Auth systems/Testing

Testing system Labs

edit
  • Should emulate the major features of production
    • Ex:CentralAuth with SUL
    • Shared memcache
    • Master-slave db's (nice to have)

Updates

edit

2013-03-29:

2013-04-08:

  • To make testing easier, I've setup the login-oauth wiki to also use http://catest.ii0.co/ (personal domain) for dns. That will let us test cross domain access. Updated /home/wikipedia/common/multiversion/MWMultiVersion.php ($lang/$site detection) and wmf-config/InitialiseSettings-labs.php (wgServer/wgCanonicalServer for loginwiki)

TODO

edit
  • Create user accounts
  • Either get a second IP (needs a labs root to up the quota) or set up a simple squid to alternate between the two apaches.

Server setup

edit

Dumping some notes here so I can remember how I did this. Someday this sort of thing should be puppetized somehow so it's easier.

SQL servers

edit
  • Create the instances, with the "sql" security group
  • Add "role::labs-mysql-server"
  • Create /etc/mysql/conf.d/local.cnf with the following contents:
[mysqld]
read-only     # Remove this on the master
server-id = 1 # Set this different on each host

bind_address = 0.0.0.0
log-bin
sync_binlog = 1
binlog_format = statement
log_slave_updates
log_slow_queries
long_query_time = 0.45

Apache servers

edit
  • Create the instances, with the "web" security group
  • Add "misc::deployment::scripts", "webserver::php5", "webserver::php5-mysql", "memcached"
  • If memcached is only listening on localhost, restart it
  • sudo apt-get install imagemagick php-apc
  • sudo mkdir /usr/local/apache
  • sudo ln -s /home/wikipedia/common/ /usr/local/apache/common-local
  • sudo ln -s /usr/local/apache /apache
  • sudo ln -s /usr/local/apache/common-local /usr/local/apache/common
  • sudo mkdir -p /srv/deployment/mediawiki
  • sudo ln -s /home/wikipedia/common/ /srv/deployment/mediawiki/common
  • Copy something resembling puppet's modules/mediawiki_singlenode/templates/simplewiki.wmflabs.org into /etc/apache2/sites-available/wiki, and symlink it from /etc/apache2/sites-enabled/
  • Probably wouldn't hurt to restart apache now
  • Set umask in /etc/bash.bashrc

Wikis

edit
  • On oauth-sql01:
    • sudo mysql
      • CREATE DATABASE $WIKI;
      • GRANT ALL PRIVILEGES ON $WIKI.* TO 'mw'@'10.4.%.%';
  • On oauth-apache01:
    • Edit all-labs.dblist and wikiversions-labs.dblist
    • Run multiversion/refreshWikiversionsCDB
    • sudo mwscript eval.php --wiki $WIKI
      • $dbw = wfGetDB( DB_MASTER ); $dbw->sourceFile( '/home/wikipedia/common/php-master/maintenance/tables.sql' );
    • sudo mwscript update.php --wiki $WIKI --quick
  • Go to wikitech:Special:NovaAddress and add the hostname for the new wiki.