system-hackers service agreement

Daniel Pocock daniel at
Thu May 19 08:52:35 UTC 2016

Looking at the thread about the new blog team, it is clear that some
things are dependent on the relationship that teams have with the
system-hackers group

Ignoring the current configuration of the systems, what is the ideal
service that the system-hackers would like to be able to provide?


- which OS/distribution?  E.g. Debian
  - would more than one OS be feasible or required?
      (this multiplies support effort, should be avoided)

- will services run in virtual machines and which technology will be
used (KVM, XCP, Openstack, ...), e.g. will the blogging service run in a
VM isolated from the services operated by other teams?
 - benefit: each team can receive major OS updates at different times
 - disadvantage: extra effort for system-hackers team, needs more IP

- how fast can packaged security updates (e.g. from Debian) be deployed?
 Will the updates be automatically deployed by cron or something, or
will the team aim for a 24x7 support roster?  In the latter case, are
more volunteers needed in the system-hackers team?

- how will major upgrades (e.g. from Debian 8.0 to 9.0) be deployed?
E.g. aim to begin upgrade 3 months after the official release,
individual teams using a particular server can veto the upgrade until 7
months have passed

- which services must be supported by the system-hackers (I'd suggest
backups, public web site, wiki, IP address allocation, SSL certificate
creation, monitoring, Git, DNS, authentication/OpenID/LDAP, mail,
mailing lists, SIP, XMPP and any services that the system-hackers may
depend on in the course of their own activities)

- are the system-hackers willing to support a database such as
PostgreSQL for use by other teams?  Can they provide a convenient way
for members of other teams to take snapshots of their databases for use
in test servers?

- will the system-hackers allow members of other teams to use sudo?

Maybe there are other things too, it would be good to see the
system-hackers provide a list of what you would be willing to support
and a separate list of what people think they need the system-hackers to

More information about the Discussion mailing list