Project Information
- Name of tool/project: Toolforge Kubernetes Security Design and Controls
- Project home page: https://tools.wmflabs.org/admin/
- Name of team requesting review: Wikimedia Cloud Services
- Primary contact: Brooke Storm
- Target date for deployment: It's deployed and has been for years, but we just redesigned it. The redesigned one is also already deployed, but only for a month or so. This is for reviewing the security design before it is completely published. All puppet code, controller code and even the RBAC and pod security policy design is publicly published, really.
- Link to code repository / patchset: https://docs.google.com/document/d/1QNbkrzE8M1HN7LR1ySN_MBjgVJhgyAN6nO_JJFCFTB0/edit# (links to the wikitech published parts are in there).
Description of the tool/project:
Toolforge is a platform-as-a-service aimed at the simplified deployment and maintenance of web tools, bots and cron jobs that are managed by their respective owners for the benefit of the Wikimedia movement. This portion of Toolforge, the Kubernetes cluster, is the primary execution layer for web services and is the focus for future service development.
Description of how the tool will be used at WMF:
It is used quite a lot already. Tools are written and deployed by community members (internal and external to the Foundation) to do everything from running IRC bots to batch editing Wikidata and tracking vandalism. Some 30%-40% of all wiki edits come from the Cloud Services IP range, and it is likely safe to say that a large proportion of that comes from Toolforge. Users range from members of the WMCS team itself to individuals online that we have never met who are approved through a cursory vetting process of asking if they have Wikimedia-related work in mind. For that reason, good controls are important.
Dependencies
Please see the linked document. There are many.
Has this project been reviewed before?
Not outside the WMCS team.
Working test environment
There is toolsbeta, which has no link, unfortunately. The cluster has a control-plane of three nodes named toolsbeta-test-k8s-control-[123].
Post-deployment
Wikimedia Cloud Services is and will be responsible for this service for the foreseeable future.