Closed
Bug 764925
Opened 13 years ago
Closed 13 years ago
git mirror in PHX1 is hosted on outbound NAT ip for PHX1
Categories
(Infrastructure & Operations Graveyard :: NetOps, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: Atoll, Assigned: cransom)
References
Details
The outbound NAT ip for PHX1 is 63.245.216.244, which is also serving "gitmirror.pub.phx1.mozilla.com" on port 80. This overlap seems unintentional; perhaps "gitmirror" should be served from a different IP?
10:46 < atoll> 63.245.216.244
10:46 < atoll> 244.216.245.63.in-addr.arpa domain name pointer gitmirror.pub.phx1.mozilla.com.
10:49 < casey> that's odd.
10:51 * casey digs
|
Assignee | |
Comment 1•13 years ago
|
||
somewhere along the line, svc-ops got a source nat IP for .244 and gitmirror got a destination nat for the same. I don't know which clobbered when, but gitmirror should get moved to a new IP. I'll allocate a new IP and destnat.
|
|
Assignee | |
Comment 3•13 years ago
|
||
I duplicated a PTR record at 63.245.216.249 for gitmirror, added the dest nat on the firewall, verified flows will not need to be updated (built to an internal address, not changing). Verified 9418 is listening on the new IP.
I'd move the A record as well but not sure who the owners are or who to coordinate with, so I'll leave that to serverops if that's ok. After cut, I'll pull the dnat for 244.
|
||
Comment 4•13 years ago
|
||
I think oremj set this up, and various webops projects are using it for their updates. cc'ing them
|
||
Comment 5•13 years ago
|
||
The vast majority (all, maybe?) of our git-based apps are currently hosted on github rather than our own git, so I don't think there will be much that would be affected by this. Even if there was, we should have used a DNS name rather than an IP, so as long as DNS resolves to a working IP we should be okay.
TL;DR: I expect no WebOps breakage from this. :)
Note that I don't speak for AMO Ops (oremj/jthomas)... not sure if or how they'd be affected.
|
||
Comment 6•13 years ago
|
||
> Note that I don't speak for AMO Ops (oremj/jthomas)... not sure if or how
> they'd be affected.
We are also using github, so this should not affect us.
|
||
Comment 7•13 years ago
|
||
Jenkins stuff might be using the internal IP of gitmirror (since the machines are in the DMZ). If that's not affected (gitmirror1.dmz.phx1.mozilla.com IIRC) then jenkins/ci.mozilla.org should be fine.
|
||
Comment 8•13 years ago
|
||
We are fine with this.
Assignee: server-ops → network-operations
Component: Server Operations → Server Operations: Netops
QA Contact: phong → ravi
|
|
Assignee | |
Comment 9•13 years ago
|
||
So you just want me to switch this at any time?
|
|
Assignee | |
Comment 10•13 years ago
|
||
Ok, DNS has been flipped to .249. I'll pull the old configuration bits out tomorrow.
Status: NEW → ASSIGNED
|
|
Assignee | |
Updated•13 years ago
|
Assignee: network-operations → cransom
|
|
Assignee | |
Comment 11•13 years ago
|
||
this was done last week.
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
||
Updated•12 years ago
|
Product: mozilla.org → Infrastructure & Operations
|
||
Updated•3 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•