[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #33911 [Internal Services/Tor Sysadmin Team]: oo-hetzner-03 retirement
#33911: oo-hetzner-03 retirement
-------------------------------------------------+-------------------------
Reporter: anarcat | Owner: anarcat
Type: task | Status: closed
Priority: Medium | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Resolution: fixed
Keywords: tpa-roadmap-may | Actual Points:
Parent ID: #32802 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by anarcat):
* status: accepted => closed
* resolution: => fixed
Comment:
1. done as part of #31659
2. removed from nagios
3. already stopped
4. ran `./retire -v -H oo-hetzner-03.torproject.org retire-all --parent-
host=kvm4.torproject.org`, which: undefined the host, scheduled deleting
on kvm4, scheduled backup removal in 30 days, revoked from puppet:
{{{
$ ./retire -v -H oo-hetzner-03.torproject.org retire-all --parent-
host=kvm4.torproject.org
starting tasks at 2020-05-25 11:24:58.481377
checking for ganeti master on host kvm4.torproject.org
instance oo-hetzner-03.torproject.org not running, no shutdown required
undefining instance oo-hetzner-03.torproject.org on host
kvm4.torproject.org
Domain oo-hetzner-03.torproject.org has been undefined
scheduling oo-hetzner-03.torproject.org disk deletion on host
kvm4.torproject.org
checking for path "/srv/vmstore/oo-hetzner-03.torproject.org/" on
kvm4.torproject.org
scheduling rm -rf "/srv/vmstore/oo-hetzner-03.torproject.org/" to run on
kvm4.torproject.org in 7 days
warning: commands will be executed using /bin/sh
job 5 at Mon Jun 1 15:25:00 2020
scheduling oo-hetzner-03.torproject.org backup disks removal on host
bungei.torproject.org
checking for path "/srv/backups/bacula/oo-hetzner-03.torproject.org/" on
bungei.torproject.org
scheduling rm -rf "/srv/backups/bacula/oo-hetzner-03.torproject.org/" to
run on bungei.torproject.org in 30 days
warning: commands will be executed using /bin/sh
job 30 at Wed Jun 24 15:25:00 2020
Notice: Revoked certificate with serial 53
Notice: Removing file Puppet::SSL::Certificate oo-
hetzner-03.torproject.org at '/var/lib/puppet/ssl/ca/signed/oo-
hetzner-03.torproject.org.pem'
oo-hetzner-03.torproject.org
Submitted 'deactivate node' for oo-hetzner-03.torproject.org with UUID
cc3ae307-0abe-445d-9795-4edc49198bc5
completed tasks, elasped: 0:00:15.307500 (user 4.66 system 0.14 chlduser
0.03 chldsystem 0.05 RSS 43.2 MB)
}}}
5. deleted this blob from LDAP:
{{{
383 host=oo-hetzner-03,ou=hosts,dc=torproject,dc=org
host: oo-hetzner-03
hostname: oo-hetzner-03.torproject.org
objectClass: top
objectClass: debianServer
l: Falkenstein, Saxony, Germany
distribution: Debian
access: restricted
admin: torproject-admin@xxxxxxxxxxxxxx
architecture: amd64
sshRSAHostKey: ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQDNLYaiN/+rbaDxU3ng1PE18TFwACbrph/0rBJVPsbJJJZt8QJ8JmkRYaOdEtR/BaT1lsyFAi+oLGbqqdAZ2WXfz6p292qs3zT+JnkkDaYmh3v3i2m7eJsDTegL9agsM7RFHNyiEYilRDzIdVA9h2Rl+mKnMe/cd+qDzK93JFcTc0F1nbgPIE4OrPPCZ+85/OJEDEkNHzRFzuFbcAf6XXGQJlEvGrETBAAyV28BeAY07V7Kyp9Pd5fIJn4wCqWqH7RMTMFTLbLg7d8B9BLHNwwXYeUEn4+zZA8pWL59s9uhnRDXJS7+yTvBG81YizwJryYSfe2G4bWLThPdKywHcq2f
root@oo-hetzner-03
sshRSAHostKey: ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIGU3yePQ+5QjfGqqjr7Fa7t+FGPiVMvaheQRxRRMhF3E root
@oo-hetzner-03
physicalHost: kvm4.torproject.org
ipHostNumber: 94.130.28.199
ipHostNumber: 2a01:4f8:10b:239f:0:ab4:199:1
allowedGroups: onionoo
allowedGroups: onionoo-unpriv
description: onionoo
purpose: onionoo.torproject.org
rebootPolicy: rotation
}}}
6. removed from source code (mostly nagios, but also in the buster
upgrade notes!)
7. removed from tor-passwords
8. N/A DNSwl
9. remove from spreadsheet
10. N/A
11. N/A will be purged along with kvm4
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33911#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs