1 |
* Ganeti Upgrade to geneti-3 series (python2.7 deprecation.) |
2 |
* Removal of cfengine2 from the fleet. |
3 |
* openssl upgrade to a supported version |
4 |
|
5 |
Infra ran cfengine-2 based configuration management since the early |
6 |
00's (inherited from the OSL). While we have been deploying new |
7 |
services in puppet, a number of services remained in cfengine. We |
8 |
never upgraded to cfengine3, leaving us on an old codebase that lacked |
9 |
support for newer openssl versions. Due to this, we had been stuck on |
10 |
openssl-1.0.2u (released Dec 2019.) However we closed the cfengine |
11 |
repo (and completed the migration to puppet) on August 19th 2021. This |
12 |
enabled us to begin the openssl upgrade in earnest. That upgrade was |
13 |
completed today; and the fleet is now in a recent openssl version[0]. |
14 |
|
15 |
Similarly we had been running a ganeti-2 series ganeti cluster for |
16 |
about 10 years and this too needed an upgrade to a supported ganeti |
17 |
version. This was completed a couple of weeks ago and unblocked our |
18 |
python2.X deprecation efforts, and we can now continue the migration |
19 |
to the python-3 series. |
20 |
|
21 |
ganeti: Thanks goes to robbat2 for getting the ganeti-3 ebuilds to |
22 |
build and testing and deploying the cluster. |
23 |
cfengine: Thanks to robbat2 and antarus for porting the last of the |
24 |
services to puppet; allowing us to turn off cfengine. |
25 |
openssl: Thanks to sam, jmbsvicetto, robbat2, and antarus for doing |
26 |
the upgrades and helping with exciting dependency problems. |
27 |
|
28 |
-A |
29 |
|
30 |
[0] Running an old openssl and old python caused numerous exciting |
31 |
upgrade problems for us; it also made it difficult to apply all GSLA |
32 |
fixes, so these were big priorities for us this year. |