[Engineering] Cron jobs running on Analytics stat hosts and firewall rules
Luca Toscano
ltoscano at wikimedia.org
Mon Aug 27 09:29:10 UTC 2018
Hi everybody,
as part of T198623 the Analytics and Traffic team worked on a better set of
firewall rules for ipv4/ipv6 traffic generated within the Analytics VLAN
and going towards Production. For example, we are now enforcing the usage
of https://wikitech.wikimedia.org/wiki/HTTP_proxy for all the http/https
connections originated from the Analytics VLAN, so if you have any
important cron job that runs periodically on any Analytics host (most
likely the stat boxes) please check that it complies to this policy as soon
as possible. Please note that the policy itself is not new (
https://wikitech.wikimedia.org/wiki/Analytics/Data_access#Stats_machines)
but it will be enforced very soon during the next couple of days. We have
run several tcpdump sessions to check the current traffic (we are
reasonably sure that nothing will break), but better safe than sorry :)
For any comment/suggestion/question/etc.. please follow up in the task or
with me in the #wikimedia-analytics IRC channel.
Thanks in advance!
Luca (on behalf of the Analytics team)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.wikimedia.org/pipermail/engineering/attachments/20180827/3a71117c/attachment.html>
More information about the Engineering
mailing list