Page MenuHomePhabricator
Create Task
Maniphest T394263

Migrating magru to routed Ganeti
Closed, ResolvedPublic
Actions

Description

An intro on routed Ganeti can be found here: https://phabricator.wikimedia.org/phame/post/view/312/ganeti_on_modern_network_design/

We have piloted routed Ganeti with two test servers who are running some initial workloads. As the next step of the rollout we've decided to migrate one of the PoPs (namely magru) to it, to give it more exposure to real world issues. This will also allow us to install future pops directly with routed Ganeti.

Magru currently consists of two separate Ganeti clusters in two different rows with two servers each.

row B4: ganeti7002 and ganeti7004

  • bast7001
  • doh7002
  • durum7002
  • ncredir7002
  • prometheus7001

row B3: ganeti7001 and ganeti7003

  • atlas7001
  • doh7002
  • durum7001
  • install7001
  • ncredir7001
  • netflow7001

When the migration is completed, we'll have a common four node Ganeti cluster spanning the two rows (and would also have flexibility in case of potential row changes at the DC).

There is some pending upstream work we have commissioned for Bind which will unblock the use of BGP in VMs (T362392). Until this work is completed, we will keep one node using the old setup (ganeti7002), which will continue to run doh7002 and durum7002.

The migration path will look like the following:

  • Move all VMs in ganeti7002 to ganeti7004
  • Switch B4 VMs to plain disk storage, i.e. disable DRBD for them.

During this initial period, the B4 VMs are no longer redundant, so if 7004 were to fail, we'd lose the Prometheus metrics, but would still have ncredir/wikidough/durum operational

  • Allocate IPs for magru routed Ganeti - https://netbox.wikimedia.org/ipam/prefixes/?role_id=41&site_id=11
  • Add allocated IPs to modules/network/data/data.yaml in Puppet
  • Reimage ganeti7002 with routed Ganeti
  • Update ganeti7002 switch port to remove the trunked public vlan
  • Setup routing between ganeti7002 and its ToR switch
  • Create bast7002, ncredir7003 and prometheus7002 on routed Ganeti and fail over services
  • Decom bast7001, ncredir7002, prometheus7001
  • Move all VMs on ganeti7001 to ganeti7003
  • Switch B3 VMs to plain disk storage, i.e. disable DRBD for them.
  • Decom atlas7001 (We'll re-add a probe in magru at a later point)
  • Decom doh7001, durum7001 (they will no longer be redundant, but with the current request rate in magru that's acceptable)
  • Create install7002, ncredir7002, netflow7002 on the routed Ganeti cluster and fail over services
  • Decom install7001, ncredir7001, netflow7001
  • Reimage ganeti7001 with routed Ganeti and also add them to the cluster
  • Setup routing between ganeti7001 and its ToR switch
  • Switch VMs back to DRBD
  • Reimage ganeti7003 with routed Ganeti and also add them to the cluster
  • Setup routing between ganeti7003 and it's ToR switch
  • Create doh7003, doh7004, durum7003, durum7004 on the routed Ganeti cluster

Once support in Bird is available (T362392)

  • Move doh7003, doh7004, durum7003, durum7004 to production
  • Decommission doh7002, durum7002
  • Reimage ganeti7004 with routed Ganeti and add it to the cluster
  • Setup routing between ganeti7004 and its ToR switch

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Remove magru RIPE Atlas Anchoroperations/puppetproduction+0 -18
Add ganeti7004 to the routed Ganeti cluster in magruoperations/puppetproduction+2 -5
Update Cumin aliases to handle the transition to routed Ganetioperations/puppetproduction+7 -3
netbox: Remove ganeti02/magru clusteroperations/puppetproduction+0 -3
Remove Ganeti role from ganeti7004operations/puppetproduction+1 -5
Remove ncredir7002operations/puppetproduction+0 -1
Add doh7004/durum7004operations/puppetproduction+2 -2
Add ncredir7004 to conftooloperations/puppetproduction+1 -0
Apply ncredir role to ncredir7004operations/puppetproduction+0 -4
Add ganeti7003 to the routed Ganeti clusteroperations/puppetproduction+2 -5
Routed Ganeti: disable rp_filteroperations/puppetproduction+2 -0
Reimage ganeti7003 with insetup roleoperations/puppetproduction+5 -11
Remove ncredir7001 from conftooloperations/puppetproduction+0 -1
Failover webproxy to install7002operations/dnsmaster+1 -1
Add ncredir7003 to conftooloperations/puppetproduction+1 -0
Assign ncredir role to ncredir7003operations/puppetproduction+1 -1
DHCP: install7001->7002operations/homer/publicmaster+2 -2
Revert "Revert back to install7001"operations/puppetproduction+1 -1
atftpd: Add support for Bookwormoperations/puppetproduction+24 -40
Apply installserver role on install7002operations/puppetproduction+1 -5
Apply installserver role to install7002operations/puppetproduction+2 -6
Remove bastion role from bast7001operations/puppetproduction+1 -3
Also add replica label for the new upcoming prometheus7002 nodeoperations/puppetproduction+1 -0
Remove netflow7001operations/homer/publicmaster+0 -1
Remove netflow7001 from Kafka Jumbo ACLsoperations/puppetproduction+0 -1
Assign netinsights role to netflow7002operations/puppetproduction+0 -4
Add netflow7002operations/homer/publicmaster+1 -0
Extend kafka firewall config for netflow7002operations/puppetproduction+1 -0
Add site.pp entries for netflow7002, ncredir7004, install7002operations/puppetproduction+12 -4
Remove ganeti7001 Hiera config for old ganeti01 clusteroperations/puppetproduction+0 -9
Assign ganeti_routed role to ganeti7001 and add it to the cluster node listoperations/puppetproduction+3 -8
Reimage ganeti7001 with insetup roleoperations/puppetproduction+6 -1
site.pp: Fix entry for prometheus7002operations/puppetproduction+4 -4
Update magru bastion for ssh-client-config and tunnelencabulatoroperations/debs/wmf-laptopmaster+4 -4
Grant firewall access for bast7002operations/puppetproduction+2 -0
Assign bastion role to bast7002operations/puppetproduction+1 -1
Add magru virtual IPs to network::subnetsoperations/puppetproduction+6 -0
sre.ganeti.makevm: Support passing a non-DRBD storage typeoperations/cookbooksmaster+6 -2
ganeti: make the storage_type configurableoperations/software/spicerackmaster+62 -14
netbox: Add magru03operations/puppetproduction+3 -0
Create site.pp entries for VM replacements from ganeti02/magruoperations/puppetproduction+20 -0
magru: add PTR include for routed ganeti v6operations/dnsmaster+12 -0
magru: add ganeti to the list of "customers"operations/homer/publicmaster+14 -0
Add PTR include for public1-virtual-magruoperations/dnsmaster+3 -0
Initial cluster config for ganeti03operations/puppetproduction+6 -0
Add alerting for network side routed Ganeti BGP sessionsoperations/alertsmaster+34 -2
profile::ganeti: add magru to v6_prefixesoperations/puppetproduction+1 -0
Apply ganeti_routed role to ganeti7002operations/puppetproduction+1 -1
routed_ganeti: Move more common settings to the common hierarchyoperations/puppetproduction+3 -6
Reimage ganeti7002 with insetup roleoperations/puppetproduction+6 -1
Remove Puppet references to ganeti7002operations/puppetproduction+0 -6
Show related patches Customize query in gerrit

Related Objects
Search...

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
gerritbot added a comment.Jun 5 2025, 8:32 AM

Change #1153947 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Assign ncredir role to ncredir7003

https://gerrit.wikimedia.org/r/1153947

gerritbot added a comment.Jun 5 2025, 8:32 AM

Change #1153948 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Add ncredir7003 to conftool

https://gerrit.wikimedia.org/r/1153948

gerritbot added a comment.Jun 5 2025, 9:20 AM

Change #1153958 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Extend kafka firewall config for netflow7002

https://gerrit.wikimedia.org/r/1153958

gerritbot added a comment.Jun 5 2025, 9:23 AM

Change #1153959 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Assign netinsights role to netflow7002

https://gerrit.wikimedia.org/r/1153959

gerritbot added a comment.Jun 5 2025, 9:52 AM

Change #1153958 merged by Muehlenhoff:

[operations/puppet@production] Extend kafka firewall config for netflow7002

https://gerrit.wikimedia.org/r/1153958

gerritbot added a comment.Jun 5 2025, 11:26 AM

Change #1153993 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/homer/public@master] Add netflow7002

https://gerrit.wikimedia.org/r/1153993

gerritbot added a comment.Jun 5 2025, 12:07 PM

Change #1153993 merged by Muehlenhoff:

[operations/homer/public@master] Add netflow7002

https://gerrit.wikimedia.org/r/1153993

gerritbot added a comment.Jun 5 2025, 12:37 PM

Change #1153959 merged by Muehlenhoff:

[operations/puppet@production] Assign netinsights role to netflow7002

https://gerrit.wikimedia.org/r/1153959

gerritbot added a comment.Jun 5 2025, 1:14 PM

Change #1154022 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove netflow7001 from Kafka Jumbo ACLs

https://gerrit.wikimedia.org/r/1154022

gerritbot added a comment.Jun 5 2025, 1:18 PM

Change #1154022 merged by Muehlenhoff:

[operations/puppet@production] Remove netflow7001 from Kafka Jumbo ACLs

https://gerrit.wikimedia.org/r/1154022

ops-monitoring-bot added a comment.Jun 5 2025, 1:23 PM

cookbooks.sre.hosts.decommission executed by jmm@cumin1003 for hosts: netflow7001.magru.wmnet

  • netflow7001.magru.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster magru01 to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster magru01 to Netbox
gerritbot added a comment.Jun 6 2025, 6:49 AM

Change #1154161 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/homer/public@master] Remove netflow7001

https://gerrit.wikimedia.org/r/1154161

gerritbot added a comment.Jun 6 2025, 6:55 AM

Change #1154161 merged by Muehlenhoff:

[operations/homer/public@master] Remove netflow7001

https://gerrit.wikimedia.org/r/1154161

gerritbot added a comment.Jun 6 2025, 10:59 AM

Change #1153126 abandoned by Muehlenhoff:

[operations/puppet@production] Also add replica label for the new upcoming prometheus7002 node

Reason:

Got merged as https://gerrit.wikimedia.org/r/c/operations/puppet/+/1154046

https://gerrit.wikimedia.org/r/1153126

tappof closed subtask T395130: Migrate prometheus7001 to prometheus7002 as Resolved.Jun 9 2025, 5:04 PM
gerritbot added a comment.Jun 10 2025, 6:19 AM

Change #1154923 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove bastion role from bast7001

https://gerrit.wikimedia.org/r/1154923

gerritbot added a comment.Jun 10 2025, 6:23 AM

Change #1154923 merged by Muehlenhoff:

[operations/puppet@production] Remove bastion role from bast7001

https://gerrit.wikimedia.org/r/1154923

ops-monitoring-bot added a comment.Jun 10 2025, 6:52 AM

cookbooks.sre.hosts.decommission executed by jmm@cumin1003 for hosts: bast7001.wikimedia.org

  • bast7001.wikimedia.org (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster magru02 to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster magru02 to Netbox
gerritbot added a comment.Jun 10 2025, 9:25 AM

Change #1155151 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Apply installserver role to install7002

https://gerrit.wikimedia.org/r/1155151

gerritbot added a comment.Jun 10 2025, 9:51 AM

Change #1155151 merged by Muehlenhoff:

[operations/puppet@production] Apply installserver role to install7002

https://gerrit.wikimedia.org/r/1155151

ops-monitoring-bot added a comment.Jun 10 2025, 12:48 PM

Cookbook cookbooks.sre.hosts.reimage was started by jmm@cumin1003 for host install7002.wikimedia.org with OS bullseye

ops-monitoring-bot added a comment.Jun 10 2025, 12:53 PM

Cookbook cookbooks.sre.hosts.reimage started by jmm@cumin1003 for host install7002.wikimedia.org with OS bullseye executed with errors:

  • install7002 (FAIL)
    • Downtimed on Icinga/Alertmanager
    • Disabled Puppet
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via gnt-instance
    • The reimage failed, see the cookbook logs for the details. You can also try typing "sudo install-console install7002.wikimedia.org" to get a root shell, but depending on the failure this may not work.
ops-monitoring-bot added a comment.Jun 10 2025, 12:54 PM

Cookbook cookbooks.sre.hosts.reimage was started by jmm@cumin1003 for host install7002.wikimedia.org with OS bullseye

ops-monitoring-bot added a comment.Jun 10 2025, 1:17 PM

Cookbook cookbooks.sre.hosts.reimage started by jmm@cumin1003 for host install7002.wikimedia.org with OS bullseye executed with errors:

  • install7002 (FAIL)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via gnt-instance
    • The reimage failed, see the cookbook logs for the details. You can also try typing "sudo install-console install7002.wikimedia.org" to get a root shell, but depending on the failure this may not work.
ops-monitoring-bot added a comment.Jun 10 2025, 1:18 PM

Cookbook cookbooks.sre.hosts.reimage was started by jmm@cumin1003 for host install7002.wikimedia.org with OS bullseye

ops-monitoring-bot added a comment.Jun 10 2025, 2:29 PM

Cookbook cookbooks.sre.hosts.reimage started by jmm@cumin1003 for host install7002.wikimedia.org with OS bullseye executed with errors:

  • install7002 (FAIL)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via gnt-instance
    • The reimage failed, see the cookbook logs for the details. You can also try typing "sudo install-console install7002.wikimedia.org" to get a root shell, but depending on the failure this may not work.
ops-monitoring-bot added a comment.Jun 10 2025, 3:02 PM

Cookbook cookbooks.sre.hosts.reimage was started by jmm@cumin1003 for host install7002.wikimedia.org with OS bookworm

ops-monitoring-bot added a comment.Jun 10 2025, 4:03 PM

Cookbook cookbooks.sre.hosts.reimage started by jmm@cumin1003 for host install7002.wikimedia.org with OS bookworm completed:

  • install7002 (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via gnt-instance
    • Host up (Debian installer)
    • Add puppet_version metadata (7) to Debian installer
    • Set boot media to disk
    • Host up (new fresh bookworm OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202506101547_jmm_1002669_install7002.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
gerritbot added a comment.Jun 11 2025, 6:25 AM

Change #1155503 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Apply installserver role on install7002

https://gerrit.wikimedia.org/r/1155503

gerritbot added a comment.Jun 11 2025, 6:42 AM

Change #1155503 merged by Muehlenhoff:

[operations/puppet@production] Apply installserver role on install7002

https://gerrit.wikimedia.org/r/1155503

gerritbot added a comment.Jun 11 2025, 7:27 AM

Change #1155585 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] atftpd: Add support for Bookworm

https://gerrit.wikimedia.org/r/1155585

gerritbot added a comment.Jun 11 2025, 8:58 AM

Change #1155585 merged by Muehlenhoff:

[operations/puppet@production] atftpd: Add support for Bookworm

https://gerrit.wikimedia.org/r/1155585

gerritbot added a comment.Jun 11 2025, 9:11 AM

Change #1155616 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Revert "Revert back to install7001"

https://gerrit.wikimedia.org/r/1155616

gerritbot added a comment.Jun 11 2025, 9:42 AM

Change #1155622 had a related patch set uploaded (by Ayounsi; author: Ayounsi):

[operations/homer/public@master] DHCP: install7001->7002

https://gerrit.wikimedia.org/r/1155622

gerritbot added a comment.Jun 11 2025, 9:43 AM

Change #1155616 merged by Muehlenhoff:

[operations/puppet@production] Revert "Revert back to install7001"

https://gerrit.wikimedia.org/r/1155616

gerritbot added a comment.Jun 11 2025, 9:44 AM

Change #1155622 merged by jenkins-bot:

[operations/homer/public@master] DHCP: install7001->7002

https://gerrit.wikimedia.org/r/1155622

gerritbot added a comment.Jun 11 2025, 9:59 AM

Change #1155624 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/dns@master] Failover webproxy to install7002

https://gerrit.wikimedia.org/r/1155624

gerritbot added a comment.Jun 11 2025, 10:14 AM

Change #1153947 merged by Muehlenhoff:

[operations/puppet@production] Assign ncredir role to ncredir7003

https://gerrit.wikimedia.org/r/1153947

gerritbot added a comment.Jun 11 2025, 11:20 AM

Change #1153948 merged by Muehlenhoff:

[operations/puppet@production] Add ncredir7003 to conftool

https://gerrit.wikimedia.org/r/1153948

gerritbot added a comment.Jun 11 2025, 11:34 AM

Change #1155624 merged by Muehlenhoff:

[operations/dns@master] Failover webproxy to install7002

https://gerrit.wikimedia.org/r/1155624

gerritbot added a comment.Jun 11 2025, 11:57 AM

Change #1155649 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove ncredir7001 from conftool

https://gerrit.wikimedia.org/r/1155649

gerritbot added a comment.Jun 11 2025, 2:30 PM

Change #1155649 merged by Muehlenhoff:

[operations/puppet@production] Remove ncredir7001 from conftool

https://gerrit.wikimedia.org/r/1155649

Maintenance_bot removed a project: Patch-For-Review.Jun 11 2025, 2:32 PM
ops-monitoring-bot added a comment.Jun 12 2025, 7:59 AM

cookbooks.sre.hosts.decommission executed by jmm@cumin1003 for hosts: ncredir7001.magru.wmnet

  • ncredir7001.magru.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster magru01 to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster magru01 to Netbox
gerritbot added a comment.Jun 13 2025, 12:06 PM

Change #1156814 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Apply ncredir role to ncredir7004

https://gerrit.wikimedia.org/r/1156814

gerritbot added a project: Patch-For-Review.Jun 13 2025, 12:06 PM

Change #1156815 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Add ncredir7004 to conftool

https://gerrit.wikimedia.org/r/1156815

ops-monitoring-bot added a comment.Jun 16 2025, 7:00 AM

cookbooks.sre.hosts.decommission executed by jmm@cumin1003 for hosts: install7001.wikimedia.org

  • install7001.wikimedia.org (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster magru01 to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster magru01 to Netbox
gerritbot added a comment.Jun 16 2025, 7:59 AM

Change #1159354 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Reimage ganeti7003 with insetup role

https://gerrit.wikimedia.org/r/1159354

gerritbot added a comment.Jun 16 2025, 8:19 AM

Change #1159354 merged by Muehlenhoff:

[operations/puppet@production] Reimage ganeti7003 with insetup role

https://gerrit.wikimedia.org/r/1159354

MoritzMuehlenhoff updated the task description. (Show Details)Jun 16 2025, 8:32 AM
gerritbot added a comment.Jun 16 2025, 9:41 AM

Change #1159390 had a related patch set uploaded (by Ayounsi; author: Ayounsi):

[operations/puppet@production] Routed Ganeti: disable rp_filter

https://gerrit.wikimedia.org/r/1159390

Stashbot added a comment.Jun 16 2025, 9:44 AM

Mentioned in SAL (#wikimedia-operations) [2025-06-16T09:44:09Z] <moritzm> remove magru01 in Netbox (all Ganeti nodes have been removed from it) T394263

gerritbot added a comment.Jun 16 2025, 10:07 AM

Change #1159390 merged by Ayounsi:

[operations/puppet@production] Routed Ganeti: disable rp_filter

https://gerrit.wikimedia.org/r/1159390

gerritbot added a comment.Jun 16 2025, 10:11 AM

Change #1159398 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Add ganeti7003 to the routed Ganeti cluster

https://gerrit.wikimedia.org/r/1159398

gerritbot added a comment.Jun 16 2025, 11:01 AM

Change #1159398 merged by Muehlenhoff:

[operations/puppet@production] Add ganeti7003 to the routed Ganeti cluster

https://gerrit.wikimedia.org/r/1159398

gerritbot added a comment.Jun 16 2025, 11:38 AM

Change #1156814 merged by Muehlenhoff:

[operations/puppet@production] Apply ncredir role to ncredir7004

https://gerrit.wikimedia.org/r/1156814

ops-monitoring-bot added a comment.Jun 16 2025, 11:57 AM

VM durum7003.magru.wmnet switching disk type to drbd

ops-monitoring-bot added a comment.Jun 16 2025, 12:24 PM

VM doh7003.wikimedia.org switching disk type to drbd

ops-monitoring-bot added a comment.Jun 16 2025, 12:59 PM

VM bast7002.wikimedia.org switching disk type to drbd

ops-monitoring-bot added a comment.Jun 16 2025, 1:25 PM

VM ncredir7003.magru.wmnet switching disk type to drbd

ops-monitoring-bot added a comment.Jun 16 2025, 1:39 PM

VM prometheus7002.magru.wmnet switching disk type to drbd

MoritzMuehlenhoff updated the task description. (Show Details)Jun 16 2025, 2:18 PM
MoritzMuehlenhoff updated the task description. (Show Details)Jun 16 2025, 3:01 PM
gerritbot added a comment.Jun 17 2025, 6:28 AM

Change #1156815 merged by Muehlenhoff:

[operations/puppet@production] Add ncredir7004 to conftool

https://gerrit.wikimedia.org/r/1156815

Maintenance_bot removed a project: Patch-For-Review.Jun 17 2025, 6:30 AM
gerritbot added a comment.Jun 17 2025, 6:46 AM

Change #1159916 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Add doh7004/durum7004

https://gerrit.wikimedia.org/r/1159916

gerritbot added a project: Patch-For-Review.Jun 17 2025, 6:46 AM
gerritbot added a comment.Jun 17 2025, 7:28 AM

Change #1159916 merged by Muehlenhoff:

[operations/puppet@production] Add doh7004/durum7004

https://gerrit.wikimedia.org/r/1159916

gerritbot added a comment.Jun 17 2025, 7:33 AM

Change #1159983 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove ncredir7002

https://gerrit.wikimedia.org/r/1159983

gerritbot added a comment.Jun 17 2025, 8:37 AM

Change #1159983 merged by Muehlenhoff:

[operations/puppet@production] Remove ncredir7002

https://gerrit.wikimedia.org/r/1159983

MoritzMuehlenhoff updated the task description. (Show Details)Jun 17 2025, 8:41 AM
MoritzMuehlenhoff updated the task description. (Show Details)
ops-monitoring-bot added a comment.Jun 17 2025, 8:53 AM

cookbooks.sre.hosts.decommission executed by jmm@cumin1003 for hosts: ncredir7002.magru.wmnet

  • ncredir7002.magru.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster magru02 to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster magru02 to Netbox
MoritzMuehlenhoff updated the task description. (Show Details)Jun 18 2025, 9:29 AM
MoritzMuehlenhoff updated the task description. (Show Details)
tappof unsubscribed.Jun 30 2025, 8:36 AM
gerritbot added a comment.Aug 14 2025, 11:29 AM

Change #1178839 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Remove Ganeti role from ganeti7004

https://gerrit.wikimedia.org/r/1178839

gerritbot added a comment.Aug 14 2025, 11:29 AM

Change #1178840 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] netbox: Remove ganeti02/magru cluster

https://gerrit.wikimedia.org/r/1178840

ops-monitoring-bot added a comment.Aug 14 2025, 1:12 PM

cookbooks.sre.hosts.decommission executed by sukhe@cumin1003 for hosts: doh7002.wikimedia.org

  • doh7002.wikimedia.org (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster magru02 to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster magru02 to Netbox
ops-monitoring-bot added a comment.Aug 14 2025, 1:15 PM

cookbooks.sre.hosts.decommission executed by sukhe@cumin1003 for hosts: durum7002.magru.wmnet

  • durum7002.magru.wmnet (PASS)
    • Downtimed host on Icinga/Alertmanager
    • Found Ganeti VM
    • VM shutdown
    • Started forced sync of VMs in Ganeti cluster magru02 to Netbox
    • Removed from DebMonitor
    • Removed from Puppet master and PuppetDB
    • VM removed
    • Started forced sync of VMs in Ganeti cluster magru02 to Netbox
ssingh updated the task description. (Show Details)Aug 14 2025, 1:16 PM
gerritbot added a comment.Aug 14 2025, 1:25 PM

Change #1178839 merged by Muehlenhoff:

[operations/puppet@production] Remove Ganeti role from ganeti7004

https://gerrit.wikimedia.org/r/1178839

gerritbot added a comment.Aug 14 2025, 1:37 PM

Change #1178840 merged by Muehlenhoff:

[operations/puppet@production] netbox: Remove ganeti02/magru cluster

https://gerrit.wikimedia.org/r/1178840

ops-monitoring-bot added a comment.Aug 14 2025, 2:07 PM

Cookbook cookbooks.sre.hosts.reimage was started by jmm@cumin2002 for host ganeti7004.magru.wmnet with OS bookworm

gerritbot added a comment.Aug 14 2025, 2:24 PM

Change #1178887 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Add ganeti7004 to the routed Ganeti cluster in magru

https://gerrit.wikimedia.org/r/1178887

MoritzMuehlenhoff updated the task description. (Show Details)Aug 14 2025, 2:25 PM
ops-monitoring-bot added a comment.Aug 14 2025, 2:55 PM

Cookbook cookbooks.sre.hosts.reimage started by jmm@cumin2002 for host ganeti7004.magru.wmnet with OS bookworm completed:

  • ganeti7004 (PASS)
    • Downtimed on Icinga/Alertmanager
    • Disabled Puppet
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • Host up (Debian installer)
    • Add puppet_version metadata (7) to Debian installer
    • Checked BIOS boot parameters are back to normal
    • Host up (new fresh bookworm OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • Removed previous downtime on Alertmanager (old OS)
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202508141434_jmm_3904929_ganeti7004.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
gerritbot added a comment.Aug 15 2025, 10:48 AM

Change #1179111 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Update Cumin aliases to handle the transition to routed Ganeti

https://gerrit.wikimedia.org/r/1179111

gerritbot added a comment.Aug 18 2025, 9:34 AM

Change #1179111 merged by Muehlenhoff:

[operations/puppet@production] Update Cumin aliases to handle the transition to routed Ganeti

https://gerrit.wikimedia.org/r/1179111

gerritbot added a comment.Aug 18 2025, 9:36 AM

Change #1178887 merged by Muehlenhoff:

[operations/puppet@production] Add ganeti7004 to the routed Ganeti cluster in magru

https://gerrit.wikimedia.org/r/1178887

MoritzMuehlenhoff closed this task as Resolved.Aug 18 2025, 1:05 PM
MoritzMuehlenhoff claimed this task.
MoritzMuehlenhoff updated the task description. (Show Details)

Magru is fully running on routed Ganeti \o/

CDanis awarded a token.Aug 18 2025, 1:33 PM
ssingh closed subtask T395796: Move ncredir7003 into service and decom ncredir7002 as Resolved.Aug 28 2025, 5:04 PM
ssingh mentioned this in T395796: Move ncredir7003 into service and decom ncredir7002.
ssingh closed subtask T396015: Decommission doh7001 and durum7001 as Resolved.Aug 28 2025, 5:06 PM
ssingh mentioned this in T396015: Decommission doh7001 and durum7001.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits