Page MenuHomePhabricator
Create Task
Maniphest T353464

Migrate wikikube control planes to hardware nodes
Closed, ResolvedPublic
Actions

Assigned To
hnowlan
Authored By
JMeybohm
Dec 14 2023, 4:09 PM
Tags
Referenced Files
F48799280: etcd-benchmark-output-kubestagemaster2003.txt
Apr 26 2024, 2:58 PM
F48799281: etcd-benchmark-output-kubestagemaster2003_isolated.txt
Apr 26 2024, 2:58 PM
F48799282: etcd-benchmark-output-ganeti-test2003.txt
Apr 26 2024, 2:58 PM
F48799283: etcd-benchmark-output-mw2391.txt
Apr 26 2024, 2:58 PM
F41610964: image.png
Dec 18 2023, 1:37 PM
F41610962: image.png
Dec 18 2023, 1:37 PM
F41610960: image.png
Dec 18 2023, 1:37 PM
F41610958: image.png
Dec 18 2023, 1:37 PM
Subscribers
Aklapper
akosiaris
bking
CDanis
Clement_Goubert
elukey
fgiunchedi
View All 13 Subscribers

Description

Currently we run 2 control planes as well as 3 etcd nodes per DC as ganeti VMs. We already hit limits in terms of IOPS on the etcd instances and we do scratch on the upper "limit" for memory on ganeti for the control planes (12GB currently).

We should draft a plan to migrate from the 2+3 ganeti instances to 3 hardware nodes (repurposing mw appservers) and co-locate a kubernetes master and etcd sever on each of them.

It should be possible to do this by adding the new control-planes/etcd nodes and remove the ganeti ones after.

In the spreadsheet at T351074: Move servers from the appserver/api cluster to kubernetes I've reserved 3 R440 nodes per DC to be used as apiservers:

  • mw2331 => wikikube-ctrl2001 => To be refreshed FY2425 Q3
  • mw2361 => wikikube-ctrl2002 => To be refreshed FY2425 Q3
  • mw2391 => wikikube-ctrl2003
  • mw1372 => wikikube-ctrl1001
  • mw1429 => wikikube-ctrl1002
  • mw1436 => wikikube-ctrl1003

These should be renamed during reimage because of their special role in the cluster:

I wrote a documentation on how to add stacked control-planes and how to remove them as well as etcd nodes at: https://wikitech.wikimedia.org/wiki/Kubernetes/Clusters/Add_or_remove_control-planes

For preparation we should reimage the above appservers to insetup using the same partition layout as we use for kubernetes workers.

What I totally failed to think about while doing staging is the opportunity to align wikikube control-plane names with the other clusters which use names like ml-serve-ctrlXXXX/aux-k8s-ctrlXXXX. So maybe we could rename to wikikube-ctrlXXX (I really don't like the k8s that dse and aux threw in the mix) to come one step closer to T336861: Fix naming confusion around main/wikikube kubernetes clusters.

Details

Other Assignee
jijiki
Related Changes in Gerrit:
SubjectRepoBranchLines +/-
kubernetes::master_stacked: Limit etcd access to localhostoperations/puppetproduction+1 -1
role::etcd::v3::kubernetes is no moreoperations/puppetproduction+0 -39
wikikube: Remove remaining hiera files and role for non stacked mastersoperations/puppetproduction+1 -80
kubernetes: Remove etcd_urls from wikikube clustersoperations/puppetproduction+0 -8
Remove role::etcd::v3::kubernetes and hostsoperations/puppetproduction+1 -24
Remove kubetcd200[4-6] from etcd SRV recordsoperations/dnsmaster+0 -6
cumin: fix kube-master aliasesoperations/puppetproduction+1 -1
Remove kubetcd* from etcd SRV records (eqiad+codfw)operations/dnsmaster+0 -12
kubernetes: retire kubemaster100[1-2] in eqiadoperations/puppetproduction+0 -11
kubernetes: retire kubemaster200[1-2] in codfwoperations/puppetproduction+1 -7
Add wikikube-ctrl2002 to server SRV record for etcdoperations/dnsmaster+1 -0
Add wikikube-ctrl2003 to server SRV record for etcdoperations/dnsmaster+1 -0
Add wikikube-ctrl2001 to server SRV record for etcdoperations/dnsmaster+1 -0
Add wikikube-ctrl1003 to server SRV record for etcd 4operations/dnsmaster+1 -0
Add wikikube-ctrl1002 to server SRV record for etcd 3operations/dnsmaster+1 -0
Add wikikube-ctrl100[1-3] as master_stacked 2operations/puppetproduction+10 -11
Add wikikube-ctrl1001 to server SRV record for etcd 1operations/dnsmaster+1 -0
Add wikikube-ctrl2003 as master_stackedoperations/puppetproduction+1 -6
Add wikikube-ctrl2002 as master_stackedoperations/puppetproduction+1 -6
Add wikikube-ctrl to Homer wmf plugin to assign to k8s BGP groupoperations/software/homer/deploymaster+3 -1
Add wikikube-ctrl200[1-3] as master_stackedoperations/puppetproduction+13 -5
installserver: correct wikikube-ctrl partitioningoperations/puppetproduction+3 -3
installserver: set disk profile for wikikube-ctrl*operations/puppetproduction+4 -0
appservers: 6 wikikube-ctrl to insetup before reimagingoperations/puppetproduction+32 -8
Add new role: kubernetes::master_stackedoperations/puppetproduction+67 -0
conftool: remove appservers before renamingoperations/puppetproduction+0 -6
Show related patches Customize query in gerrit

Related Objects
Search...

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
ops-monitoring-bot added a comment.May 21 2024, 3:56 PM

Cookbook cookbooks.sre.hosts.reimage was started by hnowlan@cumin1002 for host wikikube-ctrl2003.codfw.wmnet with OS bullseye

ops-monitoring-bot added a comment.May 21 2024, 4:17 PM

Cookbook cookbooks.sre.hosts.reimage started by hnowlan@cumin1002 for host wikikube-ctrl2002.codfw.wmnet with OS bullseye executed with errors:

  • wikikube-ctrl2002 (FAIL)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details,You can also try typing "install-console" wikikube-ctrl2002.codfw.wmnet to get a root shellbut depending on the failure this may not work.
ops-monitoring-bot added a comment.May 21 2024, 4:18 PM

Cookbook cookbooks.sre.hosts.reimage was started by hnowlan@cumin1002 for host wikikube-ctrl2002.codfw.wmnet with OS bullseye

ops-monitoring-bot added a comment.May 21 2024, 4:23 PM

Cookbook cookbooks.sre.hosts.reimage was started by hnowlan@cumin1002 for host wikikube-ctrl1002.eqiad.wmnet with OS bullseye

ops-monitoring-bot added a comment.May 21 2024, 4:30 PM

Cookbook cookbooks.sre.hosts.reimage was started by hnowlan@cumin1002 for host wikikube-ctrl1001.eqiad.wmnet with OS bullseye

ops-monitoring-bot added a comment.May 21 2024, 4:30 PM

Cookbook cookbooks.sre.hosts.reimage was started by hnowlan@cumin1002 for host wikikube-ctrl1003.eqiad.wmnet with OS bullseye

ops-monitoring-bot added a comment.May 21 2024, 4:34 PM

Cookbook cookbooks.sre.hosts.reimage started by hnowlan@cumin1002 for host wikikube-ctrl2001.codfw.wmnet with OS bullseye completed:

  • wikikube-ctrl2001 (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • Host up (Debian installer)
    • Add puppet_version metadata to Debian installer
    • Checked BIOS boot parameters are back to normal
    • Host up (new fresh bullseye OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202405211613_hnowlan_1680662_wikikube-ctrl2001.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
    • Updated Netbox status planned -> active
    • The sre.puppet.sync-netbox-hiera cookbook was run successfully
    • Cleared switch DHCP cache and MAC table for the host IP and MAC (EVPN Switch)
ops-monitoring-bot added a comment.May 21 2024, 4:35 PM

Cookbook cookbooks.sre.hosts.reimage started by hnowlan@cumin1002 for host wikikube-ctrl2003.codfw.wmnet with OS bullseye completed:

  • wikikube-ctrl2003 (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • Host up (Debian installer)
    • Add puppet_version metadata to Debian installer
    • Checked BIOS boot parameters are back to normal
    • Host up (new fresh bullseye OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202405211616_hnowlan_1680751_wikikube-ctrl2003.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
    • Updated Netbox status planned -> active
    • The sre.puppet.sync-netbox-hiera cookbook was run successfully
    • Cleared switch DHCP cache and MAC table for the host IP and MAC (EVPN Switch)
ops-monitoring-bot added a comment.May 21 2024, 4:40 PM

Cookbook cookbooks.sre.hosts.reimage started by hnowlan@cumin1002 for host wikikube-ctrl2002.codfw.wmnet with OS bullseye executed with errors:

  • wikikube-ctrl2002 (FAIL)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details,You can also try typing "install-console" wikikube-ctrl2002.codfw.wmnet to get a root shellbut depending on the failure this may not work.
ops-monitoring-bot added a comment.May 21 2024, 4:40 PM

Cookbook cookbooks.sre.hosts.reimage was started by hnowlan@cumin1002 for host wikikube-ctrl2002.codfw.wmnet with OS bullseye

ops-monitoring-bot added a comment.May 21 2024, 5:09 PM

Cookbook cookbooks.sre.hosts.reimage started by hnowlan@cumin1002 for host wikikube-ctrl2002.codfw.wmnet with OS bullseye executed with errors:

  • wikikube-ctrl2002 (FAIL)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details,You can also try typing "install-console" wikikube-ctrl2002.codfw.wmnet to get a root shellbut depending on the failure this may not work.
ops-monitoring-bot added a comment.May 21 2024, 5:09 PM

Cookbook cookbooks.sre.hosts.reimage was started by hnowlan@cumin1002 for host wikikube-ctrl2002.codfw.wmnet with OS bullseye

ops-monitoring-bot added a comment.May 21 2024, 5:23 PM

Cookbook cookbooks.sre.hosts.reimage started by hnowlan@cumin1002 for host wikikube-ctrl1001.eqiad.wmnet with OS bullseye executed with errors:

  • wikikube-ctrl1001 (FAIL)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details,You can also try typing "install-console" wikikube-ctrl1001.eqiad.wmnet to get a root shellbut depending on the failure this may not work.
ops-monitoring-bot added a comment.May 21 2024, 5:24 PM

Cookbook cookbooks.sre.hosts.reimage started by hnowlan@cumin1002 for host wikikube-ctrl2002.codfw.wmnet with OS bullseye executed with errors:

  • wikikube-ctrl2002 (FAIL)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • The reimage failed, see the cookbook logs for the details,You can also try typing "install-console" wikikube-ctrl2002.codfw.wmnet to get a root shellbut depending on the failure this may not work.
ops-monitoring-bot added a comment.May 21 2024, 5:25 PM

Cookbook cookbooks.sre.hosts.reimage was started by hnowlan@cumin1002 for host wikikube-ctrl2002.codfw.wmnet with OS bullseye

ops-monitoring-bot added a comment.May 21 2024, 6:01 PM

Cookbook cookbooks.sre.hosts.reimage started by hnowlan@cumin1002 for host wikikube-ctrl1002.eqiad.wmnet with OS bullseye completed:

  • wikikube-ctrl1002 (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • Host up (Debian installer)
    • Add puppet_version metadata to Debian installer
    • Checked BIOS boot parameters are back to normal
    • Host up (new fresh bullseye OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202405211741_hnowlan_1687876_wikikube-ctrl1002.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
    • Updated Netbox status planned -> active
    • The sre.puppet.sync-netbox-hiera cookbook was run successfully
ops-monitoring-bot added a comment.May 21 2024, 6:02 PM

Cookbook cookbooks.sre.hosts.reimage started by hnowlan@cumin1002 for host wikikube-ctrl2002.codfw.wmnet with OS bullseye completed:

  • wikikube-ctrl2002 (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • Host up (Debian installer)
    • Add puppet_version metadata to Debian installer
    • Checked BIOS boot parameters are back to normal
    • Host up (new fresh bullseye OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202405211743_hnowlan_1699808_wikikube-ctrl2002.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
    • Updated Netbox status planned -> active
    • The sre.puppet.sync-netbox-hiera cookbook was run successfully
ops-monitoring-bot added a comment.May 21 2024, 6:04 PM

Cookbook cookbooks.sre.hosts.reimage was started by hnowlan@cumin1002 for host wikikube-ctrl1001.eqiad.wmnet with OS bullseye

ops-monitoring-bot added a comment.May 21 2024, 6:14 PM

Cookbook cookbooks.sre.hosts.reimage started by hnowlan@cumin1002 for host wikikube-ctrl1003.eqiad.wmnet with OS bullseye completed:

  • wikikube-ctrl1003 (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • Host up (Debian installer)
    • Add puppet_version metadata to Debian installer
    • Checked BIOS boot parameters are back to normal
    • Host up (new fresh bullseye OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202405211757_hnowlan_1692042_wikikube-ctrl1003.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
    • Updated Netbox status planned -> active
    • The sre.puppet.sync-netbox-hiera cookbook was run successfully
ops-monitoring-bot added a comment.May 21 2024, 6:39 PM

Cookbook cookbooks.sre.hosts.reimage started by hnowlan@cumin1002 for host wikikube-ctrl1001.eqiad.wmnet with OS bullseye completed:

  • wikikube-ctrl1001 (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • Host up (Debian installer)
    • Add puppet_version metadata to Debian installer
    • Checked BIOS boot parameters are back to normal
    • Host up (new fresh bullseye OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202405211822_hnowlan_1709925_wikikube-ctrl1001.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
    • Updated Netbox status planned -> active
    • The sre.puppet.sync-netbox-hiera cookbook was run successfully
gerritbot added a comment.May 22 2024, 8:50 AM

Change #1034444 merged by Hnowlan:

[operations/dns@master] Add wikikube-ctrl2001 to server SRV record for etcd

https://gerrit.wikimedia.org/r/1034444

gerritbot added a comment.May 22 2024, 8:59 AM

Change #1034449 merged by Hnowlan:

[operations/puppet@production] Add wikikube-ctrl200[1-3] as master_stacked

https://gerrit.wikimedia.org/r/1034449

gerritbot added a comment.May 22 2024, 9:06 AM

Change #1034849 had a related patch set uploaded (by JMeybohm; author: JMeybohm):

[operations/puppet@production] Add wikikube-ctrl2002 as master_stacked

https://gerrit.wikimedia.org/r/1034849

gerritbot added a comment.May 22 2024, 9:06 AM

Change #1034850 had a related patch set uploaded (by JMeybohm; author: JMeybohm):

[operations/puppet@production] Add wikikube-ctrl2003 as master_stacked

https://gerrit.wikimedia.org/r/1034850

gerritbot added a comment.May 22 2024, 9:37 AM

Change #1034853 had a related patch set uploaded (by Cathal Mooney; author: Cathal Mooney):

[operations/software/homer/deploy@master] Add wikikube-ctrl to Homer wmf plugin to assign to k8s BGP group

https://gerrit.wikimedia.org/r/1034853

gerritbot added a comment.May 22 2024, 9:58 AM

Change #1034853 merged by Cathal Mooney:

[operations/software/homer/deploy@master] Add wikikube-ctrl to Homer wmf plugin to assign to k8s BGP group

https://gerrit.wikimedia.org/r/1034853

cmooney mentioned this in rOSHP75f2f67b9dc2: Add wikikube-ctrl to Homer wmf plugin to assign to k8s BGP group.May 22 2024, 9:58 AM
Stashbot added a comment.May 22 2024, 10:00 AM

Mentioned in SAL (#wikimedia-operations) [2024-05-22T10:00:28Z] <cmooney@cumin1002> START - Cookbook sre.deploy.python-code homer to cumin2002.codfw.wmnet,cumin1002.eqiad.wmnet with reason: Release v0.6.5 update to hostname to bgp group mappings - cmooney@cumin1002 - T353464

ops-monitoring-bot added a comment.May 22 2024, 10:02 AM

Deployed homer to cumin2002.codfw.wmnet,cumin1002.eqiad.wmnet with reason: Release v0.6.5 update to hostname to bgp group mappings - cmooney@cumin1002 - T353464

Stashbot added a comment.May 22 2024, 10:02 AM

Mentioned in SAL (#wikimedia-operations) [2024-05-22T10:02:08Z] <cmooney@cumin1002> END (PASS) - Cookbook sre.deploy.python-code (exit_code=0) homer to cumin2002.codfw.wmnet,cumin1002.eqiad.wmnet with reason: Release v0.6.5 update to hostname to bgp group mappings - cmooney@cumin1002 - T353464

gerritbot added a comment.May 22 2024, 10:11 AM

Change #1034445 merged by Hnowlan:

[operations/dns@master] Add wikikube-ctrl2002 to server SRV record for etcd

https://gerrit.wikimedia.org/r/1034445

gerritbot added a comment.May 22 2024, 10:13 AM

Change #1034849 merged by Hnowlan:

[operations/puppet@production] Add wikikube-ctrl2002 as master_stacked

https://gerrit.wikimedia.org/r/1034849

gerritbot added a comment.May 22 2024, 10:42 AM

Change #1034446 merged by Hnowlan:

[operations/dns@master] Add wikikube-ctrl2003 to server SRV record for etcd

https://gerrit.wikimedia.org/r/1034446

gerritbot added a comment.May 22 2024, 10:45 AM

Change #1034850 merged by Hnowlan:

[operations/puppet@production] Add wikikube-ctrl2003 as master_stacked

https://gerrit.wikimedia.org/r/1034850

hnowlan subscribed.May 22 2024, 11:04 AM

All codfw wikikube-ctrl nodes are operational

jijiki subscribed.May 23 2024, 9:18 AM
hnowlan mentioned this in T365711: Relabel eqiad Kubernetes hosts .May 23 2024, 1:26 PM
hnowlan mentioned this in T365712: Relabel codfw Kubernetes hosts .May 23 2024, 1:30 PM
gerritbot added a comment.May 28 2024, 10:27 AM

Change #1036615 had a related patch set uploaded (by Effie Mouzeli; author: Effie Mouzeli):

[operations/puppet@production] Add wikikube-ctrl100[1-3] as master_stacked 2

https://gerrit.wikimedia.org/r/1036615

gerritbot added a comment.May 28 2024, 10:45 AM

Change #1036621 had a related patch set uploaded (by Effie Mouzeli; author: Effie Mouzeli):

[operations/dns@master] Add wikikube-ctrl1001 to server SRV record for etcd 1

https://gerrit.wikimedia.org/r/1036621

gerritbot added a comment.May 28 2024, 10:45 AM

Change #1036622 had a related patch set uploaded (by Effie Mouzeli; author: Effie Mouzeli):

[operations/dns@master] Add wikikube-ctrl1002 to server SRV record for etcd 3

https://gerrit.wikimedia.org/r/1036622

gerritbot added a comment.May 28 2024, 10:45 AM

Change #1036623 had a related patch set uploaded (by Effie Mouzeli; author: Effie Mouzeli):

[operations/dns@master] Add wikikube-ctrl1003 to server SRV record for etcd 4

https://gerrit.wikimedia.org/r/1036623

gerritbot added a comment.May 28 2024, 11:09 AM

Change #1036621 merged by Effie Mouzeli:

[operations/dns@master] Add wikikube-ctrl1001 to server SRV record for etcd 1

https://gerrit.wikimedia.org/r/1036621

gerritbot added a comment.May 28 2024, 11:14 AM

Change #1036615 merged by Effie Mouzeli:

[operations/puppet@production] Add wikikube-ctrl100[1-3] as master_stacked 2

https://gerrit.wikimedia.org/r/1036615

gerritbot added a comment.May 28 2024, 12:16 PM

Change #1036622 merged by Effie Mouzeli:

[operations/dns@master] Add wikikube-ctrl1002 to server SRV record for etcd 3

https://gerrit.wikimedia.org/r/1036622

gerritbot added a comment.May 30 2024, 9:55 AM

Change #1036623 merged by Effie Mouzeli:

[operations/dns@master] Add wikikube-ctrl1003 to server SRV record for etcd 4

https://gerrit.wikimedia.org/r/1036623

Stashbot added a comment.May 30 2024, 10:07 AM

Mentioned in SAL (#wikimedia-operations) [2024-05-30T10:07:57Z] <effie> add wikikube-ctrl1003 to etcd and run puppet - T353464

jijiki closed subtask T365499: update idrac firmware on wikikube-ctrl1001 as Resolved.May 30 2024, 10:46 AM
jijiki added a subtask: T366205: codfw:(3) wikikube-ctrl NIC upgrade to 10G.
jijiki added a subtask: T366204: eqiad:(3) wikikube-ctrl NIC upgrade to 10G.
jijiki added a comment.May 30 2024, 10:49 AM

Current status:

eqiad and codfw:

  • (baremetal) wikikube-ctrl hosts are in production as stacked masters
    • have joined the etcd cluster
    • are labeled as kubernetes masters
    • have BGP enabled
    • pending 10G NIC upgrade T366204 and T366205
  • (VMs) kubemasters are still in production
    • will be decommed after T366204 and T366205 and we are sure everything is stable
jijiki changed the task status from Open to Stalled.May 30 2024, 10:50 AM
jijiki reassigned this task from JMeybohm to hnowlan.
jijiki updated the task description. (Show Details)
jijiki updated Other Assignee, added: jijiki.
JMeybohm added a comment.Jun 3 2024, 11:20 AM
In T353464#9845947, @jijiki wrote:

Current status:

As I see it we're currently also still running the ganeti etcd instances in codfw and eqiad which I think does limit the performance of the etcd cluster by quite a bit. Was it a deliberate decision to not remove them?

CDanis added a comment.Jun 3 2024, 1:20 PM
In T353464#9854420, @JMeybohm wrote:
In T353464#9845947, @jijiki wrote:

Current status:

As I see it we're currently also still running the ganeti etcd instances in codfw and eqiad which I think does limit the performance of the etcd cluster by quite a bit. Was it a deliberate decision to not remove them?

I think more that we ran out of time to make changes last week. Removing them from the etcd cluster ahead of time seems fine to me, at least.

jijiki added a comment.EditedJun 3 2024, 1:23 PM
In T353464#9854751, @CDanis wrote:
In T353464#9854420, @JMeybohm wrote:
In T353464#9845947, @jijiki wrote:

Current status:

As I see it we're currently also still running the ganeti etcd instances in codfw and eqiad which I think does limit the performance of the etcd cluster by quite a bit. Was it a deliberate decision to not remove them?

I think more that we ran out of time to make changes last week. Removing them from the etcd cluster ahead of time seems fine to me, at least.

Any objections to wait for T366204 and T366205 to be completed before we remove the ganeti VMs?

While I you re probably right, I think it is feels slightly easier to just get rid of the old stuff all at once, logistically

JMeybohm added a comment.Jun 3 2024, 2:29 PM
In T353464#9854759, @jijiki wrote:
In T353464#9854751, @CDanis wrote:
In T353464#9854420, @JMeybohm wrote:
In T353464#9845947, @jijiki wrote:

Current status:

As I see it we're currently also still running the ganeti etcd instances in codfw and eqiad which I think does limit the performance of the etcd cluster by quite a bit. Was it a deliberate decision to not remove them?

I think more that we ran out of time to make changes last week. Removing them from the etcd cluster ahead of time seems fine to me, at least.

Any objections to wait for T366204 and T366205 to be completed before we remove the ganeti VMs?

While I you re probably right, I think it is feels slightly easier to just get rid of the old stuff all at once, logistically

Yeah, right. As the old control planes won't be able to connect to the etcd instances on wikikube-ctrl* in the current state, we would need to reconfigure the firewall at least. Also using the etcd instances on wikikube-ctrl* from the kubemaster VM's would add additional TX. So fine by me keeping them until the 10G NICs are ready.

Raine closed subtask T366204: eqiad:(3) wikikube-ctrl NIC upgrade to 10G as Resolved.Jun 14 2024, 8:18 AM
jijiki changed the task status from Stalled to In Progress.Jun 19 2024, 1:36 PM
Raine closed subtask T366205: codfw:(3) wikikube-ctrl NIC upgrade to 10G as Resolved.Jun 21 2024, 10:33 AM
jijiki added a comment.Jun 26 2024, 2:21 PM

Unless something else pops up, we shall be retiring the old hosts (aka the VMs) next week

JMeybohm added a comment.Jun 27 2024, 8:53 AM
In T353464#9926653, @jijiki wrote:

Unless something else pops up, we shall be retiring the old hosts (aka the VMs) next week

If something else pops up, please let me know and I can take care of this

ops-monitoring-bot added a comment.Jul 2 2024, 9:48 AM

Icinga downtime and Alertmanager silence (ID=59cc19c2-5b6b-4d0a-81ef-1bd409efc10c) set by jiji@cumin1002 for 2 days, 0:00:00 on 2 host(s) and their services with reason: decom

kubemaster[2001-2002].codfw.wmnet
gerritbot added a comment.Jul 2 2024, 10:39 AM

Change #1051321 had a related patch set uploaded (by Effie Mouzeli; author: Effie Mouzeli):

[operations/puppet@production] kubernetes: retire kubemaster200[1-2]

https://gerrit.wikimedia.org/r/1051321

gerritbot added a comment.Jul 2 2024, 10:47 AM

Change #1051323 had a related patch set uploaded (by Effie Mouzeli; author: Effie Mouzeli):

[operations/puppet@production] kubernetes: retire kubemaster100[1-2] in eqiad

https://gerrit.wikimedia.org/r/1051323

gerritbot added a comment.Jul 2 2024, 10:48 AM

Change #1051321 merged by Effie Mouzeli:

[operations/puppet@production] kubernetes: retire kubemaster200[1-2] in codfw

https://gerrit.wikimedia.org/r/1051321

ops-monitoring-bot added a comment.Jul 2 2024, 11:11 AM

cookbooks.sre.hosts.decommission executed by jiji@cumin1002 for hosts: kubemaster[2001-2002].codfw.wmnet

  • kubemaster2001.codfw.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster codfw to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster codfw to Netbox
  • kubemaster2002.codfw.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster codfw to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster codfw to Netbox
Stashbot added a comment.Jul 2 2024, 12:44 PM

Mentioned in SAL (#wikimedia-operations) [2024-07-02T12:44:20Z] <effie> decom eqiad old kubemasters - T353464

ops-monitoring-bot added a comment.Jul 2 2024, 12:46 PM

Icinga downtime and Alertmanager silence (ID=2aa77d1f-f420-475b-8769-b2c46d51c3fe) set by jiji@cumin1002 for 2 days, 0:00:00 on 2 host(s) and their services with reason: decom

kubemaster[1001-1002].eqiad.wmnet
ops-monitoring-bot added a comment.Jul 2 2024, 1:21 PM

cookbooks.sre.hosts.decommission executed by jiji@cumin1002 for hosts: kubemaster[1001-1002].eqiad.wmnet

  • kubemaster1001.eqiad.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster eqiad to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster eqiad to Netbox
  • kubemaster1002.eqiad.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster eqiad to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster eqiad to Netbox
gerritbot added a comment.Jul 2 2024, 1:29 PM

Change #1051323 merged by Effie Mouzeli:

[operations/puppet@production] kubernetes: retire kubemaster100[1-2] in eqiad

https://gerrit.wikimedia.org/r/1051323

gerritbot added a comment.Jul 2 2024, 1:42 PM

Change #1051365 had a related patch set uploaded (by Effie Mouzeli; author: Effie Mouzeli):

[operations/puppet@production] cumin: fix kube-master aliases

https://gerrit.wikimedia.org/r/1051365

ops-monitoring-bot added a comment.Jul 2 2024, 2:12 PM

Icinga downtime and Alertmanager silence (ID=53db6080-f00f-4a86-ae49-cafba7047a9d) set by jiji@cumin1002 for 2 days, 0:00:00 on 6 host(s) and their services with reason: decom

kubetcd[2004-2006].codfw.wmnet,kubetcd[1004-1006].eqiad.wmnet
gerritbot added a comment.Jul 2 2024, 2:16 PM

Change #1051380 had a related patch set uploaded (by Effie Mouzeli; author: Effie Mouzeli):

[operations/dns@master] Remove kubetcd100 from etcd SRV records

https://gerrit.wikimedia.org/r/1051380

gerritbot added a comment.Jul 2 2024, 2:34 PM

Change #1051380 merged by Effie Mouzeli:

[operations/dns@master] Remove kubetcd* from etcd SRV records (eqiad+codfw)

https://gerrit.wikimedia.org/r/1051380

ops-monitoring-bot added a comment.Jul 2 2024, 2:51 PM

cookbooks.sre.hosts.decommission executed by jiji@cumin1002 for hosts: kubetcd[1004-1006].eqiad.wmnet

  • kubetcd1004.eqiad.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster eqiad to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster eqiad to Netbox
  • kubetcd1005.eqiad.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster eqiad to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster eqiad to Netbox
  • kubetcd1006.eqiad.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster eqiad to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster eqiad to Netbox
ops-monitoring-bot added a comment.Jul 2 2024, 3:05 PM

cookbooks.sre.hosts.decommission executed by jiji@cumin1002 for hosts: kubetcd[2004-2006].codfw.wmnet

  • kubetcd2004.codfw.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster codfw to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster codfw to Netbox
  • kubetcd2005.codfw.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster codfw to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster codfw to Netbox
  • kubetcd2006.codfw.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster codfw to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster codfw to Netbox
jijiki closed this task as Resolved.Jul 2 2024, 3:08 PM

This is done, please reopen should something went wrong. Tx @JMeybohm for the excellent docs

gerritbot added a comment.Jul 3 2024, 7:31 AM

Change #1051678 had a related patch set uploaded (by JMeybohm; author: JMeybohm):

[operations/puppet@production] kubernetes: Remove etcd_urls from wikikube clusters

https://gerrit.wikimedia.org/r/1051678

CDanis mentioned this in T366094: k8s master capacity issues.Jul 3 2024, 5:41 PM
gerritbot added a comment.Jul 4 2024, 9:29 AM

Change #1051365 merged by Effie Mouzeli:

[operations/puppet@production] cumin: fix kube-master aliases

https://gerrit.wikimedia.org/r/1051365

gerritbot added a comment.Jul 8 2024, 8:49 AM

Change #1034447 abandoned by JMeybohm:

[operations/dns@master] Remove kubetcd200[4-6] from etcd SRV records

Reason:

has been done in a different CR

https://gerrit.wikimedia.org/r/1034447

gerritbot added a comment.Jul 9 2024, 9:46 AM

Change #1052933 had a related patch set uploaded (by Alexandros Kosiaris; author: Alexandros Kosiaris):

[operations/puppet@production] Remove role::etcd::v3::kubernetes and hosts

https://gerrit.wikimedia.org/r/1052933

gerritbot added a comment.Jul 9 2024, 2:39 PM

Change #1052933 merged by Alexandros Kosiaris:

[operations/puppet@production] Remove role::etcd::v3::kubernetes and hosts

https://gerrit.wikimedia.org/r/1052933

gerritbot added a comment.Jul 9 2024, 2:56 PM

Change #1051678 abandoned by JMeybohm:

[operations/puppet@production] kubernetes: Remove etcd_urls from wikikube clusters

Reason:

now done in I6ae65c2ba04f4ea50d60f2314c7b6727c855d987

https://gerrit.wikimedia.org/r/1051678

gerritbot added a comment.Sep 18 2024, 5:40 PM

Change #1073857 had a related patch set uploaded (by JMeybohm; author: JMeybohm):

[operations/puppet@production] wikikube: Remove remaining hiera files and role for non stacked masters

https://gerrit.wikimedia.org/r/1073857

gerritbot added a comment.Sep 19 2024, 9:41 AM

Change #1073857 merged by JMeybohm:

[operations/puppet@production] wikikube: Remove remaining hiera files and role for non stacked masters

https://gerrit.wikimedia.org/r/1073857

akosiaris mentioned this in T375842: decommission mw[1349-1413].Sep 27 2024, 2:13 PM
akosiaris added a comment.Oct 9 2024, 11:37 AM

Noting that in Q3 FY24-25, that is the quarter starting on January 2025, we 'll be refreshing mw[2291-2376], which includes wikikube-ctrl2001 and wikikube-ctrl2001

akosiaris updated the task description. (Show Details)Oct 9 2024, 11:38 AM
gerritbot added a comment.Oct 16 2024, 10:17 AM

Change #1080584 had a related patch set uploaded (by JMeybohm; author: JMeybohm):

[operations/puppet@production] role::etcd::v3::kubernetes is no more

https://gerrit.wikimedia.org/r/1080584

gerritbot added a comment.Oct 16 2024, 10:20 AM

Change #1080585 had a related patch set uploaded (by JMeybohm; author: JMeybohm):

[operations/puppet@production] kubernetes::master_stacked: Limit etcd access to localhost

https://gerrit.wikimedia.org/r/1080585

gerritbot added a comment.Oct 16 2024, 12:04 PM

Change #1080584 merged by JMeybohm:

[operations/puppet@production] role::etcd::v3::kubernetes is no more

https://gerrit.wikimedia.org/r/1080584

gerritbot added a comment.Oct 16 2024, 12:04 PM

Change #1080585 merged by JMeybohm:

[operations/puppet@production] kubernetes::master_stacked: Limit etcd access to localhost

https://gerrit.wikimedia.org/r/1080585

akosiaris mentioned this in T383227: decommission mw135[8-9], mw136[4-6], mw137[2-3], mw140[0-4], mw1406, mw14[11-13].Jan 8 2025, 1:55 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits