Task List: southern.podzone.net

The following checklist provides a high-level breakdown of the work that needs to be done. Each of these are further decomposed below, where required:

  • [X] Documentation
  • [X] k8s dev cluster build
  • [X] k8s prod cluster build
  • [X] Networking build
  • [X] Ingress Build
  • [ ] Security
  • [X] Storage
  • [ ] Applications and Services
  • [ ] Testing

Task-list: Documentation

  • [X] Business brief
  • [X] Consumer Cloud definition
  • [X] Workload Success criteria
  • [X] MVP deliverables
  • [X] Network topology
  • [X] Inventory
  • [ ] Update documentation with production cluster details
  • [X] Curate reference lists
  • [ ] Site structure

Task-list: k8s dev cluster build

  • [X] james (upgrade RAM)
  • [X] sigiriya (upgrade disk)
  • [X] bukit
  • [X] levant

Task-list: k8s prod cluster build

  • [X] Procurement: 3 X HP t630 Thinclient
  • [X] Add second drive: 128 GB M.2 max 2242 modules
  • [X] Host build: habilis
  • [X] Host build: antecessor
  • [X] Host build: naledi
  • [ ] RAM upgrade: 8BG -> 16 GB
  • [ ] Upgrade first drives
  • [ ] Migrate DynDns updater to cluster (external-dns chart)
  • [ ] Ingress load balancer

Task-list: Networking build

  • [X] Network design
  • [X] Refactor wired network
  • [X] Router config (port forward, dynamic dns)
  • [X] https certificate for (qsolutions.endoftheinternet.org)
  • [X] Load balancer (MetalLB)
  • [X] DynDns WAN IP updates (ddclient)

Task-list: Ingress Build

  • [X] Certificate manager
  • [X] Certificates for 4 X LetsEncrypt host certs
  • [X] Route to Apache static sites
  • [X] Route to k8s dashboard
  • [X] Route to Search GUI : Cancelled
  • [X] Route to k8s API
  • [X] Route to zope
  • [X] Route to podzone docs
  • [ ] DynDns updater operator

Task-list: Security

  • [X] TLS certificate solution
  • [X] https for all external access
  • [X] Apache hardening
  • [ ] Kubernetes hardening
  • [ ] Purge sensitive info from DB

Task-list: Storage

  • [X] Consolidate data from media
  • [X] Consolidate assets into iCloud
  • [X] Extract source into GitHub
  • [X] Persistent storage for k8s cluster

Task Breakdown: Consolidate data from media

  • [X] /home/${USER} directories on bare metal X 3
  • [X] /media on james
  • [X] thumb drives X 12
  • [X] external hard drives X 1
  • [X] 2.5" replaced hard drives X 3 - Install in james
  • [X] 3.5" replaced hard drives X 2 - Install in external enclosures

Requirement: Consolidate data from media

  • All information of interest on all media to go into iCloud
  • All projects, including legacy and completed ones, into GitHub
  • Sensitive data audit, and secure wipe where required
  • Visible logical status labelling

Task Breakdown: Extract source into GitHub

  • [X] Book: Telling; BA Colley
  • [X] Book: Cannon Becket; AH Colley
  • [X] Book: All the Saints; AH Colley
  • [X] Code: uNode assets
  • [X] Code: BHC assets
  • [X] Code: Archive/Backup search

Task-list: Applications and Services

  • [X] Consolidate Web sites
  • [ ] Extract Zope zexp files and check in
  • [ ] Containerise Zope, including application code and config

Task Breakdown: Containerise Zope, including application code and config

  • [X] Plone Service and Deployment
  • [X] Plone ingress for qsolutions.endoftheinternet.org
  • [X] Ingress rewrite rules for Zope Virtual Host Monster
  • [ ] Plone ZPsycopgDA installation (containerInit?)
  • [ ] Persistent storage volume for postgres
  • [ ] Postgress Service and Deployment
  • [ ] Postgress ingress

Testing

  • [ ] Cluster High Availability testing
  • [ ] Cluster failure recovery
  • [ ] Web functional test
  • [ ] Application functional test