[11:45:50] <wikibugs>	 10netops, 06Infrastructure-Foundations, 06SRE: Extend sre.network.configure-switch-interfaces cookbook to add sflow and qos config - https://phabricator.wikimedia.org/T379549 (10cmooney) 03NEW p:05Triage→03Low
[11:48:07] <wikibugs>	 10netops, 06Infrastructure-Foundations, 06SRE: Extend sre.network.configure-switch-interfaces cookbook to add sflow and qos config - https://phabricator.wikimedia.org/T379549#10309316 (10cmooney) a:03cmooney
[12:14:02] <wikibugs>	 10netops, 06DC-Ops, 10fundraising-tech-ops, 06Infrastructure-Foundations, and 3 others: Frack eqiad network upgrade: design, installation and configuration - https://phabricator.wikimedia.org/T377381#10309416 (10Jclark-ctr) @cmooney  thanks for the list I have populated both new switches up to port 27  wit...
[13:08:25] <wikibugs>	 06Traffic, 10conftool, 07Epic: Deleting ipblocks when there are uncommitted changes causes failures - https://phabricator.wikimedia.org/T378435#10309504 (10Joe) 05Open→03Resolved
[13:08:41] <wikibugs>	 06Traffic, 10conftool, 07Epic: Deprecate sync, add apply command to requestctl - https://phabricator.wikimedia.org/T376877#10309506 (10Joe) 05In progress→03Resolved
[13:26:29] <wikibugs>	 06Traffic, 10conftool, 07Epic: [EPIC] FY 24/25 WE 4.3.7 Roll out a user-friendly web application that enables assisted editing and creation of requestctl rules - https://phabricator.wikimedia.org/T377699#10309540 (10Volans) For 3. an //EASY// way to link the superset dashboard from a given requestctl rule is...
[13:27:48] <wikibugs>	 06Traffic, 10conftool, 07Epic: Coexistence of the requestctl CLI tool and of the web interface - https://phabricator.wikimedia.org/T374723#10309546 (10Joe) 05In progress→03Resolved
[13:29:46] <wikibugs>	 06Traffic, 10conftool, 07Epic: [EPIC] FY 24/25 WE 4.3.7 Roll out a user-friendly web application that enables assisted editing and creation of requestctl rules - https://phabricator.wikimedia.org/T377699#10309551 (10Joe)
[13:36:39] <wikibugs>	 06Traffic, 10conftool, 10Sustainability (Incident Followup): Make it easier to create a new requestctl object - https://phabricator.wikimedia.org/T310009#10309582 (10Volans) With the new requestctl web UI I think it would be very useful if the current requestctl generator ( `https://superset.wikimedia.org/re...
[14:44:40] <jinxer-wm>	 FIRING: [3x] VarnishHighThreadCount: Varnish's thread count on cp5018:0 is high - https://wikitech.wikimedia.org/wiki/Varnish  - https://alerts.wikimedia.org/?q=alertname%3DVarnishHighThreadCount
[14:49:40] <jinxer-wm>	 FIRING: [7x] VarnishHighThreadCount: Varnish's thread count on cp5018:0 is high - https://wikitech.wikimedia.org/wiki/Varnish  - https://alerts.wikimedia.org/?q=alertname%3DVarnishHighThreadCount
[14:54:40] <jinxer-wm>	 FIRING: [7x] VarnishHighThreadCount: Varnish's thread count on cp5018:0 is high - https://wikitech.wikimedia.org/wiki/Varnish  - https://alerts.wikimedia.org/?q=alertname%3DVarnishHighThreadCount
[14:59:40] <jinxer-wm>	 FIRING: [10x] VarnishHighThreadCount: Varnish's thread count on cp5018:0 is high - https://wikitech.wikimedia.org/wiki/Varnish  - https://alerts.wikimedia.org/?q=alertname%3DVarnishHighThreadCount
[15:09:32] <elukey>	 hello folks!
[15:09:40] <jinxer-wm>	 FIRING: [9x] VarnishHighThreadCount: Varnish's thread count on cp5018:0 is high - https://wikitech.wikimedia.org/wiki/Varnish  - https://alerts.wikimedia.org/?q=alertname%3DVarnishHighThreadCount
[15:09:45] <elukey>	 is it a good time later on to merge and deploy https://gerrit.wikimedia.org/r/c/operations/puppet/+/1087422 ?
[15:09:53] <elukey>	 so pybal restart etc..
[15:11:03] <sukhe>	 elukey: go for it :)
[15:11:13] <sukhe>	 not that you need it but let us know if we can help 
[15:11:22] <elukey>	 okok I'll start in a bit, and I'll log what I am going to do for validation :)
[15:11:35] <elukey>	 sukhe: if you have a min would you review the last PS of the patch?
[15:11:41] <sukhe>	 sure
[15:11:42] <sukhe>	 looking
[15:11:44] <elukey>	 <3
[15:19:40] <jinxer-wm>	 RESOLVED: [4x] VarnishHighThreadCount: Varnish's thread count on cp5018:0 is high - https://wikitech.wikimedia.org/wiki/Varnish  - https://alerts.wikimedia.org/?q=alertname%3DVarnishHighThreadCount
[15:34:52] <wikibugs>	 06Traffic, 10conftool, 07Epic: Link to superset dashboard in requestctl web UI - https://phabricator.wikimedia.org/T379567 (10Joe) 03NEW
[15:43:59] <sukhe>	 elukey: +1ed but I think you saw it
[15:45:27] <elukey>	 sukhe: yes yes thanks! I was reviewing something on the maps node atm, after reading https://wikitech.wikimedia.org/wiki/LVS#Add_a_new_load_balanced_service I am wondering if I should use "service_setup" as state before lvs_setup
[15:45:56] <elukey>	 profile::lvs::realserver::pools on the maps nodes seems to list only 'karthotherian'
[15:46:06] <elukey>	 and not 'kartotherian-ssl' for example
[15:46:20] <sukhe>	 yes, ideally :)
[15:46:30] <elukey>	 I guess it works since the IP is the same
[15:46:34] <elukey>	 sigh
[15:46:38] <elukey>	 okok lemme amend the patch
[15:47:25] <elukey>	 all right patch updated
[15:48:39] <sukhe>	 elukey: since you brought it up, I do think there is value in following these steps exactly and separating out the patches fwiw
[15:48:49] <sukhe>	 that's the path of least resistance
[15:49:10] <sukhe>	 meaning for example it's fine to put the conftool service data in this patch
[15:49:33] <sukhe>	 but in general I have observed in many of these that having distinct patches and following the order exactly alleviates a lot of the pain
[15:49:48] <elukey>	 I can break them down no problem
[15:50:02] <sukhe>	 no, it's fine but I was just remarking since you mentioned the service_setup thing
[15:50:14] <sukhe>	 since you already have existing things defined, no issues from me
[15:50:32] <sukhe>	 have you pooled it and set the weights?
[15:50:48] <sukhe>	 (you can do it later but there is value doing it now to actually check the results, if you want)
[15:51:07] <elukey>	 not yet, I was waiting for https://gerrit.wikimedia.org/r/c/operations/puppet/+/1087423 to be merged for the conftool data
[15:51:25] <elukey>	 sorry https://gerrit.wikimedia.org/r/c/operations/puppet/+/1087422
[15:51:58] <sukhe>	 ah yeah, so this is actually the first step in that sense. no worries at all, let's carry it forward
[15:52:05] <elukey>	 super, merging!
[15:59:13] <elukey>	 sukhe: pooled the hosts, then I'd say https://gerrit.wikimedia.org/r/c/operations/puppet/+/1089817 right ?
[15:59:45] <elukey>	 and follow https://wikitech.wikimedia.org/wiki/LVS#Configure_the_load_balancers
[15:59:47] <sukhe>	 yep. and then the restarts (disable pybal before proceeding with a single host to catch any errors)
[16:00:00] <elukey>	 yep yep the usual scary part
[16:00:28] <sukhe>	 don't worry, you can blame me (we usually do fabfur but he is AFK)
[16:00:43] <elukey>	 we usually blame Riccardo :D
[16:04:22] <elukey>	 running puppet on eqiad lvses
[16:05:43] <elukey>	 and now proceeding with secondary lvses
[16:06:21] <sukhe>	 elukey: wait please, checking an alert
[16:08:01] <sukhe>	 elukey: you restart pybal on 1020 and 1019?
[16:08:11] <elukey>	 if it is 1019 I haven't restarted pybal on it 
[16:09:00] <elukey>	 sukhe: I've done 1020 and checked, now I am doing 1019 if you are ok
[16:09:09] <sukhe>	 elukey: ok so you just did 1020. can you log that please, timestamps come in handy
[16:09:12] <sukhe>	 elukey: checking 1019
[16:09:16] <sukhe>	 then we can do 1020
[16:09:21] <sukhe>	 sorry, checking 1020, then 1019
[16:09:32] <volans>	 lol
[16:09:59] <elukey>	 don 1019
[16:10:37] <elukey>	 and the new endpoint works in eqiad
[16:10:45] <sukhe>	 looks good
[16:10:47] <sukhe>	 +1 for 1019
[16:10:57] <elukey>	 already done
[16:11:04] <sukhe>	 ok
[16:11:23] <elukey>	 I tested curl "https://kartotherian.svc.eqiad.wmnet:6543/#4/40.75/-73.96" -i 
[16:11:53] <sukhe>	 yes, curl localhost:9090/pools/kartotherian-k8s-ssl_6543 looks good as well
[16:12:08] <elukey>	 In https://wikitech.wikimedia.org/wiki/LVS#Configure_the_load_balancers there is a step to run puppet on all lvses for a dc, then restart pybal on secondary and then primary
[16:12:10] <sukhe>	 give me a second to go through the 1019 alerts
[16:12:14] <sukhe>	 and then we can proceed
[16:12:25] <sukhe>	 ok forced a recheck, worked
[16:12:29] <elukey>	 do we prefer to amend and do runpuppet on secondary only, then primaries?
[16:12:34] <elukey>	 super
[16:13:03] <sukhe>	 elukey: where is that text sorry?
[16:13:15] <elukey>	 https://wikitech.wikimedia.org/wiki/LVS#Configure_the_load_balancers point 2
[16:13:36] <sukhe>	 > Enable and run Puppet on the first data center you wish to effect the change on (such as eqiad here):
[16:13:57] <sukhe>	 11:12:30 < elukey> do we prefer to amend and do runpuppet on secondary only, then primaries?
[16:14:08] <sukhe>	 no, since Puppet does not restart Pybal, it's fine in that sense
[16:14:22] <sukhe>	 +1 for moving on with codfw
[16:15:42] <elukey>	 okok 
[16:16:11] <elukey>	 running puppet
[16:17:43] <elukey>	 2014 (secondary) restarted
[16:18:35] <sukhe>	 looks good!
[16:18:40] <elukey>	 ipvsadm looks good, proceeding with the primary
[16:19:25] <elukey>	 all works!
[16:19:27] <elukey>	 thanks sukhe <3
[16:20:32] <sukhe>	 you did the hard worK :)
[16:20:54] <elukey>	 tomorrow I'll ping again to merge https://gerrit.wikimedia.org/r/c/operations/puppet/+/1087423
[16:21:06] <elukey>	 and then we should be hopefully done, ready for k8s :)
[16:21:32] <sukhe>	 cool. and I am guessing lvs_setup -> production after that
[16:21:38] * elukey nods
[17:13:29] <wikibugs>	 06Traffic, 10conftool, 07Epic, 13Patch-For-Review: Link to superset dashboard in requestctl web UI - https://phabricator.wikimedia.org/T379567#10310231 (10Joe) 05Open→03In progress p:05Triage→03High
[17:15:44] <wikibugs>	 06Traffic, 06Infrastructure-Foundations, 06SRE: NEL: don't alert on domains we don't control - https://phabricator.wikimedia.org/T349807#10310243 (10jcrespo) This happened again for another proxy/domain: https://logstash.wikimedia.org/goto/fdbf6830d7a58fccbb40681028ac5bdd
[17:24:18] <wikibugs>	 10netops, 06Infrastructure-Foundations, 06SRE: Add per-output queue monitoring for Juniper network devices - https://phabricator.wikimedia.org/T326322#10310260 (10Reedy)
[17:31:31] <wikibugs>	 06Traffic, 10conftool, 10Sustainability (Incident Followup): Make it easier to create a new requestctl object - https://phabricator.wikimedia.org/T310009#10310274 (10Joe) The way we could do this is something as follows: * Add the CORS headers to superset to allow making authenticated requests from requestct...
[17:32:17] <wikibugs>	 06Traffic, 10conftool, 10Sustainability (Incident Followup): Make it easier to create a new requestctl object - https://phabricator.wikimedia.org/T310009#10310284 (10Joe) As an alternative, which I might actually prefer, all the process would remain server-side if we can grant access to the superset api via...
[17:55:26] <wikibugs>	 06Traffic, 10conftool, 07Epic, 13Patch-For-Review: Link to superset dashboard in requestctl web UI - https://phabricator.wikimedia.org/T379567#10310320 (10ops-monitoring-bot) Deployed hiddenparma to alert[1002,2002].wikimedia.org with reason: Add superset links - oblivian@cumin1002 - T379567
[18:05:22] <wikibugs>	 06Traffic, 10conftool, 07Epic, 13Patch-For-Review: Link to superset dashboard in requestctl web UI - https://phabricator.wikimedia.org/T379567#10310334 (10Joe) 05In progress→03Resolved
[19:04:35] <wikibugs>	 10netops, 06Infrastructure-Foundations, 06SRE: Manange fundraising network elements from Netbox - https://phabricator.wikimedia.org/T377996#10310435 (10cmooney)
[19:04:48] <wikibugs>	 10netops, 06Infrastructure-Foundations, 06SRE: Manange fundraising network elements from Netbox - https://phabricator.wikimedia.org/T377996#10310436 (10cmooney) a:03cmooney