Opened 12 months ago

Closed 5 months ago

#32179 closed defect (fixed)

retire orestis

Reported by: weasel Owned by: weasel
Priority: Medium Milestone:
Component: Internal Services/Tor Sysadmin Team Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: #31659 Points:
Reviewer: Sponsor:

Description (last modified by weasel)

this is an (old-style) onionoo frontend going only to the old backends. cf. #31659.

onionoo-frontend-0[12] are perfectly able to handle the current load. We can retire this instance.

Child Tickets

Change History (9)

comment:1 Changed 12 months ago by weasel

Owner: changed from tpa to weasel
Status: newaccepted
Summary: retire orestismove orestis to new-style onionoo

Actually, let's eventually rebuild this as a new style backend since it lives at sunet.

comment:2 Changed 12 months ago by irl

Ok cool, ping me when it's ready for that.

comment:3 Changed 12 months ago by weasel

I think I meant frontend there. I.e., the thing running haproxy/varnish and doing ipsec to the hosts that run the java code.

comment:4 Changed 12 months ago by weasel

Summary: move orestis to new-style onionoomove orestis to be a new-style onionoo frontend

comment:5 Changed 7 months ago by anarcat

this is blocked on #32268

comment:6 Changed 5 months ago by weasel

Description: modified (diff)
Summary: move orestis to be a new-style onionoo frontendretire orestis

onionoo-frontend-0[12] are perfectly able to handle the current load. We can retire this instance.

comment:7 Changed 5 months ago by anarcat

already shutdown, removed from nagios and puppet

comment:8 Changed 5 months ago by anarcat

removed from source code, spreadsheet, what's left:

  1. remove from tor-passwords
  2. remove from LDAP
  3. retire actual data (./retire in tsa-misc and retire at sunet)

comment:9 Changed 5 months ago by anarcat

Resolution: fixed
Status: acceptedclosed

scheduled backups removal, revoked puppet:

$ ./retire -v -H retire-all
starting tasks at 2020-05-25 17:37:03.873529
not wiping instance data: no parent host
scheduling backup disks removal on host
checking for path "/srv/backups/bacula/" on
scheduling rm -rf "/srv/backups/bacula/" to run on in 30 days
warning: commands will be executed using /bin/sh
job 32 at Wed Jun 24 21:37:00 2020
Notice: Revoked certificate with serial 50
Notice: Removing file Puppet::SSL::Certificate at '/var/lib/puppet/ssl/ca/signed/'
Submitted 'deactivate node' for with UUID 2484e196-707a-42f6-91a2-ef0c46654d16
completed tasks, elasped: 0:00:10.723336 (user 2.13 system 0.09 chlduser 0.03 chldsystem 0.03 RSS 42.4 MB)

removed from LDAP:

367 host=orestis,ou=hosts,dc=torproject,dc=org
host: orestis
objectClass: top
objectClass: debianServer
distribution: Debian
access: restricted
architecture: amd64
description: onionoo
allowedGroups: onionoo
allowedGroups: onionoo-unpriv
l: Sweden
ipHostNumber: 2001:6b0:5a:5000::4
sshRSAHostKey: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGrDQvHxq6hpRz47n2MOUm0ylhPfCO0BtEtb5FjdaWXL root@orestis
sshRSAHostKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAmeNHl4EMYDLtK/O8MxdllXX8Vf7Ryjo+7WwPmssCe1bWpUn5BbT7pJALTirF2Su7QB3iEQeVI/RBp7rsG5LKi7itJ4CaEuD8i/wKnl/paUeHIAGgg/zsvpwBAg96GloFpUeMUSVMaWfDYIwfDXB2Z0zkPU1ctQVMLXnLftHTGKn0ZUpjxXCBpC1E5gee2AHqnfR3vFRhe+xpMS/9PsOeOjaACl0aNmNQJaWqRVreM3HewxLP2LgdQlqzsSr5ukj9prhf3+265+yQf9fNStHRIXzk4RsEBGYx3gAmme9qJJ+/nh0JSqhSXHRt1Squx0u+pmUV/XsyRUm0dvdahLP3 root@orestis
rebootPolicy: rotation

removed from tor-passwords.

deleted instance from sunet as well, which reminds me we have some spare capacity there now.

all done.

Note: See TracTickets for help on using tickets.