Portal:Cloud VPS/Admin/notes/Service predictions for cross realm situation
< Portal:Cloud VPS | Admin
This page contains information and some predictions on how cloud-related services will go when we migrate them for compliance with the Cross-Realm_traffic_guidelines.
| What | Current model | Predicted future model | Comments | Level of effort |
|---|---|---|---|---|
| Cloud rec DNS | cloudservices servers in cloud-support production VLAN, with public IPv4. Cloud egress NAT exception. | case 4 | Medium | |
| Cloud auth DNS | cloudservices servers in cloud-support production VLAN, with public IPv4. Cloud egress NAT exception. | case 4 | Medium | |
| Toolforge project NFS | labstore servers in cloud-support production VLAN, with private IPv4. Cloud egress NAT exception. | case 1 | See phab:T291405 | High |
| Toolforge home NFS | labstore servers in cloud-support production VLAN, with private IPv4. Cloud egress NAT exception. | case 1 | See phab:T291405 | High |
| Misc project NFS | labstore servers in cloud-support production VLAN, with private IPv4. Cloud egress NAT exception. | case 1 | See phab:T291405 | High |
| Dumps NFS |  Done case 2 compliant
|
--- | Recently done, see https://phabricator.wikimedia.org/T272397 | --- |
| Metrics services | cloudmetrics servers in cloud-support production VLAN, with private IPv4. Cloud egress NAT exception. | case 1 | Medium | |
| Wiki replicas | Done case 2 compliant
|
case 4 | Might move to case 4 in next iteration | --- |
| openstack APIs | cloudcontrol servers in production public VLAN, with public IPv4. Cloud egress NAT exception. | case 4 | Medium | |
| cloudelastic cluster (elasticsearch) | Done case 2 compliant
|
cloudelastic servers in production public VLAN, with public IPv4. No cloud egress NAT exception. RO access from cloud using local firewalling in cloudelastic servers. More info: Help:CirrusSearch_elasticsearch_replicas. | --- | |
| cloud hypervisors (cloudvirt servers) | Done case 4 compliant
|
--- | --- | |
| cloud network (cloudnet & cloudgw servers) | Done case 4 compliant
|
--- | --- | |
| ceph storage farm | TODO | TODO | TODO | |
| horizon | labweb servers in production public VLAN with public IPv4. | case 3 | Low | |
| LDAP | LDAP servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 2 | Low | |
| NFS backups | cloudbackup servers in production private VLAN with private IPv4. | TODO | TODO | High |
| Gerrit | gerrit.wikimedia.org & gerrit-replica.wikimedia.org servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 2 | Leave until deprecation by Gitlab? | Low |
| APT repositories | apt1001.wikimedia.org & apt1002.wikimedia.org & sodium.wikimedia.org, servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 2 | Potential low-hanging fruit. See https://phabricator.wikimedia.org/T298042 | Low |
| kraz (IRCD) | Done case 2 compliant
|
See https://phabricator.wikimedia.org/T280225 | --- | |
| Maps NFS | cloudstore1008/cloudstore1009, servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 1 | See phab:T291405 | Medium |
| Scratch NFS | cloudstore1008/cloudstore1009, servers in production public VLAN with public IPv4. Cloud egress NAT exception. | case 1 | See phab:T291405 | Medium |
| main Wikis & API | servers in production public VLAN with pulic IPv4. Cloud egress NAT exception. | case 2 | Dropping the NAT exception is challenging, many moving parts. See News/CloudVPS NAT wikis and https://phabricator.wikimedia.org/T209011 | High |
| nova-fullstack | Done case 3 compliant
|
--- | See https://phabricator.wikimedia.org/T272587 | --- |
| What | Current model | Predicted future model | Comments | Level of effort |