Right, I was forgetting the details of the implementation, I agree that it might affect only the misc shards where we just have one slave in the same DC. No objections.
I'm not saying it will not work, I just suggested to monitor it, because the ideal rpl_semi_sync_master_timeout that minimize the the waiting while keeping almost always the semi-sync active might be different between the slaves in the same DC and the cross-DC replication due to higher latency.
Thu, Mar 23
@jcrespo if I understand the patch correctly this means that we'll activate semi-sync also for the cross-DC replication?
If so I would consider not having it for the cross-DC or gather some data to ensure that the threshold is not usually reach to avoid it flapping between async and semi-sync.
See also the data I've gathered ~1 year ago in T131753
I agree with the principle, but we should also take into account the total distribution against the puppetmasters to avoid congestions and be careful with the per-DC basis.
Given that there are a lot of services on non-standard ports and the lvs_services configuration had multiple instances for each discovery entry with different ports (http/https) and the mapping will just be a hieradata structure convention, we agreed to instead reject all TCP traffic on failoid as a last rule for iptables.
Service up and running on roentgenium and tureis with puppet role failoid, refusing connections to ports 80 and 443.
Wed, Mar 22
Tue, Mar 21
+1, as soon as one DB is slightly delayed (~10s) thousands of warnings are logged.
Fri, Mar 17
Thu, Mar 16
Wed, Mar 15
Mon, Mar 13
My proposal is to have a python file for each task (where feasible) with the same external interface, so that it will be easy to import and call them from a centralized script with a simple menu. The centralized script will not interfere with stdout/stderr.
@fgiunchedi I've manually updated the task description because NRPE timed out (it took me ~1 minute to get the output).
As usual puppet is broken due to mkfs and alarming on Icinga
Fri, Mar 10
Wed, Mar 8
Fri, Mar 3
Mon, Feb 27
Sun, Feb 26
Feb 25 2017
Feb 24 2017
Cleanup completed and all looks good so far. Resolving
Feb 22 2017
Solved for now. I'll follow up with Labs folks on when/how to include Cumin in Labs too.
The main issue is tracked in T158757. For conftool the temporary solution is to ignore the warning:
Related issue with the current Puppet certificates: T158757
Feb 21 2017
@mmodell I'm not sure what's the status with the https://phabricator.wikimedia.org/source/keyholder/ repository that was recently created.
Feb 20 2017
@hashar I'm wondering if it could be easier to do the opposite and run only if matches a specific branch, debian in my case, but YMMV.
Another couple of enhancement that could be done for lintian, looking at the source code at https://github.com/mika/jenkins-debian-glue/blob/16f0ba5565435e12cb211c686bd5a49cb073252e/scripts/lintian-junit-report are: