►
From YouTube: Repeatable DB Provisioning weekly sync (2021-08-10)
B
A
So
I
organized
the
blockers
into
get
in
omnibus
sections
and
I
just
wanted
to
take
your
temperature
as
to
like
how
you're
feeling
about
losing
omnibus
so
far
I
mean,
I
think
we
obviously
have
gaps
that
we
need
to
address
biggest.
One
probably
is
the
pg
bouncer
issue
and
whether
I
think
that's
a
risk,
because
we're
not
even
sure
whether
it's
going
to
be
something
the
distribution
team's
going
to
want
to
implement,
although
ian
kind
of
indicated
to
me
that
it
shouldn't
be
a
problem.
A
What
are
your?
What
are
your
thoughts
on
omnibus?
Are
we?
Are
we
continuing
down
this
path
for
now
for
petroni.
B
B
B
We
we
don't
have
such
thing
in
our
implementation
in
jeff,
so
I
didn't
use
it
just
to
be
as
close
as
possible
to
what
we
have
already,
but
it
made
me
a
little
iffy
about
why
it
wasn't
good,
maybe
something
we're
not
aware
very
aware
of,
but
so
far
it's
okay.
We
can
continue
moving
forward
and
see
how
it
goes
in
in
practice.
A
C
B
Yeah
yeah,
it
shouldn't
be
hard.
I
guess,
as
as
far
as
I
know
about
all
g,
just
plug
and
play
doesn't
require
a
lot
of
configuration.
We
do
most
of
the
our
configuration
in
in
chef.
A
A
Backup
so
it
shouldn't
be
a
problem.
Okay,
great
1b
is
just
I
I
wanted
to
look
at
what
we
did
for
the
pg
upgrade
how
we
stop
traffic
some
of
these
things.
It
looks
like
a
lot
of
the
cases.
At
least
the
ansible
plays.
I
reviewed
like
it
sounded
like
we
were
moving
the
config
to
the
side,
making
changes
and
then
reloading,
vg,
reloading,
postgres
and
then
moving
it
back.
A
So
I
don't
anticipate
any
issues,
but
if
you
think
of
anything
that
would
have
been
difficult
with
the
upgrade
with
omnibus
it'd
be
good
to
kind
of
like
highlight
them
now,
so
you
know
we
can
predict
if
we're
going
to
have
issues
later.
B
I
would
say
just
the
extra
level
of
in
the
in
in
direct
configuration
that.
B
You
have
to
update
gitlab.rb
for
all
the
configuration
to
be
fanned
out
to
the
actual
configuration
you
don't
have
that
with
chef
you
just
update
what
shift
is
updating
directly
so
there
is
that,
and
also
if,
if
we're
not
really
aware
of
what
only
bus
is
doing,
if
there
could
be
some
hidden
logic,
that
does
something
with
something
we're
not
aware
of,
but
overall
this
particular
migration
to
bg-12.
B
It
would
have
been
two
top
insane
just
changing
few
things
like
not
using
systemd
using
the
gitlab
ctl
for
reloading
and
so
on.
Stuff.
C
Yeah,
I
would
say
that,
like
the
complications
that
we
had
for
the
upgrade
were
because
we
were
using
ansible
plays
in
parallel
to
jeff
changes,
so
the
ansible
plays
were
doing
changes
that
the
chef
ripa
then
wanted
to
reproduce
or
overwrite
so
yeah,
I
I
agree
with
my
equal.
It
would
have
been,
I
think,
pretty
much
the
same.
A
C
Yeah,
I
I
am,
I
think
I
think
I
don't
feel
like
calling
it
off
the
going
down
the
omnibus
route.
I
think
I'd
rather
push
push
forward
a
little
bit
more.
A
A
Great
okay,
I
just
put
the
two
issues
there
for
omnibus
get.
This
is
for
you,
alejandro
whether
this
is
ready
to
go
into
the
integration
branch
or
you
want
to
wait.
A
Cool
yeah
I
like
to
start
not
using
public
ips
as
soon
as
possible,
so
that
would
be
nice
item.
Two
is
mine.
This
is
just
more
config
generation
with
jsonnet.
This
creates
all
the
ansible
and
terraform
config
for
the
shards,
so
we
don't
have
to
do
that
manually
anymore.
It
will
also
give
us
the
flexibility
to
add
vars
per
shard
in
jsonnet,
which
will
allow
us
to
like
remove
some
of
the
duplication
we
have
now
and
did
the
future.
A
This
is
also
going
to
help
for
secrets
because,
as
I
like
started
thinking
about
how
we
handle
multiple
shards,
I
realized
like
we're
going
to
have
to
have
namespace
secrets
per
shard
in
each
environment.
A
B
Speaking
of
secrets,
did
we
agree
or
recharge?
How
these
secrets
are
gonna
be
laid
out
like?
Is
it
gonna
be
like
for
each
secret
like
a
certificate,
for
example,
is
gonna,
be
its
own
secret
item
in
edge
in
gms
or,
if
we're
going
to
have
like
a
the
whole
vault
in
in
one
secret,
similar
to
what
we
have
right
now
in.
A
Gkms
individual
secrets,
so
what
I'm
thinking
right
now
is
that
there'll
be
a
list
of
secrets
that
will
be
specified
in
jsonnet.
Then,
when
you
do
make
config
it
will
create
the
terraform.
A
You
know
the
terraform
resource
or
the
terraform
module
resource
to
create
all
the
secrets
and
and
bootstrap
them,
or
just
like
seed
them
with
dummy
values
and
then
and
then
it
will
also
generate
the
ansible
vars
for
each
of
the
secrets
for
each
chart.
So
then,
once
you
run
the
make
generate,
then
you'll
have
access
to
a
var
for
each
secret.
B
A
Great
thanks
demo,
I
can
do
the
multi-shard
stuff.
Maybe
we
can
do
the
new
postgres
role.
I
was
even
thinking
it
might
be
cool
to
start
adding
maintenance
plays
like
ansible
plays
like,
for
example,
you
could
have
an
answerable
play
to
do
a
failover
that
would
be
kind
of
cool
like
in
the
list
of
you
know,
jobs
for
each
for
each
shard
and
number
four
is
for
you
to
be
reread
so
go
ahead.
Alejandro
yeah.
C
I
was
gonna
say
I'm
not
necessarily
certain
that
maintenance
tasks
would
be
because
we
have
the
tv
ops
project,
which
is
its
own
set
of
ansible
ways
that
perform
to
perform
a
failover.
So
let
me
add
that
at
some
point.
C
Just
that
it
will
be
relevant
to
point
it
out
so.
C
Supposed
to
put
it
in
there,
but
we
should
which
you'll
look
into
that,
because
dbox
is
already
connected
with
startups,
so
you
can
run
a
failover
from
slack.
So
we
should
look
at
leads
into
reusing.
Some
of
that.
B
Yeah
yeah.
I
was
working
on
that
yesterday
because
I
tracked
something
else.
Unfortunately,
I'm
on
call
this
week
so
depending
on
freeze,
I
have
from
alerts.
Hopefully
I
can.
B
I
can
push
the
updated
stuff
to
the
mr
and
have
it
working
so
yeah,
there's
a
good
chance
that
we
maybe
we'll
be.
We
can
be
able
to
demo
pg
bouncer
as
well.