From Wikitech
Jump to navigation Jump to search

You are probably reading Wikitech right now.


Wikitech runs on the eqiad hosts labweb1001 and labweb1002. The MediaWiki install is updated automatically as part of standard WMF deployment. Nevertheless, it is not a vanilla wiki, nor a typical WMF wiki, in several ways:

  • Auth on wikitech uses ldap accounts
  • A successful login on wikitech requires a token from Openstack Keystone in the CloudVPS cluster (currently Keystone runs on virt1000). (Warning: this info may be outdated)
  • Wikitech runs the latest version of OpenStackManager for control of CloudVPS.

There are some MediaWiki config settings that are entirely exclusive to wikitech. These are set in a special .php config file: /srv/mediawiki/wmf-config/wikitech.php


In addition to normal ways to break (that any server or mw install is subject to), wikitech has a few additional failure cases due to relying on ldap and keystone. If login is failing, turn on the ldap+auth log by uncommenting some lines in /srv/mediawiki/wmf-config/wikitech.php:

 #$wgPasswordReminderResendTime = 0;
 #$wgPasswordAttemptThrottle = false;
 #$wgShowExceptionDetails = true;
 $wgLDAPDebug = 5;
 $wgDebugLogGroups["ldap"] = "/tmp/ldap-s-1-debug.log";

With that change, /tmp/ldap-s-1-debug.log will fill up with useful info, and you should be able to determine if ldap is breaking, or Keystone, or something else. wikitech.php will revert to its standard commented-out state during the next deploy cycle.

When you connect to labweb1001 or labweb1002, don't forget that they are in the public VLAN so must be reached as, not labweb1001.eqiad.wmnet (but still via a bastion).