Wednesday, July 14th
Attendees: Sader, Adam, Michael, Cody, Heather
Updates since last time
- A lot.
- Comprehensive PR validation workflow in Github
- Terraform support for HA containers
- Initial FreeIPA playbook
- Ev finally logged into jira
Things we want done for next time
- Establishing the roles of branches and deployment?
- Main branch for core infrastructure
- Development branch for testing
- Tweak GitLab CI settings such that deploy and destroy stages only run for main branch
- Ansible workflow
- DNS server deployment - multi-tier
- Top tier servers for magevent.net, similar to existing Salt-driven servers
- These accept zone transfers from subdomains and networks for CI/branches
- NTP
- Beginnings of documentation
- “Oh god what do i do”
- It’s always a cache problem, unless it’s a dns problem
- Documentation - where do we want it to live?
- FreeIPA setup
- Establish hosting - Docker in VM, or directly in VM?
- Generalized Docker host VM
- Isn’t there a VM oriented OS for hosting Docker…?
- Coordinate with Tim
Problems
- The CI/CD pipeline is complicated for multiple contributors.
- Docs can help here, the more info we have on how the pipeline runs and how to solve common issues, the easier it is to contribute.
- How things go from repo -> deployed
- FreeIPA requirements:
- All boxes that are going to be connected will need an FQDN
- Subdomains
- DNS needs to be set up for those subdomains for installation
- Have active directory VMs
- Ports need to be opened for LDAP (standard)
- Not running internal firewall rn
- IPv6 config has to be on
- What passwords y’all want for admin/gui things
- Can do replicas later if needed
- User management: ansible / via GUI
- If we use SSH keys, they won’t be able to log into the GUI
- Same tier as GitLab - needed for environment bootstrap in DR/bare metal scenario