Page MenuHomePhabricator

Come up with an abstract deployment model that roughly addresses the needs of existing projects
Closed, ResolvedPublic

Description

Working from the bottom-up we will try to identify the high-level details of a system that would meet the needs of services projects as well as mediawiki and phabricator deployments.

Outcomes

Some situations that we probably need to explicitly deal with:

Event Timeline

mmodell created this task.Apr 23 2015, 6:46 PM
mmodell claimed this task.
mmodell raised the priority of this task from to Needs Triage.
mmodell updated the task description. (Show Details)
mmodell added a project: Deployments.
mmodell added subscribers: mmodell, mobrovac, demon and 3 others.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 23 2015, 6:46 PM

Draft of the current node.js services deployment process: https://wikitech.wikimedia.org/wiki/User:Mobrovac/Service_Deployment

greg triaged this task as High priority.Apr 29 2015, 4:40 PM
greg lowered the priority of this task from High to Medium.
greg moved this task from To Triage to In-progress on the Deployments board.
mmodell raised the priority of this task from Medium to High.May 5 2015, 12:20 AM

@fgiunchedi: if you have anything to add, please add your thoughts on requirements for sentry deployments

sure, context is https://gerrit.wikimedia.org/r/#/c/201006/ where a python virtualenv is shipped in git, also note that sentry isn't currently deployed but it'll likely be in the future.

One big problem I see ATM is that python virtualenv --relocatable doesn't really work in practice (https://virtualenv.pypa.io/en/latest/userguide.html#making-environments-relocatable) so the path has to be the same in both build host and runtime host

general points I've identified while looking at the code review, mostly on the 'deploy working code onto machines' side of things, rather than deployment policies/mechanics themselves

  • lots of binary files in git which likely change (e.g. .pyc), big size too
  • a 'build' must be easily reproducible, even if it lives in git (e.g. for security updates)

Here's my attempt at diagramming the process as a sequence diagram.

see P709 for the source code

mmodell updated the task description. (Show Details)Jun 3 2015, 1:03 AM
mmodell set Security to None.
mmodell updated the task description. (Show Details)Jun 4 2015, 4:52 AM
mmodell closed this task as Resolved.Jun 8 2015, 5:56 PM
greg updated the task description. (Show Details)Jun 26 2015, 11:02 PM
greg added a project: releng-201415-Q4.