Portal:Cloud VPS/Admin/notes/Service predictions for cross realm situation
This page contains information and some predictions on how cloud-related services will go when we migrate them for compliance with the Cross-Realm_traffic_guidelines.
| What | Current model | Predicted future model | Comments | Level of effort |
|---|---|---|---|---|
| Cloud rec DNS |  Done case 4 compliant
|
--- | Medium | |
| Cloud auth DNS | Done case 4 compliant
|
--- | Medium | |
| Toolforge project NFS | Done case 1 compliant
|
--- | See phab:T291405 | High |
| Toolforge home NFS | Done case 1 compliant
|
--- | See phab:T291405 | High |
| Misc project NFS | Done case 1 compliant
|
--- | See phab:T291405 | High |
| Dumps NFS | Done case 2 compliant
|
--- | Recently done, see https://phabricator.wikimedia.org/T272397 | --- |
| Metrics services | cloudmetrics servers in cloud-support production VLAN, with private IPv4. Cloud egress NAT exception. | case 1 | See https://phabricator.wikimedia.org/T336854 | Medium |
| Wiki replicas | Done case 2 compliant
|
case 4 | Might move to case 4 in next iteration | --- |
| openstack APIs | Done case 4 compliant
|
--- | Medium | |
| cloudelastic cluster (opensearch) | Done case 2 compliant
|
cloudelastic servers in production public VLAN, with public IPv4. No cloud egress NAT exception. RO access from cloud using local firewalling in cloudelastic servers. More info: Help:CirrusSearch OpenSearch replicas. | --- | |
| cloud hypervisors (cloudvirt servers) | Done case 4 compliant
|
--- | --- | |
| cloud network (cloudnet & cloudgw servers) | Done case 4 compliant
|
--- | --- | |
| ceph storage farm | TODO | case 4 | TODO | |
| horizon | labweb servers in production public VLAN with public IPv4. | case 3 | Low | |
| LDAP | LDAP servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 2 | Low | |
| NFS backups | cloudbackup servers in production private VLAN with private IPv4. | case 4 | --- | Medium |
| Gerrit | gerrit.wikimedia.org & gerrit-replica.wikimedia.org servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 2 | Leave until deprecation by Gitlab? | Low |
| APT repositories | Done case 2 compliant
|
--- | See https://phabricator.wikimedia.org/T298042 | Low |
| kraz (IRCD) | Done case 2 compliant
|
See https://phabricator.wikimedia.org/T280225 | --- | |
| Maps NFS | Done case 1 compliant
|
--- | See phab:T291405 | Medium |
| Scratch NFS | Done case 1 compliant
|
--- | See phab:T291405 | Medium |
| main Wikis & API | servers in production public VLAN with pulic IPv4. Cloud egress NAT exception. | case 2 | Dropping the NAT exception is challenging, many moving parts. See News/2021 CloudVPS NAT wikis and https://phabricator.wikimedia.org/T209011 | High |
| nova-fullstack | Done case 3 compliant
|
--- | See https://phabricator.wikimedia.org/T272587 | --- |
| What | Current model | Predicted future model | Comments | Level of effort |