:rack/setup/install dbproxy10[22-27]. | |||
Resolved | Marostegui | T337812 Productionize dbproxy10[22-27] | |||
Resolved | Marostegui | T340003 Remove IPv6 from dbproxy10[22-27] |
I have tried to do this for dbproxy1022, where I have removeds its DNS for ipv6 and then ran sre.dns.netbox where the diff was showing correctly its removal:
-dbproxy1022 1H IN AAAA 2620:0:861:101:10:64:0:15
However:
root@cumin1001:~# host dbproxy1022 dbproxy1022.eqiad.wmnet has address 10.64.0.15 dbproxy1022.eqiad.wmnet has IPv6 address 2620:0:861:101:10:64:0:15
This is how it should look like:
root@cumin1001:~# host dbproxy1012 dbproxy1012.eqiad.wmnet has address 10.64.0.134
Infrastructure-Foundations can you let me know what the correct procedure is. Wikitech seems to agree that running the cookbook is what is needed to sync the changes.
And it is now gone:
root@cumin1001:~# host dbproxy1022 dbproxy1022.eqiad.wmnet has address 10.64.0.15 root@cumin1001:~#
It took quite long (a bit hover one hour). So all good!
The procedure is correct, of course you still have the cache of the DNS recursors that will last for 1 hour. You can wipe that in advance with the sre.dns.wipe-cache cookbook (see also https://wikitech.wikimedia.org/wiki/DNS#Recursive_Resolvers ) [I'll update that with the instructions to use the cookbook]