1-50 of 106 results (13ms)
2020-06-26 §
21:57 <bstorm> applied the metrics manifests to kubernetes to enable metrics-server, cadvisor, etc. T256361 [paws]
2020-06-25 §
22:52 <bstorm> created paws-k8s-worker-5/6/7 as x-large nodes to bring the cluster up to roughly the same capacity as the existing one using soft anti-affinity T211096 T253267 [paws]
22:43 <bstorm> bumped quota up to 24 instances, 128 GB RAM and 56 cores T211096 [paws]
16:39 <bstorm> deleted the deployhook from the in-progress new cluster for now just in case T211096 [paws]
15:44 <bstorm> deployed a proof-of-concept paws-public setup in the new cluster T255997 [paws]
2020-06-24 §
23:18 <bstorm> added A record for *.paws.wmcloud.org to public and hub to use T211096 T255997 T195217 [paws]
21:45 <bstorm> doing an initial rsync of the paws userhomes to the new project T160113 [paws]
2020-06-19 §
10:00 <arturo> enabled `paws.wmflabs.org` and `*.paws.wmflabs.org` as valid ingress domains (acme-chief TLS cert, haproxy, etc) (T195217) [paws]
2020-06-17 §
21:51 <bstorm_> upgraded chart in the new cluster to include resource limits T251298 [paws]
21:51 <bstorm_> upgraded chart in the new cluster to include resource limits [paws]
2020-06-16 §
15:48 <arturo> change DNS record k8s.svc.paws.eqiad1.wikimedia.cloud to point to the haproxy VIP port address 172.16.1.171 (T195217) [paws]
15:47 <arturo> associate floating IP 185.15.56.57 with haproxy VIP port (T295217) [paws]
15:43 <arturo> allow traffic to haproxy VM ports from the VIP port: `sudo wmcs-openstack port set --allowed-address ip-address=172.16.1.171 1b40be58-7182-41aa-95ce-797f94f83d66` (T295217) [paws]
15:43 <arturo> allow traffic to haproxy VM ports from the VIP port: `sudo wmcs-openstack port set --allowed-address ip-address=172.16.1.171 9ccc43d9-1a8a-4287-afda-67e8bab27a9f` (T295217) [paws]
15:37 <arturo> `aborrero@cloudcontrol1004:~ 1 $ sudo wmcs-openstack --os-project-id=paws port create --network 7425e328-560c-4f00-8e99-706f3fb90bb4 paws-haproxy-vip` (T295217) [paws]
15:23 <arturo> live-hacking paws-puppetmaster-01 with https://gerrit.wikimedia.org/r/c/operations/puppet/+/605944 for T195217 [paws]
2020-06-15 §
15:59 <arturo> created DNS record `deploy-hook.paws.wmcloud.org IN CNAME paws.wmcloud.org` (T195217) [paws]
12:27 <arturo> manually created an Ingress object to test routing to the hub (T195217) [paws]
12:20 <arturo> created DNS record `paws.wmcloud.org IN A 185.15.56.57` (T195217) [paws]
12:18 <arturo> associate floating IP 185.15.56.57 with VM paws-k8s-haproxy-1 (T195217) [paws]
12:18 <arturo> release floating IP not in use: 185.15.56.42 [paws]
12:18 <arturo> release floating IP not in use: 185.15.56.43 [paws]
11:45 <arturo> reset wikitech user password for the service account `paws-dns-manager` to what is in labs/private.git/hieradata/common.yaml `profile::acme_chief::cloud::designate_sync_password` (T195217) [paws]
2020-06-12 §
18:49 <bstorm_> deployed a test of paws chart in the new cluster T211096 [paws]
13:23 <arturo> assigned the DNS zone `paws.wmcloud.org` (T195217) [paws]
13:13 <arturo> live-hacking session in the puppetmaster ended [paws]
13:05 <arturo> live-hacking puppet tree in paws-puppetmaster-01 for T195217 [paws]
11:55 <arturo> `aborrero@cloudcontrol1004:~ $ sudo wmcs-openstack role add --user paws-dns-manager --project paws observer` (T255252) [paws]
11:55 <arturo> `aborrero@cloudcontrol1004:~ $ sudo wmcs-openstack role add --user paws-dns-manager --project paws designateadmin` (T255252) [paws]
11:51 <arturo> created service account `paws-dns-manager` in wikitech (T255252) [paws]
11:31 <arturo> introduced acme-chief private data into labs/private in paws-puppetmaster-01 (T255252) [paws]
11:02 <arturo> created puppet prefix 'paws-acme-chief' (T255252) [paws]
11:01 <arturo> created VM paws-acme-chief-01 (T255252) [paws]
2020-06-11 §
11:11 <arturo> deployed nginx-ingress for some early testing (not definitive) with code https://github.com/crookedstorm/paws/commit/bee62b3fd57f9804aa27e7b8b41fde50bd93df94 (T195217) [paws]
10:15 <arturo> added role (just a label) for ingress nodes: `kubectl label node paws-k8s-ingress-1 kubernetes.io/role=ingress` (T195217) [paws]
2020-06-04 §
14:16 <arturo> added node taints to ingress nodes: `kubectl taint nodes paws-k8s-ingress-1 ingress=true:NoSchedule` (T195217) [paws]
12:18 <arturo> bootstrapped paws-k8s-ingress nodes, added them to the k8s cluster (T195217) [paws]
12:04 <arturo> created `paws-k8s-ingress` puppet prefix and add the `role::wmcs::paws::k8s::worker` role (T195217) [paws]
12:02 <arturo> created 2 medium VM instances: paws-k8s-ingress-1 and paws-k8s-ingress-2 with haproxy anti-affinity (T195217) [paws]
2020-05-26 §
22:34 <bstorm_> restored the deployment for maintain-kubeusers so anyone added to the paws.admin group will have admin on the cluster now that the bug is fixed T211096 T246059 [paws]
22:05 <bstorm_> temporarily deleted the deployment for maintain-kubeusers pending patch to fix context creation for new admin accounts T211096 T246059 [paws]
22:04 <bstorm_> created paws-focused PodSecurityPolicies and the prod namespace in the new cluster T211096 [paws]
22:03 <bstorm_> created paws.admin group and kubernetes admin accounts on the new k8s cluster T211096 T246059 [paws]
18:29 <bstorm_> bootstrapped the new control plane nodes T211096 [paws]
15:27 <bstorm_> updated profile::wmcs::kubeadm::kubernetes_version to 1.16.10 for cluster init T211096 [paws]
2020-05-21 §
23:04 <bstorm_> added profile::wmcs::kubeadm::k8s::encryption_key and profile::wmcs::kubeadm::k8s::node_token to labs/private T211096 [paws]
14:53 <bstorm_> adding the hiera values to horizon for bootstrapping k8s T211096 [paws]
14:39 <arturo> point record `k8s.svc.paws.eqiad1.wikimedia.cloud` to `172.16.1.186` (which is paws-k8s-control-1, for the initial bootstrap) (T211096) [paws]
12:48 <arturo> created record `k8s.svc.paws.eqiad1.wikimedia.cloud` pointing to `172.16.0.191` (which is paws-k8s-haproxy-1) (T211096) [paws]
12:34 <arturo> created and transferred DNS zone `svc.paws.eqiad1.wikimedia.cloud` (T211096) [paws]