[09:15:57] jbond: from the Netbox Slack: "we're looking at adding native SSO/2FA support in NetBox. I've opened #7649 as the proposal. if anyone has a specific use case they think is not addressed by the python-social-auth library, please comment! https://github.com/netbox-community/netbox/issues/7649" [09:18:15] topranks: From the Netbox Slack "Coming in NetBox v3.1: Live config changes!" https://usercontent.irccloud-cdn.com/file/bt1QsDu6/NetBox%20config%20revisions.gif [09:19:43] oh nice! [09:19:51] thanks... very timely too :) [09:21:10] I think the Dolt / rollback that Nautobot says is coming looks slightly nicer, based on their screenshot, cos it shows the "diff". [09:21:12] why should live config changes be useful for us? [09:21:26] those seems to be just netbox changes, that we manage via puppet [09:22:19] indeed, but if something goes wrong with a script or something is it not a "nice to have"? [09:22:59] The "Dolt" option, with a git repo where you can view the changes and sort of re-trace "what happened here", or "what was the state of this 1 month ago" I could see being useful [09:23:08] personally I would disable them :D because either you manage configs via puppet or via UI, with both is a recipe for a mess [09:23:13] Dolt is a completely different thing [09:23:14] I agree volans that in our use-case it's non-essential. [09:23:30] it's diff of data changes, not config [09:24:49] sry perhaps looking at this incorrectly - above gif is only tracking changes to the *netbox config* ? that's not really super-useful. [09:25:09] that's what I got, yes, hence my comment :) [09:25:49] volans: my undertanding is that it allows to version the data in Netbox [09:26:53] XioNoX: that seems just netbox's own config [09:27:11] ok, then yes, not useful :) [09:27:24] I was trying to find the commits or the GH issue [09:29:15] https://github.com/netbox-community/netbox/pull/7778 [09:29:18] yeah looks like it [09:30:32] XioNoX: ack thanks, looks like they are using the same library for SSO as nautobot (https://nautobot.readthedocs.io/en/latest/configuration/authentication/sso/), and although cas is not listed it supports both Oauth and OpenID hwoever it may be worth seeing if we could add cas support to python-social-auth [09:30:59] ah ok. On the SSO thing, the proposed Netbox SSO and the Nautobot SSO both use python-social-auth, which doesn't list CAS as supported: [09:30:59] https://python-social-auth.readthedocs.io/en/latest/backends/index.html [09:31:02] it supports both Oauth and OpenID ... so we should be able to work with it fine :) [09:31:15] jbond: maybe we could comment there so that Netbox itself pushes for CAS to python-social-auth [09:31:18] topranks: lol timing [09:31:21] and might have more traction than us [09:31:35] Thanks John, yeah there is a section above on that, probably can be integrated. [09:31:36] ack sounds good ill add a comment in a bit [09:31:40] https://github.com/python-social-auth/social-core/issues/336 [09:32:29] thanks XioNoX although it was closed 18 months ago which is not that promesing [09:33:57] yep :) [09:58:47] 10netops, 10Infrastructure-Foundations, 10SRE, 10Patch-For-Review: Use next-hop-self for iBGP sessions - https://phabricator.wikimedia.org/T295672 (10cmooney) Ok to try to get more clarity on the situation I briefly re-enabled the cr1-eqiad to cr2-eqord BGP session. But despite this I am not really seeing... [10:57:13] 10Puppet, 10DBA, 10Data-Engineering, 10Infrastructure-Foundations: Split mariadb::dbstore_multiinstance into 2 separate roles (backup sources and analytics) - https://phabricator.wikimedia.org/T296285 (10jcrespo) [10:57:37] 10Puppet, 10DBA, 10Data-Engineering, 10Infrastructure-Foundations: Split mariadb::dbstore_multiinstance into 2 separate roles (backup sources and analytics) - https://phabricator.wikimedia.org/T296285 (10jcrespo) [10:58:47] 10Puppet, 10DBA, 10Data-Engineering, 10Infrastructure-Foundations: Split mariadb::dbstore_multiinstance into 2 separate roles (backup sources and analytics) - https://phabricator.wikimedia.org/T296285 (10jcrespo) ^What do you think #data-engineering people? [11:03:31] 10Puppet, 10DBA, 10Data-Engineering, 10Infrastructure-Foundations: Split mariadb::dbstore_multiinstance into 2 separate roles (backup sources and analytics) - https://phabricator.wikimedia.org/T296285 (10BTullis) Thanks @jcrespo - I'm happy with that proposed change and with the naming convention. > ...pro... [11:06:12] 10Puppet, 10DBA, 10Data-Engineering, 10Infrastructure-Foundations: Split mariadb::dbstore_multiinstance into 2 separate roles (backup sources and analytics) - https://phabricator.wikimedia.org/T296285 (10jcrespo) > it will give us greater flexibility if and when we want the dbstore* and db* configurations... [11:10:34] 10Puppet, 10DBA, 10Data-Engineering, 10Infrastructure-Foundations: Split mariadb::dbstore_multiinstance into 2 separate roles (backup sources and analytics) - https://phabricator.wikimedia.org/T296285 (10BTullis) Understood, thanks. Well I'm on-board with it. [11:37:35] This answers the question about Netbox and MySQL https://usercontent.irccloud-cdn.com/file/eS4r1hnU/Screenshot%20from%202021-11-23%2012-37-03.png [11:39:59] lol [11:40:50] also looks like someone creates a device with a front and back port... ...for each SFP [11:48:43] heh, yeah I seen that approach for breakout cables, you can have 1:N mapping of front and back ports I think. [11:49:14] For regular SFPs? Wow that person loves causing themselves pain [11:49:40] XioNoX: it seems that you opened a pandora's box with that slack channel :D [11:49:57] haha true [11:50:28] we can see the current pain going on: [11:50:28] "I would love to see more people picking up bugs so that I might have time to look at things like that :slightly_smiling_face: [11:50:28] :slightly_smiling_face: [11:50:28] the past 30 days" [11:51:06] er, "140 new issues in the past 30 days" [11:51:20] lots of conversation on how to model SFPs [12:05:44] volans: cookbook works fine now, thanks for quick the reviews :-) [12:06:13] glad it works! [12:07:00] there's still a usability issue I'll fix later: for this use case we only need to select the cluster (to obtain the master), but row information is irrelevant [12:08:05] you can use the keys in CLUSTERS_AND_ROWS only [12:08:14] and not use the get_location function [12:09:59] yeah, that [12:39:32] moritzm: actually, you don't need that info [12:41:42] netbox_host = spicerack.netbox_server('pybal-test2003') [12:41:43] netbox_host.as_dict()['cluster']['name'] [12:41:47] 'ganeti01.svc.codfw.wmnet' [12:47:32] oh, that's great! will amend in a bit [14:44:42] 10Puppet, 10Infrastructure-Foundations: Add check for puppetboard - https://phabricator.wikimedia.org/T296304 (10jbond) p:05Triage→03Medium [19:11:09] 10Puppet, 10Infrastructure-Foundations, 10Testing-Roadblocks: Allow using WMCS hiera lookup order in Puppet rspec tests - https://phabricator.wikimedia.org/T296327 (10Majavah) [19:11:25] 10Puppet, 10Infrastructure-Foundations, 10Testing-Roadblocks: Allow using WMCS hiera lookup order in Puppet rspec tests - https://phabricator.wikimedia.org/T296327 (10Majavah) [19:11:29] 10Puppet, 10Cloud-VPS, 10Infrastructure-Foundations, 10User-dcaro, and 2 others: Add more rspec test to the puppet code - https://phabricator.wikimedia.org/T289668 (10Majavah) [19:11:35] 10Puppet, 10Cloud Services Proposals, 10Cloud-VPS, 10Infrastructure-Foundations, and 3 others: Easing pain points caused by divergence between cloudservices and production puppet usecases - https://phabricator.wikimedia.org/T285539 (10Majavah) [19:12:24] 10Puppet, 10Infrastructure-Foundations, 10Testing-Roadblocks, 10User-jbond: Allow using WMCS hiera lookup order in Puppet rspec tests - https://phabricator.wikimedia.org/T296327 (10jbond) p:05Triage→03High [19:13:41] 10Puppet, 10Infrastructure-Foundations, 10Testing-Roadblocks, 10User-jbond: Allow using WMCS hiera lookup order in Puppet rspec tests - https://phabricator.wikimedia.org/T296327 (10jbond) p:05High→03Medium