Closed
Bug 1160248
Opened 9 years ago
Closed 8 years ago
Decomission ldapsync1.db.scl3.mozilla.com
Categories
(Infrastructure & Operations :: Infrastructure: LDAP, task)
Infrastructure & Operations
Infrastructure: LDAP
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: jabba, Assigned: gcox)
Details
(Keywords: spring-cleaning, Whiteboard: [vm-delete:1])
Since we now have a master in scl3, we no longer need the ldapsync host. We need to find all the slaves that are currently replicating from it and switch those to replicate from master.db.scl3.mozilla.com instead. This might involve ACL changes. We also need to patch the hg pash.py config to send it's timestamp updates directly to the new master, instead of to the ldapsync host. Once all that is done, the ldapsync1 host can be simply shut down and destroyed.
Reporter | ||
Updated•9 years ago
|
Assignee: infra → jdow
Reporter | ||
Comment 2•9 years ago
|
||
This is ready to die. There has not been a single connection to the slapd daemon since Thursday of last week. This can be killed at any time (remove from nagios, kill, remove all references in puppet)
Assignee | ||
Comment 3•9 years ago
|
||
10.22.70.20 = ldapsync1.db.scl3 Pulled from nagios, change 111536. No NFS, no netvault, powered off and pausing.
Assignee: jdow → gcox
Keywords: spring-cleaning
Assignee | ||
Comment 4•8 years ago
|
||
DNS, Inventory, RHN, puppetdashboard emptied. No backups, no zeus. Netflow cleanup: [edit groups global-policies security policies from-zone <*> to-zone db policy ldapsync-ldaps match] - source-address any; - destination-address [ ldap.db.scl3 ldap.db.phx1 ldapsync1.db.scl3 ]; - application [ ldaps ldap ]; + source-address any; + destination-address [ ldap.db.scl3 ldap.db.phx1 ]; + application [ ldaps ldap ]; [edit security policies from-zone dmz to-zone db policy ldapsync1--ldap match] - source-address [ hgssh1.dmz.scl3 hgssh2.dmz.scl3 reviewboard-hg1.dmz.scl3 ]; - destination-address [ ldapmaster1.db.scl3 ldapsync1.db.scl3 ]; - application [ junos-ldap ldaps ]; + source-address [ hgssh1.dmz.scl3 hgssh2.dmz.scl3 reviewboard-hg1.dmz.scl3 ]; + destination-address ldapmaster1.db.scl3; + application [ junos-ldap ldaps ]; [edit security policies from-zone db to-zone db] - policy neo-ldap-sync { - match { - source-address ldapsync1.db.scl3; - destination-address ldapmaster1.db.phx1; - application [ ldap-long-timeout ldaps-tcp ]; - } - then { - permit; - } - } - policy neo-ldapmaster--ssh { - match { - source-address ldapsync1.db.scl3; - destination-address ldapmaster1.db.phx1; - application junos-ssh; - } - then { - permit; - } - } [edit security zones security-zone db address-book] - address ldapsync1.db.scl3 10.22.70.20/32; Puppet: Sending hiera/site.yaml Sending manifests/nodes/openldap.pp Sending modules/hg_new/files/pash/pash.py Sending modules/openldap/templates/moco-slapd.conf.erb Deleting modules/secrets/files/openldap/certs/ldapsync1.db.scl3.mozilla.com.crt Committed revision 112225. VM deleted from disk. Spreadsheet updated.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Whiteboard: [vm-delete:1]
You need to log in
before you can comment on or make changes to this bug.
Description
•