Created
November 12, 2021 20:29
-
-
Save marcb1/b3815ff3a841764779bdf8321fbb6bde to your computer and use it in GitHub Desktop.
firewall network changes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| between: 2020-01-01 00:00:00 - 2020-11-12 00:00:00 ; filtering resources:= google_compute_firewall | |
| Terraform change: | |
| Adding perms for ml SA in vimeo-viewmaster - PR opened on: 2020-11-10 19:58:31 - PR merged on: 2020-11-10 20:05:56 - PR opened by @ philip-ottesen | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4851 | |
| PR description: | |
| --------------- | |
| # Changelog | |
| - Granting `roles/storage.objectViewer` role for `storage.objects.get` permissions | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Give Abhishek access to vimeo-swordfish - PR opened on: 2020-11-09 13:49:21 - PR merged on: 2020-11-10 05:56:59 - PR opened by @ anish-lal | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4846 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/9191 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Add email addresses livestream aws iam - PR opened on: 2020-11-02 18:41:22 - PR merged on: 2020-11-02 19:10:16 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4819 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Restrictive ssh rules - PR opened on: 2020-10-29 16:15:55 - PR merged on: 2020-10-29 16:35:06 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4797 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Adding testlio vpn address to whitelist - PR opened on: 2020-10-29 15:43:27 - PR merged on: 2020-10-29 16:33:18 - PR opened by @ jarrod-manwaring | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4796 | |
| PR description: | |
| --------------- | |
| For: https://github.vimeows.com/Vimeo/infra-plans/issues/8258 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Create FW rule for looker from AWS - PR opened on: 2020-10-27 20:37:41 - PR merged on: 2020-10-28 15:23:56 - PR opened by @ alexandre-vincent | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4787 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/9134 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Restrict ssh access - PR opened on: 2020-10-27 19:47:17 - PR merged on: 2020-10-27 20:33:47 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4786 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Restrictive ssh rules - PR opened on: 2020-10-27 19:05:42 - PR merged on: 2020-10-27 19:30:52 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4785 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Restrictive ssh rules - PR opened on: 2020-10-27 18:28:00 - PR merged on: 2020-10-27 18:57:22 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4784 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Restrictive firewall rules - PR opened on: 2020-10-27 17:39:31 - PR merged on: 2020-10-27 18:11:10 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4783 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Restrictive ssh firewall rules - PR opened on: 2020-10-27 16:44:04 - PR merged on: 2020-10-27 17:03:32 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4782 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Restrict ssh access to vpn - PR opened on: 2020-10-27 16:29:16 - PR merged on: 2020-10-27 16:36:29 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4780 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Add restrictive ssh firewall for vimeo-ak-migration project - PR opened on: 2020-10-27 15:07:57 - PR merged on: 2020-10-27 16:14:48 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4778 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Allow kafka-connect-dev cluster to mysql - PR opened on: 2020-10-22 15:54:46 - PR merged on: 2020-10-22 15:56:48 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4764 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Allow bp-librarian clusters to access mysql - PR opened on: 2020-10-22 15:36:02 - PR merged on: 2020-10-22 15:38:45 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4763 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| STARLORD-48: Create vimeo-starlord-{dev,prod} - PR opened on: 2020-10-19 16:50:00 - PR merged on: 2020-10-19 17:37:33 - PR opened by @ davidf | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4740 | |
| PR description: | |
| --------------- | |
| Part I: Create the projects. | |
| Bring up two new (clean) projects to run starlord GKE clusters in. (and | |
| maybe other things later) | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Remove log-shipper configs - PR opened on: 2020-10-19 09:33:30 - PR merged on: 2020-10-23 12:12:42 - PR opened by @ vijesh-m | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4734 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/8906 | |
| https://github.com/Livestream/sre-puppet-modules/pull/6529 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Reorganized google-projects/vimeo-ott-android - PR opened on: 2020-10-16 16:55:51 - PR merged on: 2020-10-19 17:02:58 - PR opened by @ mario-merendino | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4727 | |
| PR description: | |
| --------------- | |
| Extract all resources to ott/google/ott-android | |
| Extract all common resources to one directory, and have individual | |
| directories for each environment. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| More restrictive firewall rules - PR opened on: 2020-10-16 14:43:56 - PR merged on: 2020-10-23 08:24:38 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4726 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| adding new OTT project - PR opened on: 2020-10-08 14:24:02 - PR merged on: 2020-10-08 16:17:13 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4665 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/8968 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Allow Player to talk to RPC - PR opened on: 2020-10-05 12:01:42 - PR merged on: 2020-10-06 03:26:39 - PR opened by @ mansoor-a | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4622 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/8304 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| adding varnish cache bust pub-sub topics - PR opened on: 2020-10-02 17:57:40 - PR merged on: 2020-10-02 18:09:39 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4615 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/pubsubbuster | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Allow vimeo-devex to intproxy - PR opened on: 2020-09-28 16:28:34 - PR merged on: 2020-09-28 16:38:31 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4576 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| VPL-905 Adding Muybridge Google Project (GIFs) - PR opened on: 2020-09-24 14:54:46 - PR merged on: 2020-09-25 19:19:53 - PR opened by @ caleb-welsh | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4566 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| fixing rule - PR opened on: 2020-09-16 16:50:49 - PR merged on: 2020-09-16 16:55:16 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4512 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/8858 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| adding TF firewall rule for kafka-connect - PR opened on: 2020-09-16 16:39:47 - PR merged on: 2020-09-16 16:41:27 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4511 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/8858 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Adding Kubernetes Engine Admin role in vimeo-site-prod - PR opened on: 2020-08-17 05:40:48 - PR merged on: 2020-08-17 07:25:42 - PR opened by @ vijesh-m | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4332 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Dispatch dedicated project - PR opened on: 2020-08-10 20:55:54 - PR merged on: 2020-08-12 20:59:57 - PR opened by @ alexa-kelley | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4294 | |
| PR description: | |
| --------------- | |
| Initial project creation for migrating Dispatch to it's own dedicated project. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Removing vimeo-screen-recorder-ext project - PR opened on: 2020-08-10 16:56:11 - PR merged on: 2020-08-10 20:59:35 - PR opened by @ jarrod-manwaring | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4289 | |
| PR description: | |
| --------------- | |
| Reverts changes made for: https://github.vimeows.com/Vimeo/infra-plans/issues/8256 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Grant Anton Skochko permissions - PR opened on: 2020-07-30 14:03:04 - PR merged on: 2020-07-30 14:34:34 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4236 | |
| PR description: | |
| --------------- | |
| See https://github.vimeows.com/Vimeo/infra-plans/issues/8412 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| STARLORD-52: vimeo-core: intproxy firewall rule allow vimeo-queues-prod pod CIDRs - PR opened on: 2020-07-16 18:53:29 - PR merged on: 2020-07-16 19:06:37 - PR opened by @ davidf | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4175 | |
| PR description: | |
| --------------- | |
| The intproxy for vault is actually in vimeo-core! | |
| --------------- | |
| ############### | |
| Terraform change: | |
| add logging roles for vimeo-k8s in staging,us-east1. - PR opened on: 2020-07-10 07:10:22 - PR merged on: 2020-07-10 07:31:51 - PR opened by @ manohar-ht | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4136 | |
| PR description: | |
| --------------- | |
| Needed for debugging image pull issues. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Enable cloudresourcemanager API in Zixi project - PR opened on: 2020-07-08 09:20:13 - PR merged on: 2020-07-08 09:28:35 - PR opened by @ quentin | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4124 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Cleaning-up api-bcst Infra - PR opened on: 2020-07-07 08:54:57 - PR merged on: 2020-07-08 07:39:46 - PR opened by @ imran-khan | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4114 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/8240 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Fixing vimeo-core sretools cluster copy pasta - PR opened on: 2020-07-06 19:36:17 - PR merged on: 2020-07-06 21:02:35 - PR opened by @ jarrod-manwaring | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4112 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Add static address and firewall rule for carbon-c-relay - PR opened on: 2020-06-29 19:10:45 - PR merged on: 2020-06-29 19:54:00 - PR opened by @ nicka | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4090 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Add permissions for vmagent - PR opened on: 2020-06-29 16:25:11 - PR merged on: 2020-06-29 18:56:18 - PR opened by @ alexandre-vincent | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4085 | |
| PR description: | |
| --------------- | |
| To be able to scrape Prometheus targets in vimeo-infra we need to add a new service account and firewall rules. | |
| Issue: https://github.vimeows.com/Vimeo/infra-plans/issues/8184 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Allow db-mysql-starlord-b-1 to access percona-bastion - PR opened on: 2020-06-26 06:00:24 - PR merged on: 2020-06-26 06:20:33 - PR opened by @ anish-lal | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4073 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/6661 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Terminating DNS Master/Slave servers - PR opened on: 2020-06-22 10:18:00 - PR merged on: 2020-06-22 11:58:43 - PR opened by @ imran-khan | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4030 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/6473 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Allow ssh from Vimeo VPN in mysql starlord - PR opened on: 2020-06-19 05:31:00 - PR merged on: 2020-06-19 06:28:49 - PR opened by @ anish-lal | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/4026 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/6661 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| New MySQL Read Replicas in us-central - PR opened on: 2020-06-15 06:15:42 - PR merged on: 2020-06-16 15:34:39 - PR opened by @ anish-lal | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3990 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/6661 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| whitelist vimeo-k8s us-east4b, us-east4c clusters for vault. - PR opened on: 2020-06-11 14:15:32 - PR merged on: 2020-06-11 14:44:59 - PR opened by @ manohar-ht | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3969 | |
| PR description: | |
| --------------- | |
| Allow vimeo-k8s clusters in us-east4b, us-east4c connect to vault. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| planning IAC nat ip - PR opened on: 2020-05-28 17:16:03 - PR merged on: 2020-05-28 17:50:44 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3898 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/7726 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| planning IAC nat ip - PR opened on: 2020-05-28 17:16:03 - PR merged on: 2020-05-28 17:50:44 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3898 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/7726 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| planning IAC nat ip - PR opened on: 2020-05-28 17:16:03 - PR merged on: 2020-05-28 17:50:44 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3898 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/7726 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| planning IAC nat ip - PR opened on: 2020-05-28 17:16:03 - PR merged on: 2020-05-28 17:50:44 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3898 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/7726 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| adding iac ip - PR opened on: 2020-05-26 17:54:33 - PR merged on: 2020-05-28 17:10:28 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3883 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/7726 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| adding firewall rule to allow prometheus to scrape tls nodes - PR opened on: 2020-05-14 14:35:26 - PR merged on: 2020-05-14 14:53:04 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3809 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Infrastructure/ratelimit/issues/10 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| adding firewall rule to allow prometheus to scrape tls nodes - PR opened on: 2020-05-14 14:35:26 - PR merged on: 2020-05-14 14:53:04 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3809 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Infrastructure/ratelimit/issues/10 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Fresnel: create vimeo-fresnel-{prod,dev} projects - PR opened on: 2020-05-11 17:01:47 - PR merged on: 2020-05-11 20:52:46 - PR opened by @ davidf | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3788 | |
| PR description: | |
| --------------- | |
| Create fresnel projects for migration out of `vimeo-logs`. Configure two asia, three US and two europe regions for the prod project's VPC so we can do a world-wide geo-distributed deployment later. (choose lower-cost Google-owned facilities rather than colos) | |
| Placeholders are currently left for the new subnets and `folder_id`. | |
| Delete a random trailing space in a comment in `vimeo-queues-dev`, since that's not worth its own PR. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Add ryan.black@vimeo.com to IAM - PR opened on: 2020-05-11 15:09:38 - PR merged on: 2020-05-11 17:13:27 - PR opened by @ frick | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3787 | |
| PR description: | |
| --------------- | |
| Per Vimeo/infra-plans#7524 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Allow new redis-api-master to connect to redis-backup. - PR opened on: 2020-05-08 10:00:06 - PR merged on: 2020-05-08 11:26:24 - PR opened by @ sreenu-raghavan | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3778 | |
| PR description: | |
| --------------- | |
| Tracked here: https://github.vimeows.com/Vimeo/infra-plans/issues/7533 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Document global vars ips - PR opened on: 2020-05-06 14:44:58 - PR merged on: 2020-05-06 15:15:04 - PR opened by @ saeed-abbassi | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3761 | |
| PR description: | |
| --------------- | |
| Based on slack conversation with Magisto IT & SRE staff. | |
| `"52.20.58.119/32",` is removed, since it is not in use anymore. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| whitelist vimeo-k8s us-east4 cluster for vault access. - PR opened on: 2020-05-03 12:11:34 - PR merged on: 2020-05-03 16:27:07 - PR opened by @ manohar-ht | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3742 | |
| PR description: | |
| --------------- | |
| whitelist vimeo-k8s us-east4 for vault access. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Add vimeo-commits project - PR opened on: 2020-04-30 22:53:33 - PR merged on: 2020-05-01 01:02:51 - PR opened by @ joe-peled | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3735 | |
| PR description: | |
| --------------- | |
| Adding a dedicated project to post all future GCE commits in (since they are now org-wide and do not need to be purchased in a particular project in order to take effect). | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Create Metrics prod cluster - PR opened on: 2020-04-27 14:28:27 - PR merged on: 2020-04-27 15:31:12 - PR opened by @ alexandre-vincent | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3700 | |
| PR description: | |
| --------------- | |
| This PR will create a new prod cluster for the metrics workloads. | |
| The main difference with the dev cluster is that we use a non preemptible node pool for high CPU workloads (currently n1-standard-16. i.e. 16 cores VMs). | |
| Related to issue https://github.vimeows.com/Vimeo/infra-plans/issues/7325 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| allow ssh from hubot to memcached hosts - PR opened on: 2020-04-14 18:32:21 - PR merged on: 2020-04-14 18:47:55 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3613 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/6979 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Whitelist Applause VPN IP to access *.ci.vimeows.com domains - PR opened on: 2020-04-14 09:05:35 - PR merged on: 2020-04-14 10:42:01 - PR opened by @ imran-khan | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3602 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/7089 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Initial commit for metrics cluster - PR opened on: 2020-04-01 21:45:27 - PR merged on: 2020-04-24 16:02:16 - PR opened by @ alexandre-vincent | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3501 | |
| PR description: | |
| --------------- | |
| We are creating a new cluster that will be used for metrics related components. Currently: | |
| - Grafana | |
| - VictoriaMetrics | |
| - Prometheus | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Allow RDP to windows instances from vimeo VPN - PR opened on: 2020-03-27 11:44:32 - PR merged on: 2020-03-27 11:52:32 - PR opened by @ anish-lal | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3459 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/6690 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Cleanup M3DB components - PR opened on: 2020-03-19 22:20:15 - PR merged on: 2020-03-19 22:33:00 - PR opened by @ frick | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3410 | |
| PR description: | |
| --------------- | |
| Per Vimeo/infra-plans#6665, this gets rid of some remaining M3DB hosts, static IPs and firewall rules. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| deleting monitoring poc cluster - PR opened on: 2020-03-19 21:48:45 - PR merged on: 2020-03-19 22:10:22 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3409 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/6665 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Allow ssh from vimeo office/vpn to packer instance being built. - PR opened on: 2020-03-13 22:22:39 - PR merged on: 2020-03-14 15:08:10 - PR opened by @ saeed-abbassi | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3373 | |
| PR description: | |
| --------------- | |
| Allow ssh from vimeo office/vpn to packer instance being built in `vimeo-core`. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Add firewall rules for Zixi project - PR opened on: 2020-03-12 14:29:34 - PR merged on: 2020-03-12 14:56:28 - PR opened by @ quentin | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3361 | |
| PR description: | |
| --------------- | |
| Add rules described in https://zixidocumentation.atlassian.net/wiki/spaces/113/pages/767688759/Network+Settings | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Add Vimeo Live Zixi project - PR opened on: 2020-03-11 14:37:22 - PR merged on: 2020-03-11 15:34:39 - PR opened by @ quentin | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3350 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Consolidate syndicator mysql firewall tags - PR opened on: 2020-03-06 17:51:22 - PR merged on: 2020-03-06 18:01:45 - PR opened by @ collin | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3321 | |
| PR description: | |
| --------------- | |
| Related to https://github.vimeows.com/Vimeo/infra-plans/issues/6478 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Add rule so jam nats can reach intproxy - PR opened on: 2020-03-04 16:41:10 - PR merged on: 2020-03-04 16:46:16 - PR opened by @ collin | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3299 | |
| PR description: | |
| --------------- | |
| cc @sergio | |
| --------------- | |
| ############### | |
| Terraform change: | |
| create vimeo-warden project for vimeo jam - PR opened on: 2020-03-04 06:40:55 - PR merged on: 2020-03-04 15:24:31 - PR opened by @ kathleen-french | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3290 | |
| PR description: | |
| --------------- | |
| ### Overview | |
| `warden` is a centralized permissions management application to be used at vimeo. this is a project by kathleen french, obed espina, and mike greenspan. mike said since this is going to (hopefully) be continued post vimeo-jam in an effort to make the pain points w/ compliance/permissions management easier, it might not make sense to have the `vimeo-jam-` prefix in the interest of it not being removed in a couple of weeks time. | |
| --- | |
| <sub>This Pull Request Was Generated With `dex`</sub> | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Create GCP project for Subscript (Vimeo Jam project) - PR opened on: 2020-03-02 23:41:57 - PR merged on: 2020-03-03 17:45:49 - PR opened by @ kevinl | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3281 | |
| PR description: | |
| --------------- | |
| GCP services I'll need to use: | |
| - GKE | |
| - Cloud Speech to Text | |
| - Stackdriver | |
| Do I need to do anything special to be able to use them? | |
| `[folder-id]` and `[subnet-cidr]` remain to be filled out. The docs at https://github.vimeows.com/Infrastructure/terraform/blob/master/docs/new_projects.md make it sound like `subnet-cidr` is something SRE may fill out here? And I'm unsure where to source `folder-id`. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Add firewall rule for Grafana to talk to Graphite - PR opened on: 2020-02-26 18:14:56 - PR merged on: 2020-02-28 16:24:29 - PR opened by @ alexandre-vincent | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3252 | |
| PR description: | |
| --------------- | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Haproxy openrtmp global upgrade - PR opened on: 2020-02-05 11:40:45 - PR merged on: 2020-02-06 06:58:04 - PR opened by @ anish-lal | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3119 | |
| PR description: | |
| --------------- | |
| New set of global haproxy openrtmp instances which will have upgraded haproxy. | |
| Vimeo/infra-plans#6279 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Haproxy openrtmp upgrade - PR opened on: 2020-02-04 10:32:41 - PR merged on: 2020-02-04 13:11:23 - PR opened by @ anish-lal | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/3051 | |
| PR description: | |
| --------------- | |
| New set of haproxy openrtmp instances in useast1 which will have upgraded haproxy. | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/6279 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Add vimeo-search-ads-salesforce-prod project - PR opened on: 2020-01-31 20:27:21 - PR merged on: 2020-01-31 20:58:08 - PR opened by @ frick | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2981 | |
| PR description: | |
| --------------- | |
| This is for Vimeo/infra-plans#6220. | |
| Still probably a lot to track down to facilitate their needs yet, but I'm struggling to find any decent docs regarding permissions or APIs. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Forseti: improve SSH security - PR opened on: 2020-01-30 19:59:41 - PR merged on: 2020-01-31 20:35:37 - PR opened by @ josh-farwell | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2962 | |
| PR description: | |
| --------------- | |
| As a workaround for issues with the SSH jump hosts I was having, we left SSH open on these systems to 0.0.0.0/0. This PR restricts traffic to only VPN clients, and only allows security staff to have SSH access. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| vimeo-transcode-storage: new projects - PR opened on: 2020-01-30 15:55:04 - PR merged on: 2020-01-30 17:31:34 - PR opened by @ alex-paseltiner | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2955 | |
| PR description: | |
| --------------- | |
| # Changelog | |
| - create two new GCP projects `vimeo-transcode-storage-<dev/prod>` in `google-projects` and add to `atlantis.yaml` | |
| ( - reorder workflow in `atlantis.yaml` to keep `videoapi` workspaces next to each other) | |
| --------------- | |
| ############### | |
| Terraform change: | |
| adding vimeo-es-dev project - PR opened on: 2020-01-28 19:37:33 - PR merged on: 2020-01-28 20:15:55 - PR opened by @ marcb | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2938 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/6197 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Whitelist applause proxy IPs - PR opened on: 2020-01-16 12:35:47 - PR merged on: 2020-01-16 13:11:58 - PR opened by @ anish-lal | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2846 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/6183 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| allow vimeo-k8s clusters connect to vault-k8s in vimeo-core. - PR opened on: 2020-01-16 09:05:56 - PR merged on: 2020-01-16 09:10:58 - PR opened by @ manohar-ht | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2843 | |
| PR description: | |
| --------------- | |
| https://github.vimeows.com/Vimeo/infra-plans/issues/5158 | |
| pentagon needs to connect to vault in vimeo-core. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Lifecycle policy: gs://packager-storage|90days|coldline - PR opened on: 2020-01-15 18:15:18 - PR merged on: 2020-01-23 06:38:00 - PR opened by @ joe-peled | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2841 | |
| PR description: | |
| --------------- | |
| This change adds a condition that updates all objects in `gs://packager-storage` to coldline once they are 90 days old. This is in response to recent changes in GCS that updated the coldline retrieval charge from $50k/PB to $20k/PB. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Vimeo source global vars in jump hosts - PR opened on: 2020-01-13 18:16:41 - PR merged on: 2020-01-13 19:01:08 - PR opened by @ saeed-abbassi | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2829 | |
| PR description: | |
| --------------- | |
| - Allow jump-host access based on global vimeo source IPs [link](https://github.vimeows.com/Infrastructure/terraform/pull/2825?#discussion_r167713) | |
| - Update BLR public IPs [link](https://github.vimeows.com/Vimeo/infra-plans/issues/6150?#issuecomment-275325) | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Vimeo source global vars in jump hosts - PR opened on: 2020-01-13 18:16:41 - PR merged on: 2020-01-13 19:01:08 - PR opened by @ saeed-abbassi | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2829 | |
| PR description: | |
| --------------- | |
| - Allow jump-host access based on global vimeo source IPs [link](https://github.vimeows.com/Infrastructure/terraform/pull/2825?#discussion_r167713) | |
| - Update BLR public IPs [link](https://github.vimeows.com/Vimeo/infra-plans/issues/6150?#issuecomment-275325) | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Whitelist magisto ukraine office IP - PR opened on: 2020-01-13 13:11:36 - PR merged on: 2020-01-13 17:13:35 - PR opened by @ vijesh-m | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2828 | |
| PR description: | |
| --------------- | |
| Related to https://github.vimeows.com/Vimeo/infra-plans/issues/6153 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Limiting SSH to offices and vpn IPs. - PR opened on: 2020-01-10 20:21:31 - PR merged on: 2020-01-10 20:50:06 - PR opened by @ saeed-abbassi | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2825 | |
| PR description: | |
| --------------- | |
| Close public access to Vimeo Jumphosts [#6150](https://github.vimeows.com/Vimeo/infra-plans/issues/6150) | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Disable FW logging in Livestream - PR opened on: 2020-01-10 08:09:39 - PR merged on: 2020-01-10 10:48:26 - PR opened by @ sreenu-raghavan | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2819 | |
| PR description: | |
| --------------- | |
| Related Google ticket: ttps://console.cloud.google.com/support/cases/detail/21734349?organizationId=328551520784 | |
| --------------- | |
| ############### | |
| Terraform change: | |
| all vimeo-projects with compute should peer with vimeo-core. - PR opened on: 2020-01-09 20:22:36 - PR merged on: 2020-01-09 20:38:15 - PR opened by @ saeed-abbassi | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2815 | |
| PR description: | |
| --------------- | |
| All `google_projects/vimeo-projects` with **compute** should peer with `vimeo-core`. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| Allow SSH access to vimeo-core-log instances through VPN - PR opened on: 2020-01-07 13:08:20 - PR merged on: 2020-01-08 06:26:24 - PR opened by @ anish-lal | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2781 | |
| PR description: | |
| --------------- | |
| Need SSH access to log into cluster nodes to troubleshoot Loki issues. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| vimeo-falkor-dev: use vimeo_project module - PR opened on: 2020-01-02 20:50:11 - PR merged on: 2020-01-03 19:09:31 - PR opened by @ alex-paseltiner | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2746 | |
| PR description: | |
| --------------- | |
| # Changelog | |
| - switch `google_projects/vimeo-falkor-dev` from using the `google_project` module to the more recent `vimeo_project` module | |
| - this is needed if we want to do peering between `vimeo-falkor-dev` and `vimeo-videoapi-dev` | |
| --------------- | |
| ############### | |
| Terraform change: | |
| [VPL-650] vimeo-videoapi-dev workspace config - PR opened on: 2020-01-02 19:38:35 - PR merged on: 2020-01-02 22:14:45 - PR opened by @ alex-paseltiner | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2744 | |
| PR description: | |
| --------------- | |
| # Changelog | |
| - update vimeo-videoapi-dev project to follow pattern from vimeo-falkor projects | |
| - add IAM permissions for vimeo-videoapi-dev project | |
| - set up workspace for configs for clusters/databases in vimeo-videoapi-dev (and later for prod) | |
| # Notes | |
| - rather than have the `falkor-k8s-workspaces` workflow also apply to the `videoapi` set of projects, I made a new workflow for `videoapi-k8s-workspaces`. If this is not desirable they can all use the same one. | |
| --------------- | |
| ############### | |
| Terraform change: | |
| [VPL-645] vimeo-falkor-prod GCP project - PR opened on: 2019-12-20 16:06:48 - PR merged on: 2020-01-02 16:17:43 - PR opened by @ alex-paseltiner | |
| PR link: https://github.vimeows.com/Infrastructure/terraform/pull/2715 | |
| PR description: | |
| --------------- | |
| # Changelog | |
| - add `vimeo-falkor-prod` project in `production` folder | |
| --------------- | |
| ############### |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment