Andrew Bogott has uploaded a new change for review.
https://gerrit.wikimedia.org/r/284829
Change subject: Add an lvs service ip (labs-ns.wikimedia.org) for labs auth dns
......................................................................
Add an lvs service ip (labs-ns.wikimedia.org) for labs auth dns
Unanswered questions:
- IPv6?
- How to deploy
- What should max-delay be? Even 30s seems slow for dns response
- What is depool-threshold?
Change-Id: I4bdfc091cde7738548013f97a4843261e53c9b76
Depends-On: I7756d807b9868e1b37d6ddf1aceca55bcb1c1bf2
Bug: T119660
---
M conftool-data/nodes/eqiad.yaml
M conftool-data/services/misc.yaml
M hieradata/common/lvs/configuration.yaml
A hieradata/role/eqiad/labs/dns.yaml
M modules/role/manifests/labs/dns.pp
5 files changed, 33 insertions(+), 0 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/29/284829/1
diff --git a/conftool-data/nodes/eqiad.yaml b/conftool-data/nodes/eqiad.yaml
index de67d3c..5f149d8 100644
--- a/conftool-data/nodes/eqiad.yaml
+++ b/conftool-data/nodes/eqiad.yaml
@@ -305,6 +305,9 @@
ms-fe1004.eqiad.wmnet: [swift-fe]
phabricator:
iridium-vcs.eqiad.wmnet: [git-ssh]
+labs:
+ labs-ns0.wikimedia.org: [labs-auth-dns]
+ labs-ns1.wikimedia.org: [labs-auth-dns]
aqs:
aqs1001.eqiad.wmnet: [aqs]
aqs1002.eqiad.wmnet: [aqs]
diff --git a/conftool-data/services/misc.yaml b/conftool-data/services/misc.yaml
index e533379..278d98c 100644
--- a/conftool-data/services/misc.yaml
+++ b/conftool-data/services/misc.yaml
@@ -17,3 +17,11 @@
"weight": 10
datacenters:
- eqiad
+labs:
+ labs-auth-dns:
+ port: 53
+ default_values:
+ "pooled": "no"
+ "weight": 10
+ datacenters:
+ - eqiad
diff --git a/hieradata/common/lvs/configuration.yaml
b/hieradata/common/lvs/configuration.yaml
index c8221c8..898da11 100644
--- a/hieradata/common/lvs/configuration.yaml
+++ b/hieradata/common/lvs/configuration.yaml
@@ -124,6 +124,8 @@
eqiad:
git-ssh4: 208.80.154.250
git-ssh6: 2620:0:861:ed1a::3:16
+ labs-auth-dns: &ip_block027
+ eqiad: 208.80.154.251
aqs: &ip_block025
eqiad: 10.2.2.12
eventbus: &ip_block026
@@ -842,6 +844,22 @@
conftool:
cluster: phabricator
service: git-ssh
+ labs-auth-dns:
+ description: Authoritative dns for labs -- public and private
+ class: low-traffic
+ sites:
+ - eqiad
+ ip: *ip_block027
+ port: 53
+ bgp: 'yes'
+ depool-threshold: '.9'
+ monitors:
+ IdleConnection:
+ timeout-clean-reconnect: 3
+ max-delay: 30
+ conftool:
+ cluster: labs
+ service: labs-auth-dns
aqs:
description: "Analytics Query Service, aqs.svc.%{::site}.wmnet"
class: low-traffic
diff --git a/hieradata/role/eqiad/labs/dns.yaml
b/hieradata/role/eqiad/labs/dns.yaml
new file mode 100644
index 0000000..e726849
--- /dev/null
+++ b/hieradata/role/eqiad/labs/dns.yaml
@@ -0,0 +1,2 @@
+lvs::realserver::realserver_ips:
+ - "208.80.154.251"
diff --git a/modules/role/manifests/labs/dns.pp
b/modules/role/manifests/labs/dns.pp
index c6c616b..b299baa 100644
--- a/modules/role/manifests/labs/dns.pp
+++ b/modules/role/manifests/labs/dns.pp
@@ -4,6 +4,8 @@
}
$dnsconfig = hiera_hash('labsdnsconfig', {})
+ include lvs::realserver
+
class { '::labs_dns':
dns_auth_ipaddress => $::ipaddress_eth0,
dns_auth_query_address => $::ipaddress_eth0,
--
To view, visit https://gerrit.wikimedia.org/r/284829
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I4bdfc091cde7738548013f97a4843261e53c9b76
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
