Gentoo Archives: gentoo-project

From: Alec Warner <antarus@g.o>
To: gentoo-project <gentoo-project@l.g.o>
Subject: [gentoo-project] Celebrating three infra milestones in 2021
Date: Tue, 14 Sep 2021 23:10:49
Message-Id: CAAr7Pr9i+LDSVdJu0EWJZitDYae=tAA9Fh_hhhGAUnV+Cfc5fA@mail.gmail.com
1 * Ganeti Upgrade to geneti-3 series (python2.7 deprecation.)
2 * Removal of cfengine2 from the fleet.
3 * openssl upgrade to a supported version
4
5 Infra ran cfengine-2 based configuration management since the early
6 00's (inherited from the OSL). While we have been deploying new
7 services in puppet, a number of services remained in cfengine. We
8 never upgraded to cfengine3, leaving us on an old codebase that lacked
9 support for newer openssl versions. Due to this, we had been stuck on
10 openssl-1.0.2u (released Dec 2019.) However we closed the cfengine
11 repo (and completed the migration to puppet) on August 19th 2021. This
12 enabled us to begin the openssl upgrade in earnest. That upgrade was
13 completed today; and the fleet is now in a recent openssl version[0].
14
15 Similarly we had been running a ganeti-2 series ganeti cluster for
16 about 10 years and this too needed an upgrade to a supported ganeti
17 version. This was completed a couple of weeks ago and unblocked our
18 python2.X deprecation efforts, and we can now continue the migration
19 to the python-3 series.
20
21 ganeti: Thanks goes to robbat2 for getting the ganeti-3 ebuilds to
22 build and testing and deploying the cluster.
23 cfengine: Thanks to robbat2 and antarus for porting the last of the
24 services to puppet; allowing us to turn off cfengine.
25 openssl: Thanks to sam, jmbsvicetto, robbat2, and antarus for doing
26 the upgrades and helping with exciting dependency problems.
27
28 -A
29
30 [0] Running an old openssl and old python caused numerous exciting
31 upgrade problems for us; it also made it difficult to apply all GSLA
32 fixes, so these were big priorities for us this year.