Page MenuHomePhabricator

Krenair (Alex Monk)
Wikimedia volunteer

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Friday

  • Clear sailing ahead.

User Details

User Since
Oct 3 2014, 2:34 PM (254 w, 4 d)
Availability
Available
IRC Nick
Krenair
LDAP User
Alex Monk
MediaWiki User
Krenair [ Global Accounts ]

I am a Wikimedia volunteer helping in various technical ways. These days it's usually Beta Cluster, Cloud VPS, or Operations related. Since 2012 I've spent significant amounts of time involved in MediaWiki development, software deployments to the Wikimedia cluster, OTRS (email response to e.g. info-en@wikimedia.org addresses), and various other things.

Some of my old VisualEditor and other work (2014-2016) can be found under @AlexMonk-WMF instead.

I have opinions on things, which do not necessarily represent those of any organisation I am, have previously been, or will in the future be affiliated with.

Recent Activity

Sun, Aug 18

Krenair added a comment to T189982: Move all apihelp translatable messages to separate files.

I'd like some review before I run the script on the remaining extensions and upload the commits for those.

Sun, Aug 18, 1:51 PM · MW-1.34-notes (1.34.0-wmf.20; 2019-08-27), MW-1.33-notes (1.33.0-wmf.23; 2019-03-26), Patch-For-Review, MediaWiki-extensions-General, Google-Code-in-2018, translatewiki.net, good first bug, I18n
Krenair closed T230674: shinken: issue with shinkengen as Resolved.
Sun, Aug 18, 1:44 PM · Shinken, cloud-services-team (Kanban)
Krenair created T230687: Decide/document criteria needed to serve acme-chief LE issued unified certificate to end users.
Sun, Aug 18, 12:47 PM · Operations, Traffic, Acme-chief
Krenair reopened T207374: Check for expired/outdated certs in the main loop as "Open".

Oh actually maybe not - sighup_handler (and nothing else) runs _set_cert_status that will trigger the NEEDS_RENEWAL status for the main loop to pick up (SIGHUPs are regularly triggered in a puppetised cron job)

Sun, Aug 18, 12:36 PM · Patch-For-Review, Acme-chief
Krenair closed T207374: Check for expired/outdated certs in the main loop as Invalid.

I think Valentin did this last year

Sun, Aug 18, 12:33 PM · Patch-For-Review, Acme-chief
Krenair added a comment to T225945: acme-chief staging time not working as expected.

Is it working as expected now?

Sun, Aug 18, 12:02 PM · Operations, Traffic, Acme-chief
Krenair added a comment to T229096: Provide the three cert types (chain-only, cert only and chained) as soon as we get the certificate issued.

Can we close this now?

Sun, Aug 18, 12:02 PM · Acme-chief, Traffic, Operations
Krenair added a comment to T230674: shinken: issue with shinkengen.

puppet on shinken-02 runs with this ^

Sun, Aug 18, 10:49 AM · Shinken, cloud-services-team (Kanban)
Krenair claimed T230674: shinken: issue with shinkengen.
Sun, Aug 18, 10:45 AM · Shinken, cloud-services-team (Kanban)
Krenair added a comment to T230674: shinken: issue with shinkengen.

From /tmp/bad_start_for_arbiter:

[1566124726] Error :   [host::cloudinfra-internal-puppetmaster01] The contact group 'cloudinfra' defined on the host 'cloudinfra-internal-puppetmaster01' do not exist
[1566124726] Error :   [items] In cloudinfra-internal-puppetmaster01 is incorrect ; from /etc/shinken/generated/cloudinfra.cfg:1
[1566124726] Error :   [host::cloudinfra-db02] The contact group 'cloudinfra' defined on the host 'cloudinfra-db02' do not exist
[1566124726] Error :   [items] In cloudinfra-db02 is incorrect ; from /etc/shinken/generated/cloudinfra.cfg:9
[1566124726] Error :   [host::cloudinfra-db01] The contact group 'cloudinfra' defined on the host 'cloudinfra-db01' do not exist
[1566124726] Error :   [items] In cloudinfra-db01 is incorrect ; from /etc/shinken/generated/cloudinfra.cfg:17
[1566124726] Error :   [host::cloud-puppetmaster-02] The contact group 'cloudinfra' defined on the host 'cloud-puppetmaster-02' do not exist
[1566124726] Error :   [items] In cloud-puppetmaster-02 is incorrect ; from /etc/shinken/generated/cloudinfra.cfg:25
[1566124726] Error :   [host::cloud-puppetmaster-01] The contact group 'cloudinfra' defined on the host 'cloud-puppetmaster-01' do not exist
[1566124726] Error :   [items] In cloud-puppetmaster-01 is incorrect ; from /etc/shinken/generated/cloudinfra.cfg:33
[1566124726] Error :   [host::ntp-02] The contact group 'cloudinfra' defined on the host 'ntp-02' do not exist
[1566124726] Error :   [items] In ntp-02 is incorrect ; from /etc/shinken/generated/cloudinfra.cfg:41
[1566124726] Error :   [host::ntp-01] The contact group 'cloudinfra' defined on the host 'ntp-01' do not exist
[1566124726] Error :   [items] In ntp-01 is incorrect ; from /etc/shinken/generated/cloudinfra.cfg:49
[1566124726] Error :   [host::mx-out01] The contact group 'cloudinfra' defined on the host 'mx-out01' do not exist
[1566124726] Error :   [items] In mx-out01 is incorrect ; from /etc/shinken/generated/cloudinfra.cfg:57
[1566124726] Error :   [host::mx-out02] The contact group 'cloudinfra' defined on the host 'mx-out02' do not exist
[1566124726] Error :   [items] In mx-out02 is incorrect ; from /etc/shinken/generated/cloudinfra.cfg:65
[1566124726] Error :   	hosts conf incorrect!!
Sun, Aug 18, 10:41 AM · Shinken, cloud-services-team (Kanban)
Krenair added a comment to T230674: shinken: issue with shinkengen.

Not quite sure how it got deleted but I re-created /etc/shinken/generated/deployment-prep.cfg, chmod 644 and chown shinken. Now shinken is upset instead

Sun, Aug 18, 9:33 AM · Shinken, cloud-services-team (Kanban)

Sat, Aug 17

Krenair added a comment to T230657: Thanks extension is not shown on Minerva history page (AMC mode).

Desktop view:

Sat, Aug 17, 1:52 PM · Readers-Web-Backlog (Design), MinervaNeue, Growth Design, Thanks, Growth-Team, Advanced Mobile Contributions
Krenair created T230657: Thanks extension is not shown on Minerva history page (AMC mode).
Sat, Aug 17, 1:51 PM · Readers-Web-Backlog (Design), MinervaNeue, Growth Design, Thanks, Growth-Team, Advanced Mobile Contributions
Krenair created T230656: Minerva styles the wrong selector for rollback link.
Sat, Aug 17, 1:46 PM · MW-1.34-notes (1.34.0-wmf.20; 2019-08-27), MinervaNeue, Readers-Web-Backlog (Readers-Web-Kanbanana-2019-20-Q1), Confirmation prompt for rollback action, UI-Standardization, Advanced Mobile Contributions

Fri, Aug 16

Krenair closed T230611: Puppet error on deployment-logtash03 as Resolved.
Fri, Aug 16, 1:46 PM · Puppet, Beta-Cluster-Infrastructure
Krenair added a comment to T230611: Puppet error on deployment-logtash03.

Interesting, okay, so the file is /etc/systemd/system/logstash.service (init.pp left out the system/ part), and that doesn't seem to come from a package:
dpkg-query: no path found matching pattern /etc/systemd/system/logstash.service

Fri, Aug 16, 1:45 PM · Puppet, Beta-Cluster-Infrastructure
Krenair added a comment to T218729: Migrate away from Debian Jessie to Debian Stretch/Buster.

Problem with deployment-logstash03: T230611: Puppet error on deployment-logtash03

Fri, Aug 16, 1:21 PM · Beta-Cluster-Infrastructure
Krenair updated the task description for T230611: Puppet error on deployment-logtash03.
Fri, Aug 16, 1:18 PM · Puppet, Beta-Cluster-Infrastructure
Krenair created T230611: Puppet error on deployment-logtash03.
Fri, Aug 16, 1:17 PM · Puppet, Beta-Cluster-Infrastructure

Thu, Aug 15

Krenair updated the task description for T171188: Move the main WMCS puppetmaster into the Labs realm.
Thu, Aug 15, 1:16 PM · Patch-For-Review, cloud-services-team (Kanban), Cloud-Services, Puppet, Operations
Krenair updated the task description for T171188: Move the main WMCS puppetmaster into the Labs realm.
Thu, Aug 15, 11:01 AM · Patch-For-Review, cloud-services-team (Kanban), Cloud-Services, Puppet, Operations
Krenair updated the task description for T171188: Move the main WMCS puppetmaster into the Labs realm.
Thu, Aug 15, 10:40 AM · Patch-For-Review, cloud-services-team (Kanban), Cloud-Services, Puppet, Operations
Krenair updated the task description for T171188: Move the main WMCS puppetmaster into the Labs realm.
Thu, Aug 15, 10:36 AM · Patch-For-Review, cloud-services-team (Kanban), Cloud-Services, Puppet, Operations
Krenair updated the task description for T171188: Move the main WMCS puppetmaster into the Labs realm.
Thu, Aug 15, 10:27 AM · Patch-For-Review, cloud-services-team (Kanban), Cloud-Services, Puppet, Operations
Krenair updated the task description for T171188: Move the main WMCS puppetmaster into the Labs realm.
Thu, Aug 15, 10:27 AM · Patch-For-Review, cloud-services-team (Kanban), Cloud-Services, Puppet, Operations
Krenair updated the task description for T171188: Move the main WMCS puppetmaster into the Labs realm.
Thu, Aug 15, 9:56 AM · Patch-For-Review, cloud-services-team (Kanban), Cloud-Services, Puppet, Operations
Krenair added a comment to T227029: Prevent catalog breakage on cloud instances by decoupling core cloud puppetmaster from custom puppetmasters.

We need to be very careful about File purge => true resources appearing in the core catalog that can be highly destructive unless puppet takes into account stuff in the custom catalog. E.g. ferm, security::access, etc.

Thu, Aug 15, 9:41 AM · Puppet, cloud-services-team (Kanban)

Wed, Aug 14

Krenair created T230497: Strange rendering when inserting metawiki's Yes3 template.
Wed, Aug 14, 4:28 PM · VisualEditor
Krenair updated the task description for T189982: Move all apihelp translatable messages to separate files.
Wed, Aug 14, 1:48 PM · MW-1.34-notes (1.34.0-wmf.20; 2019-08-27), MW-1.33-notes (1.33.0-wmf.23; 2019-03-26), Patch-For-Review, MediaWiki-extensions-General, Google-Code-in-2018, translatewiki.net, good first bug, I18n
Krenair updated the task description for T189982: Move all apihelp translatable messages to separate files.
Wed, Aug 14, 1:40 PM · MW-1.34-notes (1.34.0-wmf.20; 2019-08-27), MW-1.33-notes (1.33.0-wmf.23; 2019-03-26), Patch-For-Review, MediaWiki-extensions-General, Google-Code-in-2018, translatewiki.net, good first bug, I18n
Krenair updated the task description for T189982: Move all apihelp translatable messages to separate files.
Wed, Aug 14, 1:22 PM · MW-1.34-notes (1.34.0-wmf.20; 2019-08-27), MW-1.33-notes (1.33.0-wmf.23; 2019-03-26), Patch-For-Review, MediaWiki-extensions-General, Google-Code-in-2018, translatewiki.net, good first bug, I18n
Krenair updated the task description for T189982: Move all apihelp translatable messages to separate files.
Wed, Aug 14, 1:14 PM · MW-1.34-notes (1.34.0-wmf.20; 2019-08-27), MW-1.33-notes (1.33.0-wmf.23; 2019-03-26), Patch-For-Review, MediaWiki-extensions-General, Google-Code-in-2018, translatewiki.net, good first bug, I18n
Krenair updated the task description for T189982: Move all apihelp translatable messages to separate files.
Wed, Aug 14, 12:26 PM · MW-1.34-notes (1.34.0-wmf.20; 2019-08-27), MW-1.33-notes (1.33.0-wmf.23; 2019-03-26), Patch-For-Review, MediaWiki-extensions-General, Google-Code-in-2018, translatewiki.net, good first bug, I18n

Sun, Aug 11

Krenair added a comment to T189982: Move all apihelp translatable messages to separate files.

Experimental code to produce TWN changes:

import json, ruamel.yaml, sys
extension = sys.argv[1]
Sun, Aug 11, 11:27 PM · MW-1.34-notes (1.34.0-wmf.20; 2019-08-27), MW-1.33-notes (1.33.0-wmf.23; 2019-03-26), Patch-For-Review, MediaWiki-extensions-General, Google-Code-in-2018, translatewiki.net, good first bug, I18n
Krenair added a comment to T189982: Move all apihelp translatable messages to separate files.

I made a script to automate the moving around of JSON stuff, suggest this is not run with a version of Python below 3.6 due to dictionary ordering:

import json, os
os.makedirs(os.path.join('i18n', 'api'), exist_ok=True)
with open('i18n/en.json') as englishMainFile:
    englishMainData = json.load(englishMainFile)
Sun, Aug 11, 4:35 PM · MW-1.34-notes (1.34.0-wmf.20; 2019-08-27), MW-1.33-notes (1.33.0-wmf.23; 2019-03-26), Patch-For-Review, MediaWiki-extensions-General, Google-Code-in-2018, translatewiki.net, good first bug, I18n
Krenair updated the task description for T189982: Move all apihelp translatable messages to separate files.
Sun, Aug 11, 3:29 PM · MW-1.34-notes (1.34.0-wmf.20; 2019-08-27), MW-1.33-notes (1.33.0-wmf.23; 2019-03-26), Patch-For-Review, MediaWiki-extensions-General, Google-Code-in-2018, translatewiki.net, good first bug, I18n
Krenair closed T219090: deployment-mediawiki-09 has puppet error due to libpcre3 package problems as Resolved.

looks like this was fixed at some point

Sun, Aug 11, 8:15 AM · Beta-Cluster-Infrastructure
Krenair closed T221277: Puppet errors on deployment-maps04 due to node.js package problems as Resolved.

looks like this got resolved at some point somehow

Sun, Aug 11, 8:13 AM · Beta-Cluster-Infrastructure

Sat, Aug 10

Krenair added a comment to T230245: Mediawiki maintenance job "generate-fancycaptcha" - fatal error when trying to copy new captchas to storage.

(@MarcoAurelio attempted to reproduce this on beta but ran into other problems - I've created a directory and a couple of files to try to get it working in beta, and have confirmed it now falls to this same error as seen in prod)

Sat, Aug 10, 5:43 PM · ConfirmEdit (CAPTCHA extension), MediaWiki-Maintenance-scripts

Thu, Aug 8

Krenair closed T230078: WikiEditor insert file dialog broken as Resolved.
Thu, Aug 8, 11:52 PM · MW-1.34-notes (1.34.0-wmf.17; 2019-08-06), Regression, WikiEditor
Krenair added a comment to T230124: AddThis gadgets are a violation of the privacy policy.

Are gadgets expected to fall under the standard Wikimedia privacy policy? I'm not seeing any specific privacy policy just for them, nor am I seeing any exceptional language for them within the standard privacy policy.

Thu, Aug 8, 10:50 PM · Wikimedia-General-or-Unknown, Privacy

Wed, Aug 7

Krenair updated subscribers of T230078: WikiEditor insert file dialog broken.
Wed, Aug 7, 11:04 PM · MW-1.34-notes (1.34.0-wmf.17; 2019-08-06), Regression, WikiEditor
Krenair updated subscribers of T230078: WikiEditor insert file dialog broken.
Wed, Aug 7, 10:56 PM · MW-1.34-notes (1.34.0-wmf.17; 2019-08-06), Regression, WikiEditor
Krenair created T230078: WikiEditor insert file dialog broken.
Wed, Aug 7, 10:54 PM · MW-1.34-notes (1.34.0-wmf.17; 2019-08-06), Regression, WikiEditor

Tue, Aug 6

Krenair added a comment to T229786: Create a service account to manage traffic.wmflabs.org. from acme-chief.

Anyone can create the desired Developer account via Wikitech or Striker and then add it as an administrator of the traffic project. There is nothing special about the account from the OpenStack point of view. We can not make a single account to handle this sort of activity across multiple Cloud VPS projects as the same credentials would be used in all projects.

Tue, Aug 6, 6:17 PM · cloud-services-team (Kanban), Horizon, Acme-chief

Mon, Aug 5

Krenair added a comment to T229783: Unable to create DNS zone traffic.wmflabs.org. in Horizon.

One thing to check is whether there is a proxy by that name. If there is
you should be careful trying to make a zone in its place

Mon, Aug 5, 8:39 AM · cloud-services-team (Kanban), Acme-chief, Horizon
Krenair added a comment to T229783: Unable to create DNS zone traffic.wmflabs.org. in Horizon.

It's expected that zones can't be created in this manner (there's a script
that ops can run to do it properly), but there shouldn't be an HTTP 500
anywhere in the process.

Mon, Aug 5, 8:38 AM · cloud-services-team (Kanban), Acme-chief, Horizon

Sat, Jul 27

Krenair committed rESRD62850fe42f01: Allow VisualEditor users to set if a page whether a Disambiguation (authored by Krenair).
Allow VisualEditor users to set if a page whether a Disambiguation
Sat, Jul 27, 11:15 PM
Krenair committed rESRDa1ee4e1f7575: Add DisambiguationPages to alias file too (authored by Raymond).
Add DisambiguationPages to alias file too
Sat, Jul 27, 11:14 PM
Krenair added a comment to T212881: addWiki.php broken creating ES tables.

Assigned to myself to track down ownership of the script

Sat, Jul 27, 10:30 PM · Patch-For-Review, Core Platform Team Workboards (Clinic Duty Team), Performance-Team (Radar), MediaWiki-extensions-WikimediaMaintenance

Wed, Jul 24

Krenair awarded T228247: +2 nomination for Daimona in mediawiki/* a Like token.
Wed, Jul 24, 7:30 PM · MediaWiki-Gerrit-Group-Requests

Tue, Jul 23

Krenair updated the task description for T224561: Migrate remaining cloudvirt hosts to Stretch/Mitaka.
Tue, Jul 23, 6:34 PM · cloud-services-team, Operations

Jul 9 2019

Krenair renamed T218729: Migrate away from Debian Jessie to Debian Stretch/Buster from Migrate away from Debian Jessie to Debian Stretch to Migrate away from Debian Jessie to Debian Stretch/Buster.
Jul 9 2019, 10:57 PM · Beta-Cluster-Infrastructure

Jul 7 2019

Krenair added a comment to T171188: Move the main WMCS puppetmaster into the Labs realm.

encapi works:

diff --git a/modules/openstack/manifests/puppet/master/encapi.pp b/modules/openstack/manifests/puppet/master/encapi.pp
index 509af5e7f8..261e0046e9 100644
--- a/modules/openstack/manifests/puppet/master/encapi.pp
+++ b/modules/openstack/manifests/puppet/master/encapi.pp
@@ -47,7 +47,8 @@ class openstack::puppet::master::encapi(
         ipresolve($designate_host, 4),
         ipresolve($designate_host, 6),
         ipresolve($designate_host_standby, 4),
-        ipresolve($designate_host_standby, 6)]),',')
+        ipresolve($designate_host_standby, 6),
+        '127.0.0.1']),',')
Jul 7 2019, 9:34 PM · Patch-For-Review, cloud-services-team (Kanban), Cloud-Services, Puppet, Operations

Jul 6 2019

Krenair added a parent task for T223840: Can/should *.wmflabs.org be added to the default-src Content Security Policy?: T227162: Selecting "Good Pictures" button in Commons categories does not do anything (due to HTTP 502 error on http://fastcci1.wmflabs.org).
Jul 6 2019, 8:57 PM · Cloud-Services, Privacy, Security, Wikimedia-Site-requests
Krenair added a subtask for T227162: Selecting "Good Pictures" button in Commons categories does not do anything (due to HTTP 502 error on http://fastcci1.wmflabs.org): T223840: Can/should *.wmflabs.org be added to the default-src Content Security Policy?.
Jul 6 2019, 8:57 PM · VPS-Projects, Commons
Krenair added a comment to T223840: Can/should *.wmflabs.org be added to the default-src Content Security Policy?.

[...] require projects with public ip to have all it's members in the NDA group? This kind of improvements should probably go into a new task.

Jul 6 2019, 8:37 PM · Cloud-Services, Privacy, Security, Wikimedia-Site-requests
Krenair added a comment to T223840: Can/should *.wmflabs.org be added to the default-src Content Security Policy?.

No, only some parts of wmflabs.org are hosted by trusted proxies.

Do you have some examples? I was under the impression all of it was through https://wikitech.wikimedia.org/wiki/Help:Proxy . Anyway, everything running on wmflabs is covered by https://wikitech.wikimedia.org/wiki/Wikitech:Cloud_Services_Terms_of_use#What_can_and_can%E2%80%99t_be_done_with_user_information? and the general https://foundation.wikimedia.org/wiki/Privacy_policy . This covers all the privacy concerns. Do you have other concerns? You didn't elaborate on why *.wmflabs.org shouldn't be added so it's unclear to me what your concerns are.

Jul 6 2019, 5:42 PM · Cloud-Services, Privacy, Security, Wikimedia-Site-requests
Krenair added a comment to T223840: Can/should *.wmflabs.org be added to the default-src Content Security Policy?.

*.wmflabs.org should certainly not be added, not sure about tools.wmflabs.org.

Why not? Can you elaborate? For scripts I agree that these shouldn't be loaded from *.wmflabs.org , but why not for data? All wmflabs.org traffic is handled by proxies, right? That should take care of the privacy concerns.

Jul 6 2019, 5:24 PM · Cloud-Services, Privacy, Security, Wikimedia-Site-requests

Jul 3 2019

Krenair added a comment to T226088: DNS lookups for nih.gov hosts failing from Cloud VPS/Toolforge, services (citoid).

I think in principle we should not be /etc/hostsing our way around other people's broken nameservers and restrictions.

Jul 3 2019, 7:52 PM · Citoid, Services, cloud-services-team (Kanban), Toolforge

Jun 29 2019

Krenair merged task T226894: Degraded RAID on helium into T226906: Degraded RAID on helium.
Jun 29 2019, 10:33 PM · ops-eqiad, Operations
Krenair merged T226894: Degraded RAID on helium into T226906: Degraded RAID on helium.
Jun 29 2019, 10:33 PM · ops-eqiad, Operations
Krenair merged T226905: Degraded RAID on helium into T226894: Degraded RAID on helium.
Jun 29 2019, 9:41 PM · ops-eqiad, Operations
Krenair merged task T226905: Degraded RAID on helium into T226894: Degraded RAID on helium.
Jun 29 2019, 9:41 PM · ops-eqiad, Operations

Jun 22 2019

Krenair added a comment to T224561: Migrate remaining cloudvirt hosts to Stretch/Mitaka.

the first of those is basically empty but the rest are busy machines:

cloudvirt1014.eqiad.wmnet:
    canary-1014-01.testlabs.eqiad.wmflabs
cloudvirt1016.eqiad.wmnet:
    accounts-appserver4.account-creation-assistance.eqiad.wmflabs
    butterfly-m4m2.butterfly.eqiad.wmflabs
    Radon.codereview.eqiad.wmflabs
    Krypton.codereview.eqiad.wmflabs
    clm-web-01.community-labs-monitoring.eqiad.wmflabs
    clm-worker-01.community-labs-monitoring.eqiad.wmflabs
    dashiki-01.dashiki.eqiad.wmflabs
    deployment-restbase01.deployment-prep.eqiad.wmflabs
    deployment-logstash2.deployment-prep.eqiad.wmflabs
    deployment-changeprop.deployment-prep.eqiad.wmflabs
    deployment-sentry01.deployment-prep.eqiad.wmflabs
    deployment-memc06.deployment-prep.eqiad.wmflabs
    deployment-restbase02.deployment-prep.eqiad.wmflabs
    deployment-imagescaler01.deployment-prep.eqiad.wmflabs
    deployment-ircd.deployment-prep.eqiad.wmflabs
    deployment-zookeeper02.deployment-prep.eqiad.wmflabs
    deployment-etcd-01.deployment-prep.eqiad.wmflabs
    deployment-imagescaler02.deployment-prep.eqiad.wmflabs
    deployment-kafka-jumbo-1.deployment-prep.eqiad.wmflabs
    deployment-memc07.deployment-prep.eqiad.wmflabs
    deployment-snapshot01.deployment-prep.eqiad.wmflabs
    deployment-cpjobqueue.deployment-prep.eqiad.wmflabs
    deployment-mediawiki-07.deployment-prep.eqiad.wmflabs
    deployment-chromium01.deployment-prep.eqiad.wmflabs
    deployment-puppetdb02.deployment-prep.eqiad.wmflabs
    deployment-dumps-puppetmaster02.deployment-prep.eqiad.wmflabs
    deployment-jobrunner03.deployment-prep.eqiad.wmflabs
    deployment-ores01.deployment-prep.eqiad.wmflabs
    deployment-puppetmaster03.deployment-prep.eqiad.wmflabs
    deployment-cache-text05.deployment-prep.eqiad.wmflabs
    deployment-mwmaint01.deployment-prep.eqiad.wmflabs
    deployment-chromium02.deployment-prep.eqiad.wmflabs
    deployment-urldownloader02.deployment-prep.eqiad.wmflabs
    dwl.dwl.eqiad.wmflabs
    taxonbota.dwl.eqiad.wmflabs
    tofawiki02.fa-wp.eqiad.wmflabs
    integration-cumin.integration.eqiad.wmflabs
    integration-slave-jessie-1002.integration.eqiad.wmflabs
    integration-slave-docker-1041.integration.eqiad.wmflabs
    lizenzhinweisgenerator.lizenzhinweisgenerator.eqiad.wmflabs
    openrefine01.openrefine.eqiad.wmflabs
    cloud-bootstrapvz-stretch.openstack.eqiad.wmflabs
    otrs-oneclickspam-test.otrs.eqiad.wmflabs
    packagist-mirror1.packagist-mirror.eqiad.wmflabs
    partnermetrics-redis-01.partnermetrics.eqiad.wmflabs
    novaadminmadethis6.quotatest.eqiad.wmflabs
    logparse01.security-tools.eqiad.wmflabs
    kask-client.services.eqiad.wmflabs
    discovery-production-02.shiny-r.eqiad.wmflabs
    canary1016-01.testlabs.eqiad.wmflabs
    toolsbeta-sgegrid-shadow.toolsbeta.eqiad.wmflabs
    toolsbeta-sgecron-01.toolsbeta.eqiad.wmflabs
    toolsbeta-sgewebgrid-lighttpd-0901.toolsbeta.eqiad.wmflabs
    wmil.twl.eqiad.wmflabs
    video-redis.video.eqiad.wmflabs
    gfg01.video.eqiad.wmflabs
    videodev.video.eqiad.wmflabs
    encoding01.video.eqiad.wmflabs
    disposable.webperf.eqiad.wmflabs
    wikidata-constraints.wikidata-dev.eqiad.wmflabs
    whgi.wikidumpparse.eqiad.wmflabs
    elasticsearch-20.wikifactmine.eqiad.wmflabs
    elasticsearch-21.wikifactmine.eqiad.wmflabs
    wikitextexp-base-1002.wikitextexp.eqiad.wmflabs
    wikitextexp-expt-1002.wikitextexp.eqiad.wmflabs
    wm-bot-pg.wm-bot.eqiad.wmflabs
    wm-bot2.wm-bot.eqiad.wmflabs
    wikilabels.wmf-research-tools.eqiad.wmflabs
    diegoTest.wmf-research-tools.eqiad.wmflabs
cloudvirt1017.eqiad.wmnet:
    accounts-mwoauth.account-creation-assistance.eqiad.wmflabs
    af-puppetdb02.automation-framework.eqiad.wmflabs
    cloudinfra-db02.cloudinfra.eqiad.wmflabs
    commtech-2.commtech.eqiad.wmflabs
    dashiki-staging-01.dashiki.eqiad.wmflabs
    deployment-elastic07.deployment-prep.eqiad.wmflabs
    deployment-elastic06.deployment-prep.eqiad.wmflabs
    deployment-eventlog05.deployment-prep.eqiad.wmflabs
    design-research-methods.design.eqiad.wmflabs
    dumps-0.dumps.eqiad.wmflabs
    webservices.getstarted.eqiad.wmflabs
    gitservices.getstarted.eqiad.wmflabs
    Glampipe.glampipe.eqiad.wmflabs
    hound-puppet-02.hound.eqiad.wmflabs
    integration-r-lang-01.integration.eqiad.wmflabs
    integration-slave-docker-1040.integration.eqiad.wmflabs
    k8s-dzahn.k8splay.eqiad.wmflabs
    maps-tiles1.maps.eqiad.wmflabs
    maps-warper3.maps.eqiad.wmflabs
    compiler1001.puppet-diffs.eqiad.wmflabs
    meza-new2.qna.eqiad.wmflabs
    readers-web-master.reading-web-staging.eqiad.wmflabs
    tool.recommendation-api.eqiad.wmflabs
    missing-sections.recommendation-api.eqiad.wmflabs
    rec-wiki.recommendation-api.eqiad.wmflabs
    related-articles.recommendation-api.eqiad.wmflabs
    frama-test5.sentry.eqiad.wmflabs
    frama-test6-sb.sentry.eqiad.wmflabs
    kask.services.eqiad.wmflabs
    shinken-02.shinken.eqiad.wmflabs
    abogott-puppetmaster.testlabs.eqiad.wmflabs
    tools-sgeexec-0905.tools.eqiad.wmflabs
    tools-sgegrid-shadow.tools.eqiad.wmflabs
    tools-sgecron-01.tools.eqiad.wmflabs
    app-instance.videowiki.eqiad.wmflabs
    dumpgrepper.visualeditor.eqiad.wmflabs
    federated-commons.wikidata-federation.eqiad.wmflabs
    federated-wikidata.wikidata-federation.eqiad.wmflabs
    wmde-wikidiff2-jacnth.wikidiff2-wmde-dev.eqiad.wmflabs
    roope.wikidocumentaries.eqiad.wmflabs
    hupu.wikidocumentaries.eqiad.wmflabs
    puppetmaster-01.wikifactmine.eqiad.wmflabs
    wikilabels-experiment.wikilabels.eqiad.wmflabs
    wikilabels-02.wikilabels.eqiad.wmflabs
    wikimetrics-01.wikimetrics.eqiad.wmflabs
    ws-web.wikistream.eqiad.wmflabs
    wpx-redirects-01.wpx.eqiad.wmflabs
cloudvirt1021.eqiad.wmnet:
    zk1-1.analytics.eqiad.wmflabs
    zk1-3.analytics.eqiad.wmflabs
    antiharassment-web1.antiharassment.eqiad.wmflabs
    af-puppetmaster02.automation-framework.eqiad.wmflabs
    bastion-eqiad1-01.bastion.eqiad.wmflabs
    sylvester.catgraph.eqiad.wmflabs
    mx-out02.cloudinfra.eqiad.wmflabs
    cyberbot-exec-01.cyberbot.eqiad.wmflabs
    taxonbot.dwl.eqiad.wmflabs
    etcd05.etcd.eqiad.wmflabs
    etcd04.etcd.eqiad.wmflabs
    etcd06.etcd.eqiad.wmflabs
    fastcci-worker1.fastcci.eqiad.wmflabs
    fastcci-worker2.fastcci.eqiad.wmflabs
    google-api-proxy-02.google-api-proxy.eqiad.wmflabs
    hashtags-prod.hashtags.eqiad.wmflabs
    k8s-test-builder.hat-imagescalers.eqiad.wmflabs
    huggle-wl.huggle.eqiad.wmflabs
    xmlrcs.huggle.eqiad.wmflabs
    qube-master.k8splay.eqiad.wmflabs
    language-mleb-master.language.eqiad.wmflabs
    language-mleb-stable.language.eqiad.wmflabs
    filippo-log-stretch01.logging.eqiad.wmflabs
    filippo-log-jessie01.logging.eqiad.wmflabs
    mwv-stretch-migration.mediawiki-vagrant.eqiad.wmflabs
    T183456-stretch.mediawiki-vagrant.eqiad.wmflabs
    mixnmatch.mix-n-match.eqiad.wmflabs
    emoji.mobile.eqiad.wmflabs
    apps-team-tools.mobile.eqiad.wmflabs
    mwstake.mwstake.eqiad.wmflabs
    mwv-apt-01.mwv-apt.eqiad.wmflabs
    gnd-01.orig.eqiad.wmflabs
    calico-builder01.packaging.eqiad.wmflabs
    builder01.packaging.eqiad.wmflabs
    petscan-dev3.petscan.eqiad.wmflabs
    petscan3.petscan.eqiad.wmflabs
