From 6cbc7b587a532d70a0f3f13d1d61a93b2ff7387b Mon Sep 17 00:00:00 2001 From: Paul Melnikow Date: Sat, 13 Jul 2019 09:39:07 -0400 Subject: [PATCH] Document the production Redis hosting (#3710) Close #3332 --- doc/production-hosting.md | 47 +++++++++++++++++++++------------------ 1 file changed, 25 insertions(+), 22 deletions(-) diff --git a/doc/production-hosting.md b/doc/production-hosting.md index a88ce796e6..7b64fcb91e 100644 --- a/doc/production-hosting.md +++ b/doc/production-hosting.md @@ -7,26 +7,29 @@ [operations issues]: https://github.com/badges/shields/issues?q=is%3Aissue+is%3Aopen+label%3Aoperations [ops discord]: https://discordapp.com/channels/308323056592486420/480747695879749633 -| Component | Subcomponent | People with access | -| ----------------------------- | --------------------------- | ------------------------------------------------------------------------------------------ | -| Badge servers | Account owner | @espadrine | -| Badge servers | ssh, logs | @espadrine | -| Badge servers | Deployment | @espadrine, @paulmelnikow | -| Badge servers | Admin endpoints | @espadrine, @paulmelnikow | -| Zeit Now | Team owner | @paulmelnikow | -| Zeit Now | Team members | @paulmelnikow, @chris48s, @calebcartwright, @platan | -| Raster server | Full access as team members | @paulmelnikow, @chris48s, @calebcartwright, @platan | -| shields-server.com redirector | Full access as team members | @paulmelnikow, @chris48s, @calebcartwright, @platan | -| Cloudflare | Account owner | @espadrine | -| Cloudflare | Admin access | @espadrine, @paulmelnikow | -| GitHub | OAuth app | @espadrine ([could be transferred to the badges org][oauth transfer]) | -| DNS | Account owner | @olivierlacan | -| DNS | Read-only account access | @espadrine, @paulmelnikow, @chris48s | -| Sentry | Error reports | @espadrine, @paulmelnikow | -| Frontend | Deployment | Technically anyone with push access but in practice must be deployed with the badge server | -| Metrics server | Owner | @platan | -| UptimeRobot | Account owner | @paulmelnikow | -| More metrics | Owner | @RedSparr0w | +| Component | Subcomponent | People with access | +| ----------------------------- | ------------------------------- | ------------------------------------------------------------------------------------------ | +| Badge servers | Account owner | @espadrine | +| Badge servers | ssh, logs | @espadrine | +| Badge servers | Deployment | @espadrine, @paulmelnikow | +| Badge servers | Admin endpoints | @espadrine, @paulmelnikow | +| Compose.io Redis | Account owner | @paulmelnikow | +| Compose.io Redis | Account access | @paulmelnikow | +| Compose.io Redis | Database connection credentials | @espadrine, @paulmelnikow | +| Zeit Now | Team owner | @paulmelnikow | +| Zeit Now | Team members | @paulmelnikow, @chris48s, @calebcartwright, @platan | +| Raster server | Full access as team members | @paulmelnikow, @chris48s, @calebcartwright, @platan | +| shields-server.com redirector | Full access as team members | @paulmelnikow, @chris48s, @calebcartwright, @platan | +| Cloudflare | Account owner | @espadrine | +| Cloudflare | Admin access | @espadrine, @paulmelnikow | +| GitHub | OAuth app | @espadrine ([could be transferred to the badges org][oauth transfer]) | +| DNS | Account owner | @olivierlacan | +| DNS | Read-only account access | @espadrine, @paulmelnikow, @chris48s | +| Sentry | Error reports | @espadrine, @paulmelnikow | +| Frontend | Deployment | Technically anyone with push access but in practice must be deployed with the badge server | +| Metrics server | Owner | @platan | +| UptimeRobot | Account owner | @paulmelnikow | +| More metrics | Owner | @RedSparr0w | There are [too many bottlenecks][issue 2577]! @@ -67,8 +70,8 @@ There are three public badge servers on OVH VPS’s. Shields has mercifully little persistent state: -1. The GitHub tokens we collect are saved on each server in JSON files on disk. - They can be fetched from the [GitHub auth admin endpoint][] for debugging. +1. The GitHub tokens we collect are saved on each server in a cloud Redis database. + They can also be fetched from the [GitHub auth admin endpoint][] for debugging. 2. The server keeps a few caches in memory. These are neither persisted nor inspectable. - The [request cache][]