Minutes from the Tue Aug 21 infra call

classic Classic list List threaded Threaded
1 message Options
Guilhem Moulin Guilhem Moulin
Reply | Threaded
Open this post in threaded view
|

Minutes from the Tue Aug 21 infra call

Participants
============

1. guilhem
2. cloph
3. Brett
4. Raju

Agenda
======

 * TODOs (deferred from the July call)
   + upgrade remaining Jessie hosts to Stretch
     G. downgrade prometheus-node-exporter from 'stretch-backport' to
        'stretch'
     G. deploy cachetHQ instance on monitoring.tdf (missing API for the metrics)
       - got a private follow up to tdf#1079 by a hund.io staff member,
         "I would like to extend Hund's offer of our product for free to
         non-profit and open-source projects"
       - will stick to Cachet for the time being, then reevaluate in a
         month or two (after libocon)
  * LibOCon: https://conference.libreoffice.org/ (Sep 25 to Sep 28)
    + Who will be there? guilhem, cloph, Brett
    + Should we plan an infra hackfest?
      OK, G. to prepare an agenda and get in touch with the organizers
  * Saltstack
    + Brett: prometheus branch ready for review (contains the files
      that are already deployed, plus some alert rules)
  * Jitsi screen sharing extension: works out of the box on firefox,
    but not on chrome/chromium (need an extension)
    + cloph: ship https://jitsi.documentfoundation.org/chrome.crx
      (based on https://github.com/jitsi/jidesha) to the chrome
      webstore, cf. https://developer.chrome.com/webstore/publish
  * SSO:
    + SAML 2.0 deployed on https://newdesign.libreoffice.org (was
      plain LDAP auth before), deployment on the prod SS3 instance
      coming soon
      - 145/234 users not in LDAP yet…: cloph: makes sense since the
        side doesn't need so much maintenance anymore (beside the
        download page), many accounts aren't so active anymore
      - G. cloph (and probably others) has difficulties to log in,
        check that up before deploying to the prod instance
    + Unsurprisingly, a lot of dormant spam accounts were created
      lately: 1500 accounts since mid June, consistently ~25 new
      accounts per day
      → doesn't cause a technical issue at the moment, but we might need to clean up later
  * Raju: welcome!
    + here is a list to the infra tickets https://redmine.documentfoundation.org/projects/infrastructure
    + Main (long-term) projects:
      - SSO (rdm#1585, mostly done) https://auth.documentfoundation.org/
      - monitoring (rdm#2210, rdm#2211) https://monitoring.documentfoundation.org
        . Brett: starting structure of the alert system is mostly done
          already, cf. the 'prometheus' branch
        . the status page needs to be finalized
      - backups: currently uses rsnapshot, causes too much IO
        . Brett: have great success with borg (a lot faster)
          https://borgbackup.readthedocs.io/en/stable/ (cf. offsite
          backup section)
        . Ideally don't save dumps as plain files, use PITR instead
          https://www.postgresql.org/docs/9.6/static/continuous-archiving.html
          crashreport, bugzilla, askbot, helpwiki (mysql), pootle
          (mysql) DBs are huge, but don't change much within a single day
    + Raju: I have experience with LDAP, PostgreSQL, containers
      - would like to start with "small things" that can be started
        alone, eg, migrations or new services that need to be deployed
        to new vms
  * dashboard.documentdocumentation.org (G-ELK) still needs to
    redeployed and un-dockerized
    + G. deploy new VM and hand over to brett/raju
  * Next call: Tuesday September 18 2018 at 18:30 Berlin time (16:30 UTC), still on jitsi

--
Guilhem.

--
To unsubscribe e-mail to: [hidden email]
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.libreoffice.org/global/website/
Privacy Policy: https://www.documentfoundation.org/privacy