[00:01:56] <ebernhardson>	 this is all so odd...no answers yet :(  strace/tcpdump show that nginx is making two requests to /bigdata/... for every one request to /readiness-probe, one of those doesn't include the query string and nginx just closes it, leaving jetty to EOF
[00:02:21] <ebernhardson>	 nginx has debug loging...but it's dense :P
[08:58:24] <gehel>	 ejoseph: I'll be 3 minutes late for our meeting...
[09:51:44] <ejoseph>	 zpapierski: when will you be ready
[09:54:09] <zpapierski>	 ejoseph: I need to take care of something first, I should be around 11:45
[10:26:58] <gehel>	 dcausse: I was pinged again by Observability on T289077. I think we've done some of that as part of WCQS and streaming updater. cc: ryankemper 
[10:26:59] <stashbot>	 T289077: Migrate Search team's prometheus-based alerts from Icinga to alert-manager - https://phabricator.wikimedia.org/T289077
[10:43:41] <dcausse>	 gehel: should not be too hard as long as everything is in prometheus
[10:44:41] <gehel>	 We've been talking about making this happen since end of August :/
[10:44:51] <gehel>	 Let's discuss it on Monday
[10:45:03] <dcausse>	 sure
[11:43:22] <ejoseph>	 I need to fix my Generator
[11:43:41] <ejoseph>	 I’ll be back by 2
[11:46:21] <zpapierski>	 lunch break
[15:21:25] <gehel>	 errand, back in a bit
[15:50:52] <ebernhardson>	 \o
[15:51:04] <dcausse>	 o/
[15:51:53] <zpapierski>	 o/
[15:54:46] <ebernhardson>	 zpapierski: how do i get blazegraph to output the logs from the mw-oauth-proxy side of things?  My local jetty says things like 'Started o.e.j.w.WebAppContext@4566e5bd{org.wikidata.query.rdf.mwoauth,...`  and 5xx's go into the error log, but on wcqs* i can't get anything
[15:55:29] <ebernhardson>	 i changed logback-wcqs-blazegraph.xml from <root level="warn> to <root level="debug"> but still no reference to mw-oauth
[15:55:29] <zpapierski>	 first question would be what are the actual logs there
[15:55:32] <zpapierski>	 let me look
[15:56:17] <zpapierski>	 I don't see any logs in the service itself
[15:56:37] <ebernhardson>	 zpapierski: well, curl localhost:9999/oauth/check_auth, get a 5xx, there should be logs about that :P
[15:56:49] <zpapierski>	 then that's jetty, not wcqs
[15:56:58] <ebernhardson>	 zpapierski: the command line runs both at the same time
[15:57:02] <zpapierski>	 I meant not mw-oauth proxy
[15:57:05] <zpapierski>	 I know
[15:57:15] <zpapierski>	 let me take a look at that logback config
[15:57:28] <ebernhardson>	 to me, if it's on the same command line, its the same process :P  The logback config is just `-Dlogback.configuration=....` suggesting it's not limited to blazegraph
[15:57:31] <zpapierski>	 any wcqs instance I assume
[15:57:40] <ebernhardson>	 zpapierski: should all be the same, i'm using 1001
[15:57:43] <zpapierski>	 that's generally true
[15:57:49] <zpapierski>	 but each has it's own appender
[15:57:54] <zpapierski>	 I might can have
[16:06:54] <zpapierski>	 ebernhardson: just to be sure - are you certain they are from mw-oauth-proxy?
[16:07:22] <zpapierski>	 the logs that are there are logged by jetty and they indeed don't come from mw-oauth-proxy
[16:07:57] <ebernhardson>	 zpapierski: the problem is /oauth/check_auth gives a 5xx, and i want a log that says why it's 5xx
[16:07:58] <zpapierski>	 but I see no place where we'd set up 503 status explicitly (those wouldn't show in logs) and the errors in logs are logged by jetty 
[16:08:09] <zpapierski>	 nginx?
[16:08:15] <ebernhardson>	 no, its :9999
[16:08:18] <ebernhardson>	 thats jetty
[16:08:21] <zpapierski>	 ah, not nginx
[16:08:48] <zpapierski>	 wait a sec
[16:08:49] <ebernhardson>	 i would expect some sort of debug logging to report all requests, good or bad, and how they got there
[16:08:53] <ebernhardson>	 do we have something like that ?
[16:08:53] <zpapierski>	 there is something from mw-oauth
[16:09:40] <zpapierski>	 https://www.irccloud.com/pastebin/VU526dtk/
[16:09:58] <zpapierski>	 mw-oauth hasn't even been registered
[16:10:11] <zpapierski>	 looks like some classpath issue
[16:11:58] <ebernhardson>	 our logging is a mess :P  There is journalctl for wcqs-blazegraph, and blazegraph specific logs on top.  But somehow that ends up in syslog? :P
[16:12:01] <zpapierski>	 the logging is botched though, I found that one through journalctl (so stdout)
[16:12:40] <ebernhardson>	 hmm, seems i should have found that yesterday. oh well. What is Janino?
