Re: managing Huawei accounts

To: leader@debian.org
Cc: Aron Xu <aron@debian.org>, Debian CI team <debian-ci@lists.debian.org>, debian-cloud@lists.debian.org
Subject: Re: managing Huawei accounts
From: Paul Gevers <elbrus@debian.org>
Date: Thu, 17 Feb 2022 12:58:10 +0100
Message-id: <[🔎] 0aaefedd-fb36-37ec-aae8-d4d4d5fab923@debian.org>
In-reply-to: <20210824135654.GA5331@shell.thinkmo.de>
References: <9ff18d37-e1d4-cda5-0669-b1a2e310f901@debian.org> <7b1b902b-a9b8-4fc1-959d-0861702be8aa@debian.org> <20210824135654.GA5331@shell.thinkmo.de>

Hi Jonathan,

For ci.debian.net we have several hosts at Huawei sponsored by them. We(Aron, who arranged the sponsorship and manages the account and thedebian-ci team) would like to manage the resources in an accountassociated with Debian. I brought the subject up in the past (see someof the tread below) with the cloud team, and they deferred to you forthe handling of the creation of an account. As I understand it, theaccount for AWS is "owned" by SPI. I guess we should do the same for theHuawei account. Can you help us forward? Huawei is now ready to transferthe credits to another account.


Paul

On 24-08-2021 15:56, Bastian Blank wrote:

Hi Paul

On Tue, Aug 24, 2021 at 11:31:24AM +0200, Paul Gevers wrote:
As I understand, the account for AWS is "owned" by SPI.
SPI "owns" several resources for Debian.  This is primary relevant
for the things that must not go away, like our published images.
In your opinion, should we do the same for the Huawei platform?
It will make it easier to have uninterupted access, esp as people inDebian are coming and going. So if we want to use it for longer,definitely.
If yes, how does that work?
- Get DPL involved, esp as most cloud providers want a credit cardsomewhere on signup. - Get SPI to sign-off on the contract details.
I assume here that a single DD just created an account and signed
the existing contract?
Then the technical details needs to be figured out. I assume thisaccount should then not be restricted to ci.debian.net, but othersshould be able to use resources as well.
For AWS we have some Terraform code that configures the projects andpermissions to it (yes, I did not forget the AWS account for you
guys). Okay, AWS might be more complex, that's why it requires more
stuff to work correctly.  We might want to do something similar for
Huawei.
I just did a brief look in the documentation to see what our optionsare. A single Huawei account contains a global identity management
and can contain several projects.  So all users and permissions can
only be managed by a global admin user.  But permissions can be
specified on separate projects.  That might work.

Regards, Bastian

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to:

Prev by Date: Processed: Severity: wishlist
Next by Date: Bug#878192:
Previous by thread: Processed: Severity: wishlist
Next by thread: Bug#878192:
Index(es):
- Date
- Thread