Portal:Cloud VPS/Admin/notes/Service predictions for cross realm situation
< Portal:Cloud VPS | Admin
This page contains information and some predictions on how cloud-related services will go when we migrate them for compliance with the Cross-Realm_traffic_guidelines.
What | Current model | Predicted future model | Comments | Level of effort |
---|---|---|---|---|
Cloud rec DNS | cloudservices servers in cloud-support production VLAN, with public IPv4. Cloud egress NAT exception. | case 4 | Medium | |
Cloud auth DNS | cloudservices servers in cloud-support production VLAN, with public IPv4. Cloud egress NAT exception. | case 4 | Medium | |
Toolforge project NFS | labstore servers in cloud-support production VLAN, with private IPv4. Cloud egress NAT exception. | case 1 | See phab:T291405 | High |
Toolforge home NFS | labstore servers in cloud-support production VLAN, with private IPv4. Cloud egress NAT exception. | case 1 | See phab:T291405 | High |
Misc project NFS | labstore servers in cloud-support production VLAN, with private IPv4. Cloud egress NAT exception. | case 1 | See phab:T291405 | High |
Dumps NFS | ![]() |
--- | Recently done, see https://phabricator.wikimedia.org/T272397 | --- |
Metrics services | cloudmetrics servers in cloud-support production VLAN, with private IPv4. Cloud egress NAT exception. | case 1 | Medium | |
Wiki replicas | ![]() |
case 4 | Might move to case 4 in next iteration | --- |
openstack APIs | cloudcontrol servers in production public VLAN, with public IPv4. Cloud egress NAT exception. | case 4 | Medium | |
cloudelastic cluster (elasticsearch) | ![]() |
cloudelastic servers in production public VLAN, with public IPv4. No cloud egress NAT exception. RO access from cloud using local firewalling in cloudelastic servers. More info: Help:CirrusSearch_elasticsearch_replicas. | --- | |
cloud hypervisors (cloudvirt servers) | ![]() |
--- | --- | |
cloud network (cloudnet & cloudgw servers) | ![]() |
--- | --- | |
ceph storage farm | TODO | TODO | TODO | |
horizon | labweb servers in production public VLAN with public IPv4. | case 3 | Low | |
LDAP | LDAP servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 2 | Low | |
NFS backups | cloudbackup servers in production private VLAN with private IPv4. | TODO | TODO | High |
Gerrit | gerrit.wikimedia.org & gerrit-replica.wikimedia.org servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 2 | Leave until deprecation by Gitlab? | Low |
APT repositories | apt1001.wikimedia.org & apt1002.wikimedia.org & sodium.wikimedia.org, servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 2 | Potential low-hanging fruit. See https://phabricator.wikimedia.org/T298042 | Low |
kraz (IRCD) | ![]() |
See https://phabricator.wikimedia.org/T280225 | --- | |
Maps NFS | cloudstore1008/cloudstore1009, servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 1 | See phab:T291405 | Medium |
Scratch NFS | cloudstore1008/cloudstore1009, servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 1 | See phab:T291405 | Medium |
main Wikis & API | servers in production public VLAN with pulic IPv4. Cloud egress NAT exception. | case 2 | Dropping the NAT exception is challenging, many moving parts. See News/CloudVPS NAT wikis and https://phabricator.wikimedia.org/T209011 | High |
nova-fullstack | ![]() |
--- | See https://phabricator.wikimedia.org/T272587 | --- |
What | Current model | Predicted future model | Comments | Level of effort |