Skip to main content

Browse the archive

https://github.com/wikimedia/operations-puppet
12 April 2024, 10:39:33 UTC
sort by:
Revision Author Date Message Commit Date
c6c1eaa Daniel Zahn 12 May 2017, 19:44:38 UTC phabricator: convert to profile/role-structure Another conversion from "role" to "profile/role"- structure in Puppet, following our newer puppet coding standards. https://wikitech.wikimedia.org/wiki/Puppet_coding#Profiles Change-Id: If2eeff9f844a223fff460b7fe713be14f3f00ccf 17 May 2017, 18:50:59 UTC
701b648 Faidon Liambotis 27 April 2017, 22:59:06 UTC gerrit: switch to interface::alias This is not a straight replacement: the new manifests adds the preferred_lft 0 as an option to the IPv6 address which didn't exist before (even though it should had!). Easier to cleanup manually as these are just a couple of hosts that are affected. Change-Id: Ice5366f09c75122bbfc04e869d2daf375ec5d0f6 16 May 2017, 23:38:02 UTC
2bcdf5c Daniel Zahn 16 May 2017, 23:31:15 UTC gerrit: codfw, use service IP for gerrit-slave, not server IP Change-Id: I122d92c13e3f2aa288eeb3115317d11d74386f98 16 May 2017, 23:33:28 UTC
28d597f Faidon Liambotis 27 April 2017, 22:58:50 UTC cassandra: switch to interface::alias Also drop the $rpc_interface variable, instead of passing interface => $rpc_interface to interface::alias, as it defaults to that. Change-Id: Id6882a15b0a5a795cd2bd897049fe9c05988b0ca 16 May 2017, 23:04:29 UTC
6eefdf0 Faidon Liambotis 27 April 2017, 22:59:36 UTC phabricator: switch to interface::alias This is not a straight replacement: the old manifest used a /21 netmask for the IPv4 address instead of a /32, although that was definitely wrong (and it was also not in Hiera, despite the address itself being in Hiera). Easier to cleanup manually as these are just a few hosts that are affected. Change-Id: Ieded3b493a7fb0b7d99fd4eaf18d99154f2b431d 16 May 2017, 23:04:29 UTC
8aa54b5 Faidon Liambotis 16 May 2017, 22:24:07 UTC lists: split mailman::lists_ip variable into v4/v6 Stop assuming that mailman::lists_ip[0] is the IPv4 address and [1] is the IPv6 one and split into two different variables. This was actually the case before commit 14333a539ef18287612ab1cce3035e44350f1f49 and this commit basically reverts to that. Change-Id: Ida84faa00302f644d36bf1526df838994ac4d224 16 May 2017, 23:01:29 UTC
a1957b9 Daniel Zahn 16 May 2017, 21:23:22 UTC lists: use ipaddress facts instead of server IP in Hiera For the $outbound_ips variable which is used in exim config for lists, use facts instead of storing the server IP in Hiera. [fermium:~] $ facter | grep ipaddress ipaddress => 208.80.154.74 ipaddress6 => 2620:0:861:3:208:80:154:74 ipaddress6_eth0 => 2620:0:861:3:208:80:154:74 ipaddress_eth0 => 208.80.154.74 ipaddress_lo => 127.0.0.1 Change-Id: I030f616c28a6ad412a05ea327df77c9fbcb782f5 16 May 2017, 22:14:12 UTC
05ee205 Faidon Liambotis 16 May 2017, 22:13:11 UTC lists: fix service/server IPs in Hiera The data for lists in Hiera is inaccurate/weird: role/common/lists.yaml data is stale and incorrect, and being overriden (or worse, overlayed) by the host-specific hosts/fermium.yaml. Remove the latter and merge the contents to the former, making the data accurate again. Change-Id: Idf9f2516b6c6e98ede9e913d6794070fc6a4ea02 16 May 2017, 22:13:11 UTC
0f32177 Faidon Liambotis 16 May 2017, 21:56:58 UTC lists: brown paper bag fix for 128c6df Fix a "require" to refer to the new interface::alias resource. Change-Id: I65861e4c07c955112fc5150a6d2e59687b2cf1b3 16 May 2017, 21:56:58 UTC
128c6df Faidon Liambotis 27 April 2017, 23:01:15 UTC lists: switch to interface::alias This is not a straight replacement: the new manifests adds the preferred_lft 0 as an option to the IPv6 address which didn't exist before (even though it should had!). Easier to cleanup manually as these are just a couple of hosts that are affected. This is also not fixing a very silly thing in the existing manifest, which is made a little more evident: it assumes that in the hiera key mailman::lists_ip the IPv4 address is at index 0 and the IPv6 address at index 1. This was two separate hiera keys before commit 14333a539ef18287612ab1cce3035e44350f1f49 but it has regressed since. Change-Id: Idd83f5d5f89c7834f387dc2b05f270371e74c058 16 May 2017, 21:53:47 UTC
ba38f81 Alexandros Kosiaris 16 May 2017, 18:32:23 UTC Amend description for kubernetes clusters in hiera Add the site Change-Id: Ia7ee328c60f5ca4d07664d87c5c13f297897f608 16 May 2017, 18:32:23 UTC
c3eaed8 Alexandros Kosiaris 16 May 2017, 18:28:43 UTC Add kubernetes_codfw cluster as well Add the kubernetes_codfw cluster in hieradata Change-Id: I75218220d05e14f6fc24b4ab5d2c352e6d931573 16 May 2017, 18:28:43 UTC
10b66f3 Alexandros Kosiaris 16 May 2017, 18:14:12 UTC Add codfw to kubernetes ganglia_cluster While we deprecate ganglia we still have it around and those clusters are also reused for icinga Change-Id: I2d2f41b97dda98daf6c2de0baf9dedf757d32200 16 May 2017, 18:14:12 UTC
08b250e Daniel Zahn 28 March 2017, 02:51:09 UTC yubiauth: convert to profile/role structure Moving this role towards a role/profile structure to follow current puppet code organization. https://wikitech.wikimedia.org/wiki/Puppet_coding#Organization Change-Id: I3278b31b73e1aad6adc9c165f4eb99a2bba3a4c1 16 May 2017, 17:25:49 UTC
e1fb151 Faidon Liambotis 27 April 2017, 22:59:23 UTC labs::dnsrecursor: switch to interface::alias Change-Id: I6d772c4f58b648b5df09a70ecc37db5eefc4eba4 16 May 2017, 17:05:52 UTC
78e92c8 Faidon Liambotis 27 April 2017, 22:57:37 UTC Add a new interface::alias definition Add a new interface::alias definition that can be used to add secondary IPs (like service IPs) to host interfaces. This is a light wrapper around interface::ip, but with the following things hardcoded: - It uses $facts['interface_primary'] for the $interface by default (but leaves it configurable). No more "eth0" all over the tree. - It gets both an IPv4 and IPv6 argument, as in the majority of the existing cases in the tree, users want to pass both and this makes it easier (both are optional). - It uses /32 and /128 for IPv4 and IPv6 as the prefix length respectively. This is not configurable. Use it for the wiki-mail-eqiad and wiki-mail-codfw service IPs to demonstrate that it works. More patches will follow. Change-Id: I26a0f6d882fb25bb6603779afdc878ce867b2713 16 May 2017, 16:53:18 UTC
058f434 Daniel Zahn 11 May 2017, 19:17:51 UTC ci::master: move 'include standard' to role Change-Id: I7ecbf878a7ed253bab75a37c2b21c5afc9d26ac2 16 May 2017, 16:40:22 UTC
70fdce9 RobH 15 May 2017, 21:14:12 UTC decommission mw2098 removal of mw2098, and all its references in operations/puppet. Please note, this does not set the system to role::spare, as robh intends to only merge this live when he is also goign to shut down the system. Do not merge this live on his behalf, since system must be shut down, and port disabled, when this goes live. Bug:T164959 Change-Id: I3216dd8a004c885f498352580a674e11df329a7d 16 May 2017, 16:25:44 UTC
dc677a4 Faidon Liambotis 27 April 2017, 22:31:05 UTC cache: use interface_primary instead of eth0 Bug: T163196 Change-Id: I879fd24bf61af6b2cfba0e9370e027509b4d69f4 16 May 2017, 16:16:53 UTC
53fa65e Giuseppe Lavagetto 08 May 2017, 08:38:05 UTC service::uwsgi: fix logrotate rules Since uwsgi::app defines services as uwsgi-$title, adapt the service to reload to that as well. Change-Id: I8209b7d1de3da07b82d94cfca0dd9edd3889123a 16 May 2017, 15:50:27 UTC
2f3af8b Giuseppe Lavagetto 08 May 2017, 08:34:05 UTC uwsgi::app: add reload capability in systemd As stated in the uwsgi documentation, sending a HUP signal to the application triggers a reload, which should be useful for logrotate purposes. Change-Id: Ic6c2bac3da7aa40b75da6c3ec1895a962a053494 16 May 2017, 15:40:11 UTC
26a85cb Faidon Liambotis 27 April 2017, 21:58:46 UTC interface/lvs: add an $interface parameter, remove hardcoded eth0 Reformat many of the similar modules/interface manifests and add an $interface parameter that defaults to $name, rather than using $name/$title all over the place. Remove the hardcoded comparison with eth0, and use the interface_primary fact instead. Bug: T163196 Change-Id: I619037a0adaf827c7a511468a7aa428d3c840cde 16 May 2017, 15:25:07 UTC
c105f3c Alexandros Kosiaris 16 May 2017, 15:04:22 UTC Introduce kubetcd200{1,2,3}.codfw.wmnet Add 3 VMs on the ganeti01.svc.codfw.wmnet cluster for kubernetes etcd in codfw. Assign role, install params and update etcd DNS discovery mechanisms. Change-Id: I8b216fbe7f4ba68bef38094e13b96d1671a76ae4 16 May 2017, 15:17:46 UTC
39c2e32 Riccardo Coccioli 11 May 2017, 17:04:25 UTC interface: remove unused definition ::offload Since I68acf28e70f7aca5f98525c8faef41aa76f5ac83 was merged this module doesn't seem to be used anymore. Bug: T163196 Change-Id: I619ba6e51f5d2f484a60f27d10b47491f3e721cf 16 May 2017, 14:53:52 UTC
8e2d402 Giuseppe Lavagetto 16 May 2017, 14:32:59 UTC role::restbase::production: restore original list of seeds Change-Id: I2b073ab4fb5e3002b6808e52a1ae280c3e596278 16 May 2017, 14:32:59 UTC
3cb6fba Giuseppe Lavagetto 10 May 2017, 11:50:43 UTC restbase: convert production cluster to role/profile Also remove some old cruft all around Change-Id: I5a5998814a50aa29a1dfc3785527c225076aa464 16 May 2017, 14:18:14 UTC
bc4c5c8 Andrew Otto 16 May 2017, 13:04:05 UTC Allow setting of zookeeper_version in hiera Newer versions of Debian Jessie have an updated package version. Since we don't want to upgrade everything in prod (yet), but still want to use zookeeper on later Jessie images in labs, we allow overriding via hiera. Change-Id: I0e69fa992b1076063a04547308812124e514ead8 16 May 2017, 13:04:05 UTC
755e6cf Ottomata 16 May 2017, 13:00:12 UTC Revert "Allow setting of zookeeper_version in hiera" Don't know why there is a varnishkafka submodule change in this. reverting. This reverts commit 308624ddab49a3ef226ff9834a61a8bb5d95fbda. Change-Id: I06051215587bf926e235f379167ffe3138b1ec9c 16 May 2017, 13:00:12 UTC
308624d Andrew Otto 16 May 2017, 12:52:50 UTC Allow setting of zookeeper_version in hiera Newer versions of Debian Jessie have an updated package version. Since we don't want to upgrade everything in prod (yet), but still want to use zookeeper on later Jessie images in labs, we allow overriding via hiera. Change-Id: Ib4c319690cdc979c656fd8baf85e4746c0a917c7 16 May 2017, 12:52:50 UTC
b0c1778 Giuseppe Lavagetto 10 May 2017, 11:23:34 UTC profile::cassandra: auto-generate fqdns for seeds Since we don't deviate from a very strict naming convention for instances, drop the redundant "fqdn" info from profile::cassandra::instances Change-Id: I978cd9114748ac91de5807ef99df3bc5d769e0da 16 May 2017, 09:50:58 UTC
d0364de Jaime Crespo 16 May 2017, 08:38:48 UTC mariadb-auto_install: Remove db1056, add db1055 to reimage list db1055 is the last db core server >db1050 that is not yet in jessie. Get it ready for reimage. Change-Id: Ib0e4298a28bf1635a68fb39b843f0e1015c85a79 16 May 2017, 08:46:21 UTC
458e419 Moritz Muehlenhoff 16 May 2017, 08:15:36 UTC Add apt pinning for git on deployment servers Latest git packages are now available in jessie-backports, so switch to those instead of rebuilding what we have in wikimedia-experimental for the latest git security update. Bug: T140927 Change-Id: I833920b72957a6ea3a7a186bf143795d8508dc09 16 May 2017, 08:34:17 UTC
f20c307 Arzhel Younsi 16 May 2017, 06:59:25 UTC Add private AS# to LibreNMS Bug: T164911 Change-Id: I84b365175c7da560e991d651510b2daff0283771 16 May 2017, 08:27:02 UTC
7bcb5cd Moritz Muehlenhoff 16 May 2017, 07:41:25 UTC Drop experimental apt repository from app servers 3.18 is now in the default repo. Change-Id: I9393c5a557642c5b426a7cc5c301641caac6f398 16 May 2017, 07:42:34 UTC
e865a67 Moritz Muehlenhoff 15 May 2017, 13:22:38 UTC package_builder: Install patchutils debdiff needs interdiff(1) from patchutils to compare two dsc files. Change-Id: I98b3a69d62756a0e840cb2ad1b0291fd4e3b4dbc 16 May 2017, 06:52:04 UTC
2cf0e9c Daniel Zahn 16 May 2017, 02:45:54 UTC wikistats: only run db init command once Fix the mechanism to ensure the db initializiation command is run only once to bootstrap a new system but not on every puppet run. Change-Id: I050c258572487e31b924ca6134392435d7612006 16 May 2017, 02:47:54 UTC
169b043 Daniel Zahn 16 May 2017, 02:10:26 UTC wikistats: fix wrong file parameter, user -> owner A file has an owner, not a user, a cron has a user. Typo. Change-Id: Id26b50263cfce1337bbb2c06bb04ed8fdd78a8bc 16 May 2017, 02:13:20 UTC
c805280 Daniel Zahn 16 May 2017, 01:56:16 UTC wikistats: add db schema, auto-create db, adjust backup dir Change-Id: I124c355a42b215a48620856fc6f60b4f526e935b 16 May 2017, 02:02:59 UTC
f4b7315 Daniel Zahn 16 May 2017, 01:18:43 UTC wikistats: install libapache2-mod-php7.0 if on stretch Change-Id: I1925a00a907cb904ba842771224535b321a6ac66 16 May 2017, 01:23:20 UTC
5136ddf Paladox 10 May 2017, 22:55:13 UTC Labs contint: Install php5-gmp and php7.0-gmp This installs php5-gmp on labs. php7.0-gmp is installed from an external apt repo which was added in https://github.com/wikimedia/puppet/commit/8ec74841f4d5c3ab9a19100749bcecad3aa5c3cc Bug: T164977 Change-Id: Ib21412c17b3a84f3b295f9094c2edc4856901ce1 16 May 2017, 01:16:17 UTC
0773867 Daniel Zahn 16 May 2017, 00:22:06 UTC wikistats: create random db password once to bootstrap system Let puppet create a random db connection password once, but not on every run. Then the deployment script can use this to copy it to /etc/wikistats/config.php after deploying to bootstrap a fresh instance. While avoiding any secrets in labs/private but also any manual steps or not using a db password. Change-Id: I0ab5a1d08a03b566d2ded7c4fd36564b4ba9bfcc 16 May 2017, 00:29:45 UTC
59f0024 Daniel Zahn 16 May 2017, 00:00:24 UTC wikistats: don't use /root/ dir for backup, use /usr/lib/ Do not use root's homedir as the location for backups, use /usr/lib/wikistats/ which already exists before a deploy because it's the home dir of the "wikistatsuser" that puppet creates. Change-Id: I8e46367fe0d5214df1a6f8f34c75e5a57bac4125 16 May 2017, 00:00:24 UTC
dbb0f13 Daniel Zahn 15 May 2017, 23:45:38 UTC wikistats: puppetize deploy script Puppetize the existing simple deploy script that copies files in place after puppet git clones from repo. It was already in use on the jessie instances wikistats-cowgirl but when testing on stretch i noticed it wasn't in repo yet, so you could not bootstrap a new instance. Change-Id: I0c54d6d20bc9a0db37eedf61565d6fc1a3941477 15 May 2017, 23:56:11 UTC
992949b Daniel Zahn 15 May 2017, 22:57:52 UTC wikistats: more stretch support, php-cli package The php5-cli package does not exist anymore in Debian stretch. Add support for it by using the php7.0-cli package instead. Change-Id: Id310aa59a00cd4a3431688aba07d19886b7bf25c 15 May 2017, 22:59:57 UTC
af5d0b1 Daniel Zahn 15 May 2017, 22:36:43 UTC wikistats: add support for Debian stretch Currently using this role to test the experimental Debian stretch image on Labs It sets up an Apache with a PHP app and some crons, so it seemed a good candidate to test. First feedback: php5-mysql package does not exist anymore on stretch, so puppet could not find that. Use php7.0-mysql if on stretch. Also use "require_package" instead of just package{}. Change-Id: Ifd370f9f37e552d5aa5c4dd4903dca6fde81fa46 15 May 2017, 22:40:58 UTC
b0086a4 Chad Horohoe 19 April 2017, 16:31:17 UTC Jenkins: install jdk, not just jre Gives you all kinds of useful debug tools Change-Id: Ibfb94c133e5d4660e561a16d424c4d8b065e0e9e 15 May 2017, 19:32:43 UTC
5ebbcd0 Giuseppe Lavagetto 10 May 2017, 09:42:11 UTC restbase: convert test cluster to role/profile Change-Id: I683b4a5a405b96f5a87987a208f20330c1cb2da2 15 May 2017, 15:55:03 UTC
b4b5c21 Giuseppe Lavagetto 10 May 2017, 11:07:42 UTC cassandra::instance: allow use of default values In practically all cases, we have cassandra instances defined according to a very precise pattern; this patch makes that pattern the default so that in most cases we just need to define a few data per instance. Also, drop the logic tied to rpc_interface and just add the IP address if it's not the server's primary ip. Change-Id: I242319f2ec11bd90f550aaa4a92af590f6c93a7e 15 May 2017, 14:46:23 UTC
c653f49 Alexandros Kosiaris 15 May 2017, 12:07:50 UTC Add kubemaster LVS service in codfw Add the necessary stanza for the kubemaster LVS service IP to be used and advertized in codfw Change-Id: I1f5144f2cebc51e20c8898a77ee69d166c34bb40 15 May 2017, 14:13:59 UTC
26b2e79 Giuseppe Lavagetto 09 May 2017, 15:24:08 UTC restbase: migration to role/profile for the dev cluster * Created profiles for restbase/cassandra, loosely couple to the old corresponding roles * Unified the logic for cassandra::seeds and cassandra::instances by using a shared data structure and a template to modify items * Created a base role for restbase, with no LVS, to include in all the other roles. * Created a role for restbase::dev_cluster and defined its hiera variables * Consequently dropped all of the data in regex.yaml and in hosts/* (apart from rack positioning) for the dev cluster Change-Id: I817204597d421c3bc52a7778e992bd0c1dc473c7 15 May 2017, 13:29:42 UTC
b2c97f8 Emanuele Rocca 15 May 2017, 13:08:00 UTC VCL: lower grace for transient n-hit-wonder objects Lower grace for hit-for-pass objects created when dealing with n-hit-wonders from 5m/60m (healthy/sick backend) to 1m. Bug: T165063 Change-Id: Ief0426ef58f0380ba1dd14f7eb94a6f3072c46e0 15 May 2017, 13:08:00 UTC
1a49575 Arzhel Younsi 15 May 2017, 12:35:00 UTC LibreNMS: Use default OSM tiles provider + simplify syslog filtering Bug: T164911 Change-Id: I78a6d4b886cb765cb52c2121c0df793b8f198a3e 15 May 2017, 12:37:14 UTC
53b8994 Alexandros Kosiaris 15 May 2017, 12:03:34 UTC Add acrux, acrab to the infrastructure Add the 2 new VM on ganeti as kubernetes masters. Don't yet enable LVS as it should be done in a later step, but do populate the data in conftool. Add PXE, TFTP data as well and update site.pp Bundle in a few commenting/formatting changes for argon, also a kubernetes master Bug: T165291 Change-Id: I0c6d3a5af24207510bf0ac64afceba6776360dff 15 May 2017, 12:06:08 UTC
442136a Giuseppe Lavagetto 15 May 2017, 09:49:01 UTC profile::calico::builder: use calico release info Instead of having the user specify the versions of every single object, just have to specify the release, and versions are picked from the module. This will require a commit every time we add a new release, but I think that's acceptable. Bug: T165024 Change-Id: I11f52ac4eac28c541a36b6651a8d347803e0ef17 15 May 2017, 09:49:01 UTC
f852c52 Giuseppe Lavagetto 15 May 2017, 07:16:31 UTC build-alpine: do not error out if branch not present Change-Id: I2dc98021e7436aea33cdcc3d7ee0426c0ac997fa 15 May 2017, 07:16:31 UTC
7623476 Daniel Zahn 11 May 2017, 19:22:10 UTC webperf: move 'standard' and 'base::firewall' to role Change-Id: I3f0b6030b557d6d1b456e22ac4c5a7e808f1ac59 12 May 2017, 18:47:09 UTC
10f4068 Daniel Zahn 11 May 2017, 19:19:51 UTC dumps::zim: move 'include standard' to role Change-Id: I795afbc40d1fb3b1f176c4d4939a465e034f6f60 12 May 2017, 18:35:43 UTC
db6b56b Daniel Zahn 11 May 2017, 19:14:13 UTC piwik: move 'include standard' to role Change-Id: I253bbe4c971b39c3a7292ed6ed2013bc87eda915 12 May 2017, 18:31:17 UTC
c34ca8c Daniel Zahn 10 May 2017, 17:17:18 UTC syslog::centralserver: move 'include standard' to role Change-Id: I66b77fdd86ff5d499dda75ceaa01e9809243fbf5 12 May 2017, 18:01:02 UTC
2580043 Brandon Black 12 May 2017, 16:30:25 UTC VCL: be careful about grace/keep on 0-TTL objects... grace and keep can keep per-request objects alive a long time in transient storage. Even hit-for-pass objects that are multi-request are probably similarly-affected. This should fix up the bulk of the cases. Bug: T165063 Change-Id: Ib4708ab5da0b80cddb717fd57a6902afb89b215e 12 May 2017, 17:38:51 UTC
2a190b4 Brandon Black 12 May 2017, 17:14:30 UTC VCL: Do not assume obj.grace > grace_healthy Bug: T165063 Change-Id: I345e1e70d2c392a7073dab40c73000953269f6af 12 May 2017, 17:38:24 UTC
6b0b6bb Emanuele Rocca 12 May 2017, 16:44:24 UTC varnish: reduce keep setting on frontends Bug: T165063 Change-Id: I76de256848efc34b6dffc9f4c01efea088f94430 12 May 2017, 16:46:47 UTC
3bc2b40 Guillaume Lederrey 12 May 2017, 15:27:59 UTC logstash - cleanup of indices is done from multiple nodes for redundancy To make sure that indices are cleaned up even if a node is down, the indices cleanup cron is run from multiple nodes. An index can already be deleted, so 404 errors need to be ignored. Change-Id: If22d153f29bf3b7ee9f6b9fdd7172248aae6179e 12 May 2017, 15:27:59 UTC
afc9f8b Giuseppe Lavagetto 12 May 2017, 14:42:38 UTC docker::baseimages: fixes to the alpine build script Change-Id: Ie9d8fe706da7b1e61c0afa0c1dd5df1e3f38b6b1 12 May 2017, 14:57:44 UTC
7930cde Jeff Green 12 May 2017, 14:29:56 UTC switch indium to frlog1001 Change-Id: I2f05d398ad67a716a2ea5d4b4342453719ffdebe 12 May 2017, 14:29:56 UTC
aba2550 Giuseppe Lavagetto 11 May 2017, 11:55:41 UTC docker::baseimages: separate build script for alpine linux Since we need to be able to provide a specific version to build, separating the script will make things easier. Bug: T165024 Change-Id: I82c4f2367256f03d3753b9d5dd56a3ae0fd3f46a 12 May 2017, 13:47:13 UTC
57e741f Antoine Musso 12 May 2017, 13:38:57 UTC contint: fix apt::pin resource name The apt preference files MUST NOT contains any space. Rename the apt pinning for HHVM/experimental. Follow up 6819c23fe2590edf7d7af55734ae6750e0b9d0df Change-Id: I768985ecc486d3a1f03f1f0c25b873f53389bea3 12 May 2017, 13:38:57 UTC
f9c2780 Giuseppe Lavagetto 11 May 2017, 14:02:04 UTC role::deployment_server: generate dsh lists for zotero Change-Id: Iffc02879522a6ff0d6fcb361bf5a5f17c91f45ab 12 May 2017, 13:10:34 UTC
6819c23 Antoine Musso 12 May 2017, 12:55:09 UTC contint: pin HHVM packages to use experimental component Bug: T165074 Change-Id: Ia0e2aa58feeec723eed01277159110025541af00 12 May 2017, 12:58:43 UTC
30d7f16 Antoine Musso 12 May 2017, 10:22:27 UTC contint: move hhvm-dev to a different class Move the installation of hhvm-dev and hhvm build-dependencies from contint::packages::php to contint::packages::hhvm. The CI instances include both contint::hhvm and contint::packages::hhvm. Will make it easier to apt::pin hhvm packages later on. Change-Id: I79b72e6bb5c590921d6b86481fd2985a954a8ef8 12 May 2017, 12:44:46 UTC
240f016 Antoine Musso 12 May 2017, 10:42:44 UTC contint: experimental component for nodepool instances So we can selectively pick packages from /experimental. Pin it to priority 1 to ensure nothing get installed from it unless explicitly required. Change-Id: I086c218ba908c3c36af443e9d0800c2f28431525 12 May 2017, 12:28:35 UTC
db9e994 Alexandros Kosiaris 12 May 2017, 08:59:52 UTC varnish: Rename planet1001 director to planet Having a director named planet1001 is misleading given that the backends are planet1001 and planet2001. Rename to planet to depict that the director works for both DCs Change-Id: I4b2617d5e6fa4f3856e301b736f2fc42e8ef1566 12 May 2017, 11:14:30 UTC
eb16b54 Arzhel Younsi 12 May 2017, 09:25:00 UTC Add logstash-syslog-tcp LVS service Listening on port tcp/10514 Bug: T151971 Change-Id: Ia1594b06a77c00f98de8eed35b1cdf637579fd0c 12 May 2017, 09:35:34 UTC
96654e3 Daniel Zahn 11 May 2017, 19:27:37 UTC backup::offsite: move 'include standard' to role Change-Id: I8ca09c29f0c4b90820d24ed23a7a895d34e13b4a 12 May 2017, 08:55:21 UTC
38c203d Daniel Zahn 11 May 2017, 19:25:48 UTC backup: remove duplicate 'standard'-include In this case the include of standard is already in the role. So it's duplicate on the node. Change-Id: I91585c63f05cb7b265bcceded1f50611bcc124c9 12 May 2017, 08:54:53 UTC
550922e Arzhel Younsi 10 May 2017, 14:56:17 UTC Various LibreNMS improvements - [WARN] Your RRD directory is not set to 0775 - Add daily.sh cron job - Add billing module - Enable Globe Frontpage - Add location mapping - set "email_from" for better email filtering - Use maps.wikimedia.org for tiles - Ignore noisy fatal syslog messages - IRC bot inital configuration Bug: T164911 Change-Id: I4507b0ba2027baa9ac640c1608782afaee223a6a 12 May 2017, 08:39:23 UTC
6cb095e Moritz Muehlenhoff 09 May 2017, 06:17:01 UTC Drop cache/LVS NFS override nfs-common and rpcbind were installed as part of the base d-i installation (prior to the first puppet run). 386ac51a3b85ef3876e60c7a36bf9ff65d091876 now removes it during the initial installation and (so new jessie installations are fine) and the roles which explicitly need NFS on the client or server side have gained explicit puppet declarations via 328f3c67a56394b5e4288513f14b8278bb5b073c and 535988c8162b8f459bebc15c91f26b8d8a600fb3. So we can drop that workaround for LVS/CP (to avoid puppet failures nfs-common and rpcbind need to removed shortly before merging the puppet change) Bug: T106477 Change-Id: I943f4de0a856f5fea8434544608dd0f83e965bfb 12 May 2017, 06:18:42 UTC
1b1732e Andre Klapper 14 April 2017, 19:42:06 UTC Phabricator monthly email: Also include Differential user activity Change-Id: I183675e5a4c880cc10f7368fd65d54ae5f79a843 11 May 2017, 18:33:57 UTC
d97024b Daniel Zahn 10 May 2017, 01:49:20 UTC udp2log: use logrotate::conf for logrotate Change-Id: Ie8057d30153c217492fc0563e3d3562066470270 11 May 2017, 17:14:23 UTC
ea9e569 pt1979 10 May 2017, 16:16:50 UTC DHCP/partman: Add dhcp and partman entries for kubernetes200[1-4] Bug:T164851 Change-Id: I79b5d2dd935479f782964f75e81371452437f758 11 May 2017, 16:49:44 UTC
d89dfcf Faidon Liambotis 27 April 2017, 21:56:08 UTC lvs: remove support for <= trusty All LVS systems are now running jessie, so remove legacy/dead code that was there for older systems. This removes the only "if ! os_version()" occurence in the tree which is probably an antipattern as it's harder to grep for. Change-Id: I68acf28e70f7aca5f98525c8faef41aa76f5ac83 11 May 2017, 16:06:01 UTC
908cb6d Faidon Liambotis 10 May 2017, 15:38:46 UTC Move all add_ip6_mapped calls to site.pp Most of the add_ip6_mapped calls are in site.pp but a few have creeped in to roles and profiles. Move them all back to site.pp, as a) Labs doesn't have IPv6, rendering those role/profiles unusable in Labs and b) IPv6 addressing is really a host config, not something tied to a particular profile/role (and one that we expect to eventually move to base or deprecate entirely). Change-Id: I63692a84426982a75c99b29f43f274c41a2e2dfe 11 May 2017, 15:47:52 UTC
41c3964 Faidon Liambotis 27 April 2017, 22:06:50 UTC Remove c/p interface argument to add_ip6_mapped interface::add_ip6_mapped is being used with an argument of interface => eth0 all across the tree (and one occurence of "eth2"). This is probably because it was copy/pasted around, since the interface parameter has always been optional and defaulting to the first interface found so in all but the eth2 case, it was redundant. As of recently it's defaulting to the "interface_primary" fact, which makes the option entirely redundant. Remove it across the tree. Bug: T163196 Change-Id: Ie89e84aa820160c91a4363f7bcd278cfc83f181c 11 May 2017, 15:00:41 UTC
9bfc166 Faidon Liambotis 30 March 2017, 13:55:01 UTC Switch add_ip6_mapped to use interface_primary Use the 'interface_primary' and the new 'ipaddress' facts in add_ip6_mapped, paving the road to not passing any arguments by default and thus potentially including it on all hosts. Also, cleanup and comment a little bit while we're there. Bug: T163196 Change-Id: Ic163ee735977cf8d3e85eb8d73727c91fb556196 11 May 2017, 14:42:12 UTC
71d934f andrewbogott 06 May 2017, 02:33:04 UTC Nova policy: Open up quota-related queries It would probably be ok to open up "compute_extension:quota_classes" as well but I can't figure out what that does so am erring on the safe side unless we turn out to need it. Bug: T164332 Change-Id: I4cbaeb4bd5eb5b4d0d7b154c2c5677b9b605117b 11 May 2017, 14:08:02 UTC
f0cf0d8 Faidon Liambotis 27 April 2017, 21:51:05 UTC labs: remove the _eth0 suffix from ipaddress facts Our new ipaddress/ipaddress6 facts do the right thing and there is no reason to explicitly use the value of ipaddress_eth0. Remove those mentiions from all Labs/ToolLabs manifests. Bug: T163196 Change-Id: Iefb1464a2b33a2daa7871b6ec561d240c02a87d0 11 May 2017, 12:45:08 UTC
5d62720 Riccardo Coccioli 11 May 2017, 08:29:27 UTC LVS: move pybal config to a separate class - lvs::configuration is included in many places, but the $pybal configuration is actually used only by pybal. Moreover the values in there makes no sense when applied to non-LVS hosts. - this fixes also the errors in deployment-prep due to missing IPv6 Bug: T163196 Change-Id: I035e0192faea4385a470451ddce88afa4b736eb8 11 May 2017, 12:05:26 UTC
1140978 Moritz Muehlenhoff 11 May 2017, 10:57:18 UTC role::mariadb::wikitech: Switch to ferm constants Prevents errors like the one fixed in a7d62a6008c4bd2f2c4e3d2cb265ae69aff69661 Change-Id: I68637a34b614d6da49261801b8a010b5ae576262 11 May 2017, 10:57:18 UTC
a7d62a6 Moritz Muehlenhoff 11 May 2017, 10:26:21 UTC Remove mira from role::mariadb::wikitech ferm rule 478bd1a14653127f62fe787aa9f3c6af00b48b8f in ops/dns removed the DNS entry for mira, but 1a903481607ebf822ebe3d573253cb26d55c171a didn't remove it from the ferm host list for mariadb::wikitech. This leads to a ferm startup failure on labtestwiki/silver (silver hasn't reloaded yet, so it's not a live error yet, but would trigger with the next ferm reload): Error in /etc/ferm/conf.d/10_mysql_deployment_terbium line 4: tin.eqiad.wmnet mira.codfw.wmnet naos.codfw.wmnet terbium.eqiad.wmnet wasat.codfw.wmnet ) ) <-- DNS query for 'mira.codfw.wmnet' failed: NXDOMAIN Bug: T164588 Change-Id: Ie52fa3a40194436fd8365a9add3239ab5cd17c92 11 May 2017, 10:37:32 UTC
665adb0 Arzhel Younsi 11 May 2017, 10:08:57 UTC Workaround for puppet/icinga issue Where Icinga looks for logstash.svc.codfw.wmnet while it doesn't exist Bug: T151971 Change-Id: I9739294e7fc76785e523c75491ab89e96784faf4 11 May 2017, 10:23:41 UTC
a3aba08 Moritz Muehlenhoff 11 May 2017, 09:48:38 UTC Remove mira from tcpircbot config 478bd1a14653127f62fe787aa9f3c6af00b48b8f in ops/dns removed the DNS entry for mira, but 1a903481607ebf822ebe3d573253cb26d55c171a didn't remove it from the ferm host list for tcpircbot. This leads to a ferm startup failure on tegmen: May 10 18:13:30 tegmen ferm[45700]: Starting Firewall: fermError in /etc/ferm/conf.d/10_tcpircbot_allowed line 4: May 10 18:13:30 tegmen ferm[45700]: eventlog1001.eqiad.wmnet tin.eqiad.wmnet mira.codfw.wmnet naos.codfw.wmnet puppetmaster1001.eqiad.wmnet puppetmaster2001.codfw.wmnet tMay 10 18:13:30 tegmen ferm[45700]: ) May 10 18:13:30 tegmen ferm[45700]: , AAAA May 10 18:13:30 tegmen ferm[45700]: ) May 10 18:13:30 tegmen ferm[45700]: <-- May 10 18:13:30 tegmen ferm[45700]: DNS query for 'mira.codfw.wmnet' failed: NXDOMAIN Bug: T164588 Change-Id: Ifd4537c63d36cf9f3bd188ac62ffedc64f9c1ed9 11 May 2017, 10:06:58 UTC
8799f57 Arzhel Younsi 11 May 2017, 09:47:38 UTC Ferm to allow tcp/10514 on logstash nodes Bug: T151971 Change-Id: I8081da7158b205986a13ed6f0a54d7d63919767b 11 May 2017, 09:47:38 UTC
57353a9 Erik Bernhardson 10 May 2017, 18:38:19 UTC Logstash match_mapping_type still uses string, not text In elasticsearch 5.x the string mapping was deprecated, in favor of text and keyword mappings. It turns out this was only deprecated for the actual mapping though, and not for the match_mapping_type part of mapping templates. Upating this to "string" should bring back the old index format, with '*.raw' fields so all our existing dashboards continue to work as expected. Bug: T164823 Change-Id: I651ce56964d6326cadda29244de259b7b5d203b4 11 May 2017, 09:12:20 UTC
70f76bd Daniel Zahn 10 May 2017, 17:09:58 UTC thumbor: move 'include standard' to role Change-Id: I4a6b2e0a275ce517911288e350d0acc34322b53a 11 May 2017, 09:00:20 UTC
582e4f1 Daniel Zahn 10 May 2017, 17:06:26 UTC parsoid: move 'include standard' to role Change-Id: Ifd355e418d3343f59758a9badab253eaeeaa9557 11 May 2017, 08:59:14 UTC
24336bf Daniel Zahn 10 May 2017, 17:14:09 UTC puppetmaster::backend: move 'include standard' to role Change-Id: I09d073bd10232a0fba51890cdfe2661c0ef95856 11 May 2017, 08:58:14 UTC
f460f0c Daniel Zahn 10 May 2017, 17:11:41 UTC poolcounter: move 'include standard' to role Change-Id: I221f6cdae9fb62e8dc291732405592a118453b6f 11 May 2017, 08:57:20 UTC
6038792 Daniel Zahn 10 May 2017, 01:46:43 UTC apertium: use logrotate::conf for logrotate Change-Id: I54f9356ce5c1b17d9239acbdb9b4c0413c1c02e6 11 May 2017, 08:56:46 UTC
3736d9e Daniel Zahn 10 May 2017, 17:19:09 UTC ganeti: move 'include standard' to role Change-Id: I504d1c74c7b7fb6a46d52976abd24ae9841f0732 11 May 2017, 08:55:34 UTC
d74a00d Arzhel Younsi 10 May 2017, 13:13:25 UTC Add new logstash LVS service Based on the listeners listed in modules/role/manifests/logstash/collector.pp Inspired by https://gerrit.wikimedia.org/r/#/c/324371/ Bug: T151971 Change-Id: I048e38080e6055b107d5ce767b0e9d7c235fabf1 11 May 2017, 08:37:08 UTC
back to top