Technical staff have increased visibility into the operation of our services and infrastructure.

Modernize logging, alerting and metrics monitoring infrastructure

Dependencies on: Search Platform; Primary team: Infrastructure Foundations

Adopt Logstash   Done

• Review Logstash/Kibana's architecture and installation and identify next steps and gaps to be addressed.
• Audit log producers across the infrastructure and plan their transition to centralized logging.
• Investigate log shipping methods and standardize on them.

  Note: July 2018

  In progress

  Note: August 14, 2018

  In progress

  Note: September 11, 2018

  In progress A comprehensive design document has been prepared for logging and is currently in final review.

Wikimedia projects and content are protected against major disasters that threaten availability.

Strengthen backups with reliable and redundant backup infrastructure

Dependencies on: Infrastructure Foundations; Primary teams: Data Persistence

Monitor database backup generation for failure or incorrect generation   Done

• Generate metrics and historic data about databases (objects, table and wiki sizes, growth over time, etc.)
• Detect and alert on backup metrics anomalies

  Note: July 30, 2018

  In progress

  Note: August 14, 2018

  In progress

  Note: September 11, 2018

  In progress Software to generate & track metrics for db backups has been written, and will soon be used to setup alerts on backup anomalies.

Technical staff are able to implement and maintain services and infrastructure in an efficient manner with a minimal amount of manual tasks.

Automate common operational tasks around service deployment, maintenance and incident response and build automated workflows for data center infrastructure, network, and equipment lifecycle management

Dependencies on: Traffic; Primary teams: Infrastructure Foundations, Data center operations

Migrate the hardware inventory from Racktables to Netbox   Done

• Define Netbox existing and custom fields usage standards/best practices
• Switch over from Racktables to Netbox
• Stretch: Investigate Netbox reporting capabilities to automatically validate data
• Stretch: Investigate Netbox potential future integrations, towards a single source of truth   To do

  Note: July 30, 2018

  In progress

  Note: August 2018

  In progress

  Note: September 11, 2018

<  In progress A final proposal for custom fields usage standards/best practices is under discussion; work will continue (including switching to netbox) after the data center switch from eqiad to codfw.

Technical staff have increased visibility into the operation of our services and infrastructure.

Modernize logging, alerting and metrics monitoring infrastructure

Primary teams: SRE / Infrastructure Foundations

• Procure and provision Logging pipeline hardware in multiple datacenters   In progress
• Migrate >=90% of existing Logstash traffic to the logging pipeline   In progress
• Onboard at least 10 new non-sensitive log producers to the logging pipeline   In progress
• Investigate approaches to ingest sensitive log producers   To do
• [stretch] Deprecate >= 50% of udp2log producers   To do

• Plan and execute a new organization scheme for SRE Grafana dashboards   In progress
• Retire >= 80% of production Diamond collectors   In progress
• Provision >= 50% of statsd/Graphite-only metrics in Prometheus   In progress

  Note: November 14, 2018

updated goals for current status

  Note: December 12, 2018

The implementation of logging infrastructure is going well and mostly still   In progress, and is expected to be   Done by the end of December. The stretch goals will be done in Q3.

Expanding the metrics infra is going well and is   In progress and should be done by end of quarter.

Wikimedia projects and content are protected against major disasters that threaten availability.

Strengthen backups with reliable and redundant backup infrastructure

Primary teams: SRE / Data Persistence

• Design and prepare infrastructure for database binary backups   In progress
  • Research options for producing binary backups (lvm snapshots, cold backups, mariabackup)   Done
  • Implement a proof of concept of a snapshot cycle automation for a mediawiki section database   In progress
  • Procure hardware for binary backups   In progress

  Note: November 14, 2018

updated goals for current status

  Note: December 12, 2018

This goal is going much slower than expected, due to various things and it will be completed in Q3.

Wikimedia projects and content are protected against major disasters that threaten availability.

Primary teams: SRE / Data Persistence, Performance

• Test Performance implications of MySQL TLS connectivity in production, once ready (carried over from 1718Q4)   To do
• Start migrating watchlist last-view updates to hybrid stash/async-DB to avoid the huge rate of DB writes on page views   To do

  Note: November 14, 2018

updated goals for current status

  Note: December 12, 2018

TLS is still  N Stalled on DBA technology selection/implementation due to other work requirements that have higher priorities.

Watchlist also  N Stalled due to emergent work and other work that has higher priorities, we hope to get it done in early Q3.

Technical staff are able to implement and maintain services and infrastructure in an efficient manner with a minimal amount of manual tasks.

Automate common operational tasks around service deployment, maintenance and incident response and build automated workflows for data center infrastructure, network, and equipment lifecycle management

Primary teams: SRE / Infrastructure Foundations

• Split and convert the existing wmf-auto-reimage-lib into Spicerack modules   In progress
• Convert wmf-auto-reimage scripts to Cookbooks   In progress
• Convert other wmf-* scripts to Cookbooks (e.g. decom, downtime, upgrade & reboot, upgrade Varnish)   To do
• Generate documentation for Spicerack   To do

• Upgrade Netbox to the latest version (>= 2.4)   Done
• Track additional categories of infrastructure topology information (e.g. VLANs, IP space, network circuits, etc.)   Done
• Explore Netbox/NAPALM integration to pull live data from network devices   Done
• Develop and deploy at least three Netbox reports to assist with data correctness and consistency   In progress
• [stretch] Add a Cumin backend for Netbox   To do

  Note: November 14, 2018

The migration of logging to Logstash and metrics into Prometheus is   In progress. Logstash hardware for the codfw data center is still being procured. Spicerack modules are being written and refactored with wmf-auto-reimage functionality. Netbox has been upgraded to a new version.

  Note: December 12, 2018

Convert wmf-auto-reimage scripts to Cookbooks is   In progress and will mostly be finished in Q3 due to holidays. The other two goals will start after the conversion is done.

Upgrade Netbox to the latest version is   Done but the stretch goal will mostly tackled in Q3.

Technical staff are able to deploy their changes to Production with confidence that their improvements have been tested in a credible staging environment to work according to expectation.

Create a staging cluster comparable to production infrastructure

Primary teams: SRE / Service Operations, Release Engineering

First steps towards Canary Deployments

• Introduce progressive rollouts to the mediawiki train
• Introduce deployment run state in scap to keep track of successful scap runs
• Investigate the use of versioning in MediaWiki, allowing scap to keep track of deployed revisions

  Note: April 8, 2019

• This has been  N Postponed to Q4

Technical staff have increased visibility into the operation of our services and infrastructure.

Modernize logging, alerting and metrics monitoring infrastructure

Primary teams: SRE / Infrastructure Foundations

• Produce a short document with a cost/benefit analysis of our current external monitoring systems
• Gather a set of requirements, desires, and likely technology choices for an external monitoring system, with a focus on achievability in a short timeframe (1-2 quarters)

• Replace and expand Elasticsearch storage in eqiad and upgrade the cluster from Debian jessie to stretch
• Migrate at least 3 existing Logstash inputs and associated producers to the new Kafka-logging pipeline, and remove the associated non-Kafka Logstash inputs (candidates: log4j, udp2log, syslog/syslog_tls etc.)
• Retire udp2log: onboard its producers and consumers to the logging pipeline
• [stretch] Implement sensitive log access control, onboard 3 sensitive log producers

• Serve >= 50% of production Prometheus systems with Prometheus v2
• Upgrade production prometheus-node-exporter to >= 0.16
• [stretch] Investigate distributed and long term storage solutions for Prometheus
  • Formulate requirements around aggregation, retention, hardware, etc.
  • Evaluate M3 and Thanos

  Note: April 8, 2019

• Build an understanding of our needs around external monitoring services is {[partially done}} in Q3
• Increase utilization of application logging pipeline is   Partially done - there is still work to be done on the 'Migrate at least 3 existing Logstash' goal (so,   Partially done) and the retiring udp2log and the stretch goal have been  N Postponed to Q4

Wikimedia projects and content are protected against major disasters that threaten availability.

Strengthen backups with reliable and redundant backup infrastructure

Primary teams: SRE / Data Persistence

Design and prepare infrastructure for database binary backups

• Design a backup policy for logical and binary backups for both short term and long term storage
• Procure and setup final hardware for binary backups
• Fully implement binary backups and its rotation policy for all MediaWiki metadata and misc databases

  Note: April 8, 2019

• Backup policy is   Done but the procure and implement has been  N Postponed to Q4

Technical staff are able to implement and maintain services and infrastructure in an efficient manner with a minimal amount of manual tasks.

Automate common operational tasks around service deployment, maintenance and incident response and build automated workflows for data center infrastructure, network, and equipment lifecycle management

Primary teams: SRE / Infrastructure Foundations

• Take additional steps towards a "single source of truth" system (Netbox)
  • Upgrade Netbox to v2.5 and use the new cable tracking feature
  • Expose production VMs to Netbox and keep them synchronized with Ganeti
  • Incorporate at least two more categories of data (servers interfaces, server IPs, MAC addresses, network device IPs, management/OOB, etc.)
• Redesign the server provisioning and decommisioning process to facilitate orchestration
  • Add Netbox module to Spicerack and integrate it in the reimage and decom cookbooks
  • Convert virtual machine creation script to a cookbook
  • Reduce the number of manual steps involved in the provisioning process by at least 4

  Note: April 8, 2019

• Both goals are   In progress and will continue into Q4