Talk:2012 Developer budget
£20/hr for a sysadmin sounds like a lot. That equates to a FTE salary of about £40k. I know you pay a premium for part-time, especially with unpredictable hours, but are sysadmins really that expensive? It's not like we need someone with lots of experience, they would just be running a couple of servers for us. I've always felt that getting a full-time general tech person is the way to go. That way you always have someone when you need them and they can easily do quick tech jobs for any initiatives that need them (eg. need a quick website throwing together, need some AV equipment set up for an event, etc.). They can do mediawiki development in any spare time, so they wouldn't be sitting around twiddling their thumbs. You don't need to have all that much more than 10 hours a week before it becomes cheaper to go full-time, especially if you're ending up with more than one person (remember, things like payroll and other HR costs tend to be fixed per person, rather than per hour worked). --Tango 00:17, 9 January 2012 (UTC)
- I really don't know the answer here - I don't have much experience with wages for sysadmins (I've only been one on a volunteer basis), hence why I've put down a range of hourly rates rather than a specific value, at the contractor's rate that I gather is reasonable based on my understanding of the sector. I'm sure that others have a better understanding of the hourly rates here than myself - so please help us out here (ideally with links to examples for other organisations)!
- I'm strongly against having a single person hired full time to cover general tech issues, though. As someone that is engaged with technology at a high level on a day-to-day basis I'm unconvinced that a single person would be able to cover all of the problems that we will be facing over the next few years (I know that I couldn't cover them all as much as would be needed, and I view myself as being a jack-of-all-trades person). Hence why I would like us to be engaging a larger number of individuals that can tackle the various different issues. I would also like to see us using volunteers wherever possible here, and I think having a full-time staff member would be rather counter-productive there.
- But I'd really like to see an active discussion about these issues, since I don't think they've taken place at all for any Wikimedia chapter thus far (if they have, please share a link to that discussion!), let alone for WMUK yet. If that can take place here, then that would be absolutely fantastic. :-) Thanks. Mike Peel 01:36, 9 January 2012 (UTC)
- One of the main advantages of staff over volunteers is that they are more reliable. You have to be very flexible with volunteers and let them help out how they want and when they want. It's difficult to get a volunteer to do exactly what you need exactly when you need it, particularly at short notice. With staff, there's no problem there at all. I think that is particularly significant with technology (especially sysadmin work). Technology problems tend to need to be solved quickly and you can't afford to spend ages asking around to see if anyone feels like helping out on that particular issue and whether they might, please, be able to do it sometime today. If you have a full-time staff member sitting in the office, you can get them to fix it within the hour. You can get the same thing with a part-time contractor, but you will end up paying them a lot because they have to be on-call all the time even through they are only doing a few hours a week of actual work for you. With full-time staff, you don't have to pay extra for that because its just other work for you that they have to put to one side in order to fix the problem. We also haven't had a great deal of success in the past with volunteer tech work. For Britain Loves Wikipedia you had to put together the website yourself, which resulted in it having the bare minimum of functionality and looking very primitive because you didn't have time to do anything more. For the recent fundraiser, we never did get that API for direct debits. For a lot of other things, we have managed quite well, but at the expense of you not being able to do other work because you were having to do them yourself. So, volunteers doesn't really work, part-time contractors would be extremely expensive, so you are left with getting one person full-time. I think you could find a suitable jack-of-all-trades. It might make sense to hire additional tech staff in a year or two, so you don't necessarily need to find someone that you think can meet all our foreseeable needs for the next several years (eg. get a decent developer now that can also do some basic sysadmin work [our sysadmin needs are only basic at the moment] and then in a year or two hire someone else that can do the sysadmin work and can also handle the office IT for the office that will probably be large enough to need some decent IT support by then). --Tango 16:30, 12 January 2012 (UTC)
I will admit that a lot of this reads like witchcraft to me but I want to say a big thanks to Mike for pulling all this together. I hope we can find solutions and it would be great if they come from within the community either as a contractor(s) or a sympathetic consultancy. From my point of view I need someone/an organisation that responds as quickly as possible to emergencies, offer security of supply and data and will understand normal English especially when I am sobbing.
Jon Davies WMUK 11:45, 13 January 2012 (UTC)
£20/hr for a sysadmin sounds like a lot.; don't forget, contractors will afford higher rates than normal. I do sysadmin contracting and my rate (if just doing sysadmin) is anything from £45 to £70 and hour. £20 is low - but you'd get some younger types doing it (if your stuck I'll do it for £10/hr to cover cost :)).
Your security review/pen testing will cost a substantial packet; bottom line market rate there is at least £80/hr for a consultant. I haven't done much pen testing (which used to be my job) for the last year or so - but at a rough guess you'd probably need to budget around £5K for a full review.
As mentioned; I've done contract work for much of the things listed on the page so if you need any help figuring it out then feel free to ping me. --ErrantX 00:00, 15 January 2012 (UTC)
Mirror Server
I'm interested in the reasoning behind having a dedicated server as the mirror in this day and age. It's vulnerable, non-portable and costly. You'd be better off using something like Amazon web services or Gandi for everything (so it can be scaled as needed) and just host the mirror in another availability zone. There might be another reasoning behind it though. --ErrantX 00:07, 15 January 2012 (UTC)
- I have to admit that I'm a bit out of date on this issue (my knowledge dates from a couple of years ago), so many thanks for commenting on this. My understanding is that having a physical server is more reliable in the long run than AWS (since we would control it rather than relying on a third party), that if it's fully utilized then it would be more cost-effective than using a third party server (less overheads), and that it provides an extra layer of redundancy (should AWS go down for whatever reason, then it means that this info is still available). I gather that AWS already hosts a backup of Wikipedia (see e.g. [1]), so there wouldn't be much benefit to us providing a second copy - but if it doesn't already provide one then that would indeed seem like a better first step than providing a dedicated server.
- I'm not familiar with Gandi - can you provide more info on what they can provide, please?
- Thanks. Mike Peel 00:28, 15 January 2012 (UTC)
- Oh right I see - so by dedicated you mean purchasing an actual physical server? Where would it be hosted - at the office or with a third party? Realistically a dedicated box is quite a failure point compared to a VPS on a cloud system like AWS. If you have a hardware error that is it. With a VPS the host simply migrates it (usually without you even noticing an issue :)). So if the concern is using more than one host; I'd just have a VPS with someone else. One advantage with AWS is that they use "availability zones" - which essentially means "different data centres" - so you can effect redundancy like that if required. One problem with hosting a dedicated machine elsewhere is that you have issues with getting data between servers in a secure/reliable/cheap way. What makes AWS a good choice is that you have cheap internal communications between servers. Finally, realistically, you won't utilise even a portion of a server of the spec you mention (assuming by "mirror" you mean a full backup of data/code ready to take over if something goes radically down). For example; the project I just deployed at work (cloud-based software product with ~100K or so users) is run off a single ore commodity VPS with 512MB RAM and 20GB disk space and mirrored to a 256MB similar instance (one great thing about cloud VPS's is that I can up the mirror to 512MB if it needs to go into production with minimal interference). Obviously your needs are probably higher (esp. in terms of disk space), but often a full server is overkill in expense. I don't know much about your exact needs apart from whats on the page, so I could well be off with some of the figures etc.
- Gandi is a great host, that I use for work and personal use. www.gandi.net (they are French, so...). Cheap simple VPS's from about £10/month. They also have a new "simple hosting" thing which is basically edge hosting (the sysadmin work you wouldn't have to worry about). For simple PHP/MySQL sites it's a decent price. AWS, to my mind, is more what you'd want in this case - but Gandi is a good alternative for, say, a mirror.
- This is just my thoughts, take it with a much salt as you like :) we all have our (perfectly reasonable) preferences in terms of "what to do". --ErrantX 00:46, 15 January 2012 (UTC)
Developer roles
To build on my comments on the WMUK mailing list, I've thrown together a brief collection of roles (from this page & talk) that this hire seems needed to fulfill. The aim is to try and show that you're not going to find someone capable of all these things, and any decent candidate will lack many. (note for non-technical readers; I've tried to identify things that would require a specific skill set; so although the term "developer" might apply to, say, working on QRpedia and working on the fundraising payments, the latter does require specific skillsets [which I found out once to my chagrin])
- Codemonkey/PHP grunt (i.e. anything involving basic coding)
- Payment processing
- Software tech support
- Hardware tech support
- AV (see Tango's comments above)
- Office security
- Server security review (this, in particular, is a speciality)
- Sysadmin the servers
- SSL
- Project management
- Community advocacy
This is a very diverse skill set- and to perhaps put it into context it would be akin to hiring someone in a McDonald's restaurant for the job of taking orders, cooking them, and also managing the restaurant when they get time - all on minimum wage. To give you an idea of current conservative (London) market rates:
- Qualified sysadmin starting salary ~£22-24K
- Graduate developer or otherwise qualified engineer ~£23-27K
- Project manager starter salary ~£32-37K
- Experience PM & developer ~£40K <-- this is essentially the role you are describing.
For the current budget you'll be looking at someone with probable experience in one area of these requirements (dev, sysadmin, PM) who is an enthusiastic amateur in the other areas.
A lead community team has a number of benefits. You could hire a community liaison for ~£20K (if not less!) with the requisite of having technical experience. That leaves a good £9K for specific contract works and things like paying for hack days. etc. I suspect I am not going to prevail in this case - but if serious consideration were to be given to this approach I don't mind working up a specific list of projects and requirements and budgeting the rough costs for contracting it out. --ErrantX (talk) 15:02, 18 June 2012 (UTC)