From March 13–15, 2020, the TYPO3 Server Team organized a combined team sprint for their quarterly real-life meeting at the office of Ops One in Zürich, Switzerland.
We take this opportunity to report on the recent changes in the TYPO3 Server Team, the typo3.org website, and other infrastructure topics.
New Team Leader for the Server Team
After more than ten years, Michael Stucki is handing over the team leadership to Andri Steiner. Michael writes:
Andri has been a member of the team for seven years. He contributed a lot of time and know-how to the TYPO3 project, such as having a new (and great!) web server stack, which has been in use for more than three years for typo3.org.
I have had the pleasure to work with Andri for more than 15 years, or, in other words, for eight versions of Debian stable. During that time, I have learned a lot from Andri (and hopefully he learned some bits from me too).
While stepping down as team leader, I will continue to work in the TYPO3 server team as a fully motivated team member.
I wish Andri a lot of success and satisfaction in his new role and thank him for stepping up!
Last year, our long-time member Steffen Gebert decided to leave the team. Steffen has been a member of the TYPO3 Server Team for seven years. Before his engagement in the server team, Steffen was a member of the Core Team for four years, starting in 2010. He contributed a huge amount of projects and know-how (and time!) to the TYPO3 project.
Some of the projects that Steffen brought into the TYPO3 community are:
- Chef infrastructure management, along with more than 70 cookbooks which have been published on our own GitHub page. Chef has been used for our infrastructure management until today, but it is going to be replaced, as we move to a new platform soon. Chef has lifted our infrastructure to a new quality level, having every piece of infrastructure stored as reproducible code, tested with a unique Jenkins testing platform. All this would not have been possible without the contribution, endurance, and patience of Steffen.
- Zabbix monitoring
- Git and Gerrit code review
Steffen, thanks a ton for your enormous work. We are very sad that you leave us, but we're happy to stay in touch. Remember that you are always welcome to meet us whenever there is an opportunity!
Until now, our current infrastructure has been running on virtual servers managed by Chef. We updated and migrated most of them to the KVM hypervisor over the last years. However, there are still some legacy systems running on OpenVZ, where a migration turned out to be too complicated. Also, we struggle with our Chef infrastructure from time to time and have to bother our former team member Steffen to help out. From now on, we will use PaaS (Platform as a Service) to deploy static and PHP-based websites. For services based on other technologies (LDAP, Gerrit, Forge, etc.), we use Docker to abstract the required dependencies. We have completed the migration for some of our services already, and will continue to do so this year.
Due to the streamlined infrastructure with fewer and less complicated services, we hope for a more robust and flexible platform in the future. Also, we learned some lessons during this journey and we’ll try hard to avoid technical debt in our projects in the future.
Combined Sprint 2020/1
The current sprint is coming to an end, so here are some bits and infos from what we did during the last three days:
Archived and Migrated About 100 Old Websites
As we are moving to a new infrastructure platform, more than 100 websites were moved to their new home. Some of them were old TYPO3 instances (e.g. websites of past TYPO3 conferences) which have been archived using httrack into plain HTML format. Thanks to this, we no longer need to maintain those websites, while they stay available in case you like to browse those past events.
Migrated Old Web Servers
Thanks to this cleanup, ten servers could be removed from our infrastructure. See below for more information about this.
Migrated DNS Infrastructure
Our Chef-managed DNS server has been replaced with a web-based solution. PowerDNS is still being used in the background.
Service Migration to Containers (LDAP, Redmine, OTRS)
In our effort to move any non-LAMP projects into Docker containers, the container for OTRS was set up during the weekend. The migration will take place over the coming weeks.
The Redmine container at forge.typo3.org was also finished, but migration will take some more time, as we like to update to the latest version of Redmine.
Planning and Collaboration with the typo3.org and Core Team
typo3.org Website Team
We've created a LDAP username policy: In the future we want to ensure clearer conventions for usernames. We created a convention and communicated it in the sign-up process. Existing users whose usernames did not fit to the new convention were informed via mail and received an updated login name.
LDAP user deletion process: We coordinated our teams to streamline and improve the internal process.
Slack is a useful tool for our community, especially to coordinate our team work. But it comes with various downsides: The public visibility of TYPO3 content on the web is decreasing. Therefore, we discussed ways to strengthen other tools we are using, e.g. talk.typo3.org.
The focus for the sprint was voting.typo3.org. We prepared the system for the upcoming election and tried to improve usability and performance. And as usual, we updated all typo3.org environments and the development setup (DDEV 1.13.1, extension updates, etc).
LDAP Database Cleanup
We want to clean up our user data, making usernames stick to the rules, for best compatibility with our growing stack of tools. In a first update, we migrated usernames to all-lowercase. In the next update, we will replace all non-standard characters and migrate all affected users to comply with the rules. Of course, we will inform the affected users beforehand and provide a migration path.
Evaluation of the Single Sign-On Solution
As we plan to provide two-factor authentication for all services, we started the evaluation of Keycloak, in addition to the user base cleanup in LDAP and did some tests and integrations using the LDAP server as the main source of account information.
Mailing List Migration
One of the oldest services still running are our Mailman-based mailing lists. For security- and release announcements, this is still a functionality that has not yet been replaced with a better functionality. Benni Mack kickstarted a new service, "announce.typo3.org", to provide such functionality using a different tool than Mailman.
As a result of the infrastructure migration, we were able to stop two servers that have been donated by Punkt.de since 2013. These servers marked the beginning of our OpenVZ adventure and gave us a lot of new possibilities. Thanks to Punkt, typo3.org was running fast and reliably for many years. (It was already moved to a new server in 2017, but other services were still running on these servers until recently..)
A few weeks earlier, we were already able to shut down another server that was donated by jweiland.net and used for running review.typo3.org (Gerrit) and forge.typo3.org (Redmine) since 2015.
We would like to thank Punkt.de and jweiland.net for providing these systems at no cost for the TYPO3 project. You rock!
We would like to thank Ops One for providing the sprint location in the heart of Zurich. Many thanks to the TYPO3 Association for covering travel costs, as well as food expenses.
Last, but not least, many thanks to the sprint participants, who spent three days in Zurich, just as the Corona virus hit, and who are now in quarantine for the next two weeks. Stay healthy and strong my friends!
Sprint participants: Andreas Beutel, Stefan Busemann, Simon Gilli, Benni Mack, Andri Steiner, Michael Stucki
Remote participants: Bastian Bringenberg, Stephan Großberndt, Marco Huber
Copyediting: Mathias Bolt Lesniak