openSUSE admin

On Mon, Oct 24, redmine@opensuse.org wrote:

I suppose the service would be fine to run behind our HAProxy?

Since it is plain https, should be Ok. I don't know the openSUSE network
setup.

What about CPU cores, memory and openSUSE flavor for your backend VM?

My test machine runs with 2 CPUs and 1GB RAM, and only 350MB RAM are
used...
No idea what nginx needs in production, I have no experience here.
And how many really use that website later.
Tumbleweed or MicroOS are both fine for me. While I normally use
everywhere MicroOS on my private servers, not sure if Tumbleweed
wouldn't be better uptime wise.
An absolut minimal installation to just run nginx is enough, no
other fancy stuff except docserv-auxserver and docserv-config-nginx,
both are in Factory.

The data has to be generated somewhere else were we have access to the
Tumbleweed full tree and then pushed or pulled to this machine.
openSUSE release managers are looking into this.

Do you have access to the Heroes VPN already?

No.

--
Thorsten Kukuk, Distinguished Engineer, Senior Architect
SUSE Software Solutions Germany GmbH, Frankenstraße 146, 90461 Nuernberg, Germany
Managing Director: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman
(HRB 36809, AG Nürnberg)

I'm not familiar with docserv, so let me ask a maybe silly question ;-)

You say that the data gets generated "somewhere else", and will then be synced to the webserver. Does that mean you copy over the manpages (in troff format), or does it mean you copy over HTML files that can simply be served by the webserver?

Background of my question: If you copy over the final HTML files (and don't need anything else), you could simply use our existing servers/VMs behind static.o.o (and some other domains) instead of having to maintain your own VM. (The static.o.o servers are quite boring - they run a plain nginx and serve whatever lives in the document root.)

On Mon, Oct 24, redmine@opensuse.org wrote:

[openSUSE Tracker]
Issue #119293 has been updated by cboltz.

I'm not familiar with docserv, so let me ask a maybe silly question ;-)

You say that the data gets generated "somewhere else", and will then be synced to the webserver. Does that mean you copy over the manpages (in troff format), or does it mean you copy over HTML files that can simply be served by the webserver?

Background of my question: If you copy over the final HTML files (and don't need anything else), you could simply use our existing servers/VMs behind static.o.o (and some other domains) instead of having to maintain your own VM. (The static.o.o servers are quite boring - they run a plain nginx and serve whatever lives in the document root.)

Would be nice if it would work with a plain nginx server, but it
doesn't. Beside the static html data there is a second daemon in the
background (docserv-auxserver), which does the mapping of the search to
the files. And for this, a special nginx configuration is required.

Thorsten

Would it be viable to do configuration for it in salt? I can probably help out with that since I had some experience with docserv already ;)

On Tue, Oct 25, redmine@opensuse.org wrote:

Would it be viable to do configuration for it in salt? I can probably help out with that since I had some experience with docserv already ;)

No idea what you want to solve with this. I used salt in the past, my
problem is, you need to have the same salt version on the machine from
where you call it. Another thing is, it's python, and quite some of my
work machines don't have python installed. So do we have a maintained
salt container?

We have an existing salt setup (https://code.opensuse.org/heroes/salt), and the majority of our infrastructure set up is in it, so we just like keeping it that way. That being said, it's not a requirement. It requires openSUSE infrastructure login, since it's still developed on our internal Gitlab.

If I prepare a VM, it will be set up with and managed by our Salt anyways, hence it would make sense for your service to be configured using a nicely written Salt profile as well. On your workstation machine you only need a text editor and git, just for development/testing purposes you might want a local VM with a Salt minion ...

Either way though, if you don't have access to our infrastructure yet, it would be cool if you'd make a second ticket requesting OpenVPN access and a FreeIPA account. Please attach your public GPG key. Also feel free to join #opensuse-admin for easier chatting.

crameleon wrote:

Upgraded Leap 15.4 to Tumbleweed.

Afaik, we usually don't run TW unless it is absolutely necessary. Something to do with an SLA with SUSE ?

On Fri, Oct 28, redmine@opensuse.org wrote:

[openSUSE Tracker]
Issue #119293 has been updated by pjessen.

crameleon wrote:

Upgraded Leap 15.4 to Tumbleweed.

Afaik, we usually don't run TW unless it is absolutely necessary. Something to do with an SLA with SUSE ?

But we run MicroOS. So I'm fine with that, too.
Not sure if Leap is current enough, at least it does not contain any of
the required tools.

Afaik, we usually don't run TW unless it is absolutely necessary. Something to do with an SLA with SUSE ?

I don't like it either, but it's what was requested here and many machines have it for no apparent reason already. And it is the responsibility of the service owner to keep it updated/patched.

But we run MicroOS. So I'm fine with that, too.

Unfortunately we don't have an image for that, and I don't want to manually configure it.