Activity
From 01/21/2020 to 02/19/2020
02/19/2020
- TF 04:07 PM Task #7560 (Closed): Document DNS64 setup for VMs
- NS 02:28 PM Task #7757 (Rejected): opennebula incorrectly re-uses vncs ports
- From a test VM:
- TF 09:10 AM Task #7653: Move VMs with routed /64 into their own /64 [was: Instructions for adding /64 to VM]
- Moris Jones wrote:
> So in order to prevent my VM breaking on reboot, should I remove /etc/one-context.d/loc-11-dns ?
Yes.
02/18/2020
- TF 03:08 PM Task #7560 (Feedback): Document DNS64 setup for VMs
- See https://code.ungleich.ch/ungleich-public/ungleich-staticcms/merge_requests/5/ for the article. The related wiki pages ahave been updated.
- TF 10:42 AM Task #7545 (Waiting): Switch production LDAPs to cdist-managed alpine
- I cleaned up and revamped the __ungleich_ldap type to run on alpine + deployed new ldap-stagin[1,2] nodes. I'm waiting to deploy a fix to __ungleich_nftables for firewalling and monitoring of the new setup.
I would like to move the pr...
02/17/2020
- LN 02:00 PM Task #7750 (Closed): Adding v4 support to s3-rgw gateway
- TODO: switching to ipv6-proxy -> wildcard domains? performance impact?
V4 address added from Opennebula
Right now the ip addresses are hardcoded in /etc/ceph/ceph.conf because I've encountered a bug that needs further time to solve.
02/08/2020
- DR 02:03 PM Task #7689: Update certbot on several VMs
- Updated:
02/06/2020
- LN 05:56 PM Task #7696 (Closed): Alping v3.10 template bug: ntdp uses v4 only, and it breaks clock sync
- Test alpine v3.11 if clock sync works out of the box && remove alpine v3.10 template.
Check if there are vm-s/services in production which are affected - MJ 04:13 PM Task #7653: Move VMs with routed /64 into their own /64 [was: Instructions for adding /64 to VM]
- So in order to prevent my VM breaking on reboot, should I remove /etc/one-context.d/loc-11-dns ?
02/04/2020
- NS 05:28 PM Task #7688: Disable rp_filter on router2.place5 (alpine sets =1 on .all and .default)
- Added the following to our internal cdist:
- NS 05:19 PM Task #7688 (In Progress): Disable rp_filter on router2.place5 (alpine sets =1 on .all and .default)
- NS 05:15 PM Task #7688 (Closed): Disable rp_filter on router2.place5 (alpine sets =1 on .all and .default)
- DR 05:24 PM Task #7689 (Seen): Update certbot on several VMs
- DR 05:24 PM Task #7689 (Rejected): Update certbot on several VMs
- From Mail (letsencrypt):
02/03/2020
01/31/2020
- AB 07:16 PM Task #7649: Sketch a VM backup & restore
- The functionality part is complete beside `ungleich-cli` and can be found at https://code.ungleich.ch/ahmedbilal/vm-cli-services. I am ready to give a test-run tour whenever you want.
- AB 07:13 PM Task #7650: Synchronise opennebula VMs with etcd
- I changed the whole engine, so it is not slow anymore. Previously, I am using pyone library provided by OpenNebula that is in simple words full of bugs. Now, I am directly using XML-RPC client builtin Python to make remote procedural cal...
- NS 04:16 PM Task #7304 (Rejected): Test NAT64 with distributed routers with joold on alpine
- Active-passive
- NS 04:16 PM Task #7377 (Rejected): Create an active-active NAT64 gateway
- Going active-passive.
01/28/2020
- AB 02:38 PM Task #7650: Synchronise opennebula VMs with etcd
- Nico its done. https://code.ungleich.ch/ungleich-public/ungleich-tools/tree/master/opennebula-vm-etcd
1. Putting VM info into etcd **put-vm-info-into-etcd.py**
2. VM Queries Example Script **vm-queries.py**
although slow as I disc... - NS 10:36 AM Task #7654: Get VMs info from Opennebula and save it in etcd
- ping sre team
- NS 10:35 AM Task #7654: Get VMs info from Opennebula and save it in etcd
- clearly a cron job.
Let's create a new (IPv6 only) service VM based on Alpine, which is
dedicated for running stateless scripts (via cron or other means).
=> service.ungleich.ch
We might eventually also use docker on this VM, just as ... - AB 09:31 AM Task #7654: Get VMs info from Opennebula and save it in etcd
- We can run it either as cron job or put a sleep in the code.
01/27/2020
- NS 09:29 PM Task #7654: Get VMs info from Opennebula and save it in etcd
- Where does it run / update every 10 minutes?
- AB 05:37 PM Task #7654: Get VMs info from Opennebula and save it in etcd
- Done
- AB 10:59 AM Task #7654 (Rejected): Get VMs info from Opennebula and save it in etcd
- Create a service that gets VMs' information from OpenNebula and save it in etcd.
It should also update/sync this information every 10 minutes. - LN 04:58 PM Task #7632: Setup rados / s3 storage on ceph
- NS 01:25 PM Task #7650: Synchronise opennebula VMs with etcd
- I actually created this ticket some time ago
01/26/2020
- TF 05:56 PM Task #7641: create images for uncloud
- * The image definition scripts are defined in: https://code.ungleich.ch/uncloud/images
* The images have been uploaded to ONE and are available under the uncloud-* VM templates.
* The Fedora and Ubuntu images works fine but I still hav... - NS 10:02 AM Task #7653 (In Progress): Move VMs with routed /64 into their own /64 [was: Instructions for adding /64 to VM]
- Good point.
Timothee, can you create a new network for VMs with routed networks so that we can again decide on DNS64 in bind by network prefix?
Morris, we will fix it the way that the user does not have to do that manually. Above n...
01/25/2020
- MJ 05:01 PM Task #7653 (Closed): Move VMs with routed /64 into their own /64 [was: Instructions for adding /64 to VM]
- Document process for moving VM to /64 rather than /128.
Importantly: customer should modify their name server config (/etc/resolv.conf) to be as follows:
nameserver 2a0a:e5c0:2:12:0:f0ff:fea9:c451
nameserver 2a0a:e5c0:2:12:0:f0ff:...
01/24/2020
- NS 11:18 AM Task #7649: Sketch a VM backup & restore
- h2. OpenNebula testing
- NS 11:16 AM Task #7649: Sketch a VM backup & restore
- Snapshotting:
- NS 10:49 AM Task #7649: Sketch a VM backup & restore
- h2. Ceph
It seems ceph even has a limit support: - NS 10:16 AM Task #7649 (Rejected): Sketch a VM backup & restore
- * User wants to have possibility to roll back in time
h2. Implementation
* We can use ceph snapshots
* We might need/want to signal qemu before taking the snapshot
** how?
** Difference between uncloud and opennebula?
h2. Use... - NS 11:08 AM Task #7650 (Rejected): Synchronise opennebula VMs with etcd
- * etcd prefix: /opennebula
*
h2. What to synchronise
* /opennebula/vm/<VM id>
** all information about the VM
** also terminated VMs
h2. Use cases
I want to be able to
* Get the current host of the VM
* Get the VNC po... - NS 10:03 AM Task #7636: Find out current retention period for monitoring servers and ensure that data is kept for 5 years
- Go with it
redmine@ungleich.ch writes:
01/23/2020
- DR 10:57 PM Task #7636: Find out current retention period for monitoring servers and ensure that data is kept for 5 years
- it's configured in __dcl_monitoring_server type
- NS 05:53 PM Task #7632: Setup rados / s3 storage on ceph
- Note for production checking: what happens/is required to do if the
certificate is replaced with a new one?
redmine@ungleich.ch writes: - LN 05:46 PM Task #7632: Setup rados / s3 storage on ceph
- updated conf with ssl
[client.rgw.rgw]
host = rgw
#rgw socket path = /var/run/ceph/ceph.radosgw.gateway.fastcgi.sock
rgw socket path = /tmp/radosgw.sock
rgw frontends = beast ssl_port=443 ssl_certificate=/etc/letsencrypt/live/rgw.... - LN 05:30 PM Task #7632: Setup rados / s3 storage on ceph
- Radosgw is running. The correct way to start is1:
/usr/bin/radosgw --cluster ceph --name client.rgw.`hostname -s` -setuser ceph --setgroup ceph
atm I'm tweaking the settings to setup ssl, and ipv6 support
1: (it wasnt writte... - LN 01:41 PM Task #7632: Setup rados / s3 storage on ceph
- using this manual the radosgw is configured at rgw.llnu.at
https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/3/html/installation_guide_for_red_hat_enterprise_linux/manually-installing-ceph-object-gateway
We don't h...
01/22/2020
- NS 03:33 PM Task #7630: Cleanup the DNS64 situation
- No. If somebody does not want that, they should remove the appropriate
script below /etc/one-contex.d
redmine@ungleich.ch writes: - LN 02:00 PM Task #7630: Cleanup the DNS64 situation
- What can we do about that the /etc/resolv.conf is rewritten at every reboot?
Would the best be to advise:
chattr +i /etc/resolv.conf
? - NS 09:11 AM Task #7630 (Closed): Cleanup the DNS64 situation
Thanks!
redmine@ungleich.ch writes:
01/21/2020
- NS 09:42 PM Task #7632: Setup rados / s3 storage on ceph
redmine@ungleich.ch writes:- LN 07:55 PM Task #7632 (Seen): Setup rados / s3 storage on ceph
- LN 07:55 PM Task #7631 (Seen): Report details about pleroma problems to upstream
- TF 02:16 PM Task #7641 (In Progress): create images for uncloud
- SK 12:38 PM Task #7641 (Closed): create images for uncloud
- First images should be the latest alpine, fedora, ubuntu, debian.
How should they be configured:
they should get an ipv6 address from the first network interface,
they should automatically increase the root file system, if the di... - TF 10:57 AM Task #7545 (In Progress): Switch production LDAPs to cdist-managed alpine
- TF 10:32 AM Task #7483 (In Progress): Update the __consul cdist type for alpine
- I got the same issue with `__consul_agent` on Debian, which I am currently fixing upstream.
https://code.ungleich.ch/ungleich-public/cdist/merge_requests/837