Page MenuHomePhabricator
Create Task
Maniphest T365799

Revert back to fleet-wide acmechief config once all ACME consumers are on Puppet 7
Open, HighPublic
Actions

Description

We currently have separate acmechief installations for Puppet 5 and Puppet 7 (added via https://phabricator.wikimedia.org/T352242)

  • As such, the remaining Puppet 5 servers are configured to use acmechief1001 via the setting in hieradata/common.yaml
  • All the roles migrated to Puppet 7 (which is 90% at this time) have a role- or host-specific Hiera setting which points them to acmechief2002.

There are two remaining systems on Puppet 5 which are using an acme_chief::cert resource:

  • archiva1002
  • lists1001

Once those are on Puppet 7, we can:

  • Update hieradata/common.yaml to point to a Puppet 7 acmechief host
  • Remove the various role-specific overrides
  • Decom acmechief1001 and acmechief2001

Details

SubjectRepoBranchLines +/-
Remove acmechief annotations for Druid/Kafka rolesoperations/puppetproduction+0 -8
Remove acmechief annotations for Hadoopoperations/puppetproduction+0 -5
Remove acmechief annotations for remaining Collab rolesoperations/puppetproduction+0 -6
Remove acmechief annotations for gerritoperations/puppetproduction+0 -1
Remove acmechief annotations for dns/ncredir/durum/dohoperations/puppetproduction+0 -4
Remove acmechief annotations for backup rolesoperations/puppetproduction+0 -10
Remove acmechief annotations for misc rolesoperations/puppetproduction+0 -8
Remove acmechief annotations for remaining IF rolesoperations/puppetproduction+0 -12
Remove acmechief annotations for remaining WMCS rolesoperations/puppetproduction+0 -4
Remove acmechief annotations for remaining Traffic rolesoperations/puppetproduction+0 -4
Remove acmechief annotations for dumps rolesoperations/puppetproduction+0 -9
Remove acmechief annotations for memcached/redisoperations/puppetproduction+0 -5
Remove acmechief annotations for remaining Search rolesoperations/puppetproduction+0 -10
Remove acmechief annotations for Cassandra rolesoperations/puppetproduction+0 -4
Remove acmechief annotations for remaining o11y rolesoperations/puppetproduction+0 -10
Remove acmechief annotations for swift/cephoperations/puppetproduction+0 -9
Remove acmechief annotations for various DE rolesoperations/puppetproduction+0 -13
Remove acmechief annotations for LDAP rolesoperations/puppetproduction+0 -3
Switch acmechief1001/2001 to insetup::busteroperations/puppetproduction+2 -2
Remove acmechief annotations for cloudelasticoperations/puppetproduction+0 -1
Remove acmechief annotations for IDM/IDPoperations/puppetproduction+0 -5
Remove acmechief annotations for wikikubeoperations/puppetproduction+0 -8
Remove acmechief annotations for remaining WMCS rolesoperations/puppetproduction+0 -19
Remove acmechief annotations for orchestratoroperations/puppetproduction+0 -1
Remove acmechief annotations for icingaoperations/puppetproduction+0 -1
Remove acmechief annotations for archivaoperations/puppetproduction+0 -1
Remove acmechief annotations for MX hostsoperations/puppetproduction+0 -1
Remove acmechief annotations for remaining collab rolesoperations/puppetproduction+0 -6
Remove acmechief annotations for ML hostsoperations/puppetproduction+0 -8
Remove acmechief annotations for cachesoperations/puppetproduction+0 -2
Remove acmechief annotations for listsoperations/puppetproduction+0 -1
Remove acmechief annotations for various IF rolesoperations/puppetproduction+0 -9
Remove acmechief annotations for netmonoperations/puppetproduction+0 -1
Remove acmechief annotations for cloudlb/clouddumps/cloudservices-codfw1devoperations/puppetproduction+0 -3
Remove acmechief annotations for mirrorsoperations/puppetproduction+0 -1
Remove acmechief annotations for gitlaboperations/puppetproduction+1 -3
Remove acmechief annotations for apt hostsoperations/puppetproduction+0 -2
Remove acmechief annotations for mariadb hostsoperations/puppetproduction+0 -15
No longer refer to setting the acmechief hostsoperations/cookbooksmaster+0 -3
Default to use acmechief1002operations/puppetproduction+2 -2
Show related patches Customize query in gerrit

Related Objects
Search...

Event Timeline

MoritzMuehlenhoff created this task.May 24 2024, 10:47 AM
MoritzMuehlenhoff triaged this task as High priority.Mon, May 27, 2:28 PM
gerritbot added a comment.Wed, Jun 19, 8:35 AM

Change #1047443 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Default to use acmechief1002

https://gerrit.wikimedia.org/r/1047443

gerritbot added a project: Patch-For-Review.Wed, Jun 19, 8:35 AM
MoritzMuehlenhoff updated the task description. (Show Details)Wed, Jun 19, 8:36 AM
gerritbot added a comment.Wed, Jun 19, 8:42 AM

Change #1047444 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/cookbooks@master] No longer refer to setting the acmechief hosts

https://gerrit.wikimedia.org/r/1047444

gerritbot added a comment.Tue, Jun 25, 7:48 AM

Change #1047443 merged by Muehlenhoff:

[operations/puppet@production] Default to use acmechief1002

https://gerrit.wikimedia.org/r/1047443

gerritbot added a comment.Tue, Jun 25, 7:50 AM

Change #1047444 merged by Muehlenhoff:

[operations/cookbooks@master] No longer refer to setting the acmechief hosts

https://gerrit.wikimedia.org/r/1047444

gerritbot added a comment.Tue, Jun 25, 7:55 AM

Change #1049452 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for mariadb hosts

https://gerrit.wikimedia.org/r/1049452

gerritbot added a comment.Tue, Jun 25, 7:58 AM

Change #1049453 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for IDM/IDP

https://gerrit.wikimedia.org/r/1049453

gerritbot added a comment.Tue, Jun 25, 8:16 AM

Change #1049459 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for gitlab

https://gerrit.wikimedia.org/r/1049459

gerritbot added a comment.Tue, Jun 25, 8:38 AM

Change #1049461 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for dns/ncredir/durum/doh

https://gerrit.wikimedia.org/r/1049461

gerritbot added a comment.Tue, Jun 25, 8:39 AM

Change #1049452 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for mariadb hosts

https://gerrit.wikimedia.org/r/1049452

gerritbot added a comment.Tue, Jun 25, 8:49 AM

Change #1049466 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for apt hosts

https://gerrit.wikimedia.org/r/1049466

gerritbot added a comment.Tue, Jun 25, 8:53 AM

Change #1049469 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for various DE roles

https://gerrit.wikimedia.org/r/1049469

gerritbot added a comment.Tue, Jun 25, 9:01 AM

Change #1049466 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for apt hosts

https://gerrit.wikimedia.org/r/1049466

gerritbot added a comment.Tue, Jun 25, 9:03 AM

Change #1049459 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for gitlab

https://gerrit.wikimedia.org/r/1049459

gerritbot added a comment.Tue, Jun 25, 9:08 AM

Change #1049475 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for mirrors

https://gerrit.wikimedia.org/r/1049475

gerritbot added a comment.Tue, Jun 25, 9:22 AM

Change #1049475 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for mirrors

https://gerrit.wikimedia.org/r/1049475

gerritbot added a comment.Tue, Jun 25, 9:26 AM

Change #1049481 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for MX hosts

https://gerrit.wikimedia.org/r/1049481

gerritbot added a comment.Tue, Jun 25, 9:29 AM

Change #1049484 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for cloudlb/clouddumps/cloudservices-codfw1dev

https://gerrit.wikimedia.org/r/1049484

gerritbot added a comment.Tue, Jun 25, 9:50 AM

Change #1049484 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for cloudlb/clouddumps/cloudservices-codfw1dev

https://gerrit.wikimedia.org/r/1049484

gerritbot added a comment.Tue, Jun 25, 10:04 AM

Change #1049501 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for caches

https://gerrit.wikimedia.org/r/1049501

gerritbot added a comment.Tue, Jun 25, 10:07 AM

Change #1049502 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for icinga

https://gerrit.wikimedia.org/r/1049502

gerritbot added a comment.Tue, Jun 25, 10:15 AM

Change #1049504 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for netmon

https://gerrit.wikimedia.org/r/1049504

gerritbot added a comment.Tue, Jun 25, 10:15 AM

Change #1049505 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for orchestrator

https://gerrit.wikimedia.org/r/1049505

gerritbot added a comment.Tue, Jun 25, 10:25 AM

Change #1049504 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for netmon

https://gerrit.wikimedia.org/r/1049504

gerritbot added a comment.Tue, Jun 25, 10:37 AM

Change #1049511 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for ML hosts

https://gerrit.wikimedia.org/r/1049511

gerritbot added a comment.Tue, Jun 25, 10:38 AM

Change #1049512 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for cloudelastic

https://gerrit.wikimedia.org/r/1049512

gerritbot added a comment.Tue, Jun 25, 10:44 AM

Change #1049515 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for archiva

https://gerrit.wikimedia.org/r/1049515

gerritbot added a comment.Tue, Jun 25, 10:45 AM

Change #1049516 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for lists

https://gerrit.wikimedia.org/r/1049516

gerritbot added a comment.Tue, Jun 25, 10:54 AM

Change #1049517 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for

https://gerrit.wikimedia.org/r/1049517

gerritbot added a comment.Tue, Jun 25, 11:07 AM

Change #1049523 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for various IF roles

https://gerrit.wikimedia.org/r/1049523

gerritbot added a comment.Tue, Jun 25, 11:09 AM

Change #1049523 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for various IF roles

https://gerrit.wikimedia.org/r/1049523

gerritbot added a comment.Tue, Jun 25, 12:38 PM

Change #1049516 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for lists

https://gerrit.wikimedia.org/r/1049516

gerritbot added a comment.Tue, Jun 25, 12:48 PM

Change #1049501 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for caches

https://gerrit.wikimedia.org/r/1049501

MoritzMuehlenhoff updated the task description. (Show Details)Tue, Jun 25, 1:23 PM
gerritbot added a comment.Tue, Jun 25, 1:34 PM

Change #1049559 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for

https://gerrit.wikimedia.org/r/1049559

gerritbot added a comment.Tue, Jun 25, 2:02 PM

Change #1049511 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for ML hosts

https://gerrit.wikimedia.org/r/1049511

gerritbot added a comment.Tue, Jun 25, 3:52 PM

Change #1049592 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for remaining collab roles

https://gerrit.wikimedia.org/r/1049592

gerritbot added a comment.Tue, Jun 25, 5:06 PM

Change #1049592 merged by Dzahn:

[operations/puppet@production] Remove acmechief annotations for remaining collab roles

https://gerrit.wikimedia.org/r/1049592

gerritbot added a comment.Wed, Jun 26, 7:19 AM

Change #1049481 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for MX hosts

https://gerrit.wikimedia.org/r/1049481

gerritbot added a comment.Wed, Jun 26, 7:23 AM

Change #1049515 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for archiva

https://gerrit.wikimedia.org/r/1049515

gerritbot added a comment.Wed, Jun 26, 7:26 AM

Change #1049502 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for icinga

https://gerrit.wikimedia.org/r/1049502

gerritbot added a comment.Wed, Jun 26, 7:38 AM

Change #1049505 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for orchestrator

https://gerrit.wikimedia.org/r/1049505

gerritbot added a comment.Wed, Jun 26, 7:44 AM

Change #1049821 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for gerrit

https://gerrit.wikimedia.org/r/1049821

gerritbot added a comment.Wed, Jun 26, 7:49 AM

Change #1049559 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for remaining WMCS roles

https://gerrit.wikimedia.org/r/1049559

gerritbot added a comment.Wed, Jun 26, 7:52 AM

Change #1049517 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for wikikube

https://gerrit.wikimedia.org/r/1049517

gerritbot added a comment.Wed, Jun 26, 8:11 AM

Change #1049453 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for IDM/IDP

https://gerrit.wikimedia.org/r/1049453

gerritbot added a comment.Wed, Jun 26, 8:20 AM

Change #1049833 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for LDAP roles

https://gerrit.wikimedia.org/r/1049833

gerritbot added a comment.Wed, Jun 26, 8:20 AM

Change #1049512 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for cloudelastic

https://gerrit.wikimedia.org/r/1049512

gerritbot added a comment.Wed, Jun 26, 8:27 AM

Change #1049837 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Switch acmechief1001/2001 to insetup::buster

https://gerrit.wikimedia.org/r/1049837

gerritbot added a comment.Wed, Jun 26, 8:31 AM

Change #1049833 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for LDAP roles

https://gerrit.wikimedia.org/r/1049833

gerritbot added a comment.Wed, Jun 26, 8:52 AM

Change #1049850 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for remaining Collab roles

https://gerrit.wikimedia.org/r/1049850

gerritbot added a comment.Wed, Jun 26, 8:55 AM

Change #1049851 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for memcached/redis

https://gerrit.wikimedia.org/r/1049851

gerritbot added a comment.Wed, Jun 26, 8:58 AM

Change #1049854 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for remaining IF roles

https://gerrit.wikimedia.org/r/1049854

gerritbot added a comment.Wed, Jun 26, 9:08 AM

Change #1049859 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for swift/ceph

https://gerrit.wikimedia.org/r/1049859

gerritbot added a comment.Wed, Jun 26, 9:11 AM

Change #1049469 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for various DE roles

https://gerrit.wikimedia.org/r/1049469

gerritbot added a comment.Wed, Jun 26, 9:25 AM

Change #1049863 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for remaining o11y roles

https://gerrit.wikimedia.org/r/1049863

gerritbot added a comment.Wed, Jun 26, 9:26 AM

Change #1049864 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for Cassandra roles

https://gerrit.wikimedia.org/r/1049864

gerritbot added a comment.Wed, Jun 26, 9:34 AM

Change #1049869 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for remaining WMCS roles

https://gerrit.wikimedia.org/r/1049869

gerritbot added a comment.Wed, Jun 26, 9:37 AM

Change #1049871 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for backup roles

https://gerrit.wikimedia.org/r/1049871

gerritbot added a comment.Wed, Jun 26, 9:39 AM

Change #1049872 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for remaining Traffic roles

https://gerrit.wikimedia.org/r/1049872

gerritbot added a comment.Wed, Jun 26, 9:43 AM

Change #1049873 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for remaining Search roles

https://gerrit.wikimedia.org/r/1049873

gerritbot added a comment.Wed, Jun 26, 9:44 AM

Change #1049874 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for dumps roles

https://gerrit.wikimedia.org/r/1049874

gerritbot added a comment.Wed, Jun 26, 9:47 AM

Change #1049875 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for misc roles

https://gerrit.wikimedia.org/r/1049875

gerritbot added a comment.Wed, Jun 26, 10:30 AM

Change #1049851 merged by Effie Mouzeli:

[operations/puppet@production] Remove acmechief annotations for memcached/redis

https://gerrit.wikimedia.org/r/1049851

gerritbot added a comment.Wed, Jun 26, 11:12 AM

Change #1049874 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for dumps roles

https://gerrit.wikimedia.org/r/1049874

gerritbot added a comment.Wed, Jun 26, 11:13 AM

Change #1049872 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for remaining Traffic roles

https://gerrit.wikimedia.org/r/1049872

gerritbot added a comment.Wed, Jun 26, 11:14 AM

Change #1049869 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for remaining WMCS roles

https://gerrit.wikimedia.org/r/1049869

gerritbot added a comment.Wed, Jun 26, 11:16 AM

Change #1049854 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for remaining IF roles

https://gerrit.wikimedia.org/r/1049854

gerritbot added a comment.Wed, Jun 26, 11:17 AM

Change #1049875 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for misc roles

https://gerrit.wikimedia.org/r/1049875

gerritbot added a comment.Wed, Jun 26, 11:19 AM

Change #1049871 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for backup roles

https://gerrit.wikimedia.org/r/1049871

gerritbot added a comment.Wed, Jun 26, 11:30 AM

Change #1049461 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for dns/ncredir/durum/doh

https://gerrit.wikimedia.org/r/1049461

gerritbot added a comment.Wed, Jun 26, 11:36 AM

Change #1049850 merged by Muehlenhoff:

[operations/puppet@production] Remove acmechief annotations for remaining Collab roles

https://gerrit.wikimedia.org/r/1049850

gerritbot added a comment.Wed, Jun 26, 11:38 AM

Change #1049907 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for Druid/Kafka roles

https://gerrit.wikimedia.org/r/1049907

gerritbot added a comment.Wed, Jun 26, 11:41 AM

Change #1049908 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove acmechief annotations for Hadoop

https://gerrit.wikimedia.org/r/1049908

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL