Page MenuHomePhabricator
People Majavah

Majavah (Taavi Väänänen)
Volunteer

Projects (17)
View All

Calendar

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Feb 24 2019, 3:58 PM (115 w, 1 d)
Availability
Available
IRC Nick
Majavah
LDAP User
Majavah
MediaWiki User
Majavah [ Global Accounts ]

User-Majavah contains most of the things that I'm working on. See also my MediaWiki.org page for more about me.

Recent Activity
View All

Today

Majavah added a member for Trusted-Contributors: cmooney.
Mon, May 10, 6:01 PM
Majavah added a comment to T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS).
In T264221#7075468, @Bstorm wrote:

It seems to me that adding something in the template to specify the port for the ingress is the simplest and safest solution. That should just be a profile-based template and adding a parameter with a sane default.

Mon, May 10, 6:00 PM · User-Majavah, Patch-For-Review, PAWS, Kubernetes, Toolforge, cloud-services-team (Kanban)
Majavah triaged T282474: tools.topicmatcher update_items_from_sparql.php frequently running Toolforge nodes out of resources as High priority.
Mon, May 10, 5:36 PM · cloud-services-team (Kanban), Tools, Toolforge
Majavah reopened T282087: Support cinder or expanded ephemeral disk worker nodes on Toolforge Kubernetes as "Open".

So tools ingress nodes are failing puppet since their ephemeral disk is only 20G while the patch has min_gb => 40,. Is there any reason not to remove that?

Mon, May 10, 1:21 PM · Kubernetes, cloud-services-team (Kanban), Toolforge
Majavah reopened T282087: Support cinder or expanded ephemeral disk worker nodes on Toolforge Kubernetes, a subtask of T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS), as Open.
Mon, May 10, 1:21 PM · User-Majavah, Patch-For-Review, PAWS, Kubernetes, Toolforge, cloud-services-team (Kanban)
Majavah added a comment to T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS).

Updated the docs: https://wikitech.wikimedia.org/w/index.php?title=Portal:Toolforge/Admin/Kubernetes/Networking_and_ingress&curid=444438&diff=1911417&oldid=1886320

Mon, May 10, 12:37 PM · User-Majavah, Patch-For-Review, PAWS, Kubernetes, Toolforge, cloud-services-team (Kanban)
Majavah added a comment to T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS).

I just deployed the new ingress controller to toolsbeta:

Mon, May 10, 12:18 PM · User-Majavah, Patch-For-Review, PAWS, Kubernetes, Toolforge, cloud-services-team (Kanban)

Yesterday

Majavah moved T282313: Wikibase, starting from scratch from Backlog to Session proposals on the Wikimedia-Hackathon-2021 board.
Sun, May 9, 2:36 PM · Wikimedia-Hackathon-2021
Majavah moved T282383: [Session] Building a tool from scratch from Backlog to Session proposals on the Wikimedia-Hackathon-2021 board.
Sun, May 9, 2:35 PM · Wikimedia-Hackathon-2021
Majavah moved T282382: [Session] Wikidata Live Querying from Backlog to Session proposals on the Wikimedia-Hackathon-2021 board.
Sun, May 9, 2:35 PM · Wikimedia-Hackathon-2021
Majavah closed T282364: Access other databases from a slice as Invalid.

Yes, the wiki replicas have been upgraded and you now need to connect to the correct shard. See https://wikitech.wikimedia.org/wiki/News/Wiki_Replicas_2020_Redesign for details. This was announced multiple times on the cloud-announce@ mailing list that we strongly recommend that all cloud services users are subscribed to.

Sun, May 9, 12:51 PM · Data-Services
Majavah removed a project from T242712: Deprecation (if possible) of the #central channel on irc.wikimedia.org: stewardbots.

Untagging stewardbots, SULWatcher no longer uses this channel

Sun, May 9, 11:45 AM · User-Elukey, Analytics
Majavah closed T279884: SULWatcher not compatible with new python versions (3.6+) as Resolved.
Sun, May 9, 11:44 AM · stewardbots, User-Majavah
Majavah closed T278628: Use SASL in SULWatcher, a subtask of T278584: Promote use of SASL for Cloud VPS/Toolforge hosted Freenode IRC bots, as Resolved.
Sun, May 9, 11:37 AM · wikimedia-irc-freenode, Toolforge, Cloud-VPS
Majavah closed T278628: Use SASL in SULWatcher as Resolved.

Thanks! Deployed with two sets of fixes (https://gerrit.wikimedia.org/r/c/labs/tools/stewardbots/+/687591/ and https://gerrit.wikimedia.org/r/c/labs/tools/stewardbots/+/687594) that both were intended to be included in the initial change.

Sun, May 9, 11:37 AM · User-Zabe, stewardbots

Sat, May 8

Majavah added a comment to T280301: Refresh certs that are not controlled by kubeadm.

The last time this was done (T250874) was about 11 months ago, so we have another month remaining before the certificates expire.

Sat, May 8, 4:58 PM · cloud-services-team (Kanban), Toolforge
Majavah moved T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS) from Unsorted to Working on on the User-Majavah board.
Sat, May 8, 4:07 PM · User-Majavah, Patch-For-Review, PAWS, Kubernetes, Toolforge, cloud-services-team (Kanban)
Majavah added a comment to T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS).

I'm still unable to get the admission webhook working with v1 api, but the v1beta1 api still appears to be working with the ingress controller v0.46.0. Managed to find a spot where to put the default backend too, so I think it's ready for toolsbeta.

Sat, May 8, 4:04 PM · User-Majavah, Patch-For-Review, PAWS, Kubernetes, Toolforge, cloud-services-team (Kanban)
Majavah removed a parent task for T280436: Migrate Toolforge admission webhooks to use the admissionregistration.k8s.io/v1 API: T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS).
Sat, May 8, 4:03 PM · Patch-For-Review, Kubernetes, cloud-services-team (Kanban), Toolforge
Majavah removed a subtask for T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS): T280436: Migrate Toolforge admission webhooks to use the admissionregistration.k8s.io/v1 API.
Sat, May 8, 4:03 PM · User-Majavah, Patch-For-Review, PAWS, Kubernetes, Toolforge, cloud-services-team (Kanban)
Majavah added a comment to T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS).

I have the ingress controller v0.46.0 as deployed by Helm running mostly fine locally. There are still a things to deal with (notably 404 handling and verifying the admission controller works), I'll likely deploy it to the new toolsbeta node either tomorrow or early next week.

Sat, May 8, 1:52 PM · User-Majavah, Patch-For-Review, PAWS, Kubernetes, Toolforge, cloud-services-team (Kanban)
Majavah claimed T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS).
Sat, May 8, 10:38 AM · User-Majavah, Patch-For-Review, PAWS, Kubernetes, Toolforge, cloud-services-team (Kanban)
Majavah added a comment to T23272: Graphically differentiate in history and logs revisions which are deleted from those suppressed.
In T23272#7071382, @Xaosflux wrote:

Would a non-enwiki OS'er screen shot the deleted lines here (https://en.wikipedia.org/w/index.php?title=User:Xaosflux/sandbox101&action=history) to illustrate?

Sat, May 8, 10:36 AM · MW-1.37-notes (1.37.0-wmf.4; 2021-05-04), MediaWiki-Revision-deletion

Fri, May 7

Majavah moved T282273: [Session] Where can I run this? An introduction to Wikimedia Cloud Services from Backlog to Session proposals on the Wikimedia-Hackathon-2021 board.
Fri, May 7, 7:28 PM · Wikimedia-Hackathon-2021, cloud-services-team (Kanban)
Majavah closed T263617: Cannot login to beta cluster: "There seems to be a problem with your login session..." as Resolved.

Hopefully fixed for good this time.

Fri, May 7, 6:29 PM · User-Ryasmeen, User-Majavah, User-zeljkofilipin, Beta-Cluster-reproducible, Beta-Cluster-Infrastructure
Majavah renamed T211259: Allow use of <meter> element in wikitext from Whitelist <meter> element in wikitext to Allow use of <meter> element in wikitext.
Fri, May 7, 6:25 PM · Accessibility, MediaWiki-Parser
Majavah added a comment to T280615: Rename OTRS member global group.

Usual process for renaming global groups is something like this:

  1. add messages for new group in WikimediaMessages, wait until they roll out everywhere with the train
  2. ask a steward to rename the group
  3. remove messages for the old group
Fri, May 7, 6:23 PM · Patch-For-Review, WikimediaMessages, Znuny
Majavah edited projects for T282264: Monitor certificate validity for Cloud VPS, added: cloud-services-team (Kanban); removed SRE.
Fri, May 7, 5:46 PM · cloud-services-team (Kanban), Cloud-VPS
Majavah added a project to T282241: "Angielski" is displayed when when "Polski" is hovered over: Wikimedia-Portals.
Fri, May 7, 1:57 PM · Wikimedia-Portals
Majavah assigned T282235: Configure Neutron VIP ports for tools and toolsbeta k8s haproxies to Andrew.

(edit conflict)

Fri, May 7, 11:40 AM · cloud-services-team (Kanban), Toolforge
Majavah placed T282235: Configure Neutron VIP ports for tools and toolsbeta k8s haproxies up for grabs.
Fri, May 7, 11:39 AM · cloud-services-team (Kanban), Toolforge
Majavah created T282235: Configure Neutron VIP ports for tools and toolsbeta k8s haproxies.
Fri, May 7, 11:37 AM · cloud-services-team (Kanban), Toolforge
Majavah renamed T282227: Make toolforge k8s service names a CNAME to .svc. to allow editing without cloudinfra access from Make toolforge k8s service names a CNAME to .svc. to allow editing without toolsbeta access to Make toolforge k8s service names a CNAME to .svc. to allow editing without cloudinfra access.
Fri, May 7, 9:49 AM · cloud-services-team (Kanban), Toolforge
Majavah created T282227: Make toolforge k8s service names a CNAME to .svc. to allow editing without cloudinfra access.
Fri, May 7, 9:49 AM · cloud-services-team (Kanban), Toolforge

Thu, May 6

Majavah added a comment to T282087: Support cinder or expanded ephemeral disk worker nodes on Toolforge Kubernetes.

Ingress and control currently use a smaller flavor (g2.cores2.ram4.disk40), we need an equivalent flavor for those. Is 140G ephemeral storage really needed? For example tools-k8s-worker-68 is currently using 40G in /docker, we could use smaller disks to preserve space.

Thu, May 6, 6:29 PM · Kubernetes, cloud-services-team (Kanban), Toolforge
Majavah moved T282046: [Session] Modeling the Future of Wikimedia APIs from Backlog to Session proposals on the Wikimedia-Hackathon-2021 board.
Thu, May 6, 10:20 AM · Wikimedia-Hackathon-2021
Majavah moved T282039: [Session] Intro to Toolhub for tool maintainers from Backlog to Session proposals on the Wikimedia-Hackathon-2021 board.
Thu, May 6, 10:20 AM · Developer-Advocacy (Apr-Jun 2021), User-bd808, Toolhub, Wikimedia-Hackathon-2021
Majavah updated the task description for T282087: Support cinder or expanded ephemeral disk worker nodes on Toolforge Kubernetes.
Thu, May 6, 8:10 AM · Kubernetes, cloud-services-team (Kanban), Toolforge
Majavah added a subtask for T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS): T282087: Support cinder or expanded ephemeral disk worker nodes on Toolforge Kubernetes.
Thu, May 6, 7:36 AM · User-Majavah, Patch-For-Review, PAWS, Kubernetes, Toolforge, cloud-services-team (Kanban)
Majavah added a parent task for T282087: Support cinder or expanded ephemeral disk worker nodes on Toolforge Kubernetes: T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS).
Thu, May 6, 7:36 AM · Kubernetes, cloud-services-team (Kanban), Toolforge
Majavah created T282087: Support cinder or expanded ephemeral disk worker nodes on Toolforge Kubernetes.
Thu, May 6, 7:35 AM · Kubernetes, cloud-services-team (Kanban), Toolforge
Majavah added a comment to T264221: Upgrade the nginx ingress controller in Toolforge (and likely PAWS).

We can be 100% certain there are no clashes by creating three new ingress nodes with a slightly different taint/label, deploy via helm, test and then redirect the load balancers via puppet

Thu, May 6, 7:29 AM · User-Majavah, Patch-For-Review, PAWS, Kubernetes, Toolforge, cloud-services-team (Kanban)
Majavah added a comment to T267082: Rebuild Toolforge servers that should not have NFS mounted (and with affinity).
  • tools-k8s-ingress-1 and tools-k8s-ingress-2
  • Beware, has a server group
Thu, May 6, 7:22 AM · Toolforge, cloud-services-team (Kanban)

Wed, May 5

Majavah added a comment to T278390: Toolforge root for Majavah.
Wed, May 5, 7:33 PM · cloud-services-team (Kanban), Toolforge
Majavah added a member for Striker: Majavah.
Wed, May 5, 7:22 PM
nskaggs awarded T278390: Toolforge root for Majavah a Party Time token.
Wed, May 5, 7:14 PM · cloud-services-team (Kanban), Toolforge
Majavah raised the priority of T277687: Deprecated cross-wiki access to User. Expected: 'eswiki', Actual: the local wiki. Pass expected $wikiId. [Called from User::getId] from High to Needs Triage.

protecting per T281972

Wed, May 5, 5:57 PM · Security-Team, Security, MW-1.36-notes (1.36.0-wmf.36; 2021-03-23), Patch-For-Review, Platform Team Workboards (MW Expedition), User-brennen, MediaWiki-extensions-CentralAuth, Wikimedia-production-error
Majavah added a comment to T281625: Request increased quota for deployment-prep Cloud VPS project.
In T281625#7062453, @bd808 wrote:

@Majavah what new quota are you hoping to receive? This ask currently seems to be for "more", but it is not clear how much more. +100GiB? +300GiB? +500GiB?

Wed, May 5, 4:13 PM · Beta-Cluster-Infrastructure, Cloud-VPS (Quota-requests)
Majavah closed T110115: Possible to run writes (e.g. UPDATE) on Beta Cluster replica as Resolved.

I'm calling this resolved. The patches are deployed and I amended the documentation on https://wikitech.wikimedia.org/wiki/Nova_Resource:Deployment-prep/Databases#Read_only for these situations and updated enwiki and metawiki error messages to link to it.

Wed, May 5, 3:49 PM · User-Majavah, SRE, Beta-Cluster-Infrastructure
Majavah closed T110115: Possible to run writes (e.g. UPDATE) on Beta Cluster replica, a subtask of T87220: Minimize infrastructure differences between Beta Cluster and production, as Resolved.
Wed, May 5, 3:49 PM · Technical-Debt, Tracking-Neverending, SRE, Beta-Cluster-Infrastructure
Majavah created T281986: deployment-deploy* failing puppet due to kafka not having ipv6.
Wed, May 5, 1:47 PM · Beta-Cluster-Infrastructure
Majavah set Security to security-bug on T281972: ActorStore::checkDatabaseDomain: InvalidArgumentException: DB connection domain does not match when suppressing via Special:CentralAuth.

protecting due to the abuse potential of not being able to suppress an user with PII or other sensitive material in the username

Wed, May 5, 11:50 AM · Patch-For-Review, SecTeam-Processed, MW-1.37-notes (1.37.0-wmf.4; 2021-05-04), MW-1.36-release, Platform Team Workboards (MW Expedition), Security, MediaWiki-User-management, MediaWiki-extensions-CentralAuth, Wikimedia-production-error
Majavah updated the task description for T281625: Request increased quota for deployment-prep Cloud VPS project.
Wed, May 5, 10:41 AM · Beta-Cluster-Infrastructure, Cloud-VPS (Quota-requests)
Majavah added a comment to T281837: extensions/CentralAuth - Use UserGroupManager instead of User group methods.

This needs a proper solution for the CentralAuthGroupMembershipProxy/SpecialGlobalGroupMembership hack, see also T263207 T255309.

Wed, May 5, 7:38 AM · MediaWiki-extensions-CentralAuth, Technical-Debt (Deprecation process), MW-1.37-notes (1.37.0-wmf.3; 2021-04-27), MW-1.36-notes (1.36.0-wmf.37; 2021-03-30), Platform Team Workboards (MW Expedition)
Majavah added a comment to T281753: In Mailman3 if a list has no owners, mail goes to root@.

Maybe T280744: Mail to root@lists1001.wikimedia.org from noreply@lists1001.wikimedia.org doesn't work is related?

Wed, May 5, 4:30 AM · User-Ladsgroup, Mail, SRE, Wikimedia-Mailing-lists

Tue, May 4

Majavah added a project to T281812: Audit/Assess external monitoring strategy: User-fgiunchedi.
Tue, May 4, 10:24 AM · User-fgiunchedi, observability

Mon, May 3

Majavah added a comment to T280807: Exception trying to upload file to Commons Archive at commonsarchive.wmflabs.org.
In T280807#7054326, @Aklapper wrote:

See https://admin.toolforge.org/tool/commonsarchive for a list of maintainers

Mon, May 3, 6:24 PM
Majavah moved T281744: Mailman3 does not display the "your subscription needs to be approved by the list admins" notice on subscription form from Backlog to Mailman v3 on the Wikimedia-Mailing-lists board.
Mon, May 3, 6:09 PM · SRE, Upstream, Wikimedia-Mailing-lists
Majavah created T281744: Mailman3 does not display the "your subscription needs to be approved by the list admins" notice on subscription form.
Mon, May 3, 6:09 PM · SRE, Upstream, Wikimedia-Mailing-lists
Majavah created T281699: swift-ring: Add support for Cinder based Cloud VPS VMs.
Mon, May 3, 12:23 PM · Beta-Cluster-Infrastructure, SRE-swift-storage
Majavah added a comment to T281514: Cinder API no longer provides used quotas to novaobserver/openstack-browser.

Yeah, that works. Thanks!

Mon, May 3, 6:22 AM · User-Majavah, Cloud-VPS, cloud-services-team (Kanban)
Majavah closed T281514: Cinder API no longer provides used quotas to novaobserver/openstack-browser as Resolved.
Mon, May 3, 6:22 AM · User-Majavah, Cloud-VPS, cloud-services-team (Kanban)
Majavah abandoned D1192: Fix Cinder quota display.
Mon, May 3, 6:22 AM
Majavah committed R2073:12a3fc4d4f16: Fix Cinder quota display (authored by Majavah).
Fix Cinder quota display
Mon, May 3, 6:19 AM
Majavah requested review of D1192: Fix Cinder quota display.
Mon, May 3, 6:12 AM

Sat, May 1

Majavah created T281625: Request increased quota for deployment-prep Cloud VPS project.
Sat, May 1, 10:01 AM · Beta-Cluster-Infrastructure, Cloud-VPS (Quota-requests)
Majavah added a comment to T110115: Possible to run writes (e.g. UPDATE) on Beta Cluster replica.
In T110115#7050521, @jcrespo wrote:

Is there a way to have effective monitoring on beta

Sat, May 1, 8:53 AM · User-Majavah, SRE, Beta-Cluster-Infrastructure

Fri, Apr 30

Majavah moved T281589: [Session] Technical Documentation Q&A from Backlog to Session proposals on the Wikimedia-Hackathon-2021 board.
Fri, Apr 30, 6:21 PM · Wikimedia-Hackathon-2021
Majavah moved T281588: [Session] Better practices for technical documentation from Backlog to Session proposals on the Wikimedia-Hackathon-2021 board.
Fri, Apr 30, 6:21 PM · Wikimedia-Hackathon-2021
Majavah added a comment to T277990: Swift uses http in deployment-prep, https in production.

Now that we have cfssl I created a CNAME for a svc domain name and configured an envoy proxy in front of Swift. This means that it's now available from https://ms-fe.svc.deployment-prep.eqiad1.wikimedia.cloud. I haven't moved any clients yet, will do in the future if someone isn't faster than me.

Fri, Apr 30, 3:02 PM · Patch-For-Review, SRE-swift-storage, Beta-Cluster-Infrastructure
Majavah added a project to T281580: slow-sshfs-transfer-rate (91kB/sec) from login.tools.wmflabs.org to local workstation: cloud-services-team (Kanban).
Fri, Apr 30, 2:38 PM · cloud-services-team (Kanban), Toolforge
Majavah claimed T206158: Investigate setting up HTTPS directly on beta appservers.

So this is now working on deployment-mediawiki11 with the help of jbond to get CFSSL working with envoy. Next step is to get caches and other hosts to trust it.

Fri, Apr 30, 12:53 PM · User-Majavah, Beta-Cluster-Infrastructure
Majavah added a comment to T206158: Investigate setting up HTTPS directly on beta appservers.
In T206158#7048731, @Majavah wrote:

So Envoy will only be installed if profile::envoy::ensure is present, but if that's set to present you need to have at least one services_proxy enabled listener.

Not sure if intentional or not.

Fri, Apr 30, 11:51 AM · User-Majavah, Beta-Cluster-Infrastructure
Majavah updated subscribers of T281562: Global unblock request system.

Hi! The existing enwiki tool, UTRS, has already had a significant amount of work put into it to make it support stewards and other non-enwiki wikis. While most required functionality is already present, it's not fully there yet, mostly due to lack of volunteer availability for code review.

Fri, Apr 30, 11:24 AM · TnS-Roadmap
Majavah added a comment to T206158: Investigate setting up HTTPS directly on beta appservers.

Now that CFSSL is a thing, I took a look at this as the certs are much easier to generate. I added the following hiera to deployment-mediawiki11:

profile::envoy::ensure: present
profile::mediawiki::webserver::has_tls: true
profile::pki::client::ensure: present
profile::services_proxy::envoy::enabled_listeners:
- dummy-to-workaround-requirements
profile::services_proxy::envoy::listeners:
- name: dummy-to-workaround-requirements
  port: 24107
  service: dummy-to-workaround-requirements
  timeout: 1s
  upstream: example.com
profile::tlsproxy::envoy::access_log: true
profile::tlsproxy::envoy::capitalize_headers: true
profile::tlsproxy::envoy::cfssl_label: deployment-prep.eqiad1.wikimedia.cloud
profile::tlsproxy::envoy::global_cert_name: deployment-mediawiki11.deployment-prep.eqiad1.wikimedia.cloud
profile::tlsproxy::envoy::retries: false
profile::tlsproxy::envoy::services:
- port: 80
  server_names:
  - '*'
profile::tlsproxy::envoy::sni_support: 'no'
profile::tlsproxy::envoy::ssl_provider: cfssl
profile::tlsproxy::envoy::tls_port: 443
profile::tlsproxy::envoy::upstream_response_timeout: 203.0
service::catalog:
  dummy-to-workaround-requirements:
    description: this only exists to workaround https://github.com/wikimedia/puppet/blob/d780c818b698f2f255f51f105c3d815099291c39/modules/profile/manifests/services_proxy/envoy.pp#L37
    encryption: false
    ip:
      eqiad:
        default: 192.0.2.1
    lvs:
      class: high-traffic1
      conftool:
        cluster: dummy-to-workaround-requirements
        service: dummy-to-workaround-requirements
      depool_threshold: '.5'
      enabled: true
      monitors:
        IdleConnection:
          max-delay: 300
          timeout-clean-reconnect: 3
      scheduler: wrr
    port: 24108
    sites: []
    state: production
Fri, Apr 30, 11:06 AM · User-Majavah, Beta-Cluster-Infrastructure
Majavah created P15669 (An Untitled Masterwork).
Fri, Apr 30, 10:29 AM
Majavah added a comment to T110115: Possible to run writes (e.g. UPDATE) on Beta Cluster replica.

Instead of tracking the current primary in hiera/etc, I'd propose to just set read_only = 1 by default on all beta database servers. The replicas should be read-only (which this task is all about), and the primary server isn't restarted often (especially now that Cloud VPS VMs can be live migrated between hypervisors without downtime), if they are it's usually a human who can set the primary to read-write using set global read_only = 0; and if it's a crash it's a good idea for a human to look at the logs before allowing writes.

Fri, Apr 30, 10:13 AM · User-Majavah, SRE, Beta-Cluster-Infrastructure

Thu, Apr 29

Majavah closed T211393: openstack-browser and horizon: Security group and floating IP quota information being pulled from Nova instead of Neutron for eqiad1-r as Resolved.
Thu, Apr 29, 6:20 PM · User-Majavah, Tool-openstack-browser, cloud-services-team (Kanban), Horizon
Majavah created T281514: Cinder API no longer provides used quotas to novaobserver/openstack-browser.
Thu, Apr 29, 6:15 PM · User-Majavah, Cloud-VPS, cloud-services-team (Kanban)
Majavah moved T281467: [Session] Lua modules training from Backlog to Session proposals on the Wikimedia-Hackathon-2021 board.
Thu, Apr 29, 11:45 AM · Wikimedia-Hackathon-2021
Majavah removed a project from T281450: Exception: Table 'enwiki.wb_items_per_site' doesn't exist: Beta-Cluster-Infrastructure.

Treating as a software bug and not a betacluster infrastructure one, this is a blocker for next train

Thu, Apr 29, 9:09 AM · Wikibase (3rd party installations), wdwb-tech, Beta-Cluster-reproducible
Majavah added a subtask for T281145: 1.37.0-wmf.4 deployment blockers: T281450: Exception: Table 'enwiki.wb_items_per_site' doesn't exist.
Thu, Apr 29, 9:08 AM · User-brennen, Release-Engineering-Team (Doing), Release, Train Deployments
Majavah added a parent task for T281450: Exception: Table 'enwiki.wb_items_per_site' doesn't exist: T281145: 1.37.0-wmf.4 deployment blockers.
Thu, Apr 29, 9:08 AM · Wikibase (3rd party installations), wdwb-tech, Beta-Cluster-reproducible
Majavah updated subscribers of T281450: Exception: Table 'enwiki.wb_items_per_site' doesn't exist.

https://github.com/wikimedia/Wikibase/commit/8c912634c1316be52653dc5514701b124809393d looks related, cc @Lucas_Werkmeister_WMDE

Thu, Apr 29, 9:06 AM · Wikibase (3rd party installations), wdwb-tech, Beta-Cluster-reproducible
Majavah added a comment to T281450: Exception: Table 'enwiki.wb_items_per_site' doesn't exist.

Aren't those supposed to exist on wikidatawiki and not on enwiki?

Thu, Apr 29, 9:05 AM · Wikibase (3rd party installations), wdwb-tech, Beta-Cluster-reproducible
Majavah committed R2073:c8df6e922896: Use Neutron to list floating ip addresses (authored by Majavah).
Use Neutron to list floating ip addresses
Thu, Apr 29, 6:53 AM
Majavah committed R2073:eff36cadc01b: Load network quota information from Neutron (authored by Majavah).
Load network quota information from Neutron
Thu, Apr 29, 6:37 AM
Majavah claimed T211393: openstack-browser and horizon: Security group and floating IP quota information being pulled from Nova instead of Neutron for eqiad1-r.
Thu, Apr 29, 6:11 AM · User-Majavah, Tool-openstack-browser, cloud-services-team (Kanban), Horizon
Majavah closed T211777: Can't get quota information from Neutron API as Resolved.
>>> neutron = client.Client(session=keystone.session("deployment-prep"), timeout=2, region_name="eqiad1-r")
>>> neutron.show_quota_details("deployment-prep")
{'quota': {'network': {'limit': 100, 'used': 0, 'reserved': 0}, 'subnet': {'limit': 100, 'used': 0, 'reserved': 0}, 'subnetpool': {'limit': -1, 'used': 0, 'reserved': 0}, 'port': {'limit': 100, 'used': 68, 'reserved': 0}, 'router': {'limit': 10, 'used': 0, 'reserved': 0}, 'floatingip': {'limit': 8, 'used': 5, 'reserved': 0}, 'rbac_policy': {'limit': 10, 'used': 0, 'reserved': 0}, 'security_group': {'limit': 40, 'used': 27, 'reserved': 0}, 'security_group_rule': {'limit': 500, 'used': 131, 'reserved': 0}}}
Thu, Apr 29, 5:43 AM · cloud-services-team (Kanban), Upstream, Cloud-VPS
Majavah closed T211777: Can't get quota information from Neutron API, a subtask of T211393: openstack-browser and horizon: Security group and floating IP quota information being pulled from Nova instead of Neutron for eqiad1-r, as Resolved.
Thu, Apr 29, 5:43 AM · User-Majavah, Tool-openstack-browser, cloud-services-team (Kanban), Horizon
Majavah moved T281360: [Session] Managing Wikimedia Categories using Wikidata from Backlog to Session proposals on the Wikimedia-Hackathon-2021 board.
Thu, Apr 29, 5:15 AM · Wikimedia-Hackathon-2021

Wed, Apr 28

Majavah merged T281411: Accessing [[Special:ListFiles]] triggers Database error in Wikimedia Commons into T281405: Wikimedia\Rdbms\DBQueryError: Error 1054: Unknown column 'img_actor' .
Wed, Apr 28, 7:51 PM · MW-1.37-notes (1.37.0-wmf.3; 2021-04-27), Platform Engineering, Commons, MediaWiki-File-management, Wikimedia-production-error
Majavah merged task T281411: Accessing [[Special:ListFiles]] triggers Database error in Wikimedia Commons into T281405: Wikimedia\Rdbms\DBQueryError: Error 1054: Unknown column 'img_actor' .
Wed, Apr 28, 7:51 PM
Majavah updated subscribers of T281405: Wikimedia\Rdbms\DBQueryError: Error 1054: Unknown column 'img_actor' .

https://gerrit.wikimedia.org/r/c/mediawiki/core/+/680821 looks related, cc @tstarling

Wed, Apr 28, 7:49 PM · MW-1.37-notes (1.37.0-wmf.3; 2021-04-27), Platform Engineering, Commons, MediaWiki-File-management, Wikimedia-production-error
Majavah added a project to T281405: Wikimedia\Rdbms\DBQueryError: Error 1054: Unknown column 'img_actor' : MediaWiki-File-management.
Wed, Apr 28, 7:46 PM · MW-1.37-notes (1.37.0-wmf.3; 2021-04-27), Platform Engineering, Commons, MediaWiki-File-management, Wikimedia-production-error
Majavah merged T281407: DB Error when attempting to go to user watchlist into T281405: Wikimedia\Rdbms\DBQueryError: Error 1054: Unknown column 'img_actor' .
Wed, Apr 28, 7:46 PM · MW-1.37-notes (1.37.0-wmf.3; 2021-04-27), Platform Engineering, Commons, MediaWiki-File-management, Wikimedia-production-error
Majavah merged task T281407: DB Error when attempting to go to user watchlist into T281405: Wikimedia\Rdbms\DBQueryError: Error 1054: Unknown column 'img_actor' .
Wed, Apr 28, 7:46 PM · SRE, Commons
Majavah closed T281396: Cross-wiki rights on beta cluster as Resolved.

After chatting with Leaderboard and DannyS712 on IRC I went ahead and granted +steward, given there is a valid use case (testing things, which beta is designed for) and they are a trusted user with some elevated access on production too.

Wed, Apr 28, 6:24 PM · User-Majavah, Beta-Cluster-Infrastructure
Majavah closed T281239: Global developer for Zabe on beta as Resolved.
(change visibility) 21:08, 28 April 2021 Majavah talk contribs block changed global group membership for User:Zabe from (none) to developer (phab:T281239)

Done, per multiple supports and no opposes above.

Wed, Apr 28, 6:09 PM · User-Zabe, User-Majavah, Beta-Cluster-Infrastructure

Tue, Apr 27

dmehus awarded T281178: Setting $wgCentralAuthGlobalPasswordPolicies does not take effect a Like token.
Tue, Apr 27, 6:45 PM · SecTeam-Processed, User-Majavah, User-Urbanecm, User-RhinosF1, MediaWiki-extensions-CentralAuth
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL