2020-10-16 - System Operations and Management Agenda and SIG Notes
- Ingolf Kuss
- jroot
- Tod Olson
Date
Attendees
- Johannes Drexl
- Tod Olson
- Former user (Deleted)
- Brandon Tharp
- Catherine Smith
- Chris Rutledge
- Michelle Suranofsky
- Robert Douglas
- Anton Emelianov (Deactivated)
Goals
Discussion items
| Time | Item | Who | Notes |
|---|---|---|---|
| 5 | Ingolf | Welcome |
|
| SSL certificates in Rancher | Jo / Jason: SSL certificates for Rancher deployment; how to get the certificates into Rancher. Behind a load balancer, each node needs a certificate. | ||
| pgaudit enabling in Folio | all | Jason asked by Jakub to try Goldenrod Hot Fix #4 with pgaudit enabled. Just released, so have not yet been able to do that. TAMU does not so much run pgaudit with great plans, but because it's their default. pgaudit and other auditing tools are run by many institutions and agencies use for auditing to comply with regulations and statutory compliance. pgaudit is Open Source. FOLIO will really need to work this out so that sites can manage the ever-changing regulartory environment. AWS does not provide pgaudit, but has their own equivalent tool. Ingolf and Jo don't know of any audit requirements for databases in Germany. GDPR requirements are a different thing (see below). What have people done to manage Kubernetes better? Rancher as open source is good, but break-fix support is expensive. Has anyone explored Red Hat OpenShift as hosting option alternative to AWS? Some investigation. Looks quite good, also expensive. | |
| GDPR | Much misunderstanding of GDPR outside of EU. Can store personal data if there is a legitimate reason, and those are well-understood. The uses are different between FOLIO proper as operational system and LDP as reporting system. For example, it is much easier to build a legitimate reason out of an employer-employee contract than out of a customer or patron relationship. And the particular purpose is critical. The software must be designed "privacy friendly". By default, no personal data should be stored without a legitimate reason. But storage should be possible. Software needs to have mechisms to delete the data selectively (for a specified user), and to delete all data of a specified user. There are other requiremets to the software, like transparency of data procession, secure storage meachnisms and not storing the same pieces of personal data in multiple places. The Folio Privacy SIG is currently being re-vitalized. If you know of any person who you think should participate please talk to that person and report him/her to Peter Murray, if that person might be available. Persons should have a background or interest in data privacy. The Privacy SIG is also looking for a Convener. Anonymous Research should be possible (research on delicate matters. The researcher does not want to be brought in connection with the matter personally). | ||
| 2020 Q2 Goldenrod upgrade & release notes | Upgrade order of 2020 Q2 is critical. jroot has posted extensive notes on these. It is important that these are incorporated into the Q3 release notes. Anton Emelianov (Deactivated) Meeting earlier this week, core question was how do we get to source of truth about a release? Versions of modules, schemas, versions of Kafka, etc. There is no single source of truth with a complete set of components. We get some from platform-complete but not all needed info. Release notes are not GitHub artifacts. This will need to be distilled. Would be nice to have some sort of auto-generated release notes pulled and collated from modules. Q3-2020: All but three modules have been released; Bugfest will start next month. At the moment, there are three places of documentation to install a complete system:
Would definitely be nice to have the Release notes also on github. But then they should have some defined format, e.g. in JSON. Need JSON vocabulary for this. It is desired to have integration of github and JIRA. Commits in gthub should update JIRA automatically. There are plugins for JIRA and there are plugins for github. Anton will talk to John Malconian about this. | ||
Topic for future meetings: Permissions in Folio | Joint session with the App Interaction SIG | "The discussion is about the fact that we need a more differentiated permissions and authorization system. There can be different sub-libraries within a client, which must have different rights for each sub-library and data record. Example: Data records in the JURA Bib may be transferred from the Medical Library can only be viewed, but not edited. The Med. Lib., however, has CRUD rights for its own data records." https://folio-org.atlassian.net/browse/UXPROD-2426" | |
| Ingolf will be out next week (Oct 23rd). Probably no meeting, then. |
Action items
- Anton will talk to John Malconian about integration of github and JIRA. Would be nice to have the Release notes also in github. Commits in github should update JIRA automatically. Release notes should be in a machine readable format, e.g. JSON.
- (All) Think of persons who might want to join the Privacy SIG ; Report them to Peter Murray