Budget: purchase PagerDuty license for security@kubernetes.io

[philips]

The PST wants to automate the rotation of people who handle the security@kubernetes.io reports.

We set out to have a goal of weekly rotations but without tooling and automation it isn't working well.

So, we are seeking a $540 budget for a yearly PagerDuty license. That is $9 * 12mo * 5 people.

We will start work on the tooling next week and will have a 14 day trial or something.

[cblecker]

I'd be interested in hearing how this goes for you. We will have similar need at some point in the future to do this for the infra on-call

cc: @kubernetes/k8s-infra-team

[BenTheElder]

Yes please, we'll definitely want something like this for infra on-call.

So, we are seeking a $540 budget for a yearly PagerDuty license. That is $912mo5 people.

I can't quite parse that second sentence here, is that a formatting error?

[justaugustus]

$9/user * 5 users * 12 months

…

On Fri, Sep 21, 2018, 14:34 Benjamin Elder ***@***.***> wrote: Yes please, we'll definitely want something like this for infra on-call. So, we are seeking a $540 budget for a yearly PagerDuty license. That is $912mo5 people. I can't quite parse that second sentence here, is that a formatting error? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#72 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAiqWX6ZIXlzHXFO5QQsWAnHOC8quvQaks5udTEigaJpZM4W0coy> .

[caniszczyk]

would you be open to a similar tool like opsgenie which CNCF/LF have a relationship with? On Sat, Sep 22, 2018 at 3:21 AM Stephen Augustus <notifications@github.com> wrote:

$9/user * 5 users * 12 months On Fri, Sep 21, 2018, 14:34 Benjamin Elder ***@***.***> wrote: > Yes please, we'll definitely want something like this for infra on-call. > > So, we are seeking a $540 budget for a yearly PagerDuty license. That is > $912mo5 people. > > I can't quite parse that second sentence here, is that a formatting error? > > — > You are receiving this because you are subscribed to this thread. > Reply to this email directly, view it on GitHub > <#72 (comment) >, > or mute the thread > < https://github.com/notifications/unsubscribe-auth/AAiqWX6ZIXlzHXFO5QQsWAnHOC8quvQaks5udTEigaJpZM4W0coy > > . > — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#72 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAD5IbDh1WziJg6WwFDZ9UESQY2pDZVNks5udTwogaJpZM4W0coy> .

-- Cheers, Chris Aniszczyk http://aniszczyk.org +1 512 961 6719

[philips]

Chris- OpsGenie is fine. However, evaluating the product just now I have to have the "Standard" plan to make it work right with their email integration. So `$29 * 5 users * 12 months` is $1740. Also note we plan to expand the PST to 7 or so people soon so it may go up to $2500. On Fri, Sep 21, 2018 at 12:26 PM Chris Aniszczyk <notifications@github.com> wrote:

…

would you be open to a similar tool like opsgenie which CNCF/LF have a relationship with? On Sat, Sep 22, 2018 at 3:21 AM Stephen Augustus ***@***.*** > wrote: > $9/user * 5 users * 12 months > > On Fri, Sep 21, 2018, 14:34 Benjamin Elder ***@***.***> > wrote: > > > Yes please, we'll definitely want something like this for infra on-call. > > > > So, we are seeking a $540 budget for a yearly PagerDuty license. That is > > $912mo5 people. > > > > I can't quite parse that second sentence here, is that a formatting > error? > > > > — > > You are receiving this because you are subscribed to this thread. > > Reply to this email directly, view it on GitHub > > < #72 (comment) > >, > > or mute the thread > > < > https://github.com/notifications/unsubscribe-auth/AAiqWX6ZIXlzHXFO5QQsWAnHOC8quvQaks5udTEigaJpZM4W0coy > > > > . > > > > — > You are receiving this because you are subscribed to this thread. > Reply to this email directly, view it on GitHub > <#72 (comment) >, > or mute the thread > < https://github.com/notifications/unsubscribe-auth/AAD5IbDh1WziJg6WwFDZ9UESQY2pDZVNks5udTwogaJpZM4W0coy > > . > -- Cheers, Chris Aniszczyk http://aniszczyk.org +1 512 961 6719 — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#72 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AACDCHHOAFMmQ7nlzKKtrtq6fi8dAl62ks5udT1PgaJpZM4W0coy> .

