19:04:42 <jzb> #startmeeting Fedora Cloud Working Group
19:04:42 <zodbot> Meeting started Wed May  6 19:04:42 2015 UTC.  The chair is jzb. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:04:42 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
19:04:45 <jzb> roll call
19:04:52 <dustymabe> .hellomynameis dustymabe
19:04:53 <zodbot> dustymabe: dustymabe 'Dusty Mabe' <dusty@dustymabe.com>
19:04:54 <jzb> .hellomynameis jzb
19:04:56 <zodbot> jzb: jzb 'Joe Brockmeier' <jzb@redhat.com>
19:04:57 <adimania> .hellomynameis adimania
19:04:59 <zodbot> adimania: adimania 'Aditya Patawari' <adimania@gmail.com>
19:05:17 <jzb> #chair dustymabe walters
19:05:17 <zodbot> Current chairs: dustymabe jzb walters
19:05:56 <scollier> hi
19:06:04 <jzb> #chair scollier
19:06:04 <zodbot> Current chairs: dustymabe jzb scollier walters
19:06:09 <adimania> Hi. My name is Aditya. I have been contributing to Fedora-admin team. I have been playing around with docker and Project Atomic since sometime and want to get involved with Atomic more.
19:06:27 <scollier> heya adimania, welcome.
19:06:42 <adimania> hi scollier :)
19:06:53 <dustymabe> adimania: welcome! thanks for stopping by
19:07:35 <adimania> thanks scollier and dustymabe.
19:08:49 <jzb> ok
19:08:54 <jzb> sorry  - in person discussion
19:09:01 <jzb> let's get started
19:09:25 <jzb> #topic Care and Feeding, Fedora Dockerfiles
19:09:36 <jzb> #link https://fedorahosted.org/cloud/ticket/84
19:09:57 <scollier> jzb, reading.
19:10:17 <jzb> this one has sort of meandered and stagnated a bit.
19:10:25 <scollier> jzb, comment 1 still stands.
19:11:00 <jzb> scollier: well, that's... probably not good
19:11:07 <scollier> jzb, no, it's not.
19:11:19 <walters> this one should probably be broken up into milestones and distinct goals
19:11:20 <scollier> question for room, would someone like to co-maintain this repo with me?
19:11:35 <adimania> I can. I have some contributions there.
19:11:36 <jzb> scollier: are you getting PRs?
19:11:42 <scollier> jzb, yes.
19:11:49 <adimania> I also maintain the package in Fedora repos.
19:11:55 <scollier> i'm looking for a second set of eyes to ack PRs that come in, review issues.
19:12:04 <walters> random idea, what about having this be under projectatomic and also support centos?
19:12:07 <scollier> and work on the items in comment #1 to be more proactive.
19:12:32 <jzb> I think we've been working towards that - IIRC there are a few issues for scollier and jperrin to sort out.
19:12:39 <walters> one thing that seems clear to me is at some point we're going to have to bite the bullet and support templating
19:12:48 <walters> i.e. "build this dockerfile for f22 or f21 or centos7"
19:13:07 <scollier> walters, we thought about handling that in branches in git?
19:13:13 <scollier> in a single repo.
19:13:35 <jzb> scollier: any idea how other distros handle this?
19:13:44 <scollier> adimania, note taken though.  i'll ping you on PRs that come in.
19:13:57 <adimania> scollier, great.
19:13:57 <scollier> adimania, and we don't merge without 2 acks.
19:14:05 <scollier> jzb, not really, sorry.
19:14:13 <jzb> scollier: I am happy to keep an eye on PRs, too, though I'm probably less adept at Dockerfiles than you.
19:14:35 <jzb> scollier: my job responsibilities are being modified a bit, too, so... there's that.
19:14:35 <scollier> jzb, any help is appreciated.  i just hate when i get busy with $DAYJOB and they sit there for days sometimes.
19:14:37 <dustymabe> scollier: I believe I am able to now contribute on a more regular basis
19:14:42 <scollier> dustymabe, +1
19:14:59 <jbrooks> scollier, I too can pay attn to PRs there -- I'm really into the converged centos/fedora repo idea, too
19:15:02 <jzb> scollier: ack
19:15:09 <scollier> jbrooks, sweet.  thanks.
19:15:12 <adimania> I have a machine where I can fire up the Dockerfile build and run some basic sanity test.
19:15:28 <jzb> scollier: let's just make a decision on the repos though
19:15:32 <scollier> adimania, also, there has been this dream of mine to have some sort of CI wrapped around this repo.
19:15:39 <jzb> scollier: I'm for moving under projectatomic and doing branches for fedora/centos
19:15:41 <scollier> jbrooks, dustymabe ^
19:15:51 <jzb> scollier: was there any blocker for that?
19:15:51 <jbrooks> +1
19:16:10 <scollier> jzb, not really, just the conversation kinda dropped.  need someone to drive it.
19:16:14 <dustymabe> scollier: looks good. I'd like to know more about the details though?
19:16:16 <adimania> I commented on the repo sometime back that ideally we should have a test.sh with every Dockerfile with the tests written in it and fire it up on a CI.
19:16:18 <dustymabe> for CI
19:16:29 <adimania> I would love to have this.
19:16:46 <dustymabe> adimania: +1 - that would help with the CI part of it
19:16:50 <jbrooks> we should have it, and working all together, I think it'll be more doable
19:17:29 <adimania> if this sounds good to you guys, I can create a simple draft on wiki and send it across on the list for review.
19:17:31 <scollier> jbrooks, dustymabe, jzb, i'm all ears on how to merge these things.  my git fu may not be sufficient though.
19:18:06 <scollier> jbrooks, dustymabe, jzb, keep in mind this is the source for fedora-dockerfiles package, and for the images on the docker registry.
19:18:14 <scollier> so it would have to work in both of those cases
19:18:51 <jbrooks> OK, I'll think on it some. Different branches ought to work... right?
19:18:53 <jzb> scollier: does it have to pull from the master repo or can it pull from, like a fedora-22 branch?
19:19:08 <jzb> s/repo/branch
19:19:12 <scollier> jzb, jbrooks, I _think_ they should, i've never tried.
19:19:22 <scollier> jzb, that would be a good ticket
19:19:25 <scollier> for someone to test out.
19:20:35 <jzb> jbrooks: want to take that?
19:20:48 <jzb> jbrooks: create a branch and see if it will work for the fedora-dockerfiles package?
19:21:35 <scollier> and create a git repo, with a branch, and submit that branch to the docker hub for auto-building.
19:22:07 <jbrooks> jzb, cure
19:22:12 <jbrooks> sure
19:22:20 <jbrooks> All right
19:22:29 <scollier> jbrooks, i'm here to help too.
19:22:35 <jbrooks> sweet
19:23:02 <jzb> #action jbrooks create repo/branch for fedora-dockerfiles package and submit branch to docker hub for auto-building.
19:23:27 * jzb wonders if he can assign a ticket to jbrooks in the Fedora Trac instance.
19:23:43 <jbrooks> jzb, If fas matters, I'm jasonbrooks there
19:23:51 <jzb> K
19:23:56 <jzb> anything else on this topic?
19:24:04 <scollier> jzb, cool, so once we figure out how to handle centos / fedora dockerfiles, we can revisit that ticket.
19:24:18 <jzb> we do need to really promote the dockerfiles/docker images with Fedora 22 release.
19:25:05 <scollier> jzb, i'd like to spend some time talking about the best practices guide when a slot opens up, and it might align with your thoughts for f22
19:25:13 <jzb> scollier: OK
19:26:16 <jzb> #topic Considering a host UID/GID upgrade discontinuity
19:26:25 <jzb> #link https://fedorahosted.org/cloud/ticket/102
19:26:35 <jzb> also
19:26:40 <jzb> #link https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2015-April/msg00081.html
19:27:13 <jzb> walters: we seem to be light on folks this week, but I thought it'd be good to air this at least one meeting.
19:27:13 <walters> the major plus side of this is that you can "rpm-ostree rebase" a running system cleanly between e.g. centos and fedora
19:27:46 <jzb> walters: how bad will the breakage be upgrading from f21 -> f22?
19:28:44 <walters> a script would need to be written to try to transition
19:29:12 <dustymabe> walters: are there any "hooks" for this type of migration in atomic currently?
19:29:35 <walters> there aren't today no
19:29:45 <dustymabe> got ya
19:29:52 <dustymabe> going forward that could be something to think about
19:30:00 <dustymabe> that type of stuff is typically tricky to get right
19:30:03 <walters> yeah
19:30:07 <dustymabe> but with atomic it should be a lot easier
19:30:32 <dustymabe> because at least most of the OS is immutable and you *know* what you've got
19:30:43 <dustymabe> i.e. what you are upgrading from
19:30:50 <walters> yep
19:32:25 <jzb> any other thoughts on this?
19:32:44 <walters> sgallagh just posted
19:32:59 <jzb> Ah, yes.
19:33:22 <sgallagh> Ah, didn't notice that there was a meeting going on or I'd have chimed in here.
19:33:44 <jzb> sgallagh: we've been very quiet, we don't like to make a ruckus.
19:34:14 <jzb> sgallagh: looks like you're not +1 on this
19:34:18 <sgallagh> Yeah... transitioning IDs is a thing that basically can't be sanely scripted. Particularly if any of your mounted filesystems are shared with other instances that need to be transitioned
19:34:40 <sgallagh> jzb: I think it's very dangerous to do at this point in F22. With Final Freeze less than a week away.
19:34:55 <sgallagh> Particularly since I don't think a safe way to make this transition exists.
19:35:54 <jzb> sgallagh: do we assume that people can always safely upgrade alpha -> beta -> final?
19:36:08 <sgallagh> From my experience on SSSD, every time anyone has ever tried to change IDs (such as realizing their UID space in LDAP was too small, etc.) it has been a multi-month effort of finding all the breakage and fixing it manually.
19:36:22 <sgallagh> jzb: I'm more concerned about F21->F22
19:36:46 <jzb> sgallagh: I'm wondering if we have enough F21 adoption to be concerned about.
19:37:12 <jzb> this probably needs to be hashed out on the list
19:37:44 <jzb> walters: I think we should kick back for more discussion and set Monday as the date to take a decision, does that work?
19:37:54 <sgallagh> jzb: Monday is probably too late.
19:37:54 <walters> SGTM
19:37:59 <jzb> sgallagh: Friday?
19:38:18 <sgallagh> jzb: Monday at 23:59 UTC is when Freeze goes into effect.
19:38:35 <sgallagh> If you make a decision on Friday, you then have only the weekend and Monday to catch any fallout.
19:38:42 <sgallagh> That doesn't give me the warm fuzzies.
19:38:42 <jzb> oy
19:39:25 <sgallagh> So my recommendation is not to try this for F22 and plan it out carefully for F23.
19:39:36 <jzb> walters: ^^ ?
19:39:59 <dustymabe> jzb: that would coincide with our transition into a "spin" for atomic
19:40:05 <dustymabe> might make sense to do it then anyway?
19:40:20 <jzb> dustymabe: could be. That sounds reasonable.
19:40:30 <jzb> I hate when decisions are driven by arbitrary dates.
19:40:45 <jzb> I'm not saying it's wrong or anything, I know we all have deadlines
19:40:46 <dustymabe> and we could also "think" about this upgrade hook thing and see if we can reasonably pull that off
19:41:20 <sgallagh> jzb: The dates aren't arbitrary. They were set up and made public months ago specifically so people could plan around them.
19:41:53 <walters> this is where i'm just really not sure that dragging atomic through the current fedora Process as it stands today makes a lot of sense
19:42:08 <jzb> sgallagh: I think you misunderstand what I mean by "arbitrary"
19:42:09 <sgallagh> dustymabe: It's possible that the atomic mechanism will make this hook *less* of a burden, but as long as drives can be mounted and not online during the moment the hook runs, it's never going to be without risk
19:42:26 <dustymabe> sgallagh: very true
19:42:41 <jzb> sgallagh: as I said, I'm not saying it's wrong - but as walters notes - it's hard to fit some things into that process. That's all.
19:44:09 <sgallagh> jzb: The thing most people misunderstand about the Fedora process is that new development isn't really supposed to be happening in Fedora Branched after Beta Freeze.
19:44:13 <jzb> walters: can you live with transitioning for f23?
19:44:35 <sgallagh> At that point, everything that isn't ready should be working on Rawhide for the next release.
19:44:46 <jzb> sgallagh: no, I get that - but that process works better for things that are a little more mature than Atomic :-)
19:44:55 <sgallagh> I'm not saying we're good at holding to that, but it's the intention
19:45:46 <sgallagh> jzb: That's kind of what the Secondary Architecture process is for. It carries its own schedules (though it usually tries to track the primary schedule). If you're not mature yet, you probably shouldn't try to shoehorn into a stable release process.
19:46:11 <sgallagh> /me thinks we really need to work on the Fedora Incubator idea from  FUDCON Lawrence.
19:46:25 <jzb> sgallagh: interesting. I don't recall that, but I like the sound of it.
19:46:29 <jzb> OK, I'm going to switch gears
19:46:36 <jzb> we can finish up on list
19:46:44 <jzb> the other tickets are old and dusty
19:46:46 <sgallagh> Thanks for putting up with my ranting ;-)
19:46:56 <jzb> sgallagh: I'm used to it ;-)
19:47:05 <jzb> #topic open floor
19:47:11 <jzb> scollier: you had a topic?
19:47:54 <scollier> jzb, sure, wanted to start evangelizing the "Containers Best Practices Guide" posted here: https://github.com/projectatomic/container-best-practices
19:48:20 <scollier> jzb, can you please create an action for me to write a blog post and create a video on how to get started with that project?
19:48:41 <jzb> scollier: I can
19:49:06 <jzb> #action scollier write a blog post and create a video on how to get started with the "Containers Best Practices Guide" on Project Atomic.
19:49:27 <scollier> the goal is to create a single location with tips / tricks / best practices for creating containers (rkt or docker) on rhel, centos and fedora, using openshift, middleware, etc...
19:49:30 <jzb> scollier: this will apply equally well to Fedora, I'm assuming?
19:49:43 <jzb> ah, you answered before I finished asking
19:49:46 <scollier> so, for those of  you who are writing blogs, please consider contributing to this document as well.
19:50:01 <scollier> and at some point, we'll work with jzb to get it hosted on the projectatomic.io site.
19:50:07 <scollier> jzb, EOF for me.
19:50:14 <scollier> unless there are questions.
19:51:06 <adimania> can we have some tasks against this so that people like me can pick them up and try to write on a focused topic?
19:51:27 <jzb> adimania: I believe there's a ToC in github, and you could also file an issue there
19:51:31 <adimania> may be in the github issues itself.
19:51:34 <scollier> adimania, check here: https://github.com/projectatomic/container-best-practices/tree/master/content
19:51:57 <scollier> and see what you are most interested in, and please submit a PR.  we can create a ticket for you if you'd like, as a reminder?
19:52:35 <adimania> no need. I'll try to pick up things marked as TBD and give a pull request.
19:52:43 <scollier> adimania, cool.  thanks a ton.
19:52:57 <dustymabe> adimania++
19:52:57 <zodbot> dustymabe: Karma for adimania changed to 1:  https://badges.fedoraproject.org/badge/macaron-cookie-i
19:53:36 <adimania> :D this is great!
19:54:06 <dustymabe> ok only thing I have for open floor is the test day tomorrow
19:54:26 <jzb> dustymabe++
19:54:26 <zodbot> jzb: Karma for dustymabe changed to 2:  https://badges.fedoraproject.org/badge/macaron-cookie-i
19:54:33 <jzb> dustymabe: thanks for running with that.
19:54:35 <dustymabe> if you guys are available feel free to put the images through their paces
19:54:43 <dustymabe> jzb no prob
19:54:56 <dustymabe> some of the more advanced atomic experts can go off script too :)
19:55:13 <dustymabe> or even write new tests
19:55:30 <jzb> dustymabe: curious - any idea how long a person should schedule for testing?
19:55:38 <scollier> dustymabe, curious, how many folks usually participate in these?
19:56:00 <dustymabe> jzb: scollier: I've only participated in a few myself but it really ranges
19:56:16 <jzb> dustymabe: I think we had 10-15 people for the last one
19:56:16 <dustymabe> usually there are 2/3 community representatives in chat for most of the day
19:56:27 <scollier> jzb, that's not bad.
19:56:31 <dustymabe> and then others flow in and out as they have free time
19:56:38 <jzb> dustymabe: last time we had a group in India that co-scheduled a test day with it.
19:56:44 <dustymabe> and collaborate on issues
19:56:51 <dustymabe> jzb: that is true
19:56:57 <jzb> scollier: I wonder if we should send a note to appinfra about it
19:57:05 <scollier> jzb, absolutely.
19:57:12 <dustymabe> I can send one if you like?
19:57:25 <jzb> dustymabe: wasn't sure if you were on that list - please do.
19:57:37 <dustymabe> jzb yep :) - I lurk
19:57:50 <dustymabe> ok cool. will do that
19:58:35 <walters> i have one other item which is https://fedorahosted.org/rel-eng/ticket/6170
19:59:53 <jzb> walters: we need to push to get that respun, or...?
20:00:12 <walters> until rel-eng respins, i suggest `RUN passwd -l root` in your Fedora Dockerfiles today
20:00:26 <walters> jzb, yes
20:00:41 <walters> there's a larger issue here in that this was fixed in RHEL a month ago, and a public errata issued
20:00:53 <walters> but one was not made for fedora even though i wrote the patch...5 months ago now
20:01:07 <walters> because there's no bugzilla component for the Fedora docker base image in bugzilla
20:01:17 <jzb> ARGH
20:01:28 <walters> (nor for Atomic host actually...or really for anything other than RPMs...)
20:02:21 <walters> or a rigorous concept of ownership/responsibility...
20:02:28 <walters> or good automated testing...
20:02:35 <jzb> walters: now you're just into crazy talk ;-)
20:02:41 <walters> i know right
20:02:58 <walters> anyways does someone know who to poke about that?
20:03:27 <dustymabe> walters: I wish. but as of right now I don't
20:03:41 <jzb> walters: lack of the bugzilla component or rel-eng for that issue specifically?
20:03:47 <walters> former
20:04:16 <jzb> walters: I bet stickster could point us in the right direction
20:04:23 <walters> i suspect this is tied up in some sort of netherworld between internal Red Hat bugzilla maintenance and Fedora infra
20:05:34 <walters> i'll file a trac ticket?
20:05:58 <jzb> walters: OK, I will follow up with stickster on that too
20:06:57 <jzb> any other items?
20:07:02 <jzb> otherwise I'll go ahead and close it out.
20:08:02 <jzb> OK, thanks all!
20:08:05 <jzb> #endmeeting