MPU Meeting Tuesday 8th September 2015

LCFG Client Refactoring

More work has been done on the new packagelib. There are now functions for reading and searching rpmlist files. Also a new iterator-based interface for scanning through linked-lists of packages has been added. This is particularly convenient for working with package lists using the library from other languages such as Perl.

The new XS-based LCFG::PkgSpec Perl API is now coming along nicely. All the functionality of the C library has been mapped into Perl object methods. The only downside of this approach is that it is not possible to sub-class the opaque object that is created. Stephen needs to look into how that can be improved.

A new version of the whererpms tool has been added which uses the new library to search the repositories in the updaterpms.rpmpath resource for the required packages.

Inventory

The new orders parser is now live. Some tidying up of LCFG profiles is required to finish off.

The new clientreport is now modular. Currently there are modules for DMI, monitors, NICs and OS. Chris will look at creating modules for disks and firmware/BIOS.

Each hash returned should contain a version so that it's possible to move between different versions of the module output. Possibly the field could have an underscore prefix to mark it as private and not to be stored into the DB?

Stephen suggested lower-casing the top-level key names to make it easier to work with the output.

Alastair will look at PostgreSQL 9.4 and using the jsonb format to store the raw client reports. The aim is that the clientreport script will submit the report via an authenticated CGI which validates the data and then stores it into the DB. Various pieces of client report data can then be extracted by other scripts and stored in other inventory tables.

Miscellaneous Development

virtual dice

Chris is having some problems with local guest logins. It could be PAM, nsswitch or sssd.

bugzilla

Chris will look at moving the LCFG bugzilla to 4.4.9

Disk encryption

Alastair is looking at encrypting swap and /tmp. It is not possibly to use the UUID to reference partitions in the crypttab file as they change at boot when the partitions are reformatted. For now will have to just use the device name (e.g. /dev/sda3).

systemd component

The component attempts to trigger a reboot and signals systemd to reload after rebuilding the config during the component stop process. It should do neither...

lcfg-checkreboot

There are a number of TODOs for the lcfg-checkreboot script. It needs much clearer logging about why a reboot has been triggered.

network-online

The network-online service hangs for a while at boot time. We should work out what is causing this problem.

desktop SSH

Stephen needs to review the desktop SSH configuration for SL7.

network bonding

Stephen will investigate how to get network bonding working correctly on SL7.

Operational

jubilee

The upgrade and reboot of jubilee has been done.

yum

Chris has checked the yum configuration on the login servers.

azul and br0

Chris has reverted br33 to br0 so that VMs can be easily migrated onto azul.

RT tickets

We need to review all the MPU RT tickets. In particular we must follow-up on #73254 regarding problems with the finger command.

This Week

• Alastair
  • Inventory project
    • continue working through TartarusWorkFlow
    • finish deploying new order file processing code
    • consider what next can be integrated into existing system, if anything
    • Consider macaddr discovery tool (use same code as used for clientreport)
    • Continue with clientreport
      • look at running PG 9.4, with a 'reports' staging table with key-value host->jsonb records. CGI checks for simple things like structure, size, binary data before entering into table. Perhaps whitelisted keys ?
    • Blog article about storing in 'reports' staging table.
  • @home - look at using rsync from site.pkgs instead of mirroring from upstream
  • Remove default pool if ops meeting agrees
  • Experiment with different window managers under VNC (making the assumption that performance under NX will be similar)
  • Think of a use for 'atom'
  • Understand how NetworkManager works wrt init scripts
  • Flesh out Base SL7 server project
  • Investigate request for two reboots after machine install
  • Check whether lcfg-checkreboot man page exists - and if not, create it
  • Investigate network-online hangs at boot time on circlevm12 - hangs on desktops on vbox too
  • Continue with investigating encrypted /tmp and swap
  • Look at RT tickets to close

• Chris
  • Inventory project
    • continue working through TartarusWorkFlow
    • Look at clientreport modules for replacing firmwarereport
  • pkgsearch for SL7
    • reimplement as a yum web front end (yum search for keyword produce an html file of links to cgi to do yum info)
    • Need support multiple platforms
  • Flesh out Base SL7 server project
  • Continue work on VirtualDICE for SL7
  • Continue work on bugzilla upgrade
  • Liaise with George over iDRAC documentation
  • RT tickets close
  • Create a known issues section in http://computing.help.inf.ed.ac.uk/sl7 (liaising with Graham)

• Stephen
  • LCFG client refactor stage 1
    • schedule debrief meeting
  • LCFG client refactor stage 2
    • work on C -> perl interface (XS)
    • test on MacOS. (package spec)
    • finish off new whererpms
  • Think about PD - Interested in ZeroMQ
  • Finish off window manager selector code - high prio
  • Flesh out Base SL7 server project
  • Continue looking at bonding on SL7 - both adding NM_CONTROLLED and modern method for configuring bond interface
  • RT tickets close
  • Add to activity list - improve fail2ban component to support local "fail2ban.d" type config
  • Remove DICE_STICK_SL65

-- AlastairScobie - 08 Sep 2015