►
From YouTube: 2021 02 02 Jenkins Infra Meeting
Description
Jenkins infra team meeting Feb 2, 2021
A
Hi
everybody
welcome
for
this
new
jenkins
infrastructure
meeting.
So
the
first
topic
that
I
want
to
cover
is
this
weekend:
it's
the
first
damn
which
is
a
major
open
source
event
for
the
jenkins
community,
we'll
be
there
and
I'm
planning
to
do
some
demo
if
people
are
interested.
A
But
basically
what
I
really
want
to
highlight
here
is
don't
break
things
before
this
weekend,
because
I
don't
want
to
have
to
deal
with
infrastructure
issues
over
the
weekend.
So
if
you,
if
you,
if
you're
afraid
to
change
something
just
hold
on
until
monday
and
then
we'll
have
plenty
time
to
to
fix
every
issues
related
to
infra,
so
don't
don't
don't
change
major
stuff
and
if
you
want
to
demo
something
or
learn
something
feel
free
to
ask,
and
I
can
prepare
that
for
these
weekends
we
also
have.
A
I
just
invite
you
to
look
at
the
fosdem
website
for
any
content
related
to
that,
and
one
last
thing
I
think
it's
worthwhile
to
highlight
as
well.
The
first
theme
has
a
specific
chat
room,
so
everybody
can
just
join,
create
an
account
and
talk.
A
So
if
you
don't
know
what
you
do
on
saturday
and
sunday
feel
free
to
just
install
that
application
on
your
smartphone
and
participate
with
us,
if
you
are
available
at
least
to
answer
questions,
so
that
was
the
first
thing
that
I
want
to
cover
any
question
nope
and
then
let's
continue.
The
next
topic
is
about
rootless,
glp
agents,
so
something
that
we,
I
would
not
say
discover,
but
that
we
that
we
decided
that
we
want
to
change
last.
A
We
are
building
specific
glp
agent,
docker
images
agents
for
that
we
use
in
ci
dodging
in
that
io.
So
those
agents
include
node,
titan
ruby.
I
mean
those
are
pretty
generic
images
and
they
are
usually
running
as
roots,
and
so
basically,
what
we
want
is
we
want
to
have
images
running
with
jenkins
users
using
the
uid,
1000
and
so
cara
and
damien
are
working
on
that
something
that
they
realized
during
the
process
that
we
were
shipping,
a
glb
agent-alpine
docker
image,
which
is
which
does
nothing.
A
I
mean
it's
just
redundant
with
the
default
glp,
the
default
inbound
agents.
So
the
plan
is
to
duplicate
that
specific
image,
we'll
communicate
that
on
the
mailing
list.
But
basically,
if
you
are
using
it,
that's
the
right
time
to
stop
using
it
and
to
use
the
inbound
agent
yeah,
we'll
probably
delete
that
image
in
the
coming
weeks,
and
if
you
are
relying
on
those
tnlp
agents,
we
also
invite
you
to
to
to
to
double
check
that
you.
A
If
you
need
the
root
user
or
not,
I
mean
the
root
user
is
still
there.
It's
just
that
by
default,
it
won't
be
the
the
default
user.
So
that's
it
any
question
anything
to
add.
A
No.
The
la
the
next
topic
is
about
jenkins
in
france.
So
what
I
want
to
highlight
here
so
we
made
we
made
a
few
refactoring
to
them,
one
of
the
tools
that
we
use
on
that
git
repository,
which
is
update,
cli
and
basically
it
broke
the
pipeline
since
friday.
So
we
have
many
ongoing
changes
that
need
to
happen.
A
We
were
waiting
for
the
release
to
happen
today,
which
is
done
now,
so
we'll
probably
try
to
re-enable
the
job
again,
but
yeah.
There
are
many
pr's,
so
feel,
free
to
review
them,
and
and
otherwise
we'll
apply
them
in
the
coming
days,
but
again
we'll
try
to
pay
attention
to
not
introduce
major
changes.
A
A
I
think
all
he
said
the
next
topic,
which
is
so
damian
started,
looking
at
deploying
a
kubernetes
cluster
on
our
amazon
account.
So
the
idea
would
be
to
use
that
kubernetes
cluster,
just
for
jenkins
agents
from
ci
teaching,
kids
that
I
o
so
damien
wrote
the
terraform
code
to
deploy
that
you
build
a
specific
docker
image
containing
the
terraform
version
that
we
need
needs.
So
there
is
already
a
git
repository.
A
If
I
remember
correctly,
it's
a
jenkins
infraslash
aws,
like
the
same
pattern
that
jenkins
influence
azure
so
feel
free
to
make
any
comments
there.
The
plan
here
is
just
to
use
it
to
replace
the
azure
container
instances,
so
we
would
just
provision
we
would
just
configure
specific
agents
and
see
her
jenkins.
I
o
that
will
just
provision
butts
on
that
lester,
so
more
testing
in
the
coming
week,
and
the
last
topic
that
I
put
I
mean
for
me
to
the
argentina-
was
a
few
few
things
regarding
servarion.
A
So
we
had
issues
we
had
issues
with
surveillance,
so
surveillance,
one
of
the
mirrors
that
we
are
using
in
the
infrastructure
since
many
years
now
they
had
hardware
issues
during
the
months
of
december.
A
They
put
that
mirror
on
maintenance,
they've
solved
hardware
issue
one
weeks
ago,
and
we
had
a
second
thing
with
that
specific
miracle,
which
is
they
were
using
an
ip
from
the
united
states,
even
though
the
cluster
the
server
was
running
in
netherlands.
A
So
we
asked
the
mirror
maintainer
to
use
a
different
ip,
so
some
mirror
bits
could
detect
the
right
location
for
the
server,
but
apparently
it
took
more
than
a
day
to
update
the
dns
records,
so
we
temporary
disable
savarion.
A
I
documented
the
procedure
to
disable
that
mirror
again
in
the
future,
so
normally
someone
else
should
be
able
to
disable
it
more
quickly.
We
still
have
to
put
in
place
monitoring
for
every
mirrors.
So
if
someone
is
interested
to
contribute
to
that,
I
can
show
how
it's
not
not
really
complicated.
A
As
long
as
you
know
where
to
look
and
so
yeah,
so
normally
everything
should
be
back
now.
I
have
to
do
the
check
the
states
of
the
dennis
records
and,
if
it's
working
correctly,
we'll
probably
just
put
it
back
to
the
pool.
B
So
so
we
had
some
very
high
visibility
failures
due
to
the
serverion
server.
I'm
really
worried
about
putting
it
back
online,
I'm
my
trust
level
in
serverion's
ability
to
manage
that
thing
has
has
decreased,
that's
a
terrible
thing
to
say,
but
but
I'm
I'm
worried
about
them,
so
you
is
it.
Is
it
online
now
olivier
or
is
it
so.
A
B
A
I
mean
last
time
I
checked
that
was
the
server
was
online,
so
I
they
don't
have
they
don't
have
any
so
for
me
it
was
working
correctly.
So
when
I
did
the
test
last
friday,
it
was
working
as
expected.
A
A
So
my
the
way
I
would
proceed,
I
mean
there
is
no
reason
now
that
there
is
no
reason
that
it's
done
again,
so
I
I
would
put
that
mirror
to
monitoring.
So
we
could
identify
the
response
time,
and
so,
if
we
detect
any
high
response,
time
are
issues
which
we
can
just
easily
disable.
A
C
I
think
it
was
the
the
ttl
on
his
own
record
was
set
too
high,
so
it's
just
not
propagating
fast
enough.
So
some,
not
all
not
all
dns
sort
of
relays
correctly
adhere
to
the
ttl
anyway,
but
yeah.
A
Yeah
well,
I
checked,
I
think
the
ttl
was
one
hour,
but
again
not
every
dennis
the
dns
server
under
the
helicopter
correctly
and
from
my
experience
each
time
you
change
the
dns
records.
It's
always.
It
always
leads
to
a
horse
and
especially
considering
the
amount
of
jenkins
instance
relying
on
that
mirror.
So.
B
I
mean
the
g.
The
incorrect
go
ip
already
made
it
complicated
because
it
meant
major
jenkins
users
on
the
eastern
coast
of
the
united
states
were
going
to
that
location
and
we
had
one
very,
very
high
visibility
person,
martin
dionsho,
who
who
he's
based
in
in
french
canada.
You
know
so
quebec
area
and
he
had
major
failures
because
cervarian
was
unreliable
and
and
that's
a
for
me,
that's
an
awkward
thing
to
to
have
somebody.
A
B
Because
if
it's
flap-
and
I
those
dns
queries,
I
don't
think
we're
monitoring
those
right.
That's
a
facet
of
operations
that
I've
never
monitored
before
is
is
is.
Are
we
getting
dms
flapping
the
thing?
The
tool
that
gareth
highlighted
is
something
I've
never
seen
before.
It
looks
like
a
brilliant
tool.
B
E
A
A
B
It-
and
it
means
it's
already-
it's
already-
okay,
all
right,
so
it's
you're
just
not
going
to
enable
it
great
that
that's
perfect,
because
that
says,
just
like
your,
your
argument
was
earlier
that
we
should
things
that
we're
worried
about.
We
should
not
implement
before
positive.
This
is
one
for
me.
We
should
not
enable
serverion's
mirror
until
after
fosdem,
when
we
can
look
at
it
more
depth.
A
Yeah,
I'm
double
checking
that
now
and
it's
definitely
disabled
for
now
perfect
that
that
covered
my.
A
No,
no,
that's
fine
and
also
one
something.
I
don't
know.
If
you
miss
that
information,
you
don't
need
a
kubernetes
access
to
disable
mirror
bits.
So
you
need
a
mirror
bits
client
with
the
right
configuration.
So
if
you
can
manage
to
have
so
basically
the
configuration
is
stored
in
the
redis
database.
A
So
either
you
access
the
redis
database
and
you
manipulate
or
release
database,
which
sounds
like
awful.
But
if
you
have
the
configuration
file,
you
can
just
run
mirror
bits
command,
pointing
to
the
right
configuration
and
then
you
can
provide
commands
like
list
mirrors,
edit
mirrors
and
blah
blah,
and
because
of
the
outage
we
had
back
in
november.
B
B
I
also
haven't
done
any
experiments
yet
with
oracle
for
startups
to
see
what
it
would
mean
after
fosdem.
My
first
thought
of
an
experiment
is
to
use
their
phoenix
data
center
as
a
mirror,
but
that
may
be
a
too
dangerous
a
thing
that
would
give
us
a
mirror,
that's
closer
to
the
u.s
west
coast
and
and
give
us
a
chance
to
experiment
with
oracle's
infrastructure,
I'm
open
to
others,
though
we
could
also
try
different
things.
A
So
what
I
propose
is
to
we,
maybe
we
can
plan
a
session
together
and
we
just
deploy
mirrors
that
that
would
be
a
simple
service
to
deploy
and
that
do
not
rely
on
specific
cloud
vendor
and
because
there
is
already
a
heim
chart
for
that.
B
A
And
if
you
want,
if
you
maybe
not,
in
fact
I
was
suggesting-
maybe
we
can
also
deploy
in
the
same
region
than
the
azure
cluster,
but
the
problem
is
because
we
have
a
mirror
running
on
the
kubernetes
cluster.
A
We
have
azure.azure.com,
but
it
would
be
difficult
to
identify
the
traffic
specific
to
the
azure
that
mirror
versus
all
the
other
services
running
on
that
cluster,
but
yeah
anyway
I'll
propose
that
we
plan
a
session
next
week,
but
once
once
you
start
once
you
create
the
accounts,
we
should
use
it
because
usually
they
don't
sponsor
for
years.
Basically
right
yeah,
that's
all
I
had
on
that
topic.
A
So
so,
basically,
the
way
sponsoring
work
is
when
you
create
an
account,
they
usually
say
they
offer
you
sponsoring
for
one
year
to
a
year
three
years
and
the
problem
is
in
this
case
two
years.
The
problem
is,
if
you
create
the
accounts
and
don't
work
on
that
for
six
months
the
day
you
work
on
the
account
you
just
do
six
months
of
sponsoring.
A
So
that's
why
I'm
saying
if
you
enable
it,
you
should
start
using
it
and
the
last
topic
to
the
agenda,
which
is
the
jenkins
release.
The
latest
jenkins
weekly
release
is
done,
so
the
good
thing
is
character.
Change
did
not
break
the
release
process.
B
A
So
so,
just
for
the
people
who
don't
know
what
we
are
talking
here,
so
I
did
the
first
version.
I
did
a
first
python
script
to
detect.
What's
the
latest
version,
it
was
working
for
weekly
releases,
but
it
was
not
working
for
stable
releases.
That's
the
first
thing.
The
second
thing
is:
that's
python
scripts
needed
to
be
used
from
different
location
and
because
it
was
a
python
script,
it
put
a
strong
requirement
in
having
a
python
environment,
and
so
basically,
what
gary
did
was
to
rewrite
the
script
that
I
wrote
initially
in
co
line.
A
So
it's
smaller,
it's
a
small
binary
that
we
can
use.
I
mean
from
everywhere,
so
we
just
download
the
button
binary
and
then
we
can
use
it
and
also
it
supports
the
stable
release
version,
which
means
that
for
stable
release,
we
could
simplify
the
number
of
by
one
number
of
steps
that
we
have
to
do
for
a
new
release.