Page MenuHomeSoftware Heritage
Create Task
Maniphest T1872

staging infra: New vlan
Closed, MigratedEdits Locked
Actions

Description

Following documentation at [1], send an email to sesi [2] asking for it:

  • 1 new vlan
  • 1 public IP address (will be used for a SSH front-end/router to that VLAN)
  • open ports for that IP address: http, https, ssh
  • our hypervisors need access to that vlan:
      • swh5.inria.fr (beaubourg)
      • swh6.inria.fr (orsay)
      • swh8.inria.fr (hypervisor3)
    • the ip 128.93.193.29 needs access as well (vm pergamon).

This opened the ticket [3]

[1] https://intranet.softwareheritage.org/wiki/Colocation

[2] dsi-sesi.helpdesk-prc@helpdesk.inria.fr

[3] https://support.inria.fr/Ticket/Display.html?id=141499

Related Objects
Search...

Event Timeline

ardumont changed the task status from Open to Work in Progress.Jul 3 2019, 1:33 PM
ardumont triaged this task as High priority.
ardumont created this task.
ardumont updated the task description. (Show Details)Jul 3 2019, 1:35 PM
ardumont updated the task description. (Show Details)
ardumont updated the task description. (Show Details)
ardumont updated the task description. (Show Details)
ardumont added a subtask: T1874: staging infra: Setup gateway vm.Jul 3 2019, 2:11 PM
ardumont mentioned this in T1876: staging infra: Configure DNS zones.Jul 17 2019, 2:42 PM
ardumont changed the status of subtask T1874: staging infra: Setup gateway vm from Open to Work in Progress.Jul 30 2019, 4:33 PM
ardumont mentioned this in Unknown Object (Paste).Aug 1 2019, 3:41 PM
ardumont updated the task description. (Show Details)Aug 1 2019, 3:47 PM

An email asking more details has been received or clarification.
P485 is the draft for the answer.

Cheers,

ftigeot added a subscriber: ftigeot.Aug 7 2019, 2:02 PM

Most of the relevant commits use the 192.168.128.0/24 address space.

That network is already being used for the communication between banco and its storage bay.
It would be wise to use a different IP prefix.

ardumont added a comment.Sep 6 2019, 11:59 AM

sesi asked for some more details about the hardware to propagate that vlan too.
I just replied, so hopefully, that should converge soon.

Also, ack @ftigeot for the address space clash. Thanks for the heads up.
That should change soon enough i think ;)

Cheers,

ardumont added a subscriber: olasd.Sep 10 2019, 11:55 AM

A priori, everything is done on sesi's side, as asked by @olasd, last ticket entries excerpt:

>>... peux-tu m'indiquer sur quel(s) équipement(s) le nouveau vlan doit être propagé ?
>> Le reste de la configuration a été effectué.
> ...
> deja, merci pour le travail effectue!
> Ce sont les machines suivantes:
> - swh5.inria.fr
> - swh6.inria.fr
> - swh8.inria.fr
> Merci d'avance.

Bonjour
Les modifications sont faites, tiens moi informé si c'est bon de votre côté.
Bonne journée,
Hakim

Remains to check everything is fine and get back to them so we can close the ticket.

Cheers,

vlorentz added a project: Staging environment.Jan 22 2020, 4:29 PM
ardumont closed subtask T1874: staging infra: Setup gateway vm as Resolved.Apr 24 2020, 3:29 PM
rdicosmo added a subscriber: rdicosmo.May 9 2020, 12:09 PM

Is this now done? If that's the case this ticked should be closed.

rdicosmo mentioned this in T1785: Setup staging infrastructure.May 9 2020, 12:11 PM
olasd added a comment.Jun 9 2020, 12:07 PM
In T1872#44251, @rdicosmo wrote:

Is this now done? If that's the case this ticked should be closed.

The VLAN has been provisioned on our hypervisors, but not setup / in use yet.

I guess we'll do that when we go ahead and install the new hypervisor.

olasd added a comment.Jun 9 2020, 12:07 PM

(the VLAN id for the staging vlan is 443).

olasd added a parent task: T2501: Proxmox reliability improvements (Summer 2020).Jul 21 2020, 2:53 PM
olasd added a parent task: T2627: Recycle ceph-osd1 as staging database host.Sep 23 2020, 11:50 AM
olasd added a parent task: T2628: Recycle ceph-osd2 as objstorage/storage backend for staging.
olasd added a comment.Sep 28 2020, 5:42 PM

I wanted to rename the bridges on the proxmox hosts to something clearer (like vmbr-staging) but it turns out that proxmox only supports bridges named /vmbr\d+/. Ugh.

So I guess the bridges will be named vmbr$<vlanid>, which means vmbr443 for staging.

olasd added a comment.Sep 28 2020, 6:11 PM

I've added a bridge vmbr443 to all hypervisors.

I've checked that all hypervisors were able to ping one another over this bridge, using their ipv6 link local addresses.

sudo clush -w @hypervisors 'set -e; for addr in fe80::e872:32ff:feac:ef39%vmbr443 fe80::24a5:2aff:fee3:3552%vmbr443 fe80::c82e:c2ff:fe01:e77d%vmbr443 fe80::589c:d0ff:fe33:4daa%vmbr443; do ping -c3 $addr; done'

Now we just need to move the machines to this VLAN.

olasd closed this task as Resolved.Sep 28 2020, 6:57 PM
olasd claimed this task.

This was now just a matter of doing the clickity click on all hosts. They're now using the dedicated vlan.

gitlab-migration changed the task status from Resolved to Migrated.Oct 19 2022, 5:56 PM
gitlab-migration claimed this task.
gitlab-migration added a subscriber: gitlab-migration.

This task has been migrated to GitLab.

gitlab-migration changed the status of subtask T1874: staging infra: Setup gateway vm from Resolved to Migrated.Oct 19 2022, 5:56 PM
About · Developer information · Legal