Page MenuHomePhabricator

faidon (Faidon Liambotis)
SRE

Projects (13)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Thursday

  • Clear sailing ahead.

User Details

User Since
Oct 7 2014, 10:21 AM (320 w, 6 d)
Availability
Available
IRC Nick
paravoid
LDAP User
Faidon Liambotis
MediaWiki User
Faidon Liambotis (WMF) [ Global Accounts ]

Recent Activity

Wed, Nov 25

faidon updated the task description for T205897: Netbox: fill network topology.
Wed, Nov 25, 2:27 PM · netbox, Operations

Mon, Nov 23

faidon added a comment to T267714: ripe-atlas-codfw is down.

Thanks - can you file a procurement request to that effect (& then resolve this task)?

Mon, Nov 23, 4:23 PM · ops-codfw, netops, Operations
faidon reopened T175876: document all scs connections as "Open".

Per @ayounsi above, "Last missing info is cable IDs". I don't see that as having taken place yet, right? The Cables report is even emitting soft-warnings about it (warnings that we should convert to errors once this work completes). Reopening the task, as it was probably resolved by mistake.

Mon, Nov 23, 7:47 AM · ops-eqiad, DC-Ops, Operations
faidon reopened T175876: document all scs connections, a subtask of T175625: scs-c1-eqiad unresponsive, as Open.
Mon, Nov 23, 7:47 AM · ops-eqiad, DC-Ops, Operations

Oct 22 2020

faidon edited P13050 TCP flags combinations for Turnilo's map.
Oct 22 2020, 1:13 PM · netops, Operations
faidon created P13050 TCP flags combinations for Turnilo's map.
Oct 22 2020, 11:06 AM · netops, Operations

Oct 19 2020

faidon added a comment to T263290: Turnilo: per-second rates for wmf_netflow bytes + packets.

Yay, that's awesome! You can't imagine how much time this would save!

Oct 19 2020, 9:27 AM · Analytics-Kanban, Analytics, netops, Traffic, Operations

Oct 16 2020

faidon updated subscribers of T265393: eqiad: Netbox Error for asw2-d4-eqiad.

From the Netbox changelog ("Changelog" tab on the device) it looks like some changes were made on September 28th by @Cmjohnson and later one change on Oct 6th by @wiki_willy. Specifically:

Oct 16 2020, 1:11 PM · Operations, ops-eqiad, DC-Ops

Sep 24 2020

faidon added a comment to T263277: Collect netflow data for internal traffic.

I wonder as what kind of ASN would these flows show up as (esp. with confederations!), as well as whether we could have a dimension to be able to differentiate between internet traffic, and backhaul traffic. We'd also need a dimension of "site" to be able to filter or slice for traffic from esams to eqiad like the parent task required, right? Also see T254332, which also makes me wonder whether adding all of these different dimensions is going to start being a problem :)

Sep 24 2020, 3:27 PM · netops, Traffic, Operations

Sep 21 2020

faidon added a comment to T263212: Consider balancing VRRP primaries to cr1/cr2.

BTW, one dangerous impact of this (as with all ECMP!) is that it would harder to notice a situation where we don't have enough capacity to carry regular amounts of traffic when one of the paths is down for whatever reason. We could perhaps mitigate this by tuning our monitoring to alert on 40-50% utilization, at least for the common cases of link redundancy (codfw/eqdfw, eqiad/codfw). So this will still get us extra capacity for "abnormal" conditions (like edge in eqiad but MW & Swift on codfw etc.) but still alert us to the situation where we don't have enough capacity for normal levels of traffic.

Sep 21 2020, 1:15 PM · Operations, netops

Sep 17 2020

faidon triaged T263212: Consider balancing VRRP primaries to cr1/cr2 as Medium priority.
Sep 17 2020, 11:15 PM · Operations, netops
faidon added a comment to T260363: Standardize VRRP group IDs.

SGTM!

Sep 17 2020, 11:00 PM · netops, Operations

Sep 16 2020

faidon added a comment to T261145: Enable access for wmcs-admins to run wmcs-prefixed cookbooks on cumin hosts.

Hey - this was brought to my attention, and we discussed it today at the I/F meeting. The outcome of our conversation was that @Volans and @jbond will do a final review pass and merge r621343 ~by the end of this week.

Sep 16 2020, 5:53 PM · SRE-Access-Requests, Data-Services, cloud-services-team (Kanban), Operations

Sep 14 2020

faidon added a comment to T250053: Netbox report accounting icinga alert.

In general, I haven't been a big fan of how the Netbox errors are reported. An onsite engineer could install a bunch of new hardware one day, not have enough time to check the Netbox reports before they leave, and a week goes by before their next trip onsite...where they end up prioritizing other new tasks over fixing the error. Or if they're already at home updating the Netbox entries, but have to be onsite to verify a mismatch, it also gets pushed to the backburner, as other priorities pop up during their next site visit.

Sep 14 2020, 1:45 PM · ops-eqiad, DC-Ops, Operations

Sep 11 2020

faidon added a comment to T250053: Netbox report accounting icinga alert.

Broadly speaking:

  • We shouldn't have outstanding alerts open (or even acknowledged) for more than a few days. If there is an alert, it means there is an abnormal condition that requires fixing. If the issues require a significant amount of work to address, then a a task should be created and the alert acknowledged with the task in the comment while it's getting fixed. I'd expect the DC Ops teams to be primary for such alerts and act on them, but also everyone in SRE is expected to triage alerts and reach out to owners and file tasks about them (like @ayounsi did here)
  • If there are false positives often, then this is something that we should fix. We probably need one or more separate task for this, that describes conditions under which an alert is triggered erroneously, so that we can fix this. I'd expect the DC Ops team to be filing this task, and I/F to change the report to meet the adjusted needs.
  • The test_missing_assets_from_accounting report is already (and has always been) ignoring discrepancies for items where the purchase date is in the last 90 days. This is configurable and we can tune it further to some other value but it was picked as long enough for accounting to process invoices, and too long to have fallen out of memory (or vendor engagement is over, team changes etc.). If there is a persistent backlog in Finance >90d it'd be good to know and adjust.
Sep 11 2020, 11:19 AM · ops-eqiad, DC-Ops, Operations

Sep 7 2020

faidon added a comment to T237492: Create a second text-lb IP address for test purposes.

@BBlack @ayounsi I think this is done and can be resolved, right? Anything left here?

Sep 7 2020, 12:04 PM · Traffic, Operations
faidon added a comment to T245161: Track down and replace very old HW.

@jcrespo & @akosiaris may I ask you to figure this out in a different task? This is a generic task about dozens of servers, so by discussing details about a couple of them we're going to lose the bigger picture :)

Sep 7 2020, 10:15 AM · Patch-For-Review, DC-Ops

Aug 18 2020

faidon added a comment to T225121: (Need by: 2019-09-30) upgrade msw1-eqiad from EX4200 to EX4300.

Ping? Besides the issues identified by @ayounsi just above, I see that in another comment above @ayounsi mentioned "wipe the switch" but then I saw the switch was removed. @Cmjohnson, can you confirm the switch was wiped before (or after) its removal? (Any reason we didn't go the decom task route here like we normally do?)

Aug 18 2020, 11:39 AM · netops, Operations, ops-eqiad

Aug 17 2020

faidon added a comment to T245161: Track down and replace very old HW.

@wiki_willy, what's the latest here? What's blocking us from having decom tasks for all of the items above?

Aug 17 2020, 10:05 PM · Patch-For-Review, DC-Ops
faidon added a member for acl*security_sre: faidon.
Aug 17 2020, 12:17 PM

Aug 4 2020

faidon added a comment to T245161: Track down and replace very old HW.

Bump! What's the latest here?

Aug 4 2020, 10:57 PM · Patch-For-Review, DC-Ops

Jul 22 2020

faidon reopened T257573: Remove multicast as "Open".

We still seem to have remnants of PIM-RP:

faidon@re0.cr2-codfw> show configuration | display set | match 208.80.153.194             
set interfaces lo0 unit 0 family inet address 208.80.153.194/32
Jul 22 2020, 6:12 PM · Patch-For-Review, netops, Operations, Traffic

Jul 21 2020

faidon closed T258309: Update cloudservices@wikimedia.org list permissions to allow Foundation staff to post to it as Resolved.

It looks like both of these issues are resolved now! Boldly resolving :)

Jul 21 2020, 1:24 PM · cloud-services-team (Kanban)

Jul 16 2020

faidon added a comment to T258018: ripe-atlas-eqiad IPv6 unreachable.

To give a little more context: in response to us requesting an extension for the v2 anchors, the RIPE NCC team reached out to ask if they can run a test upgrade on our of anchors (which I of course said OK to!).

Jul 16 2020, 3:47 PM · Operations, netops

Jul 2 2020

faidon added a comment to T254332: Add more dimensions in the netflow/pmacct/Druid pipeline.

So - how do we make progress here? Any thoughts on who/how? :) Some of these features could really make a tremendous amount of difference to our network operations and future planning, so I'm super excited about seeing these into fruition!

Jul 2 2020, 5:23 PM · Patch-For-Review, Analytics-Kanban, Analytics, netops, Operations
faidon updated the task description for T254332: Add more dimensions in the netflow/pmacct/Druid pipeline.
Jul 2 2020, 5:22 PM · Patch-For-Review, Analytics-Kanban, Analytics, Operations, netops

Jul 1 2020

faidon added a comment to T252577: Maxmind data update issues for DNS (and others?).

I was bitten by this again today - ping!

Jul 1 2020, 5:29 PM · Operations, Traffic

Jun 26 2020

faidon triaged T256498: Return asw-c8-codfw to spares as Low priority.
Jun 26 2020, 6:07 PM · ops-codfw, Operations

Jun 25 2020

faidon added a comment to T254332: Add more dimensions in the netflow/pmacct/Druid pipeline.

To add to the above, I'm also wondering how difficult it would be to also include AS *names*, e.g. coming from the MaxMind GeoIP ASN database. I think we've used that database before, maybe for pageview data? Could we perhaps use Druid lookups for this to avoid adding another (identical) dimension to the data set?

Jun 25 2020, 12:09 AM · Patch-For-Review, Analytics-Kanban, Analytics, Operations, netops

Jun 24 2020

faidon closed T219486: Send peering requests to AS with the worst TTFB as Resolved.

I took a look at that list above. It's really not very actionable -- most of these are very large networks that have a restrictive settlement-free peering policy. For the few that remain, we have either established peerings already or have sent unanswered peering requests, which mostly means that they are not actively peering or we are too small for them to care about.

Jun 24 2020, 11:30 PM · Traffic, Performance-Team, Operations
faidon updated subscribers of T254332: Add more dimensions in the netflow/pmacct/Druid pipeline.
Jun 24 2020, 10:15 PM · Patch-For-Review, Analytics-Kanban, Analytics, Operations, netops

Jun 18 2020

faidon updated the task description for T245161: Track down and replace very old HW.
Jun 18 2020, 10:31 AM · Patch-For-Review, DC-Ops
faidon updated the task description for T245161: Track down and replace very old HW.
Jun 18 2020, 10:25 AM · Patch-For-Review, DC-Ops

Jun 11 2020

faidon added a comment to T254818: Requesting access to PROD for lmata (SRE).

Approved.

Jun 11 2020, 10:53 AM · Operations, SRE-Access-Requests

Jun 4 2020

faidon added a comment to T251536: Peer with SFMIX at ulsfo (May 2020).

This is now set up on SFMIX's end and up:

On your side please plumb 206.197.187.82/24 and 2001:504:30::ba01:4907:1/64. Usual sane BGP peering rules apply - no broadcast traffic (DHCP, CDP, etc), see https://sfmix.org/connect/guide.

We request at least one required BGP session (to our looking glass) and optional sessions for the route servers
The looking glass is AS12276 at 206.197.187.1 and 2001:504:30::ba01:2276:1. You should announce all your routes to the looking glass, but expect no routes to be announced to you.

We'll push out configs to support these peers this evening.

Jun 4 2020, 7:53 AM · netops, Operations

Jun 3 2020

faidon created T254332: Add more dimensions in the netflow/pmacct/Druid pipeline.
Jun 3 2020, 9:40 AM · Patch-For-Review, Analytics-Kanban, Analytics, Operations, netops

May 19 2020

faidon added a comment to T225121: (Need by: 2019-09-30) upgrade msw1-eqiad from EX4200 to EX4300.

Are there any updates to this task and any particular reasons it's been held up? While this was never super urgent, we're now at the ~one year mark since this was ordered and delivered to the data center. Plus I think because at the time the upgrade was imminent, we only bought support for the new switch and not the old, so we're operating with unsupported HW right now. It'd be great if this were to be completed soon. Thanks!

May 19 2020, 9:22 AM · netops, Operations, ops-eqiad

May 15 2020

faidon added a comment to T247881: Three ports on asw2-d-eqiad are not working as expected.

If three ports are permanently failed, I'm not sure how we could ever trust that switch again. Perhaps it's better to do a painful but planned replacement rather than have it fail at some inconvenient time and having to rush a replacement then?

May 15 2020, 12:16 PM · ops-eqiad, Operations, netops

May 12 2020

faidon added a comment to T252577: Maxmind data update issues for DNS (and others?).

I know that historically MaxMind has claimed they update the data roughly on a weekly basis, and maybe in this case it was a normal weekly update and we're just misaligned with their weeks? In any case, the current geoipdate seems to be smart enough to checksum the existing databases and not re-download pointless duplicates, so we could probably run it more often on the puppetmasters.

May 12 2020, 6:45 PM · Operations, Traffic

May 8 2020

faidon added a subtask for T251536: Peer with SFMIX at ulsfo (May 2020): Unknown Object (Task).
May 8 2020, 12:10 PM · netops, Operations
faidon removed a subtask for T251536: Peer with SFMIX at ulsfo (May 2020): Unknown Object (Task).
May 8 2020, 12:10 PM · netops, Operations
faidon added a comment to T251536: Peer with SFMIX at ulsfo (May 2020).

LoA received and cross-connect task created.

May 8 2020, 12:10 PM · netops, Operations
faidon renamed T251536: Peer with SFMIX at ulsfo (May 2020) from Peer with SFMIX at ulsfo to Peer with SFMIX at ulsfo (May 2020).
May 8 2020, 12:09 PM · netops, Operations
faidon added a subtask for T251536: Peer with SFMIX at ulsfo (May 2020): Unknown Object (Task).
May 8 2020, 12:09 PM · netops, Operations

Apr 30 2020

faidon added a comment to T251536: Peer with SFMIX at ulsfo (May 2020).

I just submitted their form.

Apr 30 2020, 4:00 PM · netops, Operations
faidon triaged T251536: Peer with SFMIX at ulsfo (May 2020) as Medium priority.
Apr 30 2020, 3:42 PM · netops, Operations

Apr 27 2020

faidon added a comment to T200277: OSPF metrics.

Interesting idea! Couple of notes:

  • What do you mean by "virtual links" and Netbox not supporting them? Is that VLANs for our transports over the PtMP VPLS?
  • What do you envision the difference to be between "primary" and "preferred"? (I know you said TBD, but curious :)
  • It'd be interesting to see how this would look like before we start adding the fields. That may help us figure out what the right values for those fields may be. Would it make sense to list our links in a Phaste or spreadsheet or something and figure out if the output makes sense?
Apr 27 2020, 11:21 AM · netops, Operations

Apr 14 2020

faidon closed T212878: Netbox racks consistency report as Declined.

I think the original intention of this will be addressed by periodic audits that we'll eventually do. I'll decline this for the reasons I mentioned above, but if anyone feels strongly about this, feel free to reopen :)

Apr 14 2020, 7:01 PM · netbox, Operations
faidon updated subscribers of T249916: access request on cumin[1-2]001 for John Clark.

So breaking down the (very reasonable!) ask, I think there are afew different things at play here:

  • Access to iDRAC/iLO so that John can e.g. look at HW status and get reports that vendors ask for. This in turn requires:
    • Access to the password store. There is already a "dcops" group with the right access, so we can have John added there. Should be simple, as far as I can tell.
    • Access to the mgmt IP network remotely. Right now that's firewalled to the cumin hosts, access to which ties to a bigger project (see below). However, that's perhaps an unnecessary dependency and maybe we can easily work around that (e.g. with a separate bastion for mgmt?). @MoritzMuehlenhoff, @jbond any thoughts here?
  • Access to execute cumin cookbooks, like reimaging. That right now is tied to global root, which is a privilege that we can't easily grant. Fixing that limitation has been on our radar, including the PoC work that was part of our Q3 OKRs (T244840). It's definitely not there yet and it's going to take a few months to fully materialize, unfortunately.
Apr 14 2020, 6:04 PM · Operations, SRE-Access-Requests, DC-Ops
faidon renamed T250136: Homer: manage transit BGP sessions from Homr: manage transit BGP sessions to Homer: manage transit BGP sessions.
Apr 14 2020, 9:27 AM · netops, Operations

Apr 13 2020

faidon added a comment to T166368: Wipe of spare/replacement disks.

If I understand it correctly, this task is specifically about a box that was returned to the spare pool and then was reallocated for a new purpose but kept its old data. We should definitely wipe in those cases. I think that has been standard practice in the past, but perhaps not well-documented or applied uniformly? I'm not sure, something to dig in more for sure :)

Apr 13 2020, 5:16 PM · DC-Ops, Operations
faidon added a project to T250053: Netbox report accounting icinga alert: DC-Ops.
Apr 13 2020, 9:55 AM · ops-eqiad, DC-Ops, Operations
faidon added a project to T250054: Netbox report coherence_rack Icinga alert: DC-Ops.
Apr 13 2020, 9:55 AM · DC-Ops, ops-ulsfo, Operations, ops-eqiad

Apr 11 2020

faidon added a comment to T203003: Keyholder phab repo duplicate work.

The master branch of operations/software/keyholder is not ready for a release at this time, so please don't tag, package or deploy this at this state. There are a bunch of pending changes in Gerrit for about a year, plus more that I've queued up locally (because it's hard to manage dozens of dependent git commits with Gerrit…). If y'all are willing to review these I can clean them up and prepare a release; if not, then I can pick this up and make some progress. Let me know!

Apr 11 2020, 7:10 AM · Release-Engineering-Team (Deployment services), Release-Engineering-Team-TODO, Keyholder, Operations

Apr 8 2020

faidon renamed T249653: Netbox: restore two deleted entries from backups from restore two deleted entries to Netbox: restore two deleted entries from backups.
Apr 8 2020, 8:53 AM · netbox

Apr 3 2020

faidon added a comment to T235886: IRR updates needed.

We found that the prefixes 185.15.56.0/22 and 2a02:ec80::/29 are in use but not documented in the RIPE Database as assignments.

After discussing it with John, the deeper issue might be that they are "ALLOCATED PA" while they should be "ASSIGNED PI".

Apr 3 2020, 11:54 PM · Operations, netops

Apr 2 2020

faidon added a comment to T238305: Servers freezing across the caching cluster.

Ah! That's awesome to hear. May I suggest to resolve this (and the associated "upgrade firmware"?) task then, and reopen if we have another one of these?

Apr 2 2020, 7:35 PM · Operations, Traffic

Apr 1 2020

faidon removed a subtask for T243167: Upgrade BIOS and IDRAC firmware on R440 cp systems: T244127: cp3057 crash (was: network down).
Apr 1 2020, 9:41 PM · DC-Ops, Traffic, Operations, ops-esams
faidon removed a parent task for T244127: cp3057 crash (was: network down): T243167: Upgrade BIOS and IDRAC firmware on R440 cp systems.
Apr 1 2020, 9:41 PM · ops-esams, Traffic, Operations
faidon added a subtask for T238305: Servers freezing across the caching cluster: T244127: cp3057 crash (was: network down).
Apr 1 2020, 9:40 PM · Operations, Traffic
faidon added a parent task for T244127: cp3057 crash (was: network down): T238305: Servers freezing across the caching cluster.
Apr 1 2020, 9:40 PM · ops-esams, Traffic, Operations
faidon added a subtask for T238305: Servers freezing across the caching cluster: T243167: Upgrade BIOS and IDRAC firmware on R440 cp systems.
Apr 1 2020, 9:40 PM · Operations, Traffic
faidon added a parent task for T243167: Upgrade BIOS and IDRAC firmware on R440 cp systems: T238305: Servers freezing across the caching cluster.
Apr 1 2020, 9:40 PM · DC-Ops, Traffic, Operations, ops-esams
faidon added a comment to T238305: Servers freezing across the caching cluster.

What's the latest here? I haven't heard about these crashes lately but it may just be that I missed it. Do we know more about this now?

Apr 1 2020, 9:40 PM · Operations, Traffic
faidon merged T241306: cp3051 crashed into T238305: Servers freezing across the caching cluster.
Apr 1 2020, 9:32 PM · Operations, Traffic
faidon merged task T241306: cp3051 crashed into T238305: Servers freezing across the caching cluster.
Apr 1 2020, 9:32 PM · Traffic, Operations
faidon merged T240425: cp3055 crashed into T238305: Servers freezing across the caching cluster.
Apr 1 2020, 9:32 PM · Operations, Traffic
faidon merged task T240425: cp3055 crashed into T238305: Servers freezing across the caching cluster.
Apr 1 2020, 9:32 PM · Traffic, Operations
faidon merged T244127: cp3057 crash (was: network down) into T238305: Servers freezing across the caching cluster.
Apr 1 2020, 9:32 PM · Operations, Traffic
faidon merged task T244127: cp3057 crash (was: network down) into T238305: Servers freezing across the caching cluster.
Apr 1 2020, 9:32 PM · ops-esams, Operations, Traffic

Mar 27 2020

faidon updated the task description for T245161: Track down and replace very old HW.
Mar 27 2020, 6:45 PM · Patch-For-Review, DC-Ops
faidon reassigned T237466: Remove unused custom fields from Netbox from crusnov to wiki_willy.

@wiki_willy is finalizing the end of our leasing agreement. Once that's done, we'd be the "owner" of all of those assets, and thus we can remove the "owner" field from Netbox. Reassigning to Willy to let us know when that's done :)

Mar 27 2020, 4:04 PM · SRE-tools, DC-Ops, netbox

Mar 26 2020

Krinkle awarded T245161: Track down and replace very old HW a Burninate token.
Mar 26 2020, 9:23 PM · Patch-For-Review, DC-Ops

Mar 19 2020

faidon added a comment to T213843: Juniper network device audit - all sites.

Ok! From https://wikitech.wikimedia.org/wiki/Server_Lifecycle#States I thought that if a device was not in netbox it was not in our possession anymore.

Mar 19 2020, 1:55 PM · DC-Ops, netops, Operations

Mar 18 2020

faidon reopened T245606: CloudVPS: enable BGP in the neutron transport network as "Open".

Reopening this per IRC, and given this is a prod/WMCS task affecting prod in major ways.

Mar 18 2020, 2:58 PM · netops, cloud-services-team (Kanban), Operations
faidon reopened T245606: CloudVPS: enable BGP in the neutron transport network, a subtask of T244727: CloudVPS: networking improvements, as Open.
Mar 18 2020, 2:58 PM · cloud-services-team (Kanban), Epic

Mar 17 2020

faidon added a comment to T245161: Track down and replace very old HW.

I just discovered that cloudmetrics1001 is old (2015) and need replacement https://netbox.wikimedia.org/dcim/devices/182/

Mar 17 2020, 2:20 PM · Patch-For-Review, DC-Ops

Mar 15 2020

faidon added a comment to T247646: migrate racktables to a buster VM (was: decom racktables?).

Good question!

Mar 15 2020, 4:37 PM · Operations

Mar 12 2020

faidon added a comment to T247245: Test Performance of Marian NMT translation in stat cluster.

Oh, that sounds perfect, let's do that :) We should also try with a build with the right make flags etc. (something like TARGET=SKYLAKEX like the FAQ says). Thanks all!

Mar 12 2020, 11:40 AM · Language-Team (Language-2020-Focus-Sprint), ContentTranslation, Analytics

Mar 11 2020

faidon added a comment to T247245: Test Performance of Marian NMT translation in stat cluster.

OK, so to recap, I read two concerns:

Mar 11 2020, 7:06 PM · Language-Team (Language-2020-Focus-Sprint), ContentTranslation, Analytics

Mar 6 2020

faidon added a comment to T246564: Netbox has incorrect email address for GTT.

We have one global account, migrated from a previous system. I wasn't able to find how to create individual accounts, so that will do I guess :)

Mar 6 2020, 12:01 AM · Operations, netops

Mar 3 2020

RobH awarded T239244: Netbox report check for no position set in rack a Like token.
Mar 3 2020, 5:22 PM · netbox, Operations

Feb 20 2020

faidon added a comment to T244849: Add SSO support to netbox.

On a practical level we already maintain a fork, so if any changes are needed they can be integrated into our fork (we should wait until the post-upgrade ~this week though).

Feb 20 2020, 5:47 PM · netbox, Operations
faidon added a comment to T245711: Add tenant for Cloud Services?.

WMCS hosts are in the production VLANs, managed by the production puppet etc. Practically speaking, we use tenants to exclude fr-tech/OIT/RIPE hosts from reports (that e.g. alert if an active host is not present in PuppetDB or vice-versa), and will likely also use it to exclude them from the in-progress IP assignment/bootstrapping work. If we were to assign a tenant to those hosts, we'd have to special-case it pretty much everywhere to treat it like the "production" tenant (which is now the "null" tenant).

Feb 20 2020, 5:37 PM · cloud-services-team (Kanban), netbox
faidon reassigned T214024: Two test hosts for SREs from faidon to RobH.

OK, it sounds like @akosiaris and @MoritzMuehlenhoff have coordinated with each other and they can share those two hosts as SRE test hosts.

Feb 20 2020, 5:00 PM · Operations, hardware-requests
faidon added a comment to T229710: read-only user netbox permissions regression.

I'm not sure that @faidon actually intended such narrow restrictions when we resolved T208267: Requesting access to netbox for bd808.

Feb 20 2020, 11:59 AM · netbox

Feb 17 2020

faidon added a comment to T245161: Track down and replace very old HW.

Regarding dbproxy1001, which is not on that list (but I guess it should be), it is still pending waiting for on-site steps: T244463: Decommission dbproxy1001.eqiad.wmnet
Other dbproxy current status:
dbproxy1004 and dbproxy1009 are fully decommissioned: T228768
dbproxy1005 is fully decommissioned: T231967
dbproxy1006 is waiting for on-site steps: T233207

Feb 17 2020, 1:11 PM · Patch-For-Review, DC-Ops

Feb 13 2020

faidon triaged T245161: Track down and replace very old HW as High priority.
Feb 13 2020, 3:36 PM · Patch-For-Review, DC-Ops
faidon updated subscribers of T146455: Decommission labsdb1002.

@Jclark-ctr @wiki_willy what's the status here? It sounds like a decom that was only partial and that only needs a few more steps to finalize perhaps?

Feb 13 2020, 2:30 PM · hardware-requests, Patch-For-Review, ops-eqiad, Operations

Feb 12 2020

faidon added a comment to T234234: Port architecture of irc-recentchanges to Kafka.

First off: I have prototype code that supports UDP Echo and SSE, but not Kafka. It's not something that it's fully ready or tested yet. This has been developed over weekends/holidays etc., as a fun project -- and I can't promise I'll find spare time to add more stuff to it right now. Someone that can commit to it -staff or volunteer- should pick it up at some point and maybe also add Kafka in the process. We still have an open item and pending conversation on where ownership for the service itself lies.

Feb 12 2020, 12:39 AM · Patch-For-Review, User-Elukey, Analytics
faidon added a comment to T244719: Create a replacement for kraz.wikimedia.org.

The way this works now is that the entire MW fleet sends UDP packets to a specific IP (kraz) using the so-called "echo" protocol (= #channel<tab>message). We could theoretically switch this to a multicast address in order to get the ability of having multiple listeners (all connecting to separate IRC servers, each on each listener's localhost perhaps?), but noone has invested the time to do this and set up those multiple frontends.

Feb 12 2020, 12:34 AM · serviceops, Operations, vm-requests, User-Elukey, Analytics

Feb 7 2020

faidon added a comment to T244497: cr3-knams:xe-0/1/3 down.

Please file a procurement task for Willy/Rob to execute on :)

Feb 7 2020, 1:42 PM · netops, Operations

Jan 23 2020

faidon added a comment to T237466: Remove unused custom fields from Netbox.

Correct. Also check the export templates (in the admin interface) for references to those fields.

Jan 23 2020, 5:42 PM · SRE-tools, DC-Ops, netbox
faidon assigned T229586: decommission cp1008, cp1071, cp1072, cp1073, cp1074, cp1099 to RobH.

(@Volans is not in Traffic), but regardles... judging from @BBlack comments before the flurry of Gerrit commits, it seems like I misunderstood where this lies. This is not blocked on Traffic, but with DC Ops. Reassigning to @RobH and apologies for the added confusion!

Jan 23 2020, 5:27 PM · ops-eqiad, decommission-hardware, Operations
faidon added a comment to T229586: decommission cp1008, cp1071, cp1072, cp1073, cp1074, cp1099.

Traffic team, ping? This task has been open since August last year and as I was just saying on IRC, cp1008 is a constant outlier in all of our reports, projections, planning etc. Its purchase date is Jan 27th, 2011, 9 years ago almost to the day :)

Jan 23 2020, 12:59 PM · ops-eqiad, decommission-hardware, Operations

Jan 22 2020

faidon added a comment to T242250: rack/setup/install ps[12]-60[34]-eqsin.

Hey - this was a Q2 task but it hasn't seen an update in a while. What's the status?

Jan 22 2020, 3:44 PM · Operations, ops-eqsin
faidon added a comment to T243288: Retire the Tor relay.

To your last point: the WMCS Terms of Use explicitly lists "network proxy" in the "prohibited activities" section -and even names Tor specifically as the first example of such an activity- so running a node in a Cloud VPS is not an option here. This policy has been there since the inception of the Labs/WMCS ToS, and while I can't speak to the rationale behind it, I can say that prohibiting remains a good idea today: running proxies, whether in WMCS or in the production realm can be a messy business, and one that we don't have the capacity to support as an org.

Jan 22 2020, 10:35 AM · Tor, Operations

Jan 20 2020

faidon added a comment to T213843: Juniper network device audit - all sites.

@ayounsi, what's the status here?

Jan 20 2020, 10:39 AM · DC-Ops, netops, Operations

Jan 17 2020

faidon added a comment to T184066: rack/setup/install ps[12]-oe1[456]-esams.

Could we import into Netbox now, and then change & document the setup at our convenience? It feels like documenting the existing situation and changing it are orthogonal to each other - any reason to block one on the other?

Jan 17 2020, 5:09 PM · Operations, ops-esams
faidon added a comment to T184066: rack/setup/install ps[12]-oe1[456]-esams.

What is the status of this?

Jan 17 2020, 12:12 PM · Operations, ops-esams