[08:56:33] <wikibugs>	 10SRE-tools, 10Infrastructure-Foundations, 10Prod-Kubernetes, 10SRE, and 2 others: Write a cookbook to set a k8s cluster in maintenance mode - https://phabricator.wikimedia.org/T277677 (10JMeybohm)
[08:56:39] <wikibugs>	 10SRE-tools, 10Infrastructure-Foundations, 10SRE, 10Spicerack, and 2 others: Spicerack cookbooks TODO list - https://phabricator.wikimedia.org/T203943 (10JMeybohm)
[08:56:49] <wikibugs>	 10SRE-tools, 10Infrastructure-Foundations, 10Prod-Kubernetes, 10SRE, and 3 others: Create a cookbook for depooling one or all services from one kubernetes cluster - https://phabricator.wikimedia.org/T260663 (10JMeybohm) 05Open→03Resolved Merged as `sre.k8s.pool-depool-cluster`
[09:03:02] <wikibugs>	 10netops, 10Infrastructure-Foundations, 10SRE, 10Patch-For-Review: Upgrade core routers to Junos 21+ - https://phabricator.wikimedia.org/T295690 (10ops-monitoring-bot) Icinga downtime and Alertmanager silence (ID=927fadc1-f5b2-478f-95ce-98bfc47881a9) set by cmooney@cumin1001 for 2:00:00 on 3 host(s) and th...
[10:31:18] <volans>	 topranks: FYI I'm preparing a homer release with the latest things pending there. But I'll wait for your all clear before deploying it to make sure it doesn't affect the current router upgrade
[10:31:32] <volans>	 so no worries if you see patches flying by
[10:31:33] <volans>	 ;)
[10:31:48] <topranks>	 volans: ok thanks 
[10:32:11] <topranks>	 I'm not sure if you need to hold off tbh, the upgrade is taking forever (there is a firmware upgrade requiring 3 reboots of each RE involved)
[10:32:22] <topranks>	 I'm almost done cr1 but cr2 yet to go
[10:32:40] <topranks>	 I can run homer from my laptop if somehow it breaks on cumin hosts, so I'd say you go ahead
[10:33:17] <volans>	 thanks, but I'm sure you'll be quicker than jenkins :D
[10:33:31] <topranks>	 finally a race I might actually win!
[10:33:43] <volans>	 lol
[11:37:36] <wikibugs>	 10Mail, 10Infrastructure-Foundations, 10SRE: Wikipedia.org DMARC "rua" and "ruf" email addresses need verification - https://phabricator.wikimedia.org/T211401 (10Jgreen) 05Open→03Resolved a:03Jgreen ;; ANSWER SECTION: w.wiki._report._dmarc.wikimedia.org. 3600 IN TXT "v=DMARC1;"  ;; ANSWER SECTION: wiki...
[12:34:10] <wikibugs>	 10Mail, 10Infrastructure-Foundations, 10fundraising-tech-ops: Investigate in-house DMARC analysis tool options - https://phabricator.wikimedia.org/T317443 (10Jgreen)
[14:20:37] <topranks>	 volans: sorry that took so long, process is tedious in the extreme on those ones.
[14:21:04] <volans>	 I got sidetracked to various other things, did the relase on the homer repo not yet started on the deploy repo... :D
[14:21:10] <volans>	 so you won!
[14:21:14] <topranks>	 haha :)
[14:25:21] <topranks>	 volans: if you had a second could you +1 the re-pool of codfw: https://gerrit.wikimedia.org/r/c/operations/dns/+/831889
[14:25:29] <topranks>	 (sorry to pick on you but given you're active)
[14:26:11] <volans>	 sure
[14:26:31] <volans>	 btw for those is quicker to hit the 'revert' button in gerrit
[14:26:50] <volans>	 and also leave a trace of the depool + revert in both places
[14:26:58] <topranks>	 cool thanks.  and yeah true never sure what's best
[14:27:09] <volans>	 +1ed
[14:27:33] <topranks>	 hmm ok - I was incorrectly thinking two patches would leave a better audit trail but good to know revert is actually better for that 
[14:27:35] <topranks>	 nice one :)
[14:27:54] <volans>	 the revert button on gerrit does create a new patch
[14:28:11] <volans>	 just links it to the previous and there is a revert: .... title
[14:29:02] <volans>	 like this one: https://gerrit.wikimedia.org/r/c/operations/dns/+/830575
[14:29:13] <volans>	 look who craeted it :-P
[14:40:35] <wikibugs>	 10netops, 10Infrastructure-Foundations, 10SRE, 10Patch-For-Review: Upgrade core routers to Junos 21+ - https://phabricator.wikimedia.org/T295690 (10cmooney) cr1-codfw and cr2-codfw sucessfully upgraded today.  Took a while with the firmware upgrades too, I've added some notes [[https://wikitech.wikimedia.o...
[15:08:29] <volans>	 topranks: is now a good time to deploy homer?
[15:11:49] <topranks>	 volans: yep now is good I won’t need it for the next while
[15:11:51] <topranks>	 Thanks
[15:11:59] <volans>	 great, proceeding, thx
[15:22:17] <volans>	 topranks: have you ever seen this error?
[15:22:17] <volans>	 Failed to commit check on cr1-drmrs.wikimedia.org: 'utf-8' codec can't decode byte 0xe0 in position 10: invalid continuation byte
[15:22:39] <volans>	 is junos returning not-utf8 stuff?
[15:44:23] <jbond>	 volans: i think XioNoX has hit this error before but it seemed transient
[15:58:34] <volans>	 jbond: ack, thx, it doesn't seem transient though
[15:58:44] <volans>	 and the CRs have been upgraded
[15:58:55] <topranks>	 Sorry was afk
[15:59:17] <volans>	 checking any other upgraded cr
[15:59:20] <topranks>	 I’ve no seen it before no
[15:59:42] <volans>	 cr1-esams works fine
[15:59:53] <topranks>	 Ulsfo, knams, eqsin MX204’s are all upgraded
[16:00:06] <volans>	 is drmrs differnt in some way?
[16:00:17] <volans>	 cr[1-2]-drmrs are both failing
[16:00:28] <volans>	 testing teh other pops
[16:00:56] <topranks>	 hmm
[16:01:05] <topranks>	 usually a homer push is one of the last upgrade steps
[16:01:28] <volans>	 Commit check error on cr2-eqsin.wikimedia.org:
[16:01:29] <volans>	 Error accessing interface container object, may not be defined
[16:01:45] <volans>	 and the diff is huge
[16:01:54] <volans>	 deleting a whole bunch of stuff
[16:02:11] <volans>	 same for cr3-eqsin
[16:02:46] <volans>	 sorry I have to go AFK for ~30 minutes...
[16:02:55] <topranks>	 99% sure I would have ran against cr3-eqsin after the upgrade to reset OSPF metrics
[16:03:01] <topranks>	 no probs I'll do a few checks see if I can find anything
[16:03:25] <volans>	 ack, thanks, i'll catch up in a bit
[16:06:09] <topranks>	 It worked ok from my laptop on cr1-drmrs
[16:06:10] <topranks>	 https://phabricator.wikimedia.org/P34627
[16:37:24] <volans>	 topranks: ok I'm back
[16:38:52] <topranks>	 ok... definitely have at least 2 issues I think, or maybe 1 issue manifesting itself in 2 odd ways
[16:38:59] <volans>	 tell me
[16:39:11] <topranks>	 A bit of info in the paste above I've added a few replies
[16:39:50] <topranks>	 netbox.device_plugin.junos_interfaces  seems to be empty, generated config misses all the interface config
[16:40:03] <topranks>	 I'm assuming that's different to the utf-8 / transport issue
[16:41:59] <volans>	 mmmh
[16:42:40] <topranks>	 I think a possible approach might be to focus on the missing interface data - get it producing the correct config - then see if the transport issue persists.
[16:43:04] <topranks>	 Transport one definitely looks odd, given it pulls the diff when running "homer commit", but throws an error when you do "homer diff" ??
[16:43:50] <volans>	 the sequence of commands is different between diff and commit
[16:44:49] <volans>	 we load the config and do a commit_check in the diff case and a commit in the commit case
[16:45:22] <topranks>	 Do we not do a "commit_check" first in the commit case to produce the interactive diff for the user?
[16:45:39] <topranks>	 (I'm sure you're right btw so ignore this red herring)
[16:45:54] <volans>	 we do self._device.cu.diff()
[16:45:59] <volans>	 to get the diff and group them
[16:46:13] <volans>	 *to be ablet to group them
[16:46:30] <topranks>	 Ok.  So no "commit check" in the "commit" case prior to it showing the user the diff.
[16:46:54] <topranks>	 My guess would be something in the generated config is throwing the box off, it's errroing on "commit check" 
[16:46:58] <volans>	 no, it does commit + commit_check though
[16:47:39] <topranks>	 Ok... so prior to the user being shown the diff when you run "homer commit" it will have run "commit check" on the device?
[16:48:17] <volans>	 no, AFAICT not before showing the diff
[16:48:27] <topranks>	 that makes some sense
[16:48:38] * volans trying to test it locally too
[16:48:43] <volans>	 why?
[16:48:52] <topranks>	 what I suspect is happening is *slightly* invalid config is being loaded.  
[16:48:59] <topranks>	 Not enough to not load, but one that fails commit check
[16:49:05] <volans>	 due to the missing ifaces/
[16:49:10] <volans>	 ?
[16:49:13] <volans>	 lol
[16:49:23] <topranks>	 actually yeah.  You can't remove the built in mgmt interface I think.
[16:49:24] <volans>	 the right amount of invalid
[16:49:31] <volans>	 :-P
[16:49:41] <topranks>	 But you can try to load that config, and it'll accept it at first cos it passes the syntax check
[16:49:50] <topranks>	 will fail "commit check" cos of something like that
[16:50:01] <volans>	 with  very clear and useful messag
[16:50:12] <topranks>	 So I think we're best to concentrate on getting the generated config correct, after which it hopefully will go away
[16:50:28] <volans>	 agree, thanks for the insight
[16:51:26] <topranks>	 let me look at the repo see what changed that might have messed up the generation
[16:51:28] <volans>	 topranks: does https://gerrit.wikimedia.org/r/c/operations/software/homer/deploy/+/826559 need to be included?
[16:51:46] <volans>	 the only other one in gerrit is the old one from you: https://gerrit.wikimedia.org/r/c/operations/software/homer/deploy/+/769729
[16:53:21] <volans>	 there where all the replacement of old funcs with get_junos_interfaces
[16:56:26] <topranks>	 The FHRP one doesn't need to be included no
[16:57:08] <topranks>	 Either does the port block one (reminder to self to merge that when all this is done for next release)
[16:57:49] <volans>	 ok
[16:58:02] <volans>	 then I guess something happened with the new get_junos_interfaces and the upgraded dependencies
[16:58:48] <volans>	 topranks: can I ask you to test something?
[16:59:04] <topranks>	 yeah of course
[16:59:13] <volans>	 in your local env, do you run homer from the .tox/py3... environments?
[17:00:50] <volans>	 or install it via pip
[17:00:54] <volans>	 or other things :D
[17:01:16] <topranks>	 "other things"
[17:01:19] <topranks>	 one sec
[17:01:42] <volans>	 basically I'd like you to save your virtualenv, create a new one that has updated deps and see if you get the same errors as prod
[17:02:23] <volans>	 as in not generating the interfaces config
[17:02:45] <volans>	 but keep your existing one to be able to run homer if needed :D
[17:03:13] <topranks>	 Yeah so when I first started I installed homer with pip.
[17:03:20] <topranks>	 and never used any virtualenv 
[17:04:24] <topranks>	 Some time later (this is embarrassing) I removed the /usr/local/lib/python3.8/dist-packages/homer dir and symlinked it to a local copy of the repo 
[17:04:40] <volans>	 ugh... :D
[17:05:01] <topranks>	 yeah, I've been meaning to sort it out.  I learnt a lot about computers and how they work in the process :)
[17:06:29] * volans doing a live test on cumin1001
[17:08:03] <volans>	 ok so self.fetch_device_interfaces() is empty
[17:11:09] <topranks>	  /srv/deployment/homer/venv-1663081981/lib/python3.9/site-packages/homer_plugins/wmf-netbox.py, on cumin, seems to be the same as I have locally on my laptop
[17:12:28] <volans>	 ok, the same API call works fine in isolation, debugging
[17:16:40] <volans>	 topranks: I might have a hunch
[17:16:42] <volans>	 testing it
[17:17:59] <volans>	 topranks: ok found it!
[17:18:05] <topranks>	 woot!
[17:18:08] <volans>	 I'll send a patch for the wmf-plugin
[17:18:14] <topranks>	 so what is it?
[17:18:45] <volans>	 https://gerrit.wikimedia.org/r/plugins/gitiles/operations/software/homer/deploy/+/refs/heads/master/plugins/wmf-netbox.py#28
[17:18:55] <volans>	 we're storing the result of a pynetbox query
[17:19:14] <volans>	 but that query is executed only when called, and returns a generator
[17:19:19] <volans>	 once you've consumed it once... it's done
[17:19:22] <volans>	 it's empty
[17:19:45] <volans>	 so if we use fetch_device_interfaces() more than once, only the first time it returns the actual data
[17:20:01] <topranks>	 that all makes sense
[17:20:12] <volans>	 I missed it in code review
[17:20:46] <topranks>	 but my local copy has that same function same way, and we get all the interfaces
[17:21:15] <volans>	 maybe old pynetbox was returning already a list?
[17:21:28] <topranks>	 ah perhaps yes
[17:23:25] <topranks>	 Some ugly debugging locally here:  TYPE IS:  <class 'list'>
[17:23:37] <topranks>	 spot on that must be chat changed
[17:23:43] <topranks>	 *what
[17:25:58] <volans>	 testing my local change quickly on cumin1001 to see if it fixes everything
[17:26:34] <volans>	 topranks: I get https://etherpad.wikimedia.org/p/volans-tmp2
[17:26:40] <volans>	 for cr2-drmrs diff
[17:27:09] <topranks>	 FWIW I just upgraded Pynetbox locally and it's now doing the same thing (producing config with empty interfaces{})
[17:27:55] <topranks>	 volans; ok that's working, OSPF interface costed out that I expect is an oversight from one of the router upgrades
[17:28:07] <topranks>	 Don't push that to the router - try cr1-drmrs should be no diff I think
[17:28:24] <topranks>	 I'll work out what's up with the diff for cr2-drmrs, probably safe to change
[17:29:22] <volans>	 https://gerrit.wikimedia.org/r/c/operations/software/homer/deploy/+/831936 for the fix
[17:29:43] <volans>	 I'm just doing diffs, I'll leave the commits to you :D
[17:29:45] <volans>	 testing cr1
[17:30:02] <volans>	 no diff
[17:30:32] <topranks>	 You can push that commit to cr2-drmrs if you want to test a real commit?
[17:30:41] <topranks>	 Otherwise leave it to me I'll do it shortly
[17:30:42] <volans>	 is that ok to push?
[17:30:45] <topranks>	 yep
[17:30:50] <volans>	 ack doing
[17:31:49] <volans>	 committed successfully
[17:31:56] <topranks>	 woot :)
[17:32:02] * volans checking homer's code if we do the same mistake
[17:33:15] <volans>	 no, all good there we either convert results on the fly (return [dict(i) for i in self._api....])
[17:33:26] <volans>	 or loop them inline: for foo in self._api.....
[17:33:44] <volans>	 I'll merge and deploy the fix for the plugin then
[17:34:18] <volans>	 and re-test a * diff
[17:35:00] <volans>	 topranks: I think you can consider yourself free to leave now ;) thanks a lot for the help! quickly finding the missing ifaces
[17:35:35] <topranks>	 nice work!
[17:36:09] <topranks>	 I pulled your updated wmf-plugin.py locally and homer is now working with the updated pynetbox :)
[17:36:16] <volans>	 nice
[17:45:04] <volans>	 plugin deployed, testing homer '*' diff
[17:48:21] * topranks hold's his breath
[17:56:55] <volans>	 it's now at the CRs... so far so good
[17:57:10] <topranks>	 nice :)
[17:57:16] <volans>	 if you can hold your breath for a homer '*' diff that's a guinness world record :D
[17:57:57] <topranks>	 hahaha
[18:02:23] <volans>	 mr1-codfw timedout, and that's what I actually wanted to test/debug...
[18:02:27] <volans>	 I'll guess that's for tomorrow now
[18:02:44] <topranks>	 ah ok
[18:03:02] <topranks>	 no diffs on the CRs?  
[18:15:36] <volans>	 topranks: to close the loop, no diffs on the CRs, I got a a diff for lsw1-e1-eqiad, lsw1-e2-eqiad, lsw1-f2-eqiad and then diffs for all mr1-* (that also timedout)
[18:28:59] <topranks>	 Hmm ok
[18:29:22] <topranks>	 I’ll have a look a little later thanks
[18:30:35] <volans>	 thanks
[18:30:41] <volans>	 I'll look at the mr* tomorrow
[18:59:13] <topranks>	 LSW's diffs pushed.  Not sure why but some interfaces weren't in the sflow{} section, even though they were enabled at the port level.
[19:00:17] <topranks>	 Likely some quirk to do with when the templates were updated vs. when homer was run on them.  Not worth losing time on I think.
[19:13:52] <volans>	 ack, thx