Hi there,
TL;DR: I brain-dumped a wiki page here:
https://wikitech.wikimedia.org/wiki/Wikimedia_Cloud_Services_team/Enhanceme…
I hope I managed to write my ideas clear enough.
Points for debate:
* ownership of designate domains (cloudinfra vs wmflabsdotorg vs admin vs ..)
* service name of designate (ns0.openstack.eqiad1.wikimediacloud.org??)
* delegations, per-project subdomains etc
* all the details about the wmcloud.org subdomain
Hey Arturo, why this now??
I've been doing several operations to be able to set up a bastion and
puppetmaster in codfw1dev like we do in eqiad1. While at it, instead of setting
this up with the legacy domains, I step forward and have been playing with the
new domains. All this kung-fu allowed me to review the setup and identify
several points where we could introduce a bit more consistency and robustness.
The changes I've been doing in codfw1dev will eventually land in eqiad1, so
double win!
Some new stuff to try related to this follows.
* add this to your .ssh/config file:
=== 8< ===
Match user root host *.codfw1dev.wikimedia.cloud
User root
IdentityFile ~/.ssh/root_key
IdentitiesOnly yes
ForwardAgent no
ProxyCommand ssh -i ~/.ssh/root_key -a -W %h:%p
root(a)bastion-codfw1dev-01.codfw1dev.wmcloud.org
=== 8< ===
* try SSH!
user@laptop:~$ ssh
root(a)puppetmaster-01.cloudinfra-codfw1dev.codfw1dev.wikimedia.cloud
* this means we have the following 2 domains working:
- puppetmaster-01.cloudinfra-codfw1dev.codfw1dev.wikimedia.cloud
- bastion-codfw1dev-01.codfw1dev.wmcloud.org
Comments welcome.
regards!
--
Arturo Borrero Gonzalez
SRE / Wikimedia Cloud Services
Wikimedia Foundation
On 1/7/20 6:12 AM, Andrew Bogott wrote:
> We'll be upgrading the cloud services OpenStack install next Tuesday, beginning
> at 12:00 noon UTC
>
> The entire upgrade process may take an hour or two. Early on in the process,
> Horizon (and associated OpenStack APIs) will be disabled (probably for 20 to 30
> minutes.) There may also be brief network interruptions during the upgrade.
>
> Toolforge and existing VMs should be largely unaffected apart from possible
> network hiccups.
>
Reminder,
this will be happening in about 30 minutes!
regards.
--
Arturo Borrero Gonzalez
SRE / Wikimedia Cloud Services
Wikimedia Foundation
I was trying to figure out how to keep better track of hardware things
and realized that one thing we had not tried yet is a dedicated
workboard. I asked on irc and Brooke and Jason didn't immediately
think it was a horrible idea, so I moved ahead with an experiment:
https://phabricator.wikimedia.org/project/view/4482/
You can add things with the #wmcs-hardware tag. Y'all can also mess
with columns and ordering, but maybe check in with Jason before taking
any really radical actions as I expect he will be one of the main
consumers of this board as he interfaces with the DCOps folks.
One possibly surprising thing when using the new tag: I made
#wmcs-hardware a "milestone" of #cloud-services-team. This means that
when you add #wmcs-hardware Phabricator will remove
#cloud-services-team and of it's other milestones. #wmcs-kanban is
also a milestone, so a hardware task can be in one board or the other,
but not both!
Let's revisit this in our Q3 process retro and decide if we will keep
this new board of archive it and try something else.
Bryan
--
Bryan Davis Technical Engagement Wikimedia Foundation
Principal Software Engineer Boise, ID USA
[[m:User:BDavis_(WMF)]] irc: bd808