[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: managing Huawei accounts

Hi Jonathan,

For ci.debian.net we have several hosts at Huawei sponsored by them. We (Aron, who arranged the sponsorship and manages the account and the debian-ci team) would like to manage the resources in an account associated with Debian. I brought the subject up in the past (see some of the tread below) with the cloud team, and they deferred to you for the handling of the creation of an account. As I understand it, the account for AWS is "owned" by SPI. I guess we should do the same for the Huawei account. Can you help us forward? Huawei is now ready to transfer the credits to another account.


On 24-08-2021 15:56, Bastian Blank wrote:
Hi Paul

On Tue, Aug 24, 2021 at 11:31:24AM +0200, Paul Gevers wrote:
As I understand, the account for AWS is "owned" by SPI.

SPI "owns" several resources for Debian.  This is primary relevant
for the things that must not go away, like our published images.

In your opinion, should we do the same for the Huawei platform?

It will make it easier to have uninterupted access, esp as people in Debian are coming and going. So if we want to use it for longer, definitely.

If yes, how does that work?

- Get DPL involved, esp as most cloud providers want a credit card somewhere on signup. - Get SPI to sign-off on the contract details.

I assume here that a single DD just created an account and signed
the existing contract?

Then the technical details needs to be figured out. I assume this account should then not be restricted to ci.debian.net, but others should be able to use resources as well.

For AWS we have some Terraform code that configures the projects and permissions to it (yes, I did not forget the AWS account for you
guys). Okay, AWS might be more complex, that's why it requires more
stuff to work correctly.  We might want to do something similar for

I just did a brief look in the documentation to see what our options are. A single Huawei account contains a global identity management
and can contain several projects.  So all users and permissions can
only be managed by a global admin user.  But permissions can be
specified on separate projects.  That might work.

Regards, Bastian

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to: