@nuvlore/extension-bds 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (109) hide show
  1. package/LICENSE +202 -0
  2. package/README.md +3 -0
  3. package/agents/bds-airflow-job-status-readonly.yaml +123 -0
  4. package/agents/bds-disk-investigator.yaml +112 -0
  5. package/agents/bds-inventory-readonly.yaml +60 -0
  6. package/agents/bds-oncall-reporter.yaml +113 -0
  7. package/agents/bds-prism-service-proxy-timeout-readonly.yaml +105 -0
  8. package/agents/bds-scylla-tenant-bucket-readonly.yaml +104 -0
  9. package/agents/bds-tenant-data-operation-log-readonly.yaml +98 -0
  10. package/agents/bds-yarn-app-health-readonly.yaml +114 -0
  11. package/agents/pharos-alert-investigator.yaml +81 -0
  12. package/package.json +60 -0
  13. package/skills/bds-airflow-job-status-investigation/SKILL.md +104 -0
  14. package/skills/bds-airflow-job-status-investigation/references/airflow-access-runbook.md +35 -0
  15. package/skills/bds-airflow-job-status-investigation/references/airflow-bas-dr-runbook.md +42 -0
  16. package/skills/bds-airflow-job-status-investigation/references/airflow-copy-and-migration-runbook.md +63 -0
  17. package/skills/bds-airflow-job-status-investigation/references/airflow-job-status-runbook.md +15 -0
  18. package/skills/bds-airflow-job-status-investigation/references/airflow-output-runbook.md +28 -0
  19. package/skills/bds-airflow-job-status-investigation/references/airflow-snapshot-runbook.md +38 -0
  20. package/skills/bds-disk-io-alert-investigation/SKILL.md +116 -0
  21. package/skills/bds-hadoop-review/SKILL.md +66 -0
  22. package/skills/bds-machine-inventory/SKILL.md +48 -0
  23. package/skills/bds-oncall-followup/SKILL.md +71 -0
  24. package/skills/bds-oncall-followup/references/oncall-followup-runbook.md +58 -0
  25. package/skills/bds-prism-service-proxy-timeout-investigation/SKILL.md +73 -0
  26. package/skills/bds-prism-service-proxy-timeout-investigation/references/service-proxy-timeout-runbook.md +48 -0
  27. package/skills/bds-scylla-tenant-bucket-investigation/SKILL.md +73 -0
  28. package/skills/bds-scylla-tenant-bucket-investigation/references/tenant-bucket-runbook.md +91 -0
  29. package/skills/bds-tenant-data-operation-log-investigation/SKILL.md +89 -0
  30. package/skills/bds-yarn-app-health-investigation/SKILL.md +77 -0
  31. package/skills/bds-yarn-app-health-investigation/references/yarn-app-health-runbook.md +53 -0
  32. package/skills/pharos-alert-investigation/SKILL.md +80 -0
  33. package/src/bds-atomic-log-tools.mjs +300 -0
  34. package/src/bds-team-membership-claude-output.mjs +36 -0
  35. package/src/bds-team-membership-quality.mjs +90 -0
  36. package/tools/bds_airflow_dag_log_read.mjs +24 -0
  37. package/tools/bds_airflow_job_status_command_pack.mjs +587 -0
  38. package/tools/bds_bas_log_read.mjs +23 -0
  39. package/tools/bds_bdm_httpd_log_read.mjs +24 -0
  40. package/tools/bds_chef_client_log_read.mjs +23 -0
  41. package/tools/bds_dashboard_links.mjs +178 -0
  42. package/tools/bds_dashboard_query_knowledge.mjs +258 -0
  43. package/tools/bds_dashboard_query_read.mjs +120 -0
  44. package/tools/bds_disk_io_alert_command_pack.mjs +287 -0
  45. package/tools/bds_environment_host_lookup.mjs +741 -0
  46. package/tools/bds_hdfs_datanode_log_read.mjs +23 -0
  47. package/tools/bds_hdfs_journalnode_log_read.mjs +23 -0
  48. package/tools/bds_hdfs_namenode_log_read.mjs +23 -0
  49. package/tools/bds_hdfs_path_knowledge.mjs +324 -0
  50. package/tools/bds_information_source_knowledge.mjs +356 -0
  51. package/tools/bds_kms_log_read.mjs +23 -0
  52. package/tools/bds_log_path_knowledge.mjs +267 -0
  53. package/tools/bds_machine_inventory.mjs +434 -0
  54. package/tools/bds_mapreduce_historyserver_log_read.mjs +23 -0
  55. package/tools/bds_migration_service_operation_command_pack.mjs +233 -0
  56. package/tools/bds_oncall_followup_payload_draft.mjs +285 -0
  57. package/tools/bds_pharos_query_pack.mjs +218 -0
  58. package/tools/bds_portal_operation_knowledge.mjs +212 -0
  59. package/tools/bds_prism_clone_status_links.mjs +129 -0
  60. package/tools/bds_prism_service_proxy_timeout_query_pack.mjs +224 -0
  61. package/tools/bds_public_cloud_pod_log_read.mjs +18 -0
  62. package/tools/bds_scylla_tenant_bucket_command_pack.mjs +323 -0
  63. package/tools/bds_service_proxy_log_read.mjs +23 -0
  64. package/tools/bds_spark_historyserver_log_read.mjs +32 -0
  65. package/tools/bds_spas_mt_log_read.mjs +23 -0
  66. package/tools/bds_tenant_data_operation_log_command_pack.mjs +321 -0
  67. package/tools/bds_yarn_app_health_command_pack.mjs +529 -0
  68. package/tools/bds_yarn_nodemanager_log_read.mjs +23 -0
  69. package/tools/bds_yarn_resourcemanager_log_read.mjs +23 -0
  70. package/tools/bds_zookeeper_log_read.mjs +23 -0
  71. package/tools/confluence_handoff_page_draft.mjs +173 -0
  72. package/vendor/dashboard/src/grafana-dashboard-query.mjs +61 -0
  73. package/vendor/extension-read-only-toolkit/LICENSE +202 -0
  74. package/vendor/extension-read-only-toolkit/README.md +29 -0
  75. package/vendor/extension-read-only-toolkit/package.json +46 -0
  76. package/vendor/extension-read-only-toolkit/src/devops-data-paths.mjs +222 -0
  77. package/vendor/extension-read-only-toolkit/src/devops-diagnostics.mjs +440 -0
  78. package/vendor/extension-read-only-toolkit/src/enterprise-api-read.mjs +180 -0
  79. package/vendor/extension-read-only-toolkit/src/read-only-command-pack.mjs +1 -0
  80. package/vendor/extension-read-only-toolkit/src/read-only-plan.mjs +45 -0
  81. package/vendor/extension-read-only-toolkit/src/read-only-shell-policy.d.mts +26 -0
  82. package/vendor/extension-read-only-toolkit/src/read-only-shell-policy.mjs +170 -0
  83. package/vendor/extension-workday-infra-access/LICENSE +202 -0
  84. package/vendor/extension-workday-infra-access/README.md +3 -0
  85. package/vendor/extension-workday-infra-access/agents/workday-infra-access-readonly.yaml +183 -0
  86. package/vendor/extension-workday-infra-access/package.json +49 -0
  87. package/vendor/extension-workday-infra-access/skills/workday-infra-access/SKILL.md +102 -0
  88. package/vendor/extension-workday-infra-access/skills/workday-infra-access/references/access-boundary-runbook.md +43 -0
  89. package/vendor/extension-workday-infra-access/skills/workday-infra-access/references/access-runbook.md +15 -0
  90. package/vendor/extension-workday-infra-access/skills/workday-infra-access/references/access-scylla-cloud-runbook.md +39 -0
  91. package/vendor/extension-workday-infra-access/skills/workday-infra-access/references/access-spc-argo-runbook.md +99 -0
  92. package/vendor/extension-workday-infra-access/src/workday-access-profiles.mjs +194 -0
  93. package/vendor/extension-workday-infra-access/tools/aws_cust_federated_readonly_command_pack.mjs +234 -0
  94. package/vendor/extension-workday-infra-access/tools/gcp_readonly_command_pack.mjs +167 -0
  95. package/vendor/extension-workday-infra-access/tools/public_cloud_access_status.mjs +48 -0
  96. package/vendor/extension-workday-infra-access/tools/workday_boundary_login.mjs +460 -0
  97. package/vendor/extension-workday-infra-access/tools/workday_private_cloud_sudo_readonly_command.mjs +386 -0
  98. package/vendor/extension-workday-infra-access/tools/workday_public_cloud_environment_map.mjs +189 -0
  99. package/vendor/extension-workday-infra-access/tools/workday_public_cloud_kubernetes_read.mjs +297 -0
  100. package/vendor/extension-workday-infra-access/tools/workday_public_cloud_spc_login.mjs +505 -0
  101. package/vendor/extension-workday-infra-access/tools/workday_spc_argo_readonly_command_pack.mjs +215 -0
  102. package/vendor/extension-workday-infra-access/workflows/public-cloud-readonly-investigation.js +99 -0
  103. package/workflows/bds-airflow-job-status-investigation.js +168 -0
  104. package/workflows/bds-disk-io-alert-investigation.js +173 -0
  105. package/workflows/bds-oncall-followup.js +112 -0
  106. package/workflows/bds-prism-service-proxy-timeout-investigation.js +69 -0
  107. package/workflows/bds-scylla-tenant-bucket-investigation.js +139 -0
  108. package/workflows/bds-tenant-data-operation-log-investigation.js +189 -0
  109. package/workflows/bds-yarn-app-health-investigation.js +217 -0
@@ -0,0 +1,35 @@
1
+ # Airflow Access And Component Health Runbook
2
+
3
+ Use for Boundary access, kubeconfig checks, Airflow component health, namespace
4
+ events, scheduler/web logs, and generic DAG/config health evidence. Owner:
5
+ `bds-airflow-job-status-investigation/SKILL.md`.
6
+
7
+ ## Access Details
8
+
9
+ - Private cloud access is `bauth init` followed by ordinary `ssh <host>`.
10
+ Use the explicit hostname from the refreshed environment config unchanged.
11
+ - For ATL, use the latest `BDS_ATL_CUST_AZ1` config before selecting a
12
+ control-plane host. Old hosts can disappear after config refresh; the learned
13
+ current ATL access path used `s-3m1d12123f.sys.az1.cust.atl.wd`.
14
+ - If the default SSH config routes through a stale `Atl-Nprd-Mgmt` bastion or
15
+ times out during banner exchange, explicitly use `-J proxy-jump.atl.bnd`
16
+ rather than inventing `.bnd` service-host aliases.
17
+ - If `kubectl get pod` as the SSH user fails with `localhost:8080 refused`,
18
+ treat it as missing normal-user kubeconfig, not cluster health evidence.
19
+ - If `sudo -n` needs a password, use
20
+ `workday_private_cloud_sudo_readonly_command`; agents and command packs must
21
+ not read Keychain directly or print the saved credential.
22
+
23
+ ## Component Health
24
+
25
+ - Capture `airflow-scheduler` and `airflow-web` readiness, status, restarts,
26
+ age, node placement, namespace events, and bounded scheduler/web logs.
27
+ - Always query `-n airflow`; the default namespace can correctly show no pods.
28
+ - `GET /airflow/health ... 200` supports webserver health.
29
+ - `DagBag Failed to import` plus `FileNotFoundError` for
30
+ `/etc/hadoop/conf/bds_config.json` or
31
+ `/data/workday-bds-airflow/dr_to_dr_config/dr_to_dr_config.json` is a
32
+ DAG/config risk even when Airflow pods are healthy.
33
+ - Prometheus `superfluous response.WriteHeader` and sensu-client read-only
34
+ filesystem `chown` messages are noise unless paired with pod restarts, failed
35
+ readiness, or Airflow container errors.
@@ -0,0 +1,42 @@
1
+ # Airflow BAS DR SLA And Bad Worker Runbook
2
+
3
+ Use for `bas_dr_sla_miss`, tenant-data DR copy SLA alerts, stale DR pods, bad
4
+ worker runtime, and BAS recovery validation. Owner:
5
+ `bds-airflow-job-status-investigation/SKILL.md`.
6
+
7
+ - Treat BAS mirror snapshot lag as the symptom. Prove whether the cause is
8
+ DistCp/copy failure, Airflow DAG/config failure, or Kubernetes worker runtime
9
+ cleanup failure by collecting DR task pod placement/status,
10
+ `deletionTimestamp`, finalizers, pod events, task logs, and bad-node runtime
11
+ evidence.
12
+ - Do not delete pods, stop host processes, restart kubelet/containerd, or
13
+ uncordon a bad node from this read-only workflow.
14
+ - If remediation is requested, recommend only an approved operator path: cordon
15
+ the bad worker, force-delete stale completed or terminating DR task pods after
16
+ logs show `Command exited with return code 0` and `Marking task as SUCCESS`,
17
+ let replacement pods schedule on healthy workers, and keep the bad node
18
+ cordoned for DC follow-up.
19
+ - Do not recommend force-deleting an actively progressing `Running` pod. First
20
+ read logs for source/destination snapshot ids, YARN app id, DistCp progress,
21
+ and success markers.
22
+ - A Kubernetes pod can remain `Running` on a degraded node after the Airflow task
23
+ has already completed successfully; classify that as a stale pod only with log
24
+ evidence.
25
+ - For a suspected bad worker, collect read-only node runtime evidence:
26
+ `kubectl get node -o wide`, pods by node, host `uptime`, `D`/`Z`/zombie
27
+ process counts, bounded `ps` lines for `defunct`, `runc`, `containerd`,
28
+ `kubelet`, `mount`, and `cgroup`, plus bounded `systemctl is-active kubelet
29
+ containerd` with timeout.
30
+ - Interpret kubelet/containerd service-query timeouts, stuck `runc`/mount/cgroup
31
+ cleanup, and many zombie processes as node-level runtime degradation.
32
+ - For recovery verification after approved cleanup, confirm new DR task pods on
33
+ healthy nodes, newer mirror snapshots such as `sYYYYMMDDHHMMr`, task logs show
34
+ success, and BAS lag is below the `3600s` threshold. The shorthand contract is
35
+ BAS lag below `3600s`.
36
+ - For BDS ASH BAS DR SLA verification, read the live Pharos script exporter
37
+ source on `s-11rdzb3.sys.az1.cust.ash.wd`: scrape config
38
+ `/etc/pharos_script_exporter/conf.d/chef_scrapes/bds_bas_dr_sla.yaml` and run
39
+ `sudo /data/pharos_script_exporter/scripts/bas_dr_sla_miss_metric.rb BDS_ASH_CUST_AZ1`.
40
+ - Count metric lines where `bds_bas_dr_sla_miss` is greater than `3600`, and
41
+ report `total_metrics`, `sla_missed_gt_3600`, `max_lag_seconds`,
42
+ `max_lag_tenant`, and top lagging tenants.
@@ -0,0 +1,63 @@
1
+ # Airflow Copy And Migration Runbook
2
+
3
+ Use for on-demand tenant copy, migration-service Slack incidents, and S3 VPCE
4
+ copy connectivity evidence. Owner:
5
+ `bds-airflow-job-status-investigation/SKILL.md`.
6
+
7
+ ## On-Demand Tenant Copy
8
+
9
+ - If the control panel provides an ID like
10
+ `dag_tenant_data_copy_on_demand--1780713387370568`, treat the numeric suffix
11
+ as epoch microseconds when direct Airflow metadata does not match.
12
+ - Convert that suffix to UTC, then inspect the scheduler container task log:
13
+ `/data/workday-bds-airflow/logs/dag_tenant_data_copy_on_demand/manual__<UTC_ISO>/run_tenant_data_ondemand_restore_copy/1.log`.
14
+ - Use `Running command`, `--src-tenant`, `--dst-tenant`,
15
+ `Copy tenant data from cluster`, `Obtained Source Snapshot`,
16
+ `Latest remote matching Snapshot`, `Submitted application`, `map <percent>%`,
17
+ `Command exited with return code`, and `Marking task as SUCCESS` as the
18
+ authoritative evidence.
19
+ - In tenant-data namespace migration, the `tenant-data-copy` command shows
20
+ `--src-cluster`, `--dst-cluster`, `--src-env`, `--dst-env`, `--src-tenant`,
21
+ and `--dst-tenant`; `Copy tenant data from cluster ...` confirms the process.
22
+ `Obtained Source Snapshot` and `Starting: Building listing for
23
+ hdfs://.../.snapshot/<snapshot>` identify the source snapshot/path.
24
+ - A task pod that is `Ready=True`, has zero restarts, no pod events, and has
25
+ DistCp/YARN progress still advancing is a slow running copy rather than
26
+ Airflow component failure.
27
+
28
+ ## Migration-Service Incidents
29
+
30
+ - Start from Slack thread facts: `migrationEventId`, source cluster,
31
+ source/target environments, tenant, migration run type, snapshot id, DAG run
32
+ id, failure timestamp, cutover window, and linked Jira. Treat Slack as event
33
+ source and Jira as tracking/follow-up evidence.
34
+ - Validate the state chain from read-only records before recommending action:
35
+ `FIRST_MIGRATION`, `DIFF_MIGRATION`, `CUTOVER_MIGRATION`, bucket sync,
36
+ `PRISM_READY`, and event `COMPLETED`.
37
+ - Derive the correct HDFS authority from cluster evidence. Do not guess by
38
+ shortening names; ATL CUST AZ1 tenant records may use
39
+ `hdfs://bdsatlcustaz11`, not `hdfs://bdsatlcustaz1`.
40
+ - Read-only tenant record files commonly include `operationsLog.csv`,
41
+ `s3MigrationCopyRecords.txt`, `s3MigrationDagRunRecords.txt`, and
42
+ `s3MigrationVerificationRecords.txt`.
43
+ - If a retry is requested during cutover, verify whether migration-service is
44
+ accepting only `CUTOVER_MIGRATION`; `Only cutover run allowed ... Discarding
45
+ message` for a discarded `DIFF_MIGRATION` is state-machine evidence.
46
+ - Recovery needs cutover success, verification source/target file count match,
47
+ bucket sync completion, `PRISM_READY`, and event `COMPLETED`, not only one
48
+ successful copy log.
49
+
50
+ ## S3 VPCE Copy Failure
51
+
52
+ - Compare the failing S3 VPCE endpoint and any proposed alternate S3 VPCE from
53
+ the same worker/source IP before canceling, retriggering, or declaring the
54
+ migration unblocked.
55
+ - Use only DNS lookup, route lookup, and
56
+ `curl -k -sS -o /dev/null --connect-timeout ...` connect probes. Do not use
57
+ `aws s3 cp`, object writes, or migration retries as connectivity tests.
58
+ - If multiple ATL workers time out to one `bucket.vpce-...s3.<region>.vpce.amazonaws.com`
59
+ endpoint but the same worker/source IP reaches another VPCE, treat the issue
60
+ as endpoint/path-specific rather than a general worker or S3 outage.
61
+ - Interpret `http=000` plus connect timeout as failure before HTTP/S3
62
+ authorization; interpret an HTTP status such as `307` from the alternate
63
+ endpoint as proof that the worker can reach that S3 endpoint path.
@@ -0,0 +1,15 @@
1
+ # BDS Airflow Job Status Runbook Router
2
+
3
+ This file is only a router for `bds-airflow-job-status-investigation/SKILL.md`.
4
+ Do not paste all Airflow procedure detail here. Load the smallest reference that
5
+ matches the incident class.
6
+
7
+ - Access, kubeconfig, component pods, events, scheduler/web logs:
8
+ `airflow-access-runbook.md`.
9
+ - On-demand tenant copy, migration-service Slack incidents, and S3 VPCE copy
10
+ failures: `airflow-copy-and-migration-runbook.md`.
11
+ - Snapshot cleanup, NameNode write locks, and PRISM `CreateDataFrame` latency:
12
+ `airflow-snapshot-runbook.md`.
13
+ - `bas_dr_sla_miss`, stale DR pods, bad worker runtime, and BAS recovery
14
+ validation: `airflow-bas-dr-runbook.md`.
15
+ - Requester-facing answer fields by scenario: `airflow-output-runbook.md`.
@@ -0,0 +1,28 @@
1
+ # Airflow Output Runbook
2
+
3
+ Use only when composing the requester-facing answer for an Airflow incident.
4
+ Owner: `bds-airflow-job-status-investigation/SKILL.md`.
5
+
6
+ - Slack event source and migration identifiers when the incident came from a
7
+ Slack migration-service thread.
8
+ - Control-plane host used and whether normal-user kubectl lacked kubeconfig.
9
+ - Airflow namespace pod readiness/status/restarts/age, events, and scheduler/web
10
+ log findings.
11
+ - DAG/run state if provided.
12
+ - Long-running task pod tenant/process, source cluster/path, destination
13
+ cluster/path, snapshot id, YARN app id, and latest progress when available.
14
+ - For `bas_dr_sla_miss`: affected tenants, last stale snapshot time, stuck pod
15
+ status and node placement, task success/failure markers, bad worker zombie and
16
+ runtime evidence, cordon/remediation recommendation, replacement pod
17
+ placement, new mirror snapshot id, and BAS lag versus the `3600s` threshold.
18
+ - S3 VPCE evidence when relevant: old/new endpoint hostnames, resolved IPs,
19
+ source worker IP, route gateway/device, curl `time_connect`, `http_code`, and
20
+ `errormsg`.
21
+ - Migration-service recovery evidence when relevant: cutover status, snapshot,
22
+ verification file counts, bucket sync status, `PRISM_READY`, and event
23
+ `COMPLETED`.
24
+ - Snapshot-cleanup latency evidence when relevant: cleanup cron/timeout from
25
+ cookbook_bitbucket, Airflow deleteSnapshot start/end, NameNode write-lock
26
+ duration/stack, fast-case metadata audit RPCs, and application timeout
27
+ boundary.
28
+ - Evidence gaps and blocked checks, if any.
@@ -0,0 +1,38 @@
1
+ # Airflow Snapshot Cleanup And NameNode Lock Runbook
2
+
3
+ Use for snapshot-cleanup latency, NameNode write-lock evidence, and PRISM
4
+ `CreateDataFrame` timeout investigations. Owner:
5
+ `bds-airflow-job-status-investigation/SKILL.md`.
6
+
7
+ - Read the cleanup schedule from
8
+ `/Users/boqiang.liang/500-work/cookbook_bitbucket/bds_kube/recipes/helm_deploy.rb`.
9
+ For `BDS_ASH_CUST_AZ1`, the learned schedule is
10
+ `SCHEDULE_ASH_CUST = '0 2,3,5 * * 3-5'` and the timeout is `3600` seconds.
11
+ - Keep the investigation read-only and collect Airflow `deleteSnapshot`
12
+ start/end lines, active NameNode `Longest write-lock held` lines, and the
13
+ `FSNamesystem.deleteSnapshot -> NameNodeRpcServer.deleteSnapshot` stack when
14
+ available.
15
+ - Bound log scans by evidence windows. First extract cleaner run start/end and
16
+ top delete durations from `dag_bulk_snapshot_cleaner` logs with `awk` over
17
+ `Deleting snapshot` and `Successfully deleted, duration(ms):`; then inspect
18
+ only the active NameNode log shard and hourly
19
+ `hdfs-audit.log.<yyyy-mm-dd>-<hour>.*.gz` files that overlap those
20
+ timestamps.
21
+ - Keep snapshot-cleanup searches bounded. The older shorthand
22
+ `hdfs-audit.log.<date>-<hour>` means the same hourly audit shard pattern as
23
+ `hdfs-audit.log.<yyyy-mm-dd>-<hour>.*.gz`.
24
+ - When Airflow shows repeated snapshot deletions for the same tenant, elevated
25
+ per-snapshot delete durations, matching NameNode `deleteSnapshot` long
26
+ write-locks, and read RPCs waiting behind the lock, classify the cause as
27
+ snapshot backlog or large diff cleanup.
28
+ - Do not claim exact diff/deleted-file counts unless a log line or an approved
29
+ bounded diff/count command proves it.
30
+ - For Spark/Delta metadata-read evidence, use fast-case NameNode audit logs
31
+ before or after the lock window to prove the path issues read-lock RPCs such
32
+ as target `_delta_log` `getfileinfo`.
33
+ - Treat `getFileInfo/getfileinfo`, `listStatus`, `open`, and
34
+ `getBlockLocations` as NameNode read-lock RPCs that wait behind the
35
+ `deleteSnapshot` write lock.
36
+ - During snapshot cleanup, report `deleteSnapshot` as expected lock behavior,
37
+ then separately document cleanup duration, configured low-risk schedule, and
38
+ whether the application timeout boundary was reached.
@@ -0,0 +1,116 @@
1
+ ---
2
+ name: bds-disk-io-alert-investigation
3
+ description: Read-only BDS storage alert RCA workflow for kernel medium errors, HDFS DataNode failed volumes, PERC virtual disks, physical disk predictive failure, and Hadoop disk handoff.
4
+ allowed-tools:
5
+ - Read
6
+ - Glob
7
+ - Grep
8
+ - mcp__devops_tool__bds_disk_io_alert_command_pack
9
+ - mcp__devops_tool__bds_environment_host_lookup
10
+ - mcp__devops_tool__bds_machine_inventory
11
+ - mcp__devops_tool__workday_boundary_login
12
+ - mcp__devops_tool__remote_readonly_command
13
+ ---
14
+
15
+ # BDS Disk IO Alert Investigation
16
+
17
+ Use this skill when the incident is a BDS storage failure: disk IO errors,
18
+ kernel medium errors, bad blocks, HDFS DataNode failed volumes, PERC virtual
19
+ disk issues, or physical disk predictive failure on a BDS host. For example, a
20
+ DataNode failed-volume alert for a specific source host belongs here because
21
+ the first RCA boundary is the host's filesystem, kernel, and controller state.
22
+
23
+ Do not route DataNode failed-volume incidents to Scylla tenant-bucket, Airflow
24
+ job-status, or generic YARN health workflows unless disk investigation evidence
25
+ shows the symptom belongs to those domains.
26
+
27
+ ## Rules
28
+
29
+ - Resolve the BDS evidence target host before any access or SSH attempt.
30
+ Preserve `active datanode`, alert `Source`, BDS cluster, namespace, and disk
31
+ path as separate fields. For DataNode failed-volume alerts, the active
32
+ DataNode host is usually the storage evidence target; the alert `Source`
33
+ label may be a Pharos/exporter label and must not be used as the SSH target
34
+ until verified.
35
+ - The required first host lookup tool is exactly
36
+ `mcp__devops_tool__bds_environment_host_lookup`. Use it with the BDS cluster
37
+ and `datanodes` role to confirm the target host belongs to the cluster. Use
38
+ `mcp__devops_tool__bds_machine_inventory` only when broader machine-type
39
+ inventory is needed.
40
+ - Do not invent host tools such as `workday_host_info`, `host_info`,
41
+ `host_query`, or `bds_enterprise_host_lookup`. Do not search the repo with
42
+ `grep`, `ls`, `Read`, or `Glob` to discover host information. The host
43
+ resolution path is the explicit MCP tool call to
44
+ `mcp__devops_tool__bds_environment_host_lookup`. If asked which tool to use,
45
+ name that exact MCP tool.
46
+ - Treat disk paths such as `/hadoop/disk5/dfs/dn` as remote paths on the
47
+ resolved DataNode. Never run local `execute`, Bash, `ls`, `test`, `stat`,
48
+ `find`, or file reads against those paths.
49
+ - If `mcp__devops_tool__bds_environment_host_lookup` is unavailable or fails,
50
+ stop and report the exact tool error as a tooling/access gap. Do not fall back
51
+ to local filesystem checks, repo search, or guessed host metadata.
52
+ - For private-cloud/DC hosts, always pass the Workday infra access gate before
53
+ host reads: call `workday_boundary_login action=status`; if not ready, use
54
+ `action=login` only after explicit operator approval. Login prepares local
55
+ Boundary/SSHCA auth state with `bauth init`; it must not mutate remote hosts.
56
+ - Only collect evidence. Do not unmount, repair, format, stop services, restart
57
+ services, mark disks offline, clear logs, or modify RAID state.
58
+ - This skill defines the investigation flow. Use
59
+ `mcp__devops_tool__bds_disk_io_alert_command_pack` only as an atomic helper to
60
+ normalize inputs and generate the read-only command pack.
61
+ - Prefer read-only non-sudo commands first: `lsblk`, `df`, `findmnt`, `iostat`,
62
+ and Dell `omreport` reads.
63
+ - If sudo is required for `journalctl -k` or hardware health commands, use it
64
+ only after explicit operator approval.
65
+ - Never print LDAP passwords, Keychain JSON, tokens, or sudo stdin.
66
+ - Do not put secrets in SSH command arguments. Pass secrets via stdin only.
67
+
68
+ ## Evidence Order
69
+
70
+ 1. Parse alert fields: alert name, active DataNode host, alert `Source` label,
71
+ BDS cluster, namespace, disk path, severity, and alert time.
72
+ 2. Generate the validated read-only command pack with
73
+ `bds_disk_io_alert_command_pack`.
74
+ 3. Resolve and confirm the evidence target host with
75
+ `bds_environment_host_lookup` using the cluster and `datanodes` role. Do not
76
+ run SSH, Boundary login, Bash, `grep`, `ls`, or tool-discovery searches in
77
+ this step. If host lookup fails, stop with the exact tool error.
78
+ 4. Check Workday Boundary readiness with `workday_boundary_login action=status`.
79
+ Run `action=login` only after explicit operator approval, then use ordinary
80
+ SSH to the explicit private-cloud/DC hostname.
81
+ 5. Confirm host identity, UTC time, boot time, kernel, and sudo timestamp state
82
+ on the resolved remote host only.
83
+ 6. Map block devices to mount points with remote `lsblk`, `df`, and `findmnt`.
84
+ 7. Capture current IO state with `iostat -xz 1 3`.
85
+ 8. Read bounded kernel and DataNode-adjacent evidence for failed volumes,
86
+ `critical medium error`, `Sense Key`, `Unrecovered read error`, `megaraid`,
87
+ OS device, sector, virtual disk, and physical disk identifiers.
88
+ 9. Read Dell controller status with `omreport storage controller`.
89
+ 10. Read virtual disk status and bad-block state with
90
+ `omreport storage vdisk controller=0 vdisk=<id>`.
91
+ 11. Read physical disk health with
92
+ `omreport storage pdisk controller=0 pdisk=<id>`.
93
+ 12. Read Dell alert log entries for `PDR64`, `VDR58`, physical disk ID, and
94
+ virtual disk ID.
95
+
96
+ ## RCA Standard
97
+
98
+ Return concise Markdown:
99
+
100
+ - Summary with alert, host, cluster, impacted OS device, mount point, virtual
101
+ disk, and physical disk.
102
+ - Evidence table for VD status, RAID layout, bad-block state, physical disk
103
+ `Failure Predicted`, serial number, and part number.
104
+ - Timeline table in UTC.
105
+ - Current state: host reachability, filesystem mounted or not, iostat state, and
106
+ redundancy/risk.
107
+ - Recommendation as manual human-reviewed action only: drain, decommission, or
108
+ isolate before disk replacement.
109
+
110
+ ## Interpretation
111
+
112
+ - `Virtual Disk Bad Blocks: Yes` plus kernel `critical medium error` is a real
113
+ storage fault, not merely alert noise.
114
+ - `Failure Predicted: Yes` on the physical disk is replacement evidence.
115
+ - RAID-0 data disks have no disk redundancy. Treat continued writes as risky
116
+ until the platform runbook isolates or drains the affected disk/node.
@@ -0,0 +1,66 @@
1
+ ---
2
+ name: bds-hadoop-review
3
+ description: Use when reviewing Workday BDS Hadoop upgrade work, Hadoop release-line PRs, BDS cluster impacts, Hadoop CLI removals, or BDS Hadoop-specific Bitbucket review preparation.
4
+ tools:
5
+ - mcp__devops_tool__bitbucket_api_read
6
+ - mcp__devops_tool__jira_api_read
7
+ - mcp__devops_tool__bds_machine_inventory
8
+ - mcp__devops_tool__bds_scylla_tenant_bucket_command_pack
9
+ - mcp__devops_tool__git_repo_read
10
+ - mcp__devops_tool__repo_text_index
11
+ - mcp__devops_tool__apache_project_update
12
+ - mcp__devops_tool__pr_finding_validate
13
+ - mcp__devops_tool__pr_diff_grounding
14
+ - mcp__devops_tool__pr_changes_only_filter
15
+ - mcp__devops_tool__pr_comment_dedup
16
+ - mcp__devops_tool__pr_comment_footer
17
+ ---
18
+
19
+ # BDS Hadoop Review
20
+
21
+ Ground review in PR diff, linked Jira scope, BDS cluster inventory, and official
22
+ Apache Hadoop update context when version changes are involved. Validate
23
+ findings with `pr_finding_validate`, ground them with `pr_diff_grounding`, and
24
+ filter with `pr_changes_only_filter` before drafting comments. Use
25
+ `pr_comment_dedup` and `pr_comment_footer` only for local comment text.
26
+
27
+ ## BDM And bds-service-proxy CLI Changes
28
+
29
+ When reviewing or debugging BDM and bds-service-proxy base-image changes, do not
30
+ assume `hdfs` is present. New images may remove HDFS-specific CLI packages. For
31
+ non-HDFS object store paths such as S3A, prefer `hadoop fs`.
32
+
33
+ For BDM tenant-health questions, read the source repo before drawing data
34
+ conclusions:
35
+
36
+ - Repo: `https://bitbucket.workday.com/projects/BDS/repos/sirius/browse`
37
+ - Prefer `bitbucket_api_read`; use a human-reviewed local cache clone only when
38
+ grep/indexing is needed.
39
+ - Search for tenant health, `TenantHealth`, `tenant_health`, `unhealthy`,
40
+ `brokenDsInfo`, `consistency_check`, and `operationsLog`.
41
+ - Capture exact file path, function/class, and predicate, then map each
42
+ predicate to S3A evidence.
43
+
44
+ For Scylla tenant bucket checks, call
45
+ `mcp__devops_tool__bds_scylla_tenant_bucket_command_pack` first. The expected
46
+ read-only path is:
47
+
48
+ 1. Confirm pods with `kcsb get pod`.
49
+ 2. Read `bucketdetails-config` to get `bds-tenant.bucket.name`.
50
+ 3. Use a BDM pod such as `bdm-0`.
51
+ 4. Run `hadoop fs -ls s3a://<bds-tenant-bucket>/data/` and then tenant-specific
52
+ `hadoop fs -ls` or `hadoop fs -cat` reads when needed.
53
+
54
+ Tenant folders follow `data/tenants/<ENV_NAME>.<tenantName>`, for example
55
+ `data/tenants/WD504-IMPL.schellman1`. A listed tenant folder can contain
56
+ `operationsLog.csv`, `ted`, and `tmp`.
57
+
58
+ Avoid these false starts:
59
+
60
+ - `aws s3 ls` inside BDM or bds-service-proxy pods; observed behavior is
61
+ `NoCredentials`.
62
+ - `hdfs dfs -ls` in new BDM or bds-service-proxy images; `hdfs` may not exist.
63
+ - KDC pods as the default S3A inspection point; they may have `hdfs` but lack
64
+ the right S3A classpath.
65
+ - `hadoop fs -get` for listing; it downloads locally and can fail on local
66
+ directory creation.
@@ -0,0 +1,48 @@
1
+ ---
2
+ name: bds-machine-inventory
3
+ description: Use when the user asks for BDS machine lists, hostnames, CNAMEs, node types, or cluster inventory across dev, production, or non-production environments. Query the authoritative BDS config repositories through the bds_machine_inventory tool before answering concrete host or type questions.
4
+ tools:
5
+ - mcp__devops_tool__bds_environment_host_lookup
6
+ - mcp__devops_tool__bds_machine_inventory
7
+ - mcp__devops_tool__bds_log_path_knowledge
8
+ - mcp__devops_tool__workday_boundary_login
9
+ ---
10
+
11
+ # BDS Machine Inventory
12
+
13
+ Use this skill for concrete BDS environment inventory questions such as:
14
+
15
+ - "list all KMS machines in nprd"
16
+ - "what types of machines exist in prod?"
17
+ - "show node managers for cluster X"
18
+ - "any BDS env, any machine type"
19
+
20
+ ## Workflow
21
+
22
+ 1. Normalize the environment to `dev`, `production`, or `non-production`.
23
+ 2. If the request asks for concrete private-cloud/DC hosts for a BDS cluster,
24
+ call `bds_environment_host_lookup` first. Use roles such as
25
+ `kube_control_planes`, `kube_workers`, `etcd`, `namenodes`, `datanodes`,
26
+ `resourcemanagers`, or `nodemanagers`.
27
+ 3. If the request asks what machine types exist, call `bds_machine_inventory` with `action: "list_types"`.
28
+ 4. If the request asks for hostnames by a broad inventory type, call `bds_machine_inventory` with `action: "list_hosts"` and either:
29
+ - `machineType` for semantic names such as `kms`, `resource_manager`, or `node_manager`
30
+ - `hostField` for an exact config path such as `bds.kms_nodes`
31
+ 5. Use `cluster` only as a filter. If the user did not name a cluster, leave it empty and report that the answer spans all matching cluster JSON files.
32
+ 6. Use the existing local cache or a user-provided `repoPath` by default. The
33
+ tool always runs `git pull --ff-only` before reading inventory so lookups use
34
+ the latest config code.
35
+ 7. Do not set `allowCacheUpdate: true` unless the user explicitly permits
36
+ creating the missing local read-only config cache and the tool call includes
37
+ a complete `hitlApproval` object with `approved`, `approvedBy`, `action`,
38
+ `target`, `reason`, `expectedImpact`, and `risk`.
39
+
40
+ ## Guardrails
41
+
42
+ - Treat BDS config repos as the source of truth for host inventory.
43
+ - Do not infer hostnames from memory or prior terminal output when a live config query is possible.
44
+ - Do not print secrets, LDAP tokens, or Boundary credentials.
45
+ - This skill lists inventory only. Use `workday-infra-access` or
46
+ `remote-readonly-investigation` before reading logs on a returned host.
47
+ - Use `bds_log_path_knowledge` for static server-type log path planning, then
48
+ verify paths on the host with read-only commands.
@@ -0,0 +1,71 @@
1
+ ---
2
+ name: bds-oncall-followup
3
+ description: Maintain BDS on-call Confluence handoff rows and BDS follow-up Jira drafts for BDS-owned on-call issues.
4
+ allowed-tools:
5
+ - Read
6
+ - Glob
7
+ - Grep
8
+ - mcp__devops_tool__bds_oncall_followup_payload_draft
9
+ - mcp__devops_tool__confluence_search_read
10
+ - mcp__devops_tool__confluence_content_read
11
+ - mcp__devops_tool__confluence_handoff_page_draft
12
+ - mcp__devops_tool__jira_api_read
13
+ - mcp__devops_tool__jira_ticket_draft
14
+ ---
15
+
16
+ # BDS On-call Follow-up
17
+
18
+ Use this skill when a BDS on-call issue must be recorded on the current
19
+ Confluence handoff page or when a BDS-owned follow-up Jira needs to be drafted.
20
+
21
+ Load `references/oncall-followup-runbook.md` only for incident-specific row,
22
+ Jira, and verification details.
23
+
24
+ ## Boundaries
25
+
26
+ - Keep content BDS-only. Exclude DB, MTP, TAR, rsync, or customer workflow
27
+ detail unless it explains a concrete BDS code or workflow gap.
28
+ - Use `bds_oncall_followup_payload_draft` first. It owns on-call range calculation,
29
+ report title shape, row normalization, and BDS follow-up Jira draft shape.
30
+ - For Slack-sourced incidents, use the Slack thread as Issue source and
31
+ narrative anchor. Do not force the Issue title to be the main Jira key.
32
+ - Confluence tools find/read current handoff pages and draft page bodies; they
33
+ do not create or update pages directly.
34
+ - Jira tools read existing tickets or produce Jira-ready drafts; they do not
35
+ create tickets directly.
36
+ - Do not mention Codex, assistant provenance, or internal thread/source names in
37
+ Confluence or Jira content. Use neutral labels such as `Discussion`.
38
+ - Do not over-specify Jira implementation. Identify the current code or workflow
39
+ problem, then leave the fix design to the assignee.
40
+
41
+ ## Evidence Order
42
+
43
+ 1. Determine the current two-week range with `bds_oncall_followup_payload_draft`.
44
+ 2. Locate/read the current handoff page by exact title under parent page
45
+ `4259305001`; draft a child page if it does not exist.
46
+ 3. Read the current handoff table and classify rows as exact match,
47
+ partial/mixed issue row, or unrelated row.
48
+ 4. Read main Jira status/summary/`issuelinks` when present and prefer a linked
49
+ monitoring/product follow-up ticket over the main incident Jira.
50
+ 5. Search Jira for existing follow-ups by tenant, cluster, alert, and issue
51
+ keywords before drafting a new ticket.
52
+ 6. Draft paragraph-formatted Confluence row and BDS Jira text.
53
+ 7. If writes happen through an approved external path, read back Jira and
54
+ Confluence before reporting completion.
55
+
56
+ ## Defaults
57
+
58
+ - Confluence space: `BD`.
59
+ - Parent page id: `4259305001`.
60
+ - BDS on-call report title format:
61
+ `BDS On Call Handoff YYYY/MM/DD-YYYY/MM/DD`.
62
+ - Default two-week anchor: `2026/05/26`.
63
+ - Follow-up Jira project: `BDS`.
64
+ - Follow-up Jira type: `Story`.
65
+ - Follow-up Jira component: `Devops`.
66
+
67
+ ## Output
68
+
69
+ Return either a concise confirmation with Confluence page URL, Jira URL, and
70
+ read-back verification, or a atomic-helper result containing the exact Jira draft and
71
+ paragraph-formatted Confluence row draft when write access is unavailable.
@@ -0,0 +1,58 @@
1
+ # BDS On-call Follow-up Runbook
2
+
3
+ This reference holds row/Jira details for `bds-oncall-followup/SKILL.md`.
4
+
5
+ ## Confluence Row Handling
6
+
7
+ - Before drafting an edit for an existing Confluence table, read the current
8
+ storage body and identify the exact target row. Preserve unrelated rows.
9
+ - If one row contains multiple issues, split issues into separate rows or append
10
+ the new row; do not replace the whole mixed row.
11
+ - Format every Confluence issue row as paragraphs. Split description,
12
+ RCA/evidence, impact, Slack/Jira links, and follow-up links into separate
13
+ `<p>` blocks instead of one dense paragraph per cell.
14
+ - If an operator has already created the Jira or Confluence page outside this
15
+ read-only runtime, read it back and prepare link text for the systems.
16
+
17
+ ## Jira Handling
18
+
19
+ - For a main Jira that tracks the immediate fix, read `issuelinks` before
20
+ deciding the report Follow-up Jira. Use the linked monitoring/product
21
+ follow-up ticket when present.
22
+ - Before drafting a follow-up Jira for an approved external write path, search
23
+ for existing tickets with tenant, cluster, alert, and issue keywords. Reuse an
24
+ existing matching BDS Jira in the draft instead of proposing a duplicate.
25
+ - If follow-up is needed and no Jira exists, draft a BDS Jira that names the
26
+ BDS-owned code/workflow gap and includes a short code pointer when useful.
27
+ - The Jira should include what BDS behavior failed, why this is BDS-owned, the
28
+ current code/workflow block, why the bad state was left behind when known, and
29
+ acceptance criteria requiring tests and better diagnostics.
30
+ - Avoid long incident timelines, non-BDS repair details, Mermaid diagrams,
31
+ unsupported formatting, or telling the assignee exactly how to implement.
32
+
33
+ ## DR Copy SLA / BAS Lag Incidents
34
+
35
+ - For `bas_dr_sla_miss` or DR copy SLA incidents, include affected tenants,
36
+ alert threshold/lag, stale mirror snapshot time, Airflow pod status, bad
37
+ worker node, zombie/node runtime evidence, remediation actions, verification
38
+ snapshot id, BAS lag recovery below `3600s`, and DC follow-up Jira when
39
+ present.
40
+ - Do not report the issue as resolved only because Slack/PagerDuty stopped
41
+ firing.
42
+ - When a bad Kubernetes worker caused stale Airflow task pods, distinguish
43
+ read-only evidence from approved operator actions. State whether the operator
44
+ cordoned the node, force-deleted stale completed pods, allowed replacement
45
+ pods to schedule on healthy nodes, and left the bad node cordoned pending DC
46
+ investigation or reboot.
47
+ - For DR copy SLA incidents, include both the immediate approval/remediation
48
+ Jira and the DC/node follow-up Jira when they are different tickets.
49
+
50
+ ## Verification
51
+
52
+ - When an operator performs writes through an approved external path, read back
53
+ Jira and Confluence before reporting completion.
54
+ - For Confluence, verify the page version advanced, the target row contains the
55
+ Slack thread, main Jira, and follow-up Jira, paragraph formatting is preserved,
56
+ and unrelated rows are still present.
57
+ - Remove internal provenance wording such as `Codex` from requester-facing
58
+ report and Jira text.