Page MenuHomePhabricator
Create Task
Maniphest T324331

Investigate removing maintain-kubeusers from PAWS
Closed, ResolvedPublic
Actions

Description

maintain-kubeusers (https://gerrit.wikimedia.org/g/labs/tools/maintain-kubeusers) is largely for toolforge maintenance, managing quotas, namespaces, and creating a .kube/config for each tool account.

PAWS doesn't do most of these things, quotas are managed statically on the singleuser pod, users all share the same namespace, and non-admin users do not get a .kube/config. Indeed the only thing that the maintain-kubeusers seems to do is for admin users it drops a .kube/config file in their home directories on PAWS nodes. This can be overcome by copying it from /etc. It would come with a few extra abilities, though at the same time, one has to be an admin user, so they would have sudo regardless so far as I know.

Details

SubjectRepoBranchLines +/-
deployments: Drop PAWS deploymentlabs/tools/maintain-kubeusersmaster+0 -63
Customize query in gerrit

Related Objects
Search...

Event Timeline

rook created this task.Dec 2 2022, 1:07 PM
aborrero subscribed.Dec 2 2022, 1:10 PM

+1

taavi subscribed.Dec 2 2022, 1:29 PM

I agree that the value of maintain-kubeusers isn't especially high on PAWS, so no concerns from me on removing it.

rook added a subtask: T326554: Move PAWS to magnum.EditedJan 10 2023, 4:36 PM

This would be removed as an effect of T327261

rook changed the status of subtask T326554: Move PAWS to magnum from Open to In Progress.Jan 17 2023, 3:16 PM
rook edited subtasks, added: T327261: Delete paws kubadmin cluster nodes; removed: T326554: Move PAWS to magnum.Jan 18 2023, 12:48 PM
rook closed subtask T327261: Delete paws kubadmin cluster nodes as Resolved.Feb 7 2023, 12:28 PM
rook closed this task as Resolved.Feb 7 2023, 12:37 PM
rook claimed this task.
taavi mentioned this in T329427: Delete paws.admin LDAP group.Feb 11 2023, 6:47 PM
gerritbot added a comment.Feb 11 2023, 6:48 PM

Change 888293 had a related patch set uploaded (by Majavah; author: Majavah):

[labs/tools/maintain-kubeusers@master] deployments: Drop PAWS deployment

https://gerrit.wikimedia.org/r/888293

gerritbot added a project: Patch-For-Review.Feb 11 2023, 6:48 PM
gerritbot added a comment.Feb 13 2023, 1:06 PM

Change 888293 merged by jenkins-bot:

[labs/tools/maintain-kubeusers@master] deployments: Drop PAWS deployment

https://gerrit.wikimedia.org/r/888293

taavi mentioned this in rLTMK66c1585f5b5d: deployments: Drop PAWS deployment.Feb 13 2023, 1:06 PM
Maintenance_bot removed a project: Patch-For-Review.Feb 13 2023, 1:30 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL