Page MenuHomePhabricator
Create Task
Maniphest T394884

Remove sanitarium hosts from codfw
Closed, ResolvedPublic
Actions

Description

Sanitarium hosts in codfw (db2186 and db2187) have never been used. They were eventually set up for two reasons

  1. Set up wikireplicas in codfw
  2. Failover in case sanitarium hosts in eqiad would fail.

It is pretty clear that  #1 will never happen.
In the case of #2, it is a complex process as we'd need to dig into binlogs from each dc and then attempt to move the wikireplicas there. It is a very complex and error prone change and can most likely lead to data corruption, so in the case of breakage of sanitarium hosts, it is more likely that we'd try to fix them or even reclone them from their sanitarium master, rather than risking the whole move to codfw.

Given that, I'd like to remove and repurpose the existing sanitarium hosts in codfw. This would give us two hosts back for production, as currently those hosts do nothing. And also would remove the snowflakes that sanitarium masters are in codfw.

I'd like to hear some thoughts from @taavi @fnegri @Ladsgroup @FCeratto-WMF

Details

Related Changes in Gerrit:
Show related patches Customize query in gerrit

Related Objects

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
Marostegui added a comment.May 21 2025, 3:57 PM
In T394884#10844920, @FCeratto-WMF wrote:

I can use the 2 hosts to test https://gerrit.wikimedia.org/r/c/operations/cookbooks/+/1131954

Yes, but for now remember that they are production. The test should be safe enough to be run, but just keep that in mind.

FCeratto-WMF added a comment.May 21 2025, 4:23 PM

I ran the cookbook in dry-run mode but that has limited utility. I suggest we move forward with this task removing them from prod use and then run restarts if possible.

Marostegui added a comment.May 21 2025, 4:25 PM

You can restart one of them in codfw if you like now.

FCeratto-WMF added a comment.May 21 2025, 4:53 PM

I could add a flag to filter with hosts to restart (it's meant to restart all hosts by default), I'll get back to this tomorrow.

Marostegui added a comment.May 21 2025, 5:48 PM
In T394884#10845169, @FCeratto-WMF wrote:

I could add a flag to filter with hosts to restart (it's meant to restart all hosts by default), I'll get back to this tomorrow.

Yeah this is definitely needed

Marostegui added a comment.May 22 2025, 11:12 AM

@Ladsgroup one of these hosts will go to x1

Ladsgroup added a comment.May 22 2025, 11:18 AM
In T394884#10847644, @Marostegui wrote:

@Ladsgroup one of these hosts will go to x1

🥳

FCeratto-WMF added a comment.May 22 2025, 12:19 PM

I update the script, can I run a restart on db2186 now?

Marostegui added a comment.May 22 2025, 12:43 PM

Yes, as I mentioned it at: https://gerrit.wikimedia.org/r/c/operations/cookbooks/+/1131954/10#message-851448cc8613956395eb3370100c2f332c45c508

Marostegui added a comment.May 22 2025, 12:43 PM

@FCeratto-WMF let's not hijack this task - let's continue the testing conversation on the gerrit. This task isn't about testing that cookbook.

Marostegui mentioned this in T196367: Implement a script to facilitate sanitarium failovers between DCs.May 23 2025, 6:26 AM
Marostegui claimed this task.May 27 2025, 5:33 AM

Since there are no objections, I will remove sanitarium hosts and will reconvert sanitarium masters to normal replicas in codfw.

gerritbot added a comment.May 27 2025, 12:20 PM

Change #1151185 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/puppet@production] db2*: Remove sanitarium masters

https://gerrit.wikimedia.org/r/1151185

gerritbot added a project: Patch-For-Review.May 27 2025, 12:20 PM

Change #1151185 merged by Marostegui:

[operations/puppet@production] db2*: Remove sanitarium masters

https://gerrit.wikimedia.org/r/1151185

Maintenance_bot removed a project: Patch-For-Review.May 27 2025, 12:31 PM
gerritbot added a comment.May 27 2025, 12:46 PM

Change #1151198 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/puppet@production] mariadb: Move db2186 to x1

https://gerrit.wikimedia.org/r/1151198

gerritbot added a project: Patch-For-Review.May 27 2025, 12:46 PM
ops-monitoring-bot added a comment.May 27 2025, 12:57 PM

Upgrading db2191.codfw.wmnet

ops-monitoring-bot added a comment.May 27 2025, 12:57 PM

Completed depool of db2191 - Upgrading db2191.codfw.wmnet - marostegui@cumin1002

ops-monitoring-bot added a comment.May 27 2025, 1:02 PM

Upgrade of db2191.codfw.wmnet completed

ops-monitoring-bot added a comment.May 27 2025, 1:02 PM

Upgrade of db2191.codfw.wmnet completed

gerritbot added a comment.May 27 2025, 1:37 PM

Change #1151198 merged by Marostegui:

