Opened 2 months ago

Closed 3 weeks ago

#31700 closed project (fixed)

decomission jabber server

Reported by: anarcat Owned by: anarcat
Priority: Medium Milestone:
Component: Internal Services/Service - jabber Version:
Severity: Normal Keywords:
Cc: anarcat Actual Points:
Parent ID: #31686 Points:
Reviewer: Sponsor:

Description (last modified by anarcat)

the jabber server is not really used anymore, and we need the LDAP field for the new email service (in #30608).

decommission the server (chamaemoly) with a warning period for users to have time to migrate their rosters off the server.

roadmap:

  1. T-30d (2019-09-16): warn users about impeding shutdown,
  2. T (2019-10-16): shutdown the jabber service itself (service prosody stop)
  3. T+7d (2019-10-23): start the server decommissioning process
    • remove from nagios
    • "undefine" the VM
    • queue disk destruction in another +7d
    • remove from LDAP
    • remove from DNS
    • remove from Puppet
    • remove from tor-passwords
    • remove from documentation
    • schedule backup cleanup (+30d?)

Child Tickets

Change History (7)

comment:1 Changed 2 months ago by anarcat

there are 32 users on the LDAP server, and we might be able to directly email some of them, see the output of:

cut -d: -f1 /var/local/rtc-passwords.prosody

for a list of emails.

out of those 32 users, only a third (11) have logged in in the last year, and only 12% (4) in the last month.

so i think it's fair to see it's underused and i think people can find other places for their IM service.

next step is to write an announcement for the host retirement and send it to those people and tor-project@...

comment:2 Changed 2 months ago by anarcat

i wrote an announcement, will send after approval from vegas

comment:3 Changed 2 months ago by anarcat

reviewed, approved, and sent to tp@….

https://lists.torproject.org/pipermail/tor-project/2019-September/002485.html

next step: host shutdown and retirement procedure, in 30 days.

comment:4 Changed 2 months ago by anarcat

Description: modified (diff)

comment:5 Changed 2 months ago by anarcat

Parent ID: #30608#31686

comment:6 Changed 3 weeks ago by anarcat

  1. step one already done
  2. virsh shutdown chamaemoly.torproject.org
  3. virsh undefine chamaemoly.torproject.org
  4. echo rm /srv/vmstore/chamaemoly.torproject.org/* \; rmdir /srv/vmstore/chamaemoly.torproject.org/ | at now + 7 day
  5. removed from alberti, no host-specific sudo
  6. removed SRV records
  7. host=chamaemoly; puppet node clean $host.torproject.org && puppet node deactivate $host.torproject.org
  8. removed from puppet, which was quite a bit (virtual email alias, hiera, sudoers entry and role, which include TLSA entry which puppet cleaned up on nevii)
  9. removed from tor-passwords
  10. removed from spreadsheet and moved to retired in the Trac wiki service list, also added a warning on the jabber docs page
  11. removed from nagios
  12. echo rm -rf /srv/backups/bacula/chamaemoly.torproject.org-OLD | at now + 30 days
  13. the jabber service was using the torproject.org X509 cert, I believe, so nothing to remove here?
  14. not a standalone machine

We're all done here, Jabber is gone!

comment:7 Changed 3 weeks ago by anarcat

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.