    puppet-phabricator.phabricator.eqiad.wmflabs
    pluggableauth-server.pluggableauth.eqiad.wmflabs
    quarry-web-01.quarry.eqiad.wmflabs
    experiments.reading-web-staging.eqiad.wmflabs
    relforge-search.search.eqiad.wmflabs
    wdsearch2.search.eqiad.wmflabs
    striker-uwsgi03.striker.eqiad.wmflabs
    diffscan.traffic.eqiad.wmflabs
    traffic-text-stretch.traffic.eqiad.wmflabs
    federated-wikis.wikidata-dev.eqiad.wmflabs
    xtools-dev04.xtools.eqiad.wmflabs
cloudvirt1022.eqiad.wmnet:
    accounts-db3.account-creation-assistance.eqiad.wmflabs
    deployment-server.analytics.eqiad.wmflabs
    af-lg.automation-framework.eqiad.wmflabs
    af-debmonitor.automation-framework.eqiad.wmflabs
    bastion-restricted-eqiad1-01.bastion.eqiad.wmflabs
    mx-out01.cloudinfra.eqiad.wmflabs
    deployment-elastic05.deployment-prep.eqiad.wmflabs
    deployment-mx02.deployment-prep.eqiad.wmflabs
    deployment-kafka-main-2.deployment-prep.eqiad.wmflabs
    deployment-webperf11.deployment-prep.eqiad.wmflabs
    wikimedia-ui.design.eqiad.wmflabs
    discourse1002.discourse.eqiad.wmflabs
    download-01.download.eqiad.wmflabs
    dumps-2.dumps.eqiad.wmflabs
    dumps-1.dumps.eqiad.wmflabs
    extdist-01.extdist.eqiad.wmflabs
    gerrit-test.git.eqiad.wmflabs
    gerrit-mysql.git.eqiad.wmflabs
    puppet-paladox.git.eqiad.wmflabs
    grantreview-03.grantreview.eqiad.wmflabs
    hhvm-stretch-jmm.hhvm.eqiad.wmflabs
    hhvm-jmm-vp9.hhvm.eqiad.wmflabs
    medbox3-iiab.iiab.eqiad.wmflabs
    integration-slave-docker-1043.integration.eqiad.wmflabs
    language-eg.language.eqiad.wmflabs
    language-cx.language.eqiad.wmflabs
    moses01-small.language.eqiad.wmflabs
    language-apertium2.language.eqiad.wmflabs
    mcr-full.mcr-dev.eqiad.wmflabs
    mwv-builder-02.mediawiki-vagrant.eqiad.wmflabs
    T183456-jessie.mediawiki-vagrant.eqiad.wmflabs
    mwoffliner4.mwoffliner.eqiad.wmflabs
    mwoffliner2.mwoffliner.eqiad.wmflabs
    newsletter-test.newsletter.eqiad.wmflabs
    labs-bootstrapvz-jessie.openstack.eqiad.wmflabs
    vmbuilder-trusty.openstack.eqiad.wmflabs
    ores-web-01.ores.eqiad.wmflabs
    ores-web-03.ores.eqiad.wmflabs
    phabricator.phabricator.eqiad.wmflabs
    phab-tin.phabricator.eqiad.wmflabs
    puppet-jmm-pmaster.puppet.eqiad.wmflabs
    puppet-jmm-pmaster-client.puppet.eqiad.wmflabs
    meza-new4.qna.eqiad.wmflabs
    quarry-db-01.quarry.eqiad.wmflabs
    quarry-worker-02.quarry.eqiad.wmflabs
    marvin-staging.reading-web-staging.eqiad.wmflabs
    readingwebstaging.reading-web-staging.eqiad.wmflabs
    tool-alpha.recommendation-api.eqiad.wmflabs
    gapfinder-tools.recommendation-api.eqiad.wmflabs
    cirrus-browser-bot.search.eqiad.wmflabs
    snuggle-wikidatawiki-01.snuggle.eqiad.wmflabs
    timeless2.social-tools.eqiad.wmflabs
    mc-clusterB-1.test-twemproxy.eqiad.wmflabs
    mc-clusterB-2.test-twemproxy.eqiad.wmflabs
    toolsbeta-sgebastion-04.toolsbeta.eqiad.wmflabs
    toolsbeta-sgeexec-0901.toolsbeta.eqiad.wmflabs
    toolsbeta-sgegrid-master.toolsbeta.eqiad.wmflabs
    relic-stretch.toolserver-legacy.eqiad.wmflabs
    traffic-puppetmaster.traffic.eqiad.wmflabs
    utrs-beta-production.utrs.eqiad.wmflabs
    utrs-production2.utrs.eqiad.wmflabs
    utrs-database2.utrs.eqiad.wmflabs
    wcdo.wcdo.eqiad.wmflabs
    wbregistry-01.wikibase-registry.eqiad.wmflabs
    orig-01.wikibase-registry.eqiad.wmflabs
    federated-wikis2.wikidata-dev.eqiad.wmflabs
    pst.wikidata-primary-sources-tool.eqiad.wmflabs
    wmde-wikidiff2-patched.wikidiff2-wmde-dev.eqiad.wmflabs
    wmde-wikidiff2-unpatched.wikidiff2-wmde-dev.eqiad.wmflabs
    sqltest02.wikidiff2-wmde-dev.eqiad.wmflabs
    wikilabels-staging-01.wikilabels.eqiad.wmflabs
    scholarships-02.wikimania-support.eqiad.wmflabs
    wikispeech-tts-release.wikispeech.eqiad.wmflabs
    parsing-qa-01.wikitextexp.eqiad.wmflabs
    dannyb.wildcat.eqiad.wmflabs
    xtools-prod05.xtools.eqiad.wmflabs
    xtools-prod03.xtools.eqiad.wmflabs
cloudvirt1023.eqiad.wmnet:
    k4-1.analytics.eqiad.wmflabs
    k4-2.analytics.eqiad.wmflabs
    zk1-2.analytics.eqiad.wmflabs
    fishbone.catgraph.eqiad.wmflabs
    logintest2.catgraph.eqiad.wmflabs
    codesearch4.codesearch.eqiad.wmflabs
    cvn-app8.cvn.eqiad.wmflabs
    cvn-app9.cvn.eqiad.wmflabs
    cvn-apache9.cvn.eqiad.wmflabs
    cyberbot-db-01.cyberbot.eqiad.wmflabs
    deployment-sca02.deployment-prep.eqiad.wmflabs
    discourse-mw.discourse.eqiad.wmflabs
    dumps-3.dumps.eqiad.wmflabs
    eventmetrics-prod01.eventmetrics.eqiad.wmflabs
    fastcci-new-master.fastcci.eqiad.wmflabs
    wikiedubackups.globaleducation.eqiad.wmflabs
    huggle-deb-builder.huggle.eqiad.wmflabs
    saucelabs-02.integration.eqiad.wmflabs
    integration-slave-jessie-1001.integration.eqiad.wmflabs
    integration-slave-jessie-1004.integration.eqiad.wmflabs
    qube-node2.k8splay.eqiad.wmflabs
    qube-node1.k8splay.eqiad.wmflabs
    language-cx1.language.eqiad.wmflabs
    cxserver.language.eqiad.wmflabs
    upgrader-04.library-upgrader.eqiad.wmflabs
    matrix-synapse-01.matrix.eqiad.wmflabs
    mcr-base.mcr-dev.eqiad.wmflabs
    mcr-sdc.mcr-dev.eqiad.wmflabs
    ores-worker-01.ores.eqiad.wmflabs
    ores-worker-02.ores.eqiad.wmflabs
    ores-lb-03.ores.eqiad.wmflabs
    ores-redis-02.ores.eqiad.wmflabs
    ores-staging-01.ores-staging.eqiad.wmflabs
    ores-misc-01.ores-staging.eqiad.wmflabs
    phlogiston-4.phlogiston.eqiad.wmflabs
    cindy.pluggableauth.eqiad.wmflabs
    captcha-tf-43.privpol-captcha.eqiad.wmflabs
    captcha-imageprocessing-11.privpol-captcha.eqiad.wmflabs
    puppet-ema-2.puppet.eqiad.wmflabs
    keith-puppetmaster.puppet.eqiad.wmflabs
    puppet-jmm-kernel-stretch2.puppet.eqiad.wmflabs
    puppet-jmm-kernel-jessie.puppet.eqiad.wmflabs
    quarry-worker-01.quarry.eqiad.wmflabs
    trending.reading-web-staging.eqiad.wmflabs
    recommendation-api-build.recommendation-api.eqiad.wmflabs
    clickmodel.search.eqiad.wmflabs
    rel2.search.eqiad.wmflabs
    sentry-builder.sentry.eqiad.wmflabs
    appservice.services.eqiad.wmflabs
    suggestbot-01.suggestbot.eqiad.wmflabs
    mc-clusterA-2.test-twemproxy.eqiad.wmflabs
    canary1023-01.testlabs.eqiad.wmflabs
    puppetmaster.thumbor.eqiad.wmflabs
    tools-static-12.tools.eqiad.wmflabs
    tools-sgegrid-master.tools.eqiad.wmflabs
    toolsbeta-sgewebgrid-generic-0901.toolsbeta.eqiad.wmflabs
    visualeditor-test2.visualeditor.eqiad.wmflabs
    misc-01.wikibase-registry.eqiad.wmflabs
    libcanada-01.wikibase-registry.eqiad.wmflabs
    wikibrain-embeddings-02.wikibrain.eqiad.wmflabs
    wikibrain-embeddings-01.wikibrain.eqiad.wmflabs
    wikibase-stretch.wikidata-dev.eqiad.wmflabs
    wmde-wikidiff2-debug.wikidiff2-wmde-dev.eqiad.wmflabs
    elasticsearch-01.wikifactmine.eqiad.wmflabs
    wikilabels-backups.wikilabels.eqiad.wmflabs
    wikispeech-wiki-stretch.wikispeech.eqiad.wmflabs
    wikispeech-tts-dev.wikispeech.eqiad.wmflabs
    wikistats-greyhound.wikistats.eqiad.wmflabs
    wpx-mediawiki-02.wpx.eqiad.wmflabs
Jun 22 2019, 8:18 PM · cloud-services-team, Operations
Krenair added a comment to T215888: openstack-browser: include deployment view support.

