2020-05-08 - System Operations and Management SIG Agenda & Notes

Owned by Ingolf Kuss
Last updated: Nov 20, 2020
4 min read

Date

Attendees

Goals

  • Hotfix release experiences

Discussion items

TimeItemWhoNotes
5WelcomeIngolf
  • Find a note taker (might be myself) : Harry
 30 Q1 Hotfix releaseall

The Q1-2020 Fameflower Hotfix release was released May 1st. Anton announced it.

Let's discuss our experiences with it so far.

  • Chris Creswell did a post in #sys-ops today:
    • The hotfix application worked smoothly in his development environment, then not so smoothly on his shared local test instance.

    • A few modules reported errors when enabling, but his script to enable modules actually tries twice for each module, and the second time it worked for each.

    • Okapi reports the expected module versions enabled for his tenant, and everything seems to work as he clicks around in the UI.

    • But he does wonder if the second attempt at enabling the modules did any of the database schema updates or not.

    • He is going to use a check_postgres script that he found to compare the schemas between his development environment and their test instance to see if anything is different.

  • Jason reports some failures of the schema update scripts on the TAMU tenants.
    •  His first run at the migration from Q4 to Q1 Hotfix seems to have been successful for the Diku tenant where he has reference and sample data loaded.
    • Updating the TAMU tenant failed.
  • Historical circulation migration data is getting difficult.  Across FOLIO versions, migrations have not worked.  Also, getting history from Voyager is getting more difficult.  Important to current and existing libraries.
    • A problem for historical open and closed loans data.  Needed for historical reporting. Some libraries may decide to not transfer closed loans. 
    • Developers potentially lack an unerstanding of what is needed.
    • Difficult for migration and offline circulation!
    • Needed for reporting as well.  Might be stored in a separate file.
    • No stories written for this.  
    • It is pretty important to fix this.
    • How and when to suppress notices for migrated data?  Saving tenant configuration until after migration seems to help.  Or set to an invalid server, disabeling the email system.
    • ToDo: Discuss with PO team. Need to define requirements. Harry will bring this up in the next PO meeting. It's a long term issue. Planning for Q3.
  • Chalmers upgrade plans to Q1 (report from Patty)
    • Chalmers does a dry run in the sandbox
    • Theo clones and ports the data
  • Fameflower for University of Alabama (Patty)
    • 2nd week: testing & training
    • next week EDS integration, NCIP integration
    • iterative go-live within three days in the week of June 6th
25SAML integrationTod
  • SAML integration at Chicago
    • Mod-login SAML is not federation aware.  No way to get automatic updates.  No self registering.  
    • How can configurations be preserved between instances (certficates change, backend urls change, metadata change)
    • Federation support is really needed.
    • Want to release SAML attributes for actions in FOLIO.
    • We need a gatekeeper for login. Something which says "this identifier is in the set of authorized logins"
    • A particular identity can be automatically authorized to login.
    • Qulto developed mod-login and mod-login-saml;  they are not getting enough attention
    • These are real important modules
    • mod-SAML isn't actively maintained.  Will be very important over the coming year and more. It definitely needs ownership, it's own service provider.
    • It would be an advantage to FOLIO to have active dev in this area.
    • Apache has modules for being a provider.  NGINX has a 3rd party tool for this as well (it probably uses fast-cgi).  Could FOLIO rely on these tools for SAML authentication and attribute release.  Would eliminate the need to maintain the FOLIO SAML code.
    • FOLIO would need to be able to consume the data from both modules.
    • ToDo:  Need several tickets for this in JIRA. Tod will create the ticket. These will be new requirements which will have deployment consequences.
    • There is a ticket for "federation support". "Login authentication atrribute" tickets are needed.
    • Need a PO for this. PO will write high level requirements and do priorization.
    • It will probably belong to "core platform" (but doesn't have to be)
    • Should also look at who owns the patron user loader.
    • This group will need to identify use cases. We take this on as a topic for this group.
x-tra timeGeneral; Organization of the groupall
  • Need to do a better job of circling back on architecture changes such as searching, data stores, etc. 
  • We want to get some involvement earlier on; espscially those, who are in a self-hosted environment
  • Somebody from SysOps, in addition to Harry, should go to the PO meetings
  • Topics like using Elasticsearch or Solr as search engines emerge
  • These topics should not always come up as an afterthought.

Ingolf added


Topics for future meetings
  • reported failures in database schema updates in Hotfix release
  • Migrating historical cicrulation data (Harry will discuss this in the PO team). We need stories written for this. It is important to fix this.
  • mod-saml and mod-saml-login are not being actively maintained; they need ownership. Federation support is needed. Tod will write up requirements. This will need a PO and several JIRA tickets.
  • (group:) Identify use cases for SAML authentification.

"Circling back" on architecture changes; new topics will emerge; we need to get involved earlier (especially for those in self-hosted environments) ==> How are we going to improve on this ?

Action items

  • Hkaplanian: Talk about migration of historical circulation data in the next PO team meeting.
  • Tod Olson : Write requirements for SAML authentication and attribute release. Create a JIRA ticket for these.