Infrastructure Apprentice

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
(link to the ssh access sop)
(add ns machines to exceptions)
Line 5: Line 5:
 
== Access to many infrastructure machines ==
 
== Access to many infrastructure machines ==
  
Members of the fi-apprentice group have ssh/shell access to many machines, but no sudo rights or ability to commit to puppet (but they do have read-only puppet access). Access is via the bastion.fedoraproject.org machine and from there to each machine. See the [[SSH Access Infrastructure SOP]] for more info.. Exceptions to this access are: backups*, db*, fas*, sign*, rel* and compose*, These machines may contain sensitive data and are almost always in a production mode.  
+
Members of the fi-apprentice group have ssh/shell access to many machines, but no sudo rights or ability to commit to puppet (but they do have read-only puppet access). Access is via the bastion.fedoraproject.org machine and from there to each machine. See the [[SSH Access Infrastructure SOP]] for more info.. Exceptions to this access are: backups*, db*, fas*, sign*, rel*, ns* and compose*, These machines may contain sensitive data and are almost always in a production mode.  
  
 
== Nagios alerts ==
 
== Nagios alerts ==

Revision as of 20:58, 19 August 2011

Contents

Infrastructure Apprentice

The 'fi-apprentice' group in the Fedora Account System is one with a lot of read-only access to various Fedora infrastructure machines. This group is used for new folks to look around at the infrastructure setup, check machines and processes and see where they might like to contribute moving forward. This also allows apprentices to examine and gather info on problems, then propose solutions.

Access to many infrastructure machines

Members of the fi-apprentice group have ssh/shell access to many machines, but no sudo rights or ability to commit to puppet (but they do have read-only puppet access). Access is via the bastion.fedoraproject.org machine and from there to each machine. See the SSH Access Infrastructure SOP for more info.. Exceptions to this access are: backups*, db*, fas*, sign*, rel*, ns* and compose*, These machines may contain sensitive data and are almost always in a production mode.

Nagios alerts

This group does NOT get Nagios alerts. If you wish to receive them, you should join the sysadmin group, otherwise you can see them trough #fedora-noc channel or Nagios web interface at: https://admin.fedoraproject.org/nagios/.

Regular checkins

On the first of each month a mentor will mail all the folks in the group. This email will ask what tasks they are working or or interested in, what they are using their access for and if they intend to be active in infrastructure. Please look for and answer these emails as they come to you.

Length of membership

This group will be pruned often of inactive folks who miss checkins. Members who have not logged into any machine and/or are not active will be removed. There's nothing personal in this, and you're welcome to re-join later when you have more time.

easyfix tickets

There are tickets marked with the 'easyfix' keyword that may be suitable for apprentices to learn how things are setup, and also contribute a fix. See: https://fedorahosted.org/fedora-infrastructure/report/14 for this report.

Further information

For further information on this group, please ask in #fedora-admin on irc.freenode.net and/or the fedora infrastructure mailing list.