You are browsing a read-only backup copy of Wikitech. The live site can be found at wikitech.wikimedia.org

Incidents/2022-08-10 confd all hosts

From Wikitech-static
< Incidents
Revision as of 15:36, 26 August 2022 by imported>Cwhite (→‎Actionables)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

document status: draft

Summary

Incident metadata (see Incident Scorecard)
Incident ID 2022-08-10 confd all hosts Start 2022-08-10 10:32:00
Task T313825 End 2022-08-10 13:31:00
People paged 0 Responder count 3
Coordinators Jaime Affected metrics/SLOs
Impact Engineers cleaned up the inadvertent install of confd on a large subset of the fleet. Security posture was not compromised and there was no external user impact.

A Puppet patch was merged which attempted to install confd on a large subset of all hosts. Monitoring alerted engineering teams to the issue and started work on reversing it.

Documentation:

Actionables

  • Git defaults to shows the author's date, not the commit date. Consider adding the following aliases to your git config as fix:
    • lola = log --graph --pretty=format:\"%C(auto)%h%d%Creset %C(cyan)(%cr)%Creset %C(green)%cn <%ce>%Creset %s\" --all
    • grephist = log --graph --pretty=format:\"%C(auto)%h%d%Creset %C(cyan)(%cr)%Creset %C(green)%cn <%ce>%Creset %s\" --all -S

Scorecard

Incident Engagement ScoreCard
Question Answer

(yes/no)

Notes
People Were the people responding to this incident sufficiently different than the previous five incidents? yes Overlap of 3
Were the people who responded prepared enough to respond effectively yes
Were fewer than five people paged? yes
Were pages routed to the correct sub-team(s)? yes n/a
Were pages routed to online (business hours) engineers? Answer “no” if engineers were paged after business hours. yes n/a
Process Was the incident status section actively updated during the incident? yes
Was the public status page updated? no
Is there a phabricator task for the incident? no
Are the documented action items assigned? yes action items limited to improved local bash aliases
Is this incident sufficiently different from earlier incidents so as not to be a repeat occurrence? yes
Tooling To the best of your knowledge was the open task queue free of any tasks that would have prevented this incident? Answer “no” if there are

open tasks that would prevent this incident or make mitigation easier if implemented.

yes
Were the people responding able to communicate effectively during the incident with the existing tooling? yes
Did existing monitoring notify the initial responders? yes
Were the engineering tools that were to be used during the incident, available and in service? yes
Were the steps taken to mitigate guided by an existing runbook? no
Total score (count of all “yes” answers above) 12