17:01:23 #startmeeting fedora-server 17:01:23 Meeting started Wed Feb 2 17:01:23 2022 UTC. 17:01:23 This meeting is logged and archived in a public location. 17:01:23 The chair is pboy. Information about MeetBot at https://fedoraproject.org/wiki/Zodbot#Meeting_Functions. 17:01:23 Useful Commands: #action #agreed #halp #info #idea #link #topic. 17:01:23 The meeting name has been set to 'fedora-server' 17:01:32 #topic Welcome / roll call 17:01:39 Welcome to our Server WG IRC meeting today! 17:01:46 „Same procedure as every year“ We'll give a few minutes for folks to show up 17:01:53 Please, everybody who is lurking, say either .hello2 or .hello 17:02:03 I’ll post the agenda in a few minutes. 17:02:32 .hello2 17:02:33 jdubby: Sorry, but user 'jdubby' does not exist 17:02:43 .hello jwhimpel 17:02:44 jdubby: jwhimpel 'John Himpel' 17:03:42 Welcome jwhimpel alias jdubby! 17:04:10 .hello eseyman 17:04:12 eseyman: eseyman 'Emmanuel Seyman' 17:04:32 Hi Emmanuel! Welcome 17:04:44 Hello, folks 17:07:05 OK. We are obviously in a small gathering today. 17:07:12 Let's start 17:07:20 #topic Agenda 17:07:28 #link https://pagure.io/fedora-server/report/Meeting 17:07:35 1. Follow up actions 17:07:43 2. Current status of Fedora Server User Docs Update 17:07:50 3. Using Ansible to install and configure Wildfly 17:07:57 4. Review current Fedora Server Technical Specification 17:08:03 5. Open Floor 17:08:10 Any additional topic ? 17:08:44 I really don't think we'll be able to cover all that in one hour, adding more topics may be not wise... 17:09:11 I agree. Therefore 17:09:20 #topic Follow up actions 17:09:27 #info Action: Late change proposal cockpit file-sharing update submitted 17:09:38 Unfortunately I couldn’t follow up. Does someone know the current status? 17:10:12 I saw it made FESCO agenda. I believe it passed (but don't quote me) 17:11:03 jdubby: Thanks, no quote, but I'll search the list of akzepted changes 17:11:22 #topic Current status of Fedora Server User Docs Update 17:11:30 #link https://pagure.io/fedora-server/issue/69 17:11:37 Let's try to imit discussion to 10 mins. 17:11:46 As far as I know, we didn't make any progress in the review process. Unfortunately. How will we proceed? 17:11:54 Any ideas? 17:12:29 I finished my review today and sent it to the list a few minutes ago 17:12:35 Sorry about the