Deployment tooling/Cabal/2016-05-09

2016-05-09

edit

Automation of key generation

edit
  • Two related tasks, each have patches that are needed to streamline the scap3 migration:
    • T133211 - Automate the generation deployment keys (keyholder-managed ssh keys)
  • https://gerrit.wikimedia.org/r/#/c/284418/
  • TODOs
    • Ensure scap key cannot be redefined in scap::target - https://phabricator.wikimedia.org/T132747
      • Only specify deployment user, scap::target takes care of keys
      • Keep keyholder puppet functions, remove ssh-keygen
    • Possible keyholder fixups

Cross datacenter TLS

edit

Blocking RESTBase

edit
  • Checklist: https://phabricator.wikimedia.org/T93428
    • Config deploys (haven't done it in production)
      • Some puppet refactoring needed for ownership
    • Untangle the scap deployment pieces of puppet
    • Config --diff

Random Things

edit
  • New package tagged
    • Filippo working on it this week \o/
  • Migration continues

As Always

edit