flock2016
LOGS
11:25:48 <michalrud> #startmeeting Fleet Commander: large desktop deployments for F24
11:25:48 <zodbot> Meeting started Wed Aug  3 11:25:48 2016 UTC.  The chair is michalrud. Information about MeetBot at http://wiki.debian.org/MeetBot.
11:25:48 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
11:25:48 <zodbot> The meeting name has been set to 'fleet_commander:_large_desktop_deployments_for_f24'
11:25:51 <michalrud> #meetingname flock2016
11:25:51 <zodbot> The meeting name has been set to 'flock2016'
11:30:31 <michalrud> for last year and a half I've been working on Fleet Commander
11:30:51 <michalrud> focus is to provide large scale configuration management, you can think of it like of an Ansible for desktop
11:31:01 <michalrud> people asked why can't we use Ansible
11:31:24 <michalrud> First issue: there are people on the road, so SSH port may not be available
11:31:42 <michalrud> Ansible doesn't really fit with desktop user sessions
11:31:56 <michalrud> main principle is that you store profile deta centrally and you pull the data from there
11:32:23 <michalrud> we work with upstream to make sure that at least the most common applications work with our system
11:32:48 <michalrud> for some time we wanted to put Linux in the enterprise or smaller companies, and people asked us what do we have instead of Active Directory
11:33:11 <michalrud> Active Directory is practically a bundle, a combination of administration tools, LDAP server and bunch of other stuff
11:33:38 <michalrud> the way MS guys did it is that they have this big directory with settings of Microsoft apps and other apps for which a template was provided
11:34:07 <michalrud> for administrators it's a better experience than in Linux where you need to write your own RPMs and what not
11:34:42 <michalrud> there were some previous attempts at that
11:35:16 <michalrud> APOC was created and was similar to Fleet Commander, but was closed source, open sourcing was attempted but was not finished
11:35:21 <michalrud> there also was Sabayon
11:36:07 <michalrud> but the issue was with installation as it was not trivial
11:36:19 <michalrud> main component of Fleet Commander is a Cockpit plugin
11:37:13 <michalrud> we are using this concept from Sabayon where you have virtual sessions where you actually live configure the applications
11:37:20 <michalrud> we create the VM and we connect to those
11:39:07 <michalrud> once configuration has been selected, configuration is put on a static http server
11:39:33 <michalrud> in next version there will be an internal http server included, but usage of external one (apache for example) will still be possible
11:40:51 <michalrud> Static HTTP Server is not run inside of Cockpit, so byt default it uses HTTP not HTTPS, but default implementation is not meant to be used in production
11:43:21 <michalrud> right now we support most of the GNOME stack, so DConf is supported
11:43:49 <michalrud> is non-invasive, so deployement is done in /run
11:44:12 <michalrud> DConf uses that data in a layered manner
11:45:32 <michalrud> Gnome Software recommendations can also be influenced, so sysadmins can encourage users to install certain applications
11:45:45 <michalrud> Q: Is Firefox working?
11:46:12 <michalrud> A: Firefox and Chromium are on our radar, we are having a conversation with one of Chromium developers, we need a way to handle bookmarks, settings
11:46:55 <michalrud> A: I have a gut feeling that we will be able to do it for Firefox, since they have a concept of layered configuration providers, but we need to figure out whether upstream will accept that or we would have to do that downstream
11:47:53 <michalrud> Configuration is done in a way that you open a virtual session in your browser, configure it, close it and settings are deployed
11:48:20 <michalrud> in your browser = in administration panel you get access to a virtualized environment
11:48:33 <michalrud> last Flock I've tried to do a demo and it crashed
11:48:51 <michalrud> #topic Demo
11:50:04 <michalrud> A profile is created and it's assigned to one of the users
11:50:18 <michalrud> configuration is done, a vm template is selected
11:50:29 <michalrud> virtual machine is booting, visible in the browser
11:51:18 <michalrud> configuration of Gnome file manager is changed
11:51:30 <michalrud> configuration is reviewed in web administration interface
11:52:23 <michalrud> audience can see that the configration change has been applied thanks to Fleet Commander
11:56:31 <michalrud> NetworkManager is also supported, so you can create a new profile, create WiFi and distribute that data among workstations
11:58:08 <michalrud> Q: Is it possible to modify system-wide configuration with Fleet Commander?
11:58:16 <michalrud> A: Fleet Commander is not meant to do that.
11:59:55 <michalrud> Q: How configuration is layered?
12:00:33 <michalrud> A: Right now user has precendence over the distributed configuration. For now it's hardcoded, the idea is to change it in future
12:01:51 <michalrud> there are plans to add priorities to profiles, so group profiles may be higher than user ones, but there would be possibility to select certain user profiles to be higher, etc.
12:02:04 <michalrud> #topic Fedora 25 and beyond
12:02:15 <michalrud> FreeIPA integration
12:02:23 <michalrud> NetworkManager support
12:02:29 <michalrud> GNOME Online Accounts
12:02:42 <michalrud> Inline profile viewer
12:02:49 <michalrud> Support of web browser
12:02:52 <michalrud> Further apps
12:05:55 <michalrud> Support in Firefox and Chromium should go upstream, since having them only downstream would be troublesome since especially in enterprise environments users will be using Google Chrome, so support should be there
12:07:36 <michalrud> Q: What about other desktops?
12:08:19 <michalrud> A: DConf is right now supported, Qt has a similar way to DConf, but in case of KDE it would be hard since most apps are using raw files to store configuration, while layers need to be used
12:08:44 <michalrud> A: Xfce or Mate are using DConf so it should just work
12:09:05 <michalrud> A: Right now we are focused on providing the right experience in Gnome in Fedora
12:09:30 <michalrud> A: KDE worries me, because it's a big desktop, has many apps, and may be required in some environments, so we would like to support it
12:09:42 <michalrud> A:  But I don't have capacity to work on it currently
12:09:47 <michalrud> #topic Questions
12:14:25 <michalrud> Q: Can those changes be done on the fly?
12:14:48 <michalrud> A: For DConf-based settings you may set an option to make it read-only, so you have a control over that
12:15:23 <michalrud> A: It is possible to change the settings, but after a while it will go back to the option from Fleet Commander version
12:16:33 <michalrud> A: This is meant to be done in environment where your users don't know how to configure the network
12:19:01 <michalrud> Q: Delivering content, like wallpapers?
12:19:51 <michalrud> A: Our approach is that if you want to deploy content you need to create your own RPMs, our software is focused on changing settings
12:21:27 <michalrud> Q: Is it possible to force installation of software?
12:22:00 <michalrud> A: I don't want to overlap with other applications, I recognize that it may be a requested feature, but there are possible security issues
12:23:50 <michalrud> #endmeeting