#fedora-meeting-1 log

15:00:00 <nirik> #startmeeting Server Working Group Weekly Meeting (2016-06-07)
15:00:00 <zodbot> Meeting started Tue Jun  7 15:00:00 2016 UTC.  The chair is nirik. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:00 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
15:00:00 <zodbot> The meeting name has been set to 'server_working_group_weekly_meeting_(2016-06-07)'
15:00:01 <nirik> #chair danofsatx nirik stefw adamw simi mhayden jds2001 mjwolf hanthana
15:00:01 <nirik> #topic Agenda gathering
15:00:01 <zodbot> Current chairs: adamw danofsatx hanthana jds2001 mhayden mjwolf nirik simi stefw
15:00:13 <adamw> .hello adamwill
15:00:16 <zodbot> adamw: adamwill 'Adam Williamson' <awilliam@redhat.com>
15:00:24 <nirik> morning everyone.
15:00:52 <hanthana> .hello snavin
15:00:52 <zodbot> hanthana: snavin 'Danishka Navin' <danishka@gmail.com>
15:02:09 <mjwolf> .hello mjwolf
15:02:10 <zodbot> mjwolf: mjwolf 'Michael Wolf' <mjwolf@us.ibm.com>
15:02:16 <michel_slm> .hello salimma
15:02:18 <zodbot> michel_slm: salimma 'Michel Alexandre Salim' <michel@michel-slm.name>
15:02:23 <sgallagh> .hello sgallagh
15:02:24 <zodbot> sgallagh: sgallagh 'Stephen Gallagher' <sgallagh@redhat.com>
15:03:34 <nirik> anyone have any agenda items? sgallagh had one...
15:06:53 <nirik> ok, I guess lets run with that. ;)
15:07:04 <nirik> #topic OpenShift server - sgallagh
15:07:06 <sgallagh> /me ties his cross-trainers
15:07:15 <nirik> sgallagh: want to outline what you were thinking here?
15:07:26 <sgallagh> Sure.
15:07:55 <sgallagh> So, to start with, we have our nice PRD that describes how we want Server to be a nice, easy way to get major infrastructure up and running.
15:08:13 <sgallagh> To that end, we were developing rolekit, but it didn't gather the sort of adoption we would like.
15:08:23 <sgallagh> (Translation: the project imploded)
15:09:02 <sgallagh> Right now, rolekit is on life-support pretty much solely to support continuing to pass the release-blocking criteria for Server.
15:09:35 <sgallagh> I discussed at a Server SIG meeting a few weeks ago that this was untenable and that we really need to consider a new approach, preferably one with an existing community that we can work with.
15:10:07 <sgallagh> This was followed by an awful lot of empty silence
15:10:36 * nirik drops a pin
15:11:00 <sgallagh> So, from a completely biased perspective, I started looking at what it might take to move away from rolekit and onto a project that has resources.
15:11:33 <sgallagh> The two obvious choices seemed to be ansible or OpenShift, given the heavy Red Hat investment into those two solutions
15:12:13 <sgallagh> Since I am heavily biased (I work on OpenShift now), I started looking at that side of the picture.
15:13:04 <sgallagh> Partly this is so that we can start developing a concrete "bridging" story between classic systems (represented by Fedora Server) and the new wave of cloudy/devops systems represented by Project Atomic
15:14:20 <adamw> isn't openshift trying to be kinda cloudy and devops?
15:14:32 <sgallagh> I spelled out the rough high level in my email this morning, but the short version is I'd like to see server roles become just OpenShift apps that are maintained by both the Server and Cloud SIGs, with efforts put towards migration strategies that allow a system to start as a single-node OpenShift deployment and live-migrate to an atomic platform.
15:14:35 <nirik> so this would an atomic host running openshift and apps in pods/containers? much of this setup already exists right? we would just need to set it up as a product with criteria, etc?
15:16:12 <sgallagh> adamw: Yes, but there's nothing at all preventing it from running in single-node mode on a non-atomic server. Which is what I'm proposing that Server becomes.
15:16:57 <sgallagh> nirik: Well, that's the "mode 2" side of things, but not everyone is comfortable retooling their environment completely to do that all at once. We don't really have a migration story and I think this could make a start towards that
15:18:20 <michel_slm> the other path (Ansible) - unless Ansible Tower is open sourced, a Server product would have to reinvent the wheel? Unless I'm missing something obvious
15:18:56 <sgallagh> michel_slm: Well, Ansible is owned by Red Hat now, so I don't think it would come as much of a surprise to see it be open-sourced sooner rather than later.
15:20:04 <michel_slm> sgallagh: indeed. in the meantime it does make sense to focus on OpenShift first
15:20:11 <sgallagh> I don't have much experience with Ansible (hence this extremely biased proposal), but I feel like the OpenShift answer is could keep us in a position to remain relevant as the market shifts
15:20:56 * nirik kinda likes the idea, but would want to keep the existing setup around for a while until there's uptake on this and we can replace the roles we already made...
15:21:47 <adamw> because if we don't have resources to look after one setup we certainly have resources to look after two? :P
15:22:00 <sgallagh> nirik: Well, if we were going to move on this, I'd say that the minimum requirement is that Domain Controller, Database and memcache all have to be served by the new solution before we offer it.
15:22:30 <sgallagh> adamw: I think only one can be our official answer in any given release.
15:22:37 <sgallagh> But the goal should be to get to the new one ASAP
15:23:00 <nirik> well, sure... yeah, I suppose that would be the way...
15:23:03 <sgallagh> On the plus side, FreeIPA, PostgreSQL and memcache already have available reference apps in OpenShift.
15:23:12 <nirik> sgallagh: in your current job would you have time to work on this?
15:23:20 <sgallagh> And I'd be more than willing to keep the rolectl *tool* around as a shim around the new approach
15:24:10 <sgallagh> nirik: I'm working on that, but if I can get buy-in from both the Server SIG and Cloud SIG on this as a course of action, I'm reasonably confident that I can get cycles to implement it, yes
15:24:22 <sgallagh> Ideally not alone...
15:24:32 <nirik> and f25 would be the target? or f26?
15:24:51 <adamw> do we know if (to be blunt) anyone at all is actually *using* rolekit in production? and if they are, are you planning some kinda migration?
15:24:55 <sgallagh> I'd like to shoot for F25 if at all possible.
15:24:55 * nirik isn't also sure how feasable live-migrate from single server to atomic platform is
15:26:02 * nirik wonders also if there's any problems running traditional stuff on a host (virthost/guests, services) and openshift...
15:26:04 <sgallagh> adamw: I don't know if it's in use in production anywhere outside of my own environments.
15:26:31 <adamw> okay
15:26:46 <jds2001> oops :)
15:26:51 <jds2001> .hello jstanley
15:26:52 <zodbot> jds2001: jstanley 'Jon Stanley' <jonstanley@gmail.com>
15:26:55 <sgallagh> In other words, I don't think it's likely to be worth the effort to build formal migration strategies.
15:27:17 <sgallagh> But I *will* blog with some tips, particularly for the Domain Controller role.
15:27:36 <sgallagh> (That one at least has the advantage of being able to create a replica on the new approach and then decommission the original)
15:27:48 <michel_slm> sgallagh: a potential killer app if OpenShift is easy to deploy, is Fabric8
15:27:52 * jds2001 is unsure that anyone is using rolekit atm - i dont think it was ever mature enough
15:27:55 <sgallagh> And memcached doesn't need a migration strategy
15:28:14 <nirik> migrate all the memories! :)
15:28:22 <sgallagh> So really the only one that could be problematic is Database Server.
15:28:39 <sgallagh> And I agree with jds2001: it's unlikely that anyone was using our DB role in production yet
15:29:07 <nirik> dump/restore should pretty much work there I would think... but of course a bit of downtime
15:29:21 * jds2001 apologizes for his tardiness - and im in a in-person meeting atm :)
15:29:58 <nirik> jds2001: thats ok, we just signed you up to do all the things for f25. ;)
15:30:06 <sgallagh> nirik: Yeah, the other two could theoretically be zero downtime, but in any case there's little to worry about I think
15:30:13 <sgallagh> As long as we doc the manual steps
15:30:39 <adamw> sgallagh: there is, IIRC, some special property of the *first* freeipa server in any deployment, and decommissioning it is not entirely straightforward...but should be dealable-with i guess
15:30:59 <adamw> i am of course thrilled that this is happening right after i finally goddamn well automated testing of the *current* goddamn domain controller setup. :P
15:31:10 * nirik runs to get more coffee, back in a min
15:31:15 <sgallagh> adamw: I thought that was fixed in FreeIPA 4.x
15:31:16 <jds2001> adamw: job security :D
15:31:27 <adamw> sgallagh: possibly, it was just a rough memory
15:31:56 <sgallagh> adamw: the client bits shouldn't change at least
15:33:24 * danofsatx finally got away from today's contractors and reads the backlog
15:34:40 <sgallagh> adamw: rolekit is dead; I'm not going to have any cycles to improve it and make it truly useful and the world is developing better solutions anyway. I don't really want Fedora Server to become Solaris
15:36:14 <adamw> do you have any buy-in from Big Corporate Sponsor for this new approach?
15:36:23 <adamw> or is it just a case of 'heck, what do we do now, let's come up with something'?
15:36:52 <adamw> because i have to admit I'm not *thrilled* about the idea of amending all the release criteria and the test cases and so on every few releases because we don't really know what the hell we're doing
15:37:10 <adamw> (not meant to be accusatory, i know there was some kinda buyin to rolekit at the time, things change)
15:37:23 <sgallagh> Yeah, I don't like it either.
15:37:46 <sgallagh> And as of yet, I don't have buy-in, no.
15:37:53 <sgallagh> Partly that's because I need to test the waters first.
15:37:59 <adamw> hmm.
15:38:09 <danofsatx> ok, now that I'm caught up...
15:38:20 <sgallagh> I have interest from members of my direct team on OpenShift.
15:38:24 <danofsatx> I use rolekit in production and proofs of concept.
15:38:25 <adamw> i guess bluntly what i'm suggesting is if we don't actually have either an amazing vision that at least several of us are fully bought into, or something Big Corporate Sponsor actually wants us to do, it may be better to do nothing.
15:38:46 <danofsatx> I've even installed it on CentOS, just to see if it could be done
15:38:57 <adamw> there's no particular shame in saying 'well, okay, we did three flavors and one of them didn't entirely work out, let's focus on the ones that have obvious futures'.
15:39:02 <adamw> danofsatx: cool
15:39:13 <danofsatx> However, my current role of "unemployed" gives me zero validity to that fact now.
15:39:35 <sgallagh> True enough; that was part of the original plan after all. Allow us to try different things and see what survives and what fizzles.
15:39:52 <sgallagh> (Without taking all of Fedora down if one product failed)
15:40:34 * nirik nods.
15:40:47 <adamw> are you actually like super-pumped about spending a bunch of time working on an openshift-based Fedora Server, and optimistic that it'll turn into something awesome for the future? or is it more of a 'what the heck, i guess we could maybe do this' thing?
15:40:58 <sgallagh> Though I suspect that Big Corporate Sponsor *will* sit up and take notice if Fedora Server decides to discontinue.
15:41:12 <danofsatx> I displayed rolekit in an advanced Linux Networking class at my alma mater (I can say that now, yippee!). Everyone, from the professor to the noob students, were shocked by the simplicity - I showed it to them /after/ I walked them through manual installation of FreeIPA.
15:42:07 <danofsatx> rolekit, by itself, is an awesome tool. I hope that any replacement, whether it be OS or Tower, is just as simple.
15:42:30 * danofsatx wishes he had the mad skilz of sgallagh to pick up the torch and run....
15:43:00 <sgallagh> adamw: It's a fair question. I think that Fedora Server is important for Red Hat, but that they're not resourcing it appropriately (to be completely blunt). This was my way of trying to attract resources to it, which in turn should keep the lights on and keep feeding future RHEL.
15:43:17 <adamw> sgallagh: heck, that's not necessarily a bad thing; maybe the threat of shutting down would prompt someone to decide what they actually want out of us.
15:43:49 <adamw> anyhoo, i just figured it was worth discussing the option. if people think this is a good way to go and want to work on it, that's cool too, we can update all the stuff.
15:44:08 <sgallagh> adamw: I feel like if we get to the point where we can only operate through ultimatums, the conversation has already broken down.
15:44:15 <adamw> heh.
15:44:25 <jds2001> sgallagh: +1
15:44:32 <nirik> given that not all the working group is here today and this was kinda last minute, we should probibly continue discussing on list ?
15:44:37 <sgallagh> But honestly, I don't necessarily disagree.
15:44:50 <sgallagh> To some extent, Fedora Server is a solution in search of a problem
15:45:01 <nirik> and/or find out how much buyin sgallagh can arrange in the next week? ;)
15:45:18 <sgallagh> Plenty of valid problems exist, but we don't have the input or the resources to know where to focus.
15:45:43 <sgallagh> I'm going to spend the afternoon over at the Cloud FAD. I'll see what they have to say as well
15:45:49 <adamw> sounds good
15:45:57 <danofsatx> Fedora Server (IMHO) was the "technical preview" platform for CentOS/RHEL servers, and the answer to Ubuntu Server.
15:46:11 <sgallagh> danofsatx: Sure, but that's a very broad statement.
15:46:21 <danofsatx> exactly ;)
15:46:24 <nirik> well, part of the issue is that there's 10 ways to setup a X, so people just do the one they know/like... it's hard to get momentum on one process to do something everyone might not like
15:46:28 <sgallagh> What *aspect* of the datacenter is worth focusing on?
15:46:54 <danofsatx> today's datacenters are slowly but surely moving to cloud platforms.
15:47:04 <sgallagh> nirik: Right, but a lot of that is because of the historical situaiton
15:47:13 <nirik> sure
15:47:21 <sgallagh> If we want to get momentum on one process, it needs to be *really easy* for someone new to learn it
15:47:22 <danofsatx> Even in the job I left, I used CentOS 7 to build a cloud of F22/23 servers to run the infrastructure.
15:47:25 <nirik> but it makes server setups a slippery eel
15:47:30 <sgallagh> Hence why I wanted to focus on Cockpit
15:47:58 <danofsatx> Does the cockpit team have access to the Tower code? Can they be integrated?
15:48:06 <danofsatx> or does Tower have it's own webUI?
15:48:14 * danofsatx has never seen Tower
15:48:26 <sgallagh> danofsatx: As Tower is not yet open-sourced, I don't think that can be answered at this time
15:48:54 <danofsatx> ok, I didn't know if cockpit devs were RH employees that would have "special" access to it.
15:49:10 <nirik> open sourcing things takes time.
15:49:10 <sgallagh> danofsatx: Even if they did, they couldn't ship it :)
15:49:11 <danofsatx> however, is Cockpit looking at integrating Origin/OpenShift?
15:49:25 <sgallagh> danofsatx: It already has some integration
15:49:52 <jds2001> Tower is aimed at a different problem space.
15:49:55 <sgallagh> Internal to Red Hat, they're part of the same engineering organization, so you can probably infer that they will become more integrated over time
15:50:10 <jds2001> but at any rate, with it being closed source for now, may as well not even talk about it :/
15:50:14 * nirik notes we have 10min left.
15:50:26 <sgallagh> Good thing there were no other agenda items, then :)
15:50:30 <nirik> indeed.
15:50:47 <nirik> openshift has it's own web interface/management too thought right?
15:50:53 <jds2001> yeah
15:51:01 <danofsatx> yes, and it's slick.
15:51:05 <jds2001> pick a webui, any webui! :D
15:51:13 <danofsatx> but I'd rather have a single UI to navigate to/through
15:51:15 <nirik> spin the wheel of web
15:51:19 <sgallagh> yes, but they're built atop the same framework (PatternFly), so it would not be unrealistic to see them integrate at that layer
15:51:43 * danofsatx talked to the OpenShift guys at OSCON
15:51:45 <sgallagh> They are very intentionally sharing the same UI styling
15:52:27 <danofsatx> well, more 'listened to' than 'talked to', really
15:53:54 <nirik> as 2 side notes:
15:54:29 <nirik> 1) openshift is going to be used for the docker layered image building stuff that releng has been working on... so it should thus hopefully be working on fedora
15:54:57 <nirik> 2) there's also a plan to setup a openshift in the fedora infra cloud for people to test/playwith things. Not sure the status on that off hand tho
15:56:14 <nirik> ok, so discuss more on list? revist next week?
15:56:19 <nirik> who wants to chair next week?
15:58:10 <danofsatx> I can't gaurantee my location next week, so I can't volunteer
15:58:23 <danofsatx> Hell, I can't even spell that
15:58:59 <mjwolf> I can chair next week
15:59:12 <nirik> mjwolf: cool. thanks. Let me know if you need any info on it.
15:59:17 <nirik> #info mjwolf to chair next week
15:59:21 <nirik> #topic Open Floor
15:59:24 <nirik> anything for open floor
15:59:25 <nirik> ?
15:59:34 <adamw> quick note: openQA is now testing cockpit
15:59:56 <adamw> that is, covering https://fedoraproject.org/wiki/QA:Testcase_Server_cockpit_default and https://fedoraproject.org/wiki/QA:Testcase_Server_cockpit_basic
16:00:04 <adamw> it's also covering https://fedoraproject.org/wiki/QA:Testcase_Server_firewall_default now
16:00:10 <sgallagh> adamw++
16:00:34 <adamw> very shortly it will also be covering freeipa enrolment with cockpit - that's https://fedoraproject.org/wiki/QA:Testcase_realmd_join_cockpit (staging already is, will go into prod today)
16:01:20 <adamw> i think that leaves only the AD tests and the 'domain controller role' tests not covered yet.
16:01:35 <nirik> wow. spiffy
16:02:27 <nirik> ok, anything else? if not, will close in a min
16:02:56 <nirik> Thanks for coming everyone!
16:02:59 <nirik> #endmeeting