Page MenuHomePhabricator
Create Task
Maniphest T95185

PoC bare-metal server allocation in labs -- bootstrap mode
Closed, ResolvedPublic
Actions

Description

We know we want to do Ironic but it is a probable longer term goal. For now we are pursuing limited but reusable integration of hardware into labs for end users.

Someday we should adopt the openstack 'Ironic' project to support allocation of bare-metal servers for internal projects. I know that analytics would love to have this option, and there are plenty of other test scenarios where this would save a lot of time dickering over hardware allocation and permissions.

Details

SubjectRepoBranchLines +/-
Allow hiera to override $::labsprojectoperations/puppetproduction+15 -8
Allow access to the labs puppetmaster from labs metal hosts.operations/puppetproduction+2 -1
Customize query in gerrit

Related Objects
Search...

Event Timeline

Andrew created this task.Apr 6 2015, 4:52 PM
Andrew raised the priority of this task from to Needs Triage.
Andrew updated the task description. (Show Details)
Andrew added a project: Cloud-Services.
Andrew subscribed.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 6 2015, 4:52 PM
yuvipanda updated the task description. (Show Details)Jun 16 2015, 5:57 PM
yuvipanda set Security to None.
yuvipanda subscribed.Jun 16 2015, 6:06 PM

An alternative to this would be to provide hardware that's:

  1. In the labs subnet
  2. Runs off the labs puppetmaster
  3. Uses LDAP for credential management
  4. Uses LDAP (or the ENC) for puppet (This allows making them self hosted puppetmasters)

^ Would probably be far simpler to get off the ground than Ironic, but will have to be weighted against the fact that it's somewhat duct-tapey hand-rolled solution.

Problems to be solved:

  1. How will this fit into 'projects' + related networking?
  2. How will allocation work? Do we have a pool that rotates? Or is it the same process that we have right now for requesting new hardware?
  3. How will access control work?
  4. More I'm not thinking of, for sure!

Some big projects (video and mwoffliner, at least) on labs are using NFS simply because they need to deal with datasets a bit too large to fit onto instance storage. provisioning simple machines might be a good alternative here.

yuvipanda added subscribers: faidon, mark, coren.Jun 16 2015, 6:06 PM
scfc subscribed.Jun 16 2015, 6:22 PM

If the problem is instance storage, AFAIUI the current sizes are arbitrary and in addition, extra storage volumes can be added manually to individual instances (and existing ones resized?; cf. http://docs.openstack.org/openstack-ops/content/user_facing_block_storage.html).

So IMHO that path should be explored first unless the virtualization swallows so much performance that there is a user-visible significant difference.

However, for projects using Labs as a beta test before moving to production, a bare metal sandbox would certainly be interesting.

yuvipanda mentioned this in T106563: install / setup tungsten for temp use - wikimania 2015 video transcoding.Jul 22 2015, 6:30 PM
yuvipanda mentioned this in T106731: eqiad: 1 hardware access request for labs on real hardware.Jul 23 2015, 6:49 PM
yuvipanda added a subtask: T106731: eqiad: 1 hardware access request for labs on real hardware.Jul 23 2015, 6:57 PM
yuvipanda added a comment.Jul 23 2015, 7:00 PM

I'm going to test this with real hardware, and we can come up with an allocation process for it later.

Things to do to make it know it is labs:

  1. Set 'realm' to labs
  2. Set hostname to something.eqiad.wmflabs
  3. Set instanceproject to something meaningful

Then puppet should do the rest.

yuvipanda changed the status of subtask T106731: eqiad: 1 hardware access request for labs on real hardware from Open to Stalled.Jul 30 2015, 10:07 PM
Dzahn subscribed.Aug 12 2015, 2:33 PM

the original request says: " would save a lot of time dickering over hardware allocation"

one of the follow-ups is immediately 'How will allocation work? Do we have a pool that rotates?"

that may be interpreted as a contradiction a bit

yuvipanda mentioned this in T106867: [Epic] Deploy Revscoring/ORES service in Prod.Aug 24 2015, 7:47 PM
Ricordisamoa subscribed.Aug 24 2015, 8:04 PM
GWicke subscribed.Aug 24 2015, 8:58 PM

Another question relevant to services like Revscoring (T106867) is access from production to these semi-production services. Currently, the labs network is not accessible from production, and we might not want to open up all of labs. A separate vlan for semi-production services could potentially provide better isolation.

Krenair subscribed.Aug 24 2015, 11:17 PM
DarTar added subscribers: DarTar, Halfak.Aug 25 2015, 4:10 AM
chasemp triaged this task as Medium priority.Oct 26 2015, 5:14 PM
mark added a project: Labs-Team-Backlog.Oct 26 2015, 5:28 PM
yuvipanda added a comment.Oct 26 2015, 5:33 PM

mwoffliner as it currently is is a good test case, I think. I've poked Kelson on IRC and will update.

chasemp renamed this task from Support bare-metal server allocation in labs to Support bare-metal server allocation in labs -- bootstrap mode.Oct 26 2015, 7:34 PM
chasemp removed subtasks: T110556: Ironic on Labs, T106731: eqiad: 1 hardware access request for labs on real hardware.
chasemp updated the task description. (Show Details)
chasemp subscribed.Oct 29 2015, 7:25 PM

use case https://phabricator.wikimedia.org/T117081

chasemp added a subtask: T117081: Investigate moving mwoffliner onto a labs-on-real-hardware machine.Oct 29 2015, 7:34 PM
Andrew changed the status of subtask T117081: Investigate moving mwoffliner onto a labs-on-real-hardware machine from Open to Stalled.Nov 13 2015, 6:23 PM
chasemp removed a subtask: T117081: Investigate moving mwoffliner onto a labs-on-real-hardware machine.Nov 24 2015, 10:08 PM
chasemp renamed this task from Support bare-metal server allocation in labs -- bootstrap mode to PoC bare-metal server allocation in labs -- bootstrap mode.Dec 3 2015, 7:38 PM
chasemp updated the task description. (Show Details)
chasemp removed a project: Labs-Team-Backlog.
chasemp added a subtask: T120262: setup promethium in eqiad in support of T95185.
chasemp closed subtask T118588: Get Ops bare metal test server as Resolved.
gerritbot subscribed.Dec 8 2015, 7:03 PM

Change 257663 had a related patch set uploaded (by Cmjohnson):
Adding dhcp entry for promethium bug: task T95185

https://gerrit.wikimedia.org/r/257663

gerritbot added a project: Patch-For-Review.Dec 8 2015, 7:03 PM
gerritbot added a comment.Dec 8 2015, 7:11 PM

Change 257663 merged by Cmjohnson:
Adding dhcp entry for promethium bug: task T95185

https://gerrit.wikimedia.org/r/257663

gerritbot added a comment.Dec 9 2015, 1:13 AM

Change 257805 had a related patch set uploaded (by Andrew Bogott):
Allow access to the labs puppetmaster from labs metal hosts.

https://gerrit.wikimedia.org/r/257805

gerritbot added a comment.Dec 9 2015, 1:14 AM

Change 257805 merged by Andrew Bogott:
Allow access to the labs puppetmaster from labs metal hosts.

https://gerrit.wikimedia.org/r/257805

gerritbot added a comment.Dec 9 2015, 10:41 PM

Change 258051 had a related patch set uploaded (by Andrew Bogott):
Allow hiera to override $::labsproject

https://gerrit.wikimedia.org/r/258051

gerritbot added a comment.Dec 9 2015, 11:34 PM

Change 258051 merged by Andrew Bogott:
Allow hiera to override $::labsproject

https://gerrit.wikimedia.org/r/258051

Andrew closed this task as Resolved.Dec 22 2015, 9:12 PM
Andrew claimed this task.
Andrew closed subtask T120262: setup promethium in eqiad in support of T95185 as Resolved.

https://wikitech.wikimedia.org/wiki/Labs_Baremetal_Lifecycle

Andrew closed subtask T121237: Create labs baremetal subnet? as Declined.Dec 23 2015, 9:24 PM
Phabricator_maintenance removed a subscriber: yuvipanda.Jun 7 2017, 6:52 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits