You are browsing a read-only backup copy of Wikitech. The live site can be found at wikitech.wikimedia.org

Incidents/2022-06-21 asw-a2-codfw accidental power cycle

From Wikitech-static
Jump to navigation Jump to search

document status: draft

Summary

Incident metadata (see Incident Scorecard)
Incident ID 2022-06-21 asw-a2-codfw accidental power cycle Start 2022-06-21 14:32:00
Task - End 2022-06-21 14:43:00
People paged 0 Responder count 4
Coordinators XioNoX Affected metrics/SLOs
Impact For approximately 11 minutes, power for A2 codfw rack (ps1-a2-codfw) went DOWN, which caused connectivity loss of servers in that rack, due to the full power loss of its switch. This caused ns1 dns server to fail over to eqiad and redundancy to kick in for lvs servers- causing some, very temporary increase on user latency for on-the-fly codfw request until traffic stabilized, but otherwise it had very little impact on users.
File:Screenshot 20220621 185358.png
App server monitoring latencies during the incident (technically codfw app servers were not service production data at the time)

During regular maintenance, there was a (scheduled) loss of power redundancy on codfw-A1. However, due to the second power cable for asw not being plugged all the way in, there was an unscheduled full loss of the switch, and hence the rack's network connectivity. Happily, redundancy worked as expected:

  • regarding LVS, lvs2010 took over lvs2007, should have very small user impact.
  • ns1 dns server was automatically moved to eqiad- should not have user impact.
  • Most A2 servers alerted about loss of power redundancy, but having 2 power supplies they didn't went down.
  • App servers may had been affected more, latency-wise while they were automatically depooled, but they were not serving production data at the time.

After the secondary power cord was properly connected, connectivity recovered with no issues. Maintenance finished at 15:01.

Documentation:

Actionables

Scorecard

Incident Engagement™ ScoreCard
Question Answer

(yes/no)

Notes
People Were the people responding to this incident sufficiently different than the previous five incidents?
Were the people who responded prepared enough to respond effectively
Were fewer than five people paged?
Were pages routed to the correct sub-team(s)?
Were pages routed to online (business hours) engineers? Answer “no” if engineers were paged after business hours.
Process Was the incident status section actively updated during the incident?
Was the public status page updated?
Is there a phabricator task for the incident?
Are the documented action items assigned?
Is this incident sufficiently different from earlier incidents so as not to be a repeat occurrence?
Tooling To the best of your knowledge was the open task queue free of any tasks that would have prevented this incident? Answer “no” if there are

open tasks that would prevent this incident or make mitigation easier if implemented.

Were the people responding able to communicate effectively during the incident with the existing tooling?
Did existing monitoring notify the initial responders?
Were the engineering tools that were to be used during the incident, available and in service?
Were the steps taken to mitigate guided by an existing runbook?
Total score (count of all “yes” answers above)