20:00:15 #startmeeting Fedora Server SIG Weekly Meeting (2018-06-12) 20:00:15 Meeting started Tue Jun 12 20:00:15 2018 UTC. 20:00:15 This meeting is logged and archived in a public location. 20:00:15 The chair is sgallagh. Information about MeetBot at http://wiki.debian.org/MeetBot. 20:00:15 Useful Commands: #action #agreed #halp #info #idea #link #topic. 20:00:15 The meeting name has been set to 'fedora_server_sig_weekly_meeting_(2018-06-12)' 20:00:15 #meetingname serversig 20:00:15 #topic Roll Call 20:00:15 The meeting name has been set to 'serversig' 20:00:25 .hello2 20:00:26 dperpeet: dperpeet 'None' 20:00:30 .hello2 20:00:33 sgallagh: sgallagh 'Stephen Gallagher' 20:01:17 morning 20:02:26 * langdon lurks 20:03:15 OK, let's get started. 20:03:19 #topic Agenda 20:03:25 We have only one topic on the agenda so far: 20:03:39 #info Agenda Topic: Remote Logging requirements 20:03:48 Does anyone have another topic for this week>? 20:04:46 I don't (just so you don't question your internet connectivity if nobody else answers) 20:04:53 Heh 20:05:03 Well, if anyone does, we'll have time for Open Floor, I expect 20:05:11 #topic Remote Logging Requirements 20:05:47 As hopefully everyone saw, Lukas Ruzicka sent out a proposed new test case for F29 blockers. 20:06:29 This was based on our original (now-ancient) PRD for the Server Edition. We had a requirement that Server Edition must be capable of transmitting all logs to a remote logging source, as this is a common requirement in many deployments. 20:07:08 The PRD intentionally did not specify the protocol that was needed for this, as when it was being written we were still considering whether we wanted to back the journald-remote horse or stay conservative with rsyslog. 20:07:52 there's also a systemd-netlogd now... 20:07:53 So, now that three years have passed, I think it's worth discussing whether we should come down firmly on one side or the other... or any other outcome 20:08:02 Oh? That's a new one on me. 20:08:12 (that transmits a journal via syslog to a remote machine) 20:08:15 https://bugzilla.redhat.com/show_bug.cgi?id=1580121 20:08:22 https://github.com/systemd/systemd-netlogd/blob/master/systemd-netlogd.spec 20:08:25 hmm 20:08:41 but thats using the same transport a rsyslog would use 20:08:51 OK, interesting 20:09:18 So I think there are several questions before us, and I'll try to enumerate them. Then we can walk through each of them 20:10:09 1) Do we want to require that the default installation of Server Edition is capable of transmitting logs to a remote server out of the box (modulo config settings to point the way)? 20:10:44 2) Do we want the Server Edition to be capable of aggregating logs from one or more remote servers out of the box (same caveat with required config)? 20:10:58 3) Do we want to mandate a specific protocol for 1) and 2)? 20:11:25 I think I had a 4) when I started typing, but I forgot it... 20:12:17 So, let's start with 1). 20:12:19 I think 1 is something large deployments definitely want, but are we targeting them? 20:12:40 wouldn't large deployments have a custom roll-out? 20:13:09 I would say this is for the smaller deployments, or even trial ones ("would Fedora Server work for me?") 20:13:23 That's a fair question; should we assume that anyone who is doing this sort of setup would have custom scripts to configure it anyway? 20:13:36 ( I think "no", but the question should be asked and answered.) 20:14:01 yeah, I would expect large sites to be using CM of some kind... 20:14:10 I think with containers and virtual machines, it should be trivial to get the logs for anyone 20:14:32 Jumping to the end-state, I think my ideal situation would be for Cockpit to have a config dialog that amounted to "send all my logs to x.x.x.x" and that would be answer to 1) 20:14:48 (With Cockpit capable of doing the necessary package installation and configuration as needed) 20:15:06 dperpeet: Sorry, can you expand on that last statement? 20:15:12 I'm not sure I follow your logic. 20:15:28 that's a very flexible definition of "out of the box" when you propose to have that done via Cockpit 20:16:03 dperpeet: It's *soft*ware. Flexibility is right in the name! 20:16:07 sure, I meant that when I set up a virtual machine with Fedora Server, it should be trivial to access those logs (have them pushed somewhere or pull from there) 20:16:10 :) 20:16:22 sgallagh, I wasn't criticizing, just pointing out 20:16:38 I think that option would be a good compromise between initial footprint and ease of use 20:16:45 Right, I wasn't necessarily answering question 1) there; I was throwing out a straw man for discussion 20:17:27 dperpeet: Pulling logs from a server is prohibitively complex; I think we need to limit ourselves to "push" solutions for now 20:18:35 dperpeet: The VM case I think is fundamentally identical to the bare metal case. Containers are a bit more interesting though. 20:18:52 I'm not sure we necessarily want to try to solve that generically here in this meeting though. 20:19:09 sgallagh, ah, I read the log aggregation as pulling logs 20:19:21 I think (unless its changed) that sending logs via rsyslog/syslog proto is much easier than the systemd native one (which I think used http post?) 20:19:30 No, I meant having multiple machines all pushing to a common machine that aggregates them 20:19:50 nirik: It used an HTTPS transport in some fashion, yes 20:20:02 I don't know all the details 20:20:46 I don't think it was terribly important to know the difference, since theoretically the systemd-journal-upload and systemd-journal-remote tools should have handled the complexities under the hood 20:21:20 nirik: Speaking from your perspective, did that protocol ever take root anywhere, or has the state of the art remained with rsyslog 20:21:20 in that case I'm not so sure 2) is essential :) 20:21:46 since combining information is a very broad field... 20:21:48 sgallagh: I have never heard of anyone using systemd-journal-upload/remote. 20:22:06 dperpeet: Well, rsyslog can do this 20:22:14 I recall the devel thread had a bunch of improvement suggestions, but I don't know if those ever happened. 20:22:26 nirik: That sounds to me like we should probably stick with rsyslog in Server Edition for the time being then 20:22:40 yeah, that would be my vote 20:23:05 dperpeet: rsyslog has a mode of operation where it can listen on a well-known port for messages sent from other rsyslog systems 20:23:25 It "aggregates* them mostly in terms of serializing the data coming in and logging them to a common place tagged with origin 20:23:42 yeah, I've seen that before 20:23:53 it sounds like rsyslog is a good candidate 20:24:02 maybe with an enabler via Cockpit or the likes? 20:24:26 Yeah, that would be ideal in my book 20:24:40 dperpeet: Does cockpit support on-demand package install yet? 20:25:05 sgallagh, I honestly have no idea 20:25:26 Probably best to just stick with installing rsyslog by default, I suppose 20:25:40 And then have a cockpit configuration enabler 20:25:45 yeah 20:26:25 So, with all that in mind, I'd say that https://fedoraproject.org/wiki/User:Lruzicka/QA:Testcase_Remote_logging as currently written would be appropriate and acceptable for F29 release criteria. 20:27:26 (leaving the cockpit enabler as aspirational at this moment; though it's probably not going to be too hard to write -- the config is simple) 20:28:16 +1 20:28:47 yep. agree 20:29:55 OK, good enough for me. 20:30:25 #agreed Server SIG endorses rsyslog for remote logging and aggregation and approves the proposed rsyslog test cases for F29 20:30:30 #topic Open Floor 20:30:36 Other topics for this week? 20:31:06 * nirik has nothing off hand 20:31:56 OK, I'll give it another minute or so and then close the meeting 20:34:22 #endmeeting