⚓ T362824 Q#:rack/setup/install dbproxy200[5-8]

	Subject	Repo	Branch	Lines +/-
	site.pp: New dbproxy hosts	operations/puppet	production	+1 -1
	site.pp: New dbproxies	operations/puppet	production	+2 -941

RobH created this task.Apr 17 2024, 8:20 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 17 2024, 8:20 PM

RobH mentioned this in Unknown Object (Task).Apr 17 2024, 8:21 PM

RobH added a parent task: Unknown Object (Task).

RobH added a project: ops-codfw.Apr 17 2024, 8:23 PM

RobH moved this task from Backlog to Racking Tasks on the ops-codfw board.Apr 17 2024, 8:26 PM

RobH unsubscribed.

Maintenance_bot added a project: SRE.Apr 17 2024, 8:29 PM

Jhancock.wm claimed this task.Jun 12 2024, 2:16 PM

Jhancock.wm updated the task description. (Show Details)

@Jhancock.wm reminder, we do not need AAAA records on these hosts.

Change #1042820 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/puppet@production] site.pp: New dbproxies

https://gerrit.wikimedia.org/r/1042820

Change #1042820 abandoned by Marostegui:

[operations/puppet@production] site.pp: New dbproxies

Reason:

vim did something weird

https://gerrit.wikimedia.org/r/1042820

Change #1042822 had a related patch set uploaded (by Marostegui; author: Marostegui):

[operations/puppet@production] site.pp: New dbproxy hosts

https://gerrit.wikimedia.org/r/1042822

Marostegui updated the task description. (Show Details)Jun 13 2024, 6:54 AM

Change #1042822 merged by Marostegui:

[operations/puppet@production] site.pp: New dbproxy hosts

https://gerrit.wikimedia.org/r/1042822

Maintenance_bot removed a project: Patch-For-Review.Jun 13 2024, 7:31 AM

@Marostegui thank you for the reminder. I will be getting this racked on Friday most likely. also thank you for updating puppet files!

Jhancock.wm updated the task description. (Show Details)Jun 25 2024, 2:39 PM

Jhancock.wm updated the task description. (Show Details)Jun 26 2024, 2:34 PM

@Marostegui was there a preference for 1G or 10G on these servers?

1G is fine, thanks!

Papaul updated the task description. (Show Details)Jul 11 2024, 4:16 PM

Cookbook cookbooks.sre.hosts.reimage was started by pt1979@cumin2002 for host dbproxy2005.codfw.wmnet with OS bookworm

Cookbook cookbooks.sre.hosts.reimage started by pt1979@cumin2002 for host dbproxy2005.codfw.wmnet with OS bookworm completed:

dbproxy2005 (PASS)
- Removed from Puppet and PuppetDB if present and deleted any certificates
- Removed from Debmonitor if present
- Forced PXE for next reboot
- Host rebooted via IPMI
- Host up (Debian installer)
- Add puppet_version metadata to Debian installer
- Checked BIOS boot parameters are back to normal
- Host up (new fresh bookworm OS)
- Generated Puppet certificate
- Signed new Puppet certificate
- Run Puppet in NOOP mode to populate exported resources in PuppetDB
- Found Nagios_host resource for this host in PuppetDB
- Downtimed the new host on Icinga/Alertmanager
- First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202407111909_pt1979_2208237_dbproxy2005.out
- configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
- Rebooted
- Automatic Puppet run was successful
- Forced a re-check of all Icinga services for the host
- Icinga status is optimal
- Icinga downtime removed
- Updated Netbox data from PuppetDB
- Updated Netbox status planned -> active
- The sre.puppet.sync-netbox-hiera cookbook was run successfully
- Cleared switch DHCP cache and MAC table for the host IP and MAC (EVPN Switch)

Papaul updated the task description. (Show Details)Jul 11 2024, 10:11 PM

@Jhancock.wm i think you missed @Marostegui comment about not setting IPV6 for those hosts. I fixed it.

@Marostegui like we discussed this morning, I was able to install dbproxy2005 using the workaround of using the 1G NIC for the install and switch to 10G after the install. Please check if all looks good on dbproxy2005 so I can proceed with the others.

Thanks

@Papaul I cannot access the host via ssh remotely, but the host is up and has network. I've connected via supermicro idrac and I think it is related to the DNS

root@dbproxy2005:~# host dbproxy2005.codfw.wmnet
Host dbproxy2005.codfw.wmnet not found: 3(NXDOMAIN)


root@dbproxy2005:~# ip addre
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute
       valid_lft forever preferred_lft forever
2: ens1f0np0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 7c:c2:55:97:5c:ce brd ff:ff:ff:ff:ff:ff
    altname enp138s0f0np0
    inet 10.192.23.11/24 brd 10.192.23.255 scope global ens1f0np0
       valid_lft forever preferred_lft forever
    inet6 2620:0:860:113:10:192:23:11/64 scope global
       valid_lft 2591992sec preferred_lft 604792sec
    inet6 fe80::7ec2:55ff:fe97:5cce/64 scope link
       valid_lft forever preferred_lft forever
3: ens1f1np1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 7c:c2:55:97:5c:cf brd ff:ff:ff:ff:ff:ff
    altname enp138s0f1np1
4: enxbe3af2b6059f: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether be:3a:f2:b6:05:9f brd ff:ff:ff:ff:ff:ff
5: eno1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 7c:c2:55:ac:1a:56 brd ff:ff:ff:ff:ff:ff
    altname enp1s0f0
6: eno2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 7c:c2:55:ac:1a:57 brd ff:ff:ff:ff:ff:ff
    altname enp1s0f1


root@dbproxy2005:~# ping cumin2002.codfw.wmnet
PING cumin2002.codfw.wmnet(cumin2002.codfw.wmnet (2620:0:860:103:10:192:32:49)) 56 data bytes
64 bytes from cumin2002.codfw.wmnet (2620:0:860:103:10:192:32:49): icmp_seq=1 ttl=60 time=0.340 ms
64 bytes from cumin2002.codfw.wmnet (2620:0:860:103:10:192:32:49): icmp_seq=2 ttl=60 time=0.385 ms

dbproxy2006 temp 1G -> B7 lsw port 47
dbproxy2007 temp 1G -> C7 asw port 43
dbproxy2008 temp 1G -> D4 asw port 43

Jhancock.wm reassigned this task from Jhancock.wm to Papaul.Jul 12 2024, 1:36 PM

Jhancock.wm subscribed.

@Marostegui thank you for checking. You are right looks like the host still has it's IPV6 or we remove it after the re-image in netbox.

2: ens1f0np0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 7c:c2:55:97:5c:ce brd ff:ff:ff:ff:ff:ff
    altname enp138s0f0np0
    inet 10.192.23.11/24 brd 10.192.23.255 scope global ens1f0np0
       valid_lft forever preferred_lft forever
    inet6 2620:0:860:113:10:192:23:11/64 scope global
       valid_lft 2591992sec preferred_lft 604792sec
    inet6 fe80::7ec2:55ff:fe97:5cce/64 scope link
       valid_lft forever preferred_lft forever

i will try to re-image it again but in the main time can you try to remove that IP6s entry and reboot the server.
Thank you

Cookbook cookbooks.sre.hosts.reimage was started by marostegui@cumin1002 for host dbproxy2005.codfw.wmnet with OS bookworm

@Papaul the interface wasn't in netbox anymore, but the DNS entry for that host is still gone.
I've tried to reimage the host but it gets stuck on the PXE boot and keeps rebooting upon timing out waiting for the boot:

Intel(R) Boot Agent XE (X550) v2.4.45
Copyright (C) 1997-2019, Intel Corporation

PXE-E61: Media test failure, check cable
PXE-M0F: Exiting Intel Boot Agent.


Broadcom UNDI PXE-2.1 v226.0.135.0
Copyright (C) 2000-2023 Broadcom Limited
Copyright (C) 1997-2000 Intel Corporation
All rights reserved.

CLIENT MAC ADDR: 7C C2 55 97 5C CE  GUID: 07663200-04E3-11EF-8000-7CC255AC1A56
CLIENT IP: 10.192.23.11  MASK: 255.255.255.0  DHCP IP: 208.80.153.105
GATEWAY IP: 10.192.23.1

PXELINUX 6.03 lwIP 20150819 Copyright (C) 1994-2014 H. Peter Anvin et al
.................

Just talked to @Papaul - the reimage was expected to fail since the iface was moved back to the 10G one.

Marostegui added a project: DBA.Jul 15 2024, 6:48 AM

ABran-WMF moved this task from Triage to In progress on the DBA board.Jul 15 2024, 7:17 AM

Cookbook cookbooks.sre.hosts.reimage was started by pt1979@cumin2002 for host dbproxy2005.codfw.wmnet with OS bookworm

Cookbook cookbooks.sre.hosts.reimage started by pt1979@cumin2002 for host dbproxy2005.codfw.wmnet with OS bookworm completed:

dbproxy2005 (PASS)
- Removed from Puppet and PuppetDB if present and deleted any certificates
- Removed from Debmonitor if present
- Forced PXE for next reboot
- Host rebooted via IPMI
- Host up (Debian installer)
- Add puppet_version metadata to Debian installer
- Checked BIOS boot parameters are back to normal
- Host up (new fresh bookworm OS)
- Generated Puppet certificate
- Signed new Puppet certificate
- Run Puppet in NOOP mode to populate exported resources in PuppetDB
- Found Nagios_host resource for this host in PuppetDB
- Downtimed the new host on Icinga/Alertmanager
- First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202407151358_pt1979_1933053_dbproxy2005.out
- configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
- Rebooted
- Automatic Puppet run was successful
- Forced a re-check of all Icinga services for the host
- Icinga status is optimal
- Icinga downtime removed
- Updated Netbox data from PuppetDB
- Cleared switch DHCP cache and MAC table for the host IP and MAC (EVPN Switch)

@Papaul dbproxy2005 looks good now - no ipv6 and I can reach it just fine. If you want to move it back to 10G that's great, and if you'd want to reimage the other hosts, that'd be great

Thanks!

Papaul mentioned this in T369826: 10gbit nic option for centrallog2002.Jul 16 2024, 1:22 PM

Cookbook cookbooks.sre.hosts.reimage was started by pt1979@cumin2002 for host dbproxy2006.codfw.wmnet with OS bookworm

Cookbook cookbooks.sre.hosts.reimage started by pt1979@cumin2002 for host dbproxy2006.codfw.wmnet with OS bookworm completed:

dbproxy2006 (PASS)
- Removed from Puppet and PuppetDB if present and deleted any certificates
- Removed from Debmonitor if present
- Forced PXE for next reboot
- Host rebooted via IPMI
- Host up (Debian installer)
- Add puppet_version metadata to Debian installer
- Checked BIOS boot parameters are back to normal
- Host up (new fresh bookworm OS)
- Generated Puppet certificate
- Signed new Puppet certificate
- Run Puppet in NOOP mode to populate exported resources in PuppetDB
- Found Nagios_host resource for this host in PuppetDB
- Downtimed the new host on Icinga/Alertmanager
- First Puppet run completed and logged in /var/log/spicerack/sre/hosts/reimage/202407161656_pt1979_3112148_dbproxy2006.out
- configmaster.wikimedia.org updated with the host new SSH public key for wmf-update-known-hosts-production
- Rebooted
- Automatic Puppet run was successful
- Forced a re-check of all Icinga services for the host
- Icinga status is optimal
- Icinga downtime removed
- Updated Netbox data from PuppetDB
- Updated Netbox status planned -> active
- The sre.puppet.sync-netbox-hiera cookbook was run successfully
- Cleared switch DHCP cache and MAC table for the host IP and MAC (EVPN Switch)

Papaul updated the task description. (Show Details)Jul 16 2024, 5:28 PM

Papaul updated the task description. (Show Details)Jul 16 2024, 6:15 PM

Cookbook cookbooks.sre.hosts.reimage was started by pt1979@cumin2002 for host dbproxy2007.codfw.wmnet with OS bookworm

Cookbook cookbooks.sre.hosts.reimage started by pt1979@cumin2002 for host dbproxy2007.codfw.wmnet with OS bookworm executed with errors:

dbproxy2007 (FAIL)
- Removed from Puppet and PuppetDB if present and deleted any certificates
- Removed from Debmonitor if present
- Forced PXE for next reboot
- Host rebooted via IPMI
- The reimage failed, see the cookbook logs for the details,You can also try typing "install-console" dbproxy2007.codfw.wmnet to get a root shellbut depending on the failure this may not work.

Papaul updated the task description. (Show Details)Jul 16 2024, 6:56 PM