server_working_group_weekly_meeting_(2017-02-07)
MINUTES
21:00:09 <sgallagh> #startmeeting Server Working Group Weekly Meeting (2017-02-07)
21:00:09 <zodbot> Meeting started Tue Feb  7 21:00:09 2017 UTC.  The chair is sgallagh. Information about MeetBot at http://wiki.debian.org/MeetBot.
21:00:09 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
21:00:09 <zodbot> The meeting name has been set to 'server_working_group_weekly_meeting_(2017-02-07)'
21:00:09 <sgallagh> #chair nirik sgallagh mhayden dperpeet smooge jds2001 vvaldez adamw mjwolf
21:00:09 <zodbot> Current chairs: adamw dperpeet jds2001 mhayden mjwolf nirik sgallagh smooge vvaldez
21:00:09 <sgallagh> #topic roll call
21:00:09 <sgallagh> .hello sgallagh
21:00:10 <zodbot> sgallagh: sgallagh 'Stephen Gallagher' <sgallagh@redhat.com>
21:00:16 <vvaldez> .hello vvaldez
21:00:17 <zodbot> vvaldez: vvaldez 'Vinny Valdez' <vvaldez@redhat.com>
21:00:26 <adamw> .hello adamwill
21:00:27 <zodbot> adamw: adamwill 'Adam Williamson' <awilliam@redhat.com>
21:00:39 <nirik> .hello kevin
21:00:40 <mjwolf> .hello mjwolf
21:00:40 <zodbot> nirik: kevin 'Kevin Fenzi' <kevin@scrye.com>
21:00:43 <zodbot> mjwolf: mjwolf 'Michael Wolf' <mjwolf@us.ibm.com>
21:01:04 <jds2001> .hello jstanley
21:01:05 <zodbot> jds2001: jstanley 'Jon Stanley' <jonstanley@gmail.com>
21:02:11 <sgallagh> Good day, all
21:02:23 <sgallagh> mhayden and dperpeet both let me know they'd be unavailable today.
21:02:29 <vvaldez> hey sgallagh
21:03:06 <sgallagh> #topic agenda
21:03:40 <sgallagh> #info Agenda Item: Feedback on the Domain Controller Role first draft
21:03:40 <sgallagh> #info Agenda Item: Fedora Server base image for cloud providers
21:04:15 <sgallagh> oh, I meant to add:
21:04:15 <sgallagh> #topic Agenda Item: Procedural Notes
21:04:20 <sgallagh> #undo
21:04:20 <zodbot> Removing item from minutes: <MeetBot.items.Topic object at 0x3e276310>
21:04:23 <sgallagh> #info Agenda Item: Procedural Notes
21:05:00 <sgallagh> Does anyone have other topics to raise today?
21:05:28 <adamw> nope
21:05:53 <vvaldez> nothing else here
21:05:59 <mjwolf> no
21:06:19 <smooge> here late
21:06:29 <sgallagh> #topic Procedural Notes
21:07:09 <sgallagh> I have two related points to raise on procedure.
21:07:44 <sgallagh> 1) When we make a decision, we do not have a canonical record of it.
21:07:44 <sgallagh> 2) When questions or tasks come up, we do not have a place to record them and track their progress and resolution.
21:08:29 <sgallagh> My thoughts are that we should probably have an issue-tracker to record these things.
21:08:30 <jds2001> pagure sounds good :)
21:08:35 <sgallagh> To that end, I created https://pagure.io/fedora-server/
21:08:40 <sgallagh> jds2001: Stop reading my notes ;-)
21:08:43 <nirik> sure. +1
21:08:58 <vvaldez> +1
21:09:30 <sgallagh> I think it makes sense to track things the way FESCo does, by raising questions as tickets and marking them with a meeting tag when we should have an active discussion.
21:09:44 <sgallagh> s/active/live/
21:10:05 <mjwolf> +1
21:10:43 <sgallagh> Does anyone have any objections? If not, I'll get the WG members added as admins for that repo
21:12:10 <sgallagh> #info Server SIG will use https://pagure.io/fedora-server/ to track tasks and decisions.
21:12:19 <sgallagh> #topic Feedback on the Domain Controller Role first draft
21:12:34 <sgallagh> #link https://github.com/libre-server/proposals/blob/master/Domain%20Controller.md
21:12:49 <sgallagh> I sent this out mid-December, but I have not received any feedback as of yet.
21:12:59 <sgallagh> /me looks over his glasses.
21:13:40 <adamw> sorry :/
21:13:47 * nirik didn't see it in december. ;)
21:13:57 <sgallagh> The request for review here is twofold: 1) Get specific feedback on the use-cases and whether they are sufficient and/or too specific.
21:14:01 <adamw> good news: it is on my todo list
21:14:08 <adamw> bad news: my todo list reads "1. ALL THE THINGS"
21:14:13 <sgallagh> 2) Create a template for future such proposals.
21:14:13 <nirik> I like the story in the personas. ;)
21:14:14 <vvaldez> same here, it’s on my actino list
21:15:34 <adamw> i'm not sure about the smooshing together of the basic role description, the roadmap and the requirements
21:15:54 <adamw> for e.g., the description is generally useful as long as the role exists, but if it's tied to a roadmap that was implemented five years ago, that looks odd
21:16:21 <sgallagh> adamw: OK, that's good feedback.
21:17:05 <adamw> it seems to be missing various checkboxes from the old domain controller role, not sure if that's intentional because it's trying to focus on the 'user story'
21:17:11 <sgallagh> adamw: I think I'd like to keep the requirements alongside the stories, but you're right that the roadmap probably should be tracked elsewhere
21:17:18 <sgallagh> (Perhaps our shiny new bug-tracker...)
21:17:26 <adamw> would we have a separate 'these are the requirements that must be met for the role to be considered working' page or something?
21:17:52 <adamw> https://fedoraproject.org/wiki/Domain_controller_role_requirements
21:18:28 <sgallagh> adamw: Right, I was trying to focus here on the end-user perspective here.
21:18:35 <adamw> sure, that's reasonable.
21:18:40 <sgallagh> The specifics of the implementation are important, certainly
21:19:54 <sgallagh> #info Mixing the requirements and roadmap will be problematic later. Separate them.
21:20:23 <sgallagh> #info More technical requirements need to be located somewhere and linked to.
21:21:00 <sgallagh> That's really good feedback. I'll work on a second draft for the next meeting.
21:21:24 <adamw> I'm helping! I'm helping!
21:21:25 <sgallagh> Any other thoughts here?
21:21:32 <sgallagh> adamw: Much appreciated :)
21:21:50 * vvaldez is reading
21:23:11 * jds2001 agrees on having acceptance criteria, FWIW.
21:23:23 <jds2001> i.e. when this is met for F27, we claim success.
21:24:02 <sgallagh> jds2001: Do you feel that the requirements listed are appropriate for that, or are you talking about the lower-level implementation requirements that adamw referenced?
21:24:31 <jds2001> I think that those requirements are perfect for that.
21:24:46 <jds2001> I'm not sure that document needs to specify implementation of those requirements.
21:25:01 <vvaldez> sgallagh: looks really good. one point, should the ansible playbook include any srv record changes to upstream DNS or will that be handled separately if needed?
21:25:04 <jds2001> so I guess I sort of disagree with adamw
21:25:17 <jds2001> vvaldez: how would it?
21:25:25 <jds2001> vvaldez: the admin might not control that.
21:25:42 <adamw> jds2001: these requirements are fine, but they're not *complete*. they don't, for instance, say that the deployed freeipa actually has to work at all.
21:25:43 <sgallagh> vvaldez: Sorry, I think you're missing some context in that question.
21:25:43 * jds2001 assumes some delegated subdomain.
21:25:57 <adamw> i wasn't saying that should be added here. just that it should be present somewhere.
21:26:07 <vvaldez> jds2001: that’s true, I suppose just a mention in there of any pre-reqs or anything outside what this role would provide
21:26:21 <sgallagh> adamw: A valid point, I forgot to include enrollment requirements.
21:26:23 <vvaldez> sgallagh: just and example, I didn’t want to get into the weeds, I just mean in general
21:26:24 <adamw> and i'm not saying we don't have acceptance criteria, just that they shouldn't be permanently attached to the more long-term applicable role description.
21:26:40 <sgallagh> We don't need to specify the protocols etc. like on the other page, but basic authentication requirements makes sense.
21:26:47 <adamw> so, i'm not sure we're disagreeing at all.
21:26:54 <sgallagh> #info Requirements need to add basic authentication and enrollment requirements.
21:27:38 <jds2001> adamw: i guess not, i just sort of assumed that installed meant working :)
21:27:45 <jds2001> but ASSuME :D
21:28:01 <adamw> oh, you sweet summer child
21:28:02 <adamw> :P
21:28:38 <sgallagh> Right, I will definitely add some client pieces there. I overlooked that.
21:28:51 <sgallagh> adamw: See, this is why we keep you around :)
21:29:07 <jds2001> sgallagh: but beyond the ability to have clients, clients are out of scope for this, no?
21:29:09 <sgallagh> vvaldez: And as jds2001 said, DNS is kind of a special case.
21:30:01 <vvaldez> sgallagh: make sense. it would just be helpful to have in scope and out of scope (maybe not this doc but somewhere) for the role
21:30:04 <sgallagh> Well, we can make some assertions like "must provide appropriate authentication services to properly-configured clients"
21:30:40 <sgallagh> vvaldez: Well, there's an explicit non-goal section at the bottom, but like I said, this is a special case that doesn't really fit.
21:30:47 <sgallagh> We can talk about it in #fedora-server later
21:31:11 <vvaldez> ah I see the out of scope statement now, my bad
21:33:24 <sgallagh> #action sgallagh to work up a second draft from the feedback here
21:33:46 <sgallagh> Thank you very much for the useful suggestions
21:33:58 <sgallagh> Anything else on this, or shall we move on?
21:34:38 <sgallagh> #topic Fedora Server base image for cloud providers
21:34:54 <sgallagh> This is mostly a status update. I had a talk with dustymabe this afternoon about it.
21:35:47 <sgallagh> The short version is that we're putting this effort into mostly a holding pattern. It'll stay under our nominal stewardship, but for now it's basically on life-support. dustymabe will continue to produce the same image we've had up to this point until we get far enough on Boltron to consider replacing it with output from there.
21:36:08 <dustymabe> sgallagh: indeed
21:36:16 * nirik is happy to assist with this image
21:36:20 <dustymabe> nirik: thanks
21:36:24 <adamw> fwiw, i know the taskotron folks are interested in using the 'regular' cloud image (i.e. this one) as a base image for deploying taskotron test workers
21:36:40 <dustymabe> adamw: we'll continue to make the image
21:36:44 <roshi> ^^ taskotron relies on that image
21:36:47 <adamw> right, just noting it has usefulness.
21:36:53 <sgallagh> #info For Fedora 26, there will be no changes to the way we produce the Fedora cloud image. It will continue to be a very minimal base image, not a full Server Edition.
21:36:54 * nirik notes copr and lots of infra cloud stuff uses this image today. ;)
21:38:45 <sgallagh> Anyway, not much else to report here, unless dustymabe has more to add?
21:39:44 <sgallagh> OK, I'll take that as a no.
21:39:50 <sgallagh> #topic Open Floor
21:40:02 <dustymabe> sgallagh: nope, nothing more
21:40:05 <sgallagh> Anything for Open Floor this week?
21:40:16 * nirik doesn't have anything off hand.
21:40:26 <vvaldez> nothing here
21:40:26 <adamw> we're coming somewhat close to F26 Alpha, and FreeIPA is still entirely busted in Rawhide
21:40:30 <adamw> (unless it got fixed in the last few days)
21:40:41 <adamw> we may need to start kicking some people about that relatively soon
21:40:43 <nirik> adamw: I'm sure the mass rebuild will make it better.
21:40:45 * nirik runs
21:40:52 <sgallagh> /me puts nirik in the corner
21:40:53 <adamw> i know the freeipa guys know about the problems, i don't know if they know the Alpha schedule
21:41:07 <nirik> yeah, alpha freeze is the end of the month
21:41:20 <sgallagh> I'll prod them and see what we can do
21:41:29 <sgallagh> adamw: Do you know off-hand what the issues are?
21:41:43 <sgallagh> I know we discussed it at DevConf, but I think the beer got those cells
21:41:55 <nirik> https://bugzilla.redhat.com/show_bug.cgi?id=1403352 at least
21:42:21 <sgallagh> Oh right. That.
21:42:24 <sgallagh> /me sighs
21:43:37 <sgallagh> OK, I'll push them on that.
21:43:40 <sgallagh> Thanks for the links
21:44:10 <adamw> there is apparently another issue too, but i forget what it was
21:44:16 <adamw> something else that's kinda showstopper-y though, iirc
21:45:23 <smooge> OH I kind of have an idea of the most requested packages in various epel if that helps for server
21:46:05 <sgallagh> smooge: Indeed it does.
21:46:14 <smooge> for most releases it is nagios, clamav, R
21:46:36 <jds2001> ok, nagios is interesting.
21:46:58 <sgallagh> adamw: FreeIPA guys report that the other issue was a kerberos ABI change, but they have a fix prepped for that.
21:47:10 <sgallagh> The BIND thing is still a bit of a mess.
21:47:16 <adamw> sgallagh: great
21:47:19 <adamw> yay messes
21:47:29 <adamw> i was kinda suggesting we just downgrade BIND and pretend it never happened
21:47:32 <sgallagh> adamw: They're considering backing out BIND 9.11
21:47:42 <adamw> hey, looks like my pitch got through
21:48:01 <nirik> BIND. sure ties you up
21:48:15 <sgallagh> nirik: Did I say you could come out of the corner?
21:48:29 <jds2001> but we cant just defer BIND 9.11 forever.
21:48:39 <nirik> 😂
21:49:00 <sgallagh> jds2001: No, but it's not released upstream yet
21:49:01 <jds2001> I mean, hey, it's 9.11. There's certain to be some emergency that requires it :D
21:49:12 <sgallagh> We're carrying a prerelease in Rawhide right now
21:49:13 * jds2001 quits with bad jokes
21:49:42 <sgallagh> jds2001: Actually, I figure a BIND 9/11 joke would have been more on-point, but hey.
21:49:56 <nirik> nsd/unbound > bind (but thats not really helpful, so I will stop)
21:50:10 <smooge> bind 10 or bust
21:50:14 <sgallagh> ...
21:50:15 <smooge> with sendmail 10
21:50:39 <sgallagh> smooge: Back to the EPEL data; what was the source of those metrics?
21:50:55 <sgallagh> update requests?
21:51:08 <smooge> update requests don't show anything
21:51:20 <smooge> what I can pull out is when a package is asked for directly like
21:51:23 <sgallagh> OK, so where are you getting the popularity count from?
21:51:23 <smooge> yum install XXXX
21:51:29 <sgallagh> ah ok
21:51:46 <smooge> download.fedoraproject.org will record such requests
21:51:59 <sgallagh> I should have said "yum/dnf requests", but I didn't
21:52:33 <smooge> I would give it a maybe better than nothing rating
21:52:36 <sgallagh> nagios is definitely something worth considering, if we could turn that into a server role
21:52:42 <jds2001> sgallagh: i think what smooge is getting at is 'yum update' doesnt show him anything
21:52:48 <jds2001> but 'yum install nagios' does
21:53:01 <jds2001> even if nagios happens to be installed
21:53:02 <smooge> oh openvpn
21:53:11 <jds2001> smooge: did i understand correctly?
21:53:18 <sgallagh> Right, I understand. I just wanted to know if we were talking about actual metrics or just frequency of mentions in #epel, etc.
21:55:28 <sgallagh> #info Metrics from EPEL indicate a high degree of interest in nagios, clamav, R and openvpn. We should consider providing nagios and openvpn server roles down the line.
21:55:40 <sgallagh> smooge: Thank you for the information.
21:56:43 <sgallagh> Alright, we're approaching the top of the hour. Anything remaining to add?
21:58:46 * nirik has nothing
21:59:04 <sgallagh> OK, thanks for coming today, folks.
21:59:12 <sgallagh> #endmeeting