Wikimedia Release Engineering Team/MediaWiki on Kubernetes/Meeting notes/2021-03-17
2021-03-17[edit]
Always[edit]
- Core_Platform_Team/Initiatives/MediaWiki_on_Kubernetes
- Wikimedia_Release_Engineering_Team/MediaWiki_on_Kubernetes
- Workboard
- IRC: #mediawiki-mw-on-k8s connect
TODOs from last time[edit]
General[edit]
RelEng[edit]
- Multiversion MediaWiki built and published!
- Includes l10n caches
- Size varies depending on the number of unique versions currently in wikiversions.json, roughly 3.2G per version (+ 50M for config)
- Successfully published to the restricted registry
- Some outstanding issues withe the releases hosts, namely that outbound http is restricted so containers cannot install from http://security.debian.org
- Working around this restriction by supporting `apt.proxies` in blubber and setting a `setup.httpProxy` context variable
- Security patches and private settings need to be applied
- (discussion about building into final image layers vs. helm)
- Will continue with current strategy of adding into final image layers
Serviceops[edit]
- codfw cluster has been fully repooled after the re-initialization and upgrades this week
- eqiad cluster to be schedule next week.
- k8s nodes will soon be able to pull restricted/ images: https://gerrit.wikimedia.org/r/c/operations/puppet/+/672537
Platform Engineering[edit]
Shellbox: awaiting security review (T268092)
TODOs for next time[edit]
- Start thinking about deployment strategy for m8s, both for legacy deployments and the eventual k8s-only deployments
- Not quite ready for a proposal but we'll be there soon
- Dan: I'll be out on paternity leave in early May for a few weeksâand I'll likely be sleep deprived for weeks following. Who wants to take over as lead for this meeting?