Re: Lagless anonymous CVS service (was Re: hardware for anoncvs)

From: Luis Villa <luis villa gmail com>
To: Ross Golder <ross golder org>
Cc: James Henstridge <james jamesh id au>, gnome-infrastructure gnome org, Jonathan Blandford <jrb redhat com>, GNOME sysadmin list <gnome-sysadmin gnome org>
Subject: Re: Lagless anonymous CVS service (was Re: hardware for anoncvs)
Date: Thu, 25 Aug 2005 12:03:34 -0400

Rock! Thanks very much to everyone. I'd fake a Dr. Seuss quote, but it
is bugday and I'm busy. Thanks...

luis

On 8/24/05, Ross Golder <ross golder org> wrote:
> On พ., 2005-08-24 at 01:37 -0400, Luis Villa wrote:
> > On 8/21/05, Ross Golder <ross golder org> wrote:
> > > On ส., 2005-08-13 at 08:55 -0400, Luis Villa wrote:
> > > > <snipping board since this is not a hardware problem.>
> > > >
> > > > On 03 Aug 2005 01:15:05 -0400, Jonathan Blandford <jrb redhat com> wrote:
> > > > > James Henstridge <james jamesh id au> writes:
> > > > >
> > > > > > Jonathan Blandford wrote:
> > > > > >
> > > > > > >I missed this -- do we actually need hardware for anoncvs?  I'm
> > > > > > >wondering if we can just turn on pserver on container or widget.  When
> > > > > > >we first set up anoncvs, we had pretty poor bandwidth to the gnome.org
> > > > > > >machines and canvas was underpowered.  Things have changed -- we have
> > > > > > >more than enough bandwidth and machine power now.
> > > > > > >
> > > > > > >Tomas, do you have any idea of how much anoncvs traffic we get?  Given
> > > > > > >that container is pretty underutilized, should we look into doing this?
> > > > > > >It would have the added advantage of being current, and not lagged.  We
> > > > > > >could also do it on window, which has a read-only mounting of
> > > > > > >/cvs/gnome, which would make me feel a bit better about it.
> > > > > > >
> > > > > > >
> > > > > > If you do turn on pserver, you might want to look at the patches that
> > > > > > are being used on freedesktop.org so that the cvs pserver runs
> > > > > > completely unprivileged (it essentially forces the '-R' option).
> > > > > >
> > > > > > This makes sure that anonymous sessions can never leave stale locks
> > > > > > around and limits the possible damage when the next CVS vulnerability is
> > > > > > discovered.
> > > > >
> > > > > Oh nice!  I would also love to update container to RHEL4 and set up an
> > > > > selinux security context here, though that's not going to happen for a
> > > > > little bit.  I'll try to track those patches down, though, and give them
> > > > > a look.
> > > > >
> > > > > We should get this going sooner rather than later.
> > > >
> > > > Any update or ETA on this? I realized this morning that many of the
> > > > tinderboxes that are suddenly springing up are running off anoncvs,
> > > > which (given the current lag) makes them much less useful, and is very
> > > > frustrating for these folks when they have to wait quite a while for a
> > > > fix they've gotten committed to go live.
> > > >
> > >
> > > We set up a new anoncvs server earlier, which has no lag at all (works
> > > from an NFS mount of /cvs/gnome). We're just waiting on a colo firewall
> > > update then it should be ready for wider testing. More information to
> > > follow...
> >
> > Awesome. thanks, Ross... (and whoever else has made this happen)
> > Luis
> 
> Done and dusted :) We're lagless from now. See here for more 'fo:
> 
> http://live.gnome.org/AnonymousCVS
> 
> --
> Ross
> 
>

References:
- Re: hardware for anoncvs
  - From: James Henstridge
- Re: hardware for anoncvs
  - From: Jonathan Blandford
- Re: hardware for anoncvs
  - From: Luis Villa
- Lagless anonymous CVS service (was Re: hardware for anoncvs)
  - From: Ross Golder
- Re: Lagless anonymous CVS service (was Re: hardware for anoncvs)
  - From: Luis Villa
- Re: Lagless anonymous CVS service (was Re: hardware for anoncvs)
  - From: Ross Golder

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]