Krenair (Alex Monk)
Wikimedia volunteer

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Oct 3 2014, 2:34 PM (198 w, 2 d)
Availability
Available
IRC Nick
Krenair
LDAP User
Alex Monk
MediaWiki User
Krenair [ Global Accounts ]

I am a Wikimedia volunteer helping in various technical ways. These days it's usually Beta cluster related. I've previously spent significant amounts of time involved in MediaWiki development, software deployments to the Wikimedia cluster, and various other things. I am also an OTRS agent.

Some of my old VisualEditor work can be found under @AlexMonk-WMF instead

I have opinions on things, which do not necessarily represent those of any organisation I am, have previously been, or will in the future be affiliated with.

Recent Activity

Yesterday

Krinkle awarded T200139: Report of exception while moving pages on wikitech a Like token.
Sun, Jul 22, 2:34 AM · MediaWiki-General-or-Unknown, Wikimedia-log-errors, wikitech.wikimedia.org
Krenair added a comment to T197803: Python2: track Py2 softwares.

I tried find -iname '*.py' | xargs grep -E "^#!" | grep -v python3 | cut -d: -f1 | xargs -n1 2to3 -w in puppet and git diff came back with 75 files changed, 488 insertions(+), 485 deletions(-)
However, some of that is the 2to3 tool doing silly things such as:

-        print("CRITICAL: nf_conntrack is %d %% full" % full)
+        print(("CRITICAL: nf_conntrack is %d %% full" % full))
Sun, Jul 22, 1:12 AM · Operations-Software-Development
Krenair added a comment to T197804: Puppet: forbid new Python2 code.

Just in puppet checking shebangs:

alex@alex-laptop:~/Development/Wikimedia/Operations-Puppet (production)$ find -iname '*.py' | xargs grep -E "^#!" | wc -l
122
alex@alex-laptop:~/Development/Wikimedia/Operations-Puppet (production)$ find -iname '*.py' | xargs grep -E "^#!" | grep -v python3 -c
84
Sun, Jul 22, 1:03 AM · Operations-Software-Development
Krenair added a comment to T197804: Puppet: forbid new Python2 code.

Almost certainly impossible to catch all Python 2 code that doesn't have a shebang and is compatible with Python 3 syntax. Hopefully that's a pretty small set of things.
Should probably audit everything ending in .py without a python3 shebang and check what we're running it under (if python 2, port it)

Sun, Jul 22, 12:59 AM · Operations-Software-Development
Krenair added a comment to T200141: Some "Global Accounts" links on Phabricator profiles are broken due to missing encoding.

It's an encoding thing. It's trying to do Special:CentralAuth/{username} when in fact the encoding appears to be set up for Special:CentralAuth?target={username}

Sun, Jul 22, 12:50 AM · Patch-For-Review, Wikimedia-Phabricator-Extensions, User-MarcoAurelio

Sat, Jul 21

Krenair added a comment to T40010: Re-evaluate librsvg as SVG renderer on Wikimedia wikis.

Batik takes 50% longer; Inkscape 75% longer, and ImageMagick 100% longer according to some 2009 tests.

Sat, Jul 21, 11:24 PM · TechCom-RFC, MediaWiki-File-management, Commons, Multimedia, Wikimedia-SVG-rendering
Krenair created T200139: Report of exception while moving pages on wikitech.
Sat, Jul 21, 10:18 PM · MediaWiki-General-or-Unknown, Wikimedia-log-errors, wikitech.wikimedia.org
Krenair added a comment to T136735: create endowment.wm.org microsite.

Does the bugzilla archive really count as a microsite? It's huge...

Sat, Jul 21, 9:53 PM · Annual-Report, Operations
Krenair added a comment to T200052: Mandate that account passwords must be a minimum of eight characters on Wikimedia projects.

The author has only granted permission for it to be used by Wikimedians/the Wikimedia Foundation, so please don't share the link publicly.

Sounds like a pretty surefire way to ensure it's not used by Wikimedians at all.

Sorry, I don't choose the license terms. I'm just following what they stated. The publisher doesn't allow the study to be shared freely. The PDF is only meant to assess security issues, not to cite in articles. In case you would like to take a look at the study, I have emailed you a copy. Cheers, Daylen

Sat, Jul 21, 9:28 PM · Security, Wikimedia-General-or-Unknown
Krenair awarded T180761: Move XHGui from tungsten to webperf-002 a Like token.
Sat, Jul 21, 8:45 PM · Beta-Cluster-Infrastructure, Performance-Team
Krenair added a comment to T200052: Mandate that account passwords must be a minimum of eight characters on Wikimedia projects.

The author has only granted permission for it to be used by Wikimedians/the Wikimedia Foundation, so please don't share the link publicly.

Sat, Jul 21, 7:05 PM · Security, Wikimedia-General-or-Unknown
Krenair reopened T187634: IRC integration for Discourse as "Open".

WikimediaDevelop (instead of WMDSbot?) appeared today in #mediawiki and triggered an alert in the ops channels. Its cloak is gateway/shell/matrix.org/x-vjckkigsxqcbobxa and it signed on last night: * [WikimediaDevelop] idle 19:35:20, signon: Fri Jul 20 23:31:30

Sat, Jul 21, 6:10 PM · Discourse
Krenair added a comment to T180761: Move XHGui from tungsten to webperf-002.

It looks puppet is mangling order of output:

Notice: /Stage[main]/Httpd/Httpd::Mod_conf[php7.0]/Exec[ensure_present_mod_php7.0]/returns: ERROR: Module mpm_event is enabled - cannot proceed due to conflicts. It needs to be disabled first!
Notice: /Stage[main]/Httpd/Httpd::Mod_conf[php7.0]/Exec[ensure_present_mod_php7.0]/returns: ERROR: Could not enable dependency mpm_prefork for php7.0, aborting
Notice: /Stage[main]/Httpd/Httpd::Mod_conf[php7.0]/Exec[ensure_present_mod_php7.0]/returns: Considering dependency mpm_prefork for php7.0:
Notice: /Stage[main]/Httpd/Httpd::Mod_conf[php7.0]/Exec[ensure_present_mod_php7.0]/returns: Considering conflict mpm_event for mpm_prefork:
Notice: /Stage[main]/Httpd/Httpd::Mod_conf[php7.0]/Exec[ensure_present_mod_php7.0]/returns: Considering conflict mpm_worker for mpm_prefork:
Error: /usr/sbin/a2enmod php7.0 returned 1 instead of one of [0]
Error: /Stage[main]/Httpd/Httpd::Mod_conf[php7.0]/Exec[ensure_present_mod_php7.0]/returns: change from notrun to 0 failed: /usr/sbin/a2enmod php7.0 returned 1 instead of one of [0]

becomes:

krenair@deployment-webperf12:~$ sudo a2enmod php7.0
Considering dependency mpm_prefork for php7.0:
Considering conflict mpm_event for mpm_prefork:
ERROR: Module mpm_event is enabled - cannot proceed due to conflicts. It needs to be disabled first!
Considering conflict mpm_worker for mpm_prefork:
ERROR: Could not enable dependency mpm_prefork for php7.0, aborting
Sat, Jul 21, 6:05 PM · Beta-Cluster-Infrastructure, Performance-Team
Krenair added a project to T180761: Move XHGui from tungsten to webperf-002: Beta-Cluster-Infrastructure.
Sat, Jul 21, 5:44 PM · Beta-Cluster-Infrastructure, Performance-Team
Krenair added a comment to T200106: Give Nicholas Ray ldap/wmf group access.

Yes I think ldap/wmf lets you into logstash which will give you access to various logs.

Sat, Jul 21, 5:35 PM · LDAP-Access-Requests
Krenair removed a project from T200121: Fatal exception of type "InvalidArgumentException" while undeleting a file on Commons in RevisionStoreRecord.php: The given Title does not belong to page ID 50301569 but actually belongs to 53495560: Operations.

The next step here is to get someone to dig up the stack trace, I don't see anything here needing escalation all the way to ops.

Sat, Jul 21, 12:02 PM · Multi-Content-Revisions (MCR-SDC Storage Layer - phase 1), Wikimedia-log-errors, Commons
Krenair awarded T195689: Support PHP 7.0 webservices on Toolforge a Cookie token.
Sat, Jul 21, 11:38 AM · Toolforge
Krenair added a comment to T195689: Support PHP 7.0 webservices on Toolforge.

I think at some point I forgot that we are a community and not a closed project that can only depend on a dedicated team.

Sat, Jul 21, 11:38 AM · Toolforge
Krenair added a comment to T200125: Nomination of Addshore for Toolforge admin role.

Same thing I wrote on T200124: Nomination of Legoktm for Toolforge admin role

Sat, Jul 21, 11:11 AM · User-Addshore, cloud-services-team (Kanban), Toolforge
Krenair awarded T200125: Nomination of Addshore for Toolforge admin role a Like token.
Sat, Jul 21, 11:11 AM · User-Addshore, cloud-services-team (Kanban), Toolforge
Krenair awarded T200124: Nomination of Legoktm for Toolforge admin role a Like token.
Sat, Jul 21, 11:10 AM · cloud-services-team (Kanban), Toolforge
Krenair added a comment to T200124: Nomination of Legoktm for Toolforge admin role.

I don't think I needed a task like this for those rights. @Legoktm is a deployer he can probably still do cloudadmin stuff like adding himself to that group anyway.

Sat, Jul 21, 11:10 AM · cloud-services-team (Kanban), Toolforge
Krenair added a comment to T200106: Give Nicholas Ray ldap/wmf group access.

ldap/wmf unfortunately does include some code review privileges but is massively overkill for someone who just wants the code review parts.

Sat, Jul 21, 11:08 AM · LDAP-Access-Requests

Fri, Jul 20

Krenair awarded T199756: Phabricator task T200000 announcement a Y So Serious token.
Fri, Jul 20, 4:59 PM · Phabricator

Thu, Jul 19

Krenair awarded T200000: Elaborate match Google user with e-mail address in addition to user ID a Y So Serious token.
Thu, Jul 19, 6:18 PM · Patch-For-Review, GoogleLogin

Wed, Jul 18

Krenair awarded T199868: +2 for Jack Phoenix in mediawiki/* a Like token.
Wed, Jul 18, 11:21 PM · Repository-Ownership-Requests
Krenair awarded T199867: +2 for Huji in mediawiki/* a Like token.
Wed, Jul 18, 11:20 PM · Repository-Ownership-Requests

Tue, Jul 17

Krenair added a comment to T199717: Pick up a suitable ACME library for certcentral.

Oh, other thing to maybe consider that I had in the notes: Currently acme_tiny will just check that it can complete the challenge itself once, with any random backend host (web server behind nginx/varnish or, theoretically, auth DNS server - especially in our labs setup). But we may want to make it smarter than that, be able to check that all (or a % of?) the backends can handle the challenge before we tell LE we're ready.

Tue, Jul 17, 10:32 PM · Patch-For-Review, Traffic, Operations

Mon, Jul 16

Krenair added a comment to T199756: Phabricator task T200000 announcement.

Think we have to find T1392-T2000 first :)

Mon, Jul 16, 10:59 PM · Phabricator
Krenair added a comment to T199717: Pick up a suitable ACME library for certcentral.

From https://letsencrypt.org/docs/client-options/, another interesting option could be free_tls_certificates library. It's a high-level library based on python3-acme, but on an initial review apparently it lacks dns-01 support :(

Mon, Jul 16, 5:00 PM · Patch-For-Review, Traffic, Operations
Krenair added a comment to T199717: Pick up a suitable ACME library for certcentral.

Need to ensure that whatever we pick has the ability to be extended in terms of how challenges are done. I.e. we'll want to be able to have http-01 write to files, and dns-01 either store data to be picked up by the DNS server or written to Designate depending on config.

Mon, Jul 16, 4:49 PM · Patch-For-Review, Traffic, Operations
Krenair added a comment to T190015: Create separate user group for editing sitewide CSS/JavaScript that does not include administrators by default.

no, mediawiki doesn't have restrictions like that on groups. you don't need to be a sysop to be a bureaucrat and you won't need to be an sysop to be a techadmin

Mon, Jul 16, 12:31 AM · User-Tgr, Trust-and-Safety, Wikimedia-General-or-Unknown, Patch-For-Review, Security, JavaScript, Security-Core

Sun, Jul 15

Krenair added a comment to T198444: Simple English needs more love.

#2:

and MessagesSimple.php and simple.json (blah~blah~blah~, I love blah forever!) can easily be imported from simple.wikipedia's MediaWiki namespace.

You need to discuss with "friends" of twn en Portal before such "requests", any languages that twn disagree to (re)start translation supports, are languages that we the people that obey MediaWiki Code of Conduct excepted to not shown everywhere (generally, maybe except Wikidata).

Sun, Jul 15, 2:13 PM · MediaWiki-Internationalization, I18n
Krenair updated subscribers of T199647: Failing ParserIntegrationTest PHPUnit test causes CI failures for various extensions.
Sun, Jul 15, 1:16 PM · MW-1.32-release-notes (WMF-deploy-2018-07-17 (1.32.0-wmf.13)), Core-Platform-Team (CPT-Q1-Jul-Sep-2018), Patch-For-Review, SyntaxHighlight, MediaWiki-Parser, User-zeljkofilipin
Krenair changed the status of T199638: Bot API requests don't work from Mono on Linux (due to ancient Mono version with old ciphersuites) from Resolved to Invalid.
Sun, Jul 15, 3:13 AM · Wikimedia-General-or-Unknown
Krenair added a comment to T199638: Bot API requests don't work from Mono on Linux (due to ancient Mono version with old ciphersuites).

Seems to be a problem with the library version on the client, suggest we mark invalid.

Sun, Jul 15, 2:41 AM · Wikimedia-General-or-Unknown
Krenair renamed T199638: Bot API requests don't work from Mono on Linux (due to ancient Mono version with old ciphersuites) from Bot API requests don't work on Linux to Bot API requests don't work from Mono on Linux.
Sun, Jul 15, 2:13 AM · Wikimedia-General-or-Unknown
Krenair added a comment to T199638: Bot API requests don't work from Mono on Linux (due to ancient Mono version with old ciphersuites).

What version of Mono?

Sun, Jul 15, 2:13 AM · Wikimedia-General-or-Unknown

Sat, Jul 14

Krenair added a comment to T37947: Enable ipv6 on labs.

It should probably be noted on this task that work to move to neutron has resumed at T167293: Nova-network to Neutron migration, after which it is hoped that IPv6 should be doable without too much trouble.

Sat, Jul 14, 9:24 PM · Operations, Cloud-Services, IPv6, Cloud-VPS

Fri, Jul 13

Krenair added a comment to T152941: Make changing puppetmasters for Labs instances more easy.

Maybe have it check for puppet.{project}.wmflabs.org so projects can CNAME that to their chosen puppetmaster. At least, assuming the master it bootstraps from doesn't need autosigning enabled.

Is that kind of per-project CNAME easy to create via Horizon? I do not know much about what the DNS management screens offer. I know that we can't do that with instance names unless we make the convention "{project}-puppet" or "puppet-{project}" or something so that the base instance name is globally unique.

Fri, Jul 13, 9:38 PM · Puppet, Cloud-Services
Krenair added a comment to T141959: Moving network::external to hiera broke much of labs.

Was this ever done? Was it some puppet version thing perhaps?

Fri, Jul 13, 8:53 PM · Cloud-Services, Operations
Krenair updated subscribers of T152941: Make changing puppetmasters for Labs instances more easy.

Right now if you have a project puppetmaster and want to add a new instance to your project, to do it safely, you need to create your instance first, get it hooked up to puppet (a manual and arcane process), and only then start adding classes etc. (@Mholloway ran into this when setting up a new instance in deployment-prep - it matched a prefix that included a class that relied on hiera data only defined by a cherry-pick in labs/private.git on deployment-puppetmaster03, so the instance was bricked)

Fri, Jul 13, 8:47 PM · Puppet, Cloud-Services
Krenair added a comment to T100529: Document, explain, diagram labs vlans and network setup.

There is some info here now: https://wikitech.wikimedia.org/wiki/Portal:Cloud_VPS/Admin/Network_and_Policy

Fri, Jul 13, 8:39 PM · Documentation, Cloud-Services
Krenair added a comment to T163402: Ensure we can survive a loss of labservices1001.

See also T196252: Labservices1001 crashed

Fri, Jul 13, 8:36 PM · Operations, Cloud-Services
Krenair closed T131946: puppet failures due to "Could not find class" or "Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type" as Resolved.

I haven't.

Fri, Jul 13, 8:32 PM · Patch-For-Review, Beta-Cluster-reproducible, Puppet
Krenair closed T179371: Move deployment-prep redis instances to stretch as Resolved.
Fri, Jul 13, 8:30 PM · Beta-Cluster-Infrastructure, Patch-For-Review, User-fgiunchedi, Prometheus-metrics-monitoring, Operations
Krenair closed T179371: Move deployment-prep redis instances to stretch, a subtask of T144006: Move the MW Beta appservers to Debian, as Resolved.
Fri, Jul 13, 8:30 PM · Beta-Cluster-Infrastructure, HHVM, Operations
Krenair closed T179371: Move deployment-prep redis instances to stretch, a subtask of T132259: Deployment-prep hosts with puppet errors (tracking), as Resolved.
Fri, Jul 13, 8:30 PM · Puppet, Tracking, Beta-Cluster-Infrastructure
Krenair closed T152767: Missing Labs hiera entry in labs-private repo as Resolved.

Moved that to T199575

Fri, Jul 13, 8:26 PM · Operations, Cloud-Services
Krenair created T199575: labs/private.git hieradata/codfw.yaml is missing keys set in hieradata/eqiad.yaml.
Fri, Jul 13, 8:26 PM · Cloud-VPS
Krenair closed T199567: Puppet broken on deployment-cassandra3-0[12] due to missing class as Resolved.

Well puppet now runs though I'm not sure about this change it made:

--- /etc/ferm/conf.d/10_cassandra-cql	2017-10-11 20:56:35.665114746 +0000
+++ /tmp/puppet-file20180713-23449-1hoptx0	2018-07-13 18:52:29.617565428 +0000
@@ -1,5 +1,5 @@
 # Autogenerated by puppet. DO NOT EDIT BY HAND!
 #
 # 
-&R_SERVICE(tcp, 9042, @resolve((deployment-cassandra3-01.deployment-prep.eqiad.wmflabs deployment-cassandra3-02.deployment-prep.eqiad.wmflabs deployment-restbase01.deployment-prep.eqiad.wmflabs deployment-restbase02.deployment-prep.eqiad.wmflabs)));
+&R_SERVICE(tcp, 9042, @resolve((deployment-cassandra3-01.deployment-prep.eqiad.wmflabs deployment-cassandra3-02.deployment-prep.eqiad.wmflabs)));
Fri, Jul 13, 6:54 PM · Services, Beta-Cluster-Infrastructure
Krenair claimed T199567: Puppet broken on deployment-cassandra3-0[12] due to missing class.

Updated https://horizon.wikimedia.org/project/prefixpuppet/?tab=prefix_puppet__puppet-deployment-cassandra3- to use production instead of production_ng

Fri, Jul 13, 6:52 PM · Services, Beta-Cluster-Infrastructure
Krenair added a comment to T199567: Puppet broken on deployment-cassandra3-0[12] due to missing class.

caused by https://gerrit.wikimedia.org/r/#/c/operations/puppet/+/443114/

Fri, Jul 13, 6:46 PM · Services, Beta-Cluster-Infrastructure
Krenair created T199567: Puppet broken on deployment-cassandra3-0[12] due to missing class.
Fri, Jul 13, 6:46 PM · Services, Beta-Cluster-Infrastructure
Krenair updated the task description for T199555: HTTP 500 from edithiera endpoint when given certain hiera data.
Fri, Jul 13, 4:47 PM · Horizon
Krenair created T199555: HTTP 500 from edithiera endpoint when given certain hiera data.
Fri, Jul 13, 4:46 PM · Horizon

Thu, Jul 12

Krenair added a comment to T198823: Enable 2FA on wmfphab github account.

But you added MFA, doesn't a token now need to be used when Phab pushes using that username to Github over HTTPS?

Thu, Jul 12, 9:18 PM · Release-Engineering-Team, Phabricator
Krenair added a comment to T198823: Enable 2FA on wmfphab github account.

@mmodell, doesn't {K13} need to be updated?

Thu, Jul 12, 9:13 PM · Release-Engineering-Team, Phabricator
Krenair added a comment to T182927: Get letsencrypt wildcard cert for *.beta.wmflabs.org domains.

No I just need to puppetise my work to put them into use, see above

Thu, Jul 12, 7:39 AM · Release-Engineering-Team, Beta-Cluster-Infrastructure

Wed, Jul 11

Krenair added a subtask for T182927: Get letsencrypt wildcard cert for *.beta.wmflabs.org domains: T199387: Beta eswikibooks certificate issues.
Wed, Jul 11, 10:52 PM · Release-Engineering-Team, Beta-Cluster-Infrastructure
Krenair added a parent task for T199387: Beta eswikibooks certificate issues: T182927: Get letsencrypt wildcard cert for *.beta.wmflabs.org domains.
Wed, Jul 11, 10:52 PM · Beta-Cluster-Infrastructure
Krenair added a comment to T199387: Beta eswikibooks certificate issues.

I'm pretty sure that list is at maximum capacity btw so this is probably blocked by T182927

Wed, Jul 11, 10:51 PM · Beta-Cluster-Infrastructure
Krenair added a comment to T199387: Beta eswikibooks certificate issues.

aa.m.wikipedia is just the first name on the list, there's plenty more
unfortunately it does not include es.wikibooks

Wed, Jul 11, 10:51 PM · Beta-Cluster-Infrastructure
Krenair added a comment to T198915: wikibugs hits Phabricator's rate limiting and hence is unreliable.

Why are read-only requests being rate limited? That doesn't really make sense. Only write requests should be rate limited...

Wed, Jul 11, 9:33 PM · Phabricator, Wikibugs
Krenair added a comment to T199374: Delegate public IP range for Eqiad1-r OpenStack deployment to designate (neutron).

So someone with novaadmin will need to create a 56.15.185.in-addr.arpa designate zone in the wmflabsdotorg project.
Then we'll need to do some refactoring around the floating IP DNS update scripting to make it work on a second zone that doesn't need RFC 2317 trickery

Wed, Jul 11, 9:30 PM · Patch-For-Review, Cloud-Services
Krenair added a project to T199272: novaobserver doesn't appear to have access to view any information about security groups: Upstream.

Well in that case our particular setup is on purpose, is there an upstream ticket about separating the permissions?

Wed, Jul 11, 9:03 PM · Upstream, Cloud-VPS
Krenair closed T184244: Puppet broken on deployment-mx due to systemd on trusty, a subtask of T144006: Move the MW Beta appservers to Debian, as Resolved.
Wed, Jul 11, 8:49 PM · Beta-Cluster-Infrastructure, HHVM, Operations
Krenair closed T184244: Puppet broken on deployment-mx due to systemd on trusty as Resolved.
Wed, Jul 11, 8:49 PM · Patch-For-Review, Puppet, Beta-Cluster-Infrastructure
Krenair closed T184244: Puppet broken on deployment-mx due to systemd on trusty, a subtask of T132259: Deployment-prep hosts with puppet errors (tracking), as Resolved.
Wed, Jul 11, 8:49 PM · Puppet, Tracking, Beta-Cluster-Infrastructure
Krenair reopened T198915: wikibugs hits Phabricator's rate limiting and hence is unreliable as "Open".

My commit above is a crappy client-side workaround, it is not a proper server-side fix.

Wed, Jul 11, 8:47 PM · Phabricator, Wikibugs

Tue, Jul 10

hashar awarded T72792: Set up puppet exported resources to collect ssh host keys for beta a Love token.
Tue, Jul 10, 9:29 PM · Patch-For-Review, Puppet, Beta-Cluster-Infrastructure
Krenair created T199272: novaobserver doesn't appear to have access to view any information about security groups.
Tue, Jul 10, 8:12 PM · Upstream, Cloud-VPS
Krenair created T199270: deployment-tin:/srv/mediawiki-staging/wmf-config/event-schemas is out of sync.
Tue, Jul 10, 7:54 PM · Beta-Cluster-Infrastructure
Krenair added a comment to T199207: 404 on VisualEditor workboard (due to custom filter applied which did not exist in database).

For reference, what was done was to go to https://phabricator.wikimedia.org/project/board/483/query/cXWUBtEYlPCo/ (that ID on the end can be reused on other projects it seems), set the filter to open tasks and then save that as the default filter.

Tue, Jul 10, 7:34 PM · User-Ryasmeen, VisualEditor, Phabricator
Krenair added a comment to T199207: 404 on VisualEditor workboard (due to custom filter applied which did not exist in database).

I fiddled a bit, tried reverting the sprint change earlier, no luck: https://phabricator.wikimedia.org/project/manage/483/#47174

Tue, Jul 10, 6:42 PM · User-Ryasmeen, VisualEditor, Phabricator
Krenair removed Sprint Start Date on VisualEditor.
Tue, Jul 10, 6:42 PM
Krenair set Sprint Start Date to Sun, Jul 8, 11:00 PM on VisualEditor.
Tue, Jul 10, 6:41 PM
Krenair set Is Sprint to 1 on VisualEditor.
Tue, Jul 10, 6:41 PM
Krenair removed a hashtag from VisualEditor: #visualeditor-test-new-hashtag.
Tue, Jul 10, 6:41 PM
Krenair added a hashtag to VisualEditor: #visualeditor-test-new-hashtag.
Tue, Jul 10, 6:40 PM
Krenair added a comment to T199207: 404 on VisualEditor workboard (due to custom filter applied which did not exist in database).

hm nope, https://phabricator.wikimedia.org/project/board/483/disable/ gives a 404 when you press the button

Tue, Jul 10, 6:39 PM · User-Ryasmeen, VisualEditor, Phabricator
Krenair added a comment to T199207: 404 on VisualEditor workboard (due to custom filter applied which did not exist in database).

https://phabricator.wikimedia.org/project/board/483/manage/ shows it's enabled... let's try disabling and re-enabling to see if that helps things?

Tue, Jul 10, 6:38 PM · User-Ryasmeen, VisualEditor, Phabricator
Krenair added a comment to T72792: Set up puppet exported resources to collect ssh host keys for beta.

cleaned that up today per
<apergos> Krenair: I finally got a chance to note the config info for the old dumps puppetmaster in deployment-prep, you can kill it. I should have everything in my notes now
<apergos> thanks again

Tue, Jul 10, 6:34 PM · Patch-For-Review, Puppet, Beta-Cluster-Infrastructure

Mon, Jul 9

Krenair closed T192996: Delete deployment-mediawiki06 as Resolved.

thanks

Mon, Jul 9, 7:10 PM · Patch-For-Review, Security-Team, Operations, Beta-Cluster-Infrastructure
Krenair added a comment to T103801: *.tiles.wmflabs.org should be served over https.

@TheDJ https://a.tiles.wmflabs.org/osm-no-labels/12/2105/1346.png is a cert mismatch because the server attempts to serve the *.wmflabs.org cert which won't match

Mon, Jul 9, 7:07 PM · Cloud-Services, Maps, Discovery
Krenair added a comment to T198970: Epic: Implement SEO improvements suggested by Go Fish Digital.

Have we actually engaged as a vendor a company with this on their website? https://gofishdigital.com/online-reputation-management/

Yes. If you have a specific complaint, it might be helpful if you stated it clearly.

Mon, Jul 9, 7:03 PM · SEO, Epic

Sun, Jul 8

Krenair added a comment to T134447: letsencrypt puppetization: upgrade for scalability.

build an abstraction around this for large subject counts across multiple auto-split certs (for secure direct case, and probably also beta cluster w/ limited lang subs?)

Sun, Jul 8, 7:50 PM · Patch-For-Review, HTTPS, Traffic, Operations
Krenair added a comment to T182927: Get letsencrypt wildcard cert for *.beta.wmflabs.org domains.

So the ordinary puppetised renewal ran overnight and removed my wildcard cert from usage. Guess I should try to find some way to puppetise this in a way that doesn't break everything else. Problem is there's some pretty OpenStack-specific customisation to acme_tiny etc. in there. This thing might be easier once the central LE service work is done and DNS support is in there with some generic backend system in place.

Sun, Jul 8, 7:46 PM · Release-Engineering-Team, Beta-Cluster-Infrastructure
Krenair closed T145808: labtest mwyaml hiera backend causes errors as Resolved.

I'm assuming this resolved it but can't test anymore

Sun, Jul 8, 6:52 PM · Patch-For-Review, Cloud-Services, Cloud-VPS
Krenair added a comment to T192996: Delete deployment-mediawiki06.

Alright let's merge the above and delete this instance?

Sun, Jul 8, 6:44 PM · Patch-For-Review, Security-Team, Operations, Beta-Cluster-Infrastructure
Krenair added a comment to T153608: Migrate references from $instance.eqiad.wmflabs to $instance.$project.eqiad.wmflabs.

The deployment-prep ones will be fixed with https://gerrit.wikimedia.org/r/#/c/operations/puppet/+/436431/ and https://gerrit.wikimedia.org/r/#/c/operations/puppet/+/438001/

Sun, Jul 8, 6:41 PM · Puppet, Cloud-Services
Krenair updated the task description for T153608: Migrate references from $instance.eqiad.wmflabs to $instance.$project.eqiad.wmflabs.
Sun, Jul 8, 6:39 PM · Puppet, Cloud-Services
Krenair added a comment to T184244: Puppet broken on deployment-mx due to systemd on trusty.

So now I think we just need to get https://gerrit.wikimedia.org/r/#/c/operations/puppet/+/436431/ merged ?

Sun, Jul 8, 6:31 PM · Patch-For-Review, Puppet, Beta-Cluster-Infrastructure
Krenair updated subscribers of T192996: Delete deployment-mediawiki06.

@elukey you created this instance, know what it's for?

Sun, Jul 8, 4:50 PM · Patch-For-Review, Security-Team, Operations, Beta-Cluster-Infrastructure
Krenair added a comment to T151529: Using Gerrit/git requires the email registered via wikitech and ends ups being voluntary disclosed (break of privacy?).

Unless you're saying there should also be a notice when you change your email, though I suspect the registration time one covers it

Sun, Jul 8, 3:14 PM · WMF-Legal, Privacy, Gerrit
Krenair added a comment to T151529: Using Gerrit/git requires the email registered via wikitech and ends ups being voluntary disclosed (break of privacy?).

Well that's when it becomes publicly available.

Sun, Jul 8, 12:30 PM · WMF-Legal, Privacy, Gerrit

Fri, Jul 6

Krenair created T199007: Frequent exception while trying to extract anchors from task.
Fri, Jul 6, 10:35 PM · Wikibugs
Krenair added a project to T198995: Cassandra broken in beta: Cassandra.

Something's wrong with that host per T195709
What about 01?
See also T186750 and T186994

Fri, Jul 6, 8:31 PM · Cassandra, Beta-Cluster-Infrastructure, Services
Krenair added a comment to T198673: Remove deployment.wikimedia.beta.wmflabs.org wiki (deploymentwiki).

Can we also consider deleting all of those not needed anymore as well? Thanks.

Fri, Jul 6, 8:10 PM · Technical-Debt, Release-Engineering-Team (Someday), Beta-Cluster-Infrastructure
Krenair added a comment to T198810: Enforce 2FA for GitHub members.

According to the screenshot at the top of this task yes.

Fri, Jul 6, 7:56 PM · Release-Engineering-Team (Watching / External), Security-Team, GitHub-Mirrors