Time
S
Nick
Message
11:31 donsizemore joined #dataverse
14:09 pdurbin joined #dataverse
14:17 poikilotherm
pdurbin donsizemore overhauled cloud guide done :-) https://dataverse-k8s.readthedocs.io/en/develop
14:18 donsizemore
@poikilotherm excellent! i'm reading about terraform this morning
14:19 poikilotherm
donsizemore: terraform is huge. But a complex beast
14:19 poikilotherm
kubespray couples Ansible + Terraform to setup K8s clusters
14:19 donsizemore
@poikilotherm i've used it but no formal training (hence the quiet morning)
14:19 pdurbin
poikilotherm: has that octopus always been there? I like it.
14:20 poikilotherm
pdurbin no it hasn't . It's a graphic from one of my talks. The octopus is the logo of docker compose
14:21 pdurbin
The grey "The" and "Project" in "The Dataverse Project" is hard to read against the blue background.
14:22 poikilotherm
Aye
14:22 pdurbin
typo: Media: where a the stories?
14:25 pdurbin
poikilotherm: all these docs are a huge selling point. Nice work.
14:26 poikilotherm
I feel like we can remove the old stuff from the dataverse guides soon
14:26 poikilotherm
BTW both fixed. Should be visible in ~5 minutes when RTD build is done
14:27 pdurbin
If you mean http://guides.dataverse.org/en/5.0/developers/containers.html is has already been pruned down to almost nothing. Just links to your work and Slava's work.
14:28 poikilotherm
Great!
14:29 pdurbin
Did we talk about the thread where someone was asking about 5.0 containers?
14:30 poikilotherm
Aye
14:30 pdurbin
Cool. I really appreciate that you and Slava have solutions ready.
14:31 poikilotherm
Not sure I will provide 5.0 containers from my project. I would rather see 5.1 containers integrated into the upstream codebase
14:31 poikilotherm
Changing to Payara only allows for a lot of cleanup
14:32 poikilotherm
BTW did we ever talk about Dataverse bootstrapping itself via Flyway hook?
14:32 poikilotherm
It would be so cool to remove this cruft, too
14:32 poikilotherm
So much glue in scripts in the docker images
14:33 pdurbin
I don't believe we have.
14:54 pameyer joined #dataverse
17:23 devanshi_deswal joined #dataverse
18:12 poikilotherm
pdurbin http://k8s-docs.gdcc.io is reachable :-)
19:05 yoh joined #dataverse
19:24 poikilotherm
Oi donsizemore any reason why I can't access Jenkins from home? Still blocking due to script kiddies?
19:27 pdurbin
poikilotherm: nice! You own this domain?
19:28 poikilotherm
pdurbin like I wrote a few days ago: it was cheap. ~27€ for a year
19:28 poikilotherm
I like short URLs...
19:29 pdurbin
me too :)
19:35 poikilotherm
I triggered Github, too. Maybe they can free github.com/gdcc for us. Otherwise using Github Container Registry would lead to using image names like ghcr.io /GlobalDataverseCommunityConsortium/dataverse-k8s etc
19:36 pameyer
poikilotherm - jenkins.dataverse.org seems to be working for me (2 network locations)
19:36 poikilotherm
Very ugly :-(
19:36 poikilotherm
pameyer: which did you try? donsizemore has created some holes in that firewall
19:37 pameyer
hms and residential isp
19:37 pdurbin
I asked GitHub to release https://github.com/dvn to me and they did. But then we changed the name of the software from DVN to Dataverse (thank goodness).
19:37 poikilotherm
IIRC he did create an exception for FZJ AS 134.94.0.0/16, but I'm at home. Dynamic IP from my ISP :-(
19:37 donsizemore
github.com/gdcc being unavailable is how we got GlobalDataverseCommunityConsortium
19:38 donsizemore
@poikilotherm not firewall, fail2ban - mostly an nginx badbot jail
19:38 poikilotherm
donsizemore: T_T
19:38 pameyer
fail2ban might explain it
19:38 poikilotherm
What did I do? Click to fast?
19:38 donsizemore
port 443 is globally accessible
19:39 donsizemore
I don't think any Jenkins server should be publicly accessible, but IQSS wanted the GitHub badges, so I compromised with fail2ban.
19:39 donsizemore
I can whitelist your ISP block
19:39 poikilotherm
Googles Recaptcha always yells at me I can't be human because I solve those puzzles too quickly :-(
19:40 poikilotherm
donsizemore not sure that's a good idea. Telekom is BIG
19:41 pdurbin
donsizemore: well, for me it's more about transparency. How were the binaries compiled. That sort of thing.
19:41 poikilotherm
Can fail2ban check if someone is logged into Jenkins coming from a certain IP ?
19:45 donsizemore
probably.
19:47 pameyer
does jenkins allow for cert-based auth?
19:49 donsizemore
https://github.com/jenkinsci/certificate-authentication-plugin
19:50 poikilotherm
certificate based auth... brrr
19:51 poikilotherm
donsizemore you did that fail2ban to block people on a network level, thus ensuring they can't mess with a security issue in the software, right?
19:51 donsizemore
jenkins is open to the world on port 443, in theory in a read-only state
19:52 donsizemore
i enabled a few fail2ban jails hopefully to catch naughty clients. sometimes it's over-zealous
19:53 donsizemore
but i'm happy to whitelist even your current ipv4 if it's blocking you
20:00 poikilotherm
Currently I am 2003:ce:1f2f:c900:d30f:7ab2:40c4:b085 or 91.39.172.127
20:01 pdurbin
Sadly, /me is not supported in Slack threads. At least Slackbot apologizes over it.
20:01 poikilotherm
Looks like gdcc-jenkins.irss.unc.edu. is IPv4 single stack only
20:05 poikilotherm
donsizemore I have one issue remaining in https://github.com/IQSS/dataverse-kubernetes/milestone/6
20:06 poikilotherm
For switch dataverse-kubernetes to GDCC org I need to edit on Jenkins.
20:06 poikilotherm
s/For/To/
20:07 poikilotherm
Any chance I could fix this today? It's 22:00 over here ;-)
20:07 donsizemore
@poikiltotherm try it now?
20:08 poikilotherm
Here we go THX!!!!!
20:11 poikilotherm
donsizemore: I see a "docker: command not found" in https://jenkins.dataverse.org/job/dataverse-k8s/job/image-dataverse/job/develop/lastFailedBuild/console failing builds. Was running in gdcc-jenkins03. Build #27 on gdcc-jenkins01 ran fine.
20:11 poikilotherm
Should I reconfigure my jobs to exclude some runners?
20:12 poikilotherm
BTW very cool to have a bunch of runners in the back :-)
20:12 poikilotherm
Yeah all the failed builds ran on gdcc-jenkins03
20:15 poikilotherm
Seems like gdcc-jenkins02 was never used.
20:15 poikilotherm
All successfull builds ran on gdcc-jenkins01
20:31 poikilotherm
IT'S DONE
20:31 poikilotherm
dataverse-kubernetes now lives at GDCC
20:31 pameyer
:thumbsup:
20:31 pameyer
... ^ also doesn't translate from slack to irc
20:32 pdurbin
👍
20:59 poikilotherm
donsizemore: gdcc-jenkins02 has the same problem: docker command not found. https://jenkins.dataverse.org/job/dataverse-k8s/job/image-dataverse/view/tags/job/v4.20/lastFailedBuild/console
21:00 pdurbin left #dataverse
