diff --git a/meetings/2024-10-15.md b/meetings/2024-10-15.md new file mode 100644 index 0000000..ccd215d --- /dev/null +++ b/meetings/2024-10-15.md @@ -0,0 +1,221 @@ +--- +tags: meeting, infrastructure +project: infrastructure +--- + + +# 2024-10-15 + +[:movie_camera: Zoom Meeting Room](https://zoom.us/j/92454301214?pwd=aEVoUi9EanpaakN3L1ZxRlpDQk5Ddz09) +[:calendar: Shared Calendar](https://jenkins.io/event-calendar/) +[:speech_balloon: Chat Room #jenkins-infra](https://matrix.to/#/#jenkins-infra:matrix.org) +[:email: Google Group (mailing list) jenkins-infra](https://groups.google.com/g/jenkins-infra) +[🧠 Previous Meeting Notes](https://github.com/jenkins-infra/documentation/blob/main/meetings/2024-10-08.md) + +## Attendees 👥 + + +* @dduportal (Damien Duportal) +* @jayfranco999 (Jay Reddy) +* @MarkEWaite (Mark Waite) +* @smerle33 (Stéphane Merle) +* @kmartens27 (Kevin Martens) + +## Announcements :loudspeaker: + +1. Jenkins Weekly Releases + * Last Week: 2.480 went smoothly! + * This Week: 2.481 started on time +2. Jenkins project has received a grant from Alpha Omega + * CSP project funding Shlomo Dahan and Yaroslav Afenkin + * Announced in a blog post, second blog post once Yaroslav signs his contract +3. "Software of Public Interest", former home of the Jenkins Project, has a sitting $9k for us. + * Not easy to spend, cannot transfer + * So we'll use it to fund contributors travels to FOSDEM \o/ +4. Jenkins elections are in progress + * [Voter registration](https://www.jenkins.io/blog/2024/09/25/board-officer-election-announcement/) is open until 31 Oct 2024 + * 70 registered to vote + * [Candidate statements](https://www.jenkins.io/blog/2024/10/03/jenkins-election-candidates/) are available + +## Upcoming Calendar 📆 + +* Next Weekly: 2.482 +* Next LTS: 2.479.1 30 Oct 2024 - Mark Waite release lead, [checklist](https://github.com/jenkins-infra/release/issues/606) + * End of life for Java 11 \o/ + * Jetty 12 upgrade from Jetty 10 + * Spring Security 6 upgrade from Spring Security 5 +* Next Security Release as per [jenkinsci-advisories](https://groups.google.com/g/jenkinsci-advisories): N.A. +* Upcoming credentials expirations (~3 weeks): + * [ci.jenkins.io Azure VM agents](https://github.com/jenkins-infra/azure/pull/854) - https://github.com/jenkins-infra/helpdesk/issues/4358 + * Need to check in Azure UI with @smerle and @dduportal +* Next major event: + * FOSDEM, Feb 1-2 2025 in Brussels, Belgium +* Meeting time change coming due to end of summer time + * Proposal: Keep same meeting time in Paris time? + * Proposal accepted by all in the meeting + +## Cloud Budgets + +* Azure (CDF paid) + * July: $4,571 (invoice) + * August: $4,552 (invoice) + * September: $3,810 (invoice) + * October: $1,913 (forecast at 4.1k) + +* Azure Sponsorship (Microsoft Credits) - Remaining: $41006 ($58994 consumed) until May 2025 + * July: $10k consumed + * August: $10.5k consumed + * September: $10.4k consumed + * October: $5.9k (Forecast at ~12.3k !!!) + +* DigitalOcean - Remaining $15,852.91 (~4k consumed) until 02 January 2025 + * July: $176.01 (invoice) + * August $200.08 (invoice) + * September: $158 (invoice) + * October: $85 (Forecast at ~$170) + +* AWS: + * CloudBees: + * July: $6.5k + * August: $6.3k + * September: $6.1k + * October: $3.2k (forecast at ~6.8k) + * Sponsored account - $59,966 left + * October: $34 (no forecast yet) + +* Mark and Damien propose a 2025 cloud budget to CDF + +## Notes :book: + +* [Done](https://github.com/jenkins-infra/helpdesk/milestone/131?closed=1): + * Credential Rotations: + * [[infra.ci.jenkins.io] Credential rotation for deployment of `plugins.jenkins.io` and `docs.jenkins.io`](https://github.com/jenkins-infra/helpdesk/issues/4323) + * [[trusted.ci.jenkins.io] Credential rotation of Azure Files for `www.jenkins.io` and `javadoc.jenkins.io`](https://github.com/jenkins-infra/helpdesk/issues/4322) + * Spam: + * [Block user katty867 due to Jira issue spam](https://github.com/jenkins-infra/helpdesk/issues/4357) + * [Block user lazyunicorn for Jira issue spam](https://github.com/jenkins-infra/helpdesk/issues/4348) + * [Block user leooscarees@gmail.com due to Jira issue spam](https://github.com/jenkins-infra/helpdesk/issues/4347) + * [Block user irischamplin due to spam Jira comments](https://github.com/jenkins-infra/helpdesk/issues/4346) + * [Block user coxex96560 for Jira issue spam](https://github.com/jenkins-infra/helpdesk/issues/4344) + * [Suspicious user eleanorladd on JIRA](https://github.com/jenkins-infra/helpdesk/issues/4338) + * Backend Extension indexer: + * Big shoutout to @daniel-beck for solving these problems :clap: + * [extension-indexer runs with wrong Java (11 instead of 17) on infra.ci](https://github.com/jenkins-infra/helpdesk/issues/4343) + * [Credential artifact-caching-proxy-credentials unavailable on ci.jenkins.io](https://github.com/jenkins-infra/helpdesk/issues/4340) + + * Outages/Infra issues: + * [kubernetes infracijenkinsio-agents-1 arm64 nodepool la64n14agt1 not scaling](https://github.com/jenkins-infra/helpdesk/issues/4337) + * [Packer-Images failure on windows 2019 due to ssh-server start failing](https://github.com/jenkins-infra/helpdesk/issues/4334) + + * [Unable to Create a Jira Account](https://github.com/jenkins-infra/helpdesk/issues/4349) + * [Request for GH Personal Access Token for plugin project.](https://github.com/jenkins-infra/helpdesk/issues/4333) + * [No documentation and no javadoc shown on my plugin page](https://github.com/jenkins-infra/helpdesk/issues/4332) + * [Plugin site improperly displays GH releases with empty title](https://github.com/jenkins-infra/helpdesk/issues/4331) + * Thanks @alecharp for the fix, @daniel-beck, @smerle and @zbynek for the support + * [Upgrade Maven to 3.9.6 or newer for GitHub Actions](https://github.com/jenkins-infra/helpdesk/issues/4310) + * [Build errors of docs.jenkins.io PR's appear to be infra-related](https://github.com/jenkins-infra/helpdesk/issues/4307) + * [[Plugin Health Score] Scores not computed - Getting logs from plugin-health.jenkins.io](https://github.com/jenkins-infra/helpdesk/issues/4152) + * Scores are now computed since a few days, thanks to @alecharp and @smerle + * We have to close status.jenkins.io outage and ready to close + +* [Closed as not planned](https://github.com/jenkins-infra/helpdesk/milestone/131?closed=1): + * [Not able to login to jenkins forgot username and password ](https://github.com/jenkins-infra/helpdesk/issues/4341) + * [Request for Admin Access to the GitHub Repository of the Environment Variables Status Sync Plugin](https://github.com/jenkins-infra/helpdesk/issues/4339) + * [ESIC command execution issue](https://github.com/jenkins-infra/helpdesk/issues/4335) + * [New Docker based Jenkins installation is failing to download plugins](https://github.com/jenkins-infra/helpdesk/issues/4328) + +* [Work in Progress](https://github.com/jenkins-infra/helpdesk/milestone/131): + + * [[AWS] Move ci.jenkins.io from Azure (sponsorship) to AWS (sponsorship)](https://github.com/jenkins-infra/helpdesk/issues/4313) + * [[ci.jenkins.io] Move ephemeral VM agents to AWS](https://github.com/jenkins-infra/helpdesk/issues/4316) + * WiP on packer-images to create Linux AMIs for ephemeral agents (using EC2) + GC of AWS resources + * Next: Windows AMIs and optimizations (security, etc.) + * Start adding EC2 plugin on ci.jenkins.io + * [[ci.jenkins.io] Define virtual networking for AWS](https://github.com/jenkins-infra/helpdesk/issues/4320) + * packer is out of this scope + * WiP on creating the VPC, subnets, gateways, etc. + * Using same terraform module as in the past + * The module only support, today, 1 public egress IP per gateway + * But there is an opened PR (from this summer): let's start with 1 public IP per subnet (module's default): 1 for controller, 1 for VM agents and 1 for container agents + * Another discovery: we need a public subnet for hosting the NAT gateway to allow internet egress (while resources will stay in private subnet) + * Looks good: incoming optim. on security groups, but foundation is good for starting the VMs within + * [infra-statistics has no new data since July 1st 2024](https://github.com/jenkins-infra/helpdesk/issues/4285) + * [[get.jenkins.io, azure.updates.jenkins.io] MaxMind GeoIP Rate Limit hit when redeploying/upgrading `mirrorbits` chart](https://github.com/jenkins-infra/helpdesk/issues/4240) + * [[GeoIP database][subtask] Add a `CronJob` geoip updater task for mirrorbits](https://github.com/jenkins-infra/helpdesk/issues/4278) + * Image and script are readey to roll + * WiP on the helm chart and setting up Azure SP for credentials + * Delaying as Stephane is on day off + +* ToDo (next milestone) (https://github.com/jenkins-infra/helpdesk/milestone/132) + * [[INFRA-3100] Migrate updates.jenkins.io to another Cloud](https://github.com/jenkins-infra/helpdesk/issues/2649) + * [[Update Center - Azure] HTTP/404 responses instead of redirections with error AH01630: client denied by server configuration](https://github.com/jenkins-infra/helpdesk/issues/4312) + * [[Update Center] generate HTML pages with absolute links](https://github.com/jenkins-infra/helpdesk/issues/4311) + * Eventually get away from cloudflare, or at least find 1 VM with rsync somewhere + * GSoc related: + * [RPU GSoC project with terraform integration on infra's backend](https://github.com/jenkins-infra/helpdesk/issues/4246) + * [Adding GSoC project to jenkins-infra](https://github.com/jenkins-infra/helpdesk/issues/4260) + * [Multiple requests for GSoC 2024 Plugin Modernizer Tool](https://github.com/jenkins-infra/helpdesk/issues/4262) + * Providing NodeJS to developers: + * [Build errors of docs.jenkins.io PR's appear to be infra-related](https://github.com/jenkins-infra/helpdesk/issues/4307) + * Packer: Caching of the installer? => issue to open + * Also for python: [chocolatey installer not working in packer-images](https://github.com/jenkins-infra/helpdesk/issues/4345) + * [infra.ci.jenkins.io](Builds stucks due to GH API rate limit](https://github.com/jenkins-infra/helpdesk/issues/4165) + * Back to backlog + * @smerle need admin. access to the GH jenkins-infra organization + * @dduportal to ask on the proper mailing list + +* [New Issues (to triage)](https://github.com/jenkins-infra/helpdesk/milestone/none): + * [GitHub Markdown adminitions are not supported by plugins.jenkins.io](https://github.com/jenkins-infra/helpdesk/issues/4336) + * Moving it to plugin-site issue tracker as it's out of our scope (frontend dev?) + * Updatecli manifests to add/update to new milestone: + * [updatecli manifest for outbound ips](https://github.com/jenkins-infra/helpdesk/issues/4352) + * [updatecli manifest for AWS terraform provider](https://github.com/jenkins-infra/helpdesk/issues/4351) + * [updatecli manifest for aws/vpc module](https://github.com/jenkins-infra/helpdesk/issues/4350) + * ci.jenkins.io on AWS: + * Ephemeral VMs -> Packer images subtasks + * [(packer-images): Add Linux AMD64 and ARM64 AMIs For EC2 agents](https://github.com/jenkins-infra/helpdesk/issues/4353) + * Adding to new milestone + * [(packer-images): Add Garbage Collector for AWS](https://github.com/jenkins-infra/helpdesk/issues/4355) + * Adding to new milestone + * [(packer-images): Add Win-19, Win-22 (AMD64 and ARM64) AMIs For EC2 agents](https://github.com/jenkins-infra/helpdesk/issues/4354) + * Keep in triage until we can start it + * [[ci.jenkins.io] Move controller (VM) to AWS](https://github.com/jenkins-infra/helpdesk/issues/4315) + * Adding to new milestone as the network looks ready + * [[ci.jenkins.io] Create private EKS cluster with "side" services (datadog, ACP, etc.)](https://github.com/jenkins-infra/helpdesk/issues/4319) + * Keep in triage + * [[ci.jenkins.io] Move ephemeral Linux containers to AWS](https://github.com/jenkins-infra/helpdesk/issues/4317) + * Keep in triage + * [[ci.jenkins.io] Set up an ECR pull through cache](https://github.com/jenkins-infra/helpdesk/issues/4321) + * Keep in triage + * [[ci.jenkins.io] Move ACI agents to ephemeral Windows containers to AWS](https://github.com/jenkins-infra/helpdesk/issues/4318) + * Keep in triage + + * Infras outages/issues: + * [Older Debian package availability is incorrect on get.jenkins.io](https://github.com/jenkins-infra/helpdesk/issues/4330) + * Need to repopulate Redis data from scratch to fix the issue as it is a remnant of the redis migration + * Let's check the sizing of archives.jenkins.io befiore the operation + * Targeting Wednedsday + * Adding to new milestone + * [[ci.jenkins.io] project jenkins-infra/docker-plugin-site-issues is not built on ci.jenkins.io (scan permission errors) and has a different pipeline than infra.ci](https://github.com/jenkins-infra/helpdesk/issues/4356) + * Adding to new milestone + * [chocolatey installer not working in packer-images](https://github.com/jenkins-infra/helpdesk/issues/4345) + * Keep in triage + * [Nobody noticed that the last successful extension-indexer run was in August 2023](https://github.com/jenkins-infra/helpdesk/issues/4342) + * Keep in triage + + * Delaying triage: + * [Switch agent (java home) to JDK21 default](https://github.com/jenkins-infra/helpdesk/issues/4127) + * [Switch default JDK to 21 for pipeline libraries](https://github.com/jenkins-infra/helpdesk/issues/4126) + * [Switch default JDK to 21 for build tools](https://github.com/jenkins-infra/helpdesk/issues/4125) + * [Move controllers to JDK21 (runtime)](https://github.com/jenkins-infra/helpdesk/issues/4123) + * [Move agents to JDK21 (runtime)](https://github.com/jenkins-infra/helpdesk/issues/4121) + * [[INFRA-2651] Replace accountapp with (keycloak? Go-authentik? Something Else?)](https://github.com/jenkins-infra/helpdesk/issues/2232) + +## Action Points :muscle: + + +* [x] Publish this meeting note on [jenkins-infra/documentation](https://github.com/jenkins-infra/documentation) +* [x] Publish this meeting record on Youtube - https://youtu.be/JC2JjBKvoi4 +* [x] Publish a topic in community.jenkins.io with the tag `meeting` - https://community.jenkins.io/t/infrastructure-team-meeting-october-15-2024/21896 + +Next meeting note - [2024-10-22](https://github.com/jenkins-infra/documentation/blob/main/meetings/2024-10-22.md) \ No newline at end of file