Jump to content

User:Taavi/Deployment-prep notes

From Wikitech

New instances

All

taavi@deployment-newinstance01:~$ # Remove cloud-wide puppetmaster SSL to use local puppetmaster
taavi@deployment-newinstance01:~$ sudo rm -rf /var/lib/puppet/ssl
taavi@deployment-newinstance01:~$ sudo run-puppet-agent
taavi@deployment-puppetmaster04:~$ sudo puppet cert sign deployment-newinstance01.deployment-prep.eqiad1.wikimedia.cloud
taavi@deployment-newinstance01:~$ sudo run-puppet-agent
taavi@deployment-newinstance01:~$ # After Puppet run has completed, fix CA: (see https://phabricator.wikimedia.org/T278677)
taavi@deployment-newinstance01:~$ sudo ln -s /usr/local/share/ca-certificates/Puppet_Internal_CA.crt /etc/ssl/certs/$(openssl x509 -noout -hash -in /usr/local/share/ca-certificates/Puppet_Internal_CA.crt).0 && sudo update-ca-certificates

mediawiki and friends

  • first puppet run will take ages as it will run a scap pull

logging

  • mwlog
    • seems to be fairly stable and easy to set up
  • logstash
    • horrible, breaks easily

etcd

  • not really used (yet)

app servers

apache logs

taavi@deployment-mediawiki12:~$ sudo tail -f /var/log/apache2/other_vhosts_access.log
Retrieved from "https://wikitech.wikimedia.org/w/index.php?title=User:Taavi/Deployment-prep_notes&oldid=2231702"