Page MenuHomePhabricator

Request access to servers Dcops group
Open, MediumPublic

Description

Opening this task to address access requests so Dcops group can perform day to day duties

Would like to be able to ssh each server to assist in troubleshooting servers

dmidecode
nvme
smartctl
edac-util
mdadm
dmesg
ledctl

context:
IF historically has been working on reducing the number of people with global root-level access see: [T244840] and [T289779]. Additional considerations for added security controls for SRE edge cases exist [T299989].

Event Timeline

Jclark-ctr triaged this task as Medium priority.Mar 18 2024, 5:37 PM
jcrespo subscribed.

I am going to remove the SRE-Access-Requests because, while it is indeed an access request, it is not immediately actionable by people on clinic duty, but has to be discussed with the owners of the workflow (IF) + the rest of the SREs first on how exactly to provide it.

@Jclark-ctr is the main purpose of this gather debug information on the host?
If that's the case the simplest solution is to write a cookbook that gathers all that info for you and either print it on screen or add it to a task (sanitized by any sensitive information).
If this might work for you let me know which command line options we should run each tools with.

@Volans The main purpose is for gathering debug information I would prefer to grep mesg /log files instead of searching throughout entire output. Mdadm commands would allow us to one day rebuild failed software raids

Mdadm commands would allow us to one day rebuild failed software raids

That should be covered by T364540 no?

But isn't it simper to just grep in the output of a single cookbook as opposed to grep the output of multiple tools?

@Volans i also see this as a learning opportunity most of these are just logs. Some dcops members are very light on linux and we could be expanding knowledge and could be come more valuable members of the team. Although I do love cookbooks but sometimes they fail and would be nice if we could continue to teach and train coworkers