Taavi knowledge transfer: python-flask-keystone, novaproxy, enc api
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Andrew
	Apr 12 2024, 9:51 PM

Description

Taavi writes:

I look after the Novaproxy and Puppet ENC APIs. They're functionally rather stable, but need regular OS upgrades and tweaks to match library upgrades in newer OS versions. <- Andrew will inherit
** This means I'm the de facto maintainer of the python-flask-keystone package (https://gitlab.wikimedia.org/repos/cloud/deb/python-flask-keystone) that they use for authentication. The libraries were originally written by Rackspace, were Debianized (as Wikimedia-specific debs) by me, and are today logging some deprecation warnings that we'll need to eventually fix to be able to upgrade the hosts these APIs run on.

I'm pretty familiar with the proxy and enc api, but need to learn more about that abandoned package!

Related Objects
Search...

Status	Assigned	Task
		Restricted Task
Resolved	Andrew	T305828 upgrade cloud-vps openstack to Openstack version 'Yoga'
Resolved	Andrew	T296561 upgrade cloud-vps openstack to Openstack version 'Xena'
Resolved	rook	T281275 upgrade cloud-vps openstack to Openstack version 'Wallaby'
Resolved	Andrew	T281276 Upgrade cloud-vps openstack hosts to Debian 'Bullseye'
Resolved	aborrero	T302050 prometheus-openstack-exporter in Bullseye
Resolved	dcaro	T302178 prometheus-openstack-exporter No module named 'urlparse'
Resolved	aborrero	T333975 Cloud VPS: refresh openstack resources grafana dashboard
Resolved	Andrew	T335943 prometheus-openstack-exporter: collected data shows regular null intervals
Resolved	Andrew	T335978 openstack: consider removing references to old hardware from the database
Resolved	Andrew	T362443 Learn how to do what Taavi does
Resolved	Andrew	T362449 Taavi knowledge transfer: python-flask-keystone, novaproxy, enc api

Event Timeline

Andrew created this task.Apr 12 2024, 9:51 PM

From a meeting about these services today:

novaproxy api + enc api
+ Added keystone auth
+ Less horizon integration, mostly managed via the api code
+ keystoneauth deprecation wornings, from the flask/keystone integration

We might wind up maintainign/hosting the keystone/flask library

Possible future fixes:

remove the redis layer
suppor arbitrary (non-designate-managed) domains for novaproxy; allow proxy to redirect from/to 'vanity' domains

Novaproxy canonical data is in the cloudinfra dabases; redis is a cache to provide quick response for nginx

I (Andrew) am accepting this task to investigate deprecation warnings in these services and (probably) take over maintenance of python-flask-keystone.

taavi closed this task as Resolved.Jun 28 2024, 9:14 AM

Taavi knowledge transfer: python-flask-keystone, novaproxy, enc apiClosed, ResolvedPublicActions

Description

Related ObjectsSearch...

Event Timeline

Taavi knowledge transfer: python-flask-keystone, novaproxy, enc api
Closed, ResolvedPublic
Actions

Related Objects
Search...