You are browsing a read-only backup copy of Wikitech. The live site can be found at wikitech.wikimedia.org

Server Lifecycle/DNS Transition: Difference between revisions

From Wikitech-static
Jump to navigation Jump to search
imported>Volans
m (Add the dry-run mode for Netbox scripts)
 
imported>Volans
m (Fix phases order)
Line 3: Line 3:
During the rollout phases of the new automation some procedure will change, as outlined below.
During the rollout phases of the new automation some procedure will change, as outlined below.


= Automation Rollout Phase summary =


== Phase 1 ==
{| class="wikitable"
|-
! Task / Phase !! 1 !! 2 !! 3 !! 4
|-
| Select and Assign '''MGMT IP''' || Netbox CustomScript || Netbox CustomScript || Netbox CustomScript || Netbox CustomScript
|-
| Deploy '''MGMT DNS''' records  || Manual || Cookbook || Cookbook || Cookbook
|-
| Select and Assign '''Primary IPv4/6''' ||  Manual || Manual || Netbox CustomScript || Netbox CustomScript
|-
| Deploy '''Primary IPv4/6 DNS''' records || Manual || Manual || Manual || Cookbook
|}
 
= IP Assignment for servers =
The status pre-migration is that every IP assignment is done manually by looking for an unused IP in the DNS repository.
 
== Phase 1 (proposed transition date: 2020-06-24) ==
Transition of '''all''' servers management IP assignment from manual to automatically assigned by Netbox via the run of a custom script, independently of the datacenter they are physically in.
 
At the moment of the migration a sync of all existing management IP addresses with related DNS name from the DNS repository to Netbox will be re-run, making the two set of data identical.
After that moment every modification to management IP addresses '''must''' be done in Netbox as the sole source of truth for them.
 
=== Provisioning ===
 
* Run the [https://netbox.wikimedia.org/extras/scripts/interface_automation/AssignIPs/ Add interfaces and IPs to devices] Netbox script which creates a new management interface, allocates an IP address and configures it for automated DNS.
** To run the script in '''dry-run''' mode, uncheck the '''Commit changes''' checkbox.
 
== Phase 3 (proposed date: TBD) ==
Transition of '''all''' primary IPv4 and IPv6 assignment from manual to automatically assigned by Netbox via the run of a custom script, independently of the datacenter they are physically in.
 
At the moment of the migration a sync of all existing interfaces, IP addresses and related DNS names from PuppetDB and the DNS repository to Netbox will be re-run, making the two set of data identical.
After that moment every modification to host IP addresses '''must''' be done in Netbox as the sole source of truth for them.
 
=== Provisioning ===
 
* Run the [https://netbox.wikimedia.org/extras/scripts/interface_automation/AssignIPs/ Add interfaces and IPs to devices] Netbox script,  which creates a new management interface, allocates an IP address and configures it for automated DNS. It will also create a <code>##PRIMARY##</code> interface, allocates an IPv4 and a mapped IPv6 and configures it for automated DNS. The automated DNS for the IPv6 can be opted out. The primary interface name will be updated by the reimage procedure with the real interfaces on the host.
** To run the script in '''dry-run''' mode, uncheck the '''Commit changes''' checkbox.
 
= DNS records =
The status pre-migration is that every DNS record is manually hardcoded in the <code>operations/dns</code> repository.
 
== Phase 2 ==
Transition of the management DNS records, both hostname and asset tag, to the Netbox-driven system.
Transition of the management DNS records, both hostname and asset tag, to the Netbox-driven system.


=== Provisioning ===
=== Provisioning ===
'''Is the datacenter the device is in part of [[DNS/Netbox#Management|this list]]?'''
'''Is the datacenter the device is in part of [[DNS/Netbox#Management|this list]]?'''
* NO: nothing changes, follow usual procedure.
* NO: nothing changes, follow usual procedure to make the <code>operations/dns</code> repository patch.
* YES: follow the modified procedure described below.
* YES: follow the modified procedure described below.


After having created the Netbox object(s) as usual for the new device(s):
* No need to make a patch against the <code>operations/dns</code> repository to add the management IP/PTR (a patch is still needed to add primary IPv4/6).
* No need to make a patch against the <code>operations/dns</code> repository to add the management IP/PTR (a patch is still needed to add primary IPv4/6).
* Run the [https://netbox.wikimedia.org/extras/scripts/interface_automation/CreateManagementInterface/ Create management interface] Netbox script which creates a new management interface, allocates an IP address and configures it for automated DNS.
** To run the script in '''dry-run''' mode, uncheck the '''Commit changes''' checkbox.
* Run the [[DNS/Netbox#Update_generated_records|sre.dns.netbox]] cookbook as described.
* Run the [[DNS/Netbox#Update_generated_records|sre.dns.netbox]] cookbook as described.
** Ensure that the generated diff is consistent with your changes and there isn't any other change that seems unrelated. If in doubt feel free to ask Cas or Riccardo anytime.
** Ensure that the generated diff is consistent with your changes and there isn't any other change that seems unrelated. If in doubt feel free to ask Cas or Riccardo anytime.
Line 29: Line 68:
** To run the script in '''dry-run''' mode, uncheck the '''Commit changes''' checkbox.
** To run the script in '''dry-run''' mode, uncheck the '''Commit changes''' checkbox.
* Run the [[DNS/Netbox#Update_generated_records|sre.dns.netbox]] cookbook as described.
* Run the [[DNS/Netbox#Update_generated_records|sre.dns.netbox]] cookbook as described.
** Ensure that the generated diff is consistent with your changes and there isn't any other change that seems unrelated. If in doubt feel free to ask Cas orRiccardo anytime.
** Ensure that the generated diff is consistent with your changes and there isn't any other change that seems unrelated. If in doubt feel free to ask Cas or Riccardo anytime.


== Phase 2 ==
== Phase 4 ==
Transition of the primary IPv4/6 DNS records to the Netbox-driven system.
Transition of the primary IPv4/6 DNS records to the Netbox-driven system.



Revision as of 16:47, 16 June 2020

We are in the process of automating the generation of DNS records for the devices from Netbox data.

During the rollout phases of the new automation some procedure will change, as outlined below.

Automation Rollout Phase summary

Task / Phase 1 2 3 4
Select and Assign MGMT IP Netbox CustomScript Netbox CustomScript Netbox CustomScript Netbox CustomScript
Deploy MGMT DNS records Manual Cookbook Cookbook Cookbook
Select and Assign Primary IPv4/6 Manual Manual Netbox CustomScript Netbox CustomScript
Deploy Primary IPv4/6 DNS records Manual Manual Manual Cookbook

IP Assignment for servers

The status pre-migration is that every IP assignment is done manually by looking for an unused IP in the DNS repository.

Phase 1 (proposed transition date: 2020-06-24)

Transition of all servers management IP assignment from manual to automatically assigned by Netbox via the run of a custom script, independently of the datacenter they are physically in.

At the moment of the migration a sync of all existing management IP addresses with related DNS name from the DNS repository to Netbox will be re-run, making the two set of data identical. After that moment every modification to management IP addresses must be done in Netbox as the sole source of truth for them.

Provisioning

  • Run the Add interfaces and IPs to devices Netbox script which creates a new management interface, allocates an IP address and configures it for automated DNS.
    • To run the script in dry-run mode, uncheck the Commit changes checkbox.

Phase 3 (proposed date: TBD)

Transition of all primary IPv4 and IPv6 assignment from manual to automatically assigned by Netbox via the run of a custom script, independently of the datacenter they are physically in.

At the moment of the migration a sync of all existing interfaces, IP addresses and related DNS names from PuppetDB and the DNS repository to Netbox will be re-run, making the two set of data identical. After that moment every modification to host IP addresses must be done in Netbox as the sole source of truth for them.

Provisioning

  • Run the Add interfaces and IPs to devices Netbox script, which creates a new management interface, allocates an IP address and configures it for automated DNS. It will also create a ##PRIMARY## interface, allocates an IPv4 and a mapped IPv6 and configures it for automated DNS. The automated DNS for the IPv6 can be opted out. The primary interface name will be updated by the reimage procedure with the real interfaces on the host.
    • To run the script in dry-run mode, uncheck the Commit changes checkbox.

DNS records

The status pre-migration is that every DNS record is manually hardcoded in the operations/dns repository.

Phase 2

Transition of the management DNS records, both hostname and asset tag, to the Netbox-driven system.

Provisioning

Is the datacenter the device is in part of this list?

  • NO: nothing changes, follow usual procedure to make the operations/dns repository patch.
  • YES: follow the modified procedure described below.
  • No need to make a patch against the operations/dns repository to add the management IP/PTR (a patch is still needed to add primary IPv4/6).
  • Run the sre.dns.netbox cookbook as described.
    • Ensure that the generated diff is consistent with your changes and there isn't any other change that seems unrelated. If in doubt feel free to ask Cas or Riccardo anytime.

Unracking

Is the datacenter the device is in part of this list?

  • NO: nothing changes, follow usual procedure.
  • YES: follow the modified procedure described below.

After having unracked the device:

  • No need to make a patch against operations/dns to the remove the management IP/PTR (a patch is still needed to remove the primary IPv4/6 if not already removed).
  • Run the Offline a device with extra actions Netbox script that will set the device in Offline status and delete all its interfaces and associated IP addresses left.
    • To run the script in dry-run mode, uncheck the Commit changes checkbox.
  • Run the sre.dns.netbox cookbook as described.
    • Ensure that the generated diff is consistent with your changes and there isn't any other change that seems unrelated. If in doubt feel free to ask Cas or Riccardo anytime.

Phase 4

Transition of the primary IPv4/6 DNS records to the Netbox-driven system.

Is the datacenter the device is in part of this list?

  • NO: nothing changes, follow usual procedure.
  • YES: follow the modified procedure described below for provisioning/decommissioning

[TBD]