| Checklist for setting up Zimbabwe's instance hosted locally | Paulina Buzderewicz | - Keeping it generic - others likely want something similar in future
- Desire is to have checklist:
- activities
- timeliness
- responsibilities
- Need to start with activities:
- Server
- 4 server, specs given to MoH (they've said we have these):
Intel Xeon Platinum 8000 series processor (Skylake-SP or Cascade Lake) with a sustained all core Turbo CPU clock speed of up to 3.1 GHz; • 8GiB RAM; • 2vCPU Reporting Server Reporting stack: • Intel Xeon Platinum 8000 series processor (Skylake-SP or Cascade Lake) with a sustained all core Turbo CPU clock speed of up to 3.1 GHz; • 8GiB RAM; • 2vCPU Database Server Database: • 2.5 GHz Intel Scalable Processor Intel AVX, Intel AVX2, Intel Turbo; • 4GiB RAM; • 2vCPU Product Catalog Management Tool Server • Intel Xeon Platinum 8000 series processor (Skylake-SP or Cascade Lake) with a sustained all core Turbo CPU clock speed of up to 3.1 GHz; • 2GiB RAM; • 2vCPU Firewall in place - How sure are we that they are providing 4 physical boxes, or is there some sort of virtualization??? (we should ask)
Windows Defender is deployed
- We should push for linux OS
- Make sure person in country can install / provide an ubuntu server install
- We should ask for Ubuntu 18.04 Server LTS (latest) - put todo in for ourselves to look at v20.04
- Access
- Direct access
- SSH
- Need to generate a new key pair for that instance. We should give the public key?
- They'll need to setup password-less SSH access, using public key
- When do we get access?
- Docker certificates so that Jenkins can deploy
- (first <6 mo we will manage it with L1+L2, after we'd want to transition to MoH - what are we handing over after 6mo? Do we want to hand over a Jenkins install? Or Ansible IaC?)
- (this is on core)
- (core will also need to setup jenkins, setup the env in the various repos)
- Backups
- What does available for database server backups mean?
- Is MoH responsible for just the hardware? Hardware + OS? All that + database? Does that include backups of that postgres database?
- WIP
- Domain name + cert
- We will iterate from here - it'll be helpful to get access quickly, so that we can see directly and ask what's there, see what works, do follow-ons in our iterations.
|