Page MenuHomePhabricator
Create Task
Maniphest T86718

Upgrade eqiad-misc varnish cluster from 2 to 4 systems.
Closed, ResolvedPublic
Actions

Description

Mark,

I'm working on replacing some of our older SHA1 certificates with SHA256, and in poking at misc-web, we really do have a lot of services on it these days in wikimedia.org: annual, dev, doc, git, gdash, graphite, grafana, parsoid-tests, performance, integration, phabricator, people, releases, bugs, bugzilla, bug-attachment, contacts, datasets, iegreview, ishmael, legalpad, logstash, metrics, noc, old-bugzilla, planet. (Pulled via grepping dns; as the misc-web config has items that its not currently serving.)

Right now we have two cp servers assigned to this role, and they have next business day parts delivery. I imagine this is possibly being overly paranoid, but I wanted to ask if we should perhaps increase this pool by one in eqiad, for a total of three systems. I fear a mainboard/controller break may leave us with a single cp server, which could be a disaster waiting to happen over a long weekend. Since we tend to scale most other clustered services across more than two systems (not always, but usually), is it time to do that here as well?

Please advise,

Details

SubjectRepoBranchLines +/-
add conftool/hiera data for new eqiad misc boxesoperations/puppetproduction+12 -0
old eqiad bits hosts -> cache::misc roleoperations/puppetproduction+1 -2
decom more bits-cluster stuff (hieradata)operations/puppetproduction+0 -50
Customize query in gerrit

Related Objects
Search...

Event Timeline

RobH created this task.Jan 13 2015, 11:17 PM
RobH assigned this task to mark.
RobH raised the priority of this task from to Needs Triage.
RobH updated the task description. (Show Details)
RobH added a project: ops-core.
RobH changed the edit policy from "All Users" to "WMF-NDA (Project)".
RobH subscribed.
mark added a comment.Mar 11 2015, 10:15 AM

@RobH: So those cp servers are the old Squids that we had many of. How many unused ones of those do we still have left?

BBlack subscribed.Mar 11 2015, 2:30 PM

If we add 1-2 boxes to this (4 is our usual minimum for a prod cache cluster, e.g. 2 per row/rack if possible), I'll need to merge it into the current ongoing work on netboot/disk-setup/etc and we'll want to install them as Jessie initially.

fgiunchedi triaged this task as High priority.Apr 1 2015, 11:27 AM
fgiunchedi subscribed.
faidon removed mark as the assignee of this task.Apr 24 2015, 12:29 PM
faidon added a project: Traffic.
faidon set Security to None.
BBlack added a comment.Apr 24 2015, 1:17 PM

The plan being bandied about at this point is to block this on the dissolution of bits-cluster ( T95448 ), and reuse the 4x bits machines at eqiad, ulsfo, and esams as a global misc-web clusters (ups us from 2->4 boxes at eqiad, adds termination/cache benefits at remote sites too).

BBlack added a subtask: T95448: Move bits traffic to text/mobile clusters.Apr 24 2015, 3:16 PM
BBlack moved this task from Backlog to Blocked on Internal on the Traffic board.
BBlack lowered the priority of this task from High to Medium.Apr 24 2015, 3:52 PM
BBlack moved this task from Blocked on Internal to Backlog on the Traffic board.
BBlack added a subtask: T81543: Enable IPSec between datacenters.Apr 27 2015, 8:05 PM

Blocking this on ipsec, so we don't reduce the security of any critical HTTPS sessions behind misc-web by moving them out to remote TLS termination and then backhauling to eqiad insecurely.

JohnLewis subscribed.May 16 2015, 8:22 PM
BBlack renamed this task from increase misc-web-lb cp pool from 2 to 3 systems? to Upgrade eqiad-misc varnish cluster from 2 to 4 systems..Jun 4 2015, 12:01 AM
BBlack removed a subtask: T81543: Enable IPSec between datacenters.

Splitting this up. This task is about the expansion of the eqiad-only cluster (by replacing it with the former bits machines when they're available). Setting it up at other DCs will be separate.

BBlack added a parent task: T101339: Expand misc cluster into cache PoPs.Jun 4 2015, 12:05 AM
BBlack closed subtask T95448: Move bits traffic to text/mobile clusters as Resolved.Aug 6 2015, 8:03 PM
Restricted Application added a subscriber: Matanya. · View Herald TranscriptAug 6 2015, 8:03 PM
gerritbot subscribed.Aug 6 2015, 8:07 PM

Change 229943 had a related patch set uploaded (by BBlack):
decom more bits-cluster stuff (hieradata)

https://gerrit.wikimedia.org/r/229943

gerritbot added a project: Patch-For-Review.Aug 6 2015, 8:07 PM

Change 229943 merged by BBlack:
decom more bits-cluster stuff (hieradata)

https://gerrit.wikimedia.org/r/229943

BBlack mentioned this in rOPUP9f7a930ad267: decom more bits-cluster stuff (hieradata).Aug 6 2015, 8:09 PM
gerritbot added a comment.Aug 6 2015, 8:16 PM

Change 229944 had a related patch set uploaded (by BBlack):
old eqiad bits hosts -> cache::misc role

https://gerrit.wikimedia.org/r/229944

gerritbot added a comment.Aug 6 2015, 8:21 PM

Change 229944 merged by BBlack:
old eqiad bits hosts -> cache::misc role

https://gerrit.wikimedia.org/r/229944

BBlack mentioned this in rOPUP2f8510dfb359: old eqiad bits hosts -> cache::misc role.Aug 6 2015, 8:22 PM
gerritbot added a comment.Aug 7 2015, 2:16 AM

Change 230033 had a related patch set uploaded (by BBlack):
add conftool/hiera data for new eqiad misc boxes

https://gerrit.wikimedia.org/r/230033

gerritbot added a comment.Aug 7 2015, 2:16 AM

Change 230033 merged by BBlack:
add conftool/hiera data for new eqiad misc boxes

https://gerrit.wikimedia.org/r/230033

BBlack mentioned this in rOPUP515c4ba075f4: add conftool/hiera data for new eqiad misc boxes.Aug 7 2015, 2:17 AM
BBlack added a comment.Aug 7 2015, 2:26 AM

The 4x previous eqiad-bits machines (cp1056, cp1057, cp1069, cp1070) are functioning in the eqiad misc cluster now, alongside the old. Will give them a little for validation/sanity/cache-fill (what little they truly cache...), then decom the two older ones (cp1043, cp1044).

BBlack closed this task as Resolved.Aug 7 2015, 4:38 AM
BBlack claimed this task.

Old hosts removed. eqiad now has 4 hosts (previous bits cluster hosts).

BBlack moved this task from Backlog to Done on the Traffic board.Aug 7 2015, 4:41 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL