Page MenuHomePhabricator
Create Task
Maniphest T362128

Site: 1 VM for codfw1dev bitu deployment
Open, MediumPublic
Actions

Description

As we move account management off of wikitech, we need to do the same for the test/dev accounts managed by labtestwikitech. Because labtestwikitech uses a different ldap db from production, we need an equivalent bitu host to manage those accounts. I propose that the server itself be named 'idm2001-dev.codfw.wmnet' and the service endpoint be at 'cloudtestidm.wikimedia.org'

Cloud VPS Project Tested: already deployed in production
Site/Location: codfw
Number of systems: 1
Service: bitu (labtest)
Networking Requirements: internal
Processor Requirements: 2
Memory: 4 GB
Disks: 20 GB
Other Requirements:

Details

SubjectRepoBranchLines +/-
CloudIDM, Install Bitu for labtestoperations/puppetproduction+292 -1
P:idm Make some parameters optional.operations/puppetproduction+18 -12
Add dummy secrets for idmcloud role.labs/privatemaster+3 -0
R:idm, prepare for Bitu installation for labtestwikitech.operations/puppetproduction+8 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

Andrew created this task.Tue, Apr 9, 1:41 AM
Restricted Application added a project: cloud-services-team. · View Herald TranscriptTue, Apr 9, 1:41 AM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Andrew added a parent task: T360795: Set up a bitu instance for codfw1dev.Tue, Apr 9, 1:41 AM
Andrew updated the task description. (Show Details)
Andrew mentioned this in T360795: Set up a bitu instance for codfw1dev.Fri, Apr 12, 2:42 PM
MoritzMuehlenhoff subscribed.Mon, Apr 15, 12:54 PM

You don't need 4G of RAM, 2 should be perfectly fine.

Also, let's not use idm2001-dev, that's too confusin with the already existing IDM staging server. After all, this specifically for the cloud environment, so rather something like cloudidm2001-dev e.g.

MoritzMuehlenhoff triaged this task as Medium priority.Mon, Apr 15, 12:54 PM
MoritzMuehlenhoff added a subscriber: SLyngshede-WMF.
SLyngshede-WMF claimed this task.Mon, Apr 15, 12:55 PM
gerritbot added a comment.Tue, Apr 16, 7:08 AM

Change #1020085 had a related patch set uploaded (by Slyngshede; author: Slyngshede):

[operations/puppet@production] R:idm Prepare for Bitu installation for labtestwikitech.

https://gerrit.wikimedia.org/r/1020085

gerritbot added a project: Patch-For-Review.Tue, Apr 16, 7:08 AM
gerritbot added a comment.Tue, Apr 16, 7:23 AM

Change #1020085 merged by Slyngshede:

[operations/puppet@production] R:idm, prepare for Bitu installation for labtestwikitech.

https://gerrit.wikimedia.org/r/1020085

ops-monitoring-bot added a comment.Tue, Apr 16, 8:48 AM

Cookbook cookbooks.sre.hosts.reimage was started by slyngshede@cumin1002 for host cloudidm2001-dev.codfw.wmnet with OS bookworm

ops-monitoring-bot added a comment.Tue, Apr 16, 9:20 AM

Cookbook cookbooks.sre.hosts.reimage started by slyngshede@cumin1002 for host cloudidm2001-dev.codfw.wmnet with OS bookworm completed:

  • cloudidm2001-dev (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via gnt-instance
    • Host up (Debian installer)
    • Add puppet_version metadata to Debian installer
    • Set boot media to disk
    • Host up (new fresh bookworm OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202404160905_slyngshede_2920324_cloudidm2001-dev.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
    • Cleared switch DHCP cache and MAC table for the host IP and MAC (EVPN Switch)
gerritbot added a comment.Thu, Apr 18, 9:18 AM

Change #1021406 had a related patch set uploaded (by Slyngshede; author: Slyngshede):

[operations/puppet@production] CloudIDM, Install Bitu for labtest

https://gerrit.wikimedia.org/r/1021406

gerritbot added a comment.Thu, Apr 18, 1:24 PM

Change #1021472 had a related patch set uploaded (by Slyngshede; author: Slyngshede):

[labs/private@master] Add dummy secrets for idmcloud role.

https://gerrit.wikimedia.org/r/1021472

gerritbot added a comment.Thu, Apr 18, 2:18 PM

Change #1021472 merged by Slyngshede:

[labs/private@master] Add dummy secrets for idmcloud role.

https://gerrit.wikimedia.org/r/1021472

SLyngshede-WMF mentioned this in rLPRI540f04f2a13f: Add dummy secrets for idmcloud role..Thu, Apr 18, 2:21 PM
gerritbot added a comment.Fri, Apr 19, 8:43 AM

Change #1021866 had a related patch set uploaded (by Slyngshede; author: Slyngshede):

[operations/puppet@production] P:idm Make some parameters optional.

https://gerrit.wikimedia.org/r/1021866

gerritbot added a comment.Fri, Apr 19, 10:42 AM

Change #1021866 merged by Slyngshede:

[operations/puppet@production] P:idm Make some parameters optional.

https://gerrit.wikimedia.org/r/1021866

ABran-WMF closed subtask T362619: Database request for Bitu Cloud DEV installation as Resolved.Tue, Apr 30, 7:01 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL