Move Hackage to Rackspace
Closed, ResolvedPublic

Description

We should move Hackage onto a separate set of VMs on Rackspace. For one, the current VMs are insanely underpowered and according to Datadog are at almost 100% CPU all the damn time.

We should move Hackage onto a set of two servers - one serving the site (with an nginx frontend), and another doing builds. Having both on the same machine is a security nightmare. Both can be reasonably powerful to ensure they can last for a while.

Second, we should think hard about the security enhancements for the builder. I'm personally favorable to installing grsecurity and hardening the machine. We can think about the Nix situation later (which should be easier to deploy anyway), but in the mean time just beefing it up and locking it down are the priority.

We also need to migrate the data over. I think this can be done pretty easily and efficiently without much downtime, we just have to announce it (especially now that we have http://status.haskell.org)

austin created this task.May 30 2014, 11:10 PM
austin updated the task description. (Show Details)
austin raised the priority of this task from to Needs Triage.
austin claimed this task.
austin added subscribers: austin, relrod.
austin added a subscriber: johnw.May 30 2014, 11:19 PM
austin triaged this task as High priority.May 30 2014, 11:21 PM
austin edited this Maniphest Task.Jun 4 2014, 1:24 AM
austin added a subscriber: duncan.Oct 23 2014, 4:01 PM

OK, so just for the record, me and @duncan attempted this last weekend, but got stalled. We will return ASAP.

austin changed the visibility from "All Users" to "Public (No Login Required)".Oct 25 2014, 3:16 AM
austin changed the edit policy from "All Users" to "Haskell.org Infrastructure (Project)".
davean added a subscriber: davean.Oct 31 2014, 8:12 PM
austin closed this task as Resolved.Nov 19 2014, 8:09 PM

This is now done (and was done by me and @davean a few weeks ago).