IMPORTANT: evaluate VPN connection between Jenkins test CI and the Orka cluster #3883
Comments
UlisesGascon
changed the title
|
After some tweaks in the firewall and evaluating the changes in the network settings, seems like is stable. So far no incidents were detected. I created a service If no network errors are detected, I will mimic this setup on the release Jenkins Controller too. |
|
So far this is stable, I am planning to add the release environment to the VPN too, following the same steps and creating a PR to document this manual steps as they are not done via Ansible. I will start working on the release environment tomorrow. |
|
The VPN on ci.nodejs.org stopped working as a result of the iptables rules being overwritten on a jenkins update and reboot. The iptables rule to allow bidirectional connectivity is now in /etc/iptables/rules.v4 on both ci, and ci-release now and should now persist between reboots. |
As part of the Orka migration (#3686 (comment)), we need to connect our Jenkins Controllers (test and release) to the CISCO VPN.
We are not yet 100% sure how this might impact the current CI setup networking. I will be conducting some connectivity experiments this weekend when the CI is less used.
The goal is to avoid downtimes. I will be monitoring the impact on the infrastructure, but if you notice any issues, please include a comment in this issue.
Next Steps (Test CI Only):
Future Steps (Probably Next Week):
Important
Currently, the changes will only take place in the test CI. Until this is stable, we won't make any changes to the release CI.
The text was updated successfully, but these errors were encountered: