#32281 closed defect (fixed)

set up new IRC box to replace iranicum

Reported by: weasel Owned by: anarcat
Priority: Medium Milestone:
Component: Internal Services/Tor Sysadmin Team Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: #31686 Points:
Reviewer: Sponsor:

Description

we want to move the IRC (client) service VM away from textile.

While at it, we want to adapt the disk sizes somewhat as we don't do overcommit/lazy-alloc on gnt-fsn.

Child Tickets

Change History (11)

comment:1 Changed 13 months ago by weasel

new host: chives.tpo.

also, clarify what the status of the metrics bot is.

comment:2 Changed 13 months ago by weasel

  • Chives is up
  • Limits raised for its addresses on OFTC servers
  • added a pointer to chives to iranicum's motd
  • if necessary, we'll have to send email to users at some point
Last edited 13 months ago by weasel (previous) (diff)

comment:3 Changed 13 months ago by anarcat

i added chives to the VM spreadsheet as it was missing from the cluster documentation.

this actually brings the cluster into over-provisionning already, unfortunately. it seems we might need a second pair of nodes in that cluster before the year is up...

comment:4 Changed 12 months ago by anarcat

i pinged nickm and cohosh on irc today, and helped asn migrate. i also ping'd nima in a "write" message. gk, cohosh, asn and more have now migrated. so this is progressing well.

comment:5 Changed 12 months ago by anarcat

the following users still have screen sessions, actually. i pinged each one over IRC today:

# ps -e -o user:256,comm | grep screen | cut -f1 -d' ' | sort -u
erinn
hiro
karsten
mikeperry
nickm
nima
qbi

comment:6 Changed 12 months ago by anarcat

Parent ID: #31686

comment:7 Changed 12 months ago by anarcat

now we only haev erinn and nima left here.

comment:8 Changed 11 months ago by anarcat

i get no response from those folks, so i'll start the decom process. shutdown scheduled in 10 minutes, disabled autostart.

comment:9 Changed 11 months ago by anarcat

followed the host retirement checklist:

  1. [x] warn users - everyone but nima and erinn have migrated now
  2. [x] machine shutdown
  3. [x] virsh undefine $host: Domain iranicum.torproject.org has been undefined
  4. [x] scheduled data wipe with a longer delay (30 days instead of 7) because of vacations: did cd /srv/vmstore ; mv iranicum.torproject.org OLD/iranicum.torproject.org; echo rm -rf /srv/vmstore/OLD/iranicum.torproject.org/ | at now + 30 days
  5. [x] removed from LDAP
    306 host=iranicum,ou=hosts,dc=torproject,dc=org
    host: iranicum
    hostname: iranicum.torproject.org
    objectClass: top
    objectClass: debianServer
    sshRSAHostKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrl7L4MtF3azKeQacKwZ7nf6vKfJUHrqbc6OAYuHMgzdVHSIZUOUN/HNWAsVmuvg1oBpVOtu8pNYz6b+8hJCUazAzPMJhlomFI7wdVRvqzrbmzLgFHn0k5a6EhXTGDWRepj3iFfzClHXR2ucbV7yOc2Nz3Iu7qSawpNdJtGUjhmfGIJEXYlDSzy4MOSD5TxDIC3u8WXQECp2fZTOZgIsZ7YOLt4iF2pv04ikhIkkfpGdRH0pnuZtYn7AWCpg0srBDt1/HU3t2C4Zg7ZjIaaK9t24UVtoFD65NwYtmcUN3kc3mFMP+JGRTgxYG8glFOrNZ4eCHrrFmnwBmKAiBZ29wR root@iranicum
    sshRSAHostKey: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5w+KftT8sZbCGpWUpVeqa7JxTjmjzohFPD9RyVegva root@iranicum
    architecture: amd64
    access: restricted
    admin: torproject-admin@torproject.org
    distribution: Debian
    description: shell/irc box
    purpose: shell/irc box
    ipHostNumber: 138.201.14.210
    ipHostNumber: 2a01:4f8:172:1b46:0:abba:18:1
    l: Falkenstein, Saxony, Germany
    physicalHost: textile.torproject.org
    allowedGroups: metrics
    allowedGroups: torproject
    
  6. [x] N/A (no specific entry in DNS)
  7. [x] revoked in Puppet: host=iranicum ; puppet node clean $host.torproject.org && puppet node deactivate $host.torproject.org
  8. [x] removed from Puppet (in sudoers)
  9. [x] cleaned host in tor-passwords
  10. [x] removed from wiki and spreadsheet
  11. [x] removed from nagios
  12. [x] scheduled backup removal another 30 extra days off: echo rm -rf /srv/backups/bacula/iranicum.torproject.org-OLD/ | at now + 60 days
  13. [x] N/A (nothing in letsencrypt)
  14. [x] N/A (upstream, we own the host)
  15. [x] N/A (mail, no mail handling)

... note that I gave the data an extra 30 days on the host (textile) and 30 days from that (so 60 days from now) on the backup server.

in other words:

  1. iranicum, the old IRC server, is now officially shutdown and retired
  2. its data will be removed from the host in 30 days
  3. its backups will be removed from the backup server in 60 days

RIP, it served us well!

Last edited 11 months ago by anarcat (previous) (diff)

comment:10 Changed 11 months ago by anarcat

Owner: changed from weasel to anarcat
Status: assignedaccepted

comment:11 Changed 11 months ago by anarcat

Resolution: fixed
Status: acceptedclosed
Note: See TracTickets for help on using tickets.