infrastructure
LOGS
19:00:00 <nirik> #startmeeting Infrastructure (2012-11-15)
19:00:00 <zodbot> Meeting started Thu Nov 15 19:00:00 2012 UTC.  The chair is nirik. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:00:00 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
19:00:01 <nirik> #meetingname infrastructure
19:00:01 <zodbot> The meeting name has been set to 'infrastructure'
19:00:01 <nirik> #topic Welcome starfighters!
19:00:01 <nirik> #chair smooge skvidal relrod ricky nirik abadger1999 lmacken dgilmore mdomsch threebean
19:00:01 <zodbot> Current chairs: abadger1999 dgilmore lmacken mdomsch nirik relrod ricky skvidal smooge threebean
19:00:10 * skvidal is here
19:00:14 <smooge> here
19:00:21 * pingou 
19:00:36 * SmootherFrOgZ waves
19:01:14 * miguelcnf yeallow
19:01:17 * relrod_school here
19:01:43 <frankly3d> lurking
19:01:50 * lmacken 
19:02:09 <nirik> ok, cool. lets go ahead and get started.
19:02:11 <nirik> #topic New folks introductions and Apprentice tasks
19:02:26 <nirik> any new folks like to introduce themselves, or any apprentices want to discuss anything?
19:02:49 <threebean> (here)
19:03:07 * samkottler is here
19:03:11 <abadger1999> óla
19:03:47 <nirik> ok, lets move along then... ;)
19:03:53 <nirik> #topic Applications status / discussion
19:04:03 <nirik> Any application/devel news this week or upcoming?
19:04:13 <pingou> I wrote some docs for fedocal
19:04:20 <skvidal> coprs work is moving along
19:04:25 <lmacken> I pushed a new bodhi bugfix release out this week.
19:04:33 <skvidal> we have code in the git repo now and I'm doing tests on the backend in euca now
19:04:50 <skvidal> hopefully slavek will have some good stuff for us next week for the front end, he's been sick :(
19:05:11 <nirik> #info docs update for fedocal - pingou
19:05:21 * relrod_school is still working on php-fas though this week has been pretty hectic school-wise, and I've been offline more than I'd like.
19:05:22 <nirik> #info coprs work is moving forward
19:05:32 <pingou> https://fedocal.readthedocs.org/en/latest/
19:05:33 <nirik> #info lmacken pushed out a bodhi bugfix update.
19:05:35 <skvidal> http://git.fedorahosted.org/cgit/copr.git
19:05:53 <nirik> skvidal: whats the frontend in? flask?
19:05:53 * jds2001 here
19:06:02 <skvidal> nirik: yep and its on openshift atm
19:06:17 <nirik> ah, ok.
19:06:17 <SmootherFrOgZ> I did work on couple defect task from FAS preparing a new release but I don't think it will hit prod before security FAD
19:06:38 <SmootherFrOgZ> there are some already pushed to master, etc
19:06:46 <nirik> SmootherFrOgZ: will you be able to help out remote on the 2 factor fas work at the fad?
19:07:07 <SmootherFrOgZ> sure, I be there remotely
19:07:11 <SmootherFrOgZ> will*
19:07:16 <nirik> excellent.
19:07:21 <threebean> I never got that zeromq3 stuff into production like I said I would last week.  Gonna wait now until the freeze is up again.
19:07:30 <nirik> fair enough.
19:07:43 <nirik> #info zeromq3 will go to production after freeze.
19:07:57 <threebean> But i released fedmsg-0.6.0 today with a bunch of goodies.  A fedmsg-announce command for admins, a fedmsg-twitter daemon, and some new authz stuff.
19:08:08 <nirik> FYI, I pushed a security update for cgit to all our cgit using hosts this morning. Thanks to lmacken for seeing it. ;)
19:08:09 <SmootherFrOgZ> ls
19:08:11 <threebean> gonna test it all out in stg in the coming weeks
19:08:33 <nirik> #info cgit update today for security issue.
19:09:01 <lmacken> .bug 870713
19:09:03 <zodbot> lmacken: Bug 870713 CVE-2012-4548 cgit: syntax-highlighting.sh command injection - https://bugzilla.redhat.com/show_bug.cgi?id=870713
19:09:04 <lmacken> (for reference)
19:09:19 <nirik> ok, any other application / development news ?
19:10:12 <nirik> lmacken / threebean: You want to mention the outreach for women internship thing? Is that mostly devel tasks?
19:10:54 <threebean> oh right.
19:11:00 <lmacken> http://gnome.org/opw
19:11:09 <lmacken> some devel, some devops tasks
19:11:20 <threebean> https://fedoraproject.org/wiki/Outreach_Program_For_Women_2013?rd=Outreach_Program_For_Women_2012
19:11:23 <nirik> cool.
19:11:32 * nirik hopes it gets some good uptake.
19:11:48 <threebean> Already got one person asking to volunteer on cleaning up the packages webapp
19:11:58 <lmacken> and fedbages
19:12:06 <threebean> cool
19:12:17 * marcdeop is sorry is late
19:12:18 <skvidal> what's a fedbage?
19:12:23 <skvidal> oh badge!
19:12:24 <skvidal> got it
19:12:25 <skvidal> sorry
19:12:36 <lmacken> sorry, tyop
19:12:52 <nirik> excellent.
19:13:10 <nirik> #info https://fedoraproject.org/wiki/Outreach_Program_For_Women_2013 program coming up.
19:13:17 * jds2001 buys lmacken some typing lessons :D
19:13:23 <nirik> #topic Sysadmin status / discussion
19:13:33 <nirik> Any exciting sysadmin news this week or upcoming?
19:13:54 <pingou> cgit update you said :)
19:14:04 <nirik> I'm considering moving collab03 to collab01/02 pair on thanksgiving. ;) It takes about 10 hours to sync...
19:14:08 <smooge> budgets
19:14:14 <skvidal> nirik: umm. seriously?
19:14:14 <nirik> and really no one should be posting on thanksgiving to lists. ;)
19:14:21 <pingou> skvidal: exciting ?
19:14:23 <skvidal> nirik: you're going to move them during a holiday?
19:14:28 <pingou> err, I meant smooge
19:14:36 <skvidal> nirik: let me know in advance so I can turn off my phone
19:14:53 <nirik> skvidal: sure, since it should just be 'start rsync, go eat and relax, change dns, profit' ?
19:15:04 <skvidal> nirik: what is the key word in your sentence there?
19:15:04 <nirik> skvidal: I'm open to ideas on how to make the sync shorter.
19:15:16 <skvidal> nirik: 'should'
19:15:17 <skvidal> :)
19:15:32 <nirik> it's 82GB of mail archives and exploded mail posts.
19:15:50 <skvidal> okie doke
19:15:57 <smooge> hmmm I wonder how long it would take to cut it to a USB key run the key to the other system and copy off :)
19:15:59 * SmootherFrOgZ notices some scripts we're using on hostedxx are not up-to-date. will take care of them
19:16:01 <nirik> sure. I guess I can do it some other time, I just thought it might be good to get out of the way then
19:16:34 <nirik> SmootherFrOgZ: oh? what scripts?
19:17:16 <SmootherFrOgZ> scripts to setup scm repo, hosted project. there are some obsolete links (such as gnome-git-mail-blalbla)
19:17:45 <nirik> smooge: yeah, I think we just keep plugging away on budgets. There's 2 outstanding things I think now... a) quote for a bc02 replacement and b) I need to talk to qa and find out how many machines they really need.
19:18:15 <nirik> SmootherFrOgZ: we never had a script to setup scm/project. ;) Or you mean the one that adds trac? relrod was working on a app to make hosted projects.
19:18:42 <SmootherFrOgZ> ha, cool then.
19:19:00 <SmootherFrOgZ> well, we did use script one time.
19:20:06 <nirik> a script/app would be great... if you want to check with relrod you can help work on it I'm sure. ;)
19:20:26 <SmootherFrOgZ> like, gitsetup.sh (kinda old)
19:20:42 <SmootherFrOgZ> sure thing.
19:20:44 <threebean> https://fedorahosted.org/fedorahosted/
19:20:44 <pingou> https://github.com/CodeBlock/fedorahosted
19:21:00 <nirik> :)
19:21:21 <relrod_school> yep ^ that has both the flask app and the CLI to it.
19:22:07 <nirik> any other sysadmin news? We do have a few new machines on the way (hopefully)... a pair to replace sign-vault02 with (we have had hardware problems with it in the past), and a virthost. Also, at some point we will be getting some arm secondary arch stuff to add to the qa/community network.
19:22:36 * relrod_school sighs and just noticed a spam ticket on that fedorahosted/fedorahosted trac.
19:23:01 <nirik> #topic Private Cloud status update
19:23:17 <nirik> ok, so I decided to try cloudstack on our evens cloudlet this week...
19:23:17 <skvidal> euca cloudlet has a number of active instances on it
19:23:21 <skvidal> sorry
19:23:23 <skvidal> go ahead
19:23:45 <nirik> it's setup, but network is not working. I am exchanging emails with some cloudstack folks to try and track down the issue.
19:24:20 <nirik> I'll give it until next week, then probibly redo openstack on it...
19:24:28 <nirik> or just decide to drop it all into euca and get further on toward production.
19:24:35 <skvidal> nirik: so here's an idea
19:24:49 <skvidal> nirik: what if you setup euca on the evens cloudlet?
19:24:57 <skvidal> nirik: and compared the setup
19:25:06 <skvidal> nirik: also as a verification of what I setup on the odds?
19:25:06 <nirik> as a seperate instance/cloud?
19:25:13 <nirik> sure, could do that.
19:25:24 <skvidal> is there any thing in folsom
19:25:30 <skvidal> which is lacking for us to take that to production?
19:25:37 <skvidal> vlans?
19:25:46 <nirik> yeah, I need to mess with the new networking/vlans.
19:25:56 <skvidal> that's cinder, right?
19:26:04 <nirik> quantum. ;)
19:26:08 <skvidal> ah, sorry
19:26:10 <skvidal> what's cinder?
19:26:13 <nirik> cinder is the new storage thingie.
19:26:20 <skvidal> ah - sorry
19:26:28 <skvidal> I get the names confused
19:26:28 <nirik> no worries, there's too many codenames. ;)
19:27:01 <smooge> and they will change next release too
19:27:03 <skvidal> so if you'd rather not setup euca - then alternatively more openstack testing and enhancing for what we would need to do to make it production
19:27:17 <skvidal> the reason I was thinking of the euca setup
19:27:27 <skvidal> is to maybe spend more time on bfebs
19:27:30 <nirik> I kinda like the idea of diversity, and I think openstack will work for our production needs with some more work
19:27:38 <skvidal> sounds fair
19:28:00 <skvidal> speaking of production.
19:28:11 <skvidal> is there anyone who needs more instructions/help for using the euca cloudlet?
19:28:20 <skvidal> or for setting up an instance?
19:28:28 <skvidal> I know I have to reconnect with pingou
19:28:30 <skvidal> on the jenkins master
19:28:47 <skvidal> and to making fedocal a persistent ip
19:29:09 <nirik> I should make a persistent one just for grins to make sure, but I thought it looked pretty easy
19:29:09 * pingou likes
19:29:27 <SmootherFrOgZ> skvidal: we're using ansible to deal with new instance, right?
19:29:33 * herlo likes too
19:29:41 <nirik> so, do we want to discuss any of https://fedoraproject.org/wiki/Infrastructure_private_cloud#Moving_to_.22production.22
19:29:42 <smooge> I still need to go through the instructions you put out. I have it at #5 on my todo list
19:29:54 <skvidal> SmootherFrOgZ: we are
19:30:14 <skvidal> SmootherFrOgZ: and I've written instructions on doing that on an adhoc basis in the ansible repo
19:30:25 <skvidal> if anyone wants a relatively trivial programming task
19:30:36 <skvidal> the cron-runner for ansible needs to be fleshed out
19:30:37 <abadger1999> skvidal: Are there instructions/do we have persistent storage for our euca cloud?
19:30:41 <skvidal> so it will handle playbooks nicely
19:30:41 <SmootherFrOgZ> nod. anyone from syadmin has acces to it or?
19:30:43 <skvidal> abadger1999: I believe so.
19:30:45 <SmootherFrOgZ> skvidal: awesome
19:30:47 <abadger1999> Cool.
19:30:52 <skvidal> abadger1999: let me verify
19:31:01 <SmootherFrOgZ> nirik: we can
19:31:07 <abadger1999> skvidal: I'll look for it later to setup an elections dev box for fchiulli
19:31:29 <pingou> abadger1999: I had flask elections running on the fedocal box at some point
19:31:34 <skvidal> abadger1999: so.... okay - the instructions are in the euca notes - but not in the ansible repo
19:31:46 <pingou> abadger1999: I can do that again (unless you want to play w/ ansible of course :))
19:31:47 <skvidal> abadger1999: I will augment them with the proper sudo-ish ness etc
19:31:59 <skvidal> abadger1999: and an example of auto-attaching drives is in the copr-be playbook
19:32:07 <abadger1999> skvidal: Thanks!
19:32:19 <abadger1999> pingou: I want to play with ansible :-)
19:32:30 <pingou> abadger1999: fair enough :)
19:33:44 <nirik> skvidal: so, say I setup openstack again and get it to where euca2ools work against it nicely (which I already did have last time I set it up :) how do we determine which cloudlet we should run something on? random? based on capacity?
19:34:04 <skvidal> nirik: sure...
19:34:13 <skvidal> nirik: we could make any sort of arbitrary rule
19:34:25 <skvidal> we could make euca disposable-instances - using instance-backed
19:34:36 <skvidal> and openstack persistent instances - using volume-backed
19:34:43 <skvidal> or we could make them based on projects or users?
19:34:55 <skvidal> nirik: I'm open to whatever
19:34:58 <nirik> ok. just something to think about, we don't need to decide right away.
19:35:02 <skvidal> and if we decide we don't need diversity anymore
19:35:11 <skvidal> I'm also fine with just reducing us down to a single cloud software
19:35:25 <nirik> yeah, that also has some advantages sure.
19:35:31 <SmootherFrOgZ> +1
19:35:33 <skvidal> afaict the code I've written for ansible or the euca2ools is portable to both cloud instances
19:35:40 <skvidal> so it shouldn't require any porting
19:35:51 <skvidal> important words of note here
19:35:55 <skvidal> 'SHOULD NOT'
19:35:58 <skvidal> doesn't mean it won't ;)
19:36:14 <skvidal> but I've tried to be careful to not rely on any specific apis
19:36:24 <nirik> yeah, I think it should just be plug and play.
19:36:36 <nirik> but we will surely have to see what the world has in store for us
19:36:37 <skvidal> if, however, we opt to go to openstack wholey
19:36:46 <skvidal> then I'd think moving to nova-client and the api might be helpful
19:37:01 <skvidal> I've done some work against nova's client too - and it's not complicated to code against
19:37:38 <nirik> yeah, might give us better/different info.
19:37:49 <nirik> but we can burn that cloud when we come to it.
19:38:05 <nirik> any other cloud news/comments/ideas?
19:38:09 <skvidal> nirik: :)
19:38:28 <skvidal> nirik: one more comment
19:38:47 <skvidal> a good reason to stick with ec2-compat api is that as of right now fedora/red hat doesn't have a rax account
19:38:55 <skvidal> so if we ever wanted to move to public cloud for any reason
19:39:01 <nirik> yeah, good point.
19:39:02 <skvidal> and we were bound up in openstack's api
19:39:07 <skvidal> it would be difficult
19:39:23 <skvidal> that's all I had
19:39:36 <nirik> ok.
19:39:38 <nirik> #topic Security FAD update
19:39:48 <nirik> FAD is coming up soonly.
19:39:57 <nirik> any more planning or prelim stuff we can get done before then?
19:40:13 <abadger1999> the fas prelim could definitely use more work.
19:40:35 <abadger1999> I haven't had time in the past week but I'll see if I can do something if no one else does.
19:40:51 <skvidal> abadger1999: what sort of prelim do we need?
19:41:06 <nirik> https://fedoraproject.org/wiki/FAD_Infrastructure_Security_2012/FAS_plan
19:41:13 <abadger1999> Just making the https://fedoraproject.org/wiki/FAD_Infrastructure_Security_2012/FAS_plan   more organized, broken down.
19:41:25 <skvidal> ah
19:41:35 <abadger1999> make some separate solid tasks that we can hand to different people independently.
19:41:37 <abadger1999> things like that.
19:41:38 <smooge> People going should start making blog posts about it starting next week
19:41:54 <smooge> I will be emailing reminders about that today
19:42:55 <nirik> yeah, I figure we get setup, we appoint/find someone to be IRC interface for remote folks, we do a bit of overview from mricon / others, we discuss policy decisions, then perhaps break into smaller teams... implement the pam side, the fas side, packaging if we need any, docs, etc.
19:43:09 <nirik> we can implement in stg first.
19:43:35 <nirik> also, beta release is scheduled for that morning, so we need to make sure we keep watch on that.
19:43:47 <smooge> I figure I could do those parts
19:43:52 <skvidal> abadger1999: are we planning on doing it against staging first - or do we want to dummy-up some systems in the cloudlets?
19:43:59 <smooge> an eye and IRC interface
19:44:02 <nirik> do we have idea on airport->hotel transport?
19:44:14 <abadger1999> I'd be fine doing it against staging.
19:44:22 <abadger1999> all te people that normally touch stg will be there I think.
19:44:32 <abadger1999> so it's okay if we make that environment unusable.
19:44:41 <smooge> nirik, as much as I would like ot believe we will be out of freeze that morning... I expect staging will be frozen
19:44:50 <nirik> well, threebean and lmacken won't be... but hopefully we will not disrupt them too much.
19:45:04 <nirik> smooge: staging is never frozen. ;)
19:45:04 <skvidal> nirik: it looks like it is only a few pickups
19:45:16 <nirik> but yeah, we could well slip again...
19:45:18 <abadger1999> dummying up systems always has the problem of "where do we get our fake data"?
19:45:21 <nirik> we will just see and handle it...
19:45:37 <abadger1999> since it's fas and we want to protect the production data a little better.
19:45:42 <skvidal> nirik: I'll be adding everyone's flight to my calendar and I'll see about making it all work :)
19:46:09 * skvidal wonders if nb went out of his way to find an inconvenient flight
19:46:14 <skvidal> 9:45am :(
19:46:16 <nirik> skvidal: cool. I think smooge will be there with car too?
19:46:20 <smooge> nirik, about travel.. I plan to drive up and be in RDU by noon on Monday to get my ID and such.
19:46:48 <nirik> oh, do we want to assign roomies? or just do it as people arrive/checkin?
19:46:49 <smooge> I can get there earlier if needed but it is a 4->5 hour drive from SC to RDU
19:47:03 <skvidal> herlo: when are you getting in?
19:47:28 <skvidal> nirik: I think I can just ferry people  from the airport w/o too much trouble starting around 2 or so on monday
19:47:38 <nirik> skvidal: ok, great!
19:47:45 <abadger1999> I get in late so I should either room with a heavy sleeper or someone who plans on staying up late despite jet lag :-)
19:47:46 <skvidal> eunice won't need the car on monday anyway, I don't think
19:47:49 <nirik> #info skvidal to pick up folks from airport.
19:48:07 <skvidal> I'll just email everyone directly
19:48:14 <skvidal> and confirm times and if they are not planning on renting a car
19:48:16 <abadger1999> Will we need more cars on thursday to ferry people back to the airport?
19:48:32 <nirik> abadger1999: I'm a deep sleeper, but I snore... (or so I have been told, I'm asleep at the time)
19:48:33 <skvidal> which hotel is it again?
19:49:19 <nirik> Marriott ?
19:49:22 <skvidal> the Raleigh MArriott
19:49:25 * skvidal calls them
19:49:32 <SmootherFrOgZ> what's time should we jump in for remote people?
19:50:09 <abadger1999> I was going to rent a car on thursday... Could go in with the first airport trip and rent one if we need more vehicles.. otherwise I'll go in with the last trip and just leave town from RDU.
19:50:10 <nirik> SmootherFrOgZ: I'd say we can hang out in #fedora-fad anytime starting monday ?
19:51:02 <nirik> (not this coming monday, the one after)
19:51:08 <SmootherFrOgZ> k.
19:51:14 <SmootherFrOgZ> yeah, i know
19:51:17 <skvidal> so thursday will need to be orchestrated a bit
19:51:29 <skvidal> and I think some people will need to find their own way back to the airport
19:51:31 * SmootherFrOgZ will have time to do to gym :)
19:51:34 <SmootherFrOgZ> go*
19:52:47 <nirik> ok, I'm sure we will figure it out. ;)
19:52:54 <smooge> I figured I would be ferrying people on Thursday
19:52:55 <nirik> anything else on fad planning?
19:53:47 <nirik> #topic Upcoming Tasks/Items
19:53:49 <relrod_school> abadger1999: poke me next week sometime and I'll help with organizing the FAS Plan
19:54:04 <nirik> infodump ahead:
19:54:06 <nirik> #info 2012-11-13 to 2012-11-27 F18 Beta Freeze
19:54:06 <nirik> #info 2012-11-20 FY2014 budget due
19:54:06 <nirik> #info 2012-11-27 F18 Beta release
19:54:06 <nirik> #info 2012-11-22 to 2012-11-23 Thanksgiving holiday
19:54:06 <nirik> #info 2012-11-26 to 2012-11-29 Security FAD
19:54:07 <nirik> #info 2012-12-18 to 2013-01-08 F18 Final Freeze
19:54:08 <abadger1999> relrod_school: Cool.  Will do
19:54:09 <nirik> #info 2012-11-30 end of 3nd quarter
19:54:11 <nirik> #info 2012-12-01 nag fi-apprentices
19:54:13 <nirik> #info 2012-12-24 to 2013-01-01 Red Hat Shutdown for holidays.
19:54:15 <nirik> #info 2013-01-08 F18 release.
19:54:17 <nirik> #info 2013-01-18 to 2013-01-20 FUDCON Lawrence
19:54:19 <nirik> anything else we need to schedule or note?
19:54:29 <nirik> oh yeah, I need to add the phx2 outage on dec 15th
19:55:06 <nirik> they are saying it should be 5min or so now of outage.
19:55:22 <nirik> so, not a big deal, but we should have a longer window and be ready in case it goes long
19:56:00 <nirik> also, need to schedule the collab move if I am going to do that...
19:56:19 <relrod_school> should just be a matter of shut up nagios and pull phx from dns for that block of time, right? Or are there other things to do to prepare for that?
19:56:55 <nirik> relrod_school: yeah for a short outage... longer term we might need to copy off wiki data or setup a fas db somewhere or other more difficult things.
19:57:04 <smooge> well I would just shut up nagios. Pulling phx out of dns is not easy since everything kind of talks to it
19:57:18 <nirik> well, we can pull proxy01 out so it gets no direct hits.
19:57:28 <relrod_school> smooge: yeah, just from the roundrobin rotation
19:57:50 <nirik> anyhow, if it's just 5min it won't be too big a deal.
19:57:50 * LoKoMurdoK here
19:57:57 <relrod_school> cool.
19:58:26 <nirik> ok, any more scheduling stuff?
19:58:35 <nirik> #topic Open Floor
19:58:36 <smooge> not fo rme
19:58:42 <nirik> anything for lovely open floor?
19:58:43 * pingou will be there in Lawrence
19:58:51 <abadger1999> pingou: yay!
19:58:58 <pingou> abadger1999: yup :)
19:58:58 <nirik> excellent. :)
19:59:16 <pingou> SmootherFrOgZ: as well, but you already know him :)
20:00:43 <nirik> after holidays we should make sure there's no infra stuff we need to do for fudcon... ie, help with streaming or whatever
20:00:55 <nirik> anyhow, thanks for coming everyone!
20:00:59 <nirik> #endmeeting