On Sat, Nov 09, 2019 at 08:53:48PM +0100, Florian Pritz wrote:
On Sun, Nov 03, 2019 at 06:42:07PM +0100, Christian Rebischke via arch-devops <arch-devops@lists.archlinux.org> wrote:
1. Can I have a web-directory, where only I have access to?
Depends on the specifics, but generally yes. I'm not quite sure why that is important though if the image is signed.
Hi Florian, depends if I should always ask you to upload the image. I am asking for upload access, because I plan to build the images locally. Option 2 would be: We have automated builds for the images and either sign them with a less trusted cloud image key or I download them and sign them, and I just re-upload the signature for the image.
2. Which key should I use to sign them? A new cloud-image signing key or my personal key? (I think latter should be enough).
Whatever works better.
3. I expect to build them monthly like the ISOs, how many images do you want to keep? My current assumption is that 1 year of image backup of cloud-images (qcow2) only would cost us around 30-50GB.
No idea how many are needed. Why do we need more than 1-3?
No idea, 12 months was just a random number. If you would prefer just the latest image it's okay as well.
4. Do we want to mirror the images?
That's probably the most important question. If they should be mirrored, it might be a good idea to put them in the mirror directory tree alongside the ISOs. Then we'd also have to decide if expanding our mirror tree by 30-50gb is ok or not. Right now, the whole tree (excluding sources) is around 80gb.
If we only serve the latest image it would be just additional 500mb for the qcow2 image. (The vagrant box images not included.. not sure if we need to mirror them. I don't think so. They are already mirrored on the vagrant cloud with a big CDN behind it.)
Florian