Page MenuHomePhabricator

ssingh (Sukhbir Singh)
SRE/Traffic

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Tuesday

  • Clear sailing ahead.

User Details

User Since
Dec 11 2018, 9:39 PM (185 w, 4 d)
Availability
Available
IRC Nick
sukhe
LDAP User
Unknown
MediaWiki User
SSingh (WMF) [ Global Accounts ]

Oh hi.

Recent Activity

Thu, Jun 30

ssingh triaged T311131: Site: eqiad : 3 VMs requested for Etcd cluster in support of the new DSE Kubernetes cluster as Medium priority.
Thu, Jun 30, 6:01 PM · DSE-Kubernetes-Cluster, vm-requests, Infrastructure-Foundations, SRE
ssingh triaged T311133: Site: eqiad : 2 VMs requested for DSE Kubernetes Cluster control plane servers as Medium priority.
Thu, Jun 30, 6:01 PM · DSE-Kubernetes-Cluster, vm-requests, Infrastructure-Foundations, SRE
ssingh triaged T311685: Consider if to support BIMI for wiki mail as Medium priority.
Thu, Jun 30, 6:01 PM · Fundraising-Backlog, Infrastructure-Foundations, Logos, SRE, Mail, Traffic, DNS
ssingh triaged T311761: SSH on wtp1036.mgmt is flapping (CRITICAL) as Low priority.
Thu, Jun 30, 5:55 PM · ops-eqiad, SRE
ssingh created T311761: SSH on wtp1036.mgmt is flapping (CRITICAL).
Thu, Jun 30, 5:55 PM · ops-eqiad, SRE

Wed, Jun 29

ssingh triaged T311235: Update CAS to 6.5 as Medium priority.
Wed, Jun 29, 5:46 PM · Patch-For-Review, CAS-SSO, Infrastructure-Foundations, SRE
ssingh updated subscribers of T310574: Upgrade to Bird 2.
===== NODE GROUP =====                                                                                                                
(40) authdns[1001,2001].wikimedia.org,centrallog2002.codfw.wmnet,centrallog1001.eqiad.wmnet,dns[1001-1002,2001-2002,3001-3002,4001-4002,5001-5002,6001-6002].wikimedia.org,doh[1001-1002,2001-2002,3001-3002,4001-4002,5001-5002,6001-6002].wikimedia.org,durum[2001-2002].codfw.wmnet,durum[6001-6002].drmrs.wmnet,durum[1001-1002].eqiad.wmnet,durum[5001-5002].eqsin.wmnet,durum[3001-3002].esams.wmnet,durum[4001-4002].ulsfo.wmnet
----- OUTPUT of '/usr/sbin/bird --version' -----                                                                                      
BIRD version 2.0.7
Wed, Jun 29, 5:38 PM · SRE, netops, Infrastructure-Foundations, Traffic

Tue, Jun 28

ssingh added a comment to T310574: Upgrade to Bird 2.

Notes from today's deployment:

Tue, Jun 28, 6:01 PM · SRE, netops, Infrastructure-Foundations, Traffic
ssingh closed T311453: Grant Access to wmf for Triciaburmeister as Resolved.

Added uid tburmeister to both wmf and wmf-nda. You should have access now, please feel free to reopen if there are any issues. Thanks!

Tue, Jun 28, 1:08 PM · SRE, LDAP-Access-Requests
ssingh added a member for WMF-NDA: TBurmeister.
Tue, Jun 28, 1:06 PM
ssingh closed T311264: SSH on cp5012.mgmt is flapping (CRITICAL) as Resolved.
Tue, Jun 28, 12:56 PM · SRE, ops-eqsin, Traffic
ssingh added a comment to T311264: SSH on cp5012.mgmt is flapping (CRITICAL).

Thanks for all the help @RobH! Marking this as resolved as the host is now pooled.

Tue, Jun 28, 12:56 PM · SRE, ops-eqsin, Traffic

Mon, Jun 27

ssingh added a comment to T311264: SSH on cp5012.mgmt is flapping (CRITICAL).

If it is just 'depool' from command line+stop puppet+icinga maint mode, I can handle so you don't need to take it down in advance of the work, just lemme know!

Mon, Jun 27, 7:51 PM · SRE, ops-eqsin, Traffic

Fri, Jun 24

ssingh triaged T311322: systemd state on thanos-fe1001 is flapping as Low priority.
Fri, Jun 24, 6:23 PM · User-fgiunchedi, SRE Observability, SRE
ssingh created T311322: systemd state on thanos-fe1001 is flapping.
Fri, Jun 24, 6:23 PM · User-fgiunchedi, SRE Observability, SRE
ssingh added a comment to T311264: SSH on cp5012.mgmt is flapping (CRITICAL).

So if the idrac is accessible, the firmware update isn't OS impacting. However, I cannot login to this idrac interface via HTTPS or SSH, so it appears it'll have to be fully power drained to attempt to fix this issue. Is there anything preventing me from depooling this via command line and rebooting the host as needed?

@ssingh: ok for me to depool and reboot this host as needed via depool command in os?

Fri, Jun 24, 3:01 PM · SRE, ops-eqsin, Traffic
ssingh committed rOSKW620da22d1d5d: test_dns: remove redundant comments about ECS (authored by ssingh).
test_dns: remove redundant comments about ECS
Fri, Jun 24, 1:55 PM

Thu, Jun 23

ssingh added a comment to T311264: SSH on cp5012.mgmt is flapping (CRITICAL).

We have had the "mgmt flapping"-issue in other DCs. In codfw a bunch of them were fixed after Papaul did firmware upgrades on the DRACs.

So I would suggest to check if you can get a firmware upgrade done in eqsin.

Thu, Jun 23, 6:22 PM · SRE, ops-eqsin, Traffic
ssingh triaged T311264: SSH on cp5012.mgmt is flapping (CRITICAL) as Low priority.
Thu, Jun 23, 6:17 PM · SRE, ops-eqsin, Traffic
ssingh created T311264: SSH on cp5012.mgmt is flapping (CRITICAL).
Thu, Jun 23, 6:16 PM · SRE, ops-eqsin, Traffic
ssingh added a comment to T310574: Upgrade to Bird 2.

During the upgrade to bird2 today, the bird side of things seems to have caused no issues. The bird2 service started successfully and the configuration file was correct. However, we ran into an issue with the durum1001 host not advertising any prefixes and that led us to observing that anycast-healthchecker package was removed. This seems to have happened because anycast-healthchecker (henceforth called anycast-hc) depends on bird and we removed bird and installed bird2 as part of the upgrade.

Thu, Jun 23, 5:31 PM · SRE, netops, Infrastructure-Foundations, Traffic
ssingh committed rOSKWe2a425026905: Add an IPv6 test marker and associated tests (authored by ssingh).
Add an IPv6 test marker and associated tests
Thu, Jun 23, 1:51 PM

Fri, Jun 17

ssingh updated subscribers of T310904: Find out if Varnish is messing with ETags, and what to do about it..
Fri, Jun 17, 4:34 PM · Parsoid (Tracking), SRE, Traffic, API Platform, Platform Team Workboards (MW Expedition), VisualEditor

Tue, Jun 14

ssingh added a comment to T310387: cp1089 memory errors on DIMM_B1.

The server was out of warranty, I swapped DIMM B1 with a DIMM from a spare. Server booted, no issues.

Tue, Jun 14, 5:41 PM · ops-eqiad, SRE, DC-Ops, Traffic

Fri, Jun 10

ssingh created T310387: cp1089 memory errors on DIMM_B1.
Fri, Jun 10, 6:39 PM · ops-eqiad, SRE, DC-Ops, Traffic

Wed, Jun 8

ssingh updated the task description for T309651: Package and deploy ATS 9.1.2.
Wed, Jun 8, 1:57 PM · Patch-For-Review, Traffic, SRE

Mon, Jun 6

ssingh updated the task description for T309651: Package and deploy ATS 9.1.2.
Mon, Jun 6, 3:48 PM · Patch-For-Review, Traffic, SRE

May 31 2022

ssingh renamed T309651: Package and deploy ATS 9.1.2 from Package and deploy ATS 9.1.4 to Package and deploy ATS 9.1.2.
May 31 2022, 7:00 PM · Patch-For-Review, Traffic, SRE
ssingh added a comment to T309651: Package and deploy ATS 9.1.2.
  • Non-maintainer upload.
    • New upstream release 9.1.2
May 31 2022, 6:59 PM · Patch-For-Review, Traffic, SRE
ssingh created T309651: Package and deploy ATS 9.1.2.
May 31 2022, 6:58 PM · Patch-For-Review, Traffic, SRE

May 20 2022

ssingh added a comment to T308459: codfw: cp2038 Correctable memory error on DIMM A3.

Hi @Papaul: Thanks for letting us know! The host is depooled and downtimed and so please proceed whenever you want. Thanks!

May 20 2022, 1:54 PM · SRE, ops-codfw, Traffic
ssingh updated Other Assignee for T308459: codfw: cp2038 Correctable memory error on DIMM A3, added: ssingh.
May 20 2022, 1:27 AM · SRE, ops-codfw, Traffic

May 17 2022

ssingh committed rOSKW3c9f53524224: test_dns: update DNS/durum test to reflect changes in API (authored by ssingh).
test_dns: update DNS/durum test to reflect changes in API
May 17 2022, 8:17 PM
ssingh renamed T252132: Deploy Wikidough: Experimental DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) public resolver from Deploy Wikidough: Experimental DNS-over-HTTPS (DoH) public resolver to Deploy Wikidough: Experimental DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) public resolver.
May 17 2022, 2:42 PM · Patch-For-Review, SRE, Traffic

May 10 2022

ssingh committed rOSKW662f53ea831e: test_dns: display the NSID before running the other tests (authored by ssingh).
test_dns: display the NSID before running the other tests
May 10 2022, 6:55 PM
ssingh committed rOSKW9cba63740cc4: test_dns: add a test to display resolver information (such as the NSID) (authored by ssingh).
test_dns: add a test to display resolver information (such as the NSID)
May 10 2022, 6:55 PM

May 9 2022

ssingh updated the task description for T307427: Migrate Ganeti installations in drmrs to a fixed KVM machine type.
May 9 2022, 7:25 PM · Infrastructure-Foundations, SRE
ssingh updated the task description for T307427: Migrate Ganeti installations in drmrs to a fixed KVM machine type.
May 9 2022, 7:01 PM · Infrastructure-Foundations, SRE
ssingh added a comment to T307792: sre.ganeti.reboot-vm cookbook should re-enable Puppet if it was disabled.

Thanks Moritz for the patch: https://gerrit.wikimedia.org/r/c/operations/cookbooks/+/790266. I tried this with doh6001 for T307427 and realized that we will need this to do a bit more since we do need to do a Puppet run to start all the relevant services.

May 9 2022, 4:01 PM · Infrastructure-Foundations, Spicerack, SRE-tools
ssingh updated the task description for T307427: Migrate Ganeti installations in drmrs to a fixed KVM machine type.
May 9 2022, 3:54 PM · Infrastructure-Foundations, SRE

May 6 2022

ssingh updated the task description for T307426: Migrate Ganeti installations in eqsin to a fixed KVM machine type.
May 6 2022, 2:16 PM · Infrastructure-Foundations, SRE
ssingh created T307792: sre.ganeti.reboot-vm cookbook should re-enable Puppet if it was disabled.
May 6 2022, 2:16 PM · Infrastructure-Foundations, Spicerack, SRE-tools
ssingh updated the task description for T307424: Migrate Ganeti installations in esams to a fixed KVM machine type.
May 6 2022, 2:01 PM · Infrastructure-Foundations, SRE
ssingh updated the task description for T307425: Migrate Ganeti installations in ulsfo to a fixed KVM machine type.
May 6 2022, 1:35 PM · Infrastructure-Foundations, SRE

May 5 2022

ssingh updated subscribers of T307638: Security Issue Access Request for BCornwall.
May 5 2022, 1:56 AM · SecTeam-Processed, Security-Team, Security

May 4 2022

ssingh updated subscribers of T305423: cp5002 memory errors on DIMM A4.

@ssingh the host is still has failed as status in netbox
https://netbox.wikimedia.org/dcim/devices/1611/

May 4 2022, 1:05 AM · ops-eqsin, SRE, DC-Ops, Traffic
ssingh closed T305423: cp5002 memory errors on DIMM A4 as Resolved.

This host has had its ram replaced and booted into the OS successfully, detecting all memory without errors.

When we were replacing the memory, it forgot its bios time/date as the CR battery on the mainboard has discharged. This is only an issue if power is entirely lost, requiring the date/time to be set again. I'm not sure that its worth the downtime and such to swap out mainboard batteries when these are due for replacement in Q3 of next fiscal.

@ssingh: Would you be the one to return this host to service? If so, can you do so and resolve this task when done? Thank you!

May 4 2022, 12:48 AM · ops-eqsin, SRE, DC-Ops, Traffic

Apr 28 2022

ssingh added a comment to T306661: Update makevm to include completion of the installation with the puppet runs.

For reference, depooling a Wikidough or durum host involves stopping the bird and bird6 services (after disabling Puppet but I think that's generic).

Apr 28 2022, 1:51 PM · Infrastructure-Foundations (FY2021/2022-Q4)

Apr 21 2022

ssingh triaged T305589: Upgrading Wikidough and durum VMs to bullseye as Medium priority.
Apr 21 2022, 12:06 PM · Patch-For-Review, Traffic, SRE

Apr 12 2022

ssingh added a comment to T305423: cp5002 memory errors on DIMM A4.

Hi @ssingh - since this server is out of warranty and due to be refreshed in a few quarters, do you still want us to purchase a replacement DIMM to keep it up and running in the meantime or are you able to wait it out? Thanks, Willy

Apr 12 2022, 2:52 PM · ops-eqsin, SRE, DC-Ops, Traffic
ssingh edited projects for T204994: Integrate certspotter with certcentral to avoid certspotter notifying us on legitimate certs generated by our certcentral boxes, added: Traffic; removed Traffic-Icebox.
Apr 12 2022, 1:39 PM · Traffic, Acme-chief, SRE
ssingh edited projects for T204993: Update certspotter, added: Traffic; removed Traffic-Icebox.
Apr 12 2022, 1:38 PM · Traffic, Patch-For-Review, SRE

Apr 7 2022

ssingh added a comment to T305589: Upgrading Wikidough and durum VMs to bullseye.

Thanks for the feedback @fgiunchedi and @Volans!

Apr 7 2022, 1:51 PM · Patch-For-Review, Traffic, SRE
ssingh added a comment to T305589: Upgrading Wikidough and durum VMs to bullseye.

My 2 cents:

Apr 7 2022, 12:57 AM · Patch-For-Review, Traffic, SRE

Apr 6 2022

ssingh added a subtask for T252132: Deploy Wikidough: Experimental DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) public resolver: T305589: Upgrading Wikidough and durum VMs to bullseye.
Apr 6 2022, 8:58 PM · Patch-For-Review, SRE, Traffic
ssingh added a parent task for T305589: Upgrading Wikidough and durum VMs to bullseye: T252132: Deploy Wikidough: Experimental DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) public resolver.
Apr 6 2022, 8:58 PM · Patch-For-Review, Traffic, SRE
ssingh updated subscribers of T305589: Upgrading Wikidough and durum VMs to bullseye.
Apr 6 2022, 8:37 PM · Patch-For-Review, Traffic, SRE
ssingh updated subscribers of T305589: Upgrading Wikidough and durum VMs to bullseye.
Apr 6 2022, 8:32 PM · Patch-For-Review, Traffic, SRE
ssingh created T305589: Upgrading Wikidough and durum VMs to bullseye.
Apr 6 2022, 8:27 PM · Patch-For-Review, Traffic, SRE

Apr 5 2022

ssingh updated ssingh.
Apr 5 2022, 2:06 AM
ssingh created T305423: cp5002 memory errors on DIMM A4.
Apr 5 2022, 1:57 AM · ops-eqsin, SRE, DC-Ops, Traffic

Apr 4 2022

ssingh closed T305275: Resolve issues with cp hosts and the reboot-single cookbook as Resolved.

We have tested the above two changes with six cp host reboots and there are no concerns, confirming that this issue has been fixed.

Apr 4 2022, 6:35 PM · SRE, Traffic

Apr 1 2022

ssingh triaged T305275: Resolve issues with cp hosts and the reboot-single cookbook as Medium priority.
Apr 1 2022, 8:15 PM · SRE, Traffic
ssingh created T305275: Resolve issues with cp hosts and the reboot-single cookbook.
Apr 1 2022, 8:11 PM · SRE, Traffic

Mar 22 2022

ssingh added a comment to T303593: increase of network errors on alert1001 after certspotter has been enabled.

Change 771610 merged by Ssingh:

[operations/puppet@production] P:icinga: add profile for performance tweaking

https://gerrit.wikimedia.org/r/771610

Mar 22 2022, 6:51 PM · Patch-For-Review, Traffic-Icebox, SRE

Mar 18 2022

ssingh created T304172: Security Issue Access Request for ssingh.
Mar 18 2022, 3:48 PM · SecTeam-Processed, Security-Team, Security
ssingh committed rOSKW8364f1c15177: test_dns: add drmrs doh* hosts and their IPv4 addresses (authored by ssingh).
test_dns: add drmrs doh* hosts and their IPv4 addresses
Mar 18 2022, 2:46 PM

Mar 15 2022

ssingh added a comment to T303724: Fatal error when using ArticleInfo on a page where all usernames have been removed.

Thanks for reporting this! Understandably, the usernames are being removed from all revisions on this particular page. This is why XTools is breaking. I've got a fix coming in that will show limited data, and a warning explaining that because the usernames are missing, some data may be inaccurate or misleading.

Mar 15 2022, 6:20 PM · XTools

Mar 14 2022

ssingh created T303724: Fatal error when using ArticleInfo on a page where all usernames have been removed.
Mar 14 2022, 1:43 PM · XTools

Mar 1 2022

ssingh claimed T302206: Prometheus Varnish Exporter fails to start on some instances in DRMRS with Out of Memory Error.
Mar 1 2022, 2:47 PM · Traffic

Feb 28 2022

ssingh claimed T204993: Update certspotter.
Feb 28 2022, 3:10 PM · Traffic, Patch-For-Review, SRE

Feb 23 2022

ssingh committed rOSKWa6007ffebeb3: test_dns: update EDNS client subnet test for IPv6 (authored by ssingh).
test_dns: update EDNS client subnet test for IPv6
Feb 23 2022, 5:16 PM

Feb 22 2022

ssingh added a reverting change for rLPRI4bee4da46dc7: hiera: cleanup wikidough.yaml: rLPRIa908030a4aab: Revert "hiera: cleanup wikidough.yaml".
Feb 22 2022, 8:52 PM
ssingh committed rLPRIa908030a4aab: Revert "hiera: cleanup wikidough.yaml" (authored by ssingh).
Revert "hiera: cleanup wikidough.yaml"
Feb 22 2022, 8:52 PM
ssingh committed rLPRI4bee4da46dc7: hiera: cleanup wikidough.yaml (authored by ssingh).
hiera: cleanup wikidough.yaml
Feb 22 2022, 8:40 PM
ssingh committed rLPRIfe536a90dc93: hiera: add more varieties of snake oil for wikidough.yaml (authored by ssingh).
hiera: add more varieties of snake oil for wikidough.yaml
Feb 22 2022, 8:27 PM
ssingh committed rLPRIc6112e0d13ef: hiera: add some more fake data for wikidough.yaml (authored by ssingh).
hiera: add some more fake data for wikidough.yaml
Feb 22 2022, 5:25 PM
ssingh committed rLPRIbe6bd8f668ab: hiera: pour some more snake oil (update heira for wikidough) (authored by ssingh).
hiera: pour some more snake oil (update heira for wikidough)
Feb 22 2022, 4:04 PM

Feb 17 2022

ssingh closed T292737: Anycast: Add IPv6 support to bird and anycast-healthchecker (Puppet) as Resolved.

IPv6 support for Wikidough and durum was finalized in T301165.

Feb 17 2022, 10:38 AM · Traffic, Infrastructure-Foundations, SRE
ssingh closed T292737: Anycast: Add IPv6 support to bird and anycast-healthchecker (Puppet), a subtask of T252132: Deploy Wikidough: Experimental DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) public resolver, as Resolved.
Feb 17 2022, 10:38 AM · Patch-For-Review, SRE, Traffic
ssingh awarded T301165: Enable IPv6 for Wikidough a Burninate token.
Feb 17 2022, 10:30 AM · Patch-For-Review, SRE, Infrastructure-Foundations, Traffic, netops

Feb 15 2022

ssingh added a comment to T301165: Enable IPv6 for Wikidough.

Puppet will automatically filter v4 from v6 neighbors and should do the right thing when v4 and v6 IPs are mixed in neighbors_list
https://github.com/wikimedia/puppet/blob/production/modules/bird/manifests/init.pp#L41

When no neighbors_list is set, it should also "do the right thing" by picking the v4 and v6 default's gateway:
https://github.com/wikimedia/puppet/blob/production/modules/profile/manifests/bird/anycast.pp#L26

So in theory the Bird side "should just works", but it has not been thoroughly tested.
What's for sure, is the v6 side on the routers is needed.

However I'm wondering if we should have a closer look at Bird 2 right now, before increasing our Bird 1 specific code.

Feb 15 2022, 2:38 PM · Patch-For-Review, SRE, Infrastructure-Foundations, Traffic, netops

Feb 8 2022

ssingh added a comment to T301165: Enable IPv6 for Wikidough.

ssingh: thanks! Yeah I'm not aware of any reason not to just match what was done with the IPv4, even if there are other options in this case.

I've gone and added 3 IPs for Durum to mirror what was in place for the v4 allocation:

https://netbox.wikimedia.org/ipam/prefixes/515/ip-addresses/

Does that make sense? Let me know if there are any issues.

Feb 8 2022, 6:32 PM · Patch-For-Review, SRE, Infrastructure-Foundations, Traffic, netops
ssingh added a comment to T301165: Enable IPv6 for Wikidough.

We have discussed this in the Traffic team and decided to go with 2001:67c:930::1/128, mostly because we feel it's easy to memorize/copy (for cases where people want to do that and directly use the IP in their stub configuration).

My OCD will bite me for years but yes that is fine. Allocated in Netbox now:

https://netbox.wikimedia.org/ipam/prefixes/515/ip-addresses/

Not sure if you want to use the same /64 for durum or another one. Maybe we don't need to make a decision on that now.

Feb 8 2022, 6:15 PM · Patch-For-Review, SRE, Infrastructure-Foundations, Traffic, netops
ssingh added a comment to T301165: Enable IPv6 for Wikidough.

We have discussed this in the Traffic team and decided to go with 2001:67c:930::1/128, mostly because we feel it's easy to memorize/copy (for cases where people want to do that and directly use the IP in their stub configuration).

Feb 8 2022, 4:53 PM · Patch-For-Review, SRE, Infrastructure-Foundations, Traffic, netops

Feb 7 2022

ssingh updated the task description for T301165: Enable IPv6 for Wikidough.
Feb 7 2022, 7:12 PM · Patch-For-Review, SRE, Infrastructure-Foundations, Traffic, netops

Jan 31 2022

ssingh updated the task description for T300158: Create Ganeti VMs for durum in drmrs.
Jan 31 2022, 1:39 PM · Patch-For-Review, SRE, Traffic

Jan 26 2022

ssingh created T300158: Create Ganeti VMs for durum in drmrs.
Jan 26 2022, 4:01 PM · Patch-For-Review, SRE, Traffic
ssingh created T300156: Create Ganeti VMs for Wikidough in drmrs.
Jan 26 2022, 3:55 PM · SRE, Traffic

Jan 12 2022

ssingh committed rOSKWf1c9ba0cb0bc: Add test environment for Mozilla TRR tests (authored by ssingh).
Add test environment for Mozilla TRR tests
Jan 12 2022, 10:31 PM

Jan 11 2022

ssingh added a comment to T294120: Migrate eqiad Ganeti cluster to KVM machine type pc-i440fx-2.8.

doh1001 was also restarted but I forgot to add the -t switch and that's why you ops-bot didn't catch it :) Updated the hosts.

Jan 11 2022, 7:23 PM · Infrastructure-Foundations, SRE
ssingh updated the task description for T294120: Migrate eqiad Ganeti cluster to KVM machine type pc-i440fx-2.8.
Jan 11 2022, 7:22 PM · Infrastructure-Foundations, SRE

Dec 8 2021

ssingh added a comment to T297226: Add Lucas_WMDE to #mediawiki_security.

Mostly curious: is there anything that needs to be done for this as part of clinic duty?

Dec 8 2021, 9:12 PM · SRE, SRE-Access-Requests
ssingh committed rOSKWa8f76ebc6be0: test_dns: update tests for durum (authored by ssingh).
test_dns: update tests for durum
Dec 8 2021, 7:55 PM

Dec 7 2021

ssingh committed rOSKW69582a1b6589: test_dns: update tests for new durum features (authored by ssingh).
test_dns: update tests for new durum features
Dec 7 2021, 7:00 PM

Dec 2 2021

ssingh committed rOSKW6bb1a2f9b28c: test_dns: add a DoH check against all doh* hosts (authored by ssingh).
test_dns: add a DoH check against all doh* hosts
Dec 2 2021, 8:02 PM
ssingh reopened T215071: Merge Wikipedia subdomains into one, to discourage censorship as "Open".

Please don't close this task pending further discussion. Thank you.

Dec 2 2021, 2:52 PM · Traffic-Icebox, Domains, DNS, SRE, HTTPS

Nov 30 2021

ssingh closed T296570: Setup subdomain for Foundation messaging site as Resolved.
$ dig one.wikimedia.org CNAME +short
messaging-wikimedia-org.go-vip.net.
Nov 30 2021, 9:31 PM · Traffic, SRE, DNS, WMF-Communications

Nov 24 2021

ssingh committed rOSKW9ecc33f27c73: test_dns: add a DoT check against all doh* hosts (authored by ssingh).
test_dns: add a DoT check against all doh* hosts
Nov 24 2021, 4:35 PM

Nov 23 2021

ssingh updated the task description for T294119: Migrate codfw Ganeti cluster to KVM machine type pc-i440fx-2.8.
Nov 23 2021, 6:37 PM · Infrastructure-Foundations, SRE