#meeting-1:fedoraproject.org log

<@davdunc:fedora.im>

16:17:01

!startmeeting fedora_cloud_meeting

<@meetbot:fedora.im>

16:17:02

Meeting started at 2025-02-27 16:17:01 UTC

<@meetbot:fedora.im>

16:17:03

The Meeting name is 'fedora_cloud_meeting'

<@davdunc:fedora.im>

16:17:16

!topic roll call

<@davdunc:fedora.im>

16:17:35

Hey Jeremy Cline

<@jcline:fedora.im>

16:17:37

!hi

<@zodbot:fedora.im>

16:17:39

Jeremy Cline (jcline) - he / him / his

<@conan_kudo:matrix.org>

16:18:45

!hi

<@zodbot:fedora.im>

16:18:47

Neal Gompa (ngompa) - he / him / his

<@davdunc:fedora.im>

16:20:54

!topic action items

<@davdunc:fedora.im>

16:21:12

I still need to update the first docs commits.

<@davdunc:fedora.im>

16:21:41

Did we get any flock submissions? anyone going to flock with us?

<@nhanlon:beeper.com>

16:21:43

!hi

<@zodbot:fedora.im>

16:21:45

Neil Hanlon (neil) - he / him / his

<@nhanlon:beeper.com>

16:22:15

flock CFP was also extended i think?

<@jcline:fedora.im>

16:23:02

I submitted a talk on the signing infra and the work I'm doing for (among other things) aarch64 secure boot

<@davdunc:fedora.im>

16:23:52

Awesome. I have a state of the cloud in.

<@jcline:fedora.im>

16:24:34

I'm happy to present a few slides on the image uploader/wsl/azure/etc if you want as part of that

<@davdunc:fedora.im>

16:24:59

I'll consider it a joint talk then Jeremy Cline .

<@davdunc:fedora.im>

16:25:12

we can do it together.

<@davdunc:fedora.im>

16:25:34

with Conan Kudo in there for a kiwi status.

<@conan_kudo:matrix.org>

16:25:50

sure

<@conan_kudo:matrix.org>

16:25:56

we might want to consider a kiwi workshop

<@davdunc:fedora.im>

16:26:02

👍️

<@conan_kudo:matrix.org>

16:26:02

for both flock and devconf.cz

<@davdunc:fedora.im>

16:26:30

I have the submission for that. Let's improve it and submit it today.

<@davdunc:fedora.im>

16:27:50

Jeremy Cline: you are totally included.

<@jcline:fedora.im>

16:28:49

I won't be at devconf.cz as I'll be in the middle of moving and being away for that long definitely won't fly, unfortunately, but I'm happy to be there for flock

<@davdunc:fedora.im>

16:29:15

awesome. adjusting the submission for flock to include Jeremy.

<@davdunc:fedora.im>

16:30:19

!topic Container Images

<@davdunc:fedora.im>

16:30:34

!link https://pagure.io/cloud-sig/issue/437

<@davdunc:fedora.im>

16:31:27

focusing on the final quote from Conan Kudo > If the goal is to have a base image with a user mimicking what we have in cloud images, we can make one. It's not that big of a deal to produce it.

<@davdunc:fedora.im>

16:31:27

<@davdunc:fedora.im>

16:32:04

but then it woud nice to get all containers listed . . .

<@conan_kudo:matrix.org>

16:32:12

it appears that ubuntu images include a user even if they aren't used by default

<@conan_kudo:matrix.org>

16:32:16

so we can do the same for fedora

<@davdunc:fedora.im>

16:32:26

I see.

<@conan_kudo:matrix.org>

16:32:52

it is probably tied to how ubuntu container images are made, but I see no reason we can't introduce a `fedora` user

<@davdunc:fedora.im>

16:32:56

Do we have an expected practice here?

<@davdunc:fedora.im>

16:33:33

on the surface, it doesn't sound like a bad way to build the container image.

<@conan_kudo:matrix.org>

16:33:44

probably the user should be created `fedora` with password `fedora` as a member of the wheel group and sudo configured for nopasswd for that user (or members of wheel)

<@davdunc:fedora.im>

16:34:15

sounds right. Does that have an adverse effect on Bootc?

<@conan_kudo:matrix.org>

16:34:31

yes

<@davdunc:fedora.im>

16:34:38

figured.

<@conan_kudo:matrix.org>

16:34:47

the fedora base container cannot be used for bootc with this setup

<@davdunc:fedora.im>

16:35:01

then. . . that's an alternative.

<@conan_kudo:matrix.org>

16:35:03

we'd need to define a fedora-bootc base container anyway with different stuff

<@davdunc:fedora.im>

16:35:11

aha.

<@davdunc:fedora.im>

16:35:25

so then there is some variation here that we need to accomodate.

<@conan_kudo:matrix.org>

16:35:30

yes

<@conan_kudo:matrix.org>

16:35:42

we should also get around to releasing the fedora-init container that was contributed a couple cycles ago

<@davdunc:fedora.im>

16:35:43

well that makes it an easier decision.

<@conan_kudo:matrix.org>

16:35:47

we forgot to do it for f41

<@davdunc:fedora.im>

16:35:59

eek. s

<@davdunc:fedora.im>

16:37:38

okay. So that container discussion sparks some additional discussion points.

<@davdunc:fedora.im>

16:37:56

we need to have a list of the container images that we plan to release every time.

<@conan_kudo:matrix.org>

16:38:21

well, it would be released if we had it configured in pungi to build :P

<@conan_kudo:matrix.org>

16:39:03

and fwiw, the Fedora bootc initiative is winding down over the next couple of months, so we need to see whether they figured out how to let regular image build tools produce bootc base images

<@davdunc:fedora.im>

16:39:40

interesting.

<@davdunc:fedora.im>

16:40:35

As long as we can maintain what they require in the base image.

<@davdunc:fedora.im>

16:40:51

We also need a container registry plan.

<@davdunc:fedora.im>

16:41:15

I would like to publish to the public cloud registries as well.

<@davdunc:fedora.im>

16:43:03

Okay

<@davdunc:fedora.im>

16:43:30

!topic No. 436 Verified Provider status for AWS AMI

<@davdunc:fedora.im>

16:43:48

!link https://pagure.io/cloud-sig/issue/436

<@davdunc:fedora.im>

16:44:20

I'm working with the PM for the service now. Hopefully we will get this cleared up on what they want from the metadata side.

<@davdunc:fedora.im>

16:44:52

that will get us all what we need to clear up the confusion.

<@davide:cavalca.name>

16:45:17

!hi

<@zodbot:fedora.im>

16:45:18

Davide Cavalca (dcavalca) - he / him / his

<@davdunc:fedora.im>

16:45:28

Once we know what it is, we can update the FCOS team and get that sorted.

<@dustymabe:matrix.org>

16:46:04

👋

<@davdunc:fedora.im>

16:46:25

yes dustymabe I am talking about you. :)

<@davdunc:fedora.im>

16:47:49

our naming convention change broke the ec2 decision tree, so we just need to get it back in place.

<@dustymabe:matrix.org>

16:48:09

cloud image naming convention? or CoreOS?

<@davdunc:fedora.im>

16:48:16

cloud

<@conan_kudo:matrix.org>

16:48:51

we switched back the naming convention though

<@conan_kudo:matrix.org>

16:48:55

that should have fixed it, no?

<@davdunc:fedora.im>

16:49:12

I don't know how the FCOS got removed. Since there is a metadata initiative, I am going to keep moving on that so the combination of publication account and metadata can be the qualification.

<@davdunc:fedora.im>

16:49:59

I don't have any details on why it persists Conan Kudo , but I just want it to work the way they expect it to work now.

<@davdunc:fedora.im>

16:50:34

I don't consider it our change.

<@conan_kudo:matrix.org>

16:51:12

okay

<@davdunc:fedora.im>

16:52:15

I think it's something to fix.

<@davdunc:fedora.im>

16:53:16

!action davdunc to respond to the ticket with the details from the Amazon PM for the Verified status asap.

<@davdunc:fedora.im>

16:53:51

!topic open_floor

<@davdunc:fedora.im>

16:54:01

We are quickly running out of time.

<@davdunc:fedora.im>

16:54:15

want to give everyone an opportunity to bring topics forward.

<@jcline:fedora.im>

16:56:19

I guess I'll just note that we semi-regularly get pinged about the Google Cloud images; the code to upload them is there, they're being built, we just don't have any credentials available.

<@davdunc:fedora.im>

16:56:50

oh! we have credentials Jeremy Cline !

<@davdunc:fedora.im>

16:57:02

I'll make sure that we get that handled today.

<@davdunc:fedora.im>

16:57:11

I'll hit you up and we'll get it done.

<@davdunc:fedora.im>

16:57:45

Andrew Jorgensen and I spoke about it a couple of weeks ago.

<@davdunc:fedora.im>

16:57:56

He's there to help us if we need home.

<@davdunc:fedora.im>

16:58:01

him*

<@davdunc:fedora.im>

16:58:46

Zach left the team recently and that left a bit of a gap. I think if he was not so busy, he would have fixed it for us by now.

<@davdunc:fedora.im>

16:59:50

Andrew said he would give us a code review when he found the time.

<@jcline:fedora.im>

17:00:07

Yeah I guess I should say some people do have credentials to the account here, but we need app credentials or whatever they're word for it is. Dusty set me up in the fedora-cloud-devel project so I could test the code, but I don't have access to issue app credentials.

<@davdunc:fedora.im>

17:00:51

I understand. We'll figure it out or file a ticket and make someone with creds do it.

<@davdunc:fedora.im>

17:01:11

I thought we could do it, but . . . suppose not.

<@jcline:fedora.im>

17:01:14

I've tested what I wrote uploads the images using the google cli credentials, but I can't say what the permission set is (again, no visibility into audit logs or whatever). Anyway, I don't particularly want admin access to the google account, but those who have it are the only ones who can do this.

<@davdunc:fedora.im>

17:01:24

oof

<@davdunc:fedora.im>

17:01:30

we are out of time

<@davdunc:fedora.im>

17:01:41

Jeremy Cline: we'll keep this up in the channel.

<@davdunc:fedora.im>

17:01:54

Thanks everyone for being here!

<@davdunc:fedora.im>

17:02:02

!endmeeting