[operations/puppet@production] mariadb: Move db2186 to x1

https://gerrit.wikimedia.org/r/1151198

ops-monitoring-bot added a comment.May 27 2025, 1:46 PM

Started cloning db2191.codfw.wmnet to db2186.codfw.wmnet - marostegui@cumin1002

gerritbot added a comment.May 27 2025, 1:48 PM

Change #1151217 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/puppet@production] instances.yaml: Add db2186 to dbctl

https://gerrit.wikimedia.org/r/1151217

gerritbot added a comment.May 27 2025, 1:49 PM

Change #1151217 merged by Marostegui:

[operations/puppet@production] instances.yaml: Add db2186 to dbctl

https://gerrit.wikimedia.org/r/1151217

Stashbot added a comment.May 27 2025, 1:51 PM

Mentioned in SAL (#wikimedia-operations) [2025-05-27T13:51:42Z] <marostegui@cumin1002> dbctl commit (dc=all): 'Add db2186 to dbctl depooled T394884', diff saved to https://phabricator.wikimedia.org/P76488 and previous config saved to /var/cache/conftool/dbconfig/20250527-135141-marostegui.json

Maintenance_bot removed a project: Patch-For-Review.May 27 2025, 2:34 PM
ops-monitoring-bot added a comment.May 27 2025, 3:14 PM

Start pool of db2191 gradually with 4 steps - Pool db2191.codfw.wmnet in after cloning - marostegui@cumin1002

ops-monitoring-bot added a comment.May 27 2025, 3:59 PM

Completed pool of db2191 gradually with 4 steps - Pool db2191.codfw.wmnet in after cloning - marostegui@cumin1002

Marostegui added a comment.May 27 2025, 4:05 PM

db2186 has been converted into a x1 slave - given it till tomorrow to replicate before start to pool it for the first time.

ops-monitoring-bot added a comment.May 27 2025, 4:06 PM

Upgrading db2186.codfw.wmnet

ops-monitoring-bot added a comment.May 27 2025, 4:14 PM

Upgrade of db2186.codfw.wmnet completed

ops-monitoring-bot added a comment.May 27 2025, 4:14 PM

Upgrade of db2186.codfw.wmnet completed

taavi removed a project: cloud-services-team.May 27 2025, 4:16 PM
Restricted Application added a project: cloud-services-team. · View Herald TranscriptMay 27 2025, 4:16 PM
Aklapper removed a project: cloud-services-team.May 27 2025, 10:19 PM
gerritbot added a comment.May 28 2025, 6:03 AM

Change #1151416 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/puppet@production] db2186: Enable notifications

https://gerrit.wikimedia.org/r/1151416

gerritbot added a project: Patch-For-Review.May 28 2025, 6:03 AM

Change #1151416 merged by Marostegui:

[operations/puppet@production] db2186: Enable notifications

https://gerrit.wikimedia.org/r/1151416

Marostegui added a comment.EditedMay 28 2025, 6:12 AM

db2186 being pooled in x1

Maintenance_bot removed a project: Patch-For-Review.May 28 2025, 6:30 AM
gerritbot added a comment.May 28 2025, 9:54 AM

Change #1151629 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/puppet@production] mariadb: Move db2187 to x3 (s8)

https://gerrit.wikimedia.org/r/1151629

gerritbot added a project: Patch-For-Review.May 28 2025, 9:54 AM
gerritbot added a comment.May 28 2025, 9:56 AM

Change #1151629 merged by Marostegui:

[operations/puppet@production] mariadb: Move db2187 to x3 (s8)

https://gerrit.wikimedia.org/r/1151629

ops-monitoring-bot added a comment.May 28 2025, 10:02 AM

Finished cloning db2191.codfw.wmnet to db2186.codfw.wmnet - marostegui@cumin1002

gerritbot added a comment.May 28 2025, 10:05 AM

Change #1151631 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/puppet@production] redact_sanitarium.sh: Remove db2186 db2187

https://gerrit.wikimedia.org/r/1151631

gerritbot added a comment.May 28 2025, 10:08 AM

Change #1151631 merged by Marostegui:

[operations/puppet@production] redact_sanitarium.sh: Remove db2186 db2187

https://gerrit.wikimedia.org/r/1151631

ops-monitoring-bot added a comment.May 28 2025, 10:15 AM

Started cloning db2242.codfw.wmnet to db2187.codfw.wmnet - marostegui@cumin1002

ops-monitoring-bot added a comment.May 28 2025, 10:15 AM

Completed depool of db2242 - Depool db2242.codfw.wmnet to then clone it to db2187.codfw.wmnet - marostegui@cumin1002 - marostegui@cumin1002

gerritbot added a comment.May 28 2025, 10:16 AM

Change #1151634 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/puppet@production] instances.yaml: Add db2187 to dbctl

https://gerrit.wikimedia.org/r/1151634

gerritbot added a comment.May 28 2025, 10:18 AM

Change #1151634 merged by Marostegui:

[operations/puppet@production] instances.yaml: Add db2187 to dbctl

https://gerrit.wikimedia.org/r/1151634

Stashbot added a comment.May 28 2025, 10:20 AM

Mentioned in SAL (#wikimedia-operations) [2025-05-28T10:20:16Z] <marostegui@cumin1002> dbctl commit (dc=all): 'Add db2187 to dbctl depooled T394884', diff saved to https://phabricator.wikimedia.org/P76565 and previous config saved to /var/cache/conftool/dbconfig/20250528-102015-marostegui.json

Maintenance_bot removed a project: Patch-For-Review.May 28 2025, 10:30 AM
gerritbot added a comment.May 28 2025, 12:17 PM

Change #1151664 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/puppet@production] check_private_data_report: Remove db2186, db2187

https://gerrit.wikimedia.org/r/1151664

gerritbot added a project: Patch-For-Review.May 28 2025, 12:17 PM
gerritbot added a comment.May 28 2025, 12:20 PM

Change #1151664 merged by Marostegui:

[operations/puppet@production] check_private_data_report: Remove db2186, db2187

https://gerrit.wikimedia.org/r/1151664

Marostegui added a comment.May 28 2025, 12:22 PM

db2187 has been cloned into s8

Maintenance_bot removed a project: Patch-For-Review.May 28 2025, 12:30 PM
ops-monitoring-bot added a comment.May 28 2025, 12:44 PM

Start pool of db2242 gradually with 4 steps - Pool db2242.codfw.wmnet in after cloning - marostegui@cumin1002

gerritbot added a comment.May 28 2025, 12:56 PM

Change #1151676 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/software@master] events_sanitarium.sql: Remove db2186, db2187

https://gerrit.wikimedia.org/r/1151676

gerritbot added a project: Patch-For-Review.May 28 2025, 12:56 PM
gerritbot added a comment.May 28 2025, 1:00 PM

Change #1151676 merged by jenkins-bot:

[operations/software@master] events_sanitarium.sql: Remove db2186, db2187

https://gerrit.wikimedia.org/r/1151676

ops-monitoring-bot added a comment.May 28 2025, 1:30 PM

Completed pool of db2242 gradually with 4 steps - Pool db2242.codfw.wmnet in after cloning - marostegui@cumin1002

Maintenance_bot removed a project: Patch-For-Review.May 28 2025, 1:32 PM
ops-monitoring-bot added a comment.May 28 2025, 2:34 PM

Finished cloning db2242.codfw.wmnet to db2187.codfw.wmnet - marostegui@cumin1002

jcrespo subscribed.May 29 2025, 10:58 AM

db2186 needs some extra due to care: <jinxer-wm> FIRING: SystemdUnitFailed: wmf_auto_restart_prometheus-mysqld-exporter@s3.service on db2186:9100 - https://wikitech.wikimedia.org/wiki/Monitoring/check_systemd_state - https://grafana.wikimedia.org/d/g-AaZRFWk/systemd-status - https://alerts.wikimedia.org/?q=alertname%3DSystemdUnitFailed

I can have a look later.

Marostegui added a comment.May 29 2025, 11:01 AM
In T394884#10867025, @jcrespo wrote:

db2186 needs some extra due to care: <jinxer-wm> FIRING: SystemdUnitFailed: wmf_auto_restart_prometheus-mysqld-exporter@s3.service on db2186:9100 - https://wikitech.wikimedia.org/wiki/Monitoring/check_systemd_state - https://grafana.wikimedia.org/d/g-AaZRFWk/systemd-status - https://alerts.wikimedia.org/?q=alertname%3DSystemdUnitFailed

I can have a look later.

Thanks - I will reimage this host.

jcrespo added a comment.May 29 2025, 11:38 AM

I believe I fixed db2186, but know that it will require the same kind of cleanup (specially of systemd and /etc/mysql/mysql.d/) for the other hosts, too.

Marostegui added a comment.May 29 2025, 11:40 AM

Thank you. db2187 will needed it too, so I am thinking it is just easier/cleaner to reimage keeping the data

jcrespo added a comment.May 29 2025, 11:47 AM

Up to you, I can fix other hosts quickly, it is just a few commands.

Marostegui added a comment.May 29 2025, 11:47 AM
In T394884#10867162, @jcrespo wrote:

Up to you, I can fix other hosts quickly, it is just a few commands.

Go for it if you have time! Thanks!

gerritbot added a comment.May 29 2025, 11:53 AM

Change #1152046 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/puppet@production] site.pp: Remove codfw sanitarium masters

https://gerrit.wikimedia.org/r/1152046

gerritbot added a project: Patch-For-Review.May 29 2025, 11:53 AM
gerritbot added a comment.May 29 2025, 1:54 PM

Change #1152046 merged by Marostegui:

[operations/puppet@production] site.pp: Remove codfw sanitarium masters

https://gerrit.wikimedia.org/r/1152046

Maintenance_bot removed a project: Patch-For-Review.May 29 2025, 2:31 PM
Stashbot added a comment.May 30 2025, 8:18 AM

Mentioned in SAL (#wikimedia-operations) [2025-05-30T08:18:05Z] <fceratto@cumin1002> dbctl commit (dc=all): 'Depool db2187 for reimaging, see T394884', diff saved to https://phabricator.wikimedia.org/P76702 and previous config saved to /var/cache/conftool/dbconfig/20250530-081804-fceratto.json

ops-monitoring-bot added a comment.May 30 2025, 8:20 AM

Icinga downtime and Alertmanager silence (ID=3f1522fc-3d4f-4682-bff9-5f42de7bfff6) set by fceratto@cumin1002 for 7 days, 0:00:00 on 1 host(s) and their services with reason: Reimaging

db2187.codfw.wmnet
gerritbot added a comment.May 30 2025, 9:52 AM

Change #1152249 had a related patch set uploaded (by Federico Ceratto; author: Federico Ceratto):

[operations/puppet@production] db2187.yaml: disable notifications for reimage

https://gerrit.wikimedia.org/r/1152249

gerritbot added a project: Patch-For-Review.May 30 2025, 9:52 AM
gerritbot added a comment.May 30 2025, 10:22 AM

Change #1152249 merged by Federico Ceratto:

[operations/puppet@production] db2187.yaml: disable notifications for reimage

https://gerrit.wikimedia.org/r/1152249

Maintenance_bot removed a project: Patch-For-Review.May 30 2025, 10:30 AM
ops-monitoring-bot added a comment.May 30 2025, 11:41 AM

Cookbook cookbooks.sre.hosts.reimage was started by fceratto@cumin1002 for host db2187.codfw.wmnet with OS bookworm

ops-monitoring-bot added a comment.May 30 2025, 12:26 PM

Cookbook cookbooks.sre.hosts.reimage started by fceratto@cumin1002 for host db2187.codfw.wmnet with OS bookworm completed:

  • db2187 (WARN)
    • Downtimed on Icinga/Alertmanager
    • Disabled Puppet
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via IPMI
    • Host up (Debian installer)
    • Add puppet_version metadata (7) to Debian installer
    • Checked BIOS boot parameters are back to normal
    • Host up (new fresh bookworm OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • Removed previous downtime on Alertmanager (old OS)
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202505301203_fceratto_1341034_db2187.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is not optimal, downtime not removed
    • Updated Netbox data from PuppetDB
gerritbot added a comment.May 30 2025, 1:02 PM

Change #1152262 had a related patch set uploaded (by Federico Ceratto; author: Federico Ceratto):

[operations/puppet@production] db2187.yaml: Enable notifications after reimage

https://gerrit.wikimedia.org/r/1152262

gerritbot added a project: Patch-For-Review.May 30 2025, 1:02 PM
gerritbot added a comment.May 30 2025, 3:01 PM

Change #1152262 merged by Federico Ceratto:

[operations/puppet@production] db2187.yaml: Enable notifications after reimage

https://gerrit.wikimedia.org/r/1152262

Maintenance_bot removed a project: Patch-For-Review.May 30 2025, 3:30 PM
FCeratto-WMF added a comment.May 30 2025, 3:49 PM

Notifications enabled in puppet, icinga is green, downtime is gone. Pooling in db2187

ops-monitoring-bot added a comment.May 30 2025, 3:49 PM

Start pool of db2187 gradually with 4 steps - Pooling in after reimage - fceratto@cumin1002

ops-monitoring-bot added a comment.May 30 2025, 4:35 PM

Completed pool of db2187 gradually with 4 steps - Pooling in after reimage - fceratto@cumin1002

taavi moved this task from Backlog to Wiki replicas on the Data-Services board.Jun 3 2025, 9:09 AM
Marostegui closed this task as Resolved.Jun 4 2025, 9:34 AM

This is done

Maintenance_bot moved this task from In progress to Done on the DBA board.Jun 4 2025, 10:29 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits