Eglide
$ salt-minion --versions Salt Version: Salt: 3007.1
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Aug 3 2024
Aug 3 2024
dereckson added a subtask for T1950: Deploy PHP 8.3: T1995: PHP 8.2 and PHP 8.3 seems both to be installed on Eglide.
dereckson edited projects for T1994: Upgrade Salt repository on Debian, added: Servers, Eglide; removed Nasqueron Operations Squad, discussion.
We can actually provide P352 as hotfix.
patch is available on Eglide as part of build-essential, so presumed OK for Debian
dereckson added a parent task for T1992: Install patch on redhat family as part of core: T1991: Context has again been lost on /var/log/www.
certbot against Python 3.11 should be checked on dwellers and docker-002
dereckson moved T1992: Install patch on redhat family as part of core from Backlog to Working on on the Servers board.
dereckson lowered the priority of T1991: Context has again been lost on /var/log/www from High to Normal.
I've applied P352 to replace egrep by grep -E on dwellers and docker-002.
I wanted to apply P354 to fix Salt SELinux issue with patch -p1 < ~/egrep.patch on docker-002.
Jul 31 2024
Jul 31 2024
dereckson moved T1991: Context has again been lost on /var/log/www from Backlog to Bug and issues on the Salt board.
Already reported upstream: https://github.com/saltstack/salt/issues/65608
Complector
$ cd /opt/salt/nasqueron-operations $ salt dwellers state.apply roles/webserver-core/nginx/config […] ---------- [3/295] ID: selinux_context_nginx_logs Function: selinux.fcontext_policy_present Name: /var/log/www Result: False Comment: An exception occurred in this state: Traceback (most recent call last): File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/state.py", line 2428, in call ret = self.states[cdata["full"]]( File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/loader/lazy.py", line 160, in __call__ ret = self.loader.run(run_func, *args, **kwargs) File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/loader/lazy.py", line 1269, in run return self._last_context.run(self._run_as, _func_or_method, *args, **kwargs) File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/loader/lazy.py", line 1284, in _run_as return _func_or_method(*args, **kwargs) File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/loader/lazy.py", line 1317, in wrapper return f(*args, **kwargs) File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/states/selinux.py", line 326, in fcontext_policy_present current_state = __salt__["selinux.fcontext_get_policy"]( File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/loader/lazy.py", line 160, in __call__ ret = self.loader.run(run_func, *args, **kwargs) File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/loader/lazy.py", line 1269, in run return self._last_context.run(self._run_as, _func_or_method, *args, **kwargs) File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/loader/lazy.py", line 1284, in _run_as return _func_or_method(*args, **kwargs) File "/opt/saltstack/salt/lib/python3.10/site-packages/salt/modules/selinux.py", line 507, in fcontext_get_policy "filespec": parts.group(1).strip(), AttributeError: 'NoneType' object has no attribute 'group' Started: 16:25:51.413301 Duration: 391.186 ms Changes: ---------- ID: selinux_context_nginx_logs_applied Function: selinux.fcontext_policy_applied Name: /var/log/www Result: True Comment: SElinux policies are already applied for filespec "/var/log/www" Started: 16:25:51.804764 Duration: 6.322 ms Changes: ---------- […]
DorianWinty added a comment to T1505: Automate Let's Encrypt TLS certificates management for every server.
31/07/2024 at 12h the devcentral.nasqueron.org certificate expired
Issue can be repro on Dwellers:
Jul 30 2024
Jul 30 2024
Jul 29 2024
Jul 29 2024
dereckson moved T1989: Merge Nasqueron infrastructure reference into ops grimoire from Backlog - On hold pending T1475 to Checks after T1475 on the Mail board.
dereckson triaged T1989: Merge Nasqueron infrastructure reference into ops grimoire as Normal priority.
Jul 27 2024
Jul 27 2024
dereckson added a revision to T1762: Deploy NetBox: D3385: Switch from fixes to flags in node pillar.
dereckson raised the priority of T1939: Implement blue/green deployment or immutable artefacts for router-001 from Low to Normal.
Increasing priority as FreeBSD 13.2 is now EOL for one month (2024-06-30).
dereckson moved T1757: docker-001 routing for drake doesn't work on boot from IntraNought to IntraNought / GRE tunnels on the Drake network board.
dereckson added a revision to T1762: Deploy NetBox: D3383: Drop network:ipv6_native from node pillar.
dereckson added a revision to T651: Deploy Grafana: D3379: Move Grafana plugins directory to default location.
Jul 26 2024
Jul 26 2024
Not deployed to Docker but bare-metal.
dereckson moved T651: Deploy Grafana from Backlog - Monitoring / misc to Working on on the Operations sprints (Ignite Alkane Propulsion) board.
