[06:42:10] <wikibugs>	 10serviceops, 10Kubernetes, 10Patch-For-Review: Replace kubeyaml in deployment-charts CI - https://phabricator.wikimedia.org/T306165 (10JMeybohm) p:05Low→03High a:03JMeybohm
[08:17:44] <wikibugs>	 10serviceops, 10Patch-For-Review: Migrate node-based services in production to node16 - https://phabricator.wikimedia.org/T308371 (10Marostegui)
[08:19:13] <wikibugs>	 10serviceops, 10Continuous-Integration-Infrastructure, 10SRE, 10Patch-For-Review: contint/releases/hosts with helm installed: puppet - Could not find group deployment - https://phabricator.wikimedia.org/T307740 (10Marostegui) p:05Triage→03Medium
[10:13:53] <_joe_>	 https://isovalent.com/blog/post/2022-05-16-tetragon seems very interesting
[11:59:00] <question_mark>	 ~.
[11:59:06] <question_mark>	 :)
[12:05:02] <wikibugs>	 10serviceops, 10Security-Team, 10GitLab (CI & Job Runners), 10Patch-For-Review, and 2 others: Setup GitLab Runner in trusted environment - https://phabricator.wikimedia.org/T295481 (10Jelto) I added a first version on how to get access to Trusted Runners.
[12:14:42] <wikibugs>	 10serviceops, 10Security-Team, 10GitLab (CI & Job Runners), 10Patch-For-Review, and 2 others: Setup GitLab Runner in trusted environment - https://phabricator.wikimedia.org/T295481 (10Jelto) ## Trusted Runner automation and access request  I added a first version on how to get and manage access to Trusted...
[12:16:35] <wikibugs>	 10serviceops, 10Security-Team, 10GitLab (CI & Job Runners), 10Patch-For-Review, and 2 others: Setup GitLab Runner in trusted environment - https://phabricator.wikimedia.org/T295481 (10Jelto)
[13:23:11] <wikibugs>	 10serviceops, 10Generated Data Platform, 10Image-Suggestions, 10SRE, and 2 others: Blubber setup for Image Suggestions Service - https://phabricator.wikimedia.org/T305155 (10hnowlan)
[15:49:31] <atdt>	 what is janis's nickname on irc?
[15:50:21] <jayme>	 atdt: jayme :)
[15:51:37] <atdt>	 aha! have you met maryyang yet? she's also a google.org fellow. we're looking at defining metrics and SLIs for wikifunctions and had some questions.. can we schedule some time with you? :)
[15:52:09] <ori>	 atdt = ori, sorry.
[15:52:54] <jayme>	 your cloak revealed you :)
[15:53:12] <maryyang>	 Hi Janis!
[15:53:19] <jayme>	 no, I haven't met her yet - hi maryyang o/
[15:54:28] <jayme>	 we can ofc shedule something. But depending on your TZ I fear that might not work before Thursday.
[15:55:29] <jayme>	 if async works for you as well you can ofc. drop me a mail
[15:56:43] <jayme>	 if the questions are more in the details of the node service template I will probably have to check back with somebody anyways :)
[16:25:24] <maryyang>	 jayme: Cool, thanks! My questions are somewhat general about how metrics monitoring is done (e.g. the data/work flow). I can send an email with the questions and see if some can be answered async. What's your email address? 
[16:29:43] <jayme>	 maryyang: jmeybohm@wikimedia.org - the very top level answer is: prometheus metrics being generated by the service (as well as an envoy instance running alongside) and scraped by our infra every N seconds 
[17:25:57] <wikibugs>	 10serviceops, 10Kubernetes, 10Patch-For-Review: Replace kubeyaml in deployment-charts CI - https://phabricator.wikimedia.org/T306165 (10JMeybohm) kubeconform debian package is ready as well (needs gerrit repo etc.) but I'm not sure about the best way to deal with the kubernetes json schema (the repo is quite...
[18:53:06] <wikibugs>	 10serviceops, 10Beta-Cluster-Infrastructure: Automatically update Docker containers on Beta Cluster - https://phabricator.wikimedia.org/T308598 (10ori)
[19:17:22] <urandom>	 is there anyone around that could help me with a +2 on labs/private (https://gerrit.wikimedia.org/r/c/labs/private/+/791667)?
[19:18:12] <urandom>	 It's adding keys & certs for the first time, so should be really safe ;)
[20:24:16] <mutante>	 yea, looking now
[20:34:37] <urandom>	 mutante: thank you!
[20:34:48] <mutante>	 urandom: merged with comments. most of the time people don't even bother to create "real fake" certs for labs/private and just put "snake oil" or something into a .crt file to make the compiler work. Those certs you made actually match the host names, spot checked a few. But of course you are going to create different ones for the real private repo.right? I see they don't exist there yet but 
[20:34:54] <mutante>	 assume that is part of the plan. You just want to make https://gerrit.wikimedia.org/r/c/operations/puppet/+/791663/ compile
[20:35:10] <mutante>	 you can try to compile that again now
[20:35:25] <mutante>	 syncing puppetmasters is done
[20:35:26] <urandom>	 yes, exactly
[20:35:45] <mutante>	 *nod* all good