MPU Meeting Tuesday 3rd February 2015

LCFG systemd

  • The systemd component now will (optionally, controlled by a resource) rebuild the entire systemd config on Stop(). It's optional as it's not a speedy process and might not be wanted in all scenarios.
  • Alastair has blogged about the tty-vs-journald problem, mentioning a temporary workaround that's now in place.
  • He is currently working on including a system level test that calls the Perl test framework as part of the build process (called within the specfile).

LCFG EL7

  • Stephen has pulled the dns component out of the default configuration and added the resolvconf component in its place.
  • We have some new PAM configuration to support xscreensaver.
  • Stephen is working on the wallet/ssh issue. He's been moving some config to the LCFG level to establish a usable generic wallet service there. We'll need some kind of wallet capability in the installer to set the ssh host keys correctly.
  • Alastair has made lightdm the default in the dice layer. It's now a module.
  • On a related note, xscreensaver now has sensible defaults for EL7 in the dice layer - blank screen, and DPMS enabled with sensible settings. This configuration will soon be enabled by default on machines using lightdm at the dice level.
  • Alastair has been looking at routing at machine start time. He has concluded that we will need another target, this time to mark "routing is up". Most of the services which we've configured to wait for the network-online target really need to wait until routing is up. However we'll still need network-online because the routing target will use it.
  • We don't yet have an updaterpms cron job or SL7 DICE. Chris will add one. In time that will be handled by Stephen's mooted replacement for boot.run.

Miscellaneous Personal Development

Chris's week of personal development produced i.inf.ed.ac.uk - a URL shortener. It works - you can add a URL then use it successfully - but it needs more work before it can be promoted as a not-a-service.

Operational

  • The GHOST Vulnerability. This occupied us for a day or so last week. We think that the MPU response was adequate.
  • Flash updates - there have been three zero day vulnerabilities in the last two weeks! We are keeping up with Adobe's patches.
  • Stephen has been organising LDAPCon 2015, which will be in the Forum. Tutorials: 11th November 2015; Conference: 12th and 13th November 2015.

This Week

  • Alastair
    • systemd project
      • Complete adding tests
    • EL7 project
      • Consider how components will work with systemd
      • Cook book entry
        • component need to start after daemon in certain cases ..... eg ssh where component will start daemon if daemon isn't already started..
      • what sort of level of space is required by systemd journald logging (for desktop /var sizing)
        • (By default journald logs to /run/log. Have to mkdir /var/log/journal to keep data). Have enabled on one machine
        • identify default retention policyDefault retention is to use up to 10% of partition. Can use either space or time as a constraint on space. Logs are per user + system, so users can read their own data. Each log file starts at 8MB, so a popular machine will have lots of log data.
        • Blog about journald retention policy - and document how to set...
        • Blog about decision to keep journald and /var/lcfg/log/syslog duplication - and resulting configuration change.
      • check installroot stuff same version across SL6 and EL7
        • and pull out old SL5 stuff
      • convert lcfg-dconf to module
      • Look at creating a 'routing' target which components can wait on, but isn't reached until lcfg-routing has finished (in DICE), but network-online.target has finished (LCFG)
      • Enable xscreensaver for dice/lightdm.h
      • At some point - look at installroot kdcregister solution Stephen doing this
      • Read Stephen's blog article on boot.run functionality replacement
      • Final decision on disk partitioning
    • RT 65774 - try two identical monitors on my machineIainR has two identical monitors on his SL6 box and doesn't encounter the problem
    • Need to remove default bridge from kvmtool create
    • Think about disk partition policy
    • Review last reviewed date for documentation by 1st March
    • Consider more cores as default for KVM guests
    • Read LISA notes
    • Look at KVM server loading
    • Schedule firmware upgrade for DS3254
    • Check scans
    • Spec up new DR server and circulate
    • Chase up CEG re Ghost and rebooting machines

  • Chris
    • EL7
      • investigate Gnome power-management and document
      • Package up DICE lightdm config
      • temporary cron job for updaterpms at DICE
      • Final decision on disk partitioning
    • url shortener
      • add ownership and delete
    • Create Project entries - for KVM refinement project
    • Update KVM host documentation to say "don't setup with br0 - use wire specific bridge names for all bridges"
    • Think about disk partition policy
    • Review last reviewed date for documentation by 1st March

  • Stephen
    • LCFG client refactor stage 1
      • schedule debrief meeting
    • EL7
      • Final decision on disk partitioning
      • Continue thinking about boot.run functionality
      • kdcregister loop for installroot
      • Complete porting MPU managed resources to the DICE level
        • continue work with wallet
      • Ask Kenny to ask around if gdm is working fine for MDP
    • Test northern's SAS disks in metropolitan
    • Junk central
    • Think about PD - Interested in ZeroMQ
    • Think about disk partition policy
    • Review last reviewed date for documentation by 1st March
    • Add extra memory to waterloo (and if those work, order up more memory for hammersmith)

-- AlastairScobie - 03 Feb 2015

Topic revision: r5 - 05 Feb 2015 - 09:50:42 - AlastairScobie
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
This Wiki uses Cookies