T651 has a Grafana ready if we wish to retest this on Dwellers, green light.
Deployed at https://grafana.nasqueron.org/
dereckson added a revision to T1633: Collect metrics from RabbitMQ: D3376: Scrape RabbitMQ metrics into Prometheus.
Jul 25 2024
Jul 25 2024
dereckson added a comment to T1505: Automate Let's Encrypt TLS certificates management for every server.
rOPS1e9a54c10365 has worked like a charm on WindRiver to generate grafana.nasqueron.org through DNS.
dereckson triaged T1505: Automate Let's Encrypt TLS certificates management for every server as Normal priority.
DNS: grafana. CNAME www-dev.nasqueron.org
Deployment can be using sqlite3 as long as it's still performant
as we want our monitoring tools to be resiliant.
Probably a good part of roles/core/monitoring when grains["os_family"] == "RedHat". Eglide has "Debian" for that grain, but not sure if we've enough RAM there.
Just for reference, this was a test deployment. This is not currently installed on Dwellers, and needs to be in Salt as part of T650.
dereckson renamed T650: Deploy PCP on Docker engines from Give access to Dwellers key statistics to Deploy PCP on Docker engines.
This task has been created in 2016 to publish metrics from PCP (Performance Co-Pilot) on RHEL-like servers, especially our Docker engines.
RabbitMQ exporters have been added to NetBox under the tag observability -> https://netbox.nasqueron.org/ipam/services/?tag=observability 🔒
dereckson added a subtask for T1623: Deploy Prometheus to gain observability: T1987: Dovecot Metrics.
Next: memcached
Jul 24 2024
Jul 24 2024
DorianWinty added a revision to T1931: Dovecot Provisioning: D3375: Configure pg_HBA for dovecot user.
Jul 23 2024
Jul 23 2024
dereckson added a revision to T1633: Collect metrics from RabbitMQ: D3374: Expose RabbitMQ metrics on port 15692.
dereckson added a revision to T1633: Collect metrics from RabbitMQ: D3373: Enable rabbitmq_prometheus plugin.
dereckson added a revision to T1623: Deploy Prometheus to gain observability: D3373: Enable rabbitmq_prometheus plugin.
dereckson added a revision to T1982: Upgrade from Python 3.9 to Python 3.11+: D3366: Upgrade certbot to Python 3.11.
dereckson added a revision to T1623: Deploy Prometheus to gain observability: D3370: Deploy Prometheus on WindRiver.
Also, we need to declare Dovecot ports at https://netbox.nasqueron.org/virtualization/virtual-machines/10/ services table (on the public IP)
dereckson removed a parent task for T1981: Upgrade to FreeBSD 14.1: T1980: ZFS collector doesn't work everywhere.
dereckson removed a subtask for T1980: ZFS collector doesn't work everywhere: T1981: Upgrade to FreeBSD 14.1.
I suspect the version 1.6.1 (currently in packages) is compatible with FreeBSD 13 while the version 1.8.2 is compatible with FreeBSD 14.
dereckson moved T1623: Deploy Prometheus to gain observability from Backlog to Prometheus on the Monitoring and reporting board.
dereckson moved T1980: ZFS collector doesn't work everywhere from Backlog to Prometheus on the Monitoring and reporting board.
dereckson added a subtask for T1981: Upgrade to FreeBSD 14.1: T1972: Update WindRiver to FreeBSD 14.1.
dereckson added a parent task for T1972: Update WindRiver to FreeBSD 14.1: T1981: Upgrade to FreeBSD 14.1.
dereckson added a revision to T1623: Deploy Prometheus to gain observability: D3369: Deploy Prometheus Node Exporter.
Independently of the 2020 plan for a service mesh, we're going to deploy Prometheus right now to gain observability on currently deployed services.
It could be easier to deploy https://github.com/kpetremann/salt-exporter
Jul 18 2024
Jul 18 2024
DorianWinty added a revision to T1931: Dovecot Provisioning: D3365: Create PostgreSQL credentials for Dovecot.
Jul 15 2024
Jul 15 2024
DNS change
policy-spf package should be installed
Jul 12 2024
Jul 12 2024
Jul 10 2024
Jul 10 2024
Key confirmed to work.
Jul 9 2024
Jul 9 2024
dereckson closed T1936: NetBox outage on WindRiver restart as Resolved by committing rOPS23c4d4f80a1c: Deploy Redis.
Still some issue to connect, SSH2 RSA key not recognized.
Jul 8 2024
Jul 8 2024
It also needs PostgreSQL launched at startup, but that's already defined in the role dbserver-pgsql.
dereckson moved T1936: NetBox outage on WindRiver restart from Working on to Pending review on the Servers board.
dereckson moved T1936: NetBox outage on WindRiver restart from Backlog to Working on on the Servers board.
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator