MPU Meeting Tuesday 20th October 2015

Inventory

Alastair has finished deploying the new order processing code. Alastair and Mohammed took the opportunity to tidy up the orders data.

Alastair has tidied up the new clientreport. It's now running everywhere. It currently produces a blob of JSON which isn't processed further, so Alastair will write something to parse this for the inventory. Alastair is looking at doing the order-to-inventory sync process in an object method.

LCFG Client Refactoring

The APIs for the libraries have now stabilised.

Stephen has reworked the code of the package and resource libraries to make them more portable across platforms, and especially to make them build cleanly on Macs. Instances of asprintf() have been removed, and use of the pcre library has been phased out. The package and resource libraries now build cleanly on Macs with no compiler warnings. This is especially gratifying since Macs use clang rather than gcc, so the code is buildable by multiple compilers. The same changes will be made to the XML library.

The documentation is not yet complete.

There was a problem with memory fragmentation, and tackling that has greatly improved memory usage and efficiency: total memory usage is down from about 17MB to 12MB. It turns out that liberal use of malloc() is bad for two reasons. Firstly it's relatively slow; but secondly, the process's memory is not returned to the OS after having been freed. Although it is still available to the process for further allocation, the repeated allocation and freeing of small amounts of memory over thousands of cycles can leave many small unusable bits of free memory which cannot be reclaimed until the process dies. Minimising the use of malloc() greatly reduces this problem.

It was interesting to note that packages data needs more memory than resource data, apparently because of the broken (pointlessly voluminous) packages derivation data. The packages derivation data problem should eventually be fixed by rewriting the server to use the new package library.

It will make sense to package and install the three libraries together, rather than in separate packages.

SL7 Server Base

RAID headers
Alastair added the controller software to the headers for SL7. (This clears the way for Chris to test hwmon, initially on metropolitan.)
Multipath
seems OK (Alastair).
LVM
seems OK (Alastair).
toohot
is fixed for SL7 (Chris).
DNS for servers
Until now our servers have been configured to use only localhost as a DNS server. Stephen is testing a new scheme whereby servers are configured to use the full set of DNS servers, but any machine can switch to only using localhost by defining the new macro DICE_DNS_LOCALHOST_ONLY. The macro is set for SL6 machines by default to preserve their current behaviour; only SL7 servers get the new behaviour. The test is currently only on wires S32 and S33, but he expects to spread the new behaviour to other wires in time.

Miscellaneous Development

Virtual DICE
Chris has released it. There was one ticket in response - a missing library, but there's no problem with the Virtual DICE mechanism as such, and RAT is fixing the library problem.

Bugzilla
Chris has upgraded https://bugs.lcfg.org to Bugzilla 4.4.10, after which Services were able to upgrade https://bugzilla.inf.ed.ac.uk.

switchdesk
It was found that a user's SL7 desktop preference could sometimes be lost if the user logged in to an SL6 machine. This has been solved in a new version which stores separate preferences for SL6 and SL7, as well as a shared preference.

Obsolete macro
Stephen has removed the DICE_STICK_WITH_SL65 macro.

Encrypted swap and root partitions
Alastair and Stephen have changed the PXE root so that installs using it now give you the necessary software to enable these - though not yet the required configuration for them. Alastair is now working on a conversion script. One outstanding problem is how to blank existing partitions, since the making of the new filesystem doesn't really do this. It could be done using the installroot but the machine would need to be taken down. Stephen suggested that a better approach might be to run swapoff -a to free up the swap partition, then fill it full of random junk, then introduce the new swap arrangement.

GNOME Terminal bash problem
Using GNOME on SL7, a Terminal window started from the desktop menu will not be started as a login shell, so will not have our standard environment (no bashdefenv, garbled path, no roles, etc.)

Operational

Spending plan
Chris has initiated the MPU spending plan for 2015-18. We will meet on Thursday 22/10/15 at 10am to try to fill in the details.

flash player
There have been two urgent security updates to it this week.

Reminders
Stephen suggested we look through our reminders and eliminate as many as we can. He managed to get rid of 30 or so. Chris counted 215 reminders in total a few weeks ago.

Red Hat software collections
Chris asked how these were done. Stephen explained that they're all done via the lcfg/options/ scl- headers. The collections are all in our Scientific Linux packages mirror. There's an extra repository for each collection, and this needs to be added to updaterpms.rpmpath via the header, and the relevant packages added.That said, it's likely that most requests for more up-to-date software for SL6 machines would be best met by an upgrade to SL7.

This week

  • Alastair
    • Inventory project
      • continue working through TartarusWorkFlow
      • consider what next can be integrated into existing system, if anything
      • Write something to parse the JSON clientreport blobs and look for any major problems.
      • Revisit order -> inventory sync code
    • @home - look at using rsync from site.pkgs instead of mirroring from upstream
    • Remove default pool if ops meeting agrees
    • Experiment with different window managers under VNC (making the assumption that performance under NX will be similar)
    • Think of a use for 'atom'
    • Understand how NetworkManager works wrt init scripts
    • Deploy encrypted /tmp and swap
      • Continue work on script to modify existing machines
        • Note that existing content is not wiped : only future data will be encrypted
        • Look at modify script so does "swapoff" so can do a wipe of swap
        • Ditto for /tmp in some way
        • How ship? Separate RPM on part of lcfg-fstab
    • Look at RT tickets to close
    • SL7 base server
      • localhome - discuss with Craig
        • Craig will revert to /home being a softlink managed by the file component. The majority(?) of machines using localhome aren't using AMD, so we could probably replace by the pam mkhomedir module - this would allow us to defer the port of localhome.
      • mark up what has been tested on SL7ServerBaseSome problems with LVM and FC
      • mark up R710 as supported model type
    • Look at George's lcfg-dns proposalLooks reasonable
    • Look at chris's spending plan for 2015/2018
    • Consider any bids for hardware we wish to make
    • Look at Reminders
    • Respond to Ian about empty Forum racks in FC rows - lots of old kitDiscussed at CEG

  • Chris
    • Inventory project
      • continue working through TartarusWorkFlow
      • Look at clientreport modules for replacing firmwarereport
    • pkgsearch for SL7
      • reimplement as a yum web front end (yum search for keyword produce an html file of links to cgi to do yum info)
      • Need support multiple platforms
    • Liaise with George over iDRAC documentation
    • SL7 -
      • hwmon (try at least on metropolitan)
      • Look at DL180 (or alternative model)
      • Finish off looking at R620 (belter)
    • RT tickets close
    • Consider any bids for hardware we wish to make
    • Look at George's lcfg-dns proposal
    • Look at Reminders

  • Stephen
    • LCFG client refactor stage 1
      • schedule debrief meeting
    • LCFG client refactor stage 2
      • continue work on resources processing
    • SL7 server -
      • Look at DL180 (or alternative model)
    • Think about PD - Interested in ZeroMQ
    • Write up how WM switchdesk mechanism works
    • RT tickets close
    • Investigate kernel component pipe moan by using shell commands instead of RPM module
    • Meet with George to discuss wire headers
    • Look at George's lcfg-dns proposal
    • Test fstab encryption
    • Look at bash / gnome-terminal launching wrt our X startup
    • Look at chris's spending plan for 2015/2018
    • Consider any bids for hardware we wish to make
    • Make sure new flash-player 540 in this week's testing release
    • Look at Reminders

-- AlastairScobie - 20 Oct 2015

Topic revision: r7 - 23 Sep 2019 - 13:33:38 - AlastairScobie
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
This Wiki uses Cookies