Skip to content

Latest commit

 

History

History
133 lines (106 loc) · 5.68 KB

2018-03-03_openSUSE.md

File metadata and controls

133 lines (106 loc) · 5.68 KB
Raw

openSUSE Heroes offsite meeting minutes

Where: SUSE Event Area, SUSE HQ, Nuremberg, Germany, Earth, Solar System, Milky Way, Universe

When: 2018-03-03 / Day 1/2

Who:

  • all-time:

    • Christian Boltz
    • Christian Müller
    • Per Jessen
    • Sarah Julia Kriesch
    • Theo Chatzimichos
    • Thorsten Bro

  • part-time:

    • Bernhard Wiedemann
    • Richard Brown

Day 1 - Saturday - 2018-03-03

Coordinator

  • We need to organize ourselves a bit different, with the loss of Lars.
  • In general we don't want to have the role of "the Coordinator", as it is not really clear what the responsibilites should/would be
  • We need people who take-over responsibility for several tasks, but we want to organize ourselves managed by our ticket system
  • For special purposes - we can define single responsibilities for tasks, e.g.:
    • Organize off-site or other events [choose per event in Heroes Meeting]
    • Talk / coordinate with Release Management and Board [Per Jessen]
    • Hardware / Budget / Sponsoring [Thorsten Bro]
    • Interface-Function to SUSE-IT / MF-IT and SUSE-people in general [Theo Chatzimichos]
    • Heroes security (Sticking to coorporate SUSE / MF guidelines for security certification) [Christian Müller]
    • Onboarding / Guidance of new openSUSE Heroes (Help needed! Ask Theo!) [Theo Chatzimichos, Christian Müller]
      • We need an onboarding wiki page [Theo Chatzimichos]
    • In the Heroes meeting - Check the oldest tickets every month - to not loose track [everybody]

openVPN / Bridging network - Provo / Nuremberg

  • PRV <---> NUE - ToDo:
    • Setup transfer network [rwawrig, cmueller]
    • Setup VPN in Provo [tchatzimichos]
    • HA-setup of scar + scarface [mcaj]
    • Add separate gateway machines in Provo/Nuremberg to do routing (not on scar which is facing external) [tchatzimichos, mcaj]
    • FreeIPA Master to Master setup (Provo / Nuremberg) [?]
    • Master-to-Master setup DB? [?]

Board topics

  • Boards wants us to be more public - actually putting our SALT / Documentation on public pages
    • The onboarding process should be a starting point, to see which things we can document public and publish to the outside world
    • SALT states (w/o pillars) will go public
    • Documentation is up to everybody, to make it more public on its own extent
  • connect.o.o should be replaced in future - this is a long-term ToDo for the next year
    • check possibility of moving those extra DB-fields into eDirectory directly
  • Start communication with Heinlein regarding pushing out mailservice, based on results of connect/eDirectory project

SLE 11 / Leap 15 - migration of old SLE 11 hosts / migration to Leap 15 of Leap 42.3 hosts

SLE 11 hosts upgrade to 42.3

  • (XX) progress.o.o [tchatzimichos]
  • (X) connect.o.o (boosters) - WAIT for more info
    • create disconnect.o.o to disconnect the openSUSE TSP web service from connect.o.o machine / dependencies
  • (~)old mysql
    • Wiki-DB [cboltz, tbro] - Move Wiki-DB, Add MySQL-User-Handling to Salt
  • (EASY)old postgresql [tchatzimichos]
  • (EASY)narwal - servers (static.o.o, studio express, more) [tbro] -> Move to Leap15 beta
  • (X)icc.o.o [tbro] (ask Kai about migration)
  • (X)conference.o.o [Henne and OSEM maintainers]
  • (X)community (irc-bot, some websites, maybe more stuff, etc.) [tchatzimichos]
    • tickets are there to be done: find out if stuff can be moved to static.o.o or needs a new machine
    • IRC-BOT (bugbot) - tchatzimichos will ask Henne about this
  • (EASY)osc-collab [mcaj]

Leap 15

Testing Leap 15 BETA

  • Kiwi - Images for Leap 15 [tbro, cboltz]
  • Salt - Leap 15 Repos [cboltz, bmwiedemann]
  • Below tasks are blocked by the above:
    • static.o.o (narwal) move to Leap 15 beta [tbro, see above]
    • osc-collab to Leap 15 beta [mcaj, see above]
  • community static pages and bugbot to Leap 15 [tchatzimichos]

After the Leap 15 GM Release

  • salt-master [tchatzimichos]
  • All other web services [all heroes]
  • Move mlmmj to mailman with testing first ;) [pjessen]

Mirrors / Database clusters

Mirrors

  • pontifex2.i.o.o in NUE
  • pontifex.i.o.o (rename the machine) [tchatzimichos]
  • shutdown pontifex3 and be on alert if something breaks (old SLE11) [tchatzimichos]
  • fix current mirroring setup
    • fix reverse-DNS for all pontifex machines [mcaj, pjessen, tchatzimichos]
    • do documentation of whole mirroring setup [mcaj, pjessen, tchatzimichos]
    • fix monitoring of mirroring [mcaj, pjessen, tchatzimichos]
  • work on mirrors as onboarding setup
    • add mirroring servers to salt
  • Widehat tasks
    • widehat maybe out of date
    • replace widehat with new sponsor [tbro]
    • put widehat to infra.o.o VPN (client) [tchatzimichos]
  • ask Ludwig about his publishing scripts
  • reply fast with a "stock message" to mirroring requests (generic for other simple customer requests)

General advice

Subscribe to admin-auto@o.o mailing list with your account

make you machines / services (root-accounts) sending mails to the above mentioned list

Salt / Automation

  • More configs / services
    • Formulas preferred
    • Static files / templates acceptable
  • salt-master vs. monitoring machine lists are deviating
    • monitoring client configs should go to the "base" role so that all machines get basic monitoring
    • We need the packages / configs / services / NRPE / check_mk / etc.
    • Check the "deploy CM" doc and see what can be automated
  • Webpage git repo -> push -> CI -> Reactor -> git pull on minion
    • GitHub repos cannot access gitlab-ci [bmwiedemann ask jdsn about mirroring git]
  • Encrypted GPG Pillars
    • documentation [tchatzichmichos]
    • Missing script to re-encrypt all GPG pillars
  • new services should always be configured with Salt!
  • master in Provo (syndic)