From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms13.migadu.com with LMTPS id mG9vLozVi2aiTgAAqHPOHw:P1 (envelope-from ) for ; Mon, 08 Jul 2024 12:03:24 +0000 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id mG9vLozVi2aiTgAAqHPOHw (envelope-from ) for ; Mon, 08 Jul 2024 14:03:24 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=elephly.net header.s=zoho header.b=Z9FAbg6M; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=none; arc=pass ("zohomail.com:s=zohoarc:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1720440204; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=ktHSgBHtgAsKuJupHFhcOlQgcCctCzNYmHOhq2aYh44=; b=r1LL5MDtsEuiLtGIMx2Jyj+dIRA9vIwSMN2aZ501+FWfxatur5WiDukxh6ZsRUSnv51zma gcf49yEgK6tCBkiC5M+c6efLLAu0MCIZ1DqHmT+xpCUopE+tlwYHILyPpqg2vu8sbmcOiY MxDYAKUKUObPc0cic6ofGAvpM3EHgVZfA5COVe0hmiFHSHDz3qsUBldqAYFKsA4tKvC0Az jvXyhGYn4wxhv7ooDXTRg0byzVQlz74Y3MJzFuJ5DbYwlksIQ+iIyaZS8J1i9yEgCpB1Zv fAbpkb4Y/QST1edPn9bDiRbgFNvXb3sW79I90kSAQmOUjNIFxTTARf6WXmlJQA== ARC-Authentication-Results: i=2; aspmx1.migadu.com; dkim=pass header.d=elephly.net header.s=zoho header.b=Z9FAbg6M; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=none; arc=pass ("zohomail.com:s=zohoarc:i=1") ARC-Seal: i=2; s=key1; d=yhetil.org; t=1720440204; a=rsa-sha256; cv=pass; b=R4JTIhFvW4E5paY20/Ozk0ouBkpfxdASUvJZZswDHkOOFIc7A4sURFomThvMaz8RHJ9kEk 61OfxouUBYTHMmvogKn48ew19L3CECAnDStTX7CNv/LST4MhrBO/9lg+wzJoG91jlqiH5x xkTyap/Fsv6idK/ZKuQa89Ny0qo/aDqdUvMottSTdu3RvZwz0wUa7KtV+hA5GrcMVKscXs C9ySG2XuEh9M8WGsxzWVeWBhsUAdQj2DjHzwHYkt9jXNzfh5ZR7h/jRWT+wstEBR5zDrCs xQrWmt6vuc2u28Fl3qGtDFUBHXDLNuDEfvnTEI+1hlAc3OqRvERWQgJN9AEioA== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 874EC6A3AF for ; Mon, 8 Jul 2024 14:03:24 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sQn4z-00070Z-OC; Mon, 08 Jul 2024 08:02:49 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sQn4w-0006zH-6F; Mon, 08 Jul 2024 08:02:46 -0400 Received: from sender3-of-o58.zoho.com ([136.143.184.58]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sQn4s-0003pP-Sh; Mon, 08 Jul 2024 08:02:45 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1720440151; cv=none; d=zohomail.com; s=zohoarc; b=aBBRcvtXVvLHJCqNYrMqfzwSraiXiq6mL0vvIRcYnKc2l74vey0fpZHFwjdw6UpGdCeeUiHGL/oVWWiLdM00eVjahaa73HmRTqZ2GlJ0CThaIfHzvAsswP/kqNoh0N4Q8KFBvyeFc/WgM3RZ+GlKusaLl0mNODkqfgJ3YDmWWO8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1720440151; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To; bh=ktHSgBHtgAsKuJupHFhcOlQgcCctCzNYmHOhq2aYh44=; b=Gp/ikHKj3L6EzSEs25uUIMUka+2NvUlovrgMJU0IyP0D1exBGsoEMdtTEf7datv4GIIqTk4GUcKO0sNQCrBZcfTp81jgFnb0EwapRQI/62VBbpalsRaOiw56vfijenuxIv9fsNzekU9Xem9D/xp7JxXs2RUQL4QApM3/BaKVV4c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=elephly.net; spf=pass smtp.mailfrom=rekado@elephly.net; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1720440151; s=zoho; d=elephly.net; i=rekado@elephly.net; h=From:From:To:To:Cc:Cc:Subject:Subject:In-Reply-To:References:Date:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-Id:Reply-To; bh=ktHSgBHtgAsKuJupHFhcOlQgcCctCzNYmHOhq2aYh44=; b=Z9FAbg6M7cBeU+xzyQlm4LO7gOsy8iUmJoONdD0OUGLLU3yCoD/zQ2yPV+/W5mk9 VzQt9sc5tmlDpIsvN4FOwV3cTmxgsZw9QVRYySBHC5AQAq7IfNIjdYpBz2WVhNZIuiL rxYhMrSj31KiNLUJgC1T7Vjwel+HiWqY2inCTzkg= Received: by mx.zohomail.com with SMTPS id 1720440149688779.924294452711; Mon, 8 Jul 2024 05:02:29 -0700 (PDT) From: Ricardo Wurmus To: Simon Tournier Cc: Ludovic =?utf-8?Q?Court=C3=A8s?= , guix-devel@gnu.org, guix-sysadmin Subject: Re: Sustainable funding and maintenance for our infrastructure In-Reply-To: <87sewpf702.fsf@gmail.com> (Simon Tournier's message of "Thu, 04 Jul 2024 18:37:33 +0200") References: <87sewr98jd.fsf@gnu.org> <87sewpf702.fsf@gmail.com> Date: Mon, 08 Jul 2024 14:02:26 +0200 Message-ID: <87frskrt0t.fsf@elephly.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-ZohoMailClient: External Received-SPF: pass client-ip=136.143.184.58; envelope-from=rekado@elephly.net; helo=sender3-of-o58.zoho.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Queue-Id: 874EC6A3AF X-Migadu-Scanner: mx13.migadu.com X-Migadu-Spam-Score: -10.44 X-Spam-Score: -10.44 X-TUID: KH1rAEAxdTIC Hi Simon, > On Tue, 02 Jul 2024 at 16:24, Ludovic Court=C3=A8s wrote: > >> The reason for this discussion is that we were >> thinking that we should not take our existing build farms for granted >> and be prepared for the future. > > Could you explain the rationale? I understand and fully agree that > sustainable funding and maintenance for infrastructure are key topics > for the project. Do we need to move ci.guix soon? Related to Ricardo > announcement [1]? There is no urgency. The build farm at the MDC isn't going anywhere. But it would be unwise for the project to assume that it will always stay this way. In the past we've also had some minor issues outside of our immediate control that are attributable to hosting these servers at a research institute, for example a trigger-happy firewall, or blanket bans on large IP address ranges. In the past we were given the opportunity to extend and upgrade the build farm, but we cannot plan with good fortune like this. As a project it would be wise to continue our efforts to diversify our distributed build farm. >> The various options and back-of-the-envelope estimates we came up with >> are as follows: >> >> 1. Buying and hosting hardware: >> 250k=E2=82=AC for hardware >> 3k=E2=82=AC/month (36k=E2=82=AC/year) >> >> 2. Renting machines (e.g., on Hetzner): >> 6k=E2=82=AC/month (72k=E2=82=AC/year) >> >> 3. Sponsored: >> get hardware and/or hosting sponsored (by academic institutions or >> companies). > > Well, on the paper, option #1 appears to me appealing but how do we get > this 250k=E2=82=AC? Somehow, 250k=E2=82=AC would mean being able to secu= re 3k=E2=82=AC/month > for over almost 7 years, right? > > Except if we have a large donation that I am not aware, I do not see how > it would be possible to sign in being sure to secure 3k=E2=82=AC/month fo= r over > almost 7 years; considering the project has 12 years. > > Other said, option #1 does not appear to me an option. Correct. I think it is a good reality check to see just how much value there is (or was in 2019) in all these servers and what our realistic options are to recreate this when eventually these machines are decommissioned. I don't see option #1 as realistic; not only is it a prohibitively large up-front cost, it is also a serious continuous time and money sink. We'd also have to constantly play our cards well and trade old hardware in for new hardware lest we are stuck with a metric ton of e-waste. > Option #2 could be a temporary option for a short time. But again, > that=E2=80=99s something. I think option #2 is not actually terrible. We like to say that the cloud is just other people's machines, and our response to that is aversion to a real or perceived loss of control. But I'd like to put this in perspective by asking how much control we *actually* have over the build farm at the MDC right now. In practice *I* have some semblance of control over these machines because I have access to the data centre. For the most part, however, I treat these servers as warm MDC furniture. Yes, we'd lose a few more options when renting hardware via Hetzner (or even the well-dressed monocled elephant over there: AWS), but I think we should think carefully about how valuable our sacrifices are in exchange for the practical advantages of not being stuck with a rack full of industrial hardware. Option #2 is rather quick to set up and quick to abandon should we run out of money. It does, however, depend on continuous donations, which we are currently unable and possibly even unwilling to solicit. --=20 Ricardo