Opened 7 months ago

Closed 5 months ago

#33911 closed task (fixed)

oo-hetzner-03 retirement

Reported by: anarcat Owned by: anarcat
Priority: Medium Milestone:
Component: Internal Services/Tor Sysadmin Team Version:
Severity: Normal Keywords: tpa-roadmap-may
Cc: Actual Points:
Parent ID: #32802 Points:
Reviewer: Sponsor:

Description

I will soon migrate this virtual machine to the new ganeti cluster. this will involve an IP address change which might affect the service.

Please let me know if there are any problems you can think of. In particular, do let me know if any internal (inside the server) or external (outside the server) services hardcodes the IP address of the virtual machine.

Child Tickets

Change History (5)

comment:1 Changed 7 months ago by karsten

Sounds good. If you can, please start the migration process at *:35 when the hourly updater is done.

comment:2 Changed 6 months ago by anarcat

Component: Metrics/OnionooInternal Services/Tor Sysadmin Team
Keywords: tpa-roadmap-may added; tpa-roadmap-april removed
Owner: changed from metrics-team to anarcat
Status: newassigned

thanks for the update, will perform hopefully somewhere in may as indicated.

comment:3 Changed 5 months ago by anarcat

Summary: oo-hetzner-03 IP address change planned for Ganeti migrationoo-hetzner-03 retirement

new onionoo infra was setup in #31659, this this host will actually just be retired.

comment:4 Changed 5 months ago by anarcat

Status: assignedaccepted

comment:5 Changed 5 months ago by anarcat

Resolution: fixed
Status: acceptedclosed
  1. done as part of #31659
  2. removed from nagios
  3. already stopped
  4. ran ./retire -v -H oo-hetzner-03.torproject.org retire-all --parent-host=kvm4.torproject.org, which: undefined the host, scheduled deleting on kvm4, scheduled backup removal in 30 days, revoked from puppet:
    $ ./retire -v -H oo-hetzner-03.torproject.org retire-all --parent-host=kvm4.torproject.org
    starting tasks at 2020-05-25 11:24:58.481377
    checking for ganeti master on host kvm4.torproject.org
    instance oo-hetzner-03.torproject.org not running, no shutdown required
    undefining instance oo-hetzner-03.torproject.org on host kvm4.torproject.org
    Domain oo-hetzner-03.torproject.org has been undefined
    
    scheduling oo-hetzner-03.torproject.org disk deletion on host kvm4.torproject.org
    checking for path "/srv/vmstore/oo-hetzner-03.torproject.org/" on kvm4.torproject.org
    scheduling rm -rf "/srv/vmstore/oo-hetzner-03.torproject.org/" to run on kvm4.torproject.org in 7 days
    warning: commands will be executed using /bin/sh
    job 5 at Mon Jun  1 15:25:00 2020
    scheduling oo-hetzner-03.torproject.org backup disks removal on host bungei.torproject.org
    checking for path "/srv/backups/bacula/oo-hetzner-03.torproject.org/" on bungei.torproject.org
    scheduling rm -rf "/srv/backups/bacula/oo-hetzner-03.torproject.org/" to run on bungei.torproject.org in 30 days
    warning: commands will be executed using /bin/sh
    job 30 at Wed Jun 24 15:25:00 2020
    Notice: Revoked certificate with serial 53
    Notice: Removing file Puppet::SSL::Certificate oo-hetzner-03.torproject.org at '/var/lib/puppet/ssl/ca/signed/oo-hetzner-03.torproject.org.pem'
    oo-hetzner-03.torproject.org
    Submitted 'deactivate node' for oo-hetzner-03.torproject.org with UUID cc3ae307-0abe-445d-9795-4edc49198bc5
    completed tasks, elasped: 0:00:15.307500 (user 4.66 system 0.14 chlduser 0.03 chldsystem 0.05 RSS 43.2 MB)
    
  5. deleted this blob from LDAP:
    383 host=oo-hetzner-03,ou=hosts,dc=torproject,dc=org
    host: oo-hetzner-03
    hostname: oo-hetzner-03.torproject.org
    objectClass: top
    objectClass: debianServer
    l: Falkenstein, Saxony, Germany
    distribution: Debian
    access: restricted
    admin: torproject-admin@torproject.org
    architecture: amd64
    sshRSAHostKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNLYaiN/+rbaDxU3ng1PE18TFwACbrph/0rBJVPsbJJJZt8QJ8JmkRYaOdEtR/BaT1lsyFAi+oLGbqqdAZ2WXfz6p292qs3zT+JnkkDaYmh3v3i2m7eJsDTegL9agsM7RFHNyiEYilRDzIdVA9h2Rl+mKnMe/cd+qDzK93JFcTc0F1nbgPIE4OrPPCZ+85/OJEDEkNHzRFzuFbcAf6XXGQJlEvGrETBAAyV28BeAY07V7Kyp9Pd5fIJn4wCqWqH7RMTMFTLbLg7d8B9BLHNwwXYeUEn4+zZA8pWL59s9uhnRDXJS7+yTvBG81YizwJryYSfe2G4bWLThPdKywHcq2f root@oo-hetzner-03
    sshRSAHostKey: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGU3yePQ+5QjfGqqjr7Fa7t+FGPiVMvaheQRxRRMhF3E root@oo-hetzner-03
    physicalHost: kvm4.torproject.org
    ipHostNumber: 94.130.28.199
    ipHostNumber: 2a01:4f8:10b:239f:0:ab4:199:1
    allowedGroups: onionoo
    allowedGroups: onionoo-unpriv
    description: onionoo
    purpose: onionoo.torproject.org
    rebootPolicy: rotation
    
  1. removed from source code (mostly nagios, but also in the buster upgrade notes!)
  2. removed from tor-passwords
  3. N/A DNSwl
  4. remove from spreadsheet
  5. N/A
  6. N/A will be purged along with kvm4
Note: See TracTickets for help on using tickets.