From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id EAl8AQh1wmGFaQAAgWs5BA (envelope-from ) for ; Wed, 22 Dec 2021 01:44:56 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id 8NbNOAd1wmG0EwAAB5/wlQ (envelope-from ) for ; Wed, 22 Dec 2021 00:44:55 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 95CECBA9F for ; Wed, 22 Dec 2021 01:44:55 +0100 (CET) Received: from localhost ([::1]:48450 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mzpkU-0002BF-OC for larch@yhetil.org; Tue, 21 Dec 2021 19:44:54 -0500 Received: from eggs.gnu.org ([209.51.188.92]:59530) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mzpk4-00025l-QI; Tue, 21 Dec 2021 19:44:29 -0500 Received: from [2a0c:e300::1] (port=45516 helo=hera.aquilenet.fr) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mzpk2-0007zr-CK; Tue, 21 Dec 2021 19:44:28 -0500 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 3F5AB478; Wed, 22 Dec 2021 01:44:22 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at aquilenet.fr Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZvniCpYQTS_E; Wed, 22 Dec 2021 01:44:21 +0100 (CET) Received: from ribbon (91-160-117-201.subs.proxad.net [91.160.117.201]) by hera.aquilenet.fr (Postfix) with ESMTPSA id C1AFB63; Wed, 22 Dec 2021 01:44:20 +0100 (CET) From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Guix Devel Subject: Re: Solstice infrastructure hackathon References: <87v8zorien.fsf@inria.fr> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 2 =?utf-8?Q?Niv=C3=B4se?= an 230 de la =?utf-8?Q?R?= =?utf-8?Q?=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Wed, 22 Dec 2021 01:44:19 +0100 In-Reply-To: <87v8zorien.fsf@inria.fr> ("Ludovic =?utf-8?Q?Court=C3=A8s=22?= =?utf-8?Q?'s?= message of "Thu, 16 Dec 2021 10:46:56 +0100") Message-ID: <87r1a54gf0.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spamd-Bar: / X-Rspamd-Server: hera X-Rspamd-Queue-Id: 3F5AB478 X-Spamd-Result: default: False [0.73 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_ALL(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; R_MIXED_CHARSET(0.83)[subject]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[] X-Host-Lookup-Failed: Reverse DNS lookup failed for 2a0c:e300::1 (failed) Received-SPF: softfail client-ip=2a0c:e300::1; envelope-from=ludo@gnu.org; helo=hera.aquilenet.fr X-Spam_score_int: -3 X-Spam_score: -0.4 X-Spam_bar: / X-Spam_report: (-0.4 / 5.0 requ) BAYES_00=-1.9, RDNS_NONE=0.793, SPF_HELO_PASS=-0.001, SPF_SOFTFAIL=0.665 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: guix-sysadmin Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1640133895; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=nv7QcBN1v2vjbLiZHEk0ZWDmAVCpbRWEChZWe7V0JIk=; b=ZxN5Z7HLw4QE6nx6ZvRbaFzDJXPg9zjSRT7SbIZ44yUm/xd7Bd4eWGv67Op+bTqgmQYn4x iLsJakWXQXgUND1dWfnG3YF83Q+7jzt+Qd2cZ3UZRk14DGtGjpuoWwsvsj40nmRKQIQRbL W8DylQZ++LiU1zYHaXZnqZSZmrrcrF4YJUezHyX91pLEJLUy+66eOvAvqCmDoGisWdVtsh gHXUmGQies4DfXOAlcKsj5e6Yu3ydnNh4o3MAV12Ph2e+4eeKbQj45QGNIsePYLVGlawpK ouDpayj6raeox6n7QBVEuCVMrjGD/xU9CD48v+yqB4USpDPdPxZMYPcT6J6EaQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1640133895; a=rsa-sha256; cv=none; b=khNUndBjju5MjYJ0EDNmrpXsU0cYge16o66CwLEC4a6BXRg+ZFUBVb+/ZsKl01Y2vURe+U m0w8JGhKJUHumNUjiKEHXG/3ebXg9bJk3RP5gIuCbb/Sht4cvw7WzldhHZ9FlPaCunFEIL wiKCjqRQbWvaxyzK/AIOmQlAEn1L/qt8YO4+Wc6eti8N90lSnJcOG2S95hySLwsJKFWfsU jJvVucH0ciiYLESIyhfLeIQj3TPV43KmoKQs2HM8QI0cW47zrcIaZKou8iqlr/itw4xwA3 j/oQNslapa5iNrTSN1iaIbJhZ405Uh0JbdZp6P8fauFaO8Y2COKcVN6CPg+oIw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -3.33 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 95CECBA9F X-Spam-Score: -3.33 X-Migadu-Scanner: scn0.migadu.com X-TUID: zk3JGRmQsFk2 Hello Guix! Ludovic Court=C3=A8s skribis: > Here are tasks that were brought up: > > =E2=80=A2 Set up a backup server for berlin.guix.gnu.org, the head node= of the > ci.guix.gnu.org, possibly moving some services such as the web site > there. > > =E2=80=A2 Add DNS redundancy for guix.gnu.org so it can point to one of= two > hosts (need to figure out certbot challenges so both machines can > update their certificates). > > =E2=80=A2 Set up status.guix.gnu.org with sysadmin status updates (poss= ibly > using Prometheus?). > > =E2=80=A2 Come up with a plan to add disks to the RAID array on bayfron= t, the > head node of bordeaux.guix.gnu.org. > > =E2=80=A2 Work on a plan to back up the Disarchive database currently on > berlin.guix. > > =E2=80=A2 Work on a plan to mirror nars from ci.guix and bordeaux.guix,= using > plain rsync or . > > =E2=80=A2 Have a documented procedure to set up substitute mirrors, suc= h as > the one in .cn (I can=E2=80=99t find the URL), ideally with plain rsy= nc > access. A small but dedicated bunch of people made progress on several of these items today, in a loosely coordinated fashion on IRC=E2=80=94which perhaps = made it hard to get started, let us know what you think would help you join! Most of the progress so far is visible in the commit log of the maintenance repository: https://git.savannah.gnu.org/cgit/guix/maintenance.git/log/?id=3De19f6d92= b0b9a743c5b3cad236e51b8dd9d7c5e9 There=E2=80=99s IPv6, use of nar-herder to distribute bordeaux.guix substit= utes, I/O performance testing on a possible ci.guix head node replacement/backup, web site replication, backups over rsync from berlin to bordeaux, and more. We have yet to complete support for web site replication: adding nginx rules on the backup, having guix.gnu.org point to the two hosts, setting up Let=E2=80=99s Encrypt. This should be within reach quickly. Other items above are yet to be addressed. Our next priority should be to have an off-site copy of the ci.guix substitutes. Overall I think we need to aim for complete redundancy of the main services. The good news is that this Guix System thing greatly simplifies the work! To be continued with a second session sometime in January! Thanks, Ludo=E2=80=99.