#fedora-meeting log

17:01:23 <pboy> #startmeeting fedora-server
17:01:23 <zodbot> Meeting started Wed Feb  2 17:01:23 2022 UTC.
17:01:23 <zodbot> This meeting is logged and archived in a public location.
17:01:23 <zodbot> The chair is pboy. Information about MeetBot at https://fedoraproject.org/wiki/Zodbot#Meeting_Functions.
17:01:23 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
17:01:23 <zodbot> The meeting name has been set to 'fedora-server'
17:01:32 <pboy> #topic Welcome / roll call
17:01:39 <pboy> Welcome to our Server WG IRC meeting today!
17:01:46 <pboy> „Same procedure as every year“ We'll give a few minutes for folks to show up
17:01:53 <pboy> Please, everybody who is lurking, say either .hello2 or .hello <fasname>
17:02:03 <pboy> I’ll post the agenda in a few minutes.
17:02:32 <jdubby> .hello2
17:02:33 <zodbot> jdubby: Sorry, but user 'jdubby' does not exist
17:02:43 <jdubby> .hello jwhimpel
17:02:44 <zodbot> jdubby: jwhimpel 'John Himpel' <john@jlhimpel.net>
17:03:42 <pboy> Welcome jwhimpel alias jdubby!
17:04:10 <eseyman> .hello eseyman
17:04:12 <zodbot> eseyman: eseyman 'Emmanuel Seyman' <emmanuel@seyman.fr>
17:04:32 <pboy> Hi Emmanuel! Welcome
17:04:44 <eseyman> Hello, folks
17:07:05 <pboy> OK. We are obviously in a small gathering today.
17:07:12 <pboy> Let's start
17:07:20 <pboy> #topic Agenda
17:07:28 <pboy> #link https://pagure.io/fedora-server/report/Meeting
17:07:35 <pboy> 1. Follow up actions
17:07:43 <pboy> 2. Current status of Fedora Server User Docs Update
17:07:50 <pboy> 3. Using Ansible to install and configure Wildfly
17:07:57 <pboy> 4. Review current Fedora Server Technical Specification
17:08:03 <pboy> 5. Open Floor
17:08:10 <pboy> Any additional topic ?
17:08:44 <eseyman> I really don't think we'll be able to cover all that in one hour, adding more topics may be not wise...
17:09:11 <pboy> I agree. Therefore
17:09:20 <pboy> #topic Follow up actions
17:09:27 <pboy> #info Action: Late change proposal cockpit file-sharing update submitted
17:09:38 <pboy> Unfortunately I couldn’t follow up. Does someone know the current status?
17:10:12 <jdubby> I saw it made FESCO agenda.  I believe it passed (but don't quote me)
17:11:03 <pboy> jdubby: Thanks, no quote, but I'll search the list of akzepted changes
17:11:22 <pboy> #topic Current status of Fedora Server User Docs Update
17:11:30 <pboy> #link  https://pagure.io/fedora-server/issue/69
17:11:37 <pboy> Let's try to imit discussion to 10 mins.
17:11:46 <pboy> As far as I know, we didn't make any progress in the review process. Unfortunately. How will we proceed?
17:11:54 <pboy> Any ideas?
17:12:29 <eseyman> I finished my review today and sent it to the list a few minutes ago
17:12:35 <eseyman> Sorry about the delay
17:13:40 <eseyman> This root cause is a lack of reviewers, right?
17:13:46 <pboy> eseyman: Thanks, I just saw it. Nevertheless, you are the king.
17:14:23 <pboy> eseyman: Yes, lack of reviewers, or some of them are obviously too busy.
17:14:37 <sgallagh> cockpit-file-sharing will be approved by FESCo in another two days, assuming no one votes -1 (I doubt they will)
17:14:54 <pboy> thanks!
17:15:07 <sgallagh> 👍️
17:15:24 <eseyman> good job!
17:15:40 <eseyman> okay, lack of manpower is a hard problem to solve
17:15:59 <pboy> proposal: we wait with the reviews another week. If there are no reviewer, we should publish anyway and correct mistakes as soon as reviews arrive.
17:16:33 <sgallagh> counter-proposal: Assume that "no complaints == no issues" and just publish today. Making edits later is easy.
17:16:43 <eseyman> yes, pboy. That make sense
17:17:04 <eseyman> I still would prefer pre-publication reviews
17:17:17 <pboy> sgallagh's idea is better, I think.
17:17:20 <eseyman> but I'm not even sure badges will incite people in this case
17:17:54 <pboy> The problem is, in 4-6 weeks we have to update to F36. :-)
17:18:22 <eseyman> yes
17:18:23 <pboy> #proposed Assume that "no complaints == no issues" and just publish today.
17:18:29 <eseyman> +1
17:18:30 <jdubby> Let good not be the enemy of perfect!
17:18:33 <pboy> 3
17:18:43 <pboy> 2
17:18:47 <pboy> 1
17:18:55 <sgallagh> jdubby: I think you have that backwards :)
17:19:00 <sgallagh> +1
17:19:07 <pboy> #agreed Regarding doc: Assume that "no complaints == no issues" and just publish today.
17:19:17 <jdubby> sgallagh: Oops!
17:19:30 <pboy> #topic Using Ansible to install and configure Wildfly
17:19:41 <pboy> #link https://pagure.io/fedora-server/issue/60
17:20:07 <pboy> Let's try to limit discussion to 20 mins so we have time for technical specs.
17:20:08 <jdubby> I have made some progress.  I have wildfly running with a nginx reverse-proxy in front of it.
17:20:26 <pboy> Many many thanks to John Himpel! His efforts are the only one of our 5 technical work projects that have reached a runnable status, albeit perhaps alpha at the moment.
17:20:55 <jdubby> But it is not accessible from the internet.  I don't know how to make my various vm's that are bridged accessible to both internal and external networks.
17:21:37 <jdubby> Because of network issues above, I can't test ssl between the reverse-proxy and wildfly.
17:21:43 <pboy> jdubby: I can set up a test ground for you on one of our public servers.
17:22:12 <jdubby> I am trying to use certs from letsencrypt rather than locally issued certs.
17:22:30 <pboy> But do we need ssl between the reverse-proxy and wildfly on an internal, protected network?
17:23:38 <jdubby> I come from a corporate environment with billions of online-money.  So I am biased towards multi-layered security.
17:24:07 <eseyman> your internal network is protected until you find out it isn't
17:24:09 <pboy> OK. that makes sense in such a context.
17:24:20 <pboy> eseyman +1
17:24:50 <jdubby> I am testing with small arm systems.  I don't know if I can fit nginx and wildfly on the same 4G box.
17:25:34 <pboy> I suppose, wildfly is enough for 1 ARM 4g box.
17:25:41 <jdubby> I am trying to find a reasonably priced RPi 4b with 8G, but it's either out of stock or exhorbitantly priced.  Manufacturing will not resume for a couple of months.
17:26:16 <pboy> jdubby,  same issue here in Germany.
17:26:35 <jdubby> General question: If I get a RHEL Developer Subscription, does that entitle me to access RHEL knowledge base?
17:27:19 <pboy> jdubby as far as I know, yes.
17:27:26 <eseyman> no idea
17:27:42 <pboy> is there a redhatter here?
17:28:28 <pboy> I have a subscription and until now i didn't find any rejection there.
17:28:40 <jdubby> I'll give it a try then.
17:30:01 <jdubby> Wildfly is managed by jboss-cli.sh.  Unfortunately there is not an ansible modules that interfaces well with that cli.
17:30:21 <jdubby> jcliff was developed and runs under ansible to address that shortcoming.
17:31:29 <jdubby> But I find documentation of jcliff to be sketchy at best and it usually assumes a working knowledge of jboss-cli.sh (which I am still learning).  Any pointers to tutorials/how-to's would be appreciated.
17:31:52 <pboy> Oh, we are very deep in wildfly details. I must admit, I wasn't so deep inside yet.
17:32:14 <pboy> Also, our project uses wildfly as frontend-
17:32:38 <jdubby> Also documentation and examples of using elytron (the new wildfly security framework) are very few and far between.
17:32:40 <pboy> Proposal: let's try to establish a workable and accessible alpha. jdubby and pboy work on that
17:33:43 <jdubby> Sounds good to me.  I'll try to establish a respository on gitlab so we can collaborate.
17:33:56 <pboy> OK. then
17:34:12 <pboy> #agreed we try to establish a workable and accessible alpha. jdubby and pboy work on that
17:34:34 <pboy> #topic Review current Fedora Server Technical Specification
17:34:41 <pboy> #link https://pagure.io/fedora-server/issue/58
17:34:48 <pboy> #link https://hackmd.io/qBGmKuZPQ5OloAec3_Nh3w
17:34:57 <pboy> The floor is open
17:35:30 <pboy> In a first step we may identify, which sections we have to update.
17:35:55 <pboy> the biggest item for me: Section server roles
17:36:17 <pboy> Should we replace it by "Core Services"
17:36:55 <mowest[m]> In the last meeting it was discussed that we could just eliminate that section on "server roles" and replace it with documentation for Fedora Server that covers different use cases.
17:37:49 <mowest[m]> A list of "core services" as examples of how Fedora could be used could work too.
17:38:16 <eseyman> The word "core" rubs me the wrong way but that's just me
17:38:26 <pboy> I'm not sure whether use cases are the same as a technical specification of a service  we will support.
17:39:15 <pboy> eseyman: OK. just "services" or "guarantee services"
17:39:35 <pboy> Or just provided services?
17:39:49 <mowest[m]> Ok, what are examples of "core services" that we support in F35 right now, perhaps that will spur some ideas.
17:40:12 <pboy> The idea is: Functioning of that service will be a release criteria
17:40:15 <mowest[m]> I believe that "Server Roles" hasn't worked for a while in the installer.
17:40:25 <cooltshirtguy> i would say services or provided services.  guarantee could raise issues or concerns. imo
17:40:38 <eseyman> apache server? dhcp server? mail? dns?
17:40:40 <pboy> examples are: File server, Web server, PostgresQL, etc.
17:40:50 <pboy> eseyman: yes
17:41:13 <pboy> propably supported by Ansible roles / playbooks
17:41:43 <pboy> mowest[m]: Indeed. they are gone for a while
17:41:45 <eseyman> but does it belong in the FSTS
17:41:49 <eseyman> ?
17:42:12 <pboy> cooltshirtguy: Agreed
17:43:08 <mowest[m]> The list that was given are any of these able to be installed in a preconfigured way that just works when you boot into your first install of Fedora Server. I probably need to do a new install to refresh my memory, but I thought on my install I had a working ssh server and Cockpit and that was it.
17:43:11 <jdubby> Are we just saying that the required software is on the installation media?  Or are we saying we have tested that it starts?  Or what are we saying to the reader?
17:43:59 <pboy> jdubby: the later
17:44:25 <pboy> Working will be one of the release criteria
17:45:02 <pboy> We habe currently just 2 or 3 release criteriy: working postrgres and working IPA
17:45:22 <jdubby> Then we will need to develop QA tests and provide them to Adam and Company.
17:45:37 <eseyman> and participate in Test Days
17:45:47 <pboy> Yes, that's the idea
17:46:29 <mowest[m]> So in other words, we strive to say in this section, if you dnf install PostgresQL it will install and work. If you dnf install Samba, it will install and serve files to Windows computers...
17:46:44 <pboy> mowest[m]: Not installed by default, but support in one or other way so you will get a supported installation
17:47:08 <jdubby> Currently there are only 2 or 3 active & contributing members in this group, this is a pretty big jump in requirements for such a small group.
17:48:17 <pboy> I think, there are more.
17:48:17 <eseyman> yes but we gain contributors by increasing users and increase users by releasing a product that works
17:48:32 <pboy> eseyman. +1
17:48:47 <pboy> Just a question: does somepone know what was that "pulic D-Bus API to support Server Roles" for?
17:49:34 <jdubby> Then I would suggest we start with a small scope of services and add as time/volunteers allow.
17:50:09 <pboy> jdubby +1. For me wildfly would be some of the early group
17:51:21 <mowest[m]> Perhaps it would be best to start with a scope of what gets tested regularly by the active members of the Server Working Group, and the grow from there.
17:51:44 <eseyman> yes, that makes sense
17:51:55 <pboy> mowest[m]  good idea, yes!
17:52:00 <jdubby> sgallagh: Do you have any idea what the D-Bus API statment might have meant?
17:53:14 <mowest[m]> I thought that was a possible replacement for the old tech that was used for the "Server Roles", I remember reading something about it two weeks ago when I looked at the website, but decided it was above my head.
17:54:44 <cooltshirtguy> I just looked up D-Bus API "If you use this low-level API directly, you're signing up for some pain." not sure if I'm looking at the right thing
17:55:33 <pboy> Sounds not encouraging. :-)
17:55:33 <jdubby> I know D-Bus is a data bus with publishers and subscribers used to pass/broadcast information about events that subscribers need to know occurred for subscribers to take appropriate actions.
17:56:26 <pboy> I see, we should ask for that on mailing list.
17:56:36 <pboy> I have gathered some ideas about a renewed technical specification paper. I could make a complete proposal.
17:56:49 <pboy> Eseyman, are you still onboard to comment on such a thing?
17:57:08 <jdubby> Fedora Infra structure and release management use that feature extensively in the various build processes.
17:57:37 <eseyman> sure
17:57:52 <eseyman> I thought my thoughts were on the hackmd, TBH
17:58:35 <pboy> eseyman: Yes, a would make a renewed version. Ant that one would need an initial critical review.
17:58:47 <pboy> a -> I
17:58:58 <eseyman> sure, I'll be glad to review
17:59:30 <pboy> #proposed pboy and eseyman will write an updated proposal based on discussion so far.
17:59:48 <pboy> Discussion about that in about 4 weeks.
18:00:10 <pboy> 3
18:00:19 <pboy> 2
18:00:24 <pboy> 1
18:00:36 <pboy> #action pboy and eseyman will write an updated proposal based on discussion so far.
18:00:47 <pboy> Time is up.
18:01:01 <pboy> #topic Open Floor
18:01:58 <eseyman> what do you know? we managed to cover everything in 60 minutes
18:02:15 <pboy> Just for information: It someone wants to know what is lying ahead:
18:02:24 <pboy> #link https://pagure.io/fedora-server/boards/Works%20in%20progress
18:02:52 <cooltshirtguy> I didnt know about that
18:03:11 <pboy> I wanted to know if someone objects the proposal.
18:04:08 <pboy> cooltshirtguy Each time I look at it, I think we need longer days, probably 48 hours. :-)
18:04:34 <pboy> Well time is up. Hopefully, we see us in 14 days.!
18:04:45 <pboy> #endmeeting