You are browsing a read-only backup copy of Wikitech. The live site can be found at


From Wikitech-static
Revision as of 21:01, 18 July 2019 by imported>Ayounsi (→‎How to deploy a new service?)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Still WIP


In production

Anycast recursive DNS

How does it work?

How to deploy a new service?

  1. Assign an IP in DNS, from the range - (eg. Gerrit CR 524045)
  2. Configure the server side (eg. Gerrit CR 524037)
    1. Add include ::profile::bird::anycast where you see fit (usually to the service's role)
    2. Configure the VIP and its attributes (usually hieradata/role/common/)
          address: 10.3.x.x # VIP to advertise (required)
          check_cmd: '/bin/true' # Any command to check the healh of the service, ran as user "bird" (required)
          ensure: present # Set to absent to cleanly remove the check (optional, present by default)
          bfd: true # Fast failure detection between router and server (Optional, true by default)
      profile::bird::bind_service: 'foobar.service' # Stop bird if linked service goes down (optional, none by default)
      Some notes:
      • The check_cmd needs to run in less than 1s (check interval)
  3. Configure the router side:
    1. set protocols bgp group Anycast4 neighbor <server_IP>
  4. Add monitoring to the VIP, similar to any Icinga checks, but in modules/profile/manifests/bird/anycast_monitoring.pp
  5. (Optional) if deploying a new type of service, ask Netops to add a backup static route