[tor-bugs] #31232 [Internal Services/Tor Sysadmin Team]: Migrate default snowflake broker (and bridge?) to TPA machines
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Aug 8 15:09:13 UTC 2019
#31232: Migrate default snowflake broker (and bridge?) to TPA machines
-------------------------------------------------+-------------------------
Reporter: cohosh | Owner: tpa
Type: defect | Status:
| needs_information
Priority: Medium | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by anarcat):
1. if you just need a domain, and not a machine, that is fast and quick. i
*think* the policy is that non-TPA machines get a torproject.net hostname,
but I can verify that. if you *do* want us to host the machine as well,
you will definitely need to be most specific on this.
2. yes, it seems like a good idea to figure out a fix for this in the long
term
3. allowing root on TPA machines is a problem. we don't normally allow
that: we handle the OS-level stuff and grant you access to an account
(with the sudo access you need, e.g. restart apache or something) on a
case-by-case basis
Regarding "monitoring", if the machine is TPA, you get a ton of monitoring
for free. If it's non-TPA, you get the experimental/external Prometheus
server that doesn't do alerts.
So I guess the next step is to actually decide if we absorb this or not,
and for that we need more precise numbers. I need to know how much memory
(in GB), disk (size and HDD or SSD or NVMe too), CPU (count and type) and
bandwidth usage (in TB/mth or gbps 95th percentile) we're talking about.
Thanks!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31232#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list