TL;DR: Set up your super-admin access to the Kubernetes cluster. Set up SOPS with an AGE key and send the public key to me.
We are now (mostly) running on a Kubernetes cluster made up of some old VMs I had lying around and the new systems provided by the Open Source Lab at Oregon State University[1]. These services are currently in the cluster: * Legacy Metabase shim * Backend reports processing * API server These services are being migrated hopefully this weekend, and then the systems running them will be joined to the Kubernetes cluster. * Web frontend * CPAN / BackPAN mirrors * Telemetry and monitoring I have updated the cpantesters-deploy Github project[2] with information about the Kubernetes setup: It's a pretty basic k3s deploy with Longhorn set up by a complete novice to Kubernetes (me). There's still a lot to do around this, including updating the Rexfile to automate system setup, and improving the system setup with firewall configuration, user accounts, and other such. Next steps: I will add user accounts to the Kubernetes server node I rebuilt from an old VM. These will be the same as the ones added to other systems. From there you can reach the Kubernetes configuration so that you can use `kubectl` locally to manage the cluster. This file can be found on nact-pdx-001.cpantesters.org as root using `kubectl config view --minify --flatten`. Put this on your local machine as `.kube/config` and `kubectl` will now be able to use our cluster. This is also a great opportunity to fix our secret management. I have a vague idea that SOPS[3] will be the best path forward, but am still open to suggestions. If there are no better ideas, I'll need y'all to set up SOPS and send me a public key I can add to our secrets file(s) so you can decrypt them. This is probably the least anxious I've felt about our hosting situation in a decade: We have contacts for every system still in our network and I'm not worried that someone will find one of our systems in a forgotten cabinet, fail to find any record of it, and decide to pull the plug. Thank you to everyone who has helped inventory, document, contact, procure, manage, and otherwise helped CPAN Testers get to where we are now. It isn't perfect, but we're in a much more stable place that can support our re-growth. Doug Bell [email protected] 1: Open Source Lab at Oregon State University: https://osuosl.org/ 2: cpantesters-deploy Github project: https://github.com/cpan-testers/cpantesters-deploy 3: SOPS: https://getsops.io/
