Difference between revisions of "SAC Meeting 2018-03-02"

From OSGeo
Jump to navigation Jump to search
 
(11 intermediate revisions by the same user not shown)
Line 7: Line 7:
 
== Agenda ==
 
== Agenda ==
  
===  Go over status of SSLs - FOSS4G2018  ===  
+
===  FOSS4G2018  move main site to OSGeo Servers ===  
 
* Website code: https://github.com/foss4g2018/foss4g2018
 
* Website code: https://github.com/foss4g2018/foss4g2018
 +
* Plan is to host this on webextra and change DNS accordingly after have webextra automatically pulling github repo
 
* The code for the payments is also very simple HTML - we'd be happy to host in a single point
 
* The code for the payments is also very simple HTML - we'd be happy to host in a single point
 
** 3rd party payment service: Pesapal
 
** 3rd party payment service: Pesapal
Line 33: Line 34:
  
 
* [martin]:  
 
* [martin]:  
'''<Fill report here>'''
+
=== Martin's report of items worked on ===
 +
2018-02-16:
 +
    #1981, Upgrading TraSVN and Download VM's to Debian7, almost the entire
 +
    day, see:
 +
    https://wiki.osgeo.org/wiki/SAC:Debian_System_Administration
 +
 
 +
2018-02-19:
 +
    #1981, Preparational work for upgrading Web and Wiki VM's to Debian7
 +
 
 +
2018-02-27:
 +
    #1981, Preparing notes on upgrade procedure
 +
    #2128, chasing SVN authentication issues
 +
 
 +
2018-03-02:
 +
    #1981, adding to the Wiki
 +
    #2128, investigating the SVN authentication process, most of the day
 +
 
  
 
Martin to report on what he's been working on.
 
Martin to report on what he's been working on.
Line 40: Line 57:
  
 
* Discussion pending on list (moderator: could not find the mail thread)
 
* Discussion pending on list (moderator: could not find the mail thread)
* Needs:
 
** trac is painfully slow (now seems better with Chris Giorgi's recent changes to apache config)
 
** osgeo6 is running an ancient Debian, needs to be updated
 
  
 
Leaning to libvrt since it can be done with one server (less resource intensive than ganeti), with possibility
 
Leaning to libvrt since it can be done with one server (less resource intensive than ganeti), with possibility
 
of moving to ganeti next year when we get more hardware.   
 
of moving to ganeti next year when we get more hardware.   
 +
 +
TODO: It seems we have no new purchase or hardware yet.  Followup on mailing list what's holding up the purchase.
  
 
DONE: Alex sent quote to mailing list, [https://drive.google.com/file/d/1X-z66jXXBUZuPqh6EP0d43g2NUCL7xcL/view?usp=sharing Updated Feb 15] ~$6300-7000.  Chris Gorgi has some ideas, may provide enhancements
 
DONE: Alex sent quote to mailing list, [https://drive.google.com/file/d/1X-z66jXXBUZuPqh6EP0d43g2NUCL7xcL/view?usp=sharing Updated Feb 15] ~$6300-7000.  Chris Gorgi has some ideas, may provide enhancements
Line 83: Line 99:
 
=== Others ===
 
=== Others ===
  
 
=== Martin's report of items worked on ===
 
2018-02-16:
 
    #1981, Upgrading TraSVN and Download VM's to Debian7, almost the entire
 
    day, see:
 
    https://wiki.osgeo.org/wiki/SAC:Debian_System_Administration
 
 
2018-02-19:
 
    #1981, Preparational work for upgrading Web and Wiki VM's to Debian7
 
 
2018-02-27:
 
    #1981, Preparing notes on upgrade procedure
 
    #2128, chasing SVN authentication issues
 
 
2018-03-02:
 
    #1981, adding to the Wiki
 
    #2128, investigating the SVN authentication process, most of the day
 
  
 
==== Trac  SVN status ====
 
==== Trac  SVN status ====
Line 108: Line 107:
 
* DONE: [https://trac.osgeo.org/osgeo/ticket/2115 Bas has tested and gave blessing.  I added download apache configs to gitea]
 
* DONE: [https://trac.osgeo.org/osgeo/ticket/2115 Bas has tested and gave blessing.  I added download apache configs to gitea]
  
** Question, force https by default, I recall some maven stuff breaks on that.
+
** Question, force https by default, I recall some maven stuff breaks on that. --Discussed,NO we don't want to enforce as no benefit and will disrupt caching.  Now people can use it if they want or use http if they prefer.
 +
 
 
** Also related there was a bug requiring newer Debian to get correct algorithms for some https services.
 
** Also related there was a bug requiring newer Debian to get correct algorithms for some https services.
 
* [https://trac.osgeo.org/osgeo/ticket/2116 Add support for registering public user SSH keys in LDAP]
 
* [https://trac.osgeo.org/osgeo/ticket/2116 Add support for registering public user SSH keys in LDAP]
Line 124: Line 124:
  
 
== Minutes ==
 
== Minutes ==
 +
www.osgeo.org Website move planned this weekend - robe
 +
 +
Hardware still outstanding.  Followed up on mailing list with comment from TemptorSent.
 +
 +
SVN Martin still has checkup, robe said seems to work where it didn't before for svn updating/svn checkout anonymous.
 +
Updated ticket.
 +
 +
MartinSpott now has access to web18a to install bacula (after strk fixed robe's screw up)
 +
 +
MartinSpott and TemptorSent got into cat fight about different views on insuring security and managing things
 +
with Martin erring on side of making sure things still work and easy to maintain
 +
and TemptorSent wanting to make sure we have tight controls and don't have a PR security nightmare and being able
 +
to redundantly support things (have some redundancy).
 +
 +
cvvergara showed up late to the party and strk wept at her absence calling us screaming kiddies without her orderly presence.
 +
 +
  
 
=== Attendance ===
 
=== Attendance ===
 +
Regina Obe (robe)
 +
 +
Chris Giorgi (TemptorSent)
 +
 +
Martin Spott (MartinSpot)
 +
 +
Sandro Santilli (strk)
  
 +
Jeff Mckenna (jmckenna)
 +
 +
Vicky Vergara (cvvergara) - came one minute after the meeting end and was disappointed to have missed it
  
 
=== Full transcript ===
 
=== Full transcript ===
 
+
[[Talk:SAC_Meeting_2018-03-02#Transcript|Transcript]]
  
 
= Details =
 
= Details =

Latest revision as of 16:25, 2 March 2018


Where and When

Agenda

FOSS4G2018 move main site to OSGeo Servers


    1. Sent an e-mail inviting to this meeting
    2. https://trac.osgeo.org/osgeo/ticket/2008
    3. https://trac.osgeo.org/osgeo/ticket/2007

<Fill report here>

New Website status report

Report:

  • [robe] Status of staging.www.osgeo.org now setup on web18a.osgeo.osuosl.org (plans to migrate production to there as well)
 Eventual shutoff of cloudvps.com hosting
 Plan to move www.osgeo.org this weekend [1]

Sys Admin Contract

  • [martin]:

Martin's report of items worked on

2018-02-16:

   #1981, Upgrading TraSVN and Download VM's to Debian7, almost the entire
   day, see:
   https://wiki.osgeo.org/wiki/SAC:Debian_System_Administration

2018-02-19:

   #1981, Preparational work for upgrading Web and Wiki VM's to Debian7

2018-02-27:

   #1981, Preparing notes on upgrade procedure
   #2128, chasing SVN authentication issues

2018-03-02:

   #1981, adding to the Wiki
   #2128, investigating the SVN authentication process, most of the day


Martin to report on what he's been working on.

Migration off old hard-ware AND Virtualization, Containerization, or None

  • Discussion pending on list (moderator: could not find the mail thread)

Leaning to libvrt since it can be done with one server (less resource intensive than ganeti), with possibility of moving to ganeti next year when we get more hardware.

TODO: It seems we have no new purchase or hardware yet. Followup on mailing list what's holding up the purchase.

DONE: Alex sent quote to mailing list, Updated Feb 15 ~$6300-7000. Chris Gorgi has some ideas, may provide enhancements

  • DONE: provide clarification of new hardware purchase options suitability for hosting type. (wildintellect)
    • LXD was suggested as a drop-in alternative to full Virtualization with KVM for most service; this more similar to the feel of a virtual machine than say Docker.
    • We can mix, nest, and layer both containers and virtualization interchangeably.
    • Easy candidates for containers include Downloads and Webextra (FOSS4G) which are static files.
  • Suggestions:
    • Optane card for extra disk caching beyond memory - Question how do we configure this:
      • 25% is reserved as unallocated to reduce write-wearing and maintain speed over the expected life of the server.
      • A portion (~25-50%) would be allocated to the ZFS L2ARC (or equivalent) to keep warm FS blocks instantly accessible.
      • The remainder is available to be used essentially as a large persistent ramdisk.
    • Fill RAM, mostly caches requests, in particular file downloads
      • This will happen automatically as files are accessed and added to the filesystem's cache.
      • Data can be pre-cached simply by accessing the files and directories -- a simple script can run periodically to ensure they are kept marked as hot.
    • Larger DWPD rating for SSDs to better handle writes - Question, we didn't do this for OSGeo6, anything we should look out for? Should we estimate life of OSGeo6 drives and replace pre-failure next couple of years.
      • Total write volume can be checked with smart-tools and drives approaching the stated limit should be replaced or move to storage-only applications.
      • Write endurance and long-term speed can be improved by leaving 20-50% of each drive unallocated.
    • Mirrored pair of SATA SSDs for write-caching and high io loads.
      • Reserve 25-33% unallocated.
      • Provide ZFS ZIL SLOG with 32-64GB to minimize write latency for data stored on HDDs.
      • The remainder can be used for loads with high mixed read/write transactional loads, such as active databases, mail, etc.
    • 4 TB Spinning disks, still plenty of space (7+ usable), takes less time to rebuild on failure, cost diverted to other features.
      • (Please note - an active storage pool should never be filled to more than 2/3 of capacity to avoid serious performance degradation and fragmentation - C.G.)


Any other feedback from others to be discussed

Dropbox replacement for board

Board wants a Dropbox replacement, wrote requirements on the wiki. See https://trac.osgeo.org/osgeo/ticket/2110

We should provide a solution

Others

Trac SVN status

  • Seems good been upgraded to Debian 7

Ticket Triage

    • Question, force https by default, I recall some maven stuff breaks on that. --Discussed,NO we don't want to enforce as no benefit and will disrupt caching. Now people can use it if they want or use http if they prefer.

GeoForAll DNS

Jeff to report on status of GeoForALL and other DNS issues he's been fixing TODO: Keep nudging GeoForAll folks

Weblate instance ?

Some projects requested a translate.osgeo.org, we could pay Weblate core developers for the initial setup of a multi-user instance.

Minutes

www.osgeo.org Website move planned this weekend - robe

Hardware still outstanding. Followed up on mailing list with comment from TemptorSent.

SVN Martin still has checkup, robe said seems to work where it didn't before for svn updating/svn checkout anonymous. Updated ticket.

MartinSpott now has access to web18a to install bacula (after strk fixed robe's screw up)

MartinSpott and TemptorSent got into cat fight about different views on insuring security and managing things with Martin erring on side of making sure things still work and easy to maintain and TemptorSent wanting to make sure we have tight controls and don't have a PR security nightmare and being able to redundantly support things (have some redundancy).

cvvergara showed up late to the party and strk wept at her absence calling us screaming kiddies without her orderly presence.


Attendance

Regina Obe (robe)

Chris Giorgi (TemptorSent)

Martin Spott (MartinSpot)

Sandro Santilli (strk)

Jeff Mckenna (jmckenna)

Vicky Vergara (cvvergara) - came one minute after the meeting end and was disappointed to have missed it

Full transcript

Transcript

Details

Next Meeting

Proposed Time: UTC: Thursday, March 15th, 2018 at 8:00 pm

SAC main page