Meza/NASA Technology Report for MEZA (NTR 1654188037)

New technology title:

Meza (MediaWiki EZ Administration)

Which NASA Center does this New Technology Report belong to?

GRC (required only for the purposes of which center processes the NTR)

Internal Docket Number/Contractor Tracking Number:

blank

Innovators of this report:

Do you have any additional reviewers or Company New Tech (NT) Reps to add to this technology?

• No

This NTR describes an already fully-developed open-source Ansible software project called "Meza" which is currently in production use at JSC-FOD and GRC-ATF. The Meza project provides a complete set of server automation scripts to Centos and RedHat Linux system administrators enabling them to easily, reliably and efficiently provision, manage, and maintain a fully-featured Semantic MediaWiki application on an entirely open-source software stack with just a few simple commands. The project was created over 10 years ago by the NASA JSC Flight Operations Directorate's (FOD) EVA, Robotics, and Crew Operations Division (CX) to support the administration of their MediaWiki-based Knowledge Management (KM) system used for all ISS operations and EVAs. In 2016 NASA GRC's Armstrong Test Facility (GRC-ATF) began using the Meza project to manage and maintain their MediaWiki-based Knowledge Management System (KMS) as well. The Meza project has been continuously maintained over the years by technical staff from both JSC (Flight Operations Directorate) and GRC (Armstrong Test Facility). It is the goal of this NTR to announce this project to the rest of the Agency and the world as an official NASA open-source project on github.com for the benefit of all.

Description of the problem or objective that motivated the innovation's development:

The Meza project was created to make it possible for everyone to have a modern, fully-featured MediaWiki installation with very little effort. A standard MediaWiki application is relatively easy to install if you already have a properly configured server and only want the core capabilities, but a properly configured server can be quite complex and, increasingly, many of the newer and more powerful MediaWiki features are achieved through 'extensions' that often involve additional install procedures that can become complex as well. These two factors make the overall task of administrating a fully-featured and fully-secure MediaWiki server much more complex. Additionally, installing MediaWiki on enterprise Linux derivatives (e.g. Red Hat, etc.) with organizationally specific requirements for authentication and authorization increase the complexity further. There is nothing about these complexities and time consuming procedures that can't be accomplished by a sufficiently skilled and available system administrator, but many organizations that are not focused on IT services as their primary purpose may not have the budget to retain one and while there are a number of companies that will do all this for a fee, the total cost of ownership can become prohibitive. This is all a consequence of there not being a free and open-source automation project to address this task for the MediaWiki community. And so it is the NASA developed "Meza" project that fills this need. Meza was originally named for David Meza, who was Chief Knowledge Architect at NASA JSC and granted access to the first Linux-based server used for MediaWiki at JSC. It has since come to also stand for "MediaWiki E-Z Admin". Meza provides a set of Ansible scripts that make the administration of the entire software server stack and many of the most popular extensions (e.g. VisualEditor, CirrusSearch, etc..) extremely easy to install, backup, reconfigure, and maintain in a robust, modern, and well-tested way.

Technically complete description of innovation:

Meza employs a modern "Infrastructure-as-Code" approach to application/server automation using Ansible. This enables system administrators to setup and maintain a fully-open-source, fully-featured, and fully-secure enterprise Semantic MediaWiki application with simple commands. System administrators can use Meza to put all software components (e.g. Apache-PHP, MariaDB, HAProxy, FirewallD, ElasticSearch, MediaWiki, etc..) on a single monolithic server or split them out over many. Run a solitary master database or have replicas. Deploy to multiple environments. Run backups. Do it all using the meza command.

