[tech] Tech/Wheel Meeting 2021-09-05 14:00 - One hour reminder
root
root at ucc.gu.uwa.edu.au
Sun Sep 5 13:00:01 AWST 2021
Tech/Wheel Meeting Agenda - Sunday 2021-09-05 14:00
===================================================
- VENUE: UCC Clubroom
- and online at https://meetings.ucc.asn.au/b/bob-yrk-uy6
*Meeting opened hh:mm*
## Attendance
- Present
- Apologies
- [NTU]
- Absent
## Next meeting
- Schedule next meeting
- *day 2021-MM-ddThh:mm
- not too soon, let's have more doing than talking?
- ACTION: [???] Set and verify reminders of next meeting: `motsugo# crontab -e`
- Promptly update agenda.next with the TIME/DATE/VENUE
- Update the crontab: `motsugo# crontab -e`
- skip the `4day` , unless there's issues at `1week`
- Check at T-7days that the notice really went out, fix for T-4days if needed
- Everyone, pre-meeting: Curate agenda.next
## Optional items - choose at the start of the meeting
- Ethical guidelines
- Monitoring
- Backups
- Password rotations
- New members
- Quick check of ChangeLog
- Lessons learnt
## Known Broken Stuff
- IPv6 inbound
- ACTION: [TEC] to email UWA IT
- lard
- Still needs a spare PSU OR replacement with something less... fatty.
- ACTION: [???] to send email out requesting a 1U Cisco switch to replace Lard
- samson the https://wiki.ucc.asn.au/ActiveDirectory server has no freshly built DC friends
- this is risky, a single-point-of-failure, which in turn depends on the running VM cluster
- something to do with the current configuration is probably why mussel
and mooneye still have auth problems
- can we upgrade or rebuild or document our way out of this?
- ...so making a quick clone and calling it "done" really isn't enough, continuous integration is called for?
- vucc testbed in https://wiki.ucc.asn.au/NewActiveDirectory
## Matters arising previously
## Extra items (rename/refile as appropriate)
- Monitoring
- Drive health
- Uncorrectable errors, reallocated sectors, TBW on SSDs
- ACTION: [NTU] and [MTL] to work together on how best to start drive monitoring, and make it standard/SOE config via ansible
- [MTL] continues looking at DNS
- Not much progress
- Have played with coredns for a resolving server
- Need to do some more testing of resolving internal UWA things (to check behaviours)
- Working on ansible to set up a primary DNS server
- Done a little bit of playing with Gitlab CI
- Need to finalise working out the best way to do this securely
- split out ucc.machines from zonemake.py code
- Group Policy and Ansible on Windows machines
- ACTION: [333] to figure out most supported way to install official SSHD build on Windows
- ACTION: [MTL] promises to look at this in more detail once back in the clubroom, including WinRM
- Best host to run playbooks from for the Windows machines?
- Post-O-Day account locking
- cleanup accounts e.g. `getent passwd|grep zv`, primary group memberships
- ACTION: [TEC] and [MPT] still need to get this sorted
- Specifically, the Comite™ get a list of people who haven't paid and send to Wheel, so we can do the locking, if James and Tim don't do the locking themselves
- Staging storage server:
- [TEC] Old DELL R710 server[s] from dadams
- Store images or less selective backups onsite, for rapid recovery or offsite replication
- zfs send? btrfs send? borgbackup? expose to https://pbs.proxmox.com/ appliance?
- ACTION: [NTU] followup the previously budgetted 3.5" bulk backup drive purchase
- Done, drives bought
- https://lists.ucc.gu.uwa.edu.au/pipermail/tech/2021-March/005446.html
- https://lists.ucc.gu.uwa.edu.au/pipermail/tech/2021-August/005474.html
- Would like some extra caddies: 3.5" slots, 3.5" + 2.5" SATA drives
- https://discord.com/channels/264401248676085760/264401248676085760/878831917133353031
- https://discord.com/channels/264401248676085760/264401248676085760/879354657976229958
- 3D print? does [DBA] or anyone else at UWA Makers have the model?
- or ebay?
- [MPT] Began (unofficial) discussions with [DBA] and CS faculty about making GPU compute accessible to students
- Potential for funding? No assurances yet
- What else would UCC need to buy/build to make it happen in our MR?
- Plan on 2021-07-18.txt to get moving on `loveday` upgrades - wait for this instead?
- or test with existing hardware?
- ...so if `loveday` doesn't have upgrade quotes yet, how about `medico` -> `machops`?
- https://discord.com/channels/264401248676085760/264411219627212801/883522265466146869
- https://docs.google.com/spreadsheets/d/1mbszgk9T7FU0jGXrdTKXXLzW62vuOvqG3xZ-x9CpALE/edit?usp=sharing
- Build and break a PC 2021-04-20, followup
- Brand new motherboard missing audio capacitor, but [DBA] will resolder it
- ACTION: [DBA] to resolder audio capacitor on new motherboard
- ACTION: [MTL] to update Ansible scripts for mail*
- In response to spam campaign
- Rebuild rather than upgrade `discord-irc` ?
- ansible driven install
- config files:
- `~discord/discord-irc-config.json`
- `/etc/systemd/system/discord-irc.service`
- this machine is a non-complicated test case?
- https://github.com/reactiflux/discord-irc
- requires Debian 11 "bullseye", DebianPkg:nodejs 12.x
- occasionally dies, config tweaks could help?
- https://github.com/reactiflux/discord-irc/issues/594
- `journalctl -xe -u discord-irc.service`
```
Aug 31 17:45:40 discord-irc discord-irc[45040]: TypeError: Converting circular structure to JSON
Aug 31 17:45:40 discord-irc systemd[1]: discord-irc.service: Main process exited, code=exited, status=1/FAILURE
Aug 31 17:45:40 discord-irc systemd[1]: discord-irc.service: Start request repeated too quickly.
```
*Meeting closed hh:mm*
----
```
# https://demo.hedgedoc.org/Hlsapf47RsqpgIjqLVfMUw
cd /home/wheel/docs/meetings
HEDGEDOC_SERVER=https://demo.hedgedoc.org /home/wheel/bin/hedgedoc export --md Hlsapf47RsqpgIjqLVfMUw ./$(date +%Y-%m-%d).txt
git commit -am "Tech meeting minutes $(date +%Y-%m-%d)"
```
<!-- vim: tabstop=2 shiftwidth=2 expandtab
-->
<!-- Local Variables: -->
<!-- tab-width: 2 -->
<!-- End: -->
More information about the tech
mailing list