Page MenuHomePhabricator
Create Task
Maniphest T200312

Remove data from Hadoop's HDFS as part of the user offboard workflow
Closed, ResolvedPublic
Actions

Description

The Analytics team has to periodically go through the /user directory in HDFS to check if any PII data is kept beyond the retention guidelines. Sometimes we find that users not active anymore still hold data on HDFS (and possibly databases in Hive). It would be great if as part of VerboseOffboard we could also add a step to ensure that no HDFS/Hive-database/etc.. data is retained, unless strictly necessary. This new bit could be applied to only users in certain groups (like analytics-privatedata-users). How does this proposal sound?

Details

SubjectRepoBranchLines +/-
Print group memberships which granted Hadoop access to check for HDFS cleanupsoperations/puppetproduction+126 -33
Customize query in gerrit

Related Objects
Search...

StatusSubtypeAssignedTask
Restricted Task
Restricted Task
 ResolvedNoneT200312 Remove data from Hadoop's HDFS as part of the user offboard workflow

Event Timeline

elukey created this task.Jul 25 2018, 9:04 AM
elukey created this object with visibility "Custom Policy".
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 25 2018, 9:04 AM
elukey updated the task description. (Show Details)Jul 25 2018, 9:05 AM
elukey added subscribers: MoritzMuehlenhoff, faidon.
elukey changed the visibility from "Custom Policy" to "Public (No Login Required)".Jul 26 2018, 9:43 AM
fdans moved this task from Incoming to Radar on the Analytics board.Jul 26 2018, 3:21 PM
Tbayer subscribed.Jul 31 2018, 6:37 AM
herron triaged this task as Medium priority.Aug 3 2018, 9:09 PM
srodlund moved this task from Backlog to Update or Improvement Needed to Existing Technical Documentation on the Documentation board.Aug 16 2018, 5:45 PM
elukey added a comment.Aug 27 2018, 1:46 PM

The users might leave PII data in the following places:

  • /home/$USER dir on the stat boxes
  • /user/$USER dir on HDFS
  • Hive databases on HDFS
chasemp subscribed.Aug 29 2018, 1:44 PM
gerritbot subscribed.Sep 10 2018, 2:14 PM

Change 459558 had a related patch set uploaded (by Muehlenhoff; owner: Muehlenhoff):
[operations/puppet@production] Print group memberships which granted Hadoop access to check for HDFS cleanups

https://gerrit.wikimedia.org/r/459558

gerritbot added a project: Patch-For-Review.Sep 10 2018, 2:14 PM
jcrespo subscribed.Sep 10 2018, 4:47 PM
gerritbot added a comment.Oct 5 2018, 8:03 AM

Change 459558 merged by Muehlenhoff:
[operations/puppet@production] Print group memberships which granted Hadoop access to check for HDFS cleanups

https://gerrit.wikimedia.org/r/459558

Phabricator_maintenance moved this task from Backlog to Acknowledged on the SRE board.Jan 26 2019, 10:12 PM
elukey closed this task as Resolved.Mar 6 2019, 11:46 AM
Aklapper edited projects, added Analytics-Radar; removed Analytics.Jun 10 2020, 6:44 AM
Maintenance_bot removed a project: Patch-For-Review.Jun 10 2020, 7:14 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL