centos-hyperscale-sig
LOGS
<@conan_kudo:matrix.org>
16:04:23
!startmeeting CentOS Hyperscale SIG
<@meetbot:fedora.im>
16:04:25
Meeting started at 2024-02-14 16:04:23 UTC
<@meetbot:fedora.im>
16:04:25
The Meeting name is 'CentOS Hyperscale SIG'
<@anitazha:matrix.org>
16:04:43
Hello HS~
<@conan_kudo:matrix.org>
16:04:45
!topic Roll call
<@salimma:fedora.im>
16:04:48
!hi
<@zodbot:fedora.im>
16:04:49
Michel Lind (salimma) - he / him / his
<@nhanlon:beeper.com>
16:04:51
!hi
<@zodbot:fedora.im>
16:04:52
Neil Hanlon (neil) - he / him / his
<@jordanrome:matrix.org>
16:04:53
!hi
<@zodbot:fedora.im>
16:04:55
Jordan Rome (jordalgo) - he / him / his
<@daandemeyer/:matrix.org>
16:04:57
!hi
<@anitazha:matrix.org>
16:04:57
!hi
<@zodbot:fedora.im>
16:04:58
Daan De Meyer (daandemeyer)
<@zodbot:fedora.im>
16:04:59
Anita Zhang (anitazha) - she / her / hers
<@conan_kudo:matrix.org>
16:05:00
!hi
<@zodbot:fedora.im>
16:05:02
Neal Gompa (ngompa) - he / him / his
<@rcolebaugh:matrix.org>
16:05:07
!hi
<@zodbot:fedora.im>
16:05:09
Raymond Colebaugh (rcolebaugh) - he / him / his
<@davide:cavalca.name>
16:05:27
!hi
<@zodbot:fedora.im>
16:05:28
Davide Cavalca (dcavalca) - he / him / his
<@conan_kudo:matrix.org>
16:07:26
wow, I think this is the most we've had in a while
<@salimma:fedora.im>
16:08:06
Davide Cavalca: you're on vacation! shhh
<@jonathanspw:fedora.im>
16:08:12
!hi
<@zodbot:fedora.im>
16:08:12
Jonathan Wright (jonathanspw)
<@anitazha:matrix.org>
16:08:13
Many familiar faces
<@conan_kudo:matrix.org>
16:08:29
don't shush Davide!
<@conan_kudo:matrix.org>
16:08:37
he can be here if he wants :P
<@davide:cavalca.name>
16:08:44
I'm taking a half day back to take care of a few things this afternoon :)
<@nhanlon:beeper.com>
16:09:06
proposed action: make Davide learn how to vacation better
<@daandemeyer/:matrix.org>
16:09:23
+1
<@conan_kudo:matrix.org>
16:09:49
!topic Followups
<@conan_kudo:matrix.org>
16:10:01
Davide is better at vacations than I am
<@daandemeyer/:matrix.org>
16:10:14
proposed action: make Neal learn how to vacation better
<@nhanlon:beeper.com>
16:10:21
+2
<@nhanlon:beeper.com>
16:10:27
we all need to learn that i think heh
<@conan_kudo:matrix.org>
16:11:43
anyone got some stuff to followup from the last meeting?
<@salimma:fedora.im>
16:11:56
can't think of any, I have a new item later for open floor
<@conan_kudo:matrix.org>
16:12:09
I know we had CentOS Connect a couple weeks ago and had a F2F which was pretty great :)
<@daandemeyer/:matrix.org>
16:12:44
I suppose a followup is that the RHEL folks are going to figure out the SELinux situation
<@conan_kudo:matrix.org>
16:13:14
Right. And that actually turned into a Jira ticket update.
<@salimma:fedora.im>
16:13:26
nice. maybe share the link here for posterity?
<@conan_kudo:matrix.org>
16:14:00
<@salimma:fedora.im>
16:14:36
9.5 not 9.4, but I guess that's ... as good as it gets
<@conan_kudo:matrix.org>
16:15:01
I suspect it was too down to the wire for 9.4
<@nhanlon:beeper.com>
16:15:03
that's excellent news for sure. thanks for making that request Neal
<@conan_kudo:matrix.org>
16:15:20
from our perspective it doesn't matter
<@conan_kudo:matrix.org>
16:15:27
CentOS Stream 9 is already on 9.5 anyway
<@zodbot:fedora.im>
16:15:34
neil has already given cookies to ngompa during the F39 timeframe
<@salimma:fedora.im>
16:15:35
true
<@salimma:fedora.im>
16:15:47
also I guess selinux is one of those that RH has a vested interest to promote
<@salimma:fedora.im>
16:16:05
so they /should/ be helpful or it's... embarrassing if CentOS SIGs gave up on it
<@salimma:fedora.im>
16:16:21
Hyperscale AppArmor edition ;)
<@nhanlon:beeper.com>
16:16:43
tangentially (and off topic), does anyone know if RDO supports selinux? In the OSA project we have to disable SELinux on EL-likes, but i'd love to.. not do that at some point
<@conan_kudo:matrix.org>
16:16:55
It does.
<@conan_kudo:matrix.org>
16:17:12
You will want to talk to spotz about it in #centos-cloud:fedora.im
<@nhanlon:beeper.com>
16:17:14
cool, there's probably some rules I can re-use then
<@nhanlon:beeper.com>
16:17:33
yep yep, spotz is in OSA too, will ask them :) thanks
<@conan_kudo:matrix.org>
16:18:07
when even SUSE is moving from AppArmor to SELinux...? 🤔
<@salimma:fedora.im>
16:18:13
Open Security Architecture?
<@nhanlon:beeper.com>
16:18:18
openstack-ansible
<@salimma:fedora.im>
16:18:30
DDG's top result for OSA is a Soviet missile boat, Osa-class :P
<@bookwar:fedora.im>
16:18:34
There is no intent in hiding the selinux development, it is just that opening up things which were hosted on the internal infra in "before Stream" times is hard and takes much longer for certain corner cases.
<@conan_kudo:matrix.org>
16:19:00
yeah, it's all a big ball of mess to untangle
<@salimma:fedora.im>
16:19:02
yup, understandable
<@davide:cavalca.name>
16:19:13
"how to contribute to the selinux policies" would be a cool blog post if someone on the team at RH were interested in writing it
<@davide:cavalca.name>
16:19:27
(with both the fedora and the centos angles)
<@salimma:fedora.im>
16:19:27
speaking of private infra trackers, Conan Kudo should we ask the Anaconda team to open up their issue tracker? :)
<@conan_kudo:matrix.org>
16:19:42
we probably should
<@salimma:fedora.im>
16:19:42
SELinux Coloring Book needs a sequel for older kids :)
<@nhanlon:beeper.com>
16:19:56
>The Anarchists Guide to SELinux
<@conan_kudo:matrix.org>
16:20:09
it's going to be annoying if we wind up maintaining hyperscale anaconda if we can't really track what's going on or collaborate with them
<@conan_kudo:matrix.org>
16:20:33
I shouldn't say "if", since we _are_ already maintaining a hyperscale anaconda
<@davide:cavalca.name>
16:20:40
there's already a coloring book, so that would be a fun segue
<@davide:cavalca.name>
16:21:21
(in case you don't know what I'm talking about: https://github.com/mairin/selinux-coloring-book)
<@conan_kudo:matrix.org>
16:22:12
Máirín Duffy does great work, indeed.
<@conan_kudo:matrix.org>
16:23:24
Anyway, I do have a small followup... I've submitted a ticket to RHEL to get Xwayland-devel shipped in RHEL 9/10, because... well, apparently you can't build Wayland compositors with Xwayland support properly anymore without it.
<@conan_kudo:matrix.org>
16:23:29
<@conan_kudo:matrix.org>
16:23:59
This will be required for Michel Lind🎩 and shaunm's work on Hyperscale GNOME.
<@salimma:fedora.im>
16:24:18
do we though, for Hyperscale? because we have access to the internal repos right
<@salimma:fedora.im>
16:24:38
I agree that it should be shipped nonetheless -- also, can we also do a PR to add it to the ELN workload
<@salimma:fedora.im>
16:24:43
make sure it stays enabled
<@conan_kudo:matrix.org>
16:25:35
it depends on whether stuff goes into EPEL or Hyperscale or COPR
<@conan_kudo:matrix.org>
16:25:56
because the full GNOME is a big stack and as RHEL cuts down what's available out of the box, a lot of it can shift elsewhere
<@salimma:fedora.im>
16:26:10
oh true
<@salimma:fedora.im>
16:26:28
at some point it could be that we *could* and should move things to EPEL but can't because EPEL can't see some packages
<@salimma:fedora.im>
16:26:50
ideally HS Gnome stays as small as possible, though at the beginning it's probably easiest to have everything in HS
<@conan_kudo:matrix.org>
16:26:56
yes
<@conan_kudo:matrix.org>
16:27:24
and packages like mutter can be built in a non-conflicting way from the base package (we do this already for mutter compat packages in Fedora)
<@conan_kudo:matrix.org>
16:28:12
I'm not saying we should do that, but I want to keep our options open here.
<@salimma:fedora.im>
16:28:19
nods
<@conan_kudo:matrix.org>
16:29:04
the original reason I submitted the issue was actually because I realized KWin didn't build anymore
<@conan_kudo:matrix.org>
16:29:19
and that's because we were missing that package in EPEL because it is unshipped
<@salimma:fedora.im>
16:29:46
right. probably worth discussing it in the EPEL meeting later today as well then
<@conan_kudo:matrix.org>
16:29:50
yes
<@salimma:fedora.im>
16:30:02
and loop in Troy on the issue to get the package shipped
<@conan_kudo:matrix.org>
16:30:14
he should be already added as a watcher
<@conan_kudo:matrix.org>
16:30:22
but Jira doesn't tell you when stuff like that happens normally :(
<@conan_kudo:matrix.org>
16:32:14
anyway, that's all I have for followups, I haven't managed to do much else since getting back from fosdem...
<@conan_kudo:matrix.org>
16:32:18
anyone else have anything?
<@salimma:fedora.im>
16:32:53
you don't get emailed? wild
<@salimma:fedora.im>
16:33:11
we can move on I think, we're half an hour in
<@conan_kudo:matrix.org>
16:33:17
okay then
<@conan_kudo:matrix.org>
16:33:26
!topic Announcements
<@salimma:fedora.im>
16:33:33
I need a few mins to discuss something on Open Floor, it will probably get filed as an issue later after this meeting
<@conan_kudo:matrix.org>
16:33:44
Anyone have anything to announce?
<@conan_kudo:matrix.org>
16:34:48
I guess not, so...
<@daandemeyer/:matrix.org>
16:34:54
I've started on the next systemd release: https://git.centos.org/rpms/systemd/pull-request/15
<@conan_kudo:matrix.org>
16:34:58
oh nice
<@daandemeyer/:matrix.org>
16:35:41
And we now have a dracut backport from Fedora to accompany the next systemd release as dracut and systemd are tightly intertwined
<@conan_kudo:matrix.org>
16:36:13
that's a good thing anyway
<@salimma:fedora.im>
16:36:19
plot twist: soon dracut will be systemd-dracut ;)
<@conan_kudo:matrix.org>
16:36:22
for fixing livecd bugs, we need updated dracut
<@daandemeyer/:matrix.org>
16:36:43
No need to worry about that, we'd rather replace it entirely
<@conan_kudo:matrix.org>
16:36:52
:/
<@salimma:fedora.im>
16:36:57
systemd-mkinitramfs
<@conan_kudo:matrix.org>
16:37:06
as part of alt-images work, I'll endeavor to backport things to rhel9 dracut but hopefully we don't have too many of those cases
<@conan_kudo:matrix.org>
16:38:36
seems like the new systemd rebase also is a big spec cleanup
<@conan_kudo:matrix.org>
16:38:42
presumably because no more el8?
<@daandemeyer/:matrix.org>
16:38:56
Indeed, and because %autochangelog can now be used
<@daandemeyer/:matrix.org>
16:39:08
So we don't need to copy the entire changelog back into the spec anymore
<@conan_kudo:matrix.org>
16:39:38
it's nice to simplify at least
<@daandemeyer/:matrix.org>
16:39:38
Any complaints about %autochangelog can be raised with zbyszek ;)
<@salimma:fedora.im>
16:40:16
rpmautospec makes sense if we're just rebuilding the Fedora package as is, I guess
<@salimma:fedora.im>
16:40:33
or if we don't mind that the release number goes out of sync
<@salimma:fedora.im>
16:41:21
I wish it has support for, say, anything from Fedora's X.Y.Z-N being numbered X.Y.Z-N.M and just increasing the M
<@nhanlon:beeper.com>
16:42:05
sshhhh, then we'll have %rpmautodist
<@conan_kudo:matrix.org>
16:42:10
hacking in subrelease support into `%autorelease` is probably possible
<@conan_kudo:matrix.org>
16:42:38
if I had my way, the DistTag wouldn't even be something you worried about the in the spec file
<@conan_kudo:matrix.org>
16:43:40
anyway, do we have anything else?
<@conan_kudo:matrix.org>
16:43:50
if not, we can move on to...
<@conan_kudo:matrix.org>
16:43:58
!topic Tickets
<@conan_kudo:matrix.org>
16:44:28
We have no new tickets to process, so we can move on to...
<@conan_kudo:matrix.org>
16:44:38
!topic Membership
<@conan_kudo:matrix.org>
16:45:29
!info We have no new members to welcome, but I am going to take the opportunity to remind people that Davide Cavalca and I will be evaluating the membership rolls and figuring out a process to prune inactive members on a regular basis.
<@davide:cavalca.name>
16:46:02
let's plan on drafting a policy for that and putting it up for a vote in one of the next meetings
<@daandemeyer/:matrix.org>
16:46:03
So much for being the SIG with the most members
<@conan_kudo:matrix.org>
16:46:16
Yeah, I like it too, but it looks very weird.
<@davide:cavalca.name>
16:46:19
I suspect that will still hold even after the prune :)
<@nhanlon:beeper.com>
16:46:27
ballet box stuffing, smdh
<@conan_kudo:matrix.org>
16:46:31
We have literally 4x the members of the next largest SIG
<@anitazha:matrix.org>
16:46:36
I like smaller numbers
<@conan_kudo:matrix.org>
16:46:37
even if we cut half of it, we will be the biggest
<@conan_kudo:matrix.org>
16:47:33
some of it is also members that were previously contributing or intended to contribute but don't now
<@conan_kudo:matrix.org>
16:47:52
we've also incubated efforts that spun out into their own things
<@salimma:fedora.im>
16:47:56
Fedora's policy for pruning provenpackagers seem sane
<@nhanlon:beeper.com>
16:48:19
spitballing: even at that size it might make sense to organize a bit w.r.t. "working groups" or similar, which could also help encouraging others to join to have a more focused direction to the work
<@nhanlon:beeper.com>
16:48:36
there's a few large things that the SIG works on, ya know
<@conan_kudo:matrix.org>
16:48:57
I'm not sure what we'd do with that? at that point we'd wind up splitting them out into their own SIGs
<@nhanlon:beeper.com>
16:49:13
yeah now that I say it out loud, basically that was what happened with ISA sig
<@salimma:fedora.im>
16:49:16
we do kind of have unofficial working groups - or people self-organizing into different work anyway
<@conan_kudo:matrix.org>
16:49:17
that's pretty much what happened to our "optimized intel" stuff and "image creation" stuff
<@nhanlon:beeper.com>
16:49:18
so, moot point i suppose
<@salimma:fedora.im>
16:49:25
e.g. Daan and Anita doing systemd, me and Shaun doing GNOME eventually
<@nhanlon:beeper.com>
16:49:39
i provide comedic (?) relief...
<@conan_kudo:matrix.org>
16:49:40
that's not quite the same thing though
<@salimma:fedora.im>
16:49:45
also in Fedora terminology WG is above SIG, not a subset, right? :)
<@conan_kudo:matrix.org>
16:49:56
yes
<@salimma:fedora.im>
16:49:57
yeah, I think more bureaucracy is not needed here. Agreed with Neal
<@nhanlon:beeper.com>
16:49:59
good point
<@conan_kudo:matrix.org>
16:50:06
there's other complications but more or less
<@conan_kudo:matrix.org>
16:50:38
if we got to the point that we needed that, I think Davide and I would just start forking them out into their own SIGs
<@conan_kudo:matrix.org>
16:50:55
it helps that Davide is a board member so we can short-circuit that process because of that
<@salimma:fedora.im>
16:51:34
speaking of board governance, one question
<@davide:cavalca.name>
16:51:36
as I said before in talks I'm happy for folks to use Hyperscale as an incubator and eventually spin off into their own SIG
<@salimma:fedora.im>
16:51:45
if a SIG's board sponsor steps down, what happens?
<@conan_kudo:matrix.org>
16:51:54
the SIG shuts down without a new board sponsor
<@salimma:fedora.im>
16:52:01
or once a SIG is in, can the SIG's board rep be its own sponsor?
<@conan_kudo:matrix.org>
16:52:15
we are required to have a board sponsor to maintain operations, they exist as oversight
<@salimma:fedora.im>
16:52:34
do we have a backup then?
<@davide:cavalca.name>
16:52:38
that's technically correct, but in practice we'd just find another sponsor; the role has never been formalized, that's one of those things we could use some help getting better governance written around actually
<@conan_kudo:matrix.org>
16:52:56
yeah
<@davide:cavalca.name>
16:53:00
("we" as the board in case that wasn't clear)
<@conan_kudo:matrix.org>
16:55:31
anyway... not a problem right now
<@conan_kudo:matrix.org>
16:55:53
and when that bridge comes, we'll figure it out
<@salimma:fedora.im>
16:56:06
right
<@conan_kudo:matrix.org>
16:56:40
anyway, onto...
<@conan_kudo:matrix.org>
16:56:47
!topic Miscellaneous
<@conan_kudo:matrix.org>
16:56:54
The floor is open Michel Lind🎩
<@salimma:fedora.im>
16:57:02
hello!
<@salimma:fedora.im>
16:57:26
so... this use case came up at work that requires, in some cases, an automated pipeline to bump and rebuild packages
<@salimma:fedora.im>
16:57:42
whereas our current pipeline basically only flag whenever we fall behind c9s, IIRC
<@salimma:fedora.im>
16:58:13
so I wonder if there's an interest in working on a more general framework. maybe involving PackIt since they're doing similar work?
<@salimma:fedora.im>
16:58:51
I can imagine two avenues - packit style, with automatic MR when upstream cuts a new release - expanding our current work so some packages can track Fedora instead of tracking c9s
<@conan_kudo:matrix.org>
16:58:52
we're going to need some more general framework for this as we stop tracking RHEL packages in more cases
<@conan_kudo:matrix.org>
16:59:04
we stopped tracking RHEL for the kernel, as an example
<@salimma:fedora.im>
16:59:29
yeah. so our kernel can be another usecase for this
<@salimma:fedora.im>
16:59:47
I think I can disclose that the other package we need a solution for is tzdata :)
<@conan_kudo:matrix.org>
17:00:08
lol
<@conan_kudo:matrix.org>
17:00:11
that makes sense
<@davide:cavalca.name>
17:00:12
ooh I like the idea of using packit for this
<@conan_kudo:matrix.org>
17:00:15
time sux
<@salimma:fedora.im>
17:00:21
right
<@daandemeyer/:matrix.org>
17:00:27
The systemd-cd cron job on gitlab works amazingly well just saying. I checked out packit just didn't have the necessary features
<@daandemeyer/:matrix.org>
17:00:46
The systemd-cd cron job on gitlab works amazingly well just saying. I checked out packit last time and it just didn't have the necessary features
<@conan_kudo:matrix.org>
17:00:47
most packages aren't weirdly churny like systemd
<@salimma:fedora.im>
17:00:53
yeah, I think we need to seriously look at both systemd-cd and packit as potential solutions
<@salimma:fedora.im>
17:01:21
when did you look at packit Daan? not sure if they do CBS now, but I've trialled it on one of my churny package in Fedora (damo) and it's doing fine
<@conan_kudo:matrix.org>
17:01:35
custom automation for the kernel package is in my future plans
<@daandemeyer/:matrix.org>
17:01:46
The CBS support is in alpha/beta now I think?
<@conan_kudo:matrix.org>
17:01:54
but getting things right for that is hard because it's a source-git repo 😩
<@salimma:fedora.im>
17:01:57
we can try it for a less important package first
<@salimma:fedora.im>
17:02:06
yeah, the kernel will be the trickiest I guess
<@salimma:fedora.im>
17:02:26
I remember being curious about source-git but not touching it until I try doing stuff in Debian where everything is source git
<@salimma:fedora.im>
17:02:28
now I hate it :)
<@salimma:fedora.im>
17:02:57
anyway - so I'll file an issue to summarize this and we can discuss it there and follow up on it next time
<@salimma:fedora.im>
17:03:10
!action Michel to file issue exploring general package CI/CD
<@salimma:fedora.im>
17:03:31
one other quick thing, I just got an email today from devconf.cz, they have a CfP office hour on Feb 16
<@rcolebaugh:matrix.org>
17:03:32
I think this would be pretty interesting for automating openssh version bumps too. we do have the patches for it though, so could hit merge conflicts from time to time and require manual merge. But it would be nice to automate other package upgrades
<@salimma:fedora.im>
17:03:52
https://docs.google.com/document/d/17XqUJv94tond3_sTzMZ3gRHnQxwG-IFDaNzTZo6M6JE/edit#heading=h.iqafe5ypvr7b
<@salimma:fedora.im>
17:03:56
<@daandemeyer/:matrix.org>
17:04:14
Ah shit I need to submit something
<@salimma:fedora.im>
17:04:38
yeah, the nice thing about packit's way at least with Fedora packages is, it submits an PR, if it fails you can clone that repo, fix it and push back
<@salimma:fedora.im>
17:04:55
the office hour is at 2 pm CET so a bit early here in the US but doable
<@salimma:fedora.im>
17:05:22
oh and they're also on linkedin. fun. and Mastodon! huh
<@rcolebaugh:matrix.org>
17:05:24
ooo nice, yeah that sounds convenient!
<@salimma:fedora.im>
17:05:53
they're quite responsive on matrix too so once I file the issue I'll sound them out
<@salimma:fedora.im>
17:06:28
rcolebaugh: this is an example with me fixing the PR because some tests fail https://src.fedoraproject.org/rpms/python-damo/pull-request/11
<@conan_kudo:matrix.org>
17:07:00
right, they're in #packit:fedora.im
<@salimma:fedora.im>
17:07:38
which apparently I got kicked out for being idle so I just rejoined :P
<@conan_kudo:matrix.org>
17:08:07
anyway, we're running over and Stream Office hours are right now
<@conan_kudo:matrix.org>
17:08:17
so if there's nothing else...?
<@conan_kudo:matrix.org>
17:09:36
3...
<@conan_kudo:matrix.org>
17:09:37
2...
<@conan_kudo:matrix.org>
17:09:39
1...
<@conan_kudo:matrix.org>
17:09:42
!endmeeting