Wpb 22439 fix helm operations coturn sftd#858
Merged
mohitrajain merged 33 commits intomasterfrom Feb 20, 2026
Merged
Conversation
Updates ansible-cassandra submodule to include: - Cassandra version 3.11.19 - Updated SHA256 checksum - HTTPS mirror URL for enhanced security This resolves the checksum mismatch error during offline deployments.
…checksum format Updates ansible-cassandra submodule to 6f6e4214 which fixes the cassandra_sha256 checksum format from Nix SRI format (sha256-<base64>) to Ansible format (sha256:<hex>). Fixes Ansible error: "The checksum parameter has to be in format <algorithm>:<checksum>"
…d offline environments - Fix deprecated 'include:' syntax to 'include_tasks:' - Fix variable naming: cluster_name -> cassandra_cluster_name - Fix vars_files path: roles/cassandra -> roles-external/ansible-cassandra - Add offline mode check for ec2_metadata_facts - Add dry_run mode for cluster health checks - Comment out repairs_backups.yml (incompatible with_zip_cycle plugin) - Fix YAML syntax issues These changes enable Cassandra upgrade playbooks to work in offline environments and with Ansible 2.16+. Tested with rolling restart of 3-node cluster upgrading from 3.11.16 to 3.11.19 with zero data loss.
Add TODO comment explaining that cassandra_restart.yml needs updates for offline/systemd environments. Document manual restart workaround.
…uide Add comprehensive upgrade guide for offline environments covering: - Downloading wire-server-deploy static artifacts from S3 - Copying binaries and ansible files to appropriate hosts - Running pre-upgrade, installation, restart, and post-upgrade steps - Verification with nodetool and cqlsh - Manual rolling restart procedure 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
…be more closer to our production instrcutions
…ns.sh script and add support for coturn secret
…tions.sh and replace offline-helm
Add explanation of why restart must happen before post-upgrade: - New binaries must be running before sstable upgrade - Sstable upgrade uses the new version's format - Skipping restart will cause sstable upgrade to fail
WPB-20347: Update cassandra to 3.11.19
…ain opertations
|
12 tasks
Veki301
requested changes
Feb 19, 2026
Veki301
approved these changes
Feb 19, 2026
…ontroller (#859) * fix: wpb-22439 make using daemonset with nodePort for ingress-nginx-controller default for prod and make load-balancer an example * fix: wpb-22439 add changelog and fix cd.sh for ingress-nginx-controller file change * fix: wpb-23462: add metrics config for ingress-nginx-controller/prod-values
* fix: wpb-22439 enable rabbitmq deployment via ansible * fix: wpb-22439 fix static inventory for rabbitmq to remove nodename dependency * fix: wpb-22439 enable deploying rabbitmq-external and stop deploying rabbitmq chart * fix: wpb-22439 enable creating dedicated nodes for rabbitmq VMs * fix: wpb-22439 fix rmq-cluster inventory group name for rabbitmq terraform created nodes * fix: wpb-22439 include rmq-cluster nodes for networking fix * fix: wpb-22439 refactor node names in hetzner terraform for rabbitmq * fix: wpb-22439 offline-vm-setup script to manage VMs wiab-staging (#845) * fix: wpb-21356 offline-vm-setup script to use ubuntu cloud image, local seed iso and VM verification process * fix: wpb-21356 linting issues and push changelog * fix: wpb-22439 memory requirements for VMs in offline-vm-setup.sh * fix: wpb-22439 fix kubenode disk size * Update changelog.d/3-deploy-builds/wiab-staging * fix: wpb-22439 fix offline-vm-setup.sh * fix: wpb-22439 BASE_IMAGE_DIR value * wpb-22439 wiab-staging: ansible prepare host for vm provisioning (#846) * fix: wpb-21356 rename ansible templates for wiab-staging to make them generic * build: wpb-21356 wiab-staging VMs ansible inventory template to be populated by wiab-staging-provision.yml playbook * build: wpb-21356 ansible playbook for wiab-staging VM provisioning * build: wpb-21356 add ansible inventory for playbook wiab-staging-provision.yml * fix: wpb-21356 rebase from wpb-21356-update-vm-management * fix: wpb-21356 remove vars specific to Hetzner CI process * fix: wpb-22439 remove screen package from wiab-staging-provision.yml ansible playbook * fix: wpb-22439 simplify the wiab-staging inventory to use ansible children instead of creating unique nodes * fix: wpb-22439 ansible playbook wiab-staging-provision.yml to consider the inventory changes * fix: wpb-22439 postgresql_rw and ro group inventory * fix: wpb-22439 fix wiab-staging inventory elasticsearch group name * fix: wpb-22439 fix wiab-staging inventory elasticsearch group names * fix: wpb-22439 remove sshd config template as it is not functionally required * fix: wpb-22439 moved artifact hash to wiab-staging inventory * fix: wpb-22439 fix secondary inventory creation, organize playbook using tags and separate out wiab-staging-nftables playbook * fix: wpb-22439 allow for load balancing for ingress-controller, variable usage to define each k8s node and calling node and add comments * fix: wpb-22439 add wiab-staging-nftables.yaml playbook to manage nftables rules * fix: wpb-22439 allow rabbitmq ansible inventory for wiab-staging * wpb-22439 minor fixes for bin/offline-deploy.sh and cd.sh terraform inventory (#847) * fix: wpb-21356 rebase from wpb-21356-ansible-VM-provisioning * fix: wpb-21356 offline-deploy.sh for SSH_AUTH_SOCK handling * fix: wpb-21356 remove defunct passwords for postgresql * fix: wpb-22439 add terraform resources for wiab-staging (#848) * fix: wpb-21356 fix node types for assethost and adminhost * build: wpb-21356 add changelog for terraform wiab-staging resources * fix: wpb-22439 fix wiab-staging hetzner setup_nodes playbook to handle connection issue * build: wpb-22439 add cd_staging script (#849) * build: wpb-21356 add cd_staging script * build: wpb-21356 add changelog for cd_staging script * build: wpb-21356 enable creating secondary inventory for the VMs * fix: wpb-22439 cd_staging script as per wiab-staging inventory * fix: wpb-22439 fix secondary-inventory geenration logic to keep the original hostnames and bring SSH_OPTS * fix: wpb-22439 create a separate group for rabbitmq-hosts and keep other groups same * fix: wpb-22439 remove old children group for rmq-cluster before adding new one * fix: wpb-22439 fix postgresql_network_interface variable for postgresql * fix: wpb-22439 cd_staging.sh script to handle terrafrom nodenames for all the iventory groups * wpb-22439 6 GitHub workflow wiab staging (#850) * build: wpb-21356 changed the flow of offline.yml - introduced wiab-staging build and split bundle processing with default-build * build: wpb-21356 update pull_request_template and add new label for build-wiab-staging * fix: wpb-21356 offline/cd.sh for demo verification process as github workflow has been updated * fix: wpb-21356 add host key verification flags for scp commands * fix: wpb-21356 debugging ssh banner issues * fix: wpb-21356 disable flows on push and removing the need for the default-build for verify steps * fix: wpb-21356 remove static build hashes and enabled bundle build verification in offline.yml workflow * fix: wpb-22846 remove debug statements from cd.sh * fix: wpb-22439 remove new-line in cd_staging.sh * fix: wpb-22439 standardize SSH_OPTS in cd.sh * fix: wpb-22439 remove branch limitation for workflow * fix: wpb-22439 harden the ansible inventory params for default profile * Wpb 22439 postgresql repmgr node config (#856) * fix: wpb-22439 remove repmgr_node_config from group_vars * fix: wpb-22439 add repmgr_node_config to node specific inventory * fix: wpb-22439 add node specific repmgr_node_config to wiab-staging inventory * fix: wpb-22439 add changelog * fix: wpb-22439 add comment on hostname requirement directly for rmq-cluster group * wpb-22439 7 docs wiab staging (#851) * fix: wpb-21356 fix coturn port ranges * build: wpb-21356 add documentation for wiab-staging and clean old single_hetzner_machine_installation * build: wpb-21356 add changelog and small fix for offline-vm-setup.sh * fix: wpb-22439 memory requirements for VMs in wiab-staging.md doc * fix: wpb-22846 update wiab-staging documentation for hairpin networking * fix: wpb-22439 fix documentation typo * fix: wpb-22439 fix documentation suggestions * fix: wpb-22439 update wiab-staging documentation * wpb-22439 8 clean old wiab staging script and workflows (#852) * fix: wpb-21356 debugging ssh banner issues * fix: wpb-21356 disable flows on push and removing the need for the default-build for verify steps * fix: wpb-21356 remove static build hashes and enabled bundle build verification in offline.yml workflow * refactor: wpb-21356 remove old deploy-wiab workflow as it has already been incorporated in offline.yml * refactor: wpb-21356 remove old autodeploy.sh as offline/cd_staging.sh will replace it * refactor: wpb-21356 remove references of old autodeploy.sh, wiab-hetzner playbook and documentation * fix: wpb-22439 ansible/wiab-staging-provision.yml for ssh_private_key update * fix: wpb-22439 update cert-manager & hairpin NAT documentation --------- Co-authored-by: Julia Longtin <julia.longtin@wire.com> * fix: wpb-23462: remove unused vars from cd.sh and cd_staging.sh * fix: wpb-23462: fix linting issues for cd_staging.sh * fix: wpb-22439 SSH_OPTS var in cd_staging.sh and ignore linting in shellcheck.sh * fix: wpb-22439 update the wiab-staging.yml with the latest artifact hash --------- Co-authored-by: Julia Longtin <julia.longtin@wire.com>
…be more closer to our production instrcutions
…ns.sh script and add support for coturn secret
…tions.sh and replace offline-helm
…ain opertations
…ontroller (#859) * fix: wpb-22439 make using daemonset with nodePort for ingress-nginx-controller default for prod and make load-balancer an example * fix: wpb-22439 add changelog and fix cd.sh for ingress-nginx-controller file change * fix: wpb-23462: add metrics config for ingress-nginx-controller/prod-values
…ub.com:wireapp/wire-server-deploy into wpb-22439-fix-helm-operations-coturn-sftd
…helm-operations.sh reference
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Change type
Basic information
Testing
Offline Build CI (label-based)
Add one or more labels to trigger offline builds:
build-default- Full production build (ansible, terraform, all packages)build-demo- Demo/WIAB buildbuild-min- Minimal build (fastest, essential charts only)build-all- Run all three buildsNote: No builds run by default. Add a label to trigger CI.
Tracking
changelog.dKnowledge Transfer
Motivation
Objective
Reason
Use case