Request for resources: Ask Fedora

Toshio Kuratomi a.badger at
Wed Jul 20 22:50:05 UTC 2011

On Wed, Jul 20, 2011 at 10:50:27PM +0530, Rahul Sundaram wrote:
> upstream On 07/20/2011 09:32 PM, Kevin Fenzi wrote:
> > Some questions (which may not be known yet, but I thought I would toss
> > them out there): 
> >
> > * If FAS is unavailable, how does askbot behave? No one can auth? or
> >   falls back on a local file? or ?
> Askbot has openid support.  Will support using Google,  Twitter etc as
> you can see in 

Will you want single sign on (meaning if you log into pkgdb, you are also
logged into askbot)?  If not, I would suggest we try and use the openid
support in askbot with the fas openid provider.  That way we may be able to
eliminate the need to maintain the fas auth plugin.

> > * Do we have any idea how much load/capacity this will take? I guess it
> >   will depend on how much it takes off and how much people use it. Are
> >   posts/answers stored in db? Or on the filesystem?
> Stored in the db.  Supports MySQL or Postgres.  Postgres is recommended
> by upstream since it supports full text search.  I don't know how much
> load it will take.  I have tested it but not with thousands of users. 
Is there a version of postgres that is too old?  We're currently running
postgresl84 from RHEL5.x... I don't think that'll be too old for most apps
but figured I should check.

> >
> > * Are updates of the app pretty transparent? ie, just yum update? or do
> >   they require database changes? 
> Just yum update so far.  If db changes are necessary, it requires two
> commands  (backup db for safety)
>   * python syncdb
>   * python migrate
Will this work over the network?
Will we be able to run the app normally with an account that cannot modify
db schema and only use a schema-modifying account if these commands become
necessary for an upgrade?

> >
> > * Is there any security history for the application? Have their been
> >   security issues and have they been fixed in a timely manner?
> No security issues  so far but upstream has been responsive to issues we
> have reported and fixed them within days.
Do you have a sense of how often we will need to respin and install new
packages (or hotfix the application)?  Only frequently while we're in
testing?  Even after we're in production, there will be new features and
bugfixes that we'll want to pull in?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : 

More information about the infrastructure mailing list