[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Please give a summary (Was: Debian services and Debian infrastructure)

Andreas Tille writes ("Please give a summary (Was: Debian services and Debian infrastructure)"):
> as a random reader I have the feeling that this thread is about a
> conflict between DSA members and DPL.  For me all these mails do not
> make the slightest sense and it would help if someone could give a
> summary what you are talking about and if possible give some example
> what you think is OK and what not.

AFAICT the DPL (and perhaps some other people) have been offered the
opportunity to obtain donated "cloud hosting".  That is, VMs which
would be hosted by the cloud provider for free but administered by
Debian folk.

That's nice and a thing we might want to take advantage of.  (In my
day job with the Xen Project, we make extensive use of VM hosting
graciously donated by Rackspace, for example.)

Lucas seems to be intending to mediate these offers to interested DDs
(who have Debian-related uses for a VM) directly, with the apparent
expectation that those DDs would end up administering those VMs
directly in an ad hoc manner.  DSA haven't been involved or informed
(until now).

I can see at least three problems with this, which have been mentioned
in this and previous threads:

Firstly, there is the prospect that "bad things" would happen to these
VMs.  For example, they might get compromised; or access to them could
be lost when the invididual DDs who had been running them leave or go
on vacation.  This would be bad for the project, and of course it's
bad for DSA because in such a situation DSA would be asked about these
VMs and expected to fix it but have no access to or knowledge about

Secondly, there is the risk that there would be no coherent way to
retire these VMs when they are no longer needed.  When we take on
ongoing donated resources like that, there should be a mechanism for
ensuring that the project knows about them, can periodically check
that they're still being used and needed, etc.

Thirdly, it increases the risk of services being developed in a way
that would make them hard to deploy on DSA-managed infrastructure.
Developers of services would benefit from early contact with DSA to
understand at least in general terms how to make a readily deployable
and maintainable online service.

Fourthly, it appears to be inconsistent with the DPL's DSA delegation,
which specifically delegates to DSA the sysadmin responsibility for
all of Debian's systems (which clearly ought to include these VMs).

This whole affair is a nontrivial social problem because it gives the
impression that the DPL lacks confidence in DSA, and vice versa.


Reply to: