Dzahn has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/363294 )
Change subject: tendril: Make tendril active on a single datacenter for now
......................................................................
tendril: Make tendril active on a single datacenter for now
Until we have a db backend on codfw, or TLS is used for connecting
to the backend, close the port access to dbstore2001.
Bug: T169540
Change-Id: I11719b07164ff91de66e1613aea8809d24b50ebf
---
M modules/role/manifests/tendril.pp
1 file changed, 7 insertions(+), 3 deletions(-)
Approvals:
jenkins-bot: Verified
Dzahn: Looks good to me, approved
diff --git a/modules/role/manifests/tendril.pp
b/modules/role/manifests/tendril.pp
index c8eba32..8a63e00 100644
--- a/modules/role/manifests/tendril.pp
+++ b/modules/role/manifests/tendril.pp
@@ -31,8 +31,12 @@
auth_name => 'WMF Labs (use wiki login name not shell) -
nda/ops/wmf',
}
- ferm::service { 'tendril-http-https':
- proto => 'tcp',
- port => '(http https)',
+ # Make tendril active-passive cross-datacenter until a local db backend is
+ # available on codfw to avoid cross-dc queries or TLS is used to connect
+ if hiera('do_acme', true) {
+ ferm::service { 'tendril-http-https':
+ proto => 'tcp',
+ port => '(http https)',
+ }
}
}
--
To view, visit https://gerrit.wikimedia.org/r/363294
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I11719b07164ff91de66e1613aea8809d24b50ebf
Gerrit-PatchSet: 3
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Jcrespo <[email protected]>
Gerrit-Reviewer: Ayounsi <[email protected]>
Gerrit-Reviewer: Dzahn <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
