7:09 a.m.
Hello all,
We've seen some SPOFs (Single Point Of Failure) on people. We all know
this is a bad thing, but how do we fix it?
Let's start by listing the services. Please correct/add info if you have
it.
- openshift
-- Services
* website / wiki
-- Admins
* Rydekull (SSH only)
* ewoud (SSH only)
* quaid (full admin)
- linode01
-- Services
* resources
* mailing lists
* gerrit backups
-- Admins
* RobertM
* Rydekull
* dcaro
* eedri
* ewoud
* mburns
* quaid
- alterway01
-- Services
* jenkins master
-- Admins
* dcaro
* eedri
* ewoud (jenkins account broken due to openid plugin)
* quaid
* RobertM
- Alterway02
-- Services
* ovirt host to be, waiting for IP space to install guests
-- Admins
* dcaro
* eedri
* ewoud
- Rackspace
-- Services
* jenkins slaves (not installed yet)
-- Admins
* quaid
Jenkins slaves, incomplete list I'm sure
- jenkins.ekohl.nl
Runs Fedora 17, sponsored by my employer Oxilion.
-- Admins
* eedri
* ekohl
7:17 a.m.
----- Original Message -----
From: "Ewoud Kohl van Wijngaarden"
<ewoud+ovirt(a)kohlvanwijngaarden.nl>
To: infra(a)ovirt.org
Sent: Monday, April 22, 2013 3:09:29 PM
Subject: Reducing SPOFs, people edition
Hello all,
We've seen some SPOFs (Single Point Of Failure) on people. We all know
this is a bad thing, but how do we fix it?
Let's start by listing the services. Please correct/add info if you have
it.
- openshift
-- Services
* website / wiki
-- Admins
* Rydekull (SSH only)
* ewoud (SSH only)
* quaid (full admin)
- linode01
-- Services
* resources
* mailing lists
* gerrit backups
-- Admins
* RobertM
* Rydekull
* dcaro
* eedri
* ewoud
* mburns
* quaid
- alterway01
-- Services
* jenkins master
-- Admins
* dcaro
* eedri
* ewoud (jenkins account broken due to openid plugin)
openid only works for on google account i think, this shouldn't block you from logging
in normally.
if need a password reset, let me know.
* quaid
* RobertM
- Alterway02
-- Services
* ovirt host to be, waiting for IP space to install guests
-- Admins
* dcaro
* eedri
* ewoud
- Rackspace
-- Services
* jenkins slaves (not installed yet)
-- Admins
* quaid
Jenkins slaves, incomplete list I'm sure
- jenkins.ekohl.nl
Runs Fedora 17, sponsored by my employer Oxilion.
-- Admins
* eedri
* ekohl
- EC2 slaves f18/rhel 6.4
-- Admins
* iheim - had admin on vms administration
* eedri
* dcaro
* jenkins user accessible from master server with sudo
_______________________________________________
Infra mailing list
Infra(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/infra
8:01 a.m.
On 04/22, Eyal Edri wrote:
----- Original Message -----
> From: "Ewoud Kohl van Wijngaarden"
<ewoud+ovirt(a)kohlvanwijngaarden.nl>
> To: infra(a)ovirt.org
> Sent: Monday, April 22, 2013 3:09:29 PM
> Subject: Reducing SPOFs, people edition
>
> Hello all,
>
> We've seen some SPOFs (Single Point Of Failure) on people. We all know
> this is a bad thing, but how do we fix it?
>
> Let's start by listing the services. Please correct/add info if you have
> it.
>
> - openshift
> -- Services
> * website / wiki
>
> -- Admins
> * Rydekull (SSH only)
> * ewoud (SSH only)
> * quaid (full admin)
>
> - linode01
> -- Services
> * resources
> * mailing lists
> * gerrit backups
>
> -- Admins
> * RobertM
> * Rydekull
> * dcaro
> * eedri
> * ewoud
> * mburns
> * quaid
>
> - alterway01
> -- Services
> * jenkins master
>
> -- Admins
> * dcaro
> * eedri
> * ewoud (jenkins account broken due to openid plugin)
openid only works for on google account i think, this shouldn't block you from
logging in normally.
if need a password reset, let me know.
> * quaid
> * RobertM
>
> - Alterway02
> -- Services
> * ovirt host to be, waiting for IP space to install guests
>
> -- Admins
> * dcaro
> * eedri
> * ewoud
>
> - Rackspace
> -- Services
> * jenkins slaves (not installed yet)
>
> -- Admins
> * quaid
>
> Jenkins slaves, incomplete list I'm sure
>
> - jenkins.ekohl.nl
> Runs Fedora 17, sponsored by my employer Oxilion.
>
> -- Admins
> * eedri
> * ekohl
- EC2 slaves f18/rhel 6.4
-- Admins
* iheim - had admin on vms administration
* eedri
* dcaro
* jenkins user accessible from master server with sudo
- EC2 Gerrit
-- Admins (Correct me if I'm wrong)
* iheim
* kwade (limited)
* eedri (limited)
> _______________________________________________
> Infra mailing list
> Infra(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/infra
>
_______________________________________________
Infra mailing list
Infra(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/infra
10:19 a.m.
On 04/22/2013 04:01 PM, David Caro wrote:
- EC2 Gerrit
-- Admins (Correct me if I'm wrong)
* iheim
* kwade (limited)
* eedri (limited)
iirc. they have sudo for host/system admin and kwade setup the gerrit
backup service, but not expected to do gerrit administration specifically.
12:23 p.m.
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
------enig2SXJLCDDIWTRGXEILKTGH
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
On 04/24/2013 08:19 AM, Itamar Heim wrote:
On 04/22/2013 04:01 PM, David Caro wrote:
> - EC2 Gerrit
>
> -- Admins (Correct me if I'm wrong)
> * iheim
> * kwade (limited)
> * eedri (limited)
=20
iirc. they have sudo for host/system admin and kwade setup the gerrit
backup service, but not expected to do gerrit administration specifical=
ly.
+1
--=20
Karsten 'quaid' Wade, Sr. Analyst - Community Growth
http://TheOpenSourceWay.org .^\ http://community.redhat.com
@quaid (identi.ca/twitter/IRC) \v' gpg: AD0E0C41
------enig2SXJLCDDIWTRGXEILKTGH
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iD8DBQFReBUG2ZIOBq0ODEERApiHAJ9ylrSgIPZgsR81usUR7MK06Y/3EACgzuPi
L0zhVN2+S74R8HXCCJfhVC4=
=RpR6
-----END PGP SIGNATURE-----
------enig2SXJLCDDIWTRGXEILKTGH--
3:53 p.m.
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
------enig2LQQARRQNNFKRTVACRERB
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
On 04/22/2013 05:09 AM, Ewoud Kohl van Wijngaarden wrote:
Hello all,
=20
We've seen some SPOFs (Single Point Of Failure) on people. We all know
this is a bad thing, but how do we fix it?
=20
Let's start by listing the services. Please correct/add info if you hav=
e
it.
=20
- openshift
-- Services
* website / wiki
=20
-- Admins
* Rydekull (SSH only)
* ewoud (SSH only)
* quaid (full admin)
+ * dneary (SSH only)
+ * garrett (SSH only)
+ * jbrooks (SSH only)
Also, I used quaid(a)ovirt.org, and that can be aliased to anyone, so we
can at least shift the full admin SPOF to another soft human.
The additional people are more than just members of my team at Red Hat,
they are also people who have been significant contributors to oVirt in
a number of ways; I've basically just considered them junior and quiet
Infra members. :)
- linode01
-- Services
* resources
* mailing lists
* gerrit backups
=20
-- Admins
* RobertM
* Rydekull
* dcaro
* eedri
* ewoud
* mburns
- * quaid
+ * quaid (full Linode back-end admin)
Those are all my fixes to this list.
- Karsten
- alterway01
-- Services
* jenkins master
=20
-- Admins
* dcaro
* eedri
* ewoud (jenkins account broken due to openid plugin)
* quaid
* RobertM
=20
- Alterway02
-- Services
* ovirt host to be, waiting for IP space to install guests
=20
-- Admins
* dcaro
* eedri
* ewoud
=20
- Rackspace
-- Services
* jenkins slaves (not installed yet)
=20
-- Admins
* quaid
=20
Jenkins slaves, incomplete list I'm sure
=20
- jenkins.ekohl.nl
Runs Fedora 17, sponsored by my employer Oxilion.
=20
-- Admins
* eedri
* ekohl
_______________________________________________
Infra mailing list
Infra(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/infra
=20
--=20
Karsten 'quaid' Wade, Sr. Analyst - Community Growth
http://TheOpenSourceWay.org .^\ http://community.redhat.com
@quaid (identi.ca/twitter/IRC) \v' gpg: AD0E0C41
------enig2LQQARRQNNFKRTVACRERB
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iD8DBQFRdvTM2ZIOBq0ODEERApwnAKCkiaIk9IVkPnNmYBPU0NHyFKmqrwCghY0C
zu87quwegksj1KLjUvbzNss=
=ZDeB
-----END PGP SIGNATURE-----
------enig2LQQARRQNNFKRTVACRERB--
4225
days inactive
4227
days old
5 comments
5 participants
participants (5)
-
David Caro -
Ewoud Kohl van Wijngaarden -
Eyal Edri -
Itamar Heim -
Karsten 'quaid' Wade