Deploy new exit scanner and check combo on check-01 using metrics-cloud
This is not the same project as legacy/trac#29650 (moved), which was a more ambitious attempt at fixing some of the shortcomings of the current setup. Instead, this project aims to keep the service running with minimal changes until we have more time/funding to take on the increased level of work that would be involved for the more ambitious project. For avoidance of doubt, I still believe that legacy/trac#29650 (moved) is going to be needed soon and is entirely valid work for the Metrics Team to do.
This ticket blocks legacy/trac#29399 (moved) which is of a high priority to the sysadmin team.
The parts of the existing service that can be reused will be reused, which is really just the check application. The check application is written in Go and uses local filesystem data sources (which have to be updated by a tor client). It has an embedded web server and we reverse proxy this via Apache.
The exit scanner and DNS server were written in Haskell. We can't maintain this so instead we are using exitmap wrapped in a Python script to produce exit lists compatible with the existing format (i.e. we're not going to a new format yet). A second python script runs by cron job to write out a BIND compatible zone file, which is served by bind.
The exact split between Metrics Team and Sysadmin Team responsibilities are details in the ops doc for this service (which is yet to be written).