Wikimedia Release Engineering Team/Deployment pipeline/2017-05-02
2017-05-02
editWho's here: thcipriani marxarelli hashar jrbranaa akosiaris
Last Time
edit- Agreed we all hate json
- Talked a bit about the security needed in a container, creating files as root is bad
- Dan + Mako to sync-up on blubber and service-runner
- Async work on Requirements doc
Topics
edit- Service runner and blubber
- node-service-builder github (https://github.com/wikimedia/node-service-builder)
- Requirement doc questions
- Uniform structure of containers /data, /src, logging, etc
- Deployment and release management for developers
- elacticity enabled in k8s 1.4, running k8s 1.5, not really to do with deployment pipeline
- Resources vs unit is up to developer to define
- resource definitions/information can live inside pipeline configuration
- Deployment via k8s covers the canary case automagically (lots of unknowns)
- Sha1 rollback and deployment -- what's the front-end look like (scap maybe?) -- helm is the default currently
- Deployment and release management for developers
- Config changes as code deploys
- Many RelEng requirements are Ipso Facto done because of nature of pipeline (pulled from nodepool work, I think)
- compatibility with production env
- "arbitrary sudo"
- isolated (from one another) (not in the networking sense, but rather as a test after test sense)
- Prepare and maintain base container images
- Anything to talk about outside the ticket/here?
Team Updates
edit- Releng
- antoine just upgraded Jenkins so now pipeline available on the live instance
- translate work done on ci-staging to jjb
- Ops
- datacenter switch back
- Services
- marko at tech mangers meeting