[07:17:45] greetings [09:29:22] hello [09:29:58] morning :) [09:45:47] quick review fixing image-config local deployment in lima-kilo [09:45:48] https://gitlab.wikimedia.org/repos/cloud/toolforge/lima-kilo/-/merge_requests/310 [09:49:22] dcaro: +1d [09:50:12] thanks! [10:17:38] taavi: what do you think re: my last comment on https://gerrit.wikimedia.org/r/c/operations/puppet/+/1243042 ? [10:23:44] godog: that task seems to be about alerting from the cloudweb boxen (which hosts horizon and striker) and i still don't see how toolhub is related to any of those [10:25:04] not only cloudweb though, in general all lvs services owned by wmcs i.e. including toolhub [10:25:24] unless toolhub is not owned by wmcs (?) which could totally be the case [10:27:02] definitely possible [10:28:33] it is, afaik, though we have not really "taken it over" yet [10:32:01] ok I'll abandon the change since ownership is not clear yet and note this discussion in the task [11:05:44] re gateway api implementations: https://phabricator.wikimedia.org/T418274#11650115 [11:16:47] thanks taavi, replied there, +1 on Istio [11:22:12] nice writeup, Istio seems indeed good [11:28:15] +1 for istio [11:38:36] I'm setting up my new backup yubikey, any reviews? https://gerrit.wikimedia.org/r/c/operations/puppet/+/1243775 [11:39:48] brb [11:41:31] mo.ritz will probably ask you to confirm it out of band [12:05:06] yep :) [12:05:09] * dcaro lunch [13:15:50] got it working :), the one removing the old key: https://gerrit.wikimedia.org/r/c/operations/puppet/+/1243816 [13:16:46] (this one does not need off-band verification) [13:20:00] installing gateway api crds: https://gitlab.wikimedia.org/repos/cloud/toolforge/toolforge-deploy/-/merge_requests/1142 [13:31:00] unfortunate name xd (we have now api-gateway, and gateway-api) [13:31:42] i was thinking about the same :P [13:49:35] related lima-kilo mr: https://gitlab.wikimedia.org/repos/cloud/toolforge/lima-kilo/-/merge_requests/309 [13:49:47] and cookbook to mirror the images: https://gerrit.wikimedia.org/r/c/cloud/wmcs-cookbooks/+/1243818 [13:52:43] for the images, can we use harbor instead? [13:57:12] right now? technically yes. if the plan is still to move harbor to k8s? no, since the gateway would likely be on the harbor request path, so having istio images there would have chicken-and-egg problems [14:03:10] hmm, will have to think about that yep, harbor might be served internally within k8s (not exposed through istio), specially as it might be relatively high throughput, but have not thought about it calmly yet, if not, then it will be in the path yep [14:05:22] I'm ok going with this for now until that's laid out [14:06:17] did you run the cookbook? [14:06:53] I have not yet, wanted a +1 on the names and such before copying the images as they're hard to delete later [14:07:41] LGTM [14:08:07] thanks, will test-cookbook and then merge [15:26:57] hmm, I assume we will want a set of dedicated workers (tools-k8s-gateway-N) to host the gateway pods similar to the current ingress nodes? [15:34:55] incredibly complicated and challenging review request: https://gitlab.wikimedia.org/repos/cloud/toolforge/toolforge-weld/-/merge_requests/89 [16:07:41] taavi: +1d :D [16:08:39] I have a few docs updates, should be easy to review if anyone has 5min at any point https://gitlab.wikimedia.org/groups/repos/cloud/-/merge_requests/?sort=updated_desc&state=opened&label_name%5B%5D=Needs%20review&approved_by_usernames%5B%5D=None&author_username=dcaro&first_page_size=20 [16:50:55] fyi. the metricsinfra alert is because there was a reboot on gitlab side, should go away soon [16:51:24] s/gitlab/gerrit [17:01:45] or maybe https://phabricator.wikimedia.org/T418391 [18:09:55] * dcaro off [18:09:56] cya tomorrow!