[philips]

@cblecker @BenTheElder any opinion on PagerDuty vs. OpsGenie. I am apathetic and have used both. They are workable and quirky in their own ways.

[caniszczyk]

np brandon, we just have a generous deal with opsgenie so we prefer that route but will defer to the project at the end of the day

On Sat, Sep 22, 2018 at 4:09 AM Brandon Philips ***@***.***> wrote: @cblecker <https://github.com/cblecker> @BenTheElder <https://github.com/BenTheElder> any opinion on PagerDuty vs. OpsGenie. I am apathetic and have used both. They are workable and quirky in their own ways. — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#72 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAD5IQ4PADCUI7xQD-5P-vq5lwliH8mjks5udUeVgaJpZM4W0coy> .

-- Cheers, Chris Aniszczyk http://aniszczyk.org +1 512 961 6719

[cblecker]

Have used PD previously, and had no issues with it. I like the API.

Have not used or looked into OpsGenie, so I don't have an opinion on it.

[BenTheElder]

I've no experience with either and have no opinion other than having an actual community paging rotation set up sounds excellent and I'd love to hear how that goes so we can look at setting it up for the CNCF-kubernetes-infra.
Currently GKE-Kubernetes-EngProd uses Google's internal tooling for test-infra pages instead and we need a migration path.

[caniszczyk]

Can you send me the emails of folks that should be admins for OpsGenie?

Happy to get this done by EOW.

[philips]

You can start with me: bphilips@redhat.com and I can get admin to everyone else. Will we have our own org?

…

On Wed, Sep 26, 2018 at 9:47 AM Chris Aniszczyk ***@***.***> wrote: Can you send me the emails of folks that should be admins for OpsGenie? Happy to get this done by EOW. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#72 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AACDCJDWgWCIOavTV6QfmwWUD-2B1OtEks5ue6-4gaJpZM4W0coy> .

[caniszczyk]

@philips that's the plan, but waiting for LF IT to confirm that it will be splintered off the LF instance, give me a day or two

[philips]

OK, I am not quite ready as I need to test out the API but that is fine. Hopefully will have a PoC by EOW.

…

On Wed, Sep 26, 2018 at 9:51 AM Chris Aniszczyk ***@***.***> wrote: @philips <https://github.com/philips> that's the plan, but waiting for LF IT to confirm that it will be splintered off the LF instance, give me a day or two — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#72 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AACDCBFaOsTOWHNzX9lg0nsoX_DdBVkyks5ue7CZgaJpZM4W0coy> .

[caniszczyk]

@philips, I invited you as an admin and created a "Kubernetes Security" team

It's going to take a bit of time to get the paperwork done to get under the LF plan, they are a bit slower than normal due to the Atlassian acquisition but you should have the freedom to set everything up now and I'll take care of payment and all that jazz when ready.

[philips]

@caniszczyk I need the account activated to use the advanced alerting features

[caniszczyk]

@philips account should be fully activated now with the enterprise features, I logged in and looks good

[philips]

I have access, working with the API now. Thanks.

…

On Thu, Sep 27, 2018 at 3:46 PM Chris Aniszczyk ***@***.***> wrote: @philips <https://github.com/philips> account should be fully activated now with the enterprise features, I logged in and looks good — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#72 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AACDCPF-YxsJeeMQVPHdiRHEw2UC6uQeks5ufVVVgaJpZM4W0coy> .

[philips]

I wrote the tool I need against the API. Everything is fine with Ops Genie solution for now. Thanks!

Tool: https://github.com/philips/oncall-issue-filer

/close

[k8s-ci-robot]

@philips: Closing this issue.

In response to this:

I wrote the tool I need against the API. Everything is fine with Ops Genie solution for now. Thanks!

Tool: https://github.com/philips/oncall-issue-filer

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[caniszczyk]

Thanks, glad it worked out.

On Thu, Oct 4, 2018 at 8:27 PM k8s-ci-robot ***@***.***> wrote: Closed #72 <#72>. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#72 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAD5IYJBHYm-5UUTwvC-sakGYn6jyIt9ks5uhqd0gaJpZM4W0coy> .

-- Cheers, Chris Aniszczyk http://aniszczyk.org +1 512 961 6719