Please note gitlab1001/gitlab1002 with private IPs have been deleted and instead gitlab1001.wikimedia.org with public IP has been created, based on T274459#6877185 ff. The same puppet role is applied to shell access moved with that.

@wkandek @thcipriani A new VM gitlab1001.wikimedia.org in the public network has been created while gitlab1001.eqiad.wmnet has been deleted. Still using the same puppet role name so shell access is moving automatically with it.

In T274459#6877185, @wkandek wrote:

Please recreate the 2 VMs in the VLAN that allows for direct external IP addresses.

After speaking to Brandon it is clear that we should treat gitlab the same way as gerrit and maintain independent from the caching layer as it might be needed to fix the caching layer.

This host is shut down (by the decom script) and gone from puppet repo.

Now this is either resolved (if we go unencrypted behind caching) or we can do the same thing for 443 but then we also need envoy and certs. It's possible but not sure if needed.

I merged and deployed 667733.

This is partially blocked on T276170 .

An issue here is that ATS normally speaks only https to backends. But this opens a bunch of questions that involve traffic.

Which of the 2 VMs should get the traffic for http/https? Assuming gitlab1001 is fine and gitlab1002 isn't a webserver.

In T275752#6869162, @Joe wrote:

My suggestion is we re-image one jobrunner to stretch and we check if that changes things dramatically. @Legoktm / @Dzahn can you take care of this?

https://www.wikidata.org/wiki/Q105723660

17:05 < mutante> !log new Wikimedia project language - tay - Atayal is spoken by the Atayal people of Taiwan

switching eqiad scheduled for Monday, March 1st:

Not very high prio now that I manually deleted old stuff, but still should be fixed for the future to not build up again.

there is a "scap-sync-master" command which can be run manually on new deployment servers, it takes care of /srv/mediawiki-staging and /srv/patches.

T274170 introduced new hardware mwmaint2002 and can be used now. timing :p

This came up in the context of creating new deployment servers on buster (deploy1002, deploy2002) and wanting to keep all the /srv/ data in sync before switching over.

The /usr/local/bin/scap-master-sync command syncs /srv/mediawiki-staging and /srv/patches _from_ another deployment server.

I removed that setting from the testreduce1001 envoy, just to make sure.

I am closing this as resolved simply because the group exists now and is applied on the VMs requested in T274459.

The group has been created. Depending how you want to define this ticket, it is resolved now.

gitlab1001.eqiad.wmnet has address 10.64.0.93
gitlab1001.eqiad.wmnet has IPv6 address 2620:0:861:101:10:64:0:93

VMs have been created, with 8 VCPUs, 12 GB RAM, 100 GB disk as requested. both in eqiad. gitlab1001,gitlab1002.

ok, great :) then it's more like the opposite.. should the disk have been wiped and otherwise done:)

ACK, the first VM has been created in eqiad and next is doing the OS install, in progress.

Since we heard they started yesterday already, the access process can be sped up by asking the new users to sign up on Wikitech and create user profiles. After that they can sign in on Phabricator using those to see this ticket, create SSH keys and paste them.

Ready to create Ganeti VM gitlab1001.eqiad.wmnet in the ganeti01.svc.eqiad.wmnet cluster on row A with 8 vCPUs, 12GB of RAM, 100GB of disk in the private network.

Just to make sure, this is a request for 2 VMs, but BOTH in eqiad, so a 1001,1002 situation, NOT a 1001,2001 setup, where one is in eqiad and one is in codfw., right? And you are accepting that there won't be anything in codfw to fail-over to?

This should be part of T268524 ideally.

I am a bit concerned now that your new ticket mentions transferring data. this is already removed from rack.

no 319 in https://wikistats.wmcloud.org/display.php?t=wp

I was about to ask why this was missing in "Newprojects".

no 183 in https://wikistats.wmcloud.org/display.php?t=wt

no 318 in https://wikistats.wmcloud.org/display.php?t=wp