Skip to content
Snippets Groups Projects
Verified Commit bbbcae42 authored by lelutin's avatar lelutin
Browse files

Add notes from today's meeting

parent c4a873f3
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 170 additions and 0 deletions
meeting/2025-01-13.md 0 → 100644
+ 170
0
View file @ bbbcae42
---
title: 2025 Q1 Roadmap meeting
---
# Roll call: who's there and emergencies
- anarcat
- groente
- lavamind
- lelutin
- zen
# Dashboard review
Normal per-user check-in:
- <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&assignee_username=anarcat>
- <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&assignee_username=groente>
- <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&assignee_username=lavamind>
- <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&assignee_username=lelutin>
- <https://gitlab.torproject.org/groups/tpo/-/boards?scope=all&utf8=%E2%9C%93&assignee_username=zen>
General dashboards:
- <https://gitlab.torproject.org/tpo/tpa/team/-/boards/117>
- <https://gitlab.torproject.org/groups/tpo/web/-/boards>
- <https://gitlab.torproject.org/groups/tpo/tpa/-/boards>
# 2025Q1 Roadmap review
Review priorities for January and the first quarter of 2025. Pick from the [2025
roadmap](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/roadmap/2025).
Possibilities for Q1:
- [Puppet CI and improvements](https://gitlab.torproject.org/groups/tpo/tpa/-/milestones/8):
GitLab MR workflow, etc
- Prometheus
- MinIO
- web stuff: download page coordination and deployment
- email stuff: eugeni retirement, puppet cleanup, lists server (endless stream
of work?), re-examining open issues to see if we fixed anything
- discussions about SVN?
- tails merge:
- password stores
- security policy
- rotations
- Puppet: start to standardize and merge codebases, update TPA modules,
standardize code layout, maybe switch to nftables on both sides?
Hoping *not* for Q1:
- rdsys containerization (but we need to discuss and confirm the roadmap with meskio)
- network team test network (discussions about design maybe?)
- upgrading to trixie
# Discuss and adopt the long term Tails merge roadmap
<https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-73-tails-infra-merge-roadmap>
In [the last discussion about the tails merge roadmap](https://gitlab.torproject.org/tpo/tpa/team/-/wikis/meeting/2024-11-11), we have:
> postpone[d] the "what happens when" discussion. We also identified that most services above "low complexity" will require their own discussions (e.g. "how do we manage the Puppet control repo", "how do we merge weblate") that will happen later.
So we try to schedule those items across the 5 years. And we can also discuss
specific roadmap items to see if we can settle some ideas already.
Or we postpone all of this to the 2026 roadmap.
Results of the discussion: We won't have time to discuss all of these, so maybe
we want to sort based on priority, and pick one or two to go more in depth.
Output should be notes to add to tpa-rfc-73 and a reviewed 2025 roadmap, then we
can call this done for the time being and come back closer to end of 2025. We
will adopt TPA-RFC-73 as a general guide / rough plan and review as we go.
Here are all the medium and high complexity items we might want to discuss:
## 2025
See also the milestone: %"TPA-RFC-73: Tails merge (2025)"
- [Security Policy](#security-policy) (merge, discussion delegated to anarcat)
- [Shifts](#shifts) (merge, brainstorm a plan)
- Puppet merge (merge, brainstorm of a plan):
- deploy dynamic environments (in progress)
- we can't use environments to retire one of the two puppet servers, because
of exported resources
- Upgrade and converge Puppet modules
- lots of default stuff get deployed by TPA when you hook up a server, we
could try turning everything off by default, move the defaults to a profile
- maybe prioritize things, prioritize A/B/C, example:
- A: "noop TPA": Kill switch on both sides, merged ENC, g10k, review
exported resources, have one codebase but 2 implementations, LDAP
integration vs tails?
- B: "priority merge start": one codebase, but different implementations.
start merging services piecemeal, e.g. two backup systems, but single
monitoring system?
- C: lower priority services (e.g. backusp?)
- D: etc
- Implement commit signing
- [EYAML](#eyaml) (2029, keep?) (migrate to trocla?)
- A plan for [Authentication](#authentication) (postpone discussion to later in 2025)
- [LimeSuvey](#limesurvey) (merge) (just migrate from tails to TPA?)
- [Monitoring](#monitoring) (migrate, brainstorm a plan)
We mostly talked about Puppet. groente and zen are going to start drafting up a
plan for Puppet!
## 2026
- Basic system functionality:
- [Backups](#backups) (migrate) (migrate to bacula or test borg on backup-storage-01?)
- [Authentication](#authentication) (merge) (to be discussed in 2025)
- [DNS](#dns) (migrate) (migrate to PowerDNS?)
- [Firewall](#firewall) (migrate) (migrate to nftables)
- [TLS](#tls) (migrate, brainstorm a plan)
- [Web servers](#web-servers) (merge, no discussion required, part of the Puppet merge)
- [Mailman](#mailman) (merge, just migrate to lists-01?)
- [XMPP](#xmpp) / [XMPP bot](#xmpp-bot) (migrate, delegate to tails, postponed:
does Tails have plans to ditch XMPP?)
## 2027
- [APT repository](#apt-repository) (keep, nothing to discuss?)
- [APT snapshots](#apt-snapshots) (keep)
- [MTA](#mta) (merge) (brainstorm a plan)
- [Mirror pool](#mirror-pool) (migrate, brainstorm)
- [GitLab](#gitlab) (merge)
- close the tails/sysadmin gitlab project?
- brainstorm of a plan for the rest?
- [Gitolite](#gitolite) (migrate, retire Tails' Gitolite and puppetize TPA's?)
## 2028
- [Weblate](#weblate) (news from emmapeel?)
## 2029
- [Jenkins](#jenkins) (migrate, brainstorm a plan or date?)
- [VPN](#vpn)
# Metrics of the month
- hosts in Puppet: 91, LDAP: 90, Prometheus exporters: 512
- number of Apache servers monitored: 33, hits per second: 618
- number of self-hosted nameservers: 6, mail servers: 11
- pending upgrades: 5, reboots: 90
- average load: 0.56, memory available: 3.11 TiB/4.99 TiB, running processes: 169
- disk free/total: 60.95 TiB/142.02 TiB
- bytes sent: 434.13 MB/s, received: 282.53 MB/s
- planned bookworm upgrades completion date: was completed in 2024-12!
- [GitLab tickets][]: 257 tickets including...
- open: 0
- icebox: 160
- roadmap::future: 48
- needs information: 2
- backlog: 21
- next: 6
- doing: 12
- needs review: 8
- (closed: 3867)
[Gitlab tickets]: https://gitlab.torproject.org/tpo/tpa/team/-/boards
Upgrade prediction graph lives at
<https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades/bookworm/>
Now also available as the main Grafana dashboard. Head to
<https://grafana.torproject.org/>, change the time period to 30 days, and wait a
while for results to render.
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment