#meeting:fedoraproject.org log

<@davide:cavalca.name>

16:03:44

!startmeeting CentOS Hyperscale SIG

<@meetbot:fedora.im>

16:03:47

Meeting started at 2024-07-31 16:03:44 UTC

<@meetbot:fedora.im>

16:03:47

The Meeting name is 'CentOS Hyperscale SIG'

<@davide:cavalca.name>

16:03:54

morning everyone

<@davdunc:fedora.im>

16:03:57

!hi

<@davide:cavalca.name>

16:03:57

!topic Roll call

<@zodbot:fedora.im>

16:03:58

David Duncan (davdunc) - he / him / his

<@salimma:fedora.im>

16:04:40

!hi

<@zodbot:fedora.im>

16:04:41

Michel Lind (salimma) - he / him / his

<@conan_kudo:matrix.org>

16:05:06

!hi

<@zodbot:fedora.im>

16:05:09

Neal Gompa (ngompa) - he / him / his

<@daandemeyer/:matrix.org>

16:06:08

!hi

<@zodbot:fedora.im>

16:06:10

Daan De Meyer (daandemeyer)

<@davide:cavalca.name>

16:07:09

let's get started

<@davide:cavalca.name>

16:07:10

!topic Followups

<@davide:cavalca.name>

16:07:20

anybody has followups from the last meeting?

<@salimma:fedora.im>

16:07:46

uh can we post links to the last meeting so we can easily check?

<@salimma:fedora.im>

16:08:13

!link https://meetbot.fedoraproject.org/meeting_matrix_fedoraproject-org/2024-07-17/centos-hyperscale-sig.2024-07-17-16.02.html

<@salimma:fedora.im>

16:08:39

!link https://meetbot.fedoraproject.org/meeting_matrix_fedoraproject-org/2024-07-17/centos-hyperscale-sig.2024-07-17-16.02.log.html

<@salimma:fedora.im>

16:08:43

since the summary is useless

<@rcolebaugh:matrix.org>

16:09:11

!hi

<@salimma:fedora.im>

16:09:12

looks like the kernel branching was discussed

<@salimma:fedora.im>

16:09:26

and what to do with the Intel request since the person never shows up

<@zodbot:fedora.im>

16:09:27

Raymond Colebaugh (rcolebaugh) - he / him / his

<@salimma:fedora.im>

16:09:32

and cleaning up the member roll

<@salimma:fedora.im>

16:09:51

ok, looking at the misc topic. I do have a follow up

<@salimma:fedora.im>

16:10:31

!info CentOS Hyperscale SIG is now officially a member of linux-distros, and (checks clock) we already got our first embargoed CVE (public today)

<@salimma:fedora.im>

16:10:37

!link https://curl.se/docs/CVE-2024-7264.html

<@salimma:fedora.im>

16:10:50

(it is no-op for us and in any case low severity, but good to know the system works)

<@jonathanspw:fedora.im>

16:11:04

!hi

<@zodbot:fedora.im>

16:11:06

Jonathan Wright (jonathanspw)

<@conan_kudo:matrix.org>

16:11:12

!info CVE-2024-7264 does not apply to CentOS Hyperscale, so we have no action to take here.

<@salimma:fedora.im>

16:12:22

!info for completeness it also does not apply to Fedora or CentOS since curl is not linked against GnuTLS

<@salimma:fedora.im>

16:12:49

Jonathan Wright++ for quickly figuring that out yesterady

<@zodbot:fedora.im>

16:12:51

salimma gave a cookie to jonathanspw. They now have 16 cookies, 3 of which were obtained in the Fedora 40 release cycle

<@salimma:fedora.im>

16:12:56

Jonathan Wright++ for quickly figuring that out yesterday

<@zodbot:fedora.im>

16:12:57

salimma has already given cookies to jonathanspw during the F40 timeframe

<@salimma:fedora.im>

16:16:29

any update on the membership cleanup or the kernel?

<@salimma:fedora.im>

16:17:25

re: kernel, I am fielding some requests for perf tool improvements, I can either do it on our current kernel or our next one (and then try and upstream it to Fedora's spec)

<@salimma:fedora.im>

16:18:34

!info there are requests for perf to be built with cxa-demangle and opcode support

<@davide:cavalca.name>

16:18:35

is it worth doing Fedora in parallel?

<@salimma:fedora.im>

16:19:18

yeah, I can start with Fedora first

<@davide:cavalca.name>

16:20:58

moving on

<@davide:cavalca.name>

16:20:59

!topic Announcements

<@daandemeyer/:matrix.org>

16:21:56

I tagged systemd 256.4 in Hyperscale main

<@daandemeyer/:matrix.org>

16:22:17

systemd-releng now has a mkosi configuration for testing systemd, selinux-policy and dracut backports

<@salimma:fedora.im>

16:22:31

!info systemd 256.4 is available in Hyperscale

<@daandemeyer/:matrix.org>

16:22:41

We're very close to having an identical spec to rawhide but the last facebook specific bits can't be removed unfortunately

<@conan_kudo:matrix.org>

16:22:43

I'm probably going to skip 6.9 and go to 6.10 since 6.9 just EOL'd last week.

<@conan_kudo:matrix.org>

16:22:53

for our kernel

<@daandemeyer/:matrix.org>

16:23:18

I rewrote the systemd docs completely as well

<@salimma:fedora.im>

16:23:30

yeah, 6.10 Fedora test week is happening now too

<@salimma:fedora.im>

16:23:52

!link https://fedoramagazine.org/contribute-at-the-kernel-6-10-and-podman-5-2-test-days/

<@salimma:fedora.im>

16:24:46

!info next HS kernel will be 6.10, skipping 6.8

<@salimma:fedora.im>

16:26:16

I should announce this internally so the Nvidia users don't complain when their drivers break again :)

<@conan_kudo:matrix.org>

16:26:17

we're on 6.8

<@conan_kudo:matrix.org>

16:26:21

we'll be skipping 6.9

<@salimma:fedora.im>

16:29:15

ugh. brain fade. I meant what you said

<@salimma:fedora.im>

16:29:22

!info next HS kernel will be 6.10, skipping 6.9

<@conan_kudo:matrix.org>

16:30:27

btw, since I am working toward 6.10, I would prefer upstreaming changes to fedora/ark

<@conan_kudo:matrix.org>

16:30:41

I can pull them down into our tree if they're not merged just yet, but it really helps keeping those things in sync

<@salimma:fedora.im>

16:30:51

good to know

<@salimma:fedora.im>

16:31:04

that applies even to changes in the way userspace tooling is compiled, right?

<@conan_kudo:matrix.org>

16:31:17

yes

<@salimma:fedora.im>

16:31:21

ack

<@salimma:fedora.im>

16:31:29

need to finally figure out how to do it

<@salimma:fedora.im>

16:31:50

I'll probably play around with the Fedora kernel spec first but once it's working I'll try and check out Ark

<@conan_kudo:matrix.org>

16:32:24

ark is where the source spec is

<@conan_kudo:matrix.org>

16:32:42

unlike most source-git packages, the kernel's spec file is templated and generated as part of dist-git import

<@conan_kudo:matrix.org>

16:32:50

so you probably don't want to work from there

<@salimma:fedora.im>

16:32:55

aha

<@salimma:fedora.im>

16:33:08

yeah. as long as the docs are clear that sounds easier

<@conan_kudo:matrix.org>

16:33:22

the ark spec is here: https://gitlab.com/cki-project/kernel-ark/-/blob/os-build/redhat/kernel.spec.template?ref_type=heads

<@conan_kudo:matrix.org>

16:33:41

all the stuff around kernel packaging and configuration is here: https://gitlab.com/cki-project/kernel-ark/-/tree/os-build/redhat?ref_type=heads

<@conan_kudo:matrix.org>

16:33:58

if you need help, let me know, but it should be fairly straightforward

<@salimma:fedora.im>

16:35:05

ack. I probably won't have time until probably before/after DevConf.US anyway

<@davide:cavalca.name>

16:36:01

right, I guess the other thing relevant for announcements is that we'll be at flock and devconfus

<@conan_kudo:matrix.org>

16:36:17

I've started making the presentations today for that

<@davide:cavalca.name>

16:40:13

next up

<@davide:cavalca.name>

16:40:14

!topic Tickets

<@davide:cavalca.name>

16:40:43

I think the only pending thing here is the c10s kernel

<@daandemeyer/:matrix.org>

16:41:43

I was looking at https://pagure.io/centos-sig-hyperscale/sig/issue/94

<@daandemeyer/:matrix.org>

16:42:07

Running such CI would make the most sense on the rpm repo itself

<@daandemeyer/:matrix.org>

16:42:24

Problem is git.centos.org isn't the most hospitable place to run CI

<@daandemeyer/:matrix.org>

16:43:07

The other thing I can do is run the systemd integration tests in systemd-cd instead

<@salimma:fedora.im>

16:43:23

yeah, and git.centos.org will never see improvements really

<@davide:cavalca.name>

16:43:28

this may be worth engaging with #centos-integration:fedora.im as well

<@salimma:fedora.im>

16:43:48

long term we need an alternative, because the current GitLab situation is silly as well

<@davide:cavalca.name>

16:43:57

what to do about git.centos.org is a good flock conversation

<@conan_kudo:matrix.org>

16:44:22

I'm not particularly happy with the experience of gitlab.com/CentOS either :/

<@conan_kudo:matrix.org>

16:44:50

push comes to shove, if we're really going to be forced there, we might as well start having a meetup and conversation about it for c10s

<@davide:cavalca.name>

16:45:56

yeah, my point is I don't think we should wing a move to gitlab; we need to figure out as a project what the missing pieces are, if any, and get infra/docs/etc updated as needed so that all SIGs can benefit

<@davide:cavalca.name>

16:46:12

a split setup where some stuff in on git.centos.org and some on gitlab would be annoying

<@conan_kudo:matrix.org>

16:46:15

the biggest issue (aside from the annoying auth situation) is that we need to be careful about git repos there since they don't follow the rules of a dist-git at all

<@conan_kudo:matrix.org>

16:46:55

so if we decide to go that route, probably we will need to create tools to ensure package repos are correctly created, configured, and restricted

<@daandemeyer/:matrix.org>

16:47:39

Why can't we reuse the rhel repos like we do on git.centos.org?

<@conan_kudo:matrix.org>

16:47:51

we cannot because those repos are locked to Red Hat employees

<@conan_kudo:matrix.org>

16:48:04

git.centos.org is a shared resource, gitlab.com/redhat/centos-stream is not

<@daandemeyer/:matrix.org>

16:48:31

Would be nice if it was

<@daandemeyer/:matrix.org>

16:48:39

If that's not possible then I agree this shouldn't come from us

<@conan_kudo:matrix.org>

16:48:51

and I think they use the lack of it being shared as the primary workaround for this problem

<@davide:cavalca.name>

16:48:57

on git.centos.org we can push to those repos because of the branch ACLs

<@daandemeyer/:matrix.org>

16:49:29

Ideally we just get the same branch ACLs on gitlab

<@daandemeyer/:matrix.org>

16:49:38

Now somebody can tell me it's not that easy

<@conan_kudo:matrix.org>

16:49:58

git.centos.org can do it because pagure is extensible and supports pluggable authn and authz

<@conan_kudo:matrix.org>

16:50:14

gitlab can't because it lacks that capability, and even if the software did, gitlab.com would never expose that feature

<@salimma:fedora.im>

16:51:00

so yeah hopefully Fedora makes up its mind on the forge situation soon. because it's driven by RH asking anyway, so I suspect CentOS SIGs will end up using whatever is chosen

<@salimma:fedora.im>

16:51:32

if it's GitLab (ugh) it has to be the community one otherwise the cost is ridiculous. if it's Forgejo... I guess it's self hosted too

<@conan_kudo:matrix.org>

16:51:35

I'm staying out of it as much as possible now. I'm burned out and tired over it.

<@salimma:fedora.im>

16:51:46

I guess at this point we know they won't put keeping Pagure on the table

<@conan_kudo:matrix.org>

16:51:51

I'll just work on pagure with Dominik Wombacher (wombelix) and do my thing.

<@salimma:fedora.im>

16:51:58

so yeah, I also don't want to litigate that and just let them pick one

<@salimma:fedora.im>

16:52:19

it's not like you get much help from the RH/Fedora folks for Pagure anyway

<@salimma:fedora.im>

16:52:32

more like a disservice, having the flagship instance be configured poorly and having performance issues

<@conan_kudo:matrix.org>

16:52:42

Yeah. :(

<@daandemeyer/:matrix.org>

16:52:50

So I guess this will resolve itself in due time once the forge situation is figured out. I assume if pagure doesn't make the cut then git.centos.org will be on the chopping block as well

<@conan_kudo:matrix.org>

16:52:59

who the heck knows

<@conan_kudo:matrix.org>

16:53:14

last time I talked to arrfab about it, he told me nobody has said anything about it

<@daandemeyer/:matrix.org>

16:53:30

Yeah I was wondering about that

<@davide:cavalca.name>

16:53:39

my understanding is that git.centos.org exists primarily as a way to fulfill the source delivery obligation

<@daandemeyer/:matrix.org>

16:53:41

Everyone is very quiet on git.centos.org

<@davide:cavalca.name>

16:53:55

with c7 and c8 now EOL, that's mostly not a thing anymore

<@salimma:fedora.im>

16:54:01

but even for centos 8 they populated the branch on gitlab already

<@salimma:fedora.im>

16:54:16

how long do these... yeah exactly

<@salimma:fedora.im>

16:54:36

we probably don't want to provoke them into shutting it down by asking the question :)

<@conan_kudo:matrix.org>

16:54:37

git.centos.org might get turned into a cgit for historical stuff for all I know

<@davide:cavalca.name>

16:54:39

this predates me, but I'm told it was spun up to replace the FTP they used to use for code drops

<@conan_kudo:matrix.org>

16:54:42

nobody has said anything at all

<@daandemeyer/:matrix.org>

16:55:02

I should poke the beehive like I did with nmap's legal situation

<@conan_kudo:matrix.org>

16:55:14

oh geez :)

<@davide:cavalca.name>

16:55:35

we have 5 min left

<@davide:cavalca.name>

16:55:51

!topic Membership

<@davide:cavalca.name>

16:56:07

nothing here, but let's discuss the cleanup at flock

<@davide:cavalca.name>

16:56:17

and put together a plan for that so we can announce it

<@conan_kudo:matrix.org>

16:56:27

sounds good

<@salimma:fedora.im>

16:56:36

yeah

<@salimma:fedora.im>

16:56:56

something like Fedora I guess, we ping members who don't have any build done in the past 6 months or so

<@salimma:fedora.im>

16:57:07

and/or shown up in meetings

<@davide:cavalca.name>

16:58:04

yeah we can bikeshed the criteria

<@davide:cavalca.name>

16:58:10

!topic Miscellaneous

<@davide:cavalca.name>

16:58:14

any last words before we close?

<@salimma:fedora.im>

16:59:13

we have official Hyperscale events at Flock, right?

<@salimma:fedora.im>

16:59:15

or at DevConf

<@conan_kudo:matrix.org>

16:59:43

both

<@salimma:fedora.im>

16:59:53

will be a busy time

<@davide:cavalca.name>

17:00:24

!endmeeting

<@pboy:fedora.im>

17:00:24

Just a reminder, we sill start Server WG meeting now