Difference between revisions of "SAC Meeting 2017-05-20"

From OSGeo
Jump to navigation Jump to search
(starting a meeting agenda)
 
m (Neteler moved page SAC:May2016 to SAC Meeting 2017-05-20: sortable name)
 
(22 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
= Agenda =
 
= Agenda =
  
Please list the meeting topics, and link to relevant SAC tickets when possible. Meeting will be for assigning tasks, updating status, and voting. Majority of discussions should happen on the mailing list and IRC in before and after meetings.
+
Please list the meeting topics, and link to relevant SAC tickets when possible. Meeting will be for assigning tasks, updating status, and voting. Majority of discussions should happen on the mailing list and IRC in before and after meetings. Estimated 30-60 minutes.
  
Time and Date to be set via email list poll.
+
Time and Date set via email list poll.
 +
http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=5&day=20&hour=16&min=0&sec=0&p1=217&p2=37&p3=248&p4=914
  
 
== Current ==
 
== Current ==
  
* SSL certificate
+
* SSL certificate Update (Alex)
* Budget Breakdown -
+
** We bought a 3 yr DV.
 +
** Do we want a 5 yr OV instead
 +
** Reverse Chain file propagation?
 +
* Trac Spam Report (Sandro)
 +
* [[SAC:Budget|Budget]] Report (Alex)
 
** What we've spent the last few years.
 
** What we've spent the last few years.
 
** Upcoming costs
 
** Upcoming costs
 
** What's left
 
** What's left
 +
* Versioning Configuration files
 +
* Clean up wiki pages
 +
** [[SAC Service Status]]
 +
** [[SAC:LDAP]]
 +
** Mailing lists
 +
** Backups
 +
** Configuration
 +
** [[SAC:Budget|Budget]]
 +
** Add timezones to SAC member list
 
* Hardware Migration
 
* Hardware Migration
 +
** Virtualization, Docker, or some other Container
 
** Finish moving things off OSGeo4 and retire
 
** Finish moving things off OSGeo4 and retire
*** Adhoc
+
*** Adhoc - Mapserver Demo, SpatailReference.org, ?
** Virtualization, Docker, or some other Sandbox
+
*** QGIS VM - run's their bugtracker (up for retirement)
* Expand download area capacity ( TODO: Link OSUOSL discussion on dedicated download cluster service )
+
* Expand download area capacity  
 +
** TODO: Link OSUOSL discussion on dedicated download cluster service
 +
** Or, grow disk
 +
** Or, migrate & grow
 +
* Annual OSUOSL Donations - Always in the budget, but we don't always send for some reason.
 +
* Meeting Schedule
  
== Future ==
+
== Ideas & Proposals ==
  
 
* Paid Proposal System - Formalize a method for proposing tasks that require payment to make it happen in a timely manner.
 
* Paid Proposal System - Formalize a method for proposing tasks that require payment to make it happen in a timely manner.
Line 24: Line 44:
 
** Method for soliciting vendors to fulfill tasks
 
** Method for soliciting vendors to fulfill tasks
 
** Method for approving bids that minimizes conflict of interest (SAC members may sometimes bid)
 
** Method for approving bids that minimizes conflict of interest (SAC members may sometimes bid)
 +
* Budget
 +
** Ask the board to split the budget into 2 sections, anticipated(planned) expenses and un-anticipated?
 +
** Aniticpated
 +
*** Certificate, DNS Renewals
 +
*** Planned hardware
 +
*** Un-anticipated
 +
**** Hardware failure replacement
 +
**** Emergency assistance
 +
** Alternate: Materials vs. Person Time
 +
** Based on historical recommend level of funding
 +
*** Alex suggests $15,000/yr
 
* LDAP
 
* LDAP
 
** Merging LDAP/Wiki logins
 
** Merging LDAP/Wiki logins
 
** LDAP user facing password reset (via email tokens)
 
** LDAP user facing password reset (via email tokens)
 
** Implementing OpenID so github, launchpad, google etc, work with OSGeo IDs
 
** Implementing OpenID so github, launchpad, google etc, work with OSGeo IDs
 +
* HTTPS option for all hosted sites
 +
** Using letsencrypt certificates
 +
** Target foss4g archives 1st
 +
* Plan for replacing OSGeo3 next year
 
* OWASP security implementation
 
* OWASP security implementation
 
* Anti spam measures, and automated detection
 
* Anti spam measures, and automated detection
* HTTPS option for all hosted sites
+
 
** Using letsencrypt certificates
+
== Funding sysadmin work ==
** Targe foss4g archives 1st
+
 
 +
The SAC Chair (Alex Mandel) suggested to write down possible handling of payed sysadmin work.
 +
It was suggested:
 +
 
 +
* Paid project supervision
 +
* Nominate an emergency response retainer
 +
* Set up a Time and Material contract
 +
* Set up a Proposal and Bid system
 +
** Create a Wishlist (Once established people submit ideas to be added)
 +
** Vote on Priority of Items
 +
** For top items decide if it's internal or external (bid) & timeline
 +
** For external create a proposal and request bids
 +
*** Vote on bids
 +
** Continually fund items up to a ceiling per year (if any budget left near end of year add to cap)
 +
** Repeat
 +
 
 +
Questions:
 +
 
 +
* How do we solicit bids ?
 +
    strk> a call for interest on SAC list (priority line), on discuss list if needed (second choice)
 +
* How much to reserve for such contract ?
 +
    strk> current budget seems [[Board_of_Directors#Operational_Budget_for_2016|too low]] to allow for a new contract, so I think we should be asking for more
 +
* How do we balance having external contractors do work without having to grant full privileged access?
 +
 
 +
= Tasks =
 +
 
 +
Things people agreed to do.
 +
 
 +
* what - who
 +
 
 +
[[Category:Infrastructure]]
 +
[[Category:SAC Meetings]]

Latest revision as of 06:18, 22 October 2017

Agenda

Please list the meeting topics, and link to relevant SAC tickets when possible. Meeting will be for assigning tasks, updating status, and voting. Majority of discussions should happen on the mailing list and IRC in before and after meetings. Estimated 30-60 minutes.

Time and Date set via email list poll. http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=5&day=20&hour=16&min=0&sec=0&p1=217&p2=37&p3=248&p4=914

Current

  • SSL certificate Update (Alex)
    • We bought a 3 yr DV.
    • Do we want a 5 yr OV instead
    • Reverse Chain file propagation?
  • Trac Spam Report (Sandro)
  • Budget Report (Alex)
    • What we've spent the last few years.
    • Upcoming costs
    • What's left
  • Versioning Configuration files
  • Clean up wiki pages
  • Hardware Migration
    • Virtualization, Docker, or some other Container
    • Finish moving things off OSGeo4 and retire
      • Adhoc - Mapserver Demo, SpatailReference.org, ?
      • QGIS VM - run's their bugtracker (up for retirement)
  • Expand download area capacity
    • TODO: Link OSUOSL discussion on dedicated download cluster service
    • Or, grow disk
    • Or, migrate & grow
  • Annual OSUOSL Donations - Always in the budget, but we don't always send for some reason.
  • Meeting Schedule

Ideas & Proposals

  • Paid Proposal System - Formalize a method for proposing tasks that require payment to make it happen in a timely manner.
    • Method for taking proposals on tasks
    • Method for soliciting vendors to fulfill tasks
    • Method for approving bids that minimizes conflict of interest (SAC members may sometimes bid)
  • Budget
    • Ask the board to split the budget into 2 sections, anticipated(planned) expenses and un-anticipated?
    • Aniticpated
      • Certificate, DNS Renewals
      • Planned hardware
      • Un-anticipated
        • Hardware failure replacement
        • Emergency assistance
    • Alternate: Materials vs. Person Time
    • Based on historical recommend level of funding
      • Alex suggests $15,000/yr
  • LDAP
    • Merging LDAP/Wiki logins
    • LDAP user facing password reset (via email tokens)
    • Implementing OpenID so github, launchpad, google etc, work with OSGeo IDs
  • HTTPS option for all hosted sites
    • Using letsencrypt certificates
    • Target foss4g archives 1st
  • Plan for replacing OSGeo3 next year
  • OWASP security implementation
  • Anti spam measures, and automated detection

Funding sysadmin work

The SAC Chair (Alex Mandel) suggested to write down possible handling of payed sysadmin work. It was suggested:

  • Paid project supervision
  • Nominate an emergency response retainer
  • Set up a Time and Material contract
  • Set up a Proposal and Bid system
    • Create a Wishlist (Once established people submit ideas to be added)
    • Vote on Priority of Items
    • For top items decide if it's internal or external (bid) & timeline
    • For external create a proposal and request bids
      • Vote on bids
    • Continually fund items up to a ceiling per year (if any budget left near end of year add to cap)
    • Repeat

Questions:

* How do we solicit bids ?
   strk> a call for interest on SAC list (priority line), on discuss list if needed (second choice)
* How much to reserve for such contract ?
   strk> current budget seems too low to allow for a new contract, so I think we should be asking for more
* How do we balance having external contractors do work without having to grant full privileged access?

Tasks

Things people agreed to do.

  • what - who