Project

General

Profile

Bug #12833

Implement our masterplan about fallback DNS round-robin pool & HTTPS

Added by u over 2 years ago. Updated 7 months ago.

Status:
In Progress
Priority:
Normal
Assignee:
-
Category:
Infrastructure
Target version:
-
Start date:
06/21/2017
Due date:
% Done:

0%

Feature Branch:
451f/mirror-pool-dispatcher.git/master and 451f:tails.git/feature/12833+use_wikimedia_mirror
Type of work:
Research
Starter:
Affected tool:


Related issues

Related to Tails - Feature #9796: HTTPS mirrors Resolved 06/21/2017
Blocked by Tails - Feature #15908: Update blueprints, design docs and manual test instructions WRT Wikimedia fallback mirror Confirmed 09/03/2018

Associated revisions

Revision 658348e5 (diff)
Added by u almost 2 years ago

Add plan HTTPS mirrors in our fallback pool to refs: #12833

Revision b9d62c3c (diff)
Added by u almost 2 years ago

Improve mdwn refs: #12833

History

#1 Updated by u over 2 years ago

  • Status changed from New to Confirmed

#2 Updated by intrigeri over 2 years ago

  • Category set to Infrastructure
  • Target version set to 2017

(Like the parent ticket.)

#3 Updated by intrigeri almost 2 years ago

  • Assignee changed from intrigeri to u
  • QA Check set to Info Needed

Hi u! At the summit this year we thought we would be able to do this by the end of 2017. I'm still confident this can happen! How about we schedule two 2-3h Mumble working sessions in December about it? I'm confident one such session could be sufficient to come up with a good idea of how to solve the problem, and the second session could be about documenting it properly and starting the implementation work. If you agree, let's schedule this over private email.

#4 Updated by u almost 2 years ago

intrigeri wrote:

Hi u! At the summit this year we thought we would be able to do this by the end of 2017. I'm still confident this can happen! How about we schedule two 2-3h Mumble working sessions in December about it? I'm confident one such session could be sufficient to come up with a good idea of how to solve the problem, and the second session could be about documenting it properly and starting the implementation work. If you agree, let's schedule this over private email.

yes please!! Sending you an email to find a suitable date.

#5 Updated by intrigeri almost 2 years ago

  • Target version changed from 2017 to Tails_3.5
  • QA Check deleted (Info Needed)

We have a date!

#6 Updated by intrigeri almost 2 years ago

  • Assignee changed from u to intrigeri

Postponed, I'll coordinate the process to find a new date.

#7 Updated by intrigeri almost 2 years ago

  • Assignee changed from intrigeri to u

Proposed a date over email.

#8 Updated by intrigeri almost 2 years ago

We have a (new) date!

#9 Updated by intrigeri almost 2 years ago

  • Target version changed from Tails_3.5 to Tails_3.6

#10 Updated by u almost 2 years ago

  • Status changed from Confirmed to In Progress

#11 Updated by u almost 2 years ago

  • Blueprint set to https://tails.boum.org/blueprint/HTTP_mirror_pool/

#12 Updated by u almost 2 years ago

We added our new plan to the blueprint in 658348e5917017c010abe240623ef20fe019ae80.

#13 Updated by u almost 2 years ago

  • Subject changed from Think about fallback DNS round-robin pool & HTTPS to Implement our masterplan about fallback DNS round-robin pool & HTTPS

#14 Updated by u almost 2 years ago

  • Target version changed from Tails_3.6 to Tails_3.7

#15 Updated by geb almost 2 years ago

Hello,

I was reading https://tails.boum.org/blueprint/HTTP_mirror_pool/#index6h2 following the january monthly report. Great plan !

However, I feel a bit concern by adding a strong dependancy to a mirror we don't control and hardcoding it. What would happen for example for upgrades if this mirror become inaccessible / have to remove tails / ... ? Could you please clarify its role for upgrades ? Would other mirrors be checked if it become unaccessible ?

#16 Updated by intrigeri almost 2 years ago

  • Blueprint changed from https://tails.boum.org/blueprint/HTTP_mirror_pool/ to https://tails.boum.org/blueprint/HTTP_mirror_pool/#HTTPS

However, I feel a bit concerned by adding a strong dependance to one mirror we don't control and hardcoding it. What would append for example for upgrades if this mirror become inaccessible / have to remove tails / ... ?

Tails Upgrader does not use the fallback mirror but the regular mirror pool.

#17 Updated by geb almost 2 years ago

Hi,

intrigeri wrote:

Tails Upgrader does not use the fallback mirror but the regular mirror pool.

Thanks for the clarification ! I was missleading by the mention of the tails upgrader in the blueprint.

#18 Updated by bertagaz over 1 year ago

  • Target version changed from Tails_3.7 to Tails_3.8

#19 Updated by u over 1 year ago

@intrigeri: do we agree that I should start working on these points:

deploy in lockstep on our live website:

- change fallback_download_url_prefix in mirror-pool-dispatcher [u]
- change all instances of http://dl.a.b.ohttps://mirrors.wikimedia on our website [u]
- except in UDFs

?

#20 Updated by intrigeri over 1 year ago

@intrigeri: do we agree that I should start working on these points:

deploy in lockstep on our live website:

- change fallback_download_url_prefix in mirror-pool-dispatcher [u]
- change all instances of http://dl.a.b.ohttps://mirrors.wikimedia on our website [u]
- except in UDFs

Yes. Make sure you prepare this on a topic branch: some other bits need to be ready before we merge this (just added one we had forgotten to the blueprint). I'll gladly review it :)

Next thing will be to update the plan and sanity check the deployment timeline: things got postponed so the version numbers and RM names are now wrong. Our plan was crafted in a way that I was the RM for the release that's going to be tricky (initially 3.8 but that's not going to happen like this since we did not release any of the needed changes in 3.7). I don't think that shifting numbers will give us this property so we probably need to rethink our deployment timeline a little bit, or at least check that the RM for the tricky release is in a position to avoid messing it up :)

#21 Updated by intrigeri over 1 year ago

  • Target version changed from Tails_3.8 to Tails_3.9

#22 Updated by u over 1 year ago

u wrote:

- change fallback_download_url_prefix in mirror-pool-dispatcher [u]
- change all instances of http://dl.a.b.ohttps://mirrors.wikimedia on our website [u]

I've asked the operator of this mirror in person if that works out for them and they said "By all means, go for it!"

#23 Updated by intrigeri over 1 year ago

I've asked the operator of this mirror in person if that works out for them and they said "By all means, go for it!"

:)))

#24 Updated by u about 1 year ago

  • Target version changed from Tails_3.9 to Tails_3.10.1

I'll do that asap, but likely it'll be for 3.10.

#25 Updated by u about 1 year ago

u wrote:

u wrote:

- change fallback_download_url_prefix in mirror-pool-dispatcher [u]

Done in 8886e9625f621f7eb6bde39333a85a707c2692ea on 451f/mirror-pool-dispatcher.git/master.
I did not push this to mirror-pool-dispatcher.git/master because the rest of the URLs needs to be adjusted for this to work.

#26 Updated by u about 1 year ago

We need to update contribute/how/mirror.mdwn accordingly.

#27 Updated by u about 1 year ago

We need to update contribute/design/mirrors.mdwn accordingly.

#28 Updated by u about 1 year ago

  • Feature Branch set to 451f/mirror-pool-dispatcher.git/master and 451f:tails.git/feature/12833+use_wikimedia_mirror

#29 Updated by u about 1 year ago

  • Blocked by Feature #15908: Update blueprints, design docs and manual test instructions WRT Wikimedia fallback mirror added

#30 Updated by u about 1 year ago

Also see 451f:tails/feature/12833+use_wikimedia_mirror

6f6064f2115b28cb18144ffcc9a891d5a26aec11
a362d1bc5894aa9772461363632d0cd17494578c

#31 Updated by u about 1 year ago

  • Assignee changed from u to intrigeri

I believe that's all I can do to help.

#32 Updated by intrigeri about 1 year ago

  • Target version changed from Tails_3.10.1 to Tails_3.12

The next steps (https://tails.boum.org/blueprint/HTTP_mirror_pool/#HTTPS) require lots of coordination with the RMs and a good understanding from them of what's at stake and how it works. Our initial plan for 3.7 & 3.8 took this into account. I don't want to do this while we're onboarding a new RM for 3.10 and have no clue yet who'll RM the next releases so I'll come back to it in a few months. Besides, as discussed at the summit, the most important part of #9796 was done already so I'll take it easy here for the next steps.

#33 Updated by intrigeri 11 months ago

  • Target version deleted (Tails_3.12)

It's unclear who'll be the RM for 3.12 and given the current state of our group of RMs, I don't know when I'll feel confident adding this to our plate.

#34 Updated by intrigeri 8 months ago

  • Parent task deleted (#9796)

(I want to close #9796.)

#35 Updated by intrigeri 8 months ago

#36 Updated by intrigeri 7 months ago

  • Assignee deleted (intrigeri)

I don't see when I'll have time to work on this.

Also available in: Atom PDF