|Demo of cluster-wide distributed logging|
- Logging system based on Kibana and
fluentd demonstrated. Able to collect messages by ingesting (and reading the tail of) existing physical log files, as well as by connecting to
syslog message streams.
- Already ingesting JupyterLab and Qserv logs.
- Discussion of access to host logs:
- May we have a small number of key people have direct access to the logs?
- Would it be possible to ingest the logs to Kibana?
- Is there an API for Kibana? Yes. Is there a facility for setting up alerts? Yes, a very complex one.
- Storage is currently local to the hosts.
- Authorization not configured yet. Starting to explore some basic possibilities.
- When can this be made available? Sometime after Christine Banek comes back from the IVOA meeting.
- Any chance of making the prototype available to the Qserv team, even without auth, behind the VPN?
- Brian: we could put it behind the Oauth proxy
|Release of A&A|
- Our changes to
oauth2_proxy are in the process of being accepted upstream. There seems to be a lot of enthusiasm for this.
- Need a code review of the authorizer.
- Will move to
lsst Github org after code review.
- Frossie Economou wants someone else to have practiced deployment before it gets applied to
- Requires deployment documentation ("recipe").
- Need documentation for how to apply the proxy to a new service.
- Target being ready to deploy to
-stable by end of May 2019.
- Is there going to be an external review?
|Schedule for, and prerequisites for, the move of |
-stable to the new cluster and outside the VPN
|Schedule for applying SSO to |