Page MenuHomePhabricator
Create Task
Maniphest T401832

Upgrade Traffic hosts to trixie
Open, In Progress, LowPublic
Actions

Description

This task tracks the upgrade of the Traffic hosts to trixie, affecting the services below and identified by their cumin aliases.

This is meant to be an umbrella task for all changes that will be part of this upgrade, such as the Debian packaging, Puppet changes, and the related testing include reimaging.

Progress:

HostDebian PackagesReimaging
acmechief
cpdone
dns
durumdonedone
lvs
ncmonitordonedone
ncredir
wikidough
haproxykafka

Debian Packaging

This includes packages that we build ourselves.

A:acmechief

A:cp

A:dnsbox

  • gdnsd

A:durum

  • anycast-healthchecker

A:lvs

  • liberica

A:ncmonitor

A:ncredir

  • benthos/redpanda

A:wikidough

  • anycast-healthchecker
  • dnsdist

trixie reimaging

A:acmechief

  • acmechief2002.codfw.wmnet
  • acmechief1002.eqiad.wmnet
  • acmechief-test2001.codfw.wmnet
  • acmechief-test1001.eqiad.wmnet

A:cp

  • cp1100.eqiad.wmnet
  • cp1101.eqiad.wmnet
  • cp1102.eqiad.wmnet
  • cp1103.eqiad.wmnet
  • cp1104.eqiad.wmnet
  • cp1105.eqiad.wmnet
  • cp1106.eqiad.wmnet
  • cp1107.eqiad.wmnet
  • cp1108.eqiad.wmnet
  • cp1109.eqiad.wmnet
  • cp1110.eqiad.wmnet
  • cp1111.eqiad.wmnet
  • cp1112.eqiad.wmnet
  • cp1113.eqiad.wmnet
  • cp1114.eqiad.wmnet
  • cp1115.eqiad.wmnet
  • cp2027.codfw.wmnet
  • cp2028.codfw.wmnet
  • cp2029.codfw.wmnet
  • cp2030.codfw.wmnet
  • cp2031.codfw.wmnet
  • cp2032.codfw.wmnet
  • cp2033.codfw.wmnet
  • cp2034.codfw.wmnet
  • cp2035.codfw.wmnet
  • cp2036.codfw.wmnet
  • cp2037.codfw.wmnet
  • cp2038.codfw.wmnet
  • cp2039.codfw.wmnet
  • cp2040.codfw.wmnet
  • cp2041.codfw.wmnet
  • cp2042.codfw.wmnet
  • cp3066.esams.wmnet
  • cp3067.esams.wmnet
  • cp3068.esams.wmnet
  • cp3069.esams.wmnet
  • cp3070.esams.wmnet
  • cp3071.esams.wmnet
  • cp3072.esams.wmnet
  • cp3073.esams.wmnet
  • cp3074.esams.wmnet
  • cp3075.esams.wmnet
  • cp3076.esams.wmnet
  • cp3077.esams.wmnet
  • cp3078.esams.wmnet
  • cp3079.esams.wmnet
  • cp3080.esams.wmnet
  • cp3081.esams.wmnet
  • cp4037.ulsfo.wmnet
  • cp4038.ulsfo.wmnet
  • cp4039.ulsfo.wmnet
  • cp4040.ulsfo.wmnet
  • cp4041.ulsfo.wmnet
  • cp4042.ulsfo.wmnet
  • cp4043.ulsfo.wmnet
  • cp4044.ulsfo.wmnet
  • cp4045.ulsfo.wmnet
  • cp4046.ulsfo.wmnet
  • cp4047.ulsfo.wmnet
  • cp4048.ulsfo.wmnet
  • cp4049.ulsfo.wmnet
  • cp4050.ulsfo.wmnet
  • cp4051.ulsfo.wmnet
  • cp4052.ulsfo.wmnet
  • cp5017.eqsin.wmnet
  • cp5018.eqsin.wmnet
  • cp5019.eqsin.wmnet
  • cp5020.eqsin.wmnet
  • cp5021.eqsin.wmnet
  • cp5022.eqsin.wmnet
  • cp5023.eqsin.wmnet
  • cp5024.eqsin.wmnet
  • cp5025.eqsin.wmnet
  • cp5026.eqsin.wmnet
  • cp5027.eqsin.wmnet
  • cp5028.eqsin.wmnet
  • cp5029.eqsin.wmnet
  • cp5030.eqsin.wmnet
  • cp5031.eqsin.wmnet
  • cp5032.eqsin.wmnet
  • cp6001.drmrs.wmnet
  • cp6002.drmrs.wmnet
  • cp6003.drmrs.wmnet
  • cp6004.drmrs.wmnet
  • cp6005.drmrs.wmnet
  • cp6006.drmrs.wmnet
  • cp6007.drmrs.wmnet
  • cp6008.drmrs.wmnet
  • cp6009.drmrs.wmnet
  • cp6010.drmrs.wmnet
  • cp6011.drmrs.wmnet
  • cp6012.drmrs.wmnet
  • cp6013.drmrs.wmnet
  • cp6014.drmrs.wmnet
  • cp6015.drmrs.wmnet
  • cp6016.drmrs.wmnet
  • cp7001.magru.wmnet
  • cp7002.magru.wmnet
  • cp7003.magru.wmnet
  • cp7004.magru.wmnet
  • cp7005.magru.wmnet
  • cp7006.magru.wmnet
  • cp7007.magru.wmnet
  • cp7008.magru.wmnet
  • cp7009.magru.wmnet
  • cp7010.magru.wmnet
  • cp7011.magru.wmnet
  • cp7012.magru.wmnet
  • cp7013.magru.wmnet
  • cp7014.magru.wmnet
  • cp7015.magru.wmnet
  • cp7016.magru.wmnet

