This didn't happen! Further testing suggests that my original assertion
("now reaching public IPs works as expected") is not as true as I
thought it was.
On 1/6/25 9:26 AM, Andrew Bogott wrote:
Tl;dr:
Please let me know if you encounter changes in network connectivity
between cloud-vps hosts, specifically when routing to floating IPs.
Complicated explanation:
A previous version of our network setup prevented routing between
private and floating IPs within cloud-vps. To work around this we run
an agent called 'labs-ip-aliaser' which insertes corresponding private
IPs for any dns lookup initiating from within cloud-vps that would
otherwise return a floating IP.
So, for instance, if you did something like
$ ping hostname.wmcloud.org
you would actually be pinging vmname.project.eqiad.wikimedia.cloud
instead, because that worked and pinging the wmcloud.org address did not.
We have since refactored the network so that now reaching public IPs
works as expected. So, later in the week I'm going to remove the
labs-ip-aliaser hack so that floating-ip-associated hostnames can
resolve to the actual floating IPs as expected. This change should be
almost entirely invisible to cloud-vps services, but please notify me
if you find an interesting edge-case!
https://phabricator.wikimedia.org/T374129
https://gerrit.wikimedia.org/r/c/operations/puppet/+/1105443/7
_______________________________________________
Cloud-announce mailing list -- cloud-annou...@lists.wikimedia.org
List information:
https://lists.wikimedia.org/postorius/lists/cloud-announce.lists.wikimedia.org/
_______________________________________________
Cloud mailing list -- cloud@lists.wikimedia.org
List information:
https://lists.wikimedia.org/postorius/lists/cloud.lists.wikimedia.org/
