[10:05:41] <elukey>	 hello on-clalers
[10:05:43] <elukey>	 uff
[10:05:46] <elukey>	 retrying
[10:05:50] <elukey>	 hello on-callers! :D
[10:06:28] <elukey>	 I am merging https://gerrit.wikimedia.org/r/c/operations/puppet/+/1090450, that should disallow calls to the docker registry's catalog (/v2/_catalog) from the outside internet
[10:23:09] <elukey>	 of course I am totally stupid, nginx on registry nodes will always see a 10.x IP for the request, since from the outside il will come from cpxxxx hosts
[10:23:17] * elukey cries in a corner
[13:29:22] <_joe_>	 elukey: the edge forwards the original client ip in X-Client-IP IIRC
[13:30:33] <elukey>	 _joe_ I think so yes, either we add a requestctl rule (probably easier) or something in the nginx config that inspects xff or x-client-ip
[13:30:58] <_joe_>	 I wouldn't use requestctl for this kind of stuff though :)
[13:31:32] <elukey>	 yep agreed but it is easier for sure :) context in https://phabricator.wikimedia.org/T378618
[17:26:26] <andrewbogott>	 jhathaway, moritzm, is the 'puppet-dev' project still useful?  It is unclaimed on https://wikitech.wikimedia.org/wiki/News/Cloud_VPS_2024_Purge and has lots of VMs in it.
[17:28:45] <jhathaway>	 andrewbogott: I have not been actively using it, I'm not sure if moritzm has
[18:54:55] <ebernhardson>	 when reimaging a server with os and data partitions, is it possible to retain the data partition? It's not critical, but it would save a couple hours of data transfer per host
[18:55:54] <cdanis>	 generally yes, it's possible
[18:58:23] <ebernhardson>	 hmm, is it also automatable? I'm trying to put together a plan for migrating ~100 hosts and reimaging seems cleanest. I probably have to work up some changes to our rolling restart to have a reimage task that i would integrate this into, maybe
[18:59:48] <cdanis>	 short answer 'yes' with an 'if', long answer 'no' with a 'but'
[19:00:25] <ebernhardson>	 lol, sounds about right :)
[19:01:02] <cdanis>	 is it okay if retaining the data doesn't always work?
[19:01:24] <ebernhardson>	 yea, this is a cluster that keeps copies of data, it will just have to bring in ~500GB over the network
[19:01:52] <cdanis>	 oh not even that bad
[19:05:20] <cdanis>	 ebernhardson: do you know the partman recipe being used on these hosts atm?
[19:06:48] <ebernhardson>	 cdanis: hmm, not sure. Certainly it varies. cloudelastic* and relforge* servers have many hdds, elastic* servers have a couple ssds, checking puppet
[19:09:33] <ebernhardson>	 looks like `partman/{standard,raid10-6dev}.cfg`, `partman/{standard,raid0}cfg`, `partman/{standard,raid0,raid0-2dev}.cfg`, `partman/{standard,raid10-4dev}.cfg` depending on server
[19:10:25] <cdanis>	 heh well for some of those there exists a `reuse-` variant like `reuse-raid10-4dev.cfg`
[19:10:56] <cdanis>	 there's documentation of sorts in https://gerrit.wikimedia.org/r/plugins/gitiles/operations/puppet/+/refs/heads/production/modules/install_server/files/autoinstall/scripts/reuse-parts.sh
[19:11:07] <ebernhardson>	 cdanis: excellent, thanks
[19:21:28] <moritzm>	 andrewbogott: welcome back! I haven't been actively using puppet-dev in 2024, this was the initial test bed for a lot of Puppet 7 work, but now that everything runs in prod I think it can go away
[19:22:05] <andrewbogott>	 OK. can you mark the linked page with a note about keeping or deleting?  thanks!  https://wikitech.wikimedia.org/wiki/News/Cloud_VPS_2024_Purge
[19:22:05] <moritzm>	 either removing all VMs in there and keeping it or nuking the project altogether works for me
[19:22:13] <moritzm>	 will do