Krenair (Alex Monk)
Wikimedia volunteer

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Oct 3 2014, 2:34 PM (224 w, 2 d)
Availability
Available
IRC Nick
Krenair
LDAP User
Alex Monk
MediaWiki User
Krenair [ Global Accounts ]

I am a Wikimedia volunteer helping in various technical ways. These days it's usually Beta Cluster, Cloud VPS, or Operations related. Since 2012 I've spent significant amounts of time involved in MediaWiki development, software deployments to the Wikimedia cluster, OTRS (email response to e.g. info-en@wikimedia.org addresses), and various other things.

Some of my old VisualEditor and other work (2014-2016) can be found under @AlexMonk-WMF instead.

I have opinions on things, which do not necessarily represent those of any organisation I am, have previously been, or will in the future be affiliated with.

Recent Activity

Yesterday

Krenair added a parent task for T133548: Create a secure redirect service for large count of non-canonical / junk domains: T190244: en-wp.org certificate error.
Sun, Jan 20, 3:42 AM · Patch-For-Review, HTTPS, Traffic, Operations
Krenair added a subtask for T190244: en-wp.org certificate error: T133548: Create a secure redirect service for large count of non-canonical / junk domains.
Sun, Jan 20, 3:42 AM · Domains, Operations, Traffic, Wikimedia-Apache-configuration
Krenair removed a subtask for T133548: Create a secure redirect service for large count of non-canonical / junk domains: T190244: en-wp.org certificate error.
Sun, Jan 20, 3:42 AM · Patch-For-Review, HTTPS, Traffic, Operations
Krenair removed a parent task for T190244: en-wp.org certificate error: T133548: Create a secure redirect service for large count of non-canonical / junk domains.
Sun, Jan 20, 3:42 AM · Domains, Operations, Traffic, Wikimedia-Apache-configuration
Krenair added a parent task for T133548: Create a secure redirect service for large count of non-canonical / junk domains: T214253: en.wikipedia.com [sic] serves an invalid certificate.
Sun, Jan 20, 3:40 AM · Patch-For-Review, HTTPS, Traffic, Operations
Krenair added a subtask for T214253: en.wikipedia.com [sic] serves an invalid certificate: T133548: Create a secure redirect service for large count of non-canonical / junk domains.
Sun, Jan 20, 3:40 AM · Operations, Traffic, HTTPS
Krenair added a comment to T214253: en.wikipedia.com [sic] serves an invalid certificate.

https://www.wikipedia.com works fine.

Sun, Jan 20, 3:39 AM · Operations, Traffic, HTTPS
Krenair added projects to T214253: en.wikipedia.com [sic] serves an invalid certificate: HTTPS, Traffic, Operations.

I think wikipedia.com is a junk redirect domain which makes this another case of T133548: Create a secure redirect service for large count of non-canonical / junk domains

Sun, Jan 20, 3:38 AM · Operations, Traffic, HTTPS

Sat, Jan 19

Krenair closed T207373: Remove maximum version dependencies as Resolved.
Sat, Jan 19, 9:36 PM · Patch-For-Review, Certcentral
Krenair created P8010 tourbot error.
Sat, Jan 19, 9:02 PM
Krenair updated subscribers of T196802: Remove deprecated mediawiki.api.* dependencies from extensions.

I've gone through @Krinkle's mwgreps and dealt with on-wiki uses of those modules

Sat, Jan 19, 8:36 PM · MW-1.33-notes (1.33.0-wmf.14; 2019-01-22), Readers-Web-Backlog (Tracking), Patch-For-Review, MediaWiki-extensions-General
Krenair added a comment to T204527: cloudvps: osmit project trusty deprecation.

Yes and I see you marked it in use in the last purge. However a project also needs to be maintained.

Sat, Jan 19, 2:40 PM · Cloud-VPS (Ubuntu Trusty Deprecation)

Fri, Jan 18

Krenair added a comment to T214201: Implement NSFW image classifier using Open NSFW.

Yes. I believe that when opening a task around a subject that may involve controversy, it can be helpful to provide any context showing how this is not the same thing as was argued over last time, and that transparency is highly valued around here :)

Fri, Jan 18, 10:22 PM · artificial-intelligence, Scoring-platform-team
Krenair added a comment to T214201: Implement NSFW image classifier using Open NSFW.

#wikimedia-ai logs:
2019-01-18 21:31:50 <halfak> harej, we have a specific request. It's not about removing NSFW content from commons, but flagging when NSFW content is added to an article -- for review.
2019-01-18 21:32:17 <harej> Ooh, that's interesting. Do you know more about the use case?
2019-01-18 21:32:57 <halfak> I'll CC you on the thread :)

Fri, Jan 18, 10:13 PM · artificial-intelligence, Scoring-platform-team
Krenair added a comment to T214201: Implement NSFW image classifier using Open NSFW.

Given previous controversy around this sort of thing, we should be extremely careful about how such a classifier gets used.

Fri, Jan 18, 10:08 PM · artificial-intelligence, Scoring-platform-team
Krenair added a comment to T127401: Create WMF-hosted unsubscribe page .

It seems questionable to me that this has been deprioritised for years while WMF continues to do things like buy EV TLS certs (cf T204931) in an attempt to increase user trust. Users in many cases are (rightly) being actively trained to be careful about clicking on links in emails, and donors have noticed how suspicious these external domains look. And it's not just this, other Silverpop domains are being used for what appears to be very simple redirecting (click tracking?)

Fri, Jan 18, 8:31 PM · Fundraising-Backlog
Krenair closed T204692: cloudvps: social-tools project trusty deprecation as Resolved.

@lcawte dealt with it

Fri, Jan 18, 5:52 PM · Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair merged T214161: wikidata-dev wikidata-lexeme instance has been found to be running an unsupported operating system into T213913: Retire or update wikidata-dev/wikibase-lexeme trusty cloud VPS instance.
Fri, Jan 18, 1:05 PM · Wikidata, Wikidata-Campsite
Krenair merged task T214161: wikidata-dev wikidata-lexeme instance has been found to be running an unsupported operating system into T213913: Retire or update wikidata-dev/wikibase-lexeme trusty cloud VPS instance.
Fri, Jan 18, 1:05 PM · Wikidata, Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a comment to T214161: wikidata-dev wikidata-lexeme instance has been found to be running an unsupported operating system.

yeah, this is a dupe, just missed due to lack of Cloud-VPS (Ubuntu Trusty Deprecation) tag

Fri, Jan 18, 1:04 PM · Wikidata, Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a hashtag to Cloud-VPS (Ubuntu Trusty Deprecation): #cloud-vps-ubuntu-deprecation.
Fri, Jan 18, 1:04 PM
Krenair added a comment to T214025: "The authentication plugin denied the password change." on wikitech.

Weird. That might be it but I can't think of where such a group would come from...

Fri, Jan 18, 12:42 PM · Performance-Team, wikitech.wikimedia.org
Krenair created T214161: wikidata-dev wikidata-lexeme instance has been found to be running an unsupported operating system.
Fri, Jan 18, 12:39 PM · Wikidata, Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair created T214160: globaleducation outreachdashboard instance has been found to be running an unsupported operating system.
Fri, Jan 18, 12:38 PM · Education-Program-Dashboard, Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair reopened T204692: cloudvps: social-tools project trusty deprecation as "Open".

@Legoktm gadgets still exists though is shutoff: https://tools.wmflabs.org/openstack-browser/server/gadgets.social-tools.eqiad.wmflabs

Fri, Jan 18, 12:13 PM · Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a comment to T204502: cloudvps: design project trusty deprecation.

design-lsg3, living-style-guide, and lsg-01 should be shut down today

Fri, Jan 18, 10:47 AM · Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a comment to T204503: cloudvps: dumps project trusty deprecation.

@Nemo_bis to clarify you're talking about dumps-stats, or bugzilla?

Fri, Jan 18, 10:47 AM · Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a comment to T204506: cloudvps: maps project trusty deprecation.

maps-tiles2, maps-tiles3 and maps-wma1 should be shutoff today... It looks like maps-wma1 is still critical, what about the other two? Should this be extended given there is work actively being done on it?

Fri, Jan 18, 10:45 AM · Patch-For-Review, User-TheDJ, Cloud-VPS (Ubuntu Trusty Deprecation), Maps
Krenair added a comment to T204508: cloudvps: getstarted project trusty deprecation.

vrt.getstarted.eqiad.wmflabs should be shut down today @Freddy2001

Fri, Jan 18, 10:42 AM · Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a comment to T204509: cloudvps: math project trusty deprecation.

The remaining trusty instances should be shut down today

Fri, Jan 18, 10:41 AM · User-Physikerwelt, Cloud-VPS (Ubuntu Trusty Deprecation), Math
Krenair added a comment to T204527: cloudvps: osmit project trusty deprecation.

This is scheduled for shutdown today

Fri, Jan 18, 10:39 AM · Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a comment to T204683: cloudvps: queryrapi project trusty deprecation.

@JeroenDeDauw @Addshore: ping, this is scheduled for shutdown today

Fri, Jan 18, 10:39 AM · Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a comment to T204694: cloudvps: telnet project trusty deprecation.

@cscott please see @Andrew's comment

Fri, Jan 18, 10:38 AM · Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a comment to T204703: cloudvps: wildcat project trusty deprecation.

Old instance should be powered off today

Fri, Jan 18, 10:38 AM · Patch-For-Review, Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a comment to T214025: "The authentication plugin denied the password change." on wikitech.

It looks to me as if wikitech failed to insert the user into LDAP, I can't find anything using any of the provided information:

krenair@bastion-eqiad1-01:~$ ldapsearch -x uid=performanceteam
# extended LDIF
#
# LDAPv3
# base <dc=wikimedia,dc=org> (default) with scope subtree
# filter: uid=performanceteam
# requesting: ALL
#
Fri, Jan 18, 10:32 AM · Performance-Team, wikitech.wikimedia.org
Krenair added a comment to T214025: "The authentication plugin denied the password change." on wikitech.

Well you would've inserted it somewhere during registration, I think it might be shown in wikitech preferences, crucially for your use case it'll be what you SSH to Gerrit with

Fri, Jan 18, 10:15 AM · Performance-Team, wikitech.wikimedia.org

Thu, Jan 17

Krenair added a comment to T214025: "The authentication plugin denied the password change." on wikitech.

I mean the LDAP uid, aka "instance shell name"

Thu, Jan 17, 3:22 PM · Performance-Team, wikitech.wikimedia.org
Krenair closed T213820: certcentral is incompatible with the current python3-acme version shipped in stretch-backports as Resolved.
Thu, Jan 17, 1:11 PM · Patch-For-Review, Certcentral
Krenair added a comment to T214025: "The authentication plugin denied the password change." on wikitech.

What uid are you using for this user?

Thu, Jan 17, 11:51 AM · Performance-Team, wikitech.wikimedia.org
Krenair added a comment to T204695: cloudvps: wikidataconcepts project trusty deprecation.

FYI DNS seems to be okay now

Thu, Jan 17, 2:40 AM · Cloud-VPS (Ubuntu Trusty Deprecation), User-GoranSMilovanovic
Krenair added a comment to T204695: cloudvps: wikidataconcepts project trusty deprecation.
  • new web proxy created wmdeanalytics.wmflabs.org and mapped onto port 3838;
  • a visit to http://wmdeanalytics.wmflabs.org/ returns (Chromium): This site can’t be reached wmdeanalytics.wmflabs.org’s server IP address could not be found. DNS_PROBE_FINISHED_NXDOMAIN
Thu, Jan 17, 1:25 AM · Cloud-VPS (Ubuntu Trusty Deprecation), User-GoranSMilovanovic

Wed, Jan 16

Krenair added a comment to T213820: certcentral is incompatible with the current python3-acme version shipped in stretch-backports.

@Vgutierrez: this is done now right?

Wed, Jan 16, 11:05 PM · Patch-For-Review, Certcentral
Krenair added a comment to T213958: Welcome Survey: disable implicit escape of Variation C.

Making surveys unskippable sounds like a bad idea pretty much by principle.

Wed, Jan 16, 9:41 PM · MW-1.33-notes (1.33.0-wmf.13; 2019-01-15), MediaWiki-extensions-GrowthExperiments, Patch-For-Review, Growth-Team (Current Sprint)
Krenair added a comment to T213946: dispenser dabfix: Do not throw HTTP status code 404 for external links redirected from wmflabs.

I'm pretty sure that is not a page technically imposed by toolforge, but by that tool's author. Look at the page source.

Wed, Jan 16, 6:47 PM · Tools
Krenair renamed T213946: dispenser dabfix: Do not throw HTTP status code 404 for external links redirected from wmflabs from Do not throw HTTP status code 404 for external links redirected from wmflabs to dispenser dabfix: Do not throw HTTP status code 404 for external links redirected from wmflabs.
Wed, Jan 16, 5:34 PM · Tools
Krenair added a comment to T213880: Cleaning up #Mediawiki-extensions-other.

I understand the reasoning behind this but I am skeptical about how good an idea it is to create phab projects for code that might not actually be tracking issues in Wikimedia Phabricator.

Wed, Jan 16, 12:39 AM · Project-Admins

Tue, Jan 15

Krenair awarded T213711: move tools proxy nodes to eqiad1 a Evil Spooky Haunted Tree token.
Tue, Jan 15, 11:51 PM · Patch-For-Review, Cloud-VPS (Ubuntu Trusty Deprecation), cloud-services-team (Kanban), Goal
Krenair added a comment to T213820: certcentral is incompatible with the current python3-acme version shipped in stretch-backports.

Wasn't this https://gerrit.wikimedia.org/r/#/c/operations/software/certcentral/+/459866/ ?

Tue, Jan 15, 2:34 PM · Patch-For-Review, Certcentral

Mon, Jan 14

Krenair closed T141266: letsencrypt puppetization: add parallel rsa+ecdsa cert support, a subtask of T134447: letsencrypt puppetization: upgrade for scalability, as Resolved.
Mon, Jan 14, 1:34 PM · Patch-For-Review, HTTPS, Traffic, Operations
Krenair closed T141266: letsencrypt puppetization: add parallel rsa+ecdsa cert support as Resolved.

I think at this point the route forward is certcentral and there's not much point keeping this particular ticket open. Feel free to reopen if you disagree.

Mon, Jan 14, 1:34 PM · HTTPS, Traffic, Operations
Krenair closed T134447: letsencrypt puppetization: upgrade for scalability, a subtask of T133548: Create a secure redirect service for large count of non-canonical / junk domains, as Resolved.
Mon, Jan 14, 1:34 PM · Patch-For-Review, HTTPS, Traffic, Operations
Krenair closed T134447: letsencrypt puppetization: upgrade for scalability as Resolved.

I think at this point the route forward is certcentral and there's not much point keeping this particular ticket open. Feel free to reopen if you disagree.

Mon, Jan 14, 1:34 PM · Patch-For-Review, HTTPS, Traffic, Operations
Krenair added a comment to T197616: Create a production test wiki in group0 to parallel Wikimedia Commons.

Is this intentionally missing from the replicas?

MariaDB [testwiki_p]> USE testcommonswiki_p;
ERROR 1044 (42000): Access denied for user 's52657'@'%' to database 'testcommonswiki_p'
MariaDB [testwiki_p]> SELECT * FROM meta_p.wiki WHERE url LIKE "%test-commons%";
Empty set (0.04 sec)

This breaks some tools that go off of the CentralAuth API and then attempt to query the replicas. But, maybe such tools should instead use meta_p.wiki :)

Don’t think anyone has filed a task requesting the views on labs to be created. It doesn’t happen automatically, so hence it not working

I don’t know if it is needed/wanted

Mon, Jan 14, 2:49 AM · DBA, Release-Engineering-Team (Watching / External), SDC Engineering, Wiki-Setup (Create), SDC General, Wikidata

Sat, Jan 12

Krenair added a comment to T213623: Request creation of StrangerBot VPS project.

I don't think Wikimedia should be providing resources to run this sort of bot, sorry.

Sat, Jan 12, 11:57 PM · Cloud-VPS (Project-requests)
Krenair created T213627: PDF service on English Wikipedia closing connection before download is done.
Sat, Jan 12, 3:29 PM · Electron-PDFs

Thu, Jan 10

Krenair closed T213500: spam as Invalid.

(account disabled by @greg)

Thu, Jan 10, 11:58 PM · Trash
Krenair awarded T213351: Timeboxed investigation into browser fingerprinting for anti-abuse report to WMF Board a The World Burns token.
Thu, Jan 10, 12:00 AM · Anti-Harassment (Bet — ב)

Wed, Jan 9

Krenair added a comment to T213351: Timeboxed investigation into browser fingerprinting for anti-abuse report to WMF Board.

This is sounding all kinds of dodgy. You're not ruling out introducing closed-source software? You're building a new feature behind closed doors? You're doing browser fingerprinting?

Wed, Jan 9, 11:57 PM · Anti-Harassment (Bet — ב)

Tue, Jan 8

Krenair edited projects for T213175: s5 is ~22 hours lagged, added: Data-Services; removed Toolforge.
Tue, Jan 8, 2:23 PM · Data-Services

Fri, Dec 28

Krenair added a comment to T204683: cloudvps: queryrapi project trusty deprecation.

@Addshore seeing as you've assigned this, please can you confirm the assignee is aware of the task?

Fri, Dec 28, 12:02 AM · Cloud-VPS (Ubuntu Trusty Deprecation)

Thu, Dec 27

Krenair updated subscribers of T119313: Horizon - create security group - 0 length description issue.

@bd808 declined?

Thu, Dec 27, 1:36 PM · Upstream, Horizon
Krenair added a comment to T211972: Delete tool 'prometheus'.

I'm assuming this is more about human confusion than actual conflicts

Thu, Dec 27, 2:09 AM · Toolforge, cloud-services-team (Kanban)

Wed, Dec 26

Krenair added a project to T212619: HTTP 500 error: xtools.wmflabs.org is currently unable to handle this request.: XTools.
Wed, Dec 26, 11:25 AM · XTools
Krenair renamed T212617: archive_userindex view not updated to include ar_comment_id from Toolforge archive_userindex not updated to use new comment table to archive_userindex view not updated to include ar_comment_id.
Wed, Dec 26, 12:49 AM · Data-Services

Mon, Dec 24

Krenair added a comment to T212594: tools-bastion-03 is having problems talking to the grid master.

<Krenair> Debenben, to clarify this affects submissions as well right?
<Debenben> yes, I get the same message in the error log for a job that i submit

Mon, Dec 24, 12:33 PM · Toolforge
Krenair created T212594: tools-bastion-03 is having problems talking to the grid master.
Mon, Dec 24, 12:30 PM · Toolforge

Sun, Dec 23

Krenair added a comment to T212573: Request creation of indico VPS project.

getting slightly off topic

Sun, Dec 23, 8:04 PM · Cloud-VPS (Project-requests)
Krenair added a comment to T212573: Request creation of indico VPS project.

Right but my point is Cloud VPS is not intended for production usage.

Sun, Dec 23, 10:53 AM · Cloud-VPS (Project-requests)
Krenair added a comment to T210951: Evaluate Indico as submission software for Wikimania.

This task and its subtask should not really be tagged Cloud-VPS as they are not related to the Cloud VPS infrastructure. They would be specific to a project (though there is not yet(?) a project)

Sun, Dec 23, 10:44 AM · Cloud-VPS
Krenair added a comment to T212573: Request creation of indico VPS project.

but not recommended for production usage.

Sun, Dec 23, 10:42 AM · Cloud-VPS (Project-requests)

Sat, Dec 22

Krenair edited projects for T212570: Follow up T131367: Clean up existing cases of proxies matching project names, added: Cloud-VPS; removed Horizon.
Sat, Dec 22, 9:54 PM · Cloud-VPS
Krenair removed a subtask for T131367: Proxy corner case: proxy name foo.wmflabs.org == domain name foo.wmflabs.org: T212570: Follow up T131367: Clean up existing cases of proxies matching project names.
Sat, Dec 22, 9:54 PM · Patch-For-Review, Horizon
Krenair removed a parent task for T212570: Follow up T131367: Clean up existing cases of proxies matching project names: T131367: Proxy corner case: proxy name foo.wmflabs.org == domain name foo.wmflabs.org.
Sat, Dec 22, 9:54 PM · Cloud-VPS
Krenair triaged T212570: Follow up T131367: Clean up existing cases of proxies matching project names as Normal priority.
Sat, Dec 22, 9:53 PM · Cloud-VPS
Krenair added a comment to T212567: Meta-Wiki and blanking page problems..

It sounds to me like you are suggesting admin (rather than developer)
action, so this task would be invalid

Sat, Dec 22, 7:15 PM · Wikimedia-General-or-Unknown
Krenair added a comment to T212567: Meta-Wiki and blanking page problems..

Is the abuse filter system not sufficient for admins to prevent this sort
of thing?

Sat, Dec 22, 7:02 PM · Wikimedia-General-or-Unknown
Krenair added a comment to T211523: Request creation of <Videowiki> VPS project.

Theoretically I think this should've been reviewed on the 18th December, but now I think it'll have to wait until the 8th.

Sat, Dec 22, 11:29 AM · Cloud-VPS (Project-requests)

Dec 22 2018

Krenair removed a project from T212327: Beta Cluster mailer not sending emails: MediaWiki-Email.
Dec 22 2018, 12:54 AM · Cloud-VPS, Beta-Cluster-reproducible, Patch-For-Review, Mail
Krenair edited projects for T212327: Beta Cluster mailer not sending emails, added: Beta-Cluster-reproducible, Cloud-VPS; removed Beta-Cluster-Infrastructure.
Dec 22 2018, 12:54 AM · Cloud-VPS, Beta-Cluster-reproducible, Patch-For-Review, Mail
Krenair created T212549: Set up new Zotero on beta cluster.
Dec 22 2018, 12:35 AM · Kubernetes, Beta-Cluster-Infrastructure
Krenair closed T204500: cloudvps: deployment-prep project trusty deprecation as Resolved.
Dec 22 2018, 12:34 AM · Cloud-VPS (Ubuntu Trusty Deprecation), Beta-Cluster-Infrastructure

Dec 21 2018

Krenair added a comment to T204500: cloudvps: deployment-prep project trusty deprecation.

It seems the Trusty image have been powered off for a week already. If not needed anymore, please delete it and close this phab task. Thanks!

Dec 21 2018, 11:32 AM · Cloud-VPS (Ubuntu Trusty Deprecation), Beta-Cluster-Infrastructure

Dec 20 2018

Krenair added a comment to T212327: Beta Cluster mailer not sending emails.

I don't see what that has to do with it

Dec 20 2018, 9:24 PM · Cloud-VPS, Beta-Cluster-reproducible, Patch-For-Review, Mail

Dec 19 2018

Krenair added a comment to T212327: Beta Cluster mailer not sending emails.

hostlist wikimedia_nets = <; <%= scope.lookupvar('network::constants::all_networks').join(" ; ") %>
hostlist relay_from_hosts = <; @[] ; 127.0.0.1 ; ::1 ; <%= scope.lookupvar('network::constants::all_networks').join(" ; ") %>

Dec 19 2018, 9:13 PM · Cloud-VPS, Beta-Cluster-reproducible, Patch-For-Review, Mail
Krenair added a comment to T212327: Beta Cluster mailer not sending emails.

So I think this broke during the eqiad1-r migration.
/etc/exim4/exim4.conf:
hostlist wikimedia_nets = <; 91.198.174.0/24 ; 208.80.152.0/22 ; 2620:0:860::/46 ; 198.35.26.0/23 ; 185.15.56.0/22 ; 2a02:ec80::/32 ; 2001:df2:e500::/48 ; 103.102.166.0/24 ; 10.0.0.0/8
hostlist relay_from_hosts = <; @[] ; 127.0.0.1 ; ::1 ; 91.198.174.0/24 ; 208.80.152.0/22 ; 2620:0:860::/46 ; 198.35.26.0/23 ; 185.15.56.0/22 ; 2a02:ec80::/32 ; 2001:df2:e500::/48 ; 103.102.166.0/24 ; 10.0.0.0/8
Contains 10/8 but not the new range.

Dec 19 2018, 8:49 PM · Cloud-VPS, Beta-Cluster-reproducible, Patch-For-Review, Mail
Krenair added a comment to T212327: Beta Cluster mailer not sending emails.

(None of that seemed to have any effect on -mx02.)

Dec 19 2018, 8:24 PM · Cloud-VPS, Beta-Cluster-reproducible, Patch-For-Review, Mail
Krenair added a comment to T212327: Beta Cluster mailer not sending emails.

Well that's weird, dunno why puppet's autoupdater was stuck while rebasing seemed to work fine:

root@deployment-puppetmaster03:/var/lib/git/operations/puppet(production u+16-110)# git pull --rebase origin production
From https://gerrit.wikimedia.org/r/p/operations/puppet
 * branch                  production -> FETCH_HEAD
First, rewinding head to replay your work on top of it...
Applying: [WIP] logstash: send errors to sentry
Applying: swift: lower replication interval for beta
Applying: prometheus: make ferm DNS record type configurable
Applying: Hack profile::base::firewall to prevent dupe definition
Applying: Add account for phabricator_files to swift::params::accounts
Applying: Scap: scap_source correct gid
Applying: swift: use implicit /dev/swift prefix for swift devices
Applying: Puppetise simple no-CA class for deployment-dumps-puppetmaster02
Applying: Attempt to secure Puppet DB better
Applying: [LOCAL HACK] tls certs for deployment-elastic*
Applying: Move declaration of diamond package out of diamond class
Applying: cumin: Allow Puppet DB backend to be used within Labs projects that use it
Applying: Beta: maintenance: no openldap management
Applying: Re-combine labs and production exim minimal config
Applying: varnish: move $all_networks to $trusted_networks
Applying: logstash: add new logging kafka consumer
root@deployment-puppetmaster03:/var/lib/git/operations/puppet(production u+16)#
Dec 19 2018, 8:03 PM · Cloud-VPS, Beta-Cluster-reproducible, Patch-For-Review, Mail
Krenair added a comment to T212327: Beta Cluster mailer not sending emails.

Let's fix root@deployment-puppetmaster03:/var/lib/git/operations/puppet(production u+16-110) first

Dec 19 2018, 8:01 PM · Cloud-VPS, Beta-Cluster-reproducible, Patch-For-Review, Mail
Krenair added a comment to T212327: Beta Cluster mailer not sending emails.

From deployment-mx02:/var/log/exim4/mainlog:
2018-12-19 19:45:50 H=deployment-mediawiki-07.deployment-prep.eqiad.wmflabs [172.16.4.119]:45122 I=[172.16.4.120]:25 F=<wiki-enwiki-1t-pk01kd-IfxAC4l3++aDeOz1@beta.wmflabs.org> rejected RCPT <krenair@gmail.com>: Relay not permitted

Dec 19 2018, 7:49 PM · Cloud-VPS, Beta-Cluster-reproducible, Patch-For-Review, Mail
Krenair added a comment to T212327: Beta Cluster mailer not sending emails.

I think I set beta's wikimail stuff to go via deployment-mx02, will look into it

Dec 19 2018, 7:44 PM · Cloud-VPS, Beta-Cluster-reproducible, Patch-For-Review, Mail
Krenair added a comment to T212302: CloudVPS: upgrade: jessie -> stretch & mitaka -> newton.

If we're planning to skip Ocata and go to Newton

Dec 19 2018, 3:40 PM · Patch-For-Review, cloud-services-team (Kanban)

Dec 18 2018

Krenair removed a project from T212244: Set up a process for regularly updating the Beta Cluster's copies of common.js, gadgets, and similar files: Operations.
Dec 18 2018, 8:02 PM · Beta-Cluster-Infrastructure
Krenair added a comment to T204512: cloudvps: multimedia project trusty deprecation.

Yes it's possible there was a second instance running at the time it got it marked in use, which was since removed. If an instance is no longer in use then please delete it.

Dec 18 2018, 2:31 AM · Cloud-VPS (Ubuntu Trusty Deprecation), Multimedia
Krenair added a comment to T204695: cloudvps: wikidataconcepts project trusty deprecation.

I can ask them to post here but I think they will want to know:

  • why is more time needed? the task was filed 18th september, the deadline (18th december) given on 22nd october
  • how much more time is needed?
  • how is it essential exactly? it runs inside wmflabs rather than production
Dec 18 2018, 1:54 AM · Cloud-VPS (Ubuntu Trusty Deprecation), User-GoranSMilovanovic
Krenair added a comment to T204695: cloudvps: wikidataconcepts project trusty deprecation.

I suspect it'll go through a regularly-powered-off-but-not-deleted phase and then ultimately they'll delete the old trusty instances. Projects with active migration efforts will probably be left be for now, e.g. the tools project which is the biggest and most complicated project still has trusty stuff and is expected to for a few more months, and that one is directly administered by the same people that also administer the Cloud VPS environment in general. I wouldn't count on stuff working out for projects where there is no serious migration happening though.

Dec 18 2018, 1:41 AM · Cloud-VPS (Ubuntu Trusty Deprecation), User-GoranSMilovanovic
Krenair updated subscribers of T204512: cloudvps: multimedia project trusty deprecation.

Yeah, this is not the only project in such a situation, there is a reason this sort of project (team-scope) would not be permitted today :)
The project was marked in use by @Harej 2018-09-21 (https://wikitech.wikimedia.org/w/index.php?title=News/Cloud_VPS_2018_Purge&diff=prev&oldid=1803812), it'd be good to know who is using it, how (it has no floating IPs and the only proxy appears to be broken), and whether they can maintain it.

Dec 18 2018, 1:34 AM · Cloud-VPS (Ubuntu Trusty Deprecation), Multimedia
Krenair updated subscribers of T204688: cloudvps: shiny-r project trusty deprecation.

I think this is T210215: Quota usage not being counted properly in new region or something related. @Andrew may be the best person for this

Dec 18 2018, 1:23 AM · Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair assigned T204503: cloudvps: dumps project trusty deprecation to Nemo_bis.

@Nemo_bis Today is the deadline.

Dec 18 2018, 1:17 AM · Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a comment to T204505: cloudvps: discovery-stats project trusty deprecation.

Today is the deadline.

Dec 18 2018, 1:17 AM · Cloud-VPS (Ubuntu Trusty Deprecation)
Krenair added a comment to T204508: cloudvps: getstarted project trusty deprecation.

@Freddy2001 Today is the deadline.

Dec 18 2018, 1:17 AM · Cloud-VPS (Ubuntu Trusty Deprecation)