[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sks-devel] migration & changes

From: Phil Pennock
Subject: [Sks-devel] migration & changes
Date: Mon, 30 Apr 2018 03:31:00 -0400

Folks, I've moved, details below.  If you're a
peer and not happy at this change, let me know and we can de-peer.

Before: jail on a FreeBSD box in private colo in NL.
Now: EC2 instance in Paris (eu-west-3) running Ubuntu Bionic.

The service is mostly the same, no changes to HTTPS identity,
administrators, etc etc.  Just moved to be isolated.  However, I'm
currently running on the default sks package, so without the long-keyid

The AMI is my own, built from the official Ubuntu Bionic Beaver 18.04
AMI (ami-f3211396 in us-east-2) using Packer, which did the basic

I'm using /srv/sks as a separate EBS volume which can be detached.  I
built using a c5.large instance, which was nice and fast, with the
storage being a 100GB provisioned-IOPS volume.  After building and
debugging, I nuked the c5.large, downgraded the volume to GP2, and made
a t2.small, which is what I'm running with now.

IP addresses should be stable: it's an elastic IP for IPv4, and a
standalone ENI which has the IPv6 address, so that shouldn't change
either: if I rebuild, I'll reattach.  The DNS is unconnected to AWS and
is DNSSEC-signed, so the IPs should be verifiable.

Mailsync is not yet enabled.  My peering spidering is not yet live on
this new host.  At some point I'll probably recreate the entire thing on
FreeBSD, if only because of ... severe philosophical differences with
systemd-resolved and the amount of head-banging it took to get Unbound
in service.

But it's there, it's live.  Let's see if this one can manage to stay up
without the BDB layer suddenly deciding it can't find anything.


Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]