Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migrate from end of life Ubuntu 14.04 #571

Closed
17 of 21 tasks
adborden opened this issue Feb 6, 2019 · 4 comments
Closed
17 of 21 tasks

Migrate from end of life Ubuntu 14.04 #571

adborden opened this issue Feb 6, 2019 · 4 comments
Assignees
@adborden
Labels
Epic

Comments

@adborden
Copy link
Contributor

adborden commented Feb 6, 2019
edited
Loading

Ubuntu 14.04 support ends April 2019. We should move to Ubuntu 16.04 or 18.04. The latest 18.04 is preferred, but we should consider what kind of support exists for it.

Things to consider:

  1. Availability of security benchmarks
  2. Existing hardening roles
  3. GSA GEAR
  4. Third-party ansible role support

Plan for rollout

  1. Provision a bionic environment in sandbox for testing.
  2. Begin refactoring roles, adding bionic to the molecule test suite where possible (in progress).
  3. For each role, provision hosts in both staging and production. Once roles are working in staging, we can rollout to production. We can process roles in this order:
    1. jumpbox
    2. solr
    3. crm-web
    4. dashboard-web
    5. wordpress-web
    6. inventory-web
    7. pycsw
    8. catalog-web
    9. catalog-harvester
  4. Decommission Ubuntu trusty hosts.

Note: jekyll-web should not be upgraded, we are moving static sites to Federalist so the jekyll-web hosts will no longer be needed.

Tested in sandbox

  • jumpbox
  • solr
  • crm-web
  • dashboard-web
  • wordpress-web
  • inventory-web
  • pycsw
  • catalog-web
  • catalog-harvester

Deployed to production

  • jumpbox
  • solr
  • crm-web
  • dashboard-web
  • wordpress-web
  • inventory-web
  • pycsw
  • catalog-web
  • catalog-harvester
  • data-strategy deployed to federalist
  • data-federation deployed to federalist
  • sdg deployed to federalist
@adborden
Copy link
Contributor Author

adborden commented Feb 7, 2019

@JJediny pointed out some baselines exist https://dev-sec.io/baselines/

@adborden
Copy link
Contributor Author

Ubuntu 14.04 will transition to Extended Security Maintenance (ESM) on Thursday, April 25th, 2019

https://lists.ubuntu.com/archives/ubuntu-announce/2019-March/000241.html

This was referenced Mar 29, 2019
Closed
Closed
Closed
Closed
Closed
@adborden
Copy link
Contributor Author

adborden commented Apr 2, 2019

@JJediny i updated the plan in the description.

This was referenced Apr 3, 2019
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
@adborden adborden self-assigned this Apr 8, 2019
@jbrown-xentity jbrown-xentity mentioned this issue Feb 27, 2020
Closed
@mogul
Copy link
Contributor

mogul commented Jun 24, 2020

With the procurement and deployment of Ubuntu Advantage in #1682 the immediate need to stem the accruing security and compliance hazards has been met while leaving 14.04 in service. We'll be migrating to a more recent Ubuntu as a side effect of other Epics, eg the move to cloud.gov.

@mogul mogul closed this as completed Jun 24, 2020
@mogul mogul mentioned this issue Jun 24, 2020
Closed
1 task
@mogul mogul added the Epic label Aug 3, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@adborden adborden

Labels
Epic
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mogul @adborden