Activity
From 12/18/2019 to 01/16/2020
01/15/2020
- 07:28 PM Task #6671: Setup mastodon/pleroma for ungleich
- could we have a 13373r name?
01/13/2020
- 07:30 PM Task #7604 (In Progress): Find out why ciara2 was not automatically detected to be offline
- * ciara2 is half correctly outside of the consul cluster
** It should actually still be inside the cluster, but mark... - 07:28 PM Task #7604 (Rejected): Find out why ciara2 was not automatically detected to be offline
- * Consul status / prometheus / alert manager should have noticed
- 06:37 PM Task #7186: Add support for general VPN including IPv4
- Errrr what is it with your VPN pricing? Did you go skiing and get altitude sickness?
Market price for VPN services i... - 05:52 PM Task #7544: Write "beginner's guide" for datacenterlight customers
- -IPv6 and IPv4: making the services on my IPv6 VM visible to the IPv4 world
-Guido to VM Management tools: dashboard... - 12:01 PM Task #7602 (Rejected): Align dynamicweb / opennebula with uncloud
- Stuff that we can & should export from our current setup to etcd in an uncloud alike format:
Prefix for everything... - 11:57 AM Task #7601: Setup an SSH jump host
- Proxycommand w/ windows exists in putty and usually uses plink - more details soon.
- 11:54 AM Task #7601 (Seen): Setup an SSH jump host
- * I am familiar with LDAP-backed auth with nslcd.
* ProxyCommand is standard for SSH bastions, it is even available ... - 11:12 AM Task #7601 (Rejected): Setup an SSH jump host
- * Authenticated against our ldap
* Allows user to connect to our IPv6 networks
The ways for users to use it:
*... - 08:37 AM Task #7555 (Closed): Setup uncloud at server11 and server12
- 03:14 AM Task #7582 (Closed): Add hostname in uncloud file scanning
- 03:14 AM Task #7519 (Closed): uncloud test run 2019-12-21
- The above mentioned things were fixed.
01/12/2020
- 09:18 PM Task #7580: Preparing for matrix-as-a-service
- channels that can be exported to IRC or matrix:
* ipv6
* foss
* hacking-and-learning
* Town Square
* datacente... - 09:11 PM Task #7580 (In Progress): Preparing for matrix-as-a-service
- 09:10 PM Task #7580: Preparing for matrix-as-a-service
- * Synapse and Matrix Cdist types are (almost) OK.
- I missed one small thing in my __postgres upstream cdist patch... - 09:12 PM Task #6694: Setup matrix server and bridge matermost into it
- Everything's in place, we just have to choose the channels to be bridged.
01/09/2020
- 08:56 PM Task #7596: uncloud-api refactoring & make schemas less horrible
- To see merge request https://code.ungleich.ch/uncloud/uncloud/merge_requests/1
- 08:54 PM Task #7596: uncloud-api refactoring & make schemas less horrible
- * Done `uncloud api` refactoring which was due for a long time and is the last refactoring beside https://redmine.ung...
- 08:54 PM Task #7596 (Closed): uncloud-api refactoring & make schemas less horrible
- 08:55 PM Task #7585 (Closed): Check whether uncloud-api break if some field is missing
- The behavior is verified and corrected.
- 09:32 AM Task #7591: uncloud production checklist 2020-01
- Also, please note
uncloud deployed at server{11, 12}. There are still some issues that would be problem for re... - 09:26 AM Task #7591: uncloud production checklist 2020-01
- *Can all required components be deployed (checking on server11) -- document the installation procedures*
Documente... - 09:19 AM Task #7591: uncloud production checklist 2020-01
- h1. Installation/Setup
Allow etcd prefix for developer role... - 09:17 AM Task #7591 (In Progress): uncloud production checklist 2020-01
- 09:16 AM Task #7591 (Rejected): uncloud production checklist 2020-01
- h2. Objective
* Migrate internal VMs to uncloud
h2. Checklist
* Can all required components be deployed (che... - 08:55 AM Task #7590: Expect everything to fail (uncloud)
- I am little uncertain how to handle failures in etcd. For Example, put every etcd function call in try/except block o...
- 08:48 AM Task #7590: Expect everything to fail (uncloud)
- h2. How do we plan to handle failures in etcd
Failures can be temporarily (leadership change) or permanent (etcd c... - 08:48 AM Task #7590 (Rejected): Expect everything to fail (uncloud)
- Especially external components, such as
1. etcd
2. netbox
3. otp.ungleich.ch
01/08/2020
- 08:21 PM Task #7583: Handle etcd leader change or temporary unavailability gracefully in uncloud
- We have to re-evaluate/re-check all the usage of etcd in uncloud to make sure we handle these events correctly/gracef...
- 07:34 AM Task #7583: Handle etcd leader change or temporary unavailability gracefully in uncloud
- The later unavailability is due to election for leader.
- 12:21 PM Task #7580: Preparing for matrix-as-a-service
- We can do-it in a second-stage, witout a TURN server VoIP might or might not work depending on the situation.
Note... - 11:27 AM Task #7580: Preparing for matrix-as-a-service
- Can we do voip in a second stage or will things "look weird" without it?
redmine@ungleich.ch writes: - 11:17 AM Task #7580: Preparing for matrix-as-a-service
- We'll also need a TURN server for VoIP.
01/07/2020
- 06:38 PM Task #7555: Setup uncloud at server11 and server12
- uncloud deployed at server{11, 12}. There are still some issues that would be problem for reliably running uncloud fo...
- 06:33 PM Task #7582: Add hostname in uncloud file scanning
- Nico Schottelius wrote:
> For the example above: the host would probably often more something like "files1.datacente... - 04:19 PM Task #7582: Add hostname in uncloud file scanning
- For the example above: the host would probably often more something like "files1.datacenterlight.ch" or "username.dat...
- 04:18 PM Task #7582: Add hostname in uncloud file scanning
- We should have a "created_at" and "deleted_at" for every object.
- 02:44 PM Task #7582: Add hostname in uncloud file scanning
- Done. Sample
Before... - 01:41 PM Task #7582 (Closed): Add hostname in uncloud file scanning
- It is required as nico said that there would be multiple file hosts and not necessarily all files are available on so...
- 04:45 PM Task #7585 (Closed): Check whether uncloud-api break if some field is missing
- The behavior is seen in the past that uncloud-api breaks if we don't pass some fields like *name*, *realm* or *token*...
- 02:07 PM Task #7583 (Rejected): Handle etcd leader change or temporary unavailability gracefully in uncloud
- Here is leader change....
- 12:53 PM Task #7580 (Closed): Preparing for matrix-as-a-service
- Once matrix is deployed at ungleich:
* Build & document MaaS deployment and maintenance pipeline.
- Wiki page.
...
01/06/2020
- 12:21 PM Task #7543 (In Progress): Write image definition script for ubuntu 19.10
- From Nico:...
- 12:09 PM Task #7543 (Waiting): Write image definition script for ubuntu 19.10
- There's already a 19.10 image deployed... ???
- 11:57 AM Task #7543 (In Progress): Write image definition script for ubuntu 19.10
01/05/2020
- 07:09 PM Task #7555: Setup uncloud at server11 and server12
- Remaining things
[ ] IPv6 Prefix on Server 12
[ ] VM with Global IPv6 (2a0a:e5c0:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx)
[ ... - 07:02 PM Task #7555: Setup uncloud at server11 and server12
- uncloud filescanner has to be modified as it was using xattrs to track files which does not work on rootfs/tmpfs whic...
- 04:58 PM Task #7555: Setup uncloud at server11 and server12
- Devuan ascii has too old QEMU i.e 2.8 while the latest is 4.2.
It is a problem because it is showing error message... - 11:03 AM Task #7565 (Rejected): uncloud run 2020-01-05
- h2. Objective
A test ride to get more nearby prod use
h2. What Nico wants to do us a customer
* register a...
01/03/2020
- 05:35 PM Task #7561: Update mystrom switches to support IPv6 only networks
- ...
- 05:35 PM Task #7561 (Rejected): Update mystrom switches to support IPv6 only networks
- Using an experimental firmware from mystrom directly:...
- 04:08 PM Task #7560 (Closed): Document DNS64 setup for VMs
- * After #7496
* Document on how to use it in the [[The_ungleich_DNS_infrastructure]]
* Reference it in [[The_unglei... - 11:38 AM Task #7555: Setup uncloud at server11 and server12
- Allow etcd prefix for developer role...
- 10:58 AM Task #7555 (Closed): Setup uncloud at server11 and server12
- Ensure that both server11 and server12 are running with uncloud today and can be used in production? And please note ...
01/02/2020
- 05:09 PM Task #7496: Create 2 new IPv6 only unbound based resolving DNS servers providing DNS64
- Merge request opened against dot-cdist: https://code.ungleich.ch/ungleich-intern/dot-cdist/merge_requests/65
- 03:30 PM Task #7436 (Closed): Hack-a-ucloud-weekend (2019-12-07)
- 03:30 PM Task #7438 (Closed): Explore local ucloud setup
- 03:30 PM Task #7437 (Closed): Run ucloud with a single authentication token
- 03:30 PM Task #7439 (Rejected): Add support for different authentication methods
- Postponed.
- 01:35 PM Task #7553: Setup conntrackd to allow active active firewalls
- And config looks like this:...
- 01:33 PM Task #7553: Setup conntrackd to allow active active firewalls
- Seems like the code is in read_config.yy.c:...
- 01:08 PM Task #7553: Setup conntrackd to allow active active firewalls
- Added sync section, now getting an IPv6 exception:...
- 12:59 PM Task #7553: Setup conntrackd to allow active active firewalls
- router2.place6:...
- 12:50 PM Task #7553 (Rejected): Setup conntrackd to allow active active firewalls
- * So that firewall rules still work with state tracking
Change of objective: get this running on two IPv6 only Alp... - 12:47 PM Task #7552 (Closed): Add some non-critical traffic to router1.place6
- * might required conntrackd
Networks first stage:
* internal network
* server network
- 12:46 PM Task #7306 (Rejected): Phase in new routers
- Closing in favor of #7284
- 12:44 PM Task #7307 (Closed): Update __ungleich_bgp_router for IPv6 based multip bgp
- Not doing this atm, as routers still need IPv4 addresses for VMs
- 12:21 PM Task #7520 (Closed): Checkout whether OSPF can be helpful for DCL
- It works!
But not for eBGP routes. - 12:07 PM Task #6930: cdist configuration for etcd
- Current state I know of:
* there is etcd{1,2,3}.ungleich.ch
* They have an unknown configuration
* And they have...
01/01/2020
- 05:49 PM Task #7546: VM Security based on LDAP accounts
- We don't have any rate limiting to any of the apis that we have so far.
I think rate limiting would primarily be n... - 05:05 PM Task #7546: VM Security based on LDAP accounts
- * Moris, thanks for reporting.
* Mondi, can you start with your tasks and handover to Timothee when done?
- 05:05 PM Task #7546: VM Security based on LDAP accounts
- h2. Clarification 1: "shared login"
We use LDAP servers as a backend to redmine and django (the dashboard). Both s... - 04:53 PM Task #7546 (In Progress): VM Security based on LDAP accounts
12/31/2019
- 07:40 PM Task #7546 (Rejected): VM Security based on LDAP accounts
- Access to VM administration tools should be secured to the same level or higher as root access to the VM itself.
C... - 06:19 PM Task #6694 (In Progress): Setup matrix server and bridge matermost into it
- After discussion with nico, Matrix get priority over LDAP setup rebuild.
- 04:25 PM Task #6694 (Waiting): Setup matrix server and bridge matermost into it
- The matrix deployment works modulo:
* Federating with the IPv4 world (a few lines to add to haproxy's configuratio... - 04:26 PM Task #7345 (Waiting): Cleanup & upstream matrix-related types
- 03:20 PM Task #7545 (Closed): Switch production LDAPs to cdist-managed alpine
- Our production LDAP nodes do not seem to be managed by cdist (anymore?):
* No relevant mention in `grep -R __ungle... - 07:36 AM Task #7544 (Rejected): Write "beginner's guide" for datacenterlight customers
- Such a guide should cover:
* What is a VM? How do I choose CPU/Memory/Storage?
* How do I choose a GNU/Linux or...
12/30/2019
- 06:03 PM Task #6694: Setup matrix server and bridge matermost into it
- The matrix deployment is WIP in https://code.ungleich.ch/ungleich-intern/dot-cdist/merge_requests/64/diffs and is sta...
- 07:37 AM Task #6694 (In Progress): Setup matrix server and bridge matermost into it
- 02:40 PM Task #7543 (Closed): Write image definition script for ubuntu 19.10
- Similar to what have been done for fedora and CentOS.
- 07:37 AM Task #7345: Cleanup & upstream matrix-related types
- The project has been imported under https://code.ungleich.ch/ungleich-public/matrix-cdist-types. Moving to issue #669...
12/25/2019
12/24/2019
- 07:15 PM Task #7427 (Closed): Rough draft to support console on our VMs
- Django part done. LDAP account is created as soon as user login to datacenterlight.
12/21/2019
- 02:53 PM Task #7520: Checkout whether OSPF can be helpful for DCL
- parameters mismatch between switch & routers: disable switch for the moment...
- 02:35 PM Task #7520: Checkout whether OSPF can be helpful for DCL
- Testing on arista:...
- 02:16 PM Task #7520: Checkout whether OSPF can be helpful for DCL
- Seems like these code blocks are already enough for internal route exchange:...
- 01:49 PM Task #7520 (Closed): Checkout whether OSPF can be helpful for DCL
- * testing with new routers
* Todo: find out how to limit route imports in arista via ospf - 12:25 PM Task #7519: uncloud test run 2019-12-21
- arch
* etcd3 error message might be improve / error out on import error
** fail only when it is required for oper... - 12:22 PM Task #7519 (Closed): uncloud test run 2019-12-21
- * Convince Nico that it works ;-)
* On Alpine and Arch
12/20/2019
- 09:47 PM Task #7304: Test NAT64 with distributed routers with joold on alpine
- * Configuring router1.place6 for NAT64
** Prefix 2a0a:e5c0:2:10::/96... - 04:10 PM Task #7514 (Closed): Investigate slow sshd start on Fedora/CentOS8 images
- * To investigate
- Likely due to low entropy => havegd should help. - 12:56 AM Task #7377: Create an active-active NAT64 gateway
- Session exist on one router, session does not exist on other one -> multicast issue?...
- 12:28 AM Task #7377: Create an active-active NAT64 gateway
- Using the new NAT64 IPv4 address on both machines:...
- 12:27 AM Task #7377: Create an active-active NAT64 gateway
- Need to add pool entries for each protocol:...
- 12:23 AM Task #7377 (In Progress): Create an active-active NAT64 gateway
- ...
12/19/2019
- 07:41 PM Task #7507 (Rejected): Monitor upstream releases / security advisories
- We deploy some application directly from upstream VCS, which means the underlying distribution does not provide us wi...
- 05:41 PM Task #7345: Cleanup & upstream matrix-related types
- Just added you to ungleich-public, please move there
- 04:57 PM Task #7345: Cleanup & upstream matrix-related types
- Both matrix-synapse and matrix-riot should be usable now, although they need some real-world testing which will handl...
- 05:29 PM Task #7504 (Rejected): Document OpenNebula image creation
- Peoples ask how to build new images from time to time, it would be easier if the requirements/workflow was documented...
- 05:14 PM Task #7478 (Closed): Create script to create centos8 image suitable for opennebula
Thanks!
redmine@ungleich.ch writes:- 04:46 PM Task #7478 (Resolved): Create script to create centos8 image suitable for opennebula
- From what I saw on #ungleich-web, the CentOS 8 image has been deployed.
- 05:11 PM Task #7496 (In Progress): Create 2 new IPv6 only unbound based resolving DNS servers providing DNS64
- 02:13 PM Task #7503: Create script to create new / updated OpenBSD image for OpenNebula
- Note by @kirill on chat.ungleich.ch // datacenterlight:
> regarding Task #7503 - remember to add family inet6 inet... - 09:58 AM Task #7503 (Rejected): Create script to create new / updated OpenBSD image for OpenNebula
- * Upgrading to 6.6
* The original image was made by @reyk
* The logic is basically the same as the other images, ho... - 09:55 AM Task #7502 (Closed): Create script to create new / updated FreeBSD image for OpenNebula
- * 12.1 is out for a while
* The original image was made by @kamila
* The logic is basically the same as the other i...
Also available in: Atom