A:durum

  • durum1001.eqiad.wmnet
  • durum1002.eqiad.wmnet
  • durum2001.codfw.wmnet
  • durum2002.codfw.wmnet
  • durum3005.esams.wmnet
  • durum3006.esams.wmnet
  • durum4001.ulsfo.wmnet
  • durum4002.ulsfo.wmnet
  • durum5001.eqsin.wmnet
  • durum5002.eqsin.wmnet
  • durum6001.drmrs.wmnet
  • durum6002.drmrs.wmnet
  • durum7003.magru.wmnet
  • durum7004.magru.wmnet

A:ncmonitor

  • ncmonitor1001.eqiad.wmnet

A:ncredir

  • ncredir1001.eqiad.wmnet
  • ncredir1002.eqiad.wmnet
  • ncredir2001.codfw.wmnet
  • ncredir2002.codfw.wmnet
  • ncredir3005.esams.wmnet
  • ncredir3006.esams.wmnet
  • ncredir4001.ulsfo.wmnet
  • ncredir4002.ulsfo.wmnet
  • ncredir5001.eqsin.wmnet
  • ncredir5002.eqsin.wmnet
  • ncredir6001.drmrs.wmnet
  • ncredir6002.drmrs.wmnet
  • ncredir7003.magru.wmnet
  • ncredir7004.magru.wmnet

A:dnsbox

  • dns1004.wikimedia.org
  • dns1005.wikimedia.org
  • dns1006.wikimedia.org
  • dns2004.wikimedia.org
  • dns2005.wikimedia.org
  • dns2006.wikimedia.org
  • dns3003.wikimedia.org
  • dns3004.wikimedia.org
  • dns4003.wikimedia.org
  • dns4004.wikimedia.org
  • dns5003.wikimedia.org
  • dns5004.wikimedia.org
  • dns6001.wikimedia.org
  • dns6002.wikimedia.org
  • dns7001.wikimedia.org
  • dns7002.wikimedia.org

A:wikidough

  • doh1001.wikimedia.org
  • doh1002.wikimedia.org
  • doh2001.wikimedia.org
  • doh2002.wikimedia.org
  • doh3005.wikimedia.org
  • doh3006.wikimedia.org
  • doh4001.wikimedia.org
  • doh4002.wikimedia.org
  • doh5001.wikimedia.org
  • doh5002.wikimedia.org
  • doh6001.wikimedia.org
  • doh6002.wikimedia.org
  • doh7003.wikimedia.org
  • doh7004.wikimedia.org

Details

Related Changes in Gerrit:
Show related patches Customize query in gerrit

Related Objects
Search...

