2024-04-10 16:30:29 <@jlebon:fedora.im> !startmeeting fedora_coreos_meeting
2024-04-10 16:30:30 <@meetbot:fedora.im> Meeting started at 2024-04-10 16:30:29 UTC
2024-04-10 16:30:30 <@meetbot:fedora.im> The Meeting name is 'fedora_coreos_meeting'
2024-04-10 16:30:35 <@jlebon:fedora.im> !topic roll call
2024-04-10 16:30:56 <@cverna_:matrix.org> o/
2024-04-10 16:31:00 <@dustymabe:matrix.org> !hi
2024-04-10 16:31:04 <@zodbot:fedora.im> Dusty Mabe (dustymabe) - he / him / his
2024-04-10 16:31:15 <@siosm:matrix.org> !hi
2024-04-10 16:31:18 <@zodbot:fedora.im> Timothée Ravier (siosm) - he / him / his
2024-04-10 16:31:27 <@cverna_:matrix.org> trying to follow while I am washing the dishes :-P 
2024-04-10 16:31:33 <@jbrooks:matrix.org> !hi jasonbrooks
2024-04-10 16:31:35 <@zodbot:fedora.im> Jason Brooks (jasonbrooks) - he / him / his
2024-04-10 16:31:41 <@gurssing:matrix.org> !hi gursewak
2024-04-10 16:31:42 <@zodbot:fedora.im> Gursewak Singh (gursewak)
2024-04-10 16:32:22 <@marmijo:fedora.im> !hi
2024-04-10 16:32:24 <@zodbot:fedora.im> Michael Armijo (marmijo)
2024-04-10 16:32:51 <@jlebon:fedora.im> Clément Verna: that's impressive :)
2024-04-10 16:33:42 <@cverna_:matrix.org> what me washing the dishes? I know :P 
2024-04-10 16:33:50 <@jlebon:fedora.im> let's wait another minute
2024-04-10 16:34:49 <@jlebon:fedora.im> !topic Action items from last meeting
2024-04-10 16:35:02 <@jlebon:fedora.im> dustymabe jbtrystram  to meet to discuss implementation of wifi firmwares warning/deprecation 
2024-04-10 16:35:10 <@aaradhak:matrix.org> !hi aaradhak
2024-04-10 16:35:11 <@zodbot:fedora.im> Aashish Radhakrishnan (aaradhak)
2024-04-10 16:35:52 <@dustymabe:matrix.org> !info dustymabe jbtrystram did meet to discuss implementation of wifi firmwares warning/deprecation. Have not implemented it yet. 
2024-04-10 16:36:06 <@dustymabe:matrix.org> jbtrystram: want to get together this week on that ^^ ?
2024-04-10 16:36:17 <@jlebon:fedora.im> nice 👍️
2024-04-10 16:36:29 <@ydesouza:fedora.im> !hi
2024-04-10 16:36:30 <@zodbot:fedora.im> Yasmin Valim de Souza (ydesouza)
2024-04-10 16:37:05 <@jlebon:fedora.im> not sure if he's around right now
2024-04-10 16:37:24 <@jlebon:fedora.im> ok cool, let's move on to meeting topics
2024-04-10 16:37:28 <@jlebon:fedora.im> !topic google-compute-engine-guest-configs-udev has been retired in Fedora
2024-04-10 16:37:31 <@jlebon:fedora.im> 
    !link https://github.com/coreos/fedora-coreos-tracker/issues/1702

2024-04-10 16:37:36 <@jlebon:fedora.im> 
!link https://github.com/coreos/fedora-coreos-tracker/issues/1702
2024-04-10 16:38:24 <@jlebon:fedora.im> dustymabe: want to intro this one?
2024-04-10 16:38:48 <@dustymabe:matrix.org> yep. it will be short I think because I just got an update
2024-04-10 16:39:10 <@dustymabe:matrix.org> the `google-compute-engine-guest-configs` package got orphaned and then retired in Fedora
2024-04-10 16:39:48 <@dustymabe:matrix.org> but I just got notification that the cloud WG is picking up the pieces because they want to install the full agent from google in their GCP image and this would break if all of those packages didn't exist

2024-04-10 16:40:03 <@ravanelli:matrix.org> .hi
2024-04-10 16:40:04 <@siosm:matrix.org> https://pagure.io/releng/issue/12055
2024-04-10 16:40:06 <@dustymabe:matrix.org> we only use a few udev files in a subpackage (not the full agent)
2024-04-10 16:40:44 <@dustymabe:matrix.org> !info the cloud WG is picking up the retired google packages and we should be able to continue using the subpackage we were using in the past.
2024-04-10 16:40:49 <@siosm:matrix.org> I'll reach out to Neal to offer co-maintenance
2024-04-10 16:40:50 <@jlebon:fedora.im> nice, that's good
2024-04-10 16:41:45 <@jlebon:fedora.im> sounds like we can move on then
2024-04-10 16:42:18 <@ravanelli:matrix.org> + I also got an update about the evaluation on maintaining google-compute-engine-guest-configs in RHEL
2024-04-10 16:42:36 <@ravanelli:matrix.org> it has been closed as won't do
2024-04-10 16:43:28 <@ravanelli:matrix.org> I our initial idea was to have everything add in RHEL so, we probably need to discuss the next steps for it too
2024-04-10 16:43:50 <@siosm:matrix.org> what?
2024-04-10 16:43:59 <@siosm:matrix.org> is it the auto close?
2024-04-10 16:44:02 <@jlebon:fedora.im> Renata Ravanelli: did that happen during the period of time the package was orphaned in Fedora? might be some automation stuff
2024-04-10 16:44:05 <@siosm:matrix.org> anyway it's not FCOS specific
2024-04-10 16:45:05 <@jlebon:fedora.im> yeah, let's maybe chat more about that outside this meeting
2024-04-10 16:45:11 <@ravanelli:matrix.org> Not an automation, it was manually closed as well, looking the last comment it has: 	
"Since I dropped most of my Google-related packages in Fedora, I think this effort is likely going to be too much work for the team for now."
2024-04-10 16:45:14 <@jbtrystram:matrix.org> !hi 
2024-04-10 16:45:16 <@zodbot:fedora.im> Jean-Baptiste Trystram (jbtrystram) - he / him / his
2024-04-10 16:45:51 <@jlebon:fedora.im> Renata Ravanelli: interesting. we'll need to follow up there. let's discuss it after
2024-04-10 16:46:08 <@jlebon:fedora.im> !topic Have the coreos-installer '--copy-network' option also copy generated udev ifname rules
2024-04-10 16:46:15 <@jlebon:fedora.im> 
!link https://github.com/coreos/fedora-coreos-tracker/issues/1684
2024-04-10 16:46:43 <@jlebon:fedora.im> oh wow, I forgot that I was the one who tagged this in
2024-04-10 16:49:11 <@jlebon:fedora.im> so this is a complex topic, but briefly the issue there is:
- someone configures networking during the install boot using network kargs
- they want to pass on the network into the installed system, so pass `--copy-network`
- `--copy-network` doesn't actually copy everything network-related via kargs, in this case `ifname=`
- user is confused
2024-04-10 16:50:02 <@dustymabe:matrix.org> so we do have karg forwarding for network kargs don't we? maybe we don't do that if `--copy-network` is passed?
2024-04-10 16:50:04 <@jlebon:fedora.im> the thing is that the NM configs that get forwarded mention interface names, but those interface names are not going to be set unless ifname= or its udev rule is also forwarded
2024-04-10 16:50:17 <@jlebon:fedora.im> the question then is whether `--copy-network` should do that too
2024-04-10 16:51:01 <@jlebon:fedora.im> dustymabe: it's not clear if they're using the service with the magic forwarding bits. it seemed like not, but i might be misremembering
2024-04-10 16:51:50 <@mnguyen:fedora.im> !hi
2024-04-10 16:51:51 <@zodbot:fedora.im> Michael Nguyen (mnguyen)
2024-04-10 16:52:29 <@jlebon:fedora.im> unfortunately, our network configuration story is quite complex
2024-04-10 16:52:43 <@dustymabe:matrix.org> TBH I think maybe we keep it simple here and don't try to make copy-network smarter
2024-04-10 16:53:07 <@dustymabe:matrix.org> they can do `--karg ifname=foo:bar` too
2024-04-10 16:53:34 <@jlebon:fedora.im> there's definitely multiple ways to work around it. it's more just trying to match user expectations
2024-04-10 16:54:23 <@mnguyen:fedora.im> is this just something we need to document?
2024-04-10 16:54:42 <@dustymabe:matrix.org> not really IMO
2024-04-10 16:54:51 <@jlebon:fedora.im> but yeah, not against keeping the status quo. right now, `--copy-network` just copies NM keyfiles, which is nice and easy to explain
2024-04-10 16:55:07 <@dustymabe:matrix.org> if you are using coreos-installer ISO today and the service runs it copies forward the networking kargs 
2024-04-10 16:55:34 <@dustymabe:matrix.org> if you run coreos-installer directly you have the opportunity right there to set kargs for the system
2024-04-10 16:56:14 <@dustymabe:matrix.org> i guess we could add a `--copy-network-kargs` ? 
2024-04-10 16:56:35 <@dustymabe:matrix.org> the service that does the karg forwarding was born before coreos-installer was really more featureful
2024-04-10 16:56:39 <@jlebon:fedora.im> right, but just to clarify, the point is that users expect `--copy-network` to include interface naming configuration
2024-04-10 16:56:58 <@jlebon:fedora.im> you could not be using kargs at all and setting the names manually using nmtui
2024-04-10 16:57:17 <@jlebon:fedora.im> (which i think lets you do that)
2024-04-10 16:57:27 <@dustymabe:matrix.org> hmm. don't think so
2024-04-10 16:57:42 <@dustymabe:matrix.org> anything that you can put in a NM config will get copied forward
2024-04-10 16:57:50 <@dustymabe:matrix.org> with `--copy-network`
2024-04-10 16:58:16 <@jlebon:fedora.im> "don't think so" --> on the nmtui part?
2024-04-10 16:58:35 <@dustymabe:matrix.org> correct
2024-04-10 16:58:56 <@jlebon:fedora.im> gotcha
2024-04-10 16:59:32 <@jlebon:fedora.im> maybe `--copy-network-kargs` could make sense. i do think it's odd that we have special logic in the service that's unaccessible outside of it, so that would help.
2024-04-10 17:00:27 <@jlebon:fedora.im> at the same time, i'm not sure we should try to make this change just yet.
maybe let's wait some more to see if there's more people hitting this to raise motivation
2024-04-10 17:00:57 <@dustymabe:matrix.org> all that would do underneath the covers is just add them to to the array of `--firstboot-args`, which is all the service is doing
2024-04-10 17:01:19 <@jlebon:fedora.im> maybe `--copy-network` should've been called `--copy-nm-keyfiles`
2024-04-10 17:01:46 <@jlebon:fedora.im> but i guess users might still not know that interface names are not defined there
2024-04-10 17:02:15 <@dustymabe:matrix.org> yeah maybe. we wanted to make it obvious to the user what it was for
2024-04-10 17:02:44 <@dustymabe:matrix.org> but really.. you only need `--copy-network` if you have made some changes to the network after boot OR you are bringing your own config
2024-04-10 17:02:48 <@dustymabe:matrix.org> otherwise you don't need it at all
2024-04-10 17:03:12 <@dustymabe:matrix.org> if they could capture their entire config in kargs and they were using the service everything would just work
2024-04-10 17:04:16 <@jlebon:fedora.im> proposed: we recognize a minor UX gap but currently don't feel like it's enough to warrant changing anything given that our networking story is quite complex already. we will keep an eye on this and reconsider if more information comes to light.
2024-04-10 17:06:10 <@dustymabe:matrix.org> Jonathan Lebon: i think it would be worth in the ticket illustrated our proposed solution if we DO decide to implement something to close this feature.. just so we don't lose that effort
2024-04-10 17:06:28 <@dustymabe:matrix.org> I'm +1 to the proposed, but would like the extra context added in the ticket comment
2024-04-10 17:06:35 <@jlebon:fedora.im> dustymabe: sure
2024-04-10 17:06:50 <@dustymabe:matrix.org> jbtrystram: Clément Verna vote in individual messages so the meeting logs will show it
2024-04-10 17:07:07 <@cverna_:matrix.org> +1
2024-04-10 17:07:17 <@siosm:matrix.org> +1 to proposed
2024-04-10 17:07:41 <@jbtrystram:matrix.org> +1
2024-04-10 17:07:47 <@jlebon:fedora.im> !agreed we recognize a minor UX gap but currently don't feel like it's enough to warrant changing anything given that our networking story is quite complex already. we will keep an eye on this and reconsider if more information comes to light.
2024-04-10 17:07:55 <@jlebon:fedora.im> ok, let's move on
2024-04-10 17:08:27 <@jlebon:fedora.im> dustymabe: did you still want to talk about https://github.com/coreos/fedora-coreos-tracker/issues/99, and is it enough time left?
2024-04-10 17:09:32 <@dustymabe:matrix.org> I think so.
2024-04-10 17:09:42 <@jlebon:fedora.im> !topic Garbage collection policy for OS releases
2024-04-10 17:09:48 <@jlebon:fedora.im> !link https://github.com/coreos/fedora-coreos-tracker/issues/99
2024-04-10 17:10:17 <@dustymabe:matrix.org> The goal with tagging here is to try to raise priority and facilitate discussion.
2024-04-10 17:10:36 <@dustymabe:matrix.org> while we do like keeping around things for historical/forensic purposes, we need to start cleaning things up
2024-04-10 17:10:47 <@dustymabe:matrix.org> the footprint is getting larger
2024-04-10 17:11:51 <@dustymabe:matrix.org> I think gursewak was working on this in the past. If there were any blockers that you hit when investigating please add them to the ticket
2024-04-10 17:12:35 <@jlebon:fedora.im> yeah, this is becoming more and more pressing
2024-04-10 17:12:58 <@siosm:matrix.org> we should probably clean all artifacts that are more than 2 years old
2024-04-10 17:13:21 <@cverna_:matrix.org> Are there per platform APIs that we could be using? for example when we upload say have a policy to delete the image after 2 years or something like that?
2024-04-10 17:13:34 <@cverna_:matrix.org> I am not super familiar with what is possible here
2024-04-10 17:13:43 <@siosm:matrix.org> https://github.com/coreos/coreos-assembler/issues/889
2024-04-10 17:13:46 <@gurssing:matrix.org> I think we wanted to discuss more on if and how we can divide this into sub tasks  and which exact sub task to start/prioritize on.
2024-04-10 17:14:01 <@dustymabe:matrix.org> Clément Verna: maybe, but TBH I wouldn't want to rely on that because we'd have to configure everything per platform, which is more maintenance IMO than managing a unified process
2024-04-10 17:14:30 <@jlebon:fedora.im> travier: i think we already have a rough idea of the policy we want. the gap is the actual code to do it :)
2024-04-10 17:14:33 <@siosm:matrix.org> I think we should write script and run it once a year
2024-04-10 17:14:41 <@siosm:matrix.org> yep
2024-04-10 17:15:00 <@siosm:matrix.org> so we need someone to own it
2024-04-10 17:15:03 <@dustymabe:matrix.org> i think it should run at least once a week. so we know when it breaks 
2024-04-10 17:15:14 <@dustymabe:matrix.org> otherwise it's just something we'll forget about 
2024-04-10 17:15:23 <@cverna_:matrix.org> What the rest of Fedora does?
2024-04-10 17:15:29 <@siosm:matrix.org> once a week is another thing to look at
2024-04-10 17:15:34 <@siosm:matrix.org> I don't think it's worth it
2024-04-10 17:15:49 <@cverna_:matrix.org> Can we align with the other editions?
2024-04-10 17:16:00 <@dustymabe:matrix.org> travier: yeah. a compromise could be a manual process that someone runs as part of the "major version rebase" steps
2024-04-10 17:16:12 <@siosm:matrix.org> so every 6 months
2024-04-10 17:16:20 <@dustymabe:matrix.org> travier: correct
2024-04-10 17:16:25 <@siosm:matrix.org> I don't know about cloud
2024-04-10 17:16:32 <@jlebon:fedora.im> seems fine to me
2024-04-10 17:16:35 <@siosm:matrix.org> I don't know any other edition uploading cloud images AFAIK
2024-04-10 17:16:44 <@dustymabe:matrix.org> cloud doesn't have any policy AFAIK 
2024-04-10 17:17:02 <@dustymabe:matrix.org> but there is a infra/releng guy going through and deleting things now, which caused me to start looking at things more
2024-04-10 17:17:28 <@siosm:matrix.org> https://fedoraproject.org/cloud/download > Does not look like they upload images
2024-04-10 17:18:09 <@dustymabe:matrix.org> cloud WG uploads to AWS automatically every night on every compose - the azure and GCP ones are more manual right now, but they are working on it
2024-04-10 17:18:17 <@siosm:matrix.org> AWS ones where managed by David Duncan AFAIR
2024-04-10 17:18:51 <@siosm:matrix.org> anyway, we have more stuff than cloud images so we need a specific process
2024-04-10 17:19:57 <@siosm:matrix.org> Maybe marmijo gursewak jbtrystram can team up to look at this and split the work for each cloud?
2024-04-10 17:20:30 <@jbtrystram:matrix.org> could we have the same approach that people usually do when having cloud backups ? i.e. "keep N versions" or "keep for N months" and on each upload, look for old images that no longer conforms with that and delete accordingly ?
2024-04-10 17:21:32 <@jlebon:fedora.im> that was what i thought we were going for. e.g. have the release job run the gc job
2024-04-10 17:21:34 <@dustymabe:matrix.org> there's really only a few types of resources:

1. aws ami
2. gcp images
3. s3 bucket (builds directories)
4. quay container uploads
2024-04-10 17:22:07 <@dustymabe:matrix.org> 5. ostree repo in fedora (but we already have the fedora ostree pruner for that)
2024-04-10 17:22:07 <@siosm:matrix.org> That works as well indeed. Ideally this runs after the releases to not block them if it fails
2024-04-10 17:22:23 <@jlebon:fedora.im> right yeah, it'd be a follow up job
2024-04-10 17:23:26 <@dustymabe:matrix.org> anyway. I think we won't really make much more progress here. the real blocker is just prioritizing this over other thigns
2024-04-10 17:23:29 <@dustymabe:matrix.org> anyway. I think we won't really make much more progress here. the real blocker is just prioritizing this over other things
2024-04-10 17:23:33 <@jbtrystram:matrix.org> https://github.com/coreos/fedora-coreos-pipeline/blob/main/jobs/release.Jenkinsfile so this one ?
2024-04-10 17:24:16 <@jbtrystram:matrix.org> I can look at the quay containers as I was looking at that recently
2024-04-10 17:24:19 <@siosm:matrix.org> I'd say the integration to the pipeline should come last
2024-04-10 17:24:37 <@jlebon:fedora.im> yeah, first step is enhancing the pruning code in cosa
2024-04-10 17:25:09 <@dustymabe:matrix.org> jbtrystram: :) 
2024-04-10 17:26:19 <@dustymabe:matrix.org> we don't actually have a problem with the quay containers yet.. but we will once https://github.com/coreos/fedora-coreos-tracker/issues/1367 is done
2024-04-10 17:27:01 <@dustymabe:matrix.org> that's all I had on the topic
2024-04-10 17:27:43 <@jlebon:fedora.im> maybe it'd help if we sketch out a little more what logic we need so it's easier to get it implemented
2024-04-10 17:27:51 <@jlebon:fedora.im> (not in this meeting to be clear)
2024-04-10 17:28:11 <@jlebon:fedora.im> ok, not much time left. let's move to open floor
2024-04-10 17:28:19 <@jlebon:fedora.im> !topic Open Floor
2024-04-10 17:28:47 <@jlebon:fedora.im> anyone has anything they want to bring up?
2024-04-10 17:29:18 <@dustymabe:matrix.org> test day went well I think
2024-04-10 17:29:32 <@dustymabe:matrix.org> https://testdays.fedoraproject.org/events/179
2024-04-10 17:30:28 <@jlebon:fedora.im> if you haven't seen it already, note that an update went out this week for a CVE fix in Fedora CoreOS (and other Fedora OSTree variants):
https://lists.fedoraproject.org/archives/list/coreos-status@lists.fedoraproject.org/thread/6HU2MU42QLEHQ5CMRXAKVX52OOTGGIH4/
2024-04-10 17:30:32 <@dustymabe:matrix.org> thanks for running the meeting Jonathan Lebon 

2024-04-10 17:31:07 <@cverna_:matrix.org> Jonathan Lebon++
2024-04-10 17:31:15 <@zodbot:fedora.im> No Fedora Accounts users have the @cverna_:matrix.org Matrix Account defined
2024-04-10 17:31:36 <@jlebon:fedora.im> !endmeeting