Jcrespo has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/363294 )
Change subject: tendril: Make tendril active on a single datacenter for now
......................................................................
tendril: Make tendril active on a single datacenter for now
Until we have a db backend on codfw, or TLS is used for connecting
to the backend, close the port access to dbstore2001.
Bug: T169540
Change-Id: I11719b07164ff91de66e1613aea8809d24b50ebf
---
M modules/role/manifests/tendril.pp
1 file changed, 7 insertions(+), 3 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/94/363294/1
diff --git a/modules/role/manifests/tendril.pp
b/modules/role/manifests/tendril.pp
index c8eba32..8a63e00 100644
--- a/modules/role/manifests/tendril.pp
+++ b/modules/role/manifests/tendril.pp
@@ -31,8 +31,12 @@
auth_name => 'WMF Labs (use wiki login name not shell) -
nda/ops/wmf',
}
- ferm::service { 'tendril-http-https':
- proto => 'tcp',
- port => '(http https)',
+ # Make tendril active-passive cross-datacenter until a local db backend is
+ # available on codfw to avoid cross-dc queries or TLS is used to connect
+ if hiera('do_acme', true) {
+ ferm::service { 'tendril-http-https':
+ proto => 'tcp',
+ port => '(http https)',
+ }
}
}
--
To view, visit https://gerrit.wikimedia.org/r/363294
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I11719b07164ff91de66e1613aea8809d24b50ebf
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Jcrespo <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
