From caa4121f70086117e1d487e6ea58f10b2ed8388e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= <anarcat@debian.org>
Date: Thu, 4 Jul 2024 15:08:57 -0400
Subject: [PATCH] add example query to list all *other* hosts than ganeti on
 reboot

---
 howto/puppet.md   |  8 ++++----
 howto/upgrades.md | 12 +++++++++++-
 2 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/howto/puppet.md b/howto/puppet.md
index fea5cab6..1c25da05 100644
--- a/howto/puppet.md
+++ b/howto/puppet.md
@@ -791,12 +791,12 @@ The currently known values are: `kvm`, `physical`, and `xenu`.
  * Using [howto/cumin](howto/cumin)
 
  * Using LDAP:
+ 
+        ldapsearch -H ldap://db.torproject.org -x -ZZ -b "ou=hosts,dc=torproject,dc=org" '*' hostname | sed -n '/hostname/{s/hostname: //;p}' | sort
 
-        HOSTS=$(ssh alberti.torproject.org 'ldapsearch -H ldap://db.torproject.org -x -ZZ -b dc=torproject,dc=org -LLL "hostname=*.torproject.org" hostname | awk "\$1 == \"hostname:\" {print \$2}" | sort')
-        for i in `echo $HOSTS`; do mkdir hosts/x-$i 2>/dev/null || continue; echo $i; ssh $i ' ...'; done
+   Same, but only hosts not in a Ganeti cluster:
 
-    the `mkdir` is so that I can run the same command in many terminal
-    windows and each host gets only one once
+        ldapsearch -H ldap://db.torproject.org -x -ZZ -b "ou=hosts,dc=torproject,dc=org" '(!(physicalHost=gnt-*))' hostname | sed -n '/hostname/{s/hostname: //;p}' | sort
 
  [PuppetDB API]: https://puppet.com/docs/puppetdb/4.3/api/index.html
  [fact API]: https://puppet.com/docs/puppetdb/4.3/api/query/v4/facts.html
diff --git a/howto/upgrades.md b/howto/upgrades.md
index b0c34510..012ac63a 100644
--- a/howto/upgrades.md
+++ b/howto/upgrades.md
@@ -320,7 +320,17 @@ See the [Ganeti reboot procedures](howto/ganeti#rebooting) for this procedure.
 ## Remaining nodes
 
 The [Nagios unhandled problems](https://nagios.torproject.org/cgi-bin/icinga/status.cgi?allunhandledproblems) will show remaining hosts that
-might have been missed by the above procedure.
+might have been missed by the above procedure. 
+
+But if you want to run more upgrades in parallels and are doing a
+fleet-wide reboot, while running the Ganeti reboots (above), you can
+perform reboots on the hosts *not* on Ganeti cluster by pulling the
+list of hosts from LDAP:
+
+    ldapsearch -H ldap://db.torproject.org -x -ZZ -b "ou=hosts,dc=torproject,dc=org" '(!(physicalHost=gnt-*))' hostname | sed -n '/hostname/{s/hostname: //;p}' | sort
+
+... and then pick the hosts judiciously to avoid overlapping with
+hosts in the same rotation currently rebooting in Ganeti.
 
 ## Userland reboots
 
-- 
GitLab