[06:24:56] <wikibugs>	 10Traffic, 10Operations: Setup a new PKI software as an alternative to the puppet CA for managing services certificates - https://phabricator.wikimedia.org/T194031 (10elukey) p:05High>03Normal a:03Joe
[08:00:13] <elukey>	 hello people
[08:00:38] <elukey>	 I've merged a change to aggregate the vk alarms by instance type (webrequest text, upload, misc, statsv, eventlogging)
[08:00:51] <elukey>	 rather than having them on each cp host
[08:01:13] <elukey>	 this should be better to avoid storm of alarms if vk for some reason misbehaves
[08:01:50] <elukey>	 it is also tuned to raise alerts more often than before, so if you see any  weird alarm during the next days ping me or bare in mind that I've changed them today :)
[08:09:46] <_joe_>	 cool
[09:08:37] <wikibugs>	 10Traffic, 10Operations, 10ops-esams: cp3037 is currently unreachable - https://phabricator.wikimedia.org/T196974 (10ema)
[09:33:48] <wikibugs>	 10Traffic, 10DNS, 10Operations: rack/setup/install dns200[12].wikimedia.org - https://phabricator.wikimedia.org/T196493 (10ema)
[09:37:38] <wikibugs>	 10Traffic, 10Operations, 10ops-codfw, 10Patch-For-Review: rack/setup/install LVS200[7-10] - https://phabricator.wikimedia.org/T196560 (10ema)
[09:37:47] <wikibugs>	 10Traffic, 10Operations, 10Patch-For-Review: Enable numa_networking on all caches - https://phabricator.wikimedia.org/T193865 (10ema)
[09:37:58] <vgutierrez>	 ema: do you need help cleaning/restoring traffic tasks?
[09:38:01] <wikibugs>	 10Traffic, 10Operations, 10Performance-Team, 10Patch-For-Review: Refactor varnishospital and varnishslowlog - https://phabricator.wikimedia.org/T193489 (10ema)
[09:41:20] <ema>	 vgutierrez: I think I should be done :)
[09:41:31] <ema>	 let me know if I've missed anything though of course
[09:41:53] <vgutierrez>	 I just cleaned tags here: https://phabricator.wikimedia.org/T197763
[09:42:06] <vgutierrez>	 but that's the only thing missing apparently
[09:49:45] <wikibugs>	 10Traffic, 10Operations, 10Patch-For-Review: Enable numa_networking on all caches - https://phabricator.wikimedia.org/T193865 (10MacFan4000) p:05High>03Normal
[09:57:08] <wikibugs>	 10Traffic, 10netops, 10DNS, 10Operations, 10ops-codfw: switch port configuration for dns200[1-2] - https://phabricator.wikimedia.org/T197697 (10ema) p:05High>03Normal
[10:03:31] <wikibugs>	 10netops, 10Operations, 10ops-codfw: switch port configuration for graphite2003 - https://phabricator.wikimedia.org/T198119 (10CommunityTechBot) a:03Papaul
[10:03:33] <wikibugs>	 10netops, 10Operations, 10ops-codfw: switch port configuration for graphite2003 - https://phabricator.wikimedia.org/T198119 (10CommunityTechBot) p:05High>03Normal
[10:03:36] <wikibugs>	 10netops, 10Operations, 10ops-codfw: switch port configuration for graphite2003 - https://phabricator.wikimedia.org/T198119 (10CommunityTechBot)
[10:03:39] <wikibugs>	 10netops, 10Operations, 10ops-codfw: switch port configuration for graphite2003 - https://phabricator.wikimedia.org/T198119 (10CommunityTechBot)
[10:03:42] <wikibugs>	 10netops, 10Operations, 10ops-codfw: switch port configuration for graphite2003 - https://phabricator.wikimedia.org/T198119 (10CommunityTechBot) 05Open>03Resolved
[10:44:55] <mobrovac>	 ema: quick q: where is the VCL code that handles {{lang}}.m.wp.org url rewrites?
[10:58:24] <vgutierrez>	 mobrovac: https://github.com/wikimedia/puppet/blob/production/modules/varnish/templates/text-frontend.inc.vcl.erb#L114 that one?
[10:59:55] <mobrovac>	 yup, that one, thnx vgutierrez!
[11:00:20] <mobrovac>	 now i have to figure out how x-dt-host and host are used
[11:00:21] <mobrovac>	 :P
[11:00:29] <vgutierrez>	 :) no problem!
[11:26:51] <ema>	 mobrovac: there's https://github.com/wikimedia/puppet/blob/production/modules/varnish/templates/text-backend.inc.vcl.erb#L27 too
[11:27:06] <mobrovac>	 va bene
[11:27:08] <mobrovac>	 thnx
[11:38:30] <mobrovac>	 ema: so varnish sets host to the desktop domain, and x-subdomain to the mobile one if present?
[11:39:26] <mobrovac>	 basically i'm interested in knowing the way the request for mobiles looks like when it reaches the appservers
[11:39:39] <ema>	 mobrovac: X-Subdomain is either 'M' or 'Z' (mobile/zero)
[11:41:59] <ema>	 mobrovac: right before reaching the appserver the host header is set to x-dt-host for mobile requests
[11:43:17] <mobrovac>	 ok so for en.m.wp.org/wiki/Blah we get uri: en.wp.org/wiki/Blah and headers: { x-subdomain: 'M' } ?
[11:43:44] <ema>	 right, the host header is rewritten from en.m.wp.org to en.wp.org
[11:43:54] <mobrovac>	 kk cool
[11:43:55] <ema>	 I'm not entirely sure whether we strip x-subdomain or not, let me check
[11:44:27] <mobrovac>	 the appservers need to have a way of differentiating them, so it shouldn't be stripped
[11:44:43] <ema>	 correct, it is sent to the applayer
[11:45:55] <mobrovac>	 ok great
[11:45:58] <mobrovac>	 thnx ema!
[11:48:39] <mobrovac>	 hmm can't find anything about x-subdomain in the codebase
[11:48:43] * mobrovac keeps digging
[12:12:50] <ema>	 mobrovac: so, the Host header is actually left intact (eg: en.m.wp.org), while x-dt-host is set to en.wp.org
[12:14:07] <ema>	 the exception is restbase, for which we don't differentiate between desktop and mobile and we do set Host to x-dt-host 
[12:17:14] <ema>	 the above is true at the varnish frontend layer
[12:18:15] <ema>	 then, at the backend-most varnish backend, right before sending the request to the applayer, we do the mobile hostname mangling thing and rewrite Host
[12:18:19] <ema>	 example:
[12:18:32] <ema>	 -   BereqHeader    Host: en.m.wikipedia.org
[12:18:38] <ema>	 -   BereqHeader    X-Subdomain: M
[12:18:43] <ema>	 -   BereqHeader    x-dt-host: en.wikipedia.org
[12:18:49] <ema>	 [...]
[12:18:55] <ema>	 -   BereqUnset     Host: en.m.wikipedia.org
[12:18:55] <ema>	 -   BereqHeader    host: en.wikipedia.org
[12:25:40] <ema>	 mobrovac: and yes, I can confirm that "X-Subdomain: m" is indeed used by mediawiki to know that the mobile version of a page needs to be generated 
[12:27:50] <ema>	 mobrovac: https://github.com/wikimedia/operations-mediawiki-config/blob/master/wmf-config/mobile.php#L12
[12:27:55] <mobrovac>	 ok great
[12:28:02] <mobrovac>	 thnx ema! thsi was really helpful
[12:30:47] <ema>	 mobrovac: aaaand https://github.com/wikimedia/mediawiki-extensions-MobileFrontend#wgmfmobileheader
[12:31:05] <ema>	 :)
[12:35:42] <mobrovac>	 yaaay
[12:35:44] <mobrovac>	 hehe
[12:37:12] <mobrovac>	 ok, so to recap, when a req reaches the appservers, the uri is {mwapi_srv_lvs}/wiki/Title, and headers: { host: en.wp.org, x-subdomain: 'M', x-dt-host: en.wp.org } ?
[12:37:26] <mobrovac>	 i doubt x-dt-host is needed
[12:37:33] <mobrovac>	 but put it there for completeness
[12:39:05] <ema>	 yes
[12:39:27] <ema>	 I also doubt x-dt-host is useful at the applayer, we could perhaps strip it
[12:39:37] <mobrovac>	 probably, yes
[12:39:53] <mobrovac>	 perfect! thnx ema
[12:40:13] <ema>	 np!
[12:40:51] <ema>	 in general, we are abusing headers because of the lack of support for variables in vcl
[12:41:13] <ema>	 in this case though we need to pass information among different varnish layers, so using x-dt-host does make sense
[12:42:18] <ema>	 all this reminds me that I wanted to create a task about using vmod_var(3) instead of temporary headers :) 
[14:16:14] <bblack>	 yeah x-dt-host is definitely not a standard (even in-house), it's just an accidentally-exposed internal variable
[14:16:40] <bblack>	 relatedly on the forever wishlist:
[14:17:20] <bblack>	 1) Get MW (and others) to parse host headers on their own, so we don't set X-Subdomain and don't mangle the host header and it does the /\.m\./ check and output variance all on its own.
[14:18:26] <bblack>	 2) Get RB to look at host headers too, so we don't have to mangle the public URL en.wp.o/api/rest_v1/ -> /en.wp.o/v1/
[14:27:15] <bblack>	 vgutierrez: what's the "as discussed on IRC, v6 records can be added automatically"?
[14:28:08] <vgutierrez>	 bblack: so.. as papaul explained to me, ipv6 records can be added automatically with some script and he's using that
[14:28:32] <bblack>	 oh as a separate commit then, with the diff made by the script?
[14:28:39] <vgutierrez>	 right
[14:28:41] <bblack>	 ok
[14:40:52] <mobrovac>	 ema: one follow-up question: I suppose that if send a req from the outside with the x-subdomain header for a desktop domain, varnish will strip it before passing it on?
[14:41:53] <ema>	 mobrovac: yes we do unset x-subdomain at the frontend layer
[14:42:04] <mobrovac>	 kk thnx
[15:03:41] <vgutierrez>	 bblack: BTW, I've just realised that our auth DNS records, ns[012].wikimedia.org are missing AAAA records, bug or feature?
[15:03:49] <mark>	 feature
[15:04:17] <vgutierrez>	 ook
[15:04:35] <mark>	 considering that geoip database data is not as good yet for v6 as it is for v4
[15:05:02] <mark>	 we force client resolvers to use v4 to not worsen experience by having less optimal cache dc selected
[15:05:07] <mark>	 but it's probably slowly getting better over time
[15:07:35] <mark>	 would be interesting to test that some day
[15:27:51] <vgutierrez>	 hmmm
[15:27:54] <vgutierrez>	 https://gerrit.wikimedia.org/r/#/c/443442/
[15:28:35] <vgutierrez>	 bblack, ema: I can merge that and won't be a problem with the existing authdns::servers till I don't update puppet/modules/role/manifests/authdns/data.pp, right?
[15:35:39] <bblack>	 vgutierrez: won't be a problem I think.  I wouldn't be shocked if puppetization only suceeds 99% of the way unti data.pp changes, but that's ok too.
[15:42:00] <vgutierrez>	 bblack: ack :)
[20:04:35] <wikibugs>	 10netops, 10Operations, 10fundraising-tech-ops: NAT and DNS for fundraising monitor host - https://phabricator.wikimedia.org/T198516 (10cwdent)