Page MenuHomePhabricator

Grant yurik access to sca1001 cluster for graphoid debugging/restarts
Closed, ResolvedPublic


Obviously yurik, being the service owner of graphoid needs to be able:

  • to issue restarts to the service
  • assume the uid of the service itself for debugging
  • read the log file of the service locally should be need arise. (logstash should be preferred though) added the necessary rights but they have not been yet assigned to the SCA cluster. For this to happen needs to be merged. This is sudo access so deferring to the ops meeting on Monday.

Event Timeline

akosiaris created this task.May 6 2015, 5:18 PM
akosiaris raised the priority of this task from to Normal.
akosiaris updated the task description. (Show Details)
akosiaris added a project: SRE-Access-Requests.
akosiaris added a subscriber: akosiaris.
Restricted Application added a project: acl*sre-team. · View Herald TranscriptMay 6 2015, 5:18 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript

Change 208998 had a related patch set uploaded (by Alexandros Kosiaris):
Assign graphoid-admin to the SCA cluster

No meeting on Monday so it waits another week. Can we get manager sign-off in the meantime? That would have been tfinc but leave etc so... @Manybubbles ? (Whom I will add momentarily)

Yurik set Security to None.
Yurik added a subscriber: Westonnh.

I agree Yurik should have this access.

I approve as manager

request granted in may 18 ops meeting

Change 208998 merged by Alexandros Kosiaris:
Assign graphoid-admin to the SCA cluster

akosiaris closed this task as Resolved.May 18 2015, 6:53 PM
akosiaris claimed this task.
akosiaris added a subscriber: Yurik.

Resolving. user has been created and granted privileges as on patch. @Yurik, the sca cluster has a firewall and is accessible via bastion hosts. Don't forget to proxy via bast1001 or similar and remember you won't be able to connect via SSH from other hosts.