[16:12:50] <zpapierski>	 no clue :)
[16:13:10] <ebernhardson>	 :P
[16:13:17] <gehel>	 journald forwards to syslog, with some weird config to also send some of that to logstash (via rsyslog if I remember forrectly)
[16:13:29] <zpapierski>	 looks like piece of jetty though, I see nothing of ours in Jetty
[16:13:36] <gehel>	 I think that janino is the configuration engine of logback
[16:13:44] <zpapierski>	 or that
[16:13:50] <zpapierski>	 (I mean, I have no idea)
[16:14:02] <ebernhardson>	 hmm, so do we have to compile logback into the oauth-proxy explicitly?
[16:14:12] <ebernhardson>	 (and what changed, because that worked 3 weeks ago)
[16:14:34] <gehel>	 we need to have the logback jars in the oauth-proxy
[16:15:04] <gehel>	 janino might be an additional optional dependency, because we do some weird filtering in the blazegraph logback config
[16:15:13] <ebernhardson>	 oh i remember, gehel and i tried to fix logging a few weeks ago then everything broke and i forgot to finish :)
[16:15:35] <gehel>	 ebernhardson: yeah, that's probably related in some way
[16:15:57] <zpapierski>	 I first stop coding in Java before logging in java stops being a mess
[16:16:04] <zpapierski>	 or die of old age (might be the same date)
[16:16:12] <zpapierski>	 s/I/I'll
[16:16:24] <gehel>	 logback-wdqs-blazegraph.xml has an <evaluator/> section that probably requires janino
[16:17:08] <gehel>	 we add this dependency explicitly in building the blazegraph war:
[16:17:11] <gehel>	 https://www.irccloud.com/pastebin/n3AkA1K6/
[16:17:41] <gehel>	 probably need the same in mw-auth, since we use that same weird logback config file
[16:19:03] <ebernhardson>	 ok i can probably figure out how to get the deps moved over
[16:19:34] <gehel>	 traced back to T197645
[16:19:35] <stashbot>	 T197645: Make WDQS logs less verbose - https://phabricator.wikimedia.org/T197645
[16:21:13] <gehel>	 honestly, those evaluators are a pretty convoluted way of making log less verbose. A clean up of those logback config files would be nice
[16:23:44] <ebernhardson>	 i'm not really sure what else would do? I guess can look into options
[16:24:26] <gehel>	 I'm afraid that the alternative is fix Blazegraph to not log gazzillion of useless messages
[16:25:32] <ebernhardson>	 so adding deps it is :)
[16:50:48] <gehel>	 weekend time! Have fun!
[17:05:09] <dcausse>	 have a nice week-end!
[18:19:45] * ebernhardson somehow never realized before that comments/reviews on gerrit patches are another per-changeid git branch inside the repo with a commit per comment
[19:14:12] <ebernhardson>	 meh, mw-oauth-proxy still not happy due to things like <filter class="org.wikidata.query.rdf.common.log.RateLimitFilter">
[19:14:19] <ryankemper>	 > — •ebernhardson somehow never realized before that comments/reviews on gerrit patches are another per-changeid git branch inside the repo with a commit per comment
[19:14:20] <ryankemper>	 oh wow
[19:14:25] <ryankemper>	 never knew that
[19:15:08] <ryankemper>	 That's actually brilliant, having it self contained in git. I've played around with using `git-notes` for similar purposes but manually done ofc
[19:15:18] <ebernhardson>	 yea, looks like each patch has a .../meta  branch with that info
[19:17:27] * ebernhardson keeps pulling more deps into mw-oauth-proxy until it works
[19:23:08] <ebernhardson>	 nope, i dont think that's going to work :S Of course, logback compiling `throwable.getCause() instanceof org.openrdf.query.MalformedQueryException` can't compile, because it doesn't exist
[20:54:36] <ebernhardson>	 made wcqs1001 mostly work, patches coming up for a few things. Still have to figure out the nginx config, it looks like the auth request is matching the wrong location, but only for the readiness-probe which bypasses auth...
[23:00:53] <ebernhardson>	 sigh....commonswiki_content and commonswiki_general on eqiad are missing `coordinates` in it's mapping (codfw is fine)
[23:01:20] <ebernhardson>	 was looking into T296897
[23:01:20] <stashbot>	 T296897: Eqiad Geosearch API queries return errors on Commons - https://phabricator.wikimedia.org/T296897
[23:11:08] <ebernhardson>	 i guess restoring more indices, but monday. not today :P
[23:11:59] * ebernhardson notes this kinda ties into previous discusions we've had about a way to compare expected schemas to the real thing and know what is unexpected