[tor-bugs] #14354 [Tor]: Improve torflow engineering quality and deployment procedure (was: Figure out a good solution for all the dirauth scripts)

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Mar 19 13:56:14 UTC 2015 

#14354: Improve torflow engineering quality and deployment procedure
------------------------+--------------------------------
     Reporter:  asn     |      Owner:
         Type:  defect  |     Status:  new
     Priority:  normal  |  Milestone:  Tor: 0.2.7.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  tor-dirauth
Actual Points:          |  Parent ID:
       Points:          |
------------------------+--------------------------------
Description changed by asn:

Old description:

> From talking to Sebastian and weasel, it seems to me that dirauth
> operators are having trouble sysadmining all these little dirauth
> scripts. Furthermore, many of the dirauth operators are not even running
> scripts like bw measurement, because of the pain of setting them up and
> supporting them.
>
> With #9321 introducing another script, and with #8244 requiring yet
> another script. And with the peerflow system that might replace the bw
> auths, it seems that we will need to find a solution to this problem.
> Otherwise, only 1-2 dirauth ops (that are also Tor devs) will run each
> script, which is not good.
>
> Unfortunately, I don't have a very good solution to propose here.
>
> The obviously bad idea would be to bake all these scripts into
> little-t-tor. But this scales terribly, and we all have hopes for making
> Tor more modular and this will just be a step backwards.
>
> Another idea that is still not very good but maybe more implementable, is
> to revisit all these scripts and make them work with minimal setup
> effort. Then make debian packages that auto-work for all of them (or just
> a big meta-package), and ask dirauth operators to install them. Then
> assign someone to be the '''maintainer''' of all those scripts so that
> they take care of them when they break or when dirauth ops need help.
> However, it's unclear how many of these  scripts can just auto-work
> without manual setup or how much Debian hackery that would involve, or
> whether all dirauth ops use APT-based systems.
>
> At the same time we could make it more clear which dirauths are running
> which scripts, so that we can incorporate it as part of consensus health
> and warn dirauths ops that are not running certain scripts or have not
> updated them. Also, the "make Tor architecture more modular" giga-project
> might help here, since we could define a custom interface for all these
> scripts, and make it easier to plug them in Tor without torrc hacks.
> Also, maybe simply having a nice wiki page  with all the current scripts
> and '''good INSTALL instructions''' might actually be effective.
>
> What else could we do here that would make dirauths more happy?

New description:

 '''This ticket used to be about improving all dirauth scripts, but now
 it's specific to torflow.'''

 From talking to Sebastian and weasel, it seems to me that dirauth
 operators are having trouble sysadmining all these little dirauth scripts.
 Furthermore, many of the dirauth operators are not even running scripts
 like bw measurement, because of the pain of setting them up and supporting
 them.

 With #9321 introducing another script, and with #8244 requiring yet
 another script. And with the peerflow system that might replace the bw
 auths, it seems that we will need to find a solution to this problem.
 Otherwise, only 1-2 dirauth ops (that are also Tor devs) will run each
 script, which is not good.

 Unfortunately, I don't have a very good solution to propose here.

 The obviously bad idea would be to bake all these scripts into
 little-t-tor. But this scales terribly, and we all have hopes for making
 Tor more modular and this will just be a step backwards.

 Another idea that is still not very good but maybe more implementable, is
 to revisit all these scripts and make them work with minimal setup effort.
 Then make debian packages that auto-work for all of them (or just a big
 meta-package), and ask dirauth operators to install them. Then assign
 someone to be the '''maintainer''' of all those scripts so that they take
 care of them when they break or when dirauth ops need help. However, it's
 unclear how many of these  scripts can just auto-work without manual setup
 or how much Debian hackery that would involve, or whether all dirauth ops
 use APT-based systems.

 At the same time we could make it more clear which dirauths are running
 which scripts, so that we can incorporate it as part of consensus health
 and warn dirauths ops that are not running certain scripts or have not
 updated them. Also, the "make Tor architecture more modular" giga-project
 might help here, since we could define a custom interface for all these
 scripts, and make it easier to plug them in Tor without torrc hacks. Also,
 maybe simply having a nice wiki page  with all the current scripts and
 '''good INSTALL instructions''' might actually be effective.

 What else could we do here that would make dirauths more happy?

--

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14354#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list