You are browsing a read-only backup copy of Wikitech. The live site can be found at wikitech.wikimedia.org
Incidents/2022-06-21 asw-a2-codfw accidental power cycle
document status: draft
|Incident ID||2022-06-21 asw-a2-codfw accidental power cycle||Start||2022-06-21 14:32:00|
|People paged||0||Responder count||4|
|Impact||For approximately 11 minutes, power for A2 codfw rack (ps1-a2-codfw) went DOWN, which caused connectivity loss of servers in that rack, due to the full power loss of its switch. This caused ns1 dns server to fail over to eqiad and redundancy to kick in for lvs servers- causing some, very temporary increase on user latency for on-the-fly codfw request until traffic stabilized, but otherwise it had very little impact on users.|
During regular maintenance, there was a (scheduled) loss of power redundancy on codfw-A1. However, due to the second power cable for asw not being plugged all the way in, there was an unscheduled full loss of the switch, and hence the rack's network connectivity. Happily, redundancy worked as expected:
- regarding LVS, lvs2010 took over lvs2007, should have very small user impact.
- ns1 dns server was automatically moved to eqiad- should not have user impact.
- Most A2 servers alerted about loss of power redundancy, but having 2 power supplies they didn't went down.
- App servers may had been affected more, latency-wise while they were automatically depooled, but they were not serving production data at the time.
After the secondary power cord was properly connected, connectivity recovered with no issues. Maintenance finished at 15:01.
|People||Were the people responding to this incident sufficiently different than the previous five incidents?|
|Were the people who responded prepared enough to respond effectively|
|Were fewer than five people paged?|
|Were pages routed to the correct sub-team(s)?|
|Were pages routed to online (business hours) engineers? Answer “no” if engineers were paged after business hours.|
|Process||Was the incident status section actively updated during the incident?|
|Was the public status page updated?|
|Is there a phabricator task for the incident?|
|Are the documented action items assigned?|
|Is this incident sufficiently different from earlier incidents so as not to be a repeat occurrence?|
|Tooling||To the best of your knowledge was the open task queue free of any tasks that would have prevented this incident? Answer “no” if there are
open tasks that would prevent this incident or make mitigation easier if implemented.
|Were the people responding able to communicate effectively during the incident with the existing tooling?|
|Did existing monitoring notify the initial responders?|
|Were the engineering tools that were to be used during the incident, available and in service?|
|Were the steps taken to mitigate guided by an existing runbook?|
|Total score (count of all “yes” answers above)|