From Wikitech
Jump to: navigation, search

You are probably reading wikitech right now


Wikitech runs on the eqiad host 'silver'. The mediawiki install is updated automatically as part of standard WMF deployment. Nevertheless, it differs from a vanilla wiki in several ways:

  • Silver runs Ubuntu Trusty, but wikitech is hosted with standard Apache and php5, /not/ hhvm.
  • Images are hosted in a non-standard location: /srv/org/wikimedia/controller/wikis/images/
  • Auth on wikitech uses ldap accounts
  • A successful login on wikitech requires a token from Openstack Keystone in the labs cluster (currently Keystone runs on virt1000)
  • Wikitech runs the latest version of OpenStackManager for control of Labs.
  • Wikitech runs a very out-of-date version of SemanticMediaWiki

There are some MediaWiki config settings that are entirely exclusive to wikitech. These are set in a special .php config file: /srv/mediawiki/wmf-config/wikitech.php


In addition to normal ways to break (that any server or mw install is subject to), wikitech has a few additional failure cases due to relying on ldap and keystone. If login is failing, turn on the ldap+auth log by uncommenting some lines in /srv/mediawiki/wmf-config/wikitech.php:

 #$wgPasswordReminderResendTime = 0;
 #$wgPasswordAttemptThrottle = false;
 #$wgShowExceptionDetails = true;
 $wgLDAPDebug = 5;
 $wgDebugLogGroups["ldap"] = "/tmp/ldap-s-1-debug.log";

With that change, /tmp/ldap-s-1-debug.log will fill up with useful info, and you should be able to determine if ldap is breaking, or Keystone, or something else. wikitech.php will revert to its standard commented-out state during the next deploy cycle.

When you connect to silver, don't forget that it's a public box so can be reached at, not silver.eqiad.wmnet (but still via a bastion).