https://bugzilla.wikimedia.org/show_bug.cgi?id=57834
Web browser: ---
Bug ID: 57834
Summary: provide bastion redundancy via DNS round robin
Product: Wikimedia Labs
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: Unprioritized
Component: Infrastructure
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected], [email protected]
Classification: Unclassified
Mobile Platform: ---
The labs project has three instances we can connect to:
bastion1 208.80.153.207
bastion2 208.80.153.203
bastion3 208.80.153.202
They each have a DNS entry in wmflabs.org.
I have setup my ssh ProxyCommand to point to bastion.wmflabs.org expecting it
to pick up one of the bastions. Unfortunately the DNS A record points to
208.80.153.207 (bastion1). Whenever that instance is dead I have to update my
ProxyCommand manually.
We could make bastion.wmflabs.org a round robin DNS entry that would distribute
incoming connections to the different bastion instances. To do so:
- bastion.wmflabs.org should have three A entries
- the DNS server needs to be configured to yield the entry using round robin
(aka change order on each DNS request).
- all three bastions need to share the same SSH host key
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
