Who's here:

2017-06-20

• Ops will be looking into network policies for pods (multi-week)
• Also looking into upgrading to version 1.5.5 (we got 1.4.6)
• thcipriani/antoine to pair on secret storage options
  • we talked...
• thcipriani working on docker escaping
  •   Doneish initial work
• services/Marko:
  • work on tooling continues (meeting this week or next)
  • document minikube setup
• dan env var stuff for blubber
  •   Done landed
• dan hacking on mathoid with blubber
  • dan attending meeting today

• Creds for Jenkins: Two real options:
  • Setup another Jenkins/Zuul
  • Run outside of Jenkins
• Run outside of Jenkins
  • Run directly on contint1001
  • Register a worker with the Zuul gearman server
  • Possibly run some command with the existing Jenkins that has credentials access
    • In scope for blubber? Dan?
• Setup another Jenkins/Zuul
  • Don't know where I would put this

TODO gearman/zuul plugin dan/tyler to pair

• Use cases
  • Developer merges change, wants to do a deploy
  • Moritz wants to make security updates
    • Maybe this kicks off jenkins jobs/maybe not

• Work for moving to k8s 1.5.5/1.6 next quarter
  • probably paired with moving to stretch

• Ops working out security upgrades
  • deb monitor https://phabricator.wikimedia.org/T167504

• operations/docker/production-images
  • for packaging base images next week
  • blubber maybe overkill for base images
  • has different needs than blubber
  • PS to be merged soon (TM) https://gerrit.wikimedia.org/r/#/c/360813/
  • toollabs should use same build system -- maybe be a tree of this
  • this work should be helpful for security upgrades

• Release Pipeline Workboard
• Meeting notes