Wikimedia Cloud Services team/Onboarding Arturo/Sessions

= Arturo and Chase Onboarding Sessions =

Puppet (how does it work)

 * LDAP is the "same sign-on" solution for all things that are not MediaWiki
 * Unix user accounts outside of Cloud VPS are not connected directly to LDAP
 * Data is managed by Puppet based on modules/admin/data/data.yaml


 * puppetmaster1001.eqiad.wmnet
 * puppet-merge

y/n?

new installs
https://wikitech.wikimedia.org/wiki/Server_Lifecycle#Installation


 * New installs
 * Getting the MAC address for a new server
 * https://wikitech.wikimedia.org/wiki/Platform-specific_documentation
 * https://wikitech.wikimedia.org/wiki/Server_Lifecycle

New server: foo.eqiad.wmnet management network: foo.mgmt.eqiad.wmnet management network: .eqiad.wnet == mgmt

https://wikitech.wikimedia.org/wiki/Platform-specific_documentation/HP_DL3N0 show system1/network1/Integrated_NICs

files/dhcpd/linux-host-entries.ttyS1-115200:host labcontrol1001 { # onboard management Host *.mgmt.*.wmnet StrictHostKeyChecking ask UserKnownHostsFile /Users/cpettet/.ssh/wmf_mgmt_hosts https://gerrit.wikimedia.org/r/#/admin/projects/operations/dns

https://phabricator.wikimedia.org/diffusion/

baham.eqiad.wment authdns-update

From pupetmaster1001: new-install

Bastions

 * Bastions (protected bastion)
 * https://wikitech.wikimedia.org/wiki/Production_shell_access

restricted.bastion.wmflabs.org

toolforge <-- own bastion

---

Cloud VPS project request instructions -- https://phabricator.wikimedia.org/project/view/2875/

Openstack vs Horizon vs Toolsadmin

 * OpenStackManager -- https://www.mediawiki.org/wiki/Extension:OpenStackManager
 * Horizon -- https://docs.openstack.org/horizon/latest/
 * Toolsadmin (codename: Striker) -- https://wikitech.wikimedia.org/wiki/Toolsadmin.wikimedia.org