[08:59:52] morning, I have a question about Spicerack / cookbook. I have the use case of writing a cookbook to archive repositories in Gerrit and eventually enhance that to migrate them to gitlab. So I thought maybe I could implement the runbook with cookbook [09:00:40] but reading the doc on wikitech , that requires access to the cumin hosts and it looks like that requires root access. Most probably cause that uses cumin which grant full root everywhere [09:01:14] so my question is could I use cookbook as a mortal user potentially from the deployment servers, assuming the runbook does not have to run any command over cumin [09:01:23] hashar: https://phabricator.wikimedia.org/T244840 [09:01:47] or do we have a recommended alternative to write a runbook which does not involve me writing a bash script from scratch or having to introduce Ansible to the stack :D [09:02:28] hashar: Riccardo would be the most suited to help you but he is out today [09:02:55] hashar: do you already have the list of steps the cookbook would need to complete? [09:03:55] more or less but indeed I should write them down :] [09:04:19] the rough idea is to do a bunch of REST API requests against Gerrit / Gitlab to do whatever is needed [09:04:29] so doesn't need the cumin/spicerack orchestration [09:04:50] I guess I will first write the runbook in human language then reach out to Volans to find out what I can use to implement it [09:05:16] given I want to avoid implement a specific solution in python/bash if something is already existing ;] [09:07:44] yep, sounds like a great plan! [09:16:04] I'M looking through the remaining refreshes for IF. There's one item for hppxetest2001, I have zero context about this, but https://phabricator.wikimedia.org/T304851 makes it sound like this was a one off test and we don't need this server in the long term/refreshed? [09:17:59] Can't see it needs to be refreshed, my understanding is it was a PXE test, deliberately on old HP hardware to validate our reimage worked for htat, so being "old" is actually the point of it. [09:18:22] moritzm: I'd agree, yeah, unless the host it used to be needs a refresh. I also can't find it in Netbox. Check with Papaul to be 100% sure [09:18:41] k, thanjs [09:19:17] one other node: refresh for cumin1001 is up, do we expect any use case for which is might need 10G? can't think of any, but let me know if anyone disagrees [09:24:13] moritzm: is the host used for "scp -3" kind of transfer? [09:27:44] at least I'm not aware of any existing cookbook which does that [09:28:08] I'll quickly check with Jaime, he's the most likely candidate to shuffle data around I suppose [09:31:22] other than that yeah I don't see any need for 10G [09:32:19] thanks. same for my side. I've also asked in -data-persistence for their needs [09:33:07] there is maybe also a case for not wanting big data transfer to go through the cumin hosts and rsync (or similar) directly from host to host [10:04:28] TIL: "scp -3" [10:04:53] Agree don't know of a reason cumin would need 10G link [10:05:18] * volans|off is not here but agrees [10:05:48] 10SRE-tools, 10Infrastructure-Foundations, 10Spicerack, 10Patch-For-Review: sre.hosts.reimage cookbook dosn't like different LC_ALL environments - https://phabricator.wikimedia.org/T307565 (10jbond) 05Open→03Resolved a:03jbond We have now disabled sending and accepting LANG and LC environment variabl... [10:21:02] 10netbox, 10Infrastructure-Foundations: Make more extensive use of Netbox custom fields - https://phabricator.wikimedia.org/T305126 (10ayounsi) [11:09:51] 10SRE-tools, 10Infrastructure-Foundations, 10serviceops: Add a kubernetes module to spicerack - https://phabricator.wikimedia.org/T300879 (10Joe) 05Open→03Resolved [11:36:23] 10netops, 10Infrastructure-Foundations, 10Prod-Kubernetes, 10SRE: Agree strategy for Kubernetes BGP peering to top-of-rack switches - https://phabricator.wikimedia.org/T306649 (10akosiaris) >>! In T306649#7921343, @cmooney wrote: >> Even in the legacy setup (pre row e/f) adding new nodes requires manual er... [13:36:52] 10netops, 10Infrastructure-Foundations, 10Prod-Kubernetes, 10SRE: Agree strategy for Kubernetes BGP peering to top-of-rack switches - https://phabricator.wikimedia.org/T306649 (10elukey) >>! In T306649#7926930, @akosiaris wrote: >> >> If the idea is ok, I'd propose to use labels like `wikimedia.org/node-l... [16:11:13] 10netops, 10Infrastructure-Foundations, 10Prod-Kubernetes, 10SRE: Agree strategy for Kubernetes BGP peering to top-of-rack switches - https://phabricator.wikimedia.org/T306649 (10akosiaris) >>! In T306649#7927197, @elukey wrote: > Ack I think that it makes sense. Just to understand the mapping, at the mom... [17:22:40] 10Mail, 10Infrastructure-Foundations, 10SRE, 10Znuny, 10fundraising-tech-ops: move donation,donate, donations (otrs, wikimania) exim aliases from SRE to ITS - https://phabricator.wikimedia.org/T297915 (10bcampbell) Hey @Dzahn I heard back from Advancement and they're ready to move on this. They have a ma... [18:23:46] 10Mail, 10Infrastructure-Foundations, 10SRE, 10Znuny, 10fundraising-tech-ops: move donation,donate, donations (otrs, wikimania) exim aliases from SRE to ITS - https://phabricator.wikimedia.org/T297915 (10Dzahn) Hi @bcampbell Thanks for the update! sounds good to me. Do they have a specific time set for t... [19:51:47] 10Mail, 10Infrastructure-Foundations, 10SRE, 10Znuny, 10fundraising-tech-ops: move donation,donate, donations (otrs, wikimania) exim aliases from SRE to ITS - https://phabricator.wikimedia.org/T297915 (10bcampbell) That makes sense @Dzahn. I'll check in again on this task on the 16th. Advancement told m...