[MediaWiki-commits] [Gerrit] Revert "Labs: Make dynamic proxies use local resolver" - change (operations/puppet)

[Yuvipanda (Code Review)]

Yuvipanda has submitted this change and it was merged.

Change subject: Revert "Labs: Make dynamic proxies use local resolver"
......................................................................


Revert "Labs: Make dynamic proxies use local resolver"

The problem was not nginx not caching, but dnsmasq
returning a TTL of 0. See T72076 for more details.

This reverts commit 3143a94ea99b2648616e588b915d39b239775399.

Change-Id: Ib8003b5e1526bdab0717c2167469488590979580
---
M manifests/role/labsproxy.pp
D modules/dynamicproxy/files/named.conf.options
M modules/dynamicproxy/manifests/init.pp
3 files changed, 1 insertion(+), 37 deletions(-)

Approvals:
  Yuvipanda: Looks good to me, approved
  coren: Looks good to me, but someone else must approve
  jenkins-bot: Verified



diff --git a/manifests/role/labsproxy.pp b/manifests/role/labsproxy.pp
index 43a521b..f8e89b5 100644
--- a/manifests/role/labsproxy.pp
+++ b/manifests/role/labsproxy.pp
@@ -8,7 +8,7 @@
         ssl_certificate_name => 'star.wmflabs.org',
         ssl_settings         => ssl_ciphersuite('nginx', 'compat'),
         set_xff              => true,
-        resolver             => '127.0.0.1',
+        resolver             => '10.68.16.1',
         require              => Install_certificate['star.wmflabs.org']
     }
     include dynamicproxy::api
diff --git a/modules/dynamicproxy/files/named.conf.options 
b/modules/dynamicproxy/files/named.conf.options
deleted file mode 100644
index 2acd0a7..0000000
--- a/modules/dynamicproxy/files/named.conf.options
+++ /dev/null
@@ -1,20 +0,0 @@
-acl labs {
-        10.0.0.0/8;
-        localhost;
-        localnets;
-};
-
-options {
-        directory "/var/cache/bind";
-
-        recursion yes;
-        allow-query { labs; };
-        forwarders { 10.68.16.1; };
-        forward only;
-
-        dnssec-enable yes;
-        dnssec-validation yes;
-
-        auth-nxdomain no;
-};
-
diff --git a/modules/dynamicproxy/manifests/init.pp 
b/modules/dynamicproxy/manifests/init.pp
index 41d8037..e618238 100644
--- a/modules/dynamicproxy/manifests/init.pp
+++ b/modules/dynamicproxy/manifests/init.pp
@@ -89,22 +89,6 @@
         source  => 'puppet:///modules/dynamicproxy/redis.lua',
     }
 
-    # This is used to provide a local (caching, forwarding) resolver
-    # for the proxy so that it doesn't hit dnsmasq so hard -- nginx
-    # appears to do little/no DNS caching on its own.
-    package { 'bind9':
-        ensure  => 'present',
-    }
-
-    file { '/etc/bind/named.conf.options':
-        ensure  => 'file',
-        require => Package['bind9'],
-        owner   => 'root',
-        group   => 'root',
-        mode    => '0444',
-        source  => 'puppet:///modules/dynamicproxy/named.conf.options',
-    }
-
     diamond::collector::nginx { 'diamond-monitor-proxy': }
 
     # Also monitor local redis

-- 
To view, visit https://gerrit.wikimedia.org/r/183833
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ib8003b5e1526bdab0717c2167469488590979580
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Yuvipanda <yuvipa...@gmail.com>
Gerrit-Reviewer: Yuvipanda <yuvipa...@gmail.com>
Gerrit-Reviewer: coren <mpellet...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits