17:13:05 <michel_slm> #startmeeting fedora-server 17:13:05 <zodbot> Meeting started Wed May 26 17:13:05 2021 UTC. 17:13:05 <zodbot> This meeting is logged and archived in a public location. 17:13:05 <zodbot> The chair is michel_slm. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:13:05 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic. 17:13:05 <zodbot> The meeting name has been set to 'fedora-server' 17:13:11 <dcavalca> yay 17:13:16 <dcavalca> .hi 17:13:16 <langdon> michel_slm: faster than me :) 17:13:16 <zodbot> dcavalca: dcavalca 'Davide Cavalca' <dcavalca@fb.com> 17:13:21 <langdon> fyi https://fedoraproject.org/wiki/Zodbot 17:13:24 <michel_slm> ##addchair langdon 17:13:29 <michel_slm> #addchair langdon 17:13:33 <michel_slm> #addchair dcavalca 17:13:36 <langdon> dcavalca: woah.. .hi!?!? thats *short* 17:13:38 <cmurf> i think it's just chair 17:13:39 <langdon> .hi 17:13:40 <zodbot> langdon: langdon 'Langdon White' <langdon@redhat.com> 17:13:45 <cyberpear> h.i 17:13:46 <swefredde> .hi 17:13:47 <zodbot> swefredde: swefredde 'Fredrik Arneving' <fredrik.arneving@bahnhof.se> 17:13:47 <cyberpear> .hi 17:13:47 <michel_slm> eh... did I get that wrong? yeah, the wiki lists addchair too 17:13:49 <zodbot> cyberpear: cyberpear 'James Cassell' <fedoraproject@cyberpear.com> 17:13:57 <cmurf> :D 17:13:58 <michel_slm> #chair michel_slm langdon dcavalca cyberpear 17:13:58 <zodbot> Current chairs: cyberpear dcavalca langdon michel_slm 17:14:08 <michel_slm> #topic Intro 17:14:14 <michel_slm> .hello salimma 17:14:15 <zodbot> michel_slm: salimma 'Michel Alexandre Salim' <michel@michel-slm.name> 17:14:23 <langdon> anyone have the agenda handy? 17:14:31 <dcavalca> yeah, it's on the mailing list, one sec 17:14:36 <michel_slm> langdon yeah . hi works if your IRC nick matches :p 17:14:47 <cmurf> https://lists.fedoraproject.org/archives/list/server@lists.fedoraproject.org/message/LO45JYWU7WJLQ7U3XHSLPQJBT6RNLX4G/ 17:14:51 <dcavalca> https://lists.fedoraproject.org/archives/list/server@lists.fedoraproject.org/thread/LO45JYWU7WJLQ7U3XHSLPQJBT6RNLX4G/ 17:14:51 <cmurf> that's what went out 17:14:57 <langdon> michel_slm: i just knew .hello2 .. .which is SOOO much longer 17:15:19 <langdon> #link https://lists.fedoraproject.org/archives/list/server@lists.fedoraproject.org/message/LO45JYWU7WJLQ7U3XHSLPQJBT6RNLX4G/ agenda 17:15:24 <cmurf> .hello 17:15:24 <zodbot> cmurf: (hello <an alias, 1 argument>) -- Alias for "hellomynameis $1". 17:15:28 <cmurf> .hello2 17:15:29 <zodbot> cmurf: Sorry, but you don't exist 17:15:31 <cmurf> haha 17:15:42 <langdon> cmurf: its personal im sure 17:15:49 <cmurf> ok well i guess Noggin didn't fix the aliasing issue 17:16:03 <cmurf> i've got cmurf set in my account for irc *shrug* 17:16:17 <langdon> you can still .hello <fas> 17:16:19 <michel_slm> ok, who was here at the last meeting? they probably have more context for the discussions 17:16:22 <cmurf> .hello chrismurphy 17:16:23 <zodbot> cmurf: chrismurphy 'Chris Murphy' <bugzilla@colorremedies.com> 17:16:36 <langdon> ph > f anyway 17:16:51 <langdon> i was not.. had a conflict 17:16:59 <dcavalca> first item on the agenda is "Providing easy installation and pre-configuration for key services with Ansible - wiki page" 17:16:59 <swefredde> I was 17:17:00 <michel_slm> langdon: ph? 17:17:15 <langdon> "murphy" vs "murf" vs "murph" :) 17:17:18 <michel_slm> ooh 17:17:33 <richm> ϕ 17:17:37 <copperi> .hi 17:17:37 <zodbot> copperi: copperi 'Jan Kuparinen' <copper_fin@hotmail.com> 17:17:45 <langdon> i need a special zodbot command for "langdon making stupid joke, please ignore" 17:18:08 <copperi> ... /kick ban ignore ? 17:18:19 <cmurf> .fire langdon 17:18:19 <zodbot> adamw fires langdon 17:18:37 <jwhimpel> Last meeting I was tasked with researching issues with deploying various services via RPM and Ansible. 17:18:37 <adamw> AND STAY FIRED 17:18:44 <cmurf> haha 17:18:47 <adamw> oh am i supposed to be here? i'm good with times, me 17:18:52 <cmurf> he's alive! 17:19:01 <langdon> .fire adamw 17:19:01 <zodbot> adamw fires adamw 17:19:11 <cmurf> .hire adamw 17:19:11 <zodbot> adamw hires adamw 17:19:12 <langdon> but.. i meant to say.. 17:19:15 <langdon> adamw++ 17:19:15 <zodbot> langdon: Karma for adamwill changed to 2 (for the current release cycle): https://badges.fedoraproject.org/tags/cookie/any 17:19:21 <cmurf> ok moving on! i gotta go soon 17:19:35 <langdon> jwhimpel: ok.. let's switch to that agenda topic? 17:19:40 <jwhimpel> Going back into the email archives, it appears the java sig is hanging on by a slim thread. So services such as JBoss/Wildfly with its myriad of dependencies probably is not deployable via RPMs. 17:19:54 <michel_slm> #topic issues deploying services via RPM and Ansible 17:20:15 <langdon> michel_slm: thanks.. i was looking for good words 17:20:17 <pboyHB> .hello 17:20:17 <zodbot> pboyHB: (hello <an alias, 1 argument>) -- Alias for "hellomynameis $1". 17:20:19 * nirik is busy, but lurking in the back 17:20:37 <michel_slm> #chair michel_slm langdon cmurf dcavalca cyberpear jwhimpel pboyHB 17:20:37 <zodbot> Current chairs: cmurf cyberpear dcavalca jwhimpel langdon michel_slm pboyHB 17:20:59 <michel_slm> everyone gets a chair! please # info any useful .. info 17:21:02 <pboyHB> Can someone read my messages? I'm having issues here. 17:21:17 <michel_slm> pboyHB I read you fine 17:21:19 <jwhimpel> RPMS are good for provisioning (deployment), but they are not designed to customize configuration parameters in files. Ansible can install RPMS and keep them current. It can also customize configuration files. 17:21:32 <langdon> jwhimpel: its slightly more complicated than that.. the main java maintainer went to modules.. and people who don't like modules were not happy with that 17:21:41 <pboyHB> OK. Sorry, I could read all messages, but not wrtie until now. 17:22:19 <cyberpear> what's the background on this topic? 17:22:35 <langdon> yeah... not having the context.. whats the "outcome you wish"? 17:22:36 <pboyHB> Should we start with our agenda as posted this morning? 17:22:54 <langdon> i thought we were.. just not nec. in th eright order 17:22:57 <jwhimpel> I thought he went to modules because the burden of maintaining currency in all the dependent libraries was more than he was willing to bear. 17:23:45 <pboyHB> #topic Agenda 17:23:54 <pboyHB> 1. Welcome 17:24:00 <pboyHB> 2. Agenda 17:24:05 <langdon> jwhimpel: perhaps.. but the way i heard it was he->modular and didn't want to maintain both module and non-module.. so a group who don't care for modules, built it out as non-moulde rpms 17:24:06 <pboyHB> 3. Planning for next Fedora release(s) 17:24:13 <pboyHB> 3.1 Providing easy installation and pre-configuration for key services with Ansible 17:24:20 <pboyHB> .2 cooperation with Cloud WG / Cloud Base Images as Fedora Server VM 17:24:36 <pboyHB> 3.3 Revisiting defaults... filesystem/partitioning 17:24:42 <pboyHB> 4. Open Floor 17:24:55 <pboyHB> Skipped 2 topics because we are late. 17:25:07 <pboyHB> Short info about state of PRD: 17:25:14 <pboyHB> Final version now at https://fedoraproject.org/wiki/Server/Product_Requirements_Document_2021 17:25:21 <pboyHB> Still needs some final revision.We should be able to decide and vote about it next meeting (hopefully). 17:25:51 <pboyHB> #topic 3.1 Providing easy installation and pre-configuration for key services with Ansible 17:25:52 <langdon> yeah.. ill go back and give it another review /edit then we can just revote.. its probably "fine" for now.. 17:26:06 <pboyHB> Created a wiki sub page as we agreed upon 17:26:12 <langdon> probably better to just run with what we have while i try to find time 17:26:14 <nirik> I can try and look this weekend at the PRD 17:26:37 <pboyHB> nirik: Thanks 17:26:47 <pboyHB> langdon: thanks 17:27:00 <pboyHB> We need not rush. 17:27:07 <richm> .hello richm 17:27:08 <zodbot> richm: Sorry, but you don't exist 17:27:12 <richm> .hello rmeggins 17:27:15 <zodbot> richm: rmeggins 'Richard Allen Megginson' <rmeggins@redhat.com> 17:27:38 <pboyHB> OK. Back to Ansible. 17:27:38 <richm> I'm the lead for the linux system Ansible roles project 17:27:47 <pboyHB> Created a wiki sub page as we agreed upon 17:27:52 <richm> we finally got off of our duffs and updated the Fedora packages with the latest roles + collection 17:28:02 <pboyHB> #link https://fedoraproject.org/wiki/Server/Using_Ansible 17:28:18 <pboyHB> Everybody who wants to participate should add ideas. 17:28:45 <richm> I would suggest that you take a look at the functionality provided by the roles for any Server automated management/configuration 17:28:50 <pboyHB> richm: Welcome! 17:28:54 <nirik> the problem I usually run into with this sort of thing is that it's too generic. 17:29:03 <richm> #info https://linux-system-roles.github.io 17:29:27 <richm> #link https://linux-system-roles.github.io 17:29:28 <pboyHB> nirik +1 17:29:53 <nirik> I mean, teaching the tools ends up allowing people to do what they want with them instead of trying to give them a finished thing... but I'm happy to listen in on others ideas 17:29:59 <langdon> a guy i know added this thing called "profiles" to modules for just this problem :) 17:30:25 <langdon> nirik: are you ok with relaxing the "unattended"? you can always ask the user questions 17:30:38 <langdon> but then you can't do unattended install (well, easily) 17:31:15 <nirik> I'm... just not sure what the use case here is. installing things? 17:31:51 * nirik hasn't read the wiki page yet. 17:32:10 <pboyHB> nirik: +1 Probaböy we need 1-2 use cases? 17:32:31 <jwhimpel> The use case is many small businesses/ home office sites do not have highly experienced SA's available. So providing known working roles could bring those sites into the Fedora world. 17:32:39 <pboyHB> nirik: The page is still quite short. 17:33:00 <pboyHB> jwhimpel +1 17:33:13 <swefredde> So richm, hi btw, How do you decide what roles to create? 17:33:51 <nirik> if we are writing roles, shouldn't we just contribute to collections? 17:34:09 <copperi> nirik +1 17:34:20 <richm> swefredde: mostly driven by existing roles that users find useful - so what we do is find someone who works on that subsystem to also help develop the role 17:34:39 <langdon> sorry.. nirik.. whats a "collection" in this context? 17:34:40 <nirik> or if it's fedora{server} specific perhaps we should make a ansible-collection-fedora-server. ;) 17:34:53 <jwhimpel> github.com/linux-system-roles/postfix installs a generic postfix install. Additional roles could add TLS configuration, multi-domain server configuration, virtual users and groups in a database, etc. 17:35:06 <richm> so e.g. we found a useful libreswan role - and got the libreswan maintainer in fedora/rhel to help us enhance it 17:35:15 <nirik> the way ansible is distributing things in the new way... it's basically a way to package roles/connection plugins, etc... and that changes at it's own caidence 17:35:45 <langdon> oh.. "ansible collection". .. "collection" is almost as bad as "module" 17:36:01 <richm> the intention of the system roles is to insulate the user of the role from the implementation details - the best example is the timesync role, which will configure either ntp or chrony, depending on which one is better for the underlying platform - the user doesn't need to know anything about ntp or chrony 17:36:26 <richm> but not all roles are as abstract e.g. the aforementioned postfix role is very, very specific to postfix - we don't have an "email" or "email_client" role 17:36:51 <richm> yes - "ansible collection" is a most unfortunate concept name 17:37:01 <langdon> i would also think the user doesn't care how the distribution of the content happens.. and may change over time.. so.. i would say each thing should decide their own way of doing it .. as long as its some flavor of ansible and we provide a suggestion 17:37:13 <nirik> richm: I wonder if it would make sense to ship with/test linux-system-roles and fedora-server. 17:37:55 <richm> yes, that might make sense 17:38:27 <richm> I would encourage you, when you are looking at ways to use Ansible to manage components of Fedora, to look at the system roles to see if there is already some functionality there you could use 17:38:46 <richm> if you find something that doesn't quite fit, please let me and the team know and we can figure out how to make it fit 17:39:19 <richm> because the system roles are already provided by Fedora as an rpm - in both the "legacy" roles format and the new "collection" format 17:39:30 <langdon> would very much love a cockpit plugin that showed me what was available and let me click "give me some of that!" 17:40:03 <jwhimpel> system roles is fine, but as you said generic. It's the configuration of add-ons and plumbing to other services that we need to think about providing. 17:40:43 <richm> yes - how to tie together the system roles into an automation solution rather than a bag o' parts 17:41:39 <richm> I did a preso/demo at devconf2021.cz about using system roles to manage a standard operating environment - this uses several roles in conjunction 17:41:57 <pboyHB> Question about possible use cases: We had discussed e.g. installing wildfly needing components from various sources. Is that kind of tasks suitable ? 17:42:21 <langdon> richm: can you share the link to the recording? 17:42:45 <richm> #link https://linux-system-roles.github.io/2021/02/DevConf2021-cz 17:43:10 <richm> #link https://youtu.be/z4ExuSLORJY 17:43:16 <copperi> richm++ 17:43:16 <zodbot> copperi: Karma for rmeggins changed to 1 (for the current release cycle): https://badges.fedoraproject.org/tags/cookie/any 17:44:06 <richm> I also did a pre-recorded one in case there was a problem with the live one 17:44:12 <richm> #link https://youtu.be/OPQaC-wVqDU 17:45:32 <richm> pboyHB: Yes, if managing/installing wildfly requires network management, storage management, certificate management, metrics, logging, etc. 17:45:38 <richm> then system roles could help there 17:46:12 <pboyHB> richm: Ok. may be difficult 17:46:45 <dcavalca> I think the main issue with wildfly at the moment is that it isn't packaged 17:46:49 <richm> difficulties are an opportunity to improve system roles 17:47:09 <jwhimpel> pboyHB: My understanding is Wildfly has a lengthy dependency list. Current policies require each dependency to be packaged individually. It's a ton of work, but could be done. Considerable resources would be required to keep it current. 17:47:22 <pboyHB> richm: I like that :-) 17:47:57 <pboyHB> jwhimpel: es, we have to find a way to install wildfly without package it. 17:48:15 <pboyHB> and comply to Fedory policy 17:48:46 <langdon> jwhimpel: this is a huge challenge with a lot of software these days.. people are even switching languages (e.g. go) to solve it 17:48:48 <richm> this reminds me of Elasticsearch . . . 17:49:32 <pboyHB> Guys, 10 minutes left. 17:49:53 <swefredde> richm: So how can I contribute to "not-yet-written-system-roles" 17:50:10 <pboyHB> time to consider: how do we proceed? 17:50:19 <langdon> so.. the problem is also "yet another standard".. if you figure all this out in "ansible" .. but the developers do it in "maven".. we have the same problem as if they were rpms.. 17:50:42 <richm> swefredde: file an issue/RFE at https://github.com/linux-system-roles/linux-system-roles.github.io/issues 17:51:03 <pboyHB> langdon: i suppose the only chance is to fetch the war file, the java binary 17:51:47 <pboyHB> again: how do we proceed? 17:51:49 <langdon> a bundled one? assuming they build one? 17:52:17 <jwhimpel> richm: If one were to develop "helper" ansible roles for various services, should we forward those to you somehow for possible inclusion in linux-system-roles? 17:52:25 <dcavalca> langdon: yeah, they publish releases, see the "download zip" button on https://www.wildfly.org/ 17:52:59 <dcavalca> but I don't think deploying that would comply with the Fedora policy, my understanding is that things need to be packaged in the distro to be part of an edition 17:53:26 <richm> jwhimpel: yes, please file an issue at https://github.com/linux-system-roles/linux-system-roles.github.io/issues 17:53:31 <langdon> dcavalca: but it wouldnt be "part of it".. like none of this would be installed by default right? 17:53:44 <langdon> its like gnome-software and flatpaks.. 17:53:54 <cyberpear> there's provisions for third-party repos, but I'm not sure if it's permitted to install software from those by default 17:54:05 <langdon> flatpaks (from flathub) are big "bundles" .. so they aren't there by default 17:54:08 <langdon> kinda 17:54:13 <dcavalca> langdon: that's a good point; it would be part of the ansible roles, if those can reference outside software than it's probably ok 17:54:14 <cyberpear> langdon: exactly, this is like whitelisting a third-party flatpak 17:54:20 <langdon> it wouldn't be a 3rd party repo.. 17:54:31 <langdon> its just a piece of software that uses a repo 17:54:35 <langdon> type thing 17:54:55 <langdon> i think policy would be "fine".. unless we want the "postfix system role" installed by default or something 17:55:32 <nirik> The thing is most of this should be upstream shouldn't it? ie, if wildfly install is desired, shouldn't they maintain that install scripting? The problem is here at the fedora server layer it's hard for me to see being specific... 17:55:33 <langdon> all that said.. we should warn a user that the wildfly bundle they are getting is coming from <abc> and not fedora 17:56:03 <langdon> nirik: right.. so .. we would be better off "injecting" there.. or using their tools as the input to our tools 17:56:06 <pboyHB> 5 minutes left. 17:56:18 <pboyHB> Proposal: langdon, jwhimpel, swefredde, pboyHB condense the discussion into 2-3 questions we can discuss next meeting 17:56:35 <pboyHB> using the web page 17:56:46 <langdon> the web page? 17:57:05 <pboyHB> yes: 17:57:07 <pboyHB> #link https://fedoraproject.org/wiki/Server/Using_Ansible 17:57:11 <jwhimpel> pboyHB: Can we have that discussion on the mailing list? 17:57:32 <langdon> shouldn't this be an issue? or ml discussion? 17:57:34 <pboyHB> yes, of course. even better. 17:57:46 <langdon> wiki changes seems higher "commitment" 17:57:46 <pboyHB> And can archive the result on the wiki page 17:58:33 <langdon> i would propose discourse or issue.. personally... ml discussions have no "history" (which is why discourse and pagure issues exist :) ) 17:59:00 <pboyHB> proposal modified; langdon, jwhimpel, swefredde, pboyHB condense the discussion via mailing list into 2-3 questions we can discuss next meeting pboyHB archives it at the wiki page 17:59:32 <pboyHB> If i see no objectiopns, I'll agree. Last chance to get off :-) 17:59:59 <pboyHB> #agreed: langdon, jwhimpel, swefredde, pboyHB condense the discussion via mailing list into 2-3 questions we can discuss next meeting pboyHB archives it at the wiki page 18:00:37 <pboyHB> of course: paertecopation of anyone is welcome, too !! 18:00:56 <pboyHB> Ooh, these typos 18:01:11 <pboyHB> OK. time is up. 18:01:22 <pboyHB> Thanks to everyone, 18:01:23 <pboyHB> 1 18:01:58 <pboyHB> richm: I hope you will help us further ?! 18:02:00 <swefredde> Thx all 18:02:47 <pboyHB> #endmeeting