BBlack has uploaded a new change for review.
https://gerrit.wikimedia.org/r/275124
Change subject: varnishes: control applayer DC routing from hieradata
......................................................................
varnishes: control applayer DC routing from hieradata
This is the commit that rids Traffic infrastructure of all
remaining references to $::mw_primary.
Note: this seems more-complicated than it has to be (i.e. why not
make the backend selection explicit in hieradata instead of
double-referencing with a 'route' attribute), but this direction
gets closer to support for a magical 'route: split', which uses
cache::route_table data to do active:active properly, even for
future cache-only-DC pass-traffic directly to the applayer (once
TLS is working!).
Bug: T127484
Change-Id: Ia5f1d56a584a6c4ca89f0532c7fd2225a7b7a9f8
---
M hieradata/common/cache/maps.yaml
M hieradata/common/cache/text.yaml
M hieradata/common/cache/upload.yaml
M modules/role/manifests/cache/maps.pp
M modules/role/manifests/cache/text.pp
M modules/role/manifests/cache/upload.pp
6 files changed, 20 insertions(+), 13 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/24/275124/1
diff --git a/hieradata/common/cache/maps.yaml b/hieradata/common/cache/maps.yaml
index f1efe0e..fe335b5 100644
--- a/hieradata/common/cache/maps.yaml
+++ b/hieradata/common/cache/maps.yaml
@@ -4,5 +4,6 @@
- 'cp1044.eqiad.wmnet'
apps:
kartotherian:
+ route: 'codfw'
backends:
codfw: 'kartotherian.svc.codfw.wmnet'
diff --git a/hieradata/common/cache/text.yaml b/hieradata/common/cache/text.yaml
index 88d23ea..5530894 100644
--- a/hieradata/common/cache/text.yaml
+++ b/hieradata/common/cache/text.yaml
@@ -43,30 +43,38 @@
- 'cp4018.ulsfo.wmnet'
apps:
appservers:
+ route: 'eqiad'
backends:
eqiad: 'appservers.svc.eqiad.wmnet'
codfw: 'appservers.svc.codfw.wmnet'
appservers_debug:
+ route: 'eqiad'
backends:
eqiad: 'appservers-debug.svc.eqiad.wmnet'
api:
+ route: 'eqiad'
backends:
eqiad: 'api.svc.eqiad.wmnet'
codfw: 'api.svc.codfw.wmnet'
rendering:
+ route: 'eqiad'
backends:
eqiad: 'rendering.svc.eqiad.wmnet'
codfw: 'rendering.svc.codfw.wmnet'
restbase:
+ route: 'eqiad'
backends:
eqiad: 'restbase.svc.eqiad.wmnet'
codfw: 'restbase.svc.codfw.wmnet'
cxserver:
+ route: 'eqiad'
backends:
eqiad: 'cxserver.svc.eqiad.wmnet'
citoid:
+ route: 'eqiad'
backends:
eqiad: 'citoid.svc.eqiad.wmnet'
security_audit:
+ route: 'eqiad'
backends:
eqiad: []
diff --git a/hieradata/common/cache/upload.yaml
b/hieradata/common/cache/upload.yaml
index d6d6a06..cb38cbe 100644
--- a/hieradata/common/cache/upload.yaml
+++ b/hieradata/common/cache/upload.yaml
@@ -48,6 +48,7 @@
- 'cp4015.ulsfo.wmnet'
apps:
swift:
+ route: 'eqiad'
backends:
eqiad: 'ms-fe.svc.eqiad.wmnet'
codfw: 'ms-fe.svc.codfw.wmnet'
diff --git a/modules/role/manifests/cache/maps.pp
b/modules/role/manifests/cache/maps.pp
index 5b0b6cd..81f2752 100644
--- a/modules/role/manifests/cache/maps.pp
+++ b/modules/role/manifests/cache/maps.pp
@@ -40,10 +40,7 @@
'kartotherian' => {
'dynamic' => 'no',
'type' => 'random',
- # XXX note explicit abnormal hack: service only exists in codfw,
but eqiad is Tier-1 in general
- # XXX this means traffic is moving x-dc without crypto!
- # XXX this also means users mapped to codfw frontends bounce
traffic [codfw->eqiad->codfw] on their way in!
- 'backends' => $apps['kartotherian']['backends']['codfw'],
+ 'backends' =>
$apps['kartotherian']['backends'][$apps['kartotherian']['route']],
'be_opts' => {
'port' => 6533,
'connect_timeout' => '5s',
diff --git a/modules/role/manifests/cache/text.pp
b/modules/role/manifests/cache/text.pp
index 6bd44de..46f4e45 100644
--- a/modules/role/manifests/cache/text.pp
+++ b/modules/role/manifests/cache/text.pp
@@ -50,49 +50,49 @@
'appservers' => {
'dynamic' => 'no',
'type' => 'random',
- 'backends' => $apps['appservers']['backends'][$::mw_primary],
+ 'backends' =>
$apps['appservers']['backends'][$apps['appservers']['route']],
'be_opts' => $app_def_be_opts,
},
'api' => {
'dynamic' => 'no',
'type' => 'random',
- 'backends' => $apps['api']['backends'][$::mw_primary],
+ 'backends' => $apps['api']['backends'][$apps['api']['route']],
'be_opts' => $app_def_be_opts,
},
'rendering' => {
'dynamic' => 'no',
'type' => 'random',
- 'backends' => $apps['rendering']['backends'][$::mw_primary],
+ 'backends' =>
$apps['rendering']['backends'][$apps['rendering']['route']],
'be_opts' => $app_def_be_opts,
},
'security_audit' => {
'dynamic' => 'no',
'type' => 'random',
- 'backends' => $apps['security_audit']['backends'][$::mw_primary],
+ 'backends' =>
$apps['security_audit']['backends'][$apps['security_audit']['route']],
'be_opts' => $app_def_be_opts,
},
'appservers_debug' => {
'dynamic' => 'no',
'type' => 'random',
- 'backends' => $apps['appservers_debug']['backends'][$::mw_primary],
+ 'backends' =>
$apps['appservers_debug']['backends'][$apps['appservers_debug']['route']],
'be_opts' => merge($app_def_be_opts, { 'max_connections' => 20 }),
},
'restbase_backend' => {
'dynamic' => 'no',
'type' => 'random',
- 'backends' => $apps['restbase']['backends'][$::mw_primary],
+ 'backends' =>
$apps['restbase']['backends'][$apps['restbase']['route']],
'be_opts' => merge($app_def_be_opts, { 'port' => 7231,
'max_connections' => 5000 }),
},
'cxserver_backend' => { # LEGACY: should be removed eventually
'dynamic' => 'no',
'type' => 'random',
- 'backends' => $apps['cxserver']['backends'][$::mw_primary],
+ 'backends' =>
$apps['cxserver']['backends'][$apps['cxserver']['route']],
'be_opts' => merge($app_def_be_opts, { 'port' => 8080 }),
},
'citoid_backend' => { # LEGACY: should be removed eventually
'dynamic' => 'no',
'type' => 'random',
- 'backends' => $apps['citoid']['backends'][$::mw_primary],
+ 'backends' =>
$apps['citoid']['backends'][$apps['citoid']['route']],
'be_opts' => merge($app_def_be_opts, { 'port' => 1970 }),
},
}
diff --git a/modules/role/manifests/cache/upload.pp
b/modules/role/manifests/cache/upload.pp
index 9152917..4754811 100644
--- a/modules/role/manifests/cache/upload.pp
+++ b/modules/role/manifests/cache/upload.pp
@@ -40,7 +40,7 @@
'swift' => {
'dynamic' => 'no',
'type' => 'random',
- 'backends' => $apps['swift']['backends'][$::mw_primary],
+ 'backends' => $apps['swift']['backends'][$apps['swift']['route']],
'be_opts' => {
'port' => 80,
'connect_timeout' => '5s',
--
To view, visit https://gerrit.wikimedia.org/r/275124
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia5f1d56a584a6c4ca89f0532c7fd2225a7b7a9f8
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: BBlack <bbl...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
