13:03:32 <mmaslano> #startmeeting Env and Stacks (2014-09-30) 13:03:32 <zodbot> Meeting started Tue Sep 30 13:03:32 2014 UTC. The chair is mmaslano. Information about MeetBot at http://wiki.debian.org/MeetBot. 13:03:32 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic. 13:03:38 <mmaslano> #meetingname env-and-stacks 13:03:38 <zodbot> The meeting name has been set to 'env-and-stacks' 13:03:51 <mmaslano> #chair pkovar tjanez samkottler bkabrda hhorak juhp mmaslano vpavlin sicampbell ncoghlan 13:03:51 <zodbot> Current chairs: bkabrda hhorak juhp mmaslano ncoghlan pkovar samkottler sicampbell tjanez vpavlin 13:04:01 <mmaslano> #topic init process 13:04:08 <juhp_> hi 13:04:14 <bkabrda> hi 13:04:33 <ncoghlan> evening 13:05:00 <mmaslano> bkabrda: let's start with Koschei recommendation 13:05:04 <mmaslano> right? 13:05:07 <bkabrda> yep 13:05:14 <mmaslano> #topic recommendation of Koschei 13:05:29 <mmaslano> you didn't like wording from last week, so what would you prefer? 13:07:05 <bkabrda> mmaslano: sth. like "Env & Stacks WG recommends all Fedora packagers to use Koschei as means of tracking build failures on dependency updates" (although maybe that should be phrased by a native speaker, not sure this is absolutely ok ;)) 13:07:53 <mmaslano> sure why not, but such recommendation are like guidelines :) we have hundreds of them 13:08:11 <juhp_> sounds okay to me - dunno if "all" is too strong maybe? 13:08:22 <bkabrda> mmaslano: my idea was just about saying something more specific than "good idea", which was in the original proposal 13:08:42 <mmaslano> okay 13:08:45 <bkabrda> juhp_: we can omit "all" and it will sound just as good :) 13:08:51 <juhp_> yes 13:08:59 <juhp_> or better even :) 13:09:11 <mmaslano> #info Env & Stacks WG recommends Fedora packagers to use Koschei as means of tracking build failures on dependency updates 13:09:11 <ncoghlan> bkabrda: I think what may not have come across was that we weren't entirely convinced Koschei was baked enough yet to recommend it unreservedly 13:09:30 <ncoghlan> in particular, adding packages is still fairly manual 13:10:05 <ncoghlan> I think ^^^ recommendation is the recommendation we *want* to be able to make 13:10:13 <bkabrda> ncoghlan: that is true, however we're recommending the idea of the tool, not the tool in its current form, IIUC 13:10:43 <ncoghlan> perhaps something more like this: 13:11:13 <ncoghlan> Env & Stacks WG recommends adopting Koschei as the recommended means of tracking build failures on dependency updates 13:11:36 <ncoghlan> that blesses Koschei, without actively directing packagers to use it yet 13:11:45 <bkabrda> ncoghlan: good wording! I'm +1 for that 13:12:08 <mmaslano> +1 13:12:10 <mmaslano> #undo 13:12:10 <zodbot> Removing item from minutes: INFO by mmaslano at 13:09:11 : Env & Stacks WG recommends Fedora packagers to use Koschei as means of tracking build failures on dependency updates 13:12:12 <juhp_> +1 13:12:18 <vpavlin> +1 13:12:29 <hhorak> +1 13:12:36 <mmaslano> um I can't vote anyway, when I gave my vote to ncoghlan 13:12:41 <ncoghlan> +1 13:12:45 <pingou> Env & Stacks WG advices adopting Koschei as the recommended means of tracking build failures on dependency updates # to avoid repeating recommend 13:13:02 * pingou nitpicks 13:13:48 <ncoghlan> Env & Stacks WG recommends adopting Koschei as the suggested means of tracking build failures on dependency updates # perhaps? 13:14:05 <pingou> even better :) 13:14:07 <juhp_> okay 13:14:19 <bkabrda> pingou: good catch :) although the last proposal from ncoghlan sounds the best to me 13:14:20 <mmaslano> ncoghlan: pick something what make sense. You are the only native speaker :) 13:14:28 * vpavlin is for ncoghlan's version as it states this is a recommendation 13:15:05 <ncoghlan> aye, the repeated recommends was a good catch, but I think it's better to replace the second occurence 13:15:22 <juhp_> yea agree 13:15:23 <bkabrda> ncoghlan: +1 to last nick's proposal 13:15:40 <hhorak> still +1 13:16:10 <juhp_> another alternative would be s/suggested/default/ 13:16:24 <juhp_> but ncoghlan is fine for me 13:17:01 <ncoghlan> it may be the default some day, but I think it's still only a suggestion at