Closed
Bug 1020320
Opened 10 years ago
Closed 10 years ago
Redirect addons.mozilla.org/blocklist* traffic to blocklist.addons.mozilla.org
Categories
(Infrastructure & Operations :: Change Requests, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: jason, Assigned: jason)
References
Details
* date, time, duration of maintenance Tentatively June 18th, 2014, 16:00 PDT, 2 hours * system(s) affected Systems associated with: addons.mozilla.org blocklist.addons.mozilla.org * end-user impact No expected impact. * maintenance plan and timeline https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=40046420 * rollback plan / rollback point https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=40046420 * notification mechanisms https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=40046420 * who will be point, who else will be involved Jason Thomas, Jeremy Orem, Anurag Phadke
|
||
Comment 1•10 years ago
|
||
I had some conversations on this with Anurag on the side, now that there's a bug, I can document here what I said in those conversations. :) Before we do the redirect, we should be sure that we can deal with the data coming from blocklist.amo where we need to. This mostly comes down to bug 970406. Once that is done and verified, I'd also like to do bug 1006615 on Nightly and make sure the data we get there matches what we expect - once that works, we should be ready for the 301. Of course the testing on bug 999784 also needs to be completed so we know the clients can deal with the redirect and blocklists from that work fine. Also, does bug 1019966 need to be completed before doing this redirect?
|
Assignee | |
Comment 2•10 years ago
|
||
Yes, bug 1019966 needs to be completed before we proceed. I should be done with testing by end of week.
|
|
Assignee | |
Comment 3•10 years ago
|
||
Updated time to reflect mana CW document. * date, time, duration of maintenance Tentatively June 18th, 2014, 14:00 PDT, 2 hours
|
|
Assignee | |
Updated•10 years ago
|
Flags: cab-review?
|
|
||
Comment 5•10 years ago
|
||
(In reply to Jason Thomas [:jason] from comment #3) > * date, time, duration of maintenance > Tentatively June 18th, 2014, 14:00 PDT, 2 hours Given that bug 970406 is not tested and deployed yet, bug 1006615 has not been re-tried and verified and the testing in bug 999784 isn't completed, I do not think we can do this on Wednesday, the 18th. Can we shoot for next week instead?
|
|
Assignee | |
Comment 6•10 years ago
|
||
Let's try to shoot for June 30th, 2014 @ 14:00 PDT.
|
|
||
Comment 7•10 years ago
|
||
(In reply to Jason Thomas [:jason] from comment #6) > Let's try to shoot for June 30th, 2014 @ 14:00 PDT. Sounds good to me (though unfortunately I won't be around myself that late in the day, I'll catch up with it next morning).
|
|
||
Comment 8•10 years ago
|
||
Sorry to say this but the Socorro team did have to prioritize on outstanding Q2 work and as this was not in any previous plans, this work did not get completed yet. Most pieces are done, but it still needs to be deployed and tested. Unfortunately, this means we need to push out the redirect even further.
|
|
Assignee | |
Comment 9•10 years ago
|
||
What is the level effort / time required for completion? Does it make sense to do this next week or two weeks from now?
|
|
||
Comment 10•10 years ago
|
||
(In reply to Jason Thomas [:jason] from comment #9) > What is the level effort / time required for completion? Does it make sense > to do this next week or two weeks from now? I'll ask the Socorro people for an ETA, but let's plan for two weeks from now for the moment.
|
|
Assignee | |
Comment 11•10 years ago
|
||
Tentatively July 14th, 2014, 16:00 PDT, 2 hours
|
|
||
Comment 12•10 years ago
|
||
CCing Rob, who is doing (the finishing touches on) the work on the Socorro side for pulling BAMO data.
|
|
Assignee | |
Comment 13•10 years ago
|
||
I am going to assume that we are not going to be able to complete this today since we still have a few outstanding dependencies. Let's decide on a date and time once we have a better idea of the ETA for bug 1011648 and bug 1036559.
|
|
||
Comment 14•10 years ago
|
||
Jason, sorry, yes, wanted to get back to you on that. We are really in a state now where we are talking days as it's all about the finishing touches and testing now, but we'll need to complete that.
|
|
Assignee | |
Comment 15•10 years ago
|
||
Any update on the dependencies?
|
||
Comment 16•10 years ago
|
||
(In reply to Jason Thomas [:jason] from comment #15) > Any update on the dependencies? We temporarily disabled fetching the new ADI data (due to problems with it hanging, there is now a timeout in place). It's ready to re-enable, I'm going to do it now. After that we need to switch Socorro over to using this new data source, I'll get on that.
|
||
Comment 17•10 years ago
|
||
Ping, any update? We are waiting the solution for this bug 1038191.
|
|
Assignee | |
Comment 18•10 years ago
|
||
Any updates here?
|
|
||
Comment 19•10 years ago
|
||
(In reply to Jason Thomas [:jason] from comment #18) > Any updates here? We've had some problems moving onto the new ADI source in Socorro, I am working on this in bug 1011648 (which was blocked waiting for a release until yesterday)
|
|
Assignee | |
Comment 20•10 years ago
|
||
We are waiting to make sure the BLP from nightly are coming through correctly to blocklist.addons.mozilla.org. :KaiRo let me know when that looks OK. If all is well, we can perform this early next week. * date, time, duration of maintenance Tentatively Aug 26th, 2014, 14:00 PDT, 2 hours
|
|
||
Comment 21•10 years ago
|
||
(In reply to Jason Thomas [:jason] from comment #20) > We are waiting to make sure the BLP from nightly are coming through > correctly to blocklist.addons.mozilla.org. :KaiRo let me know when that > looks OK. And.... wait for it... wait for it... yes, everything seems to work right with the bug 1006615 switch of nightly to BAMO! You have green lights for tomorrow afternoon! \o/
|
|
Assignee | |
Updated•10 years ago
|
Assignee: server-ops → jthomas
|
|
Assignee | |
Comment 22•10 years ago
|
||
Done. curl -vL https://addons.mozilla.org/blocklist/3/x/x/ -so /dev/null -D- * Adding handle: conn: 0x228f980 * Adding handle: send: 0 * Adding handle: recv: 0 * Curl_addHandleToPipeline: length: 1 * - Conn 0 (0x228f980) send_pipe: 1, recv_pipe: 0 * About to connect() to addons.mozilla.org port 443 (#0) * Trying 63.245.216.132... * Connected to addons.mozilla.org (63.245.216.132) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSL connection using TLS_RSA_WITH_RC4_128_SHA * Server certificate: * subject: CN=addons.mozilla.org,O=Mozilla Foundation,L=Mountain View,ST=CA,C=US,postalCode=94041,STREET=650 Castro St Ste 300,serialNumber=C2543436,incorporationState=California,incorporationCountry=US,businessCategory=Private Organization * start date: Aug 19 00:00:00 2013 GMT * expire date: Aug 24 12:00:00 2015 GMT * common name: addons.mozilla.org * issuer: CN=DigiCert High Assurance EV CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US > GET /blocklist/3/x/x/ HTTP/1.1 > User-Agent: curl/7.32.0 > Host: addons.mozilla.org > Accept: */* > < HTTP/1.1 301 Moved Permanently HTTP/1.1 301 Moved Permanently * Server nginx is not blacklisted < Server: nginx Server: nginx < Date: Tue, 26 Aug 2014 22:33:29 GMT Date: Tue, 26 Aug 2014 22:33:29 GMT < Content-Type: text/html Content-Type: text/html < Content-Length: 178 Content-Length: 178 < Connection: close Connection: close < Location: https://blocklist.addons.mozilla.org/blocklist/3/x/x/ Location: https://blocklist.addons.mozilla.org/blocklist/3/x/x/ < X-Backend-Server: web12 X-Backend-Server: web12 < * Closing connection 0 * Issue another request to this URL: 'https://blocklist.addons.mozilla.org/blocklist/3/x/x/' * Adding handle: conn: 0x228f980 * Adding handle: send: 0 * Adding handle: recv: 0 * Curl_addHandleToPipeline: length: 1 * - Conn 1 (0x228f980) send_pipe: 1, recv_pipe: 0 * About to connect() to blocklist.addons.mozilla.org port 443 (#1) * Trying 63.245.217.113... * Connected to blocklist.addons.mozilla.org (63.245.217.113) port 443 (#1) * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSL connection using TLS_DHE_RSA_WITH_AES_128_CBC_SHA * Server certificate: * subject: CN=blocklist.addons.mozilla.org,O=Mozilla Foundation,L=Mountain View,ST=CA,C=US * start date: Apr 22 00:00:00 2014 GMT * expire date: Apr 26 12:00:00 2016 GMT * common name: blocklist.addons.mozilla.org * issuer: CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US > GET /blocklist/3/x/x/ HTTP/1.1 > User-Agent: curl/7.32.0 > Host: blocklist.addons.mozilla.org > Accept: */* > < HTTP/1.1 200 OK HTTP/1.1 200 OK * Server nginx is not blacklisted < Server: nginx Server: nginx < X-Backend-Server: web4 X-Backend-Server: web4 < Cache-Control: max-age=3600 Cache-Control: max-age=3600 < Content-Type: text/xml; charset=utf-8 Content-Type: text/xml; charset=utf-8 < Strict-Transport-Security: max-age=31536000 Strict-Transport-Security: max-age=31536000 < Date: Tue, 26 Aug 2014 22:32:28 GMT Date: Tue, 26 Aug 2014 22:32:28 GMT < Transfer-Encoding: chunked Transfer-Encoding: chunked < X-Frame-Options: DENY X-Frame-Options: DENY < Connection: Keep-Alive Connection: Keep-Alive < X-Cache-Info: cached X-Cache-Info: cached < { [data not shown] * Connection #1 to host blocklist.addons.mozilla.org left intact
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
|
||
Updated•10 years ago
|
Product: mozilla.org → Infrastructure & Operations
|
||
Updated•9 years ago
|
Change Request: --- → approved
Flags: cab-review+
You need to log in
before you can comment on or make changes to this bug.
Description
•