Examples:

• Provision a new server or update an existing sever with: sudo meza deploy <environment>

• Create a new wiki on a wiki server with: sudo meza create wiki <environment>

Note - <environment> refers to the human and machine readable definition file(s) which define the infrastructure and configuration

MEZA Documentation

https://www.mediawiki.org/wiki/Meza

MEZA Source Code

https://github.com/nasa/meza

Capable of provisioning and maintaining a MediaWiki Application Server that:

1. Only uses highly-reputable, well-documented open source software [1] DOD FOSS FAQ
2. Enables server admins to easily:
   1. Use an "Infrastructure as Code" (IaC) approach to provisioning and managing Meza Ansible
      1. Define the entire application environment using human and machine readable definition files
      2. Define the server software components using human and machine readable definition files
      3. Define and configure all MediaWiki extensions using a human and machine readable definition file
      4. Customize the common configurations of all wikis using human and machine readable definition files
      5. Customize the unique configurations of specific wikis using human and machine readable definition files
      6. Keep the public and private configurations of all software element configurations separate
   2. Automate the provisioning and maintenance of all components using agentless scripts Meza Ansible
      1. Update all software elements with a single command
      2. Create and destroy wikis with a single command
      3. Perform back-up and restore of all wiki databases with a single command
      4. Perform back-up and restore of individual wikis with a single command
      5. Ensure the desired state without needing to know the current state
3. Can provide a comprehensive Software Version Description of the entire software stack on demand
4. Is certified for use as an CUI/SBU repository of NIST MODERATE data for the organization GRC Code V SRA
5. Enables the use of a well-documented and well-developed automation client mwclient
6. Uses an SSO for user authentication via SAML/ADFS PluggableAuth + LaunchPad
7. Provisions users based on SAML attributes NAMS
8. Meets or exceeds all design principles defined in NASA's Applications Programming Handbook (AP-NASA-HDBK-001 v2.4) [2] with special attention to:
   • 4.3.1.1 - Strive for vendor independence through the use of open source software
   • 4.3.1.2 - Prefer Open Source Software
9. Runs on Agency supported "Platform as a Service" [3] Red Hat
10. Runs on a community supported Linux Distribution Rocky Linux
11. Makes all of its functions available through well-documented RESTFUL APIs [4] MediaWiki
12. Is provisioned and maintained using idempotent [5] deployment automation scripts. Ansible
13. Enables authenticated and authorized MediaWiki users to create and edit wiki articles [6] MediaWiki
14. Enables authenticated and authorized MediaWiki users to develop custom Forms Page Forms
15. Is capable of storing data in wiki pages using "semantics" [7] resulting in RDF/OWL data representations of the data accessible to other features of the wiki. SMW
16. Enables users to organize file uploads as nested file structures EMWFS
17. Enables the organization to implement all organizational processes as integrated multi-user/multi-instance electronic workflows that incorporate all aspects of knowledge management as the work is being done. SMW+PageForms
18. Runs daily tests on the current build to detect and inform developers of emerging compatibility issues Meza
19. Runs daily tests against MediaWiki extensions to detect and inform developers of compatibility issues Meza

References:

1. https://dodcio.defense.gov/Open-Source-Software-FAQ/
2. https://sharepoint.msfc.nasa.gov/sites/ap/standards/.../AP-Handbook-v2.4.pdf
3. https://www.grc.nasa.gov/ocio/pages/computing/platform-as-a-service
4. https://restfulapi.net/
5. https://www.w3.org/TR/ws-gloss/#defs
6. http://wiki.org/wiki.cgi?WhatIsWiki
7. https://www.w3.org/standards/semanticweb/

As a pure Infrastructure as Code (IaC) automation project, Meza does not do anything that a sufficiently skilled administrator couldn't do with sufficient time, however the combination of skill and time required generate cost to the organization that can raise the total cost of ownership to levels equivalent with many mainstream COTS solutions. It is uniquely the availability of the Meza project to fully-automate all provisioning and management of a fully-featured MediaWiki application server that empowers 'anyone' or 'any organization' with root access to a basic networked computer to properly own and operate a fully-featured, vendor independent, fully-secured, fully-maintainable, fully-open-source, headless, service/API driven Semantic MediaWiki server farm with an extremely low-total cost of ownership over the entire life of the project. This efficiency and value reduce the total cost of knowledge management and digital transformation for any organization, large or small, in the world. Making it possible for non-tech organizations and small businesses and to operate and provide modern knowledge graph-based, big data knowledge management capability that is technically comparable to what currently only large cloud-based companies with proprietary products and services are offering.

Degree of technical significance:

• [ ] Modification to Existing Technology
• [X] Substantial Advancement in the Art
• [ ] Major Breakthrough