From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id E3276138A1A for ; Tue, 17 Feb 2015 06:48:42 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B56E8E0995; Tue, 17 Feb 2015 06:48:41 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 1EDE6E098A for ; Tue, 17 Feb 2015 06:48:41 +0000 (UTC) Received: by smtp.gentoo.org (Postfix, from userid 2127) id 137F734076E; Tue, 17 Feb 2015 06:48:40 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 118B734076D for ; Tue, 17 Feb 2015 06:48:40 +0000 (UTC) Date: Tue, 17 Feb 2015 06:48:40 +0000 (UTC) From: "Jorge Manuel B. S. Vicetto" To: gentoo-project@lists.gentoo.org Subject: Re: [gentoo-project] Gentoo, GitHub, and the Social Contract In-Reply-To: Message-ID: References: <201502142148.30540.dilfridge@gentoo.org> <20150215070454.12e20dda@pomiot.lan> <54E0C6B2.1080004@gentoo.org> <20150215174248.29a9621b@googlemail.com> <54E12A9C.3080803@gentoo.org> User-Agent: Alpine 2.00 (LNX 1167 2008-08-23) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Project discussion list X-BeenThere: gentoo-project@lists.gentoo.org Reply-To: gentoo-project@lists.gentoo.org MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Archives-Salt: 96231910-43dc-4af3-aae7-40c788dc302a X-Archives-Hash: 3fb0387c88e1017c9ce57dfc41d3f3fc On Sun, 15 Feb 2015, Rich Freeman wrote: > Then you have the core infra. This is stuff where infra spends the > bulk of its time. As I understand it some of the hardware is > Gentoo-owned, and some of it is owned by sponsors who provide infra > access to it. Almost all of this stuff has a sponsor providing > hosting/network/power/etc, and generally if a disk dies or whatever it > ends up being an employee of a sponsor or such who swaps stuff out for > us (perhaps with us sending them the hardware to swap with). > Sponsor-provided stuff tends to have the bulk of the costs paid by > sponsors. Gentoo-owned stuff tends to have the money come from > Gentoo, which comes from our many donors (lots of individuals, and > Google Summer of Code is a big source of income I believe even after > expenses). Recently Gentoo has been kicking in for some of the costs > at one of our sponsors, but they kick in a fair bit themselves. > > So, quite a bit of labor comes from volunteers. However, the "paid > for" bit largely comes down to our sponsors, augmented by numerous > small donations from within the community. > All that said, I honestly don't consider the risk of one of our > sponsors "censoring" us is all that likely unless Gentoo as a > community really got out of hand (such that being associated with us > were damaging to their reputations). The more realistic risk with our > model is that individual sponsors can come and go - maybe a sponsor > gets bought out or goes out of business or just is having hard times > and can't afford to support us any longer. This happens on occasion, > and obviously we try to be gracious about it since they ARE donors > (usually they work with us on migration too). However, my sense is > that most/all of our infra is hand-built servers running on bare > metal, which means that moving services around involves a lot of > labor. It isn't like copying a disk image to a new VM provider and > cutting over DNS, let alone something like puppet/chef/ansible. The infra team maintains an internal wiki for our job. Our systems are installed from an infra built stage4, following some docs, but this is done by different people over time. We do rely "heavily" on two configuration management systems. The older one, cfengine, has been in use for many years. Sometime ago we started migrating to puppet. We've currently still migrating services to puppet. We use some git repositories for specific areas such as dns or for our infra overlay. > As we build out new infra services (whether they be git, gitlab, or > whatever) it would be really nice if the server configs (minus > credentials) could be open. That would make it far easier for others > to contribute to them, automate their deployment, and so on. There > really shouldn't be any reason that somebody shouldn't be able to set > up their own gentoo.org with everything but the domain name. Sure, we > won't get there overnight, but it is a direction that makes sense. We > just don't have the manpower to be excluding potential contributions. We're already using cfengine / puppet for this. We need to review / split service definitions before we can make it public, though. Regards, Jorge Manuel B. S. Vicetto Gentoo Developer