If it has to be in the admin project that may be problematic - IIRC that is the one project that novaobserver cannot observe, can't remember if there was a good reason for that.

Jun 22 2019, 8:16 PM · Tools, cloud-services-team (Kanban)
Krenair closed T219424: Decide how we're going to handle certificates for the puppetmaster migration as Resolved.
Jun 22 2019, 4:36 PM · cloud-services-team (Kanban), Cloud-Services
Krenair closed T219424: Decide how we're going to handle certificates for the puppetmaster migration, a subtask of T171188: Move the main WMCS puppetmaster into the Labs realm, as Resolved.
Jun 22 2019, 4:36 PM · Patch-For-Review, cloud-services-team (Kanban), Cloud-Services, Puppet, Operations
Krenair closed T220268: Consider ways to make puppetmaster CA changes smoother on the puppet client end as Resolved.

Wish I'd done this years ago. It seems to have worked and allows us to effortlessly move instances between puppetmasters - which should prove very helpful to the puppetmaster realm migration.

Jun 22 2019, 4:31 PM · Puppet, cloud-services-team (Kanban), Cloud-Services
Krenair closed T220268: Consider ways to make puppetmaster CA changes smoother on the puppet client end, a subtask of T219424: Decide how we're going to handle certificates for the puppetmaster migration, as Resolved.
Jun 22 2019, 4:31 PM · cloud-services-team (Kanban), Cloud-Services

Jun 20 2019

Krenair added a comment to T225253: Access Q re maint1002.

enwiki would be s1, eswiki s7, and cawiki s7. Not sure what the problem with the defaults file is - are you able to open the file? It will contain a password so do not paste it here.

Jun 20 2019, 10:08 PM · SRE-Access-Requests, Operations
Krenair added a comment to T225253: Access Q re maint1002.

Ah, I see the old analytics-store got removed. Baring in mind eswiki would live on s7, and looking at the docs you linked, your last two attempts should probably be pretty close. Try mysql --defaults-file=/etc/mysql/conf.d/research-client.cnf -h s7-analytics-replica.eqiad.wmnet -P 3317 eswiki -e 'describe cx_corpora;' ?

Jun 20 2019, 9:52 PM · SRE-Access-Requests, Operations

Jun 11 2019

Krenair added a comment to T225557: Puppet fails on newly created deployment-wikifeeds01.

Ok. I'm kind of hoping that with https://gerrit.wikimedia.org/r/#/c/operations/puppet/+/506873/ and its parent we can make the puppetmaster switch more or less seamless with just the signing step to perform.

Jun 11 2019, 10:04 PM · Reading-Infrastructure-Team-Backlog, Cloud-VPS, Beta-Cluster-Infrastructure
Krenair closed T225557: Puppet fails on newly created deployment-wikifeeds01 as Resolved.

Ran cd /var/lib/puppet; mv ssl ssl_old; rm /usr/local/share/ca-certificates/Puppet_Internal_CA.crt; nano /usr/local/share/ca-certificates/Puppet_Internal_CA.crt; update-ca-certificates --fresh; puppet agent -tv, gave it a copy of the CA cert from the puppetmaster, signed the new client cert on the puppetmaster. Puppet cert error is gone, there's a new error which would be a different task.

Jun 11 2019, 9:51 PM · Reading-Infrastructure-Team-Backlog, Cloud-VPS, Beta-Cluster-Infrastructure
Krenair closed T225557: Puppet fails on newly created deployment-wikifeeds01, a subtask of T170455: Extract the feed endpoints from PCS into a new wikifeeds service, as Resolved.
Jun 11 2019, 9:51 PM · Reading-Infrastructure-Team-Backlog, Epic, Wikifeeds, Patch-For-Review, Page Content Service
Krenair added a comment to T225557: Puppet fails on newly created deployment-wikifeeds01.

That's what always happens, you still have to go through and manually sort out the situation with certs.

Jun 11 2019, 9:48 PM · Reading-Infrastructure-Team-Backlog, Cloud-VPS, Beta-Cluster-Infrastructure
Krenair awarded T225553: gmail users being suspended from mediawiki-l due to excessive bounces due to DMARC a Heartbreak token.
Jun 11 2019, 9:38 PM · Operations, Wikimedia-Mailing-lists

Jun 10 2019

Krenair renamed T225261: CentralNotice setting a surprising content security policy in production when using &banner= URL parameter from CentralNotice setting a surprising content security policy in production to CentralNotice setting a surprising content security policy in production when using &banner= URL parameter.
Jun 10 2019, 8:15 PM · Fundraising Sprint Princess Mongodb, Patch-For-Review, Fundraising-Backlog, Security, MediaWiki-extensions-CentralNotice

Jun 7 2019

Krenair added a comment to T225269: Verify that all mailman mailing lists have private_roster=2.

Don't most of our lists require people to have a list admin password to read the subscriber list? Do we have any that don't?

Jun 7 2019, 1:33 AM · Operations, Wikimedia-Mailing-lists
Krenair renamed T225269: Verify that all mailman mailing lists have private_roster=2 from Mailman: Consider restricting access to members to Consider restricting access to list subscriber list.
Jun 7 2019, 1:31 AM · Operations, Wikimedia-Mailing-lists
Krenair added a comment to T225253: Access Q re maint1002.

Okay. You might just want to check that something like mysql --defaults-file=/etc/mysql/conf.d/research-client.cnf -h analytics-store.eqiad.wmnet <insert wiki ID> -e 'describe cx_translations;' works as expected on stat1006. Not able to test it myself.

Jun 7 2019, 12:21 AM · SRE-Access-Requests, Operations

Jun 6 2019

Krenair updated subscribers of T225261: CentralNotice setting a surprising content security policy in production when using &banner= URL parameter.
Jun 6 2019, 10:58 PM · Fundraising Sprint Princess Mongodb, Patch-For-Review, Fundraising-Backlog, Security, MediaWiki-extensions-CentralNotice
Krenair added a comment to T225253: Access Q re maint1002.

That's from ContentTranslation right? You should be able to get all this stuff already by being in the researcher group. I don't think the maintenance hosts store this either, they just have access to it by virtue of wikiuser/wikiadmin MySQL credentials. Restricted/deployment users would be able to get to it from a MW machine (using the wikiuser/wikiadmin credentials, which would also give them the ability to write to the data on the master DBs and all sorts which you probably are not asking for?), but analytics/research users should probably be using a stat box's access to analytics replicas of the MW databases.

Jun 6 2019, 10:16 PM · SRE-Access-Requests, Operations
Krenair edited projects for T225253: Access Q re maint1002, added: SRE-Access-Requests; removed Nonpublic-Information-Access-Policy.

What data are you trying to get to exactly?

Jun 6 2019, 9:13 PM · SRE-Access-Requests, Operations

Jun 5 2019

Krenair renamed T224289: "sso" project did not get sso.wmflabs.org zone created automatically from Allow DNS changes for "sso" project to "sso" project did not get sso.wmflabs.org zone created automatically.
Jun 5 2019, 11:02 PM · Cloud-VPS
Krenair closed T225168: New OpenStack control-plane nodes can't talk to novaproxy, a subtask of T224981: rabbitmq: connectivity issues between cloudservices1004 and rabbitmq, as Resolved.
Jun 5 2019, 10:52 PM · cloud-services-team (Kanban)
Krenair closed T225168: New OpenStack control-plane nodes can't talk to novaproxy as Resolved.
Jun 5 2019, 10:52 PM · cloud-services-team (Kanban)
Krenair added a comment to T225168: New OpenStack control-plane nodes can't talk to novaproxy.

Also did other cleanup of that list visible in https://wikitech.wikimedia.org/wiki/Nova_Resource:Project-proxy/SAL#2019-06-05
List is now:

Jun 5 2019, 10:52 PM · cloud-services-team (Kanban)
Krenair added a comment to T225168: New OpenStack control-plane nodes can't talk to novaproxy.

Already did the second service node: https://wikitech.wikimedia.org/w/index.php?title=Nova_Resource:Project-proxy/SAL&diff=1828608&oldid=1819110

Jun 5 2019, 10:47 PM · cloud-services-team (Kanban)
Krenair added a comment to T225168: New OpenStack control-plane nodes can't talk to novaproxy.

(@JHedden helped identify this one)

Jun 5 2019, 10:46 PM · cloud-services-team (Kanban)
Krenair added a comment to T224265: Redirect svgtranslate from toolserver.org.
Jun 5 2019, 10:25 PM · cloud-services-team (Kanban), Cloud-VPS, Community-Tech (Resolved 2018-19 Q4), Patch-For-Review, SVG Translate Tool
Krenair added a comment to T225048: ipblocks.ipb_by_text database column has gone missing from English Wikipedia database replica.

https://wikitech.wikimedia.org/wiki/News/Actor_storage_changes_on_the_Wiki_Replicas

Jun 5 2019, 7:42 AM · Data-Services, Documentation

Jun 4 2019

Krenair awarded T225025: Request new Flavor for integration Cloud VPS project a Like token.
Jun 4 2019, 9:54 PM · cloud-services-team (Kanban), Release-Engineering-Team-TODO, Continuous-Integration-Infrastructure, Cloud-VPS (Quota-requests)

Jun 3 2019

Krenair added a comment to T224265: Redirect svgtranslate from toolserver.org.

I went to look at https://commons.wikimedia.org/w/index.php?target=https%3A%2F%2Ftoolserver.org%2F%7Enikola%2Fsvgtranslate.php&title=Special%3ALinkSearch but the svg= data I tried on the new svgtranslate did not appear to work. Does it support upload.wm.o URLs?

Jun 3 2019, 7:57 PM · cloud-services-team (Kanban), Cloud-VPS, Community-Tech (Resolved 2018-19 Q4), Patch-For-Review, SVG Translate Tool
Krenair added a project to T220505: Decommission iron: Cloud-VPS.

'install access for WMCS' struck me as odd so I asked around a bit:

<bstorm_> Iron has been used for cloudvirt installs in the past
<andrewbogott> Normally we access new unpuppetized servers from the puppetmasters.  They aren't allowed to access the cloudvirts though, due to a network rule I don't understand.  So we use iron instead.
<andrewbogott> As far as I know it's still the only way.
<bstorm_> Yup
Jun 3 2019, 7:18 PM · Cloud-VPS, ops-eqiad, decommission, Operations
Krenair closed T224865: Requesting access to deployment-prep for @Urbanecm as Resolved.
Jun 3 2019, 3:35 PM · Beta-Cluster-Infrastructure

Jun 2 2019

Krenair added a comment to T224840: category; British leprologists.
Jun 2 2019, 8:13 PM

Jun 1 2019

Krenair added a comment to T221526: Explain on Special:UrlShortener that it can only be used on Meta-Wiki.
krenair@deployment-deploy01:~$ mwscript eval.php metawiki
> echo wfMessage('urlshortener-disabled')->parse();
Creating new short URLs is temporarily disabled.
> ^D
krenair@deployment-deploy01:~$ mwscript eval.php enwiki
> echo wfMessage('urlshortener-disabled')->parse();
Short links can only be created via <a href="https://meta.wikimedia.beta.wmflabs.org/wiki/Special:UrlShortener" class="extiw" title="m:Special:UrlShortener">Special:UrlShortener</a> page on meta.wikimedia.org.
Jun 1 2019, 1:53 PM · MW-1.34-notes (1.34.0-wmf.8; 2019-06-04), MediaWiki-extensions-UrlShortener, WikimediaMessages
Krenair closed T221526: Explain on Special:UrlShortener that it can only be used on Meta-Wiki as Resolved.

Seems beta is not configured to test this one properly as we set UrlShortenerReadOnly to false everywhere there.

Jun 1 2019, 1:51 PM · MW-1.34-notes (1.34.0-wmf.8; 2019-06-04), MediaWiki-extensions-UrlShortener, WikimediaMessages
Krenair added a comment to T224000: wmcs-wikireplica-dns: error: circular reference detected.

I've tested and modern Designate appears to do better error handling of this:

krenair@labs-t224000-alex-osdev:~/devstack$ cat test_mwoc.py
import mwopenstackclients
dns_mgr = mwopenstackclients.DnsManager(mwopenstackclients.Clients(
    username="admin",
    password="password",
    url="http://labs-t224000-alex-osdev/identity/v3",
    project="demo"
), None)
dns_mgr.create_recordset('2bc35734-0fd6-4b04-83dd-88e1672dbfb6', "asd.{u'status': u'ACTIVE'}.alextest.wmflabs.org.", 'A', ['127.0.0.1'])
#dns_mgr.create_recordset('2bc35734-0fd6-4b04-83dd-88e1672dbfb6', "asd.abcstatusdefugACTIVEhi.alextest.wmflabs.org.", 'A', ['127.0.0.1'])
Jun 1 2019, 1:28 PM · Patch-For-Review, cloud-services-team (Kanban)