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
ops-monitoring-bot added a comment.Wed, Feb 11, 2:10 PM

Cookbook cookbooks.sre.hosts.reimage started by slyngshede@cumin1003 for host cp2043.codfw.wmnet with OS trixie completed:

  • cp2043 (PASS)
    • Downtimed on Icinga/Alertmanager
    • Disabled Puppet
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced UEFI HTTP Boot for next reboot
    • Host rebooted via Redfish
    • Host up (Debian installer)
    • Host up (new fresh trixie OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • Removed previous downtime on Alertmanager (old OS)
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202602111352_slyngshede_2859730_cp2043.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
BCornwall added a comment.Wed, Feb 11, 4:46 PM

Some clarification, too: T386796#10642779 suggests that 3.1 was problematic. The hope is that 3.0 will not contain those issues and that the upgrade to 3.2 (or 3.3) will skip those issues.

BCornwall added a comment.EditedWed, Feb 11, 8:10 PM

@Vgutierrez / @Fabfur Regarding upgrading from 3.0 in Bullseye to 3.0 in Trixie.... 3.0 in Bullseye (via haproxy.debian.net) would pull in the latest 3.0.15... but then upgrading to Trixie and utilizing the repo's package would mean that we switch to 3.0.11-1+deb13u1. When upgrading to 3.0 in Bullseye, I propose we instead use the version 3.0.11-1~bpo11+1. It appears that the codebase would be the same for both distributions.

Fabfur created subtask T417253: Upgrade to HAProxy 3.0 on cache (bullseye) hosts.Thu, Feb 12, 9:43 AM
Fabfur updated the task description. (Show Details)Thu, Feb 12, 9:50 AM
gerritbot added a comment.Thu, Feb 12, 3:18 PM

Change #1238403 merged by Vgutierrez:

[operations/puppet@production] aptrepo,haproxy: Allow HAProxy 3.0 on bullseye

https://gerrit.wikimedia.org/r/1238403

Stashbot added a comment.Thu, Feb 12, 3:23 PM

Mentioned in SAL (#wikimedia-operations) [2026-02-12T15:23:29Z] <vgutierrez> fetch haproxy 3.0.15 on thirdparty/haproxy30 (bullseye-wikimedia) - T401832

Maintenance_bot removed a project: Patch-For-Review.Thu, Feb 12, 3:30 PM
ops-monitoring-bot added a comment.Thu, Feb 12, 3:43 PM

Cookbook cookbooks.sre.hosts.reimage was started by sukhe@cumin1003 for host durum3005.esams.wmnet with OS trixie

ops-monitoring-bot added a comment.Thu, Feb 12, 3:53 PM

Cookbook cookbooks.sre.hosts.reimage was started by sukhe@cumin1003 for host durum7004.magru.wmnet with OS trixie

ops-monitoring-bot added a comment.Thu, Feb 12, 4:36 PM

Cookbook cookbooks.sre.hosts.reimage started by sukhe@cumin1003 for host durum3005.esams.wmnet with OS trixie completed:

  • durum3005 (PASS)
    • Downtimed on Icinga/Alertmanager
    • Disabled Puppet
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via gnt-instance
    • Host up (Debian installer)
    • Set boot media to disk
    • Host up (new fresh trixie OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • Removed previous downtime on Alertmanager (old OS)
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202602121614_sukhe_3520396_durum3005.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
ops-monitoring-bot added a comment.Thu, Feb 12, 4:44 PM

Cookbook cookbooks.sre.hosts.reimage started by sukhe@cumin1003 for host durum7004.magru.wmnet with OS trixie completed:

  • durum7004 (PASS)
    • Downtimed on Icinga/Alertmanager
    • Disabled Puppet
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via gnt-instance
    • Host up (Debian installer)
    • Set boot media to disk
    • Host up (new fresh trixie OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • Removed previous downtime on Alertmanager (old OS)
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202602121629_sukhe_3532274_durum7004.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
ops-monitoring-bot added a comment.Thu, Feb 12, 4:50 PM

Cookbook cookbooks.sre.hosts.reimage was started by sukhe@cumin1003 for host durum7003.magru.wmnet with OS trixie

ops-monitoring-bot added a comment.Thu, Feb 12, 4:51 PM

Cookbook cookbooks.sre.hosts.reimage was started by sukhe@cumin1003 for host durum3006.esams.wmnet with OS trixie

ops-monitoring-bot added a comment.Thu, Feb 12, 5:40 PM

Cookbook cookbooks.sre.hosts.reimage started by sukhe@cumin1003 for host durum3006.esams.wmnet with OS trixie completed:

  • durum3006 (PASS)
    • Downtimed on Icinga/Alertmanager
    • Disabled Puppet
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via gnt-instance
    • Host up (Debian installer)
    • Set boot media to disk
    • Host up (new fresh trixie OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • Removed previous downtime on Alertmanager (old OS)
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202602121723_sukhe_3592573_durum3006.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
ops-monitoring-bot added a comment.Thu, Feb 12, 5:51 PM

Cookbook cookbooks.sre.hosts.reimage started by sukhe@cumin1003 for host durum7003.magru.wmnet with OS trixie completed:

  • durum7003 (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via gnt-instance
    • Host up (Debian installer)
    • Set boot media to disk
    • Host up (new fresh trixie OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202602121727_sukhe_3591897_durum7003.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
ssingh updated the task description. (Show Details)Thu, Feb 12, 5:53 PM

All durum hosts upgraded to trixie, timestamping.

BCornwall added a subscriber: CDobbins.Thu, Feb 12, 6:31 PM

@SLyngshede-WMF If you could get a trixie host up and running in codfw with some of the new hardware that'd give us a great launchpad for testing out a trixie host.

In the meantime, @CDobbins and I are going to try and get a horizon trixie host up and running.

ssingh updated the task description. (Show Details)Thu, Feb 12, 6:37 PM
SLyngshede-WMF added a comment.Fri, Feb 13, 8:06 AM

@BCornwall We currently have two hosts:

  • cp2043
  • cp2044

Both are now on Trixie

gerritbot added a comment.Fri, Feb 13, 6:07 PM

Change #1239383 had a related patch set uploaded (by BCornwall; author: BCornwall):

[operations/puppet@production] site.pp: Provision cp2043/cp2044 as cache nodes

https://gerrit.wikimedia.org/r/1239383

gerritbot added a project: Patch-For-Review.Fri, Feb 13, 6:07 PM
gerritbot added a comment.Fri, Feb 13, 7:58 PM

Change #1239383 merged by BCornwall:

[operations/puppet@production] site.pp: Provision cp2043/cp2044 as cache nodes

https://gerrit.wikimedia.org/r/1239383

gerritbot added a comment.Fri, Feb 13, 8:03 PM

Change #1239401 had a related patch set uploaded (by BCornwall; author: BCornwall):

[operations/puppet@production] varnish:common: add trixie version for Python

https://gerrit.wikimedia.org/r/1239401

gerritbot added a comment.Fri, Feb 13, 10:06 PM

Change #1239401 merged by BCornwall:

[operations/puppet@production] varnish:common: add trixie version for Python

https://gerrit.wikimedia.org/r/1239401

Maintenance_bot removed a project: Patch-For-Review.Fri, Feb 13, 10:31 PM
gerritbot added a comment.Fri, Feb 13, 10:41 PM

Change #1239434 had a related patch set uploaded (by BCornwall; author: BCornwall):

[operations/puppet@production] varnish:common: Re-add buster version for Python

https://gerrit.wikimedia.org/r/1239434

gerritbot added a project: Patch-For-Review.Fri, Feb 13, 10:41 PM
gerritbot added a comment.Fri, Feb 13, 10:48 PM

Change #1239434 merged by BCornwall:

[operations/puppet@production] varnish:common: Re-add buster version for Python

https://gerrit.wikimedia.org/r/1239434

Stashbot added a comment.Fri, Feb 13, 11:01 PM

Mentioned in SAL (#wikimedia-operations) [2026-02-13T23:01:44Z] <brett> Import varnishkafka 1.2.0~deb13+wmf1 into trixie-wikimedia (T401832)

BCornwall updated the task description. (Show Details)Fri, Feb 13, 11:03 PM
Stashbot added a comment.Fri, Feb 13, 11:25 PM

Mentioned in SAL (#wikimedia-operations) [2026-02-13T23:25:36Z] <brett> Import prometheus-varnishkafka-exporter 0.1~deb13u1 into trixie-wikimedia (T401832)

Maintenance_bot removed a project: Patch-For-Review.Fri, Feb 13, 11:31 PM
gerritbot added a comment.Sat, Feb 14, 2:45 AM

Change #1239460 had a related patch set uploaded (by BCornwall; author: BCornwall):

[operations/debs/python-logstash@master] Version 0.4.6~deb13u1

https://gerrit.wikimedia.org/r/1239460

gerritbot added a project: Patch-For-Review.Sat, Feb 14, 2:45 AM
BCornwall updated the task description. (Show Details)Sat, Feb 14, 3:07 AM
BCornwall updated the task description. (Show Details)Sat, Feb 14, 3:33 AM

@Fabfur I uploaded a new trixie-wikimedia branch on lua-maxminddb's repo - sadly, I can't seem to create an MR into a non-existent branch so I just created the branch. Could you check it and approve the commit/packaging? :)

Stashbot added a comment.Sat, Feb 14, 3:37 AM

Mentioned in SAL (#wikimedia-operations) [2026-02-14T03:37:30Z] <brett> Import lua5.4-maxminddb 0.1.1~deb13u1 into trixie-wikimedia (T401832)

BCornwall updated the task description. (Show Details)Sat, Feb 14, 3:40 AM
gerritbot added a comment.Sat, Feb 14, 5:08 AM

Change #1239463 had a related patch set uploaded (by BCornwall; author: BCornwall):

[operations/puppet@production] cache::haproxy: Only use lua5.3 mmdb on

https://gerrit.wikimedia.org/r/1239463

Vgutierrez added a subtask: T417291: Upgrade the CDN to HAProxy 3.0.Mon, Feb 16, 9:21 AM
gerritbot added a comment.Mon, Feb 16, 9:23 AM

Change #1239602 had a related patch set uploaded (by Vgutierrez; author: Vgutierrez):

[operations/puppet@production] cache::wmfuniq: Use same filesystem for tempfile to avoid cross-filesystem errors

https://gerrit.wikimedia.org/r/1239602

gerritbot added a comment.Mon, Feb 16, 9:56 AM

Change #1239602 merged by Vgutierrez:

[operations/puppet@production] cache::wmfuniq: Fix cross-filesystem tempfile error on Trixie

https://gerrit.wikimedia.org/r/1239602

gerritbot added a comment.Mon, Feb 16, 10:34 AM

Change #1239631 had a related patch set uploaded (by Vgutierrez; author: Vgutierrez):

[operations/puppet@production] cache::dp_key: Fix cross-filesystems tempfile error on Trixie

https://gerrit.wikimedia.org/r/1239631

gerritbot added a comment.Mon, Feb 16, 11:02 AM

Change #1239631 merged by Vgutierrez:

[operations/puppet@production] cache::dp_key: Fix cross-filesystems tempfile error on Trixie

https://gerrit.wikimedia.org/r/1239631

Vgutierrez updated the task description. (Show Details)Mon, Feb 16, 3:19 PM
gerritbot added a comment.Mon, Feb 16, 3:45 PM

Change #1239463 abandoned by BCornwall:

[operations/puppet@production] cache::haproxy: Only use lua5.3 mmdb on haproxy28

Reason:

Idee228cf20c011040052d9e4e6e1349de94893f9

https://gerrit.wikimedia.org/r/1239463

Stashbot added a comment.Tue, Feb 17, 2:07 PM

Mentioned in SAL (#wikimedia-operations) [2026-02-17T14:07:03Z] <vgutierrez> upload golang-github-florianl-go-tc_0.4.7 to trixie-wikimedia (apt.wm.o) - T401832

Stashbot added a comment.Tue, Feb 17, 2:58 PM

Mentioned in SAL (#wikimedia-operations) [2026-02-17T14:58:25Z] <vgutierrez> upload golang-github-mmatczuk-anyflag-dev 0.0~git20240709.eb9e24c-1 to trixie-wikimedia (apt.wm.o) - T401832

gerritbot added a comment.Tue, Feb 17, 3:07 PM

Change #1239963 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Also install the pbuilder hooks for trixie

https://gerrit.wikimedia.org/r/1239963

gerritbot added a comment.Tue, Feb 17, 3:11 PM

Change #1239963 merged by Muehlenhoff:

[operations/puppet@production] Also install the pbuilder hooks for trixie

https://gerrit.wikimedia.org/r/1239963

gerritbot added a comment.Tue, Feb 17, 5:53 PM

Change #1239460 abandoned by BCornwall:

[operations/debs/python-logstash@master] Version 0.4.6~deb13u1

Reason:

Moved to gitlab: https://gitlab.wikimedia.org/repos/sre/python-logstash

https://gerrit.wikimedia.org/r/1239460

Stashbot added a comment.Tue, Feb 17, 5:57 PM

Mentioned in SAL (#wikimedia-operations) [2026-02-17T17:57:00Z] <brett> Import python-logstash (python3-logstash) 0.4.6~deb13u1 to trixie-wikimedia (T401832)

BCornwall updated the task description. (Show Details)Tue, Feb 17, 5:57 PM
BCornwall updated the task description. (Show Details)Tue, Feb 17, 6:03 PM
Maintenance_bot removed a project: Patch-For-Review.Tue, Feb 17, 6:30 PM
CDobbins updated the task description. (Show Details)Tue, Feb 17, 7:37 PM
gerritbot added a comment.Tue, Feb 17, 9:43 PM

Change #1240064 had a related patch set uploaded (by BCornwall; author: BCornwall):

[operations/puppet@production] hieradata: Set HAProxy version to 3 for cp204[34]

https://gerrit.wikimedia.org/r/1240064

gerritbot added a project: Patch-For-Review.Tue, Feb 17, 9:43 PM
gerritbot added a comment.Tue, Feb 17, 9:51 PM

Change #1240064 merged by BCornwall:

[operations/puppet@production] hieradata: Set HAProxy version to 3 for cp204[34]

https://gerrit.wikimedia.org/r/1240064

BCornwall updated the task description. (Show Details)Tue, Feb 17, 10:01 PM
Maintenance_bot removed a project: Patch-For-Review.Tue, Feb 17, 10:31 PM
Stashbot added a comment.Wed, Feb 18, 11:57 AM

Mentioned in SAL (#wikimedia-operations) [2026-02-18T11:57:48Z] <vgutierrez> upload golang-github-intel-go-cpuid 0.0~git20210602.5747e5c-2+deb13u1 to trixie-wikimedia (apt.wm.o) - T401832

Stashbot added a comment.Wed, Feb 18, 2:39 PM

Mentioned in SAL (#wikimedia-operations) [2026-02-18T14:39:19Z] <vgutierrez> upload golang-github-u-root-u-root 0.12.0-1 to trixie-wikimedia (apt.wm.o) - T401832

Stashbot added a comment.Wed, Feb 18, 2:48 PM

Mentioned in SAL (#wikimedia-operations) [2026-02-18T14:48:10Z] <vgutierrez> upload golang-gitlab-wikimedia-sre-qemutest-dev 0.1.0+deb13u1 to trixie-wikimedia (apt.wm.o) - T401832

Stashbot added a comment.Wed, Feb 18, 2:54 PM

Mentioned in SAL (#wikimedia-operations) [2026-02-18T14:54:12Z] <vgutierrez> uplodaded tcp-mss-clamper 0.6+deb13u1 to trixie-wikimedia (apt-wm.o) - T401832

Vgutierrez updated the task description. (Show Details)Wed, Feb 18, 2:54 PM
Stashbot added a comment.Wed, Feb 18, 7:05 PM

Mentioned in SAL (#wikimedia-operations) [2026-02-18T19:05:51Z] <brett> import haproxykafka 0.3.16+deb13u1 into trixie-wikimedia (T401832)

BCornwall updated the task description. (Show Details)Wed, Feb 18, 7:49 PM
BCornwall added a subtask: T418161: Reimage cp20[43-58] to Trixie.Mon, Feb 23, 5:49 PM
BCornwall changed the status of subtask T418161: Reimage cp20[43-58] to Trixie from Open to In Progress.
gerritbot added a comment.Tue, Feb 24, 5:36 PM

Change #1243184 had a related patch set uploaded (by BCornwall; author: BCornwall):

[operations/puppet@production] ats: Set secondary nvme drives for new codfw hosts

https://gerrit.wikimedia.org/r/1243184

gerritbot added a project: Patch-For-Review.Tue, Feb 24, 5:36 PM
gerritbot added a comment.Tue, Feb 24, 6:48 PM

Change #1243195 had a related patch set uploaded (by BCornwall; author: BCornwall):

[operations/puppet@production] varnishkafka: Only enable prom exporter for text

https://gerrit.wikimedia.org/r/1243195

Stashbot added a comment.Tue, Feb 24, 10:37 PM

Mentioned in SAL (#wikimedia-operations) [2026-02-24T22:37:20Z] <brett> import ncmonitor 3.1.0~deb13u1 into trixie-wikimedia (T401832)

ops-monitoring-bot added a comment.Tue, Feb 24, 10:40 PM

Cookbook cookbooks.sre.hosts.reimage was started by brett@cumin2002 for host ncmonitor1001.eqiad.wmnet with OS trixie

BCornwall updated the task description. (Show Details)Tue, Feb 24, 11:10 PM
ops-monitoring-bot added a comment.Tue, Feb 24, 11:29 PM

Cookbook cookbooks.sre.hosts.reimage started by brett@cumin2002 for host ncmonitor1001.eqiad.wmnet with OS trixie completed:

  • ncmonitor1001 (PASS)
    • Downtimed on Icinga/Alertmanager
    • Disabled Puppet
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced PXE for next reboot
    • Host rebooted via gnt-instance
    • Host up (Debian installer)
    • Set boot media to disk
    • Host up (new fresh trixie OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • Removed previous downtime on Alertmanager (old OS)
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202602242259_brett_2931472_ncmonitor1001.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
BCornwall updated the task description. (Show Details)Tue, Feb 24, 11:50 PM
gerritbot added a comment.Wed, Feb 25, 4:12 PM

Change #1243184 merged by BCornwall:

[operations/puppet@production] ats: Set secondary nvme drives for new codfw hosts

https://gerrit.wikimedia.org/r/1243184

ops-monitoring-bot added a comment.Wed, Feb 25, 8:24 PM

Cookbook cookbooks.sre.hosts.reimage was started by cdobbins@cumin2002 for host cp2043.codfw.wmnet with OS trixie

ops-monitoring-bot added a comment.Wed, Feb 25, 9:09 PM

Cookbook cookbooks.sre.hosts.reimage started by cdobbins@cumin2002 for host cp2043.codfw.wmnet with OS trixie completed:

  • cp2043 (PASS)
    • Downtimed on Icinga/Alertmanager
    • Set pooled=inactive for the following services on confctl:

{"cp2043.codfw.wmnet": {"weight": 0, "pooled": "inactive"}, "tags": "dc=codfw,cluster=cache_text,service=cdn"}
{"cp2043.codfw.wmnet": {"weight": 0, "pooled": "inactive"}, "tags": "dc=codfw,cluster=cache_text,service=ats-be"}

  • Disabled Puppet
  • Removed from Puppet and PuppetDB if present and deleted any certificates
  • Removed from Debmonitor if present
  • Forced UEFI HTTP Boot for next reboot
  • Host rebooted via Redfish
  • Host up (Debian installer)
  • Host up (new fresh trixie OS)
  • Generated Puppet certificate
  • Signed new Puppet certificate
  • Run Puppet in NOOP mode to populate exported resources in PuppetDB
  • Found Nagios_host resource for this host in PuppetDB
  • Downtimed the new host on Icinga/Alertmanager
  • Removed previous downtime on Alertmanager (old OS)
  • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202602252048_cdobbins_3572558_cp2043.out
  • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
  • Rebooted
  • Automatic Puppet run was successful
  • Forced a re-check of all Icinga services for the host
  • Icinga status is optimal
  • Icinga downtime removed
  • No changes in confctl are needed to restore the previous state.
  • Updated Netbox data from PuppetDB
ops-monitoring-bot added a comment.Wed, Feb 25, 9:11 PM

Cookbook cookbooks.sre.hosts.reimage was started by cdobbins@cumin2002 for host cp2044.codfw.wmnet with OS trixie

ops-monitoring-bot added a comment.Wed, Feb 25, 9:57 PM

Cookbook cookbooks.sre.hosts.reimage started by cdobbins@cumin2002 for host cp2044.codfw.wmnet with OS trixie completed:

  • cp2044 (WARN)
    • Downtimed on Icinga/Alertmanager
    • Set pooled=inactive for the following services on confctl:

{"cp2044.codfw.wmnet": {"weight": 0, "pooled": "no"}, "tags": "dc=codfw,cluster=cache_upload,service=ats-be"}
{"cp2044.codfw.wmnet": {"weight": 0, "pooled": "no"}, "tags": "dc=codfw,cluster=cache_upload,service=cdn"}

  • Disabled Puppet
  • Removed from Puppet and PuppetDB if present and deleted any certificates
  • Removed from Debmonitor if present
  • Forced UEFI HTTP Boot for next reboot
  • Host rebooted via Redfish
  • Host up (Debian installer)
  • Host up (new fresh trixie OS)
  • Generated Puppet certificate
  • Signed new Puppet certificate
  • Run Puppet in NOOP mode to populate exported resources in PuppetDB
  • Found Nagios_host resource for this host in PuppetDB
  • Downtimed the new host on Icinga/Alertmanager
  • Removed previous downtime on Alertmanager (old OS)
  • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202602252135_cdobbins_3606681_cp2044.out
  • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
  • Rebooted
  • Automatic Puppet run was successful
  • Forced a re-check of all Icinga services for the host
  • Icinga status is optimal
  • Icinga downtime removed
  • Some services have a zero weight, you have to set a weight with:

sudo confctl select '{tags_line}' set/weight=NN
sudo confctl select '{tags_line}' set/weight=NN

  • Services in confctl are not automatically pooled, to restore the previous state you have to run the following commands:

sudo confctl select 'name=cp2044\.codfw\.wmnet,dc=codfw,cluster=cache_upload,service=ats\-be' set/pooled=no
sudo confctl select 'name=cp2044\.codfw\.wmnet,dc=codfw,cluster=cache_upload,service=cdn' set/pooled=no

  • Updated Netbox data from PuppetDB
gerritbot added a comment.Thu, Feb 26, 5:36 PM

Change #1243195 merged by BCornwall:

[operations/puppet@production] varnishkafka: Only enable for text

https://gerrit.wikimedia.org/r/1243195

Maintenance_bot removed a project: Patch-For-Review.Thu, Feb 26, 6:31 PM
ops-monitoring-bot added a comment.Thu, Feb 26, 8:39 PM

Cookbook cookbooks.sre.hosts.reimage was started by cdobbins@cumin2002 for host cp2047.codfw.wmnet with OS trixie

ops-monitoring-bot added a comment.Thu, Feb 26, 10:06 PM

Cookbook cookbooks.sre.hosts.reimage started by cdobbins@cumin2002 for host cp2047.codfw.wmnet with OS trixie completed:

  • cp2047 (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced UEFI HTTP Boot for next reboot
    • Host rebooted via Redfish
    • Host up (Debian installer)
    • Host up (new fresh trixie OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202602262102_cdobbins_127988_cp2047.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
ops-monitoring-bot added a comment.Fri, Feb 27, 8:55 PM

Cookbook cookbooks.sre.hosts.reimage was started by cdobbins@cumin2002 for host cp2057.codfw.wmnet with OS trixie

ops-monitoring-bot added a comment.Fri, Feb 27, 8:57 PM

Cookbook cookbooks.sre.hosts.reimage was started by cdobbins@cumin2002 for host cp2058.codfw.wmnet with OS trixie

ops-monitoring-bot added a comment.Fri, Feb 27, 9:36 PM

Cookbook cookbooks.sre.hosts.reimage started by cdobbins@cumin2002 for host cp2057.codfw.wmnet with OS trixie completed:

  • cp2057 (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced UEFI HTTP Boot for next reboot
    • Host rebooted via Redfish
    • Host up (Debian installer)
    • Host up (new fresh trixie OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202602272114_cdobbins_866779_cp2057.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
ops-monitoring-bot added a comment.Fri, Feb 27, 9:38 PM

Cookbook cookbooks.sre.hosts.reimage started by cdobbins@cumin2002 for host cp2058.codfw.wmnet with OS trixie completed:

  • cp2058 (PASS)
    • Removed from Puppet and PuppetDB if present and deleted any certificates
    • Removed from Debmonitor if present
    • Forced UEFI HTTP Boot for next reboot
    • Host rebooted via Redfish
    • Host up (Debian installer)
    • Host up (new fresh trixie OS)
    • Generated Puppet certificate
    • Signed new Puppet certificate
    • Run Puppet in NOOP mode to populate exported resources in PuppetDB
    • Found Nagios_host resource for this host in PuppetDB
    • Downtimed the new host on Icinga/Alertmanager
    • First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202602272117_cdobbins_870415_cp2058.out
    • configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
    • Rebooted
    • Automatic Puppet run was successful
    • Forced a re-check of all Icinga services for the host
    • Icinga status is optimal
    • Icinga downtime removed
    • Updated Netbox data from PuppetDB
CDobbins closed subtask T418161: Reimage cp20[43-58] to Trixie as Resolved.Fri, Feb 27, 10:26 PM
BCornwall updated the task description. (Show Details)Wed, Mar 4, 7:07 PM
Vgutierrez closed subtask T417253: Upgrade to HAProxy 3.0 on cache (bullseye) hosts as Resolved.Fri, Mar 6, 4:36 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits