fedora-server
MINUTES
17:13:05 <michel_slm> #startmeeting fedora-server
17:13:05 <zodbot> Meeting started Wed May 26 17:13:05 2021 UTC.
17:13:05 <zodbot> This meeting is logged and archived in a public location.
17:13:05 <zodbot> The chair is michel_slm. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:13:05 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
17:13:05 <zodbot> The meeting name has been set to 'fedora-server'
17:13:11 <dcavalca> yay
17:13:16 <dcavalca> .hi
17:13:16 <langdon> michel_slm: faster than me :)
17:13:16 <zodbot> dcavalca: dcavalca 'Davide Cavalca' <dcavalca@fb.com>
17:13:21 <langdon> fyi https://fedoraproject.org/wiki/Zodbot
17:13:24 <michel_slm> ##addchair langdon
17:13:29 <michel_slm> #addchair langdon
17:13:33 <michel_slm> #addchair dcavalca
17:13:36 <langdon> dcavalca: woah.. .hi!?!? thats *short*
17:13:38 <cmurf> i think it's just chair
17:13:39 <langdon> .hi
17:13:40 <zodbot> langdon: langdon 'Langdon White' <langdon@redhat.com>
17:13:45 <cyberpear> h.i
17:13:46 <swefredde> .hi
17:13:47 <zodbot> swefredde: swefredde 'Fredrik Arneving' <fredrik.arneving@bahnhof.se>
17:13:47 <cyberpear> .hi
17:13:47 <michel_slm> eh... did I get that wrong? yeah, the wiki lists addchair too
17:13:49 <zodbot> cyberpear: cyberpear 'James Cassell' <fedoraproject@cyberpear.com>
17:13:57 <cmurf> :D
17:13:58 <michel_slm> #chair michel_slm langdon dcavalca cyberpear
17:13:58 <zodbot> Current chairs: cyberpear dcavalca langdon michel_slm
17:14:08 <michel_slm> #topic Intro
17:14:14 <michel_slm> .hello salimma
17:14:15 <zodbot> michel_slm: salimma 'Michel Alexandre Salim' <michel@michel-slm.name>
17:14:23 <langdon> anyone have the agenda handy?
17:14:31 <dcavalca> yeah, it's on the mailing list, one sec
17:14:36 <michel_slm> langdon yeah . hi works if your IRC nick matches :p
17:14:47 <cmurf> https://lists.fedoraproject.org/archives/list/server@lists.fedoraproject.org/message/LO45JYWU7WJLQ7U3XHSLPQJBT6RNLX4G/
17:14:51 <dcavalca> https://lists.fedoraproject.org/archives/list/server@lists.fedoraproject.org/thread/LO45JYWU7WJLQ7U3XHSLPQJBT6RNLX4G/
17:14:51 <cmurf> that's what went out
17:14:57 <langdon> michel_slm: i just knew .hello2 .. .which is SOOO much longer
17:15:19 <langdon> #link https://lists.fedoraproject.org/archives/list/server@lists.fedoraproject.org/message/LO45JYWU7WJLQ7U3XHSLPQJBT6RNLX4G/ agenda
17:15:24 <cmurf> .hello
17:15:24 <zodbot> cmurf: (hello <an alias, 1 argument>) -- Alias for "hellomynameis $1".
17:15:28 <cmurf> .hello2
17:15:29 <zodbot> cmurf: Sorry, but you don't exist
17:15:31 <cmurf> haha
17:15:42 <langdon> cmurf: its personal im sure
17:15:49 <cmurf> ok well i guess Noggin didn't fix the aliasing issue
17:16:03 <cmurf> i've got cmurf set in my account for irc *shrug*
17:16:17 <langdon> you can still .hello <fas>
17:16:19 <michel_slm> ok, who was here at the last meeting? they probably have more context for the discussions
17:16:22 <cmurf> .hello chrismurphy
17:16:23 <zodbot> cmurf: chrismurphy 'Chris Murphy' <bugzilla@colorremedies.com>
17:16:36 <langdon> ph > f anyway
17:16:51 <langdon> i was not.. had a conflict
17:16:59 <dcavalca> first item on the agenda is "Providing easy installation and pre-configuration for key services with Ansible - wiki page"
17:16:59 <swefredde> I was
17:17:00 <michel_slm> langdon: ph?
17:17:15 <langdon> "murphy" vs "murf" vs "murph" :)
17:17:18 <michel_slm> ooh
17:17:33 <richm> ϕ
17:17:37 <copperi> .hi
17:17:37 <zodbot> copperi: copperi 'Jan Kuparinen' <copper_fin@hotmail.com>
17:17:45 <langdon> i need a special zodbot command for "langdon making stupid joke, please ignore"
17:18:08 <copperi> ... /kick ban ignore ?
17:18:19 <cmurf> .fire langdon
17:18:19 <zodbot> adamw fires langdon
17:18:37 <jwhimpel> Last meeting I was tasked with researching issues with deploying various services via RPM and Ansible.
17:18:37 <adamw> AND STAY FIRED
17:18:44 <cmurf> haha
17:18:47 <adamw> oh am i supposed to be here? i'm good with times, me
17:18:52 <cmurf> he's alive!
17:19:01 <langdon> .fire adamw
17:19:01 <zodbot> adamw fires adamw
17:19:11 <cmurf> .hire adamw
17:19:11 <zodbot> adamw hires adamw
17:19:12 <langdon> but.. i meant to say..
17:19:15 <langdon> adamw++
17:19:15 <zodbot> langdon: Karma for adamwill changed to 2 (for the current release cycle):  https://badges.fedoraproject.org/tags/cookie/any
17:19:21 <cmurf> ok moving on! i gotta go soon
17:19:35 <langdon> jwhimpel: ok.. let's switch to that agenda topic?
17:19:40 <jwhimpel> Going back into the email archives, it appears the java sig is hanging on by a slim thread.  So services such as JBoss/Wildfly with its myriad of dependencies probably is not deployable via RPMs.
17:19:54 <michel_slm> #topic issues deploying services via RPM and Ansible
17:20:15 <langdon> michel_slm: thanks.. i was looking for good words
17:20:17 <pboyHB> .hello
17:20:17 <zodbot> pboyHB: (hello <an alias, 1 argument>) -- Alias for "hellomynameis $1".
17:20:19 * nirik is busy, but lurking in the back
17:20:37 <michel_slm> #chair michel_slm langdon cmurf dcavalca cyberpear jwhimpel pboyHB
17:20:37 <zodbot> Current chairs: cmurf cyberpear dcavalca jwhimpel langdon michel_slm pboyHB
17:20:59 <michel_slm> everyone gets a chair! please # info any useful .. info
17:21:02 <pboyHB> Can someone read my messages? I'm having issues here.
17:21:17 <michel_slm> pboyHB I read you fine
17:21:19 <jwhimpel> RPMS are good for provisioning (deployment), but they are not designed to customize configuration parameters in files.  Ansible can install RPMS and keep them current.  It can also customize configuration files.
17:21:32 <langdon> jwhimpel: its slightly more complicated than that.. the main java maintainer went to modules.. and people who don't like modules were not happy with that
17:21:41 <pboyHB> OK. Sorry, I could read all messages, but not wrtie until now.
17:22:19 <cyberpear> what's the background on this topic?
17:22:35 <langdon> yeah... not having the context.. whats the "outcome you wish"?
17:22:36 <pboyHB> Should we start with our agenda as posted this morning?
17:22:54 <langdon> i thought we were.. just not nec. in th eright order
17:22:57 <jwhimpel> I thought he went to modules because the burden of maintaining currency in all the dependent libraries was more than he was willing to bear.
17:23:45 <pboyHB> #topic Agenda
17:23:54 <pboyHB> 1. Welcome
17:24:00 <pboyHB> 2. Agenda
17:24:05 <langdon> jwhimpel: perhaps.. but the way i heard it was he->modular and didn't want to maintain both module and non-module.. so a group who don't care for modules, built it out as non-moulde rpms
17:24:06 <pboyHB> 3. Planning for next Fedora release(s)
17:24:13 <pboyHB> 3.1 Providing easy installation and pre-configuration for key services with Ansible
17:24:20 <pboyHB> .2 cooperation with Cloud WG / Cloud Base Images as Fedora Server VM
17:24:36 <pboyHB> 3.3 Revisiting defaults... filesystem/partitioning
17:24:42 <pboyHB> 4. Open Floor
17:24:55 <pboyHB> Skipped 2 topics because we are late.
17:25:07 <pboyHB> Short info about state of PRD:
17:25:14 <pboyHB> Final version now at https://fedoraproject.org/wiki/Server/Product_Requirements_Document_2021
17:25:21 <pboyHB> Still needs some final revision.We should be able to decide and vote about it next meeting (hopefully).
17:25:51 <pboyHB> #topic 3.1 Providing easy installation and pre-configuration for key services with Ansible
17:25:52 <langdon> yeah.. ill go back and give it another review /edit then we can just revote.. its probably "fine" for now..
17:26:06 <pboyHB> Created a wiki sub page as we agreed upon
17:26:12 <langdon> probably better to just run with what we have while i try to find time
17:26:14 <nirik> I can try and look this weekend at the PRD
17:26:37 <pboyHB> nirik: Thanks
17:26:47 <pboyHB> langdon: thanks
17:27:00 <pboyHB> We need not rush.
17:27:07 <richm> .hello richm
17:27:08 <zodbot> richm: Sorry, but you don't exist
17:27:12 <richm> .hello rmeggins
17:27:15 <zodbot> richm: rmeggins 'Richard Allen Megginson' <rmeggins@redhat.com>
17:27:38 <pboyHB> OK. Back to Ansible.
17:27:38 <richm> I'm the lead for the linux system Ansible roles project
17:27:47 <pboyHB> Created a wiki sub page as we agreed upon
17:27:52 <richm> we finally got off of our duffs and updated the Fedora packages with the latest roles + collection
17:28:02 <pboyHB> #link https://fedoraproject.org/wiki/Server/Using_Ansible
17:28:18 <pboyHB> Everybody who wants to participate should add ideas.
17:28:45 <richm> I would suggest that you take a look at the functionality provided by the roles for any Server automated management/configuration
17:28:50 <pboyHB> richm: Welcome!
17:28:54 <nirik> the problem I usually run into with this sort of thing is that it's too generic.
17:29:03 <richm> #info https://linux-system-roles.github.io
17:29:27 <richm> #link  https://linux-system-roles.github.io
17:29:28 <pboyHB> nirik +1
17:29:53 <nirik> I mean, teaching the tools ends up allowing people to do what they want with them instead of trying to give them a finished thing... but I'm happy to listen in on others ideas
17:29:59 <langdon> a guy i know added this thing called "profiles" to modules for just this problem :)
17:30:25 <langdon> nirik: are you ok with relaxing the "unattended"? you can always ask the user questions
17:30:38 <langdon> but then you can't do unattended install (well, easily)
17:31:15 <nirik> I'm... just not sure what the use case here is. installing things?
17:31:51 * nirik hasn't read the wiki page yet.
17:32:10 <pboyHB> nirik: +1 Probaböy we need 1-2 use cases?
17:32:31 <jwhimpel> The use case is many small businesses/ home office sites do not have highly experienced SA's available.   So providing known working roles could bring those sites into the Fedora world.
17:32:39 <pboyHB> nirik: The page is still quite short.
17:33:00 <pboyHB> jwhimpel +1
17:33:13 <swefredde> So richm, hi btw, How do you decide what roles to create?
17:33:51 <nirik> if we are writing roles, shouldn't we just contribute to collections?
17:34:09 <copperi> nirik +1
17:34:20 <richm> swefredde: mostly driven by existing roles that users find useful - so what we do is find someone who works on that subsystem to also help develop the role
17:34:39 <langdon> sorry.. nirik.. whats a "collection" in this context?
17:34:40 <nirik> or if it's fedora{server} specific perhaps we should make a ansible-collection-fedora-server. ;)
17:34:53 <jwhimpel> github.com/linux-system-roles/postfix installs a generic postfix install.  Additional roles could add TLS configuration, multi-domain server configuration, virtual users and groups in a database, etc.
17:35:06 <richm> so e.g. we found a useful libreswan role - and got the libreswan maintainer in fedora/rhel to help us enhance it
17:35:15 <nirik> the way ansible is distributing things in the new way... it's basically a way to package roles/connection plugins, etc... and that changes at it's own caidence
17:35:45 <langdon> oh.. "ansible collection". .. "collection" is almost as bad as "module"
17:36:01 <richm> the intention of the system roles is to insulate the user of the role from the implementation details - the best example is the timesync role, which will configure either ntp or chrony, depending on which one is better for the underlying platform - the user doesn't need to know anything about ntp or chrony
17:36:26 <richm> but not all roles are as abstract e.g. the aforementioned postfix role is very, very specific to postfix - we don't have an "email" or "email_client" role
17:36:51 <richm> yes - "ansible collection" is a most unfortunate concept name
17:37:01 <langdon> i would also think the user doesn't care how the distribution of the content happens.. and may change over time.. so.. i would say each thing should decide their own way of doing it .. as long as its some flavor of ansible and we provide a suggestion
17:37:13 <nirik> richm: I wonder if it would make sense to ship with/test linux-system-roles and fedora-server.
17:37:55 <richm> yes, that might make sense
17:38:27 <richm> I would encourage you, when you are looking at ways to use Ansible to manage components of Fedora, to look at the system roles to see if there is already some functionality there you could use
17:38:46 <richm> if you find something that doesn't quite fit, please let me and the team know and we can figure out how to make it fit
17:39:19 <richm> because the system roles are already provided by Fedora as an rpm - in both the "legacy" roles format and the new "collection" format
17:39:30 <langdon> would very much love a cockpit plugin that showed me what was available and let me click "give me some of that!"
17:40:03 <jwhimpel> system roles is fine, but as you said generic.  It's the configuration of add-ons and plumbing to other services that we need to think about providing.
17:40:43 <richm> yes - how to tie together the system roles into an automation solution rather than a bag o' parts
17:41:39 <richm> I did a preso/demo at devconf2021.cz about using system roles to manage a standard operating environment - this uses several roles in conjunction
17:41:57 <pboyHB> Question about possible use cases: We had discussed e.g. installing wildfly needing components from various sources.  Is that kind of tasks suitable ?
17:42:21 <langdon> richm: can you share the link to the recording?
17:42:45 <richm> #link https://linux-system-roles.github.io/2021/02/DevConf2021-cz
17:43:10 <richm> #link https://youtu.be/z4ExuSLORJY
17:43:16 <copperi> richm++
17:43:16 <zodbot> copperi: Karma for rmeggins changed to 1 (for the current release cycle):  https://badges.fedoraproject.org/tags/cookie/any
17:44:06 <richm> I also did a pre-recorded one in case there was a problem with the live one
17:44:12 <richm> #link https://youtu.be/OPQaC-wVqDU
17:45:32 <richm> pboyHB: Yes, if managing/installing wildfly requires network management, storage management, certificate management, metrics, logging, etc.
17:45:38 <richm> then system roles could help there
17:46:12 <pboyHB> richm: Ok. may be difficult
17:46:45 <dcavalca> I think the main issue with wildfly at the moment is that it isn't packaged
17:46:49 <richm> difficulties are an opportunity to improve system roles
17:47:09 <jwhimpel> pboyHB: My understanding is Wildfly has a lengthy dependency list.  Current policies require each dependency to be packaged individually.  It's a ton of work, but could be done.  Considerable resources would be required to keep it current.
17:47:22 <pboyHB> richm: I like that :-)
17:47:57 <pboyHB> jwhimpel: es, we have to find a way to install wildfly without package it.
17:48:15 <pboyHB> and comply to Fedory policy
17:48:46 <langdon> jwhimpel: this is a huge challenge with a lot of software these days.. people are even switching languages (e.g. go) to solve it
17:48:48 <richm> this reminds me of Elasticsearch . . .
17:49:32 <pboyHB> Guys, 10 minutes left.
17:49:53 <swefredde> richm: So how can I contribute to "not-yet-written-system-roles"
17:50:10 <pboyHB> time to consider: how do we proceed?
17:50:19 <langdon> so.. the problem is also "yet another standard".. if you figure all this out in "ansible" .. but the developers do it in "maven".. we have the same problem as if they were rpms..
17:50:42 <richm> swefredde: file an issue/RFE at https://github.com/linux-system-roles/linux-system-roles.github.io/issues
17:51:03 <pboyHB> langdon: i suppose the only chance is to fetch the war file, the java binary
17:51:47 <pboyHB> again: how do we proceed?
17:51:49 <langdon> a bundled one? assuming they build one?
17:52:17 <jwhimpel> richm: If one were to develop "helper" ansible roles for various services, should we forward those to you somehow for possible inclusion in linux-system-roles?
17:52:25 <dcavalca> langdon: yeah, they publish releases, see the "download zip" button on https://www.wildfly.org/
17:52:59 <dcavalca> but I don't think deploying that would comply with the Fedora policy, my understanding is that things need to be packaged in the distro to be part of an edition
17:53:26 <richm> jwhimpel: yes, please file an issue at https://github.com/linux-system-roles/linux-system-roles.github.io/issues
17:53:31 <langdon> dcavalca: but it wouldnt be "part of it".. like none of this would be installed by default right?
17:53:44 <langdon> its like gnome-software and flatpaks..
17:53:54 <cyberpear> there's provisions for third-party repos, but I'm not sure if it's permitted to install software from those by default
17:54:05 <langdon> flatpaks (from flathub) are big "bundles" .. so they aren't there by default
17:54:08 <langdon> kinda
17:54:13 <dcavalca> langdon: that's a good point; it would be part of the ansible roles, if those can reference outside software than it's probably ok
17:54:14 <cyberpear> langdon: exactly, this is like whitelisting a third-party flatpak
17:54:20 <langdon> it wouldn't be a 3rd party repo..
17:54:31 <langdon> its just a piece of software that uses a repo
17:54:35 <langdon> type thing
17:54:55 <langdon> i think policy would be "fine".. unless we want the "postfix system role" installed by default or something
17:55:32 <nirik> The thing is most of this should be upstream shouldn't it? ie, if wildfly install is desired, shouldn't they maintain that install scripting? The problem is here at the fedora server layer it's hard for me to see being specific...
17:55:33 <langdon> all that said.. we should warn a user that the wildfly bundle they are getting is coming from <abc> and not fedora
17:56:03 <langdon> nirik: right.. so .. we would be better off "injecting" there.. or using their tools as the input to our tools
17:56:06 <pboyHB> 5 minutes left.
17:56:18 <pboyHB> Proposal: langdon, jwhimpel, swefredde, pboyHB condense the discussion into  2-3 questions we can discuss next meeting
17:56:35 <pboyHB> using the web page
17:56:46 <langdon> the web page?
17:57:05 <pboyHB> yes:
17:57:07 <pboyHB> #link https://fedoraproject.org/wiki/Server/Using_Ansible
17:57:11 <jwhimpel> pboyHB: Can we have that discussion on the mailing list?
17:57:32 <langdon> shouldn't this be an issue? or ml discussion?
17:57:34 <pboyHB> yes, of course. even better.
17:57:46 <langdon> wiki changes seems higher "commitment"
17:57:46 <pboyHB> And can archive the result on the wiki page
17:58:33 <langdon> i would propose discourse or issue.. personally... ml discussions have no "history" (which is why discourse and pagure issues exist :) )
17:59:00 <pboyHB> proposal modified; langdon, jwhimpel, swefredde, pboyHB condense the discussion via mailing list  into  2-3 questions we can discuss next meeting pboyHB archives it at the wiki page
17:59:32 <pboyHB> If i see no objectiopns, I'll agree. Last chance to get off :-)
17:59:59 <pboyHB> #agreed: langdon, jwhimpel, swefredde, pboyHB condense the discussion via mailing list  into  2-3 questions we can discuss next meeting pboyHB archives it at the wiki page
18:00:37 <pboyHB> of course: paertecopation of anyone is welcome, too !!
18:00:56 <pboyHB> Ooh, these typos
18:01:11 <pboyHB> OK. time is up.
18:01:22 <pboyHB> Thanks to everyone,
18:01:23 <pboyHB> 1
18:01:58 <pboyHB> richm: I hope you will help us further ?!
18:02:00 <swefredde> Thx all
18:02:47 <pboyHB> #endmeeting