this point 13:17:09 <mmaslano> #agreed Env & Stacks WG recommends adopting Koschei as the suggested means of tracking build failures on dependency updates 13:17:20 <juhp_> that's true probably needs more use first 13:18:09 <juhp_> good 13:18:44 <mmaslano> #topic conda - everyone should look at it 13:19:04 <mmaslano> honestly I skipped that because I spoke to bkabrda about it and he didn' persuade me it's cure for everything 13:19:08 <hhorak> bkabrda: anyway, fedoraproject wiki is silent about koschei (https://fedoraproject.org/wiki/Special:Search?search=koschei); do you happen to know if koschei guys plan to prepare some cookbook for koschei? I would rather wait with publishing the "recommendation" until we have some info about it... 13:19:16 <mmaslano> #undo 13:19:16 <zodbot> Removing item from minutes: <MeetBot.items.Topic object at 0x27f15f10> 13:19:28 <ncoghlan> yeah, conda isn't the cure for everything 13:19:39 <mmaslano> hhorak: I asked two weeks ago and it's in todo list 13:19:47 <mmaslano> hhorak: now they are trying to move it to fedora-infra 13:19:55 <ncoghlan> it has some interesting ideas though, specifically with its focus on user level installs 13:20:00 <bkabrda> (hhorak: I'm not koschei developer, I was only asked by koschei developers to promote it. but yeah, I'll ask them to write some docs on fedora wiki) 13:20:31 <mmaslano> #action bkabrda -> koschei developers should write about Koschei on Fedora wiki 13:20:35 <mmaslano> #topic conda - everyone should look at it 13:20:49 <hhorak> bkabrda: thanks 13:21:14 <ncoghlan> I probably should have sent a mail through to the list regarding the aspects of conda that I find interesting 13:21:46 <ncoghlan> the two primary ones are: 13:21:54 <mmaslano> bkabrda: i didn't remember those downsides of conda, but it wasn't very useful for our usecases, right? 13:21:57 <ncoghlan> 1. user level installs by default 13:22:14 <ncoghlan> 2. virtual environments by default 13:22:34 <ncoghlan> oh, and one I forgot: cross platform, so it works on Mac OS X and Windows 13:22:54 <juhp_> ncoghlan, what is 2? 13:23:10 <juhp_> not sandboxing? 13:23:11 <ncoghlan> that last one in particular makes it potentially relevant to Java, Python, et al packaging in a way that an RPM-based solution isn't 13:23:29 <ncoghlan> juhp_: no, more like what you get with Python or Ruby environments 13:24:05 <bkabrda> mmaslano: it's a bit hacky (doing binary replace of builtin RPATHs during installation) and I'm unsure how it would handle e.g. cross-environment dependencies or stuff like systemd units, etc. also, it doesn't track installed environments, so there is no global "yum update"... and more 13:24:09 <ncoghlan> adjusting environment variables and language runtime settings to look in the active environment, rather than at the whole system 13:24:43 <ncoghlan> bkabrda: right, it wouldn't work for things like *services* 13:24:54 <juhp_> ncoghlan, okay thanks 13:25:11 <ncoghlan> but for components loaded by a service, or for pure user space applications, it has a lot to recommend it 13:25:38 <ncoghlan> the original use case Continuum Analytics built it for was data analyst working environments 13:27:15 <ncoghlan> the interest thing about it from my perspective is that it can give you dependency management that works on Windows and other non-RPM environments 13:27:29 <juhp_> it sounds a bit like Haskell's cabal-install but that probably doesn't help many here... 13:27:44 <ncoghlan> and one of the ongoing challenges with cross-platform language devs is getting them interested in platform specific installers 13:28:14 <ncoghlan> while multi-language platform devs are generally less in interested in *language* specific installers 13:28:40 <ncoghlan> conda ends up being a "cross-platform platform" that you can use without admin rights on your machine 13:29:39 <ncoghlan> it certainly has some *very* rough edges, but it's also something I don't think we've really had before 13:30:44 <ncoghlan> I don't think it's a replacement for software collections, but I do think it may be interesting for some cases neither SCLs nor language specific tools handle well 13:30:44 <juhp_> can it be packaged? :) 13:30:55 <mmaslano> ncoghlan: do you have some general recommendation (pros,cons)? 13:31:02 <ncoghlan> it's pip installable already, so probably 13:31:09 <juhp_> cool 13:31:31 <ncoghlan> at this point, I think it's still in "this is potentially interesting" territory 13:32:33 <ncoghlan> near term, looking at things like devpi seems more important 13:33:05 <ncoghlan> I also came across https://github.com/christian-posta/ceposta-devops-ose/blob/master/docs/demo.md 13:33:19 <ncoghlan> which pretty much describes the kind of workflow I'm also aiming for 13:34:24 <ncoghlan> although Christian uses a Java example, there are fairly direct mappings to other languages, like swapping out Nexus for devpi 13:34:53 <mmaslano> this WG should aim on all languages. This seems to be working only on small part of them 13:35:04 <mmaslano> maybe python-devel would be more appropriate audience 13:35:23 <ncoghlan> mmaslano: it's more on the "stacks" side of things 13:35:47 <ncoghlan> the language communities build language specific tools for reasons that actually make sense 13:36:07 <mmaslano> I don't think we have manpower to work on everything. vpavlin proposal sounds like more doable in short time 13:36:32 <ncoghlan> what was vpavlin's proposal? 13:36:49 <mmaslano> it wasn't proposal but pointer to http://blog.docker.com/2014/09/docker-hub-official-repos-announcing-language-stacks/ 13:36:54 <mmaslano> #url http://blog.docker.com/2014/09/docker-hub-official-repos-announcing-language-stacks/ 13:37:15 <ncoghlan> ah, no, that doesn't solve the problem 13:37:47 <vpavlin> What is the problem we are trying to solve with conda? 13:37:50 <ncoghlan> it just changes it from a "how do we deploy the software?" question to a "how do we define the image?" question 13:38:00 <mmaslano> yes, maybe we should start with what's the problem 13:38:57 <ncoghlan> for me, the problem I'm trying to solve is sustaining engineering of Java, Python, Perl and Ruby web services in a corporate development environment 13:39:16 <ncoghlan> the model in Christian's post is basically perfect for that 13:39:27 <ncoghlan> with language specific artefact repos 13:39:50 <ncoghlan> and an underlying common RHEL/RHSCL/OpenShift infrastructure layer 13:39:53 <vpavlin> Ok, then there are 2 problems - sustaining engineering and how to make it easy for developers to get from idea to writing the code:) 13:41:10 <ncoghlan> I look at it a bit differently: my aim is to allow development and operations to work together to provide a compelling service to their users 13:41:57 <hhorak> yeah, I think we can solve both problems vpavlin mentioned separately, but we cannot solve it together with one solution, which is the problem 13:42:39 <ncoghlan> I don't think it needs to be a problem though, that's where the "handover of responsibility" in the CI/CD pipeline comes in 13:42:56 <ncoghlan> providing the RHEL/RHSCL/OpenShift layer = operations problem 13:43:28 <ncoghlan> the layer above that, the actual custom applications and their immediate dependencies = development problem 13:44:09 <mmaslano> nothing against devops problems, but in Fedora WGs we should focus also on fedora use-cases 13:44:14 <mmaslano> which are missing above 13:44:52 <mmaslano> I guess images could solve both problems too. We would have image for development and for deployment 13:45:23 <ncoghlan> images are more a scalability thing than anything else 13:45:42 <vpavlin> ncoghlan: Not really..it's also an environment for developers 13:45:55 <ncoghlan> the things you need to deploy into a VM are the same things you need to build an image in the first place 13:47:06 <ncoghlan> base platform, language runtime, dependencies, custom code 13:47:36 <ncoghlan> in terms of ensuring things are relevant to Fedora itself, that's where I think the 3-phase review model comes in 13:48:42 <ncoghlan> since artefact repositories like Nexus (java) and devpi (Python) are useful not only for developers, but also as the first gate in package review 13:48:52 <juhp_> ncoghlan, can't an image also provide the base, runtime, and most of dependencies? 13:48:55 <ncoghlan> even before reaching Fedora Playground/COPR 13:49:13 <ncoghlan> juhp_: yes, but how do you define what goes into the image in the first place? 13:49:44 <ncoghlan> downloading a random image of the internet doesn't make any more sense than downloading random Windows executables or source tarballs and running them 13:50:05 <juhp_> ncoghlan, but if we had Fedora Stacks images say :) 13:51:00 <mmaslano> until now I heard people wants from distribution predefined installation where they can just start programming 13:51:01 <juhp_> well anyway I guess there is certainly room for both approaches, but I also see the point about not spreading ourselves too thinly 13:51:11 <mmaslano> Stacks images sounds like reply to that 13:51:32 <ncoghlan> juhp_: that depends - a base Fedora image + software collections + language specific package repos gets you most of the way there anyway 13:51:33 <juhp_> finally we could have some Env'n'Stacks products ;o) 13:51:55 <vpavlin> I probably still don't understand how does conda itself fit into this - we have powerful packaging tool called RPM, right?:) 13:52:08 <juhp_> ncoghlan, sure :) 13:52:19 <ncoghlan> vpavlin: I don't know how conda got onto the Envs&Stacks agenda :) 13:52:29 <ncoghlan> vpavlin: I think it's interesting for user level environments 13:52:29 <mmaslano> you've mentioned it last time 13:52:42 <ncoghlan> ah, OK 13:53:13 <vpavlin> ncoghlan: Sure, but user level environments can be also solved by Docker - which is THE technology right now:) 13:53:23 <ncoghlan> vpavlin: not really 13:53:38 <ncoghlan> sorry, scratch that 13:53:56 <ncoghlan> vpavlin: yes, I suggested to the conda folks they look at using it to build Docker images 13:54:03 <ncoghlan> but Docker isn't magic 13:54:13 <ncoghlan> it's just a packaging format with some neat properties 13:54:24 <vpavlin> Definitely 13:55:31 <ncoghlan> so thinking about it (and this is in real tangent territory), a full IPython Notebook/Scientific Python stack Docker image could be interesting 13:56:14 <ncoghlan> anyway, back to the Fedora Stacks images idea 13:56:27 <ncoghlan> I'm starting to come around to the notion 13:57:58 <ncoghlan> so you might have, for example, a Fedora Cloud + Apache 2.4 + Python 3.3 stack as a Docker image 13:58:29 <mmaslano> #topic Fedora Stacks images 13:58:46 <mmaslano> #url http://blog.docker.com/2014/09/docker-hub-official-repos-announcing-language-stacks/ 13:58:49 <vpavlin> I am not sure what you mean by Fedora Cloud 13:59:02 <ncoghlan> the Cloud product in F21 13:59:18 <vpavlin> That's not Docker image 13:59:26 <ncoghlan> #url https://fedoraproject.org/wiki/Cloud 14:00:01 <vpavlin> That's cloud image - bootable Fedora optimized to run in cloud environments, I'd say:) 14:00:22 <ncoghlan> Also Docker images: https://fedoraproject.org/wiki/Cloud/Cloud_RFC_Docker_Trusted_Images_Rebuild_Policy 14:00:43 <juhp_> anyway let's not get too caught up in details :) 14:00:45 <ncoghlan> you need a base runtime for the container 14:01:23 <ncoghlan> lots of the ones on Docker hub either use a full distro base (wasteful) or an unsupported derivative of a normal distro 14:01:45 <ncoghlan> Fedora Cloud is specifically built to be such a minimal base runtime :) 14:02:00 * juhp_ got distracted by hylang when starting to read the blog post ;) 14:02:18 <ncoghlan> <3 hylang 14:02:39 <vpavlin> Fedora Cloud WG no longer maintains Docker base image - it's assigned to Base WG now 14:02:54 <ncoghlan> ah, OK, I'd missed that 14:03:02 <vpavlin> But that really doesn't matter 14:03:30 <ncoghlan> s/Fedora Cloud/Fedora base image/ above :) 14:03:34 <vpavlin> Sure 14:04:33 <vpavlin> There already are some Fedora images https://github.com/fedora-cloud/Fedora-Dockerfiles 14:05:29 <juhp_> Just curious, anyone know what the base image is for the docker announced Language Stacks? 14:05:30 <vpavlin> But I'd like to see maintainers of stacks to go through them and check if they make sense for how the language stacks are used 14:05:40 <vpavlin> debian wheezy 14:05:44 <juhp_> ok 14:05:48 <juhp_> thanks 14:07:21 <mmaslano> vpavlin: I looked at the dockerfile and there was only interpreter. What I missed? 14:07:44 * juhp_ is still a bit unsure how fine-grained stacks can be with docker though? 14:07:57 <vpavlin> mmaslano: Which dockerfile? 14:08:38 <mmaslano> ah you mean these, okay https://github.com/fedora-cloud/Fedora-Dockerfiles 14:08:46 <vpavlin> mmaslano: Yes 14:08:49 <vpavlin> Sorry:) 14:08:59 <juhp_> oh 14:09:19 <mmaslano> vpavlin: for the start I would pick one framework per language and say we will support this 14:09:35 <mmaslano> I don't think more is doable 14:10:12 <ncoghlan> mmaslano: so, for example, Django/Python/Apache, Rails/Ruby/Apache ? 14:10:24 * vpavlin nods 14:10:26 <mmaslano> that's old isn't it? :) 14:10:34 <mmaslano> nginx and something 14:11:19 <ncoghlan> mod_wsgi is still one of the best Python web servers out there 14:11:44 <ncoghlan> just cursed by the bane of Apache's poor documentation and lack of usability :P 14:12:09 <mmaslano> I wouldn't say that outloud, but there are other prefered non Apache services 14:12:19 <ncoghlan> so folks dismiss Apache as a big ball of mud, and proceed to go reinvent all the wheels :P 14:12:29 <ncoghlan> but yeah, nginx has the edge for some use cases 14:12:50 <ncoghlan> it can't host Python applications directly the way Apache can, though 14:13:12 <juhp_> probably I should contribute my dockerfile to Fedora-Dockerfiles 14:13:18 <ncoghlan> you need to pair it up with something like uWSGI or gunicorn 14:14:05 <ncoghlan> anyway, perhaps the discussion of an initial set of images can go to the mailing list? 14:14:19 <ncoghlan> (getting rather late/early here...) 14:14:31 <mmaslano> probably, to think more about the content 14:17:13 <hhorak> btw. I like the Docker's idea with customized stacks using tags (php-5.6-cli, php-5.6-apache) -- seems handy for users 14:17:20 <hhorak> but yeah, we can continue on ML.. 14:18:21 <ncoghlan> main thing from my perspective is that we think about sustainability - security bugs = image respins, so automation will be key. 14:18:59 * vpavlin agrees 14:19:37 <juhp_> true, layered images need to be respun right, if the base image is? 14:19:43 <vpavlin> yes 14:19:45 <ncoghlan> yeah 14:19:55 <juhp_> thought so 14:20:03 <ncoghlan> although that reminds me, I think rel-eng have been looking into a bunch of this for Koji as well 14:20:30 <vpavlin> Yes they are, but it's still long way to go 14:21:00 <mmaslano> vpavlin: could you give us some action item? should we review content of fedora-dockerfiles? 14:21:18 <mmaslano> or is it okay to say what we would put there for our preferred language? 14:22:30 <ncoghlan> mmaslano: feel free to give me an action to follow up with stano about mapping CVEs to Docker images that need rebuilding 14:22:35 <vpavlin> mmaslano: I think to take a look what is there and fix it if that doesn't make sense or add whatever we come up with on ML 14:22:52 <mmaslano> #action follow up with stano about mapping CVEs to Docker images that need rebuilding 14:23:03 <mmaslano> ncoghlan: good point, he still didn't solve it? :) 14:23:12 <mmaslano> vpavlin: okay 14:23:42 <ncoghlan> mmaslano: I think they're making good progress, but I *don't* think we've considered the fact Fedora might need a similar capability 14:23:44 <mmaslano> #action propose reasonable dockerfile for our favourite languages 14:25:06 <juhp_> ok 14:28:13 <mmaslano> #topic chairman 14:28:20 <mmaslano> who will take it? 14:29:40 <hhorak> if nobody else volunteers I can do it 14:32:11 <ncoghlan> and at that point, I'm going to head off folks (just ticked past 12:30 am here). Catch you on list and next week :) 14:32:22 <juhp_> nite! 14:32:28 <mmaslano> night 14:32:32 <mmaslano> #topic Open Floor 14:34:16 <juhp_> mmaslano, last week hhorak said this was your last time to chair the meeting? Maybe I missed some news? :-| 14:34:35 <mmaslano> juhp_: I gave up all tasks, going to maternity leave son 14:34:42 <mmaslano> soon 14:34:54 <juhp_> ah right! 14:34:58 <mmaslano> now I need to get rid off some Changes which I proposed for F-21 and didn't happened 14:35:23 <mmaslano> I'll offer them on mailing list, but I might be lucky and even find a developer to work on them ;-) 14:35:31 <mmaslano> in that case I would prefer developer with time to do them 14:36:02 <juhp_> all the best with your leave :-) 14:36:05 <mmaslano> thanks 14:36:11 <mmaslano> sounds like going home 14:36:14 <mmaslano> #endmeeting