Tuesday, May 30, 2017

Announcing HTTPS for web apps

Last summer, we introduced automatic HTTPS for all OCF-hosted websites with virtual hosting, helping keep private data sent to these websites safe from government spies and would-be password thieves. Today, we are announcing the same feature for our web application hosting service.

This enhancement has already been rolled out for existing web apps, and it will come out-of-the-box for new ones. For more info, check out the original announcement as well as the updated FAQ below.

What do I need to do?

Most likely, nothing. Thanks to greatly increased Let's Encrypt request rate limits, we can download certificates and configure your website to use SSL almost immediately.

Will this break existing links to my website? Do I need to update posters with the new link?

No. We will issue 301 redirects to the updated URL.

Are you sending the HSTS header?

Still not yet, but it's certainly on the agenda now that we've been using HTTPS on regular virtual hosts for almost a year. We already send the HSTS header for www.ocf.berkeley.edu, including all websites for individual accounts.

What even is app hosting? How do I get it?

Web application hosting is a relatively new service we offer which allows groups to develop sophisticated websites using modern web technologies not available with regular virtual hosting. The eligibility requirements are the same as for regular virtual hosting, and you can apply be emailing hostmaster@ocf.berkeley.edu. Please read the help page for more information.

If you have any more questions, please email us.

Finally, you can log into your website at ease!

Thursday, April 20, 2017

Downtime this morning - Thursday 4/20 6:53 to 11:15 AM

From around 6:53 to 11:15 this morning a majority of the OCF's services were down, including websites, email forwarding, software mirrors, etc. We take downtime issues like this very seriously, so we are still in the process of doing a full postmortem on exactly what happened and the timeline it followed. Expect that to be posted soon as we finalize the details of what happened, but everything should now be back up and working again. If you notice any problems, please contact us and we'd be happy to help.

Thanks as always for flying OCF!

Friday, March 17, 2017

Mirrors disk migration 3/17

There will be a short period of downtime between 10 AM and 12 PM (noon) today (3/17) to migrate the disks containing our software mirrors from one server to another.

Update 10:18: Our mirroring server is down, and the disks are being migrated.

Update 10:34: Our mirroring server is back up with its disks full migrated! Let us know if you encounter any problems.

Sunday, February 19, 2017

LDAP/Kerberos upgrade Sunday 2/19

As part of our ongoing work to transition from jessie to stretch at the OCF, we will be migrating our LDAP/Kerberos server today starting around 7:20 PM.

To do this, we'll import LDAP and Kerberos data from our on-site backups to test that they still work. Although they have been tested before, it's always nice to make sure that backups actually work and include the right data. After importing these backups, a final dump and sync will be made in case any data has changed in the small amount of time that it takes to import the backup data.

All users will be unable to log in while the migration is taking place, but this should only be a very short time, as the majority of the migration will be done before the final sync is done.

Contact us if you have any questions or concerns about the upgrade!

Update 7:40: All users should be able to log in again, please let us know if you have any issues with accessing your account!

Saturday, February 18, 2017

MySQL read-only Saturday 2/18

As part of our work to transition from jessie to stretch for our MySQL server, we'll be migrating user data today around 5pm.

To do this, we'll put the existing jessie server into read-only mode, then make a final import to the new stretch host. We believe this will take about an hour and don't anticipate any issues (we've already tested imports from our regular backups without problems).

Read-only mode is necessary during the import to ensure we get a consistent backup, and so that writes made during the transition are not lost.

Some sites may experience downtime while the server is in read-only mode (if they require writing to the database to show pages). Most sites will experience some level of degradation (e.g. can't log in to admin or edit posts).

Update 5:01pm: We have entered read-only mode.
Update 5:58pm: The backup has completed, we are now importing it into the new database server. Probably another 45 minutes or so.
Update 6:07pm: ETA 25 minutes.
Update 6:15pm: ETA 16 minutes
Update 6:25pm: Unfortunately we hit a snag during the import and have to start it over.
Update 6:29pm: ETA 37 minutes.
Update 6:40pm: ETA 21 minutes.
Update 6:46pm: ETA 10 minutes.
Update 6:56pm: Import has finished, we're now switching back into rw mode. This will involve a few seconds of downtime.
Update 6:59pm: MySQL is now available as usual. Total time in read-only mode was about two hours. Total downtime was less than a minute.

Friday, December 02, 2016

Daily print quota change 12/5-12/16

For all you who need to print out final papers, the OCF daily printing quota will be increased to 20 pages/day for RRR week and finals week this semester.

This is not a permanent change, nor have we decided yet whether to repeat this bump in future semesters. The semesterly quota is still 100 pages.

Monday, November 21, 2016

Scheduled power outage Tuesday 11/22 4am-8am

All OCF services will be unavailable for a few hours on Tuesday morning due to a scheduled power outage in the MLK Student Union. There will be no access to SSH and websites will be down for the duration.

We will be shutting down servers around 3:30am and hope to be back online by 8:30am.

There is also a chance of additional power outages until 3:00pm.

EDIT: As of 9:19am, user-facing services have been restored.