18:02:05 <abadger1999> #startmeeting Coprs
18:02:05 <zodbot> Meeting started Wed May  5 18:02:05 2010 UTC.  The chair is abadger1999. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:02:05 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
18:02:12 <abadger1999> sspreitzer: Likely very short.
18:02:21 <sspreitzer> phew, great
18:02:22 <abadger1999> I was on vacation last week so I have very little to report.
18:02:30 <sspreitzer> :)
18:02:35 <sspreitzer> hope you recovered
18:02:44 <sspreitzer> wish you nice meeting, bye
18:02:55 <abadger1999> skvidal: You got anything?  I know your week turned out to have more things than you anticipated.
18:03:06 <skvidal> worked on somethings in func that seem like they'll help us
18:03:46 <skvidal> 1. I got the service/user certs/keys with acls working quasi-sanely in func and the setup should be as easy as an ssh key, really.
18:04:02 <skvidal> - so for communication between hosts we won't have to rely on host keys to do it right
18:04:38 <skvidal> 2. working on the crl code now so we can be fairly confident/safe of discrediting a cert - which is not really a big deal to coprs but...
18:05:19 <skvidal> where should I check in auto-mock-build?
18:06:26 <abadger1999> I think into coprs since its build system related.
18:06:41 <abadger1999> Just start a new directory in there.
18:07:41 <skvidal> okay
18:07:44 <abadger1999> The idea of auto-mock-build is that it's what runs when mock-vm brings up a guest, correct?
18:07:54 <skvidal> it's a pkg
18:08:00 <skvidal> with just an init script and configs, really
18:08:11 <skvidal> you include that in the vm that does the building
18:08:27 <skvidal> it comes up on boot - builds all the pkgs in a certain dir, with a certain mock config
18:08:39 <skvidal> and then, optionally, shuts down the system
18:09:31 <skvidal> it's not terribly complex :)
18:10:30 <skvidal> abadger1999: what do you think of the scheduling system
18:10:55 <skvidal> how are you feeling about it? are there other things we need in func to make it happen?
18:11:38 <abadger1999> I think func should basically work -- I now know what you mean about the communication of notifications.
18:12:15 <skvidal> okay
18:12:44 <abadger1999> I need to write a func module for the overlord that receives notifications from the minions.
18:12:45 <skvidal> so I was thinking about it
18:12:53 <skvidal> we don't actually, do we?
18:13:06 <skvidal> if you think of every system having a funcd running
18:13:22 <skvidal> and one of them having a module on it - that receives notifcations from builders
18:13:38 <skvidal> then that one is the center
18:13:40 <skvidal> right?
18:13:46 <abadger1999> Then I can have the overlord kick off the build on the minion; that task forks and then notifies the overlord of its status/completion by pushing notifications to the overlord.
18:13:53 <abadger1999> Yeah -- that's what I'm thinking.
18:14:01 <abadger1999> I guess I'm misusing the func overlord term there.
18:14:05 <skvidal> yah
18:14:07 <skvidal> okay
18:14:10 <skvidal> overlord means nothing
18:14:14 <abadger1999> <nod>
18:14:16 <skvidal> every box runs a funcd daemon
18:14:18 <skvidal> right?
18:14:29 <skvidal> originally we had a cental machine running certmaster, too
18:14:32 <abadger1999> headhunter server and minions -- every box runs funcd just with different modules active.
18:14:33 <skvidal> and that was the 'head'
18:14:33 <abadger1999> Yep.
18:14:47 <skvidal> but when minion-tominion with acls was possible
18:14:51 <skvidal> that no longer made any sense
18:14:59 <skvidal> you just had a Certificate authority centrally
18:15:21 <abadger1999> <nod>
18:15:27 <skvidal> so - an 'overlord' is just any system connecting to a listening funcd with a valid cert that has acls to run a module
18:15:46 <skvidal> so - the module to receive notifications is just a minion module
18:16:07 <skvidal> and we setup acls to allow any of the builders to send those to our headhunter server
18:16:31 <skvidal> so - I do think it makes sense to have a separate certificate authority for the coprs
18:17:10 <skvidal> then we can say 'anything system presenting a cert signed by this CA that is not revoked, can run the following modules'
18:17:32 <skvidal> and on the headhunter builders/minions we can have a module which is just 'the headhunter server can tell us to do stuff'
18:17:38 <skvidal> a single acl, ultimately.
18:17:49 <skvidal> does that make sense to what you were thinking?
18:18:59 <abadger1999> yep.  that's excellent.
18:19:27 <abadger1999> It's what I was thinking and the "cert signed by this CA" piece makes it even easier to setup.
18:19:58 <skvidal> we can either do the cert stuff using certmaster-  or just any CA we make
18:20:14 <skvidal> as long as the CNs are unique (which they have to be :) we're fine
18:21:02 <abadger1999> Excellent.
18:21:20 <abadger1999> I think we're in good shape as far as the func piece goes.
18:21:51 <skvidal> the pieces I have to do are mock-vm - which I've been dragging my feet on
18:22:34 <skvidal> check in automockbuild - which I'll do after this meeting
18:22:44 <skvidal> .... what else?
18:22:48 <skvidal> oh
18:23:17 <skvidal> the vmcreation and file fetching - which are subtasks of mock-vm
18:23:41 <skvidal> abadger1999: am I blocking anything you're working on?
18:23:46 <abadger1999> Nope.
18:23:53 <skvidal> okay - so what's next on your [s]hitlist?
18:24:02 <abadger1999> skvidal: I have plenty to do and I don't think anything is blocking on you.
18:24:06 <abadger1999> The piece I haven't gotten firm in my mind yet is the copr build system => headhunter communication.  That's where I'd eventually like to stick amqp but we may want to avoid that for the first cut.
18:24:15 <skvidal> that's a first - normally I'm captain blocker :)
18:24:31 <skvidal> so
18:24:34 <skvidal> remember plague?
18:24:47 <skvidal> plague did something fairly...... simplistic but it did work
18:24:54 <skvidal> which was the front end just chucked entries into a db
18:25:11 <skvidal> and then the db was queried regularly by the backend and acted on
18:25:19 <skvidal> and it spat results out into another db
18:25:30 <skvidal> so the frontend could query the results from that db
18:25:41 <skvidal> it didn't have any 'communication' other than 'read from this db'
18:26:55 <skvidal> would that work in this case?
18:27:55 <abadger1999> That sounds liek it would work.
18:28:15 <abadger1999> especially SInce it's supposedly only temporary I like it :-)
18:28:22 <skvidal> hah
18:28:30 * skvidal makes a mental note of 'temporary'
18:29:17 <abadger1999> so what OI've got -- Front end -- TG2 app; I've laid out the basic functions I think we'll need for the command line app that submits builds to function.
18:29:25 <abadger1999> Need to write each of those.
18:29:29 <skvidal> okie doke
18:29:35 <abadger1999> need to write the command line app that talks to that.
18:29:48 <abadger1999> Need to write headhunter code to retrieve the jobs from the database.
18:30:23 <abadger1999> Write the notification module.
18:30:41 <abadger1999> Write some code for creating repositories
18:31:07 <abadger1999> Trick^Wconvince someone into writing a web front end to copr.
18:31:26 <abadger1999> For people wanting to see what's building at any given time.
18:32:01 <skvidal> my time should clear up when the rcs start out - provided yum doesn't explode in horrible ways
18:32:19 <skvidal> and since I cannot do anything else besides sit in front of the computer and lift very light objects...
18:32:29 <skvidal> I'll see how quickly i can knock these out
18:32:33 <abadger1999> Cool.
18:32:58 <abadger1999> Oh -- if and onyl if you feel like it, I need to come up with some coding tests for potential students wanting to work on this.
18:33:36 <abadger1999> I've had a lot of people interested in this, particularly the amqp portion but I'm not yet certain that any of them have the ability to pull it off.
18:33:43 <skvidal> coding tests..
18:33:52 <skvidal> how about this
18:34:09 <skvidal> present them with a complicated problem that can be solved in an ugly, but simple way and a more elegant but complex way
18:34:15 <skvidal> if they solve it using the complex way, they fail
18:34:49 <skvidal> oh wait - I'm being a curmudgeon again, aren't I?
18:35:01 <abadger1999> Mmmm... That has a certain appeal :-)
18:36:05 <skvidal> I'm trying to think of a good case like that
18:36:39 <skvidal> if I think of something I'll ping you
18:37:36 <abadger1999> Cool.
18:37:50 <sspreitzer> 22 mins dudes
18:37:56 <abadger1999> Well, I'm done.
18:38:08 <skvidal> yep
18:38:10 <skvidal> done here
18:38:29 <skvidal> #endmeeting Coprs
18:39:02 <abadger1999> #endmeeting Coprs