Page MenuHomePhabricator
Create Task
Maniphest T358559

Switchover gitlab replica (gitlab1004 -> gitlab1003) - March 2024
Closed, ResolvedPublicDesign
Actions

Description

GitLab replica will be switched in preparation for the March 2024 Datacenter Switchover. This task tracks the failover of the GitLab replica from gitlab1004 to gitlab1003.

Docs: https://wikitech.wikimedia.org/wiki/GitLab/Failover
Time: 2024-03-11

Checklist:

Preparations before downtime:

  • prepare change to set profile::gitlab::service_name: 'gitlab.wikimedia.org' on gitlab1003, set gitlab1003 as profile::gitlab::active_host:, and set profile::gitlab::service_name: 'gitlab-replica-old.wikimedia.org on gitlab1004 (<patch link>)
  • Prepare change to point DNS entry for gitlab.wikimedia.org to gitlab1003, and gitlab-replica-old.wikimedia.org to gitlab1004 (<patch link>)
  • apply gitlab-settings to gitlab1003 and gitlab1004 (<patch link>)
  • announce downtime some days ahead on ops/releng list/broadcast message
  • run a failover backup on the source host one day in advance sudo /srv/gitlab-backup/gitlab-backup.sh failover

Scheduled downtime:

  • Announce downtime in #wikimedia-gitlab
  • Start gitlab failover cookbook on the cumin host with cookbook sre.gitlab.failover --switch-from gitlab1004 --switch-to gitlab1003 -t <ticket id>
  • When prompted, merge the puppet change prepared above
  • When prompted, merge the DNS change prepared above and run `authdns-update on the DNS master, following the DNS update instructions
  • ~Update https://wikitech.wikimedia.org/wiki/GitLab to reflect the new reality ~
  • ~Announce end of downtime~

Falling back to manual steps:

If, for some reason, the cookbook cannot be used, the manual steps for failing over can be used here:

  • Announce downtime in #wikimedia-gitlab
  • pause all GitLab Runners (gitlab-settings ./runners active | tee active.txt && ./runners pause < active.txt)
  • downtime gitlab1004 sudo cookbook sre.hosts.downtime -r "Running failover to gitlab1003 - <ticket id>" -M 120 'gitlab1004.wikimedia.org'
  • stop puppet on gitlab1004 with sudo disable-puppet "Running failover to gitlab1003 - <ticket id>"
  • stop GitLab on gitlab1004 with gitlab-ctl stop nginx
  • stop ssh-gitlab daemon on gitlab1004 with systemctl stop ssh-gitlab
  • create full backup on gitlab1004 with /usr/bin/gitlab-backup create CRON=1 GZIP_RSYNCABLE="true" GITLAB_BACKUP_MAX_CONCURRENCY="4" GITLAB_BACKUP_MAX_STORAGE_CONCURRENCY="1"
  • sync backup, on gitlab1004 run /usr/bin/rsync -avp /srv/gitlab-backup/ rsync://gitlab1003.wikimedia.org/data-backup
  • merge change to set profile::gitlab::service_name: 'gitlab.wikimedia.org' on gitlab1003 and run puppet
  • trigger restore on gitlab1003 run sudo systemctl start backup-restore.service (for logs, run journalctl -f -u backup-restore.service)
  • merge change to point DNS entry for gitlab.wikimedia.org to gitlab1003 gitlab-replica-old.wikimedia.org to gitlab1004
  • verify installation
  • enable puppet on gitlab1004 with sudo run-puppet-agent -e "Running failover to gitlab1003 - <ticket id>"
  • start ssh-gitlab daemon on gitlab1004 with systemctl start ssh-gitlab
  • unpause all GitLab Runners (gitlab-settings ./runners unpause < active.txt)
  • announce end of downtime

Details

SubjectRepoBranchLines +/-
[gitlab] Failover test of gitlab replica hostsoperations/dnsmaster+8 -8
[gitlab] Move backup script locking out of main script rootoperations/puppetproduction+5 -1
[gitlab] Switch gitlab-replica from gitlab1004 to gitlab1003operations/puppetproduction+2 -2
[gitlab] Fix progress_bars parameter (should be print_progress_bars)operations/cookbooksmaster+4 -4
[gitlab] Failover test of gitlab replica hostsoperations/puppetproduction+2 -2
Customize query in gerrit
TitleReferenceAuthorSource BranchDest Branch
[gitlab] Failover test of gitlab replica hostsrepos/releng/gitlab-settings!58eoghaneoghan/T358559main
Customize query in GitLab

Related Objects
Search...

Event Timeline

LSobanski created this task.Feb 27 2024, 9:15 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 27 2024, 9:15 AM
LSobanski renamed this task from Switchover gitlab (<old host> -> <new host>) - <month> <year> to Switchover gitlab replica (gitlab1004 -> gitlab1003) - March 2024.Feb 27 2024, 10:51 AM
LSobanski updated the task description. (Show Details)
LSobanski added a parent task: T357547: ☂️ Northward Datacentre Switchover (March 2024) .Feb 27 2024, 12:09 PM
LSobanski assigned this task to eoghan.Mar 4 2024, 4:26 PM
LSobanski triaged this task as Medium priority.
LSobanski updated the task description. (Show Details)
LSobanski moved this task from Incoming to Backlog on the collaboration-services board.
gerritbot added a comment.Mar 6 2024, 4:31 PM

Change 1009298 had a related patch set uploaded (by EoghanGaffney; author: EoghanGaffney):

[operations/puppet@production] [gitlab] Failover test of gitlab replica hosts

https://gerrit.wikimedia.org/r/1009298

gerritbot added a project: Patch-For-Review.Mar 6 2024, 4:31 PM
gerritbot added a comment.Mar 6 2024, 4:35 PM

Change 1009300 had a related patch set uploaded (by EoghanGaffney; author: EoghanGaffney):

[operations/dns@master] [gitlab] Failover test of gitlab replica hosts

https://gerrit.wikimedia.org/r/1009300

eoghan updated the task description. (Show Details)Mar 6 2024, 4:43 PM
eoghan moved this task from Backlog to Work in Progress on the collaboration-services board.Mar 11 2024, 11:08 AM
LSobanski mentioned this in T359826: SystemdUnitFailed - gitlab1004.Mar 11 2024, 6:02 PM
ops-monitoring-bot added a comment.Mar 12 2024, 12:26 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) started

Dzahn mentioned this in T359875: SystemdUnitFailed - gitlab2002.Mar 12 2024, 1:06 PM
eoghan updated the task description. (Show Details)Mar 12 2024, 1:09 PM
gerritbot added a comment.Mar 12 2024, 2:52 PM

Change 1009298 merged by EoghanGaffney:

[operations/puppet@production] [gitlab] Failover test of gitlab replica hosts

https://gerrit.wikimedia.org/r/1009298

ops-monitoring-bot added a comment.Mar 12 2024, 2:55 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) encountered errors. Rollback started

gerritbot added a comment.Mar 12 2024, 4:20 PM

Change 1010559 had a related patch set uploaded (by EoghanGaffney; author: EoghanGaffney):

[operations/cookbooks@master] [gitlab] Fix progress_bars parameter (should be print_progress_bars)

https://gerrit.wikimedia.org/r/1010559

gerritbot added a comment.Mar 21 2024, 10:58 AM

Change 1010559 merged by jenkins-bot:

[operations/cookbooks@master] [gitlab] Fix progress_bars parameter (should be print_progress_bars)

https://gerrit.wikimedia.org/r/1010559

gerritbot added a comment.Mar 21 2024, 4:40 PM

Change #1013339 had a related patch set uploaded (by EoghanGaffney; author: EoghanGaffney):

[operations/puppet@production] [gitlab] Switch gitlab-replica from gitlab1004 to gitlab1003

https://gerrit.wikimedia.org/r/1013339

ops-monitoring-bot added a comment.Mar 22 2024, 12:44 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) started

ops-monitoring-bot added a comment.Mar 22 2024, 2:35 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) encountered errors. Rollback started

ops-monitoring-bot added a comment.Mar 22 2024, 2:35 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) started

ops-monitoring-bot added a comment.Mar 22 2024, 2:35 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) encountered errors. Rollback started

ops-monitoring-bot added a comment.Mar 22 2024, 2:37 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) started

ops-monitoring-bot added a comment.Mar 22 2024, 2:37 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) encountered errors. Rollback started

ops-monitoring-bot added a comment.Mar 22 2024, 2:40 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) started

gerritbot added a comment.Mar 22 2024, 5:01 PM

Change #1013339 merged by EoghanGaffney:

[operations/puppet@production] [gitlab] Switch gitlab-replica from gitlab1004 to gitlab1003

https://gerrit.wikimedia.org/r/1013339

ops-monitoring-bot added a comment.Mar 22 2024, 5:06 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) encountered errors. Rollback started

ops-monitoring-bot added a comment.Mar 22 2024, 5:25 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) encountered errors. Rollback completed

gerritbot added a comment.Mar 22 2024, 5:31 PM

Change #1013585 had a related patch set uploaded (by EoghanGaffney; author: EoghanGaffney):

[operations/puppet@production] [gitlab] Move backup script locking out of main script root

https://gerrit.wikimedia.org/r/1013585

Dzahn mentioned this in T360813: SystemdUnitFailed - gitlab1003 - backup-restore.Mar 22 2024, 7:19 PM
gerritbot added a comment.Mar 25 2024, 2:14 PM

Change #1013585 merged by EoghanGaffney:

[operations/puppet@production] [gitlab] Move backup script locking out of main script root

https://gerrit.wikimedia.org/r/1013585

ops-monitoring-bot added a comment.Mar 25 2024, 2:40 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) started

ops-monitoring-bot added a comment.Mar 25 2024, 2:41 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) encountered errors. Rollback started

ops-monitoring-bot added a comment.Mar 25 2024, 3:00 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) started

ops-monitoring-bot added a comment.Mar 25 2024, 3:00 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) encountered errors. Rollback started

ops-monitoring-bot added a comment.Mar 25 2024, 3:02 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) started

gerritbot added a comment.Mar 25 2024, 6:40 PM

Change #1009300 merged by EoghanGaffney:

[operations/dns@master] [gitlab] Failover test of gitlab replica hosts

https://gerrit.wikimedia.org/r/1009300

ops-monitoring-bot added a comment.Mar 25 2024, 6:44 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1004.wikimedia.org to gitlab1003.wikimedia.org) encountered errors. Rollback started

eoghan updated the task description. (Show Details)Mar 25 2024, 10:44 PM
eoghan added a comment.Mar 25 2024, 10:47 PM

The cookbook completed successfully, however it registered a failure because the final puppet run was blocked by a cron job. I've rectified this in another patch to the failover cookbook

ops-monitoring-bot added a comment.Apr 9 2024, 3:16 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1003.wikimedia.org to gitlab1004.wikimedia.org) started

ops-monitoring-bot added a comment.Apr 9 2024, 6:56 PM

Cookbook cookbooks.sre.gitlab.failover (Failover of gitlab from gitlab1003.wikimedia.org to gitlab1004.wikimedia.org) finished

eoghan added a comment.Apr 9 2024, 11:00 PM

We'll need a maintenance window of around 4 hours, and we'll use most of it.

We did another switchover of the replica instances today, here's the rough timelines:

  • Initial backup: 1 hour, 57 minutes
  • rsync transfer: 22 minutes
  • gitlab restore: 53 minutes

This brings us to approximately 3 hours 15 minutes, and that's before the puppet runs, waiting for DNS changes to propagate, etc. Conservatively, and if we're quick to interact at all steps, we'll need 3.5 hours. I don't think we'll need much more, but we certainly won't need much less.

I suggest a 4 hour window, in two weeks to do the transfer. If we're in agreement, I'll start sending notices on Thursday, and perform the maintenance on Thursday 25th April.

LSobanski mentioned this in T362208: SystemdUnitFailed - gitlab2002.Apr 10 2024, 7:14 AM
eoghan closed this task as Resolved.Apr 12 2024, 1:50 PM

The switchover of the replicas completed successfully.

LSobanski mentioned this in T358567: Switchover gitlab (gitlab2002 -> gitlab1003) - March 2024.Apr 12 2024, 5:03 PM
LSobanski mentioned this in T362334: SystemdUnitFailed - gitlab - backup-restore.Apr 12 2024, 5:05 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL