ferm policy on deployment-bastion prevents scap rsync from mw hosts
Closed, ResolvedPublic
Actions

Assigned To

None

Authored By

	hashar
	Sep 15 2014, 6:57 PM

Description

The deployment-bastion.eqiad.wmflabs has ferm enabled. A changed occurred at 17:20 UTC which is added a network to a global ferm rule, that made puppet reload the service and discard whatever rule we might have add.

End result: the mediawiki instances can not ssh to deployment-bastion anymore. We might had a ferm::rule for it which disappeared somehow, or maybe that was hacked up manually and it is now gone.

That breaks beta-scap-eqiad job:

https://integration.wikimedia.org/ci/job/beta-scap-eqiad/21680/console

rsync: failed to connect to deployment-bastion.eqiad.wmflabs (10.68.16.58): Connection timed out (110)

Version: unspecified
Severity: normal
See Also:
https://bugzilla.wikimedia.org/show_bug.cgi?id=70863

Details

Reference: bz70858

Related Objects

Mentioned In: T72863: [trebuchet] salt commands exceed timeout

Event Timeline

• bzimport raised the priority of this task from to Unbreak Now!.Nov 22 2014, 3:44 AM

• bzimport added a project: Beta-Cluster-Infrastructure.

• bzimport set Reference to bz70858.

• bzimport added a subscriber: Unknown Object (MLST).

hashar created this task.Sep 15 2014, 6:57 PM

That was solved since scap works now :)

hashar mentioned this in T72863: [trebuchet] salt commands exceed timeout.Nov 25 2014, 10:50 PM

greg moved this task from To Triage to Done on the Beta-Cluster-Infrastructure board.Jan 8 2015, 5:34 PM

Luke081515 removed a subscriber: • wikibugs-l-list.Jan 28 2016, 5:56 PM

ferm policy on deployment-bastion prevents scap rsync from mw hostsClosed, ResolvedPublicActions

Description

Details

Related Objects

Event Timeline

ferm policy on deployment-bastion prevents scap rsync from mw hosts
Closed, ResolvedPublic
Actions