Page MenuHomePhabricator
Create Task
Maniphest T367861

Migrate ldap-ro and ldap-ro-ssl to IPIP encapsulation
Closed, ResolvedPublic
Actions

Description

ldap-ro and ldap-ro-ssl need to be migrated to IPIP encapsulation, given the current PyBal constraints this needs to happen one DC at a time (instead of host by host).

Current status:

  • eqiad
  • codfw

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Revert "Point eqiad and cloud/eqiad to use the codfw LDAP ro servers as well"operations/puppetproduction+5 -5
hiera,openldap::replica: Enable IPIP on eqiadoperations/puppetproduction+4 -2
Point eqiad and cloud/eqiad to use the codfw LDAP ro servers as welloperations/puppetproduction+5 -5
Revert "Point codfw and codfw1dev to use the eqiad LDAP ro servers as well"operations/puppetproduction+2 -2
hiera,openldap::replica: Add missing ldap-ro-ssl pooloperations/puppetproduction+3 -0
hiera,openldap::replica: Enable IPIP on codfwoperations/puppetproduction+9 -0
Point codfw and codfw1dev to use the eqiad LDAP ro servers as welloperations/puppetproduction+2 -2
Customize query in gerrit

Related Objects
Search...

Event Timeline

Vgutierrez created this task.Jun 18 2024, 9:32 AM
taavi subscribed.Jun 18 2024, 9:39 AM
gerritbot added a comment.Jun 18 2024, 1:07 PM

Change #1047076 had a related patch set uploaded (by Vgutierrez; author: Vgutierrez):

[operations/puppet@production] hiera,openldap::replica: Enable IPIP on codfw

https://gerrit.wikimedia.org/r/1047076

gerritbot added a project: Patch-For-Review.Jun 18 2024, 1:07 PM
Vgutierrez mentioned this in T367312: Migrate services behind high-traffic2 LVS to IPIP encapsulation.Jun 18 2024, 3:12 PM
gerritbot added a comment.Jun 19 2024, 12:07 PM

Change #1047488 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Point codfw and codfw1dev to use the eqiad LDAP ro servers as well

https://gerrit.wikimedia.org/r/1047488

gerritbot added a comment.Jun 24 2024, 10:20 AM

Change #1047488 merged by Muehlenhoff:

[operations/puppet@production] Point codfw and codfw1dev to use the eqiad LDAP ro servers as well

https://gerrit.wikimedia.org/r/1047488

gerritbot added a comment.Jun 24 2024, 12:43 PM

Change #1047076 merged by Vgutierrez:

[operations/puppet@production] hiera,openldap::replica: Enable IPIP on codfw

https://gerrit.wikimedia.org/r/1047076

Stashbot added a comment.Jun 24 2024, 12:50 PM

Mentioned in SAL (#wikimedia-operations) [2024-06-24T12:50:55Z] <vgutierrez> rolling restart of pybal on lvs2014 and lvs2012 - T367861

Stashbot added a comment.Jun 24 2024, 12:53 PM

Mentioned in SAL (#wikimedia-operations) [2024-06-24T12:53:07Z] <vgutierrez> IPIP encapsulation enabled on ldap-ro.codfw.wikimedia.org. - T367861

MoritzMuehlenhoff triaged this task as Medium priority.Jun 24 2024, 1:03 PM
gerritbot added a comment.Jun 24 2024, 1:04 PM

Change #1049156 had a related patch set uploaded (by Vgutierrez; author: Vgutierrez):

[operations/puppet@production] hiera,openldap::replica: Enable IPIP on eqiad

https://gerrit.wikimedia.org/r/1049156

gerritbot added a comment.Jun 24 2024, 1:18 PM

Change #1049162 had a related patch set uploaded (by Vgutierrez; author: Vgutierrez):

[operations/puppet@production] hiera,openldap::replica: Add missing ldap-ro-ssl pool

https://gerrit.wikimedia.org/r/1049162

gerritbot added a comment.Jun 24 2024, 1:28 PM

Change #1049162 merged by Vgutierrez:

[operations/puppet@production] hiera,openldap::replica: Add missing ldap-ro-ssl pool

https://gerrit.wikimedia.org/r/1049162

Vgutierrez changed the task status from Open to In Progress.Jun 24 2024, 2:53 PM
Vgutierrez updated the task description. (Show Details)
gerritbot added a comment.Jun 25 2024, 6:31 AM

Change #1049378 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Revert "Point codfw and codfw1dev to use the eqiad LDAP ro servers as well"

https://gerrit.wikimedia.org/r/1049378

gerritbot added a comment.Jun 25 2024, 7:13 AM

Change #1049378 merged by Muehlenhoff:

[operations/puppet@production] Revert "Point codfw and codfw1dev to use the eqiad LDAP ro servers as well"

https://gerrit.wikimedia.org/r/1049378

gerritbot added a comment.Jun 25 2024, 7:45 AM

Change #1049446 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Point eqiad and cloud/eqiad to use the codfw LDAP ro servers as well

https://gerrit.wikimedia.org/r/1049446

gerritbot added a comment.Jun 25 2024, 12:40 PM

Change #1049446 merged by Muehlenhoff:

[operations/puppet@production] Point eqiad and cloud/eqiad to use the codfw LDAP ro servers as well

https://gerrit.wikimedia.org/r/1049446

gerritbot added a comment.Jun 25 2024, 1:18 PM

Change #1049156 merged by Vgutierrez:

[operations/puppet@production] hiera,openldap::replica: Enable IPIP on eqiad

https://gerrit.wikimedia.org/r/1049156

Stashbot added a comment.Jun 25 2024, 1:26 PM

Mentioned in SAL (#wikimedia-operations) [2024-06-25T13:26:48Z] <vgutierrez> rolling restart of pybal on lvs1020 and lvs1018 - T367861

Stashbot added a comment.Jun 25 2024, 1:29 PM

Mentioned in SAL (#wikimedia-operations) [2024-06-25T13:29:58Z] <vgutierrez> IPIP encapsulation enabled on ldap-ro.eqiad.wikimedia.org - T367861

Maintenance_bot removed a project: Patch-For-Review.Jun 25 2024, 1:32 PM
Vgutierrez closed this task as Resolved.Jun 25 2024, 1:34 PM
Vgutierrez updated the task description. (Show Details)
gerritbot added a comment.Jun 25 2024, 2:02 PM

Change #1049568 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Revert "Point eqiad and cloud/eqiad to use the codfw LDAP ro servers as well"

https://gerrit.wikimedia.org/r/1049568

gerritbot added a project: Patch-For-Review.Jun 25 2024, 2:02 PM
gerritbot added a comment.Jun 25 2024, 2:40 PM

Change #1049568 merged by Muehlenhoff:

[operations/puppet@production] Revert "Point eqiad and cloud/eqiad to use the codfw LDAP ro servers as well"

https://gerrit.wikimedia.org/r/1049568

Maintenance_bot removed a project: Patch-For-Review.Jun 25 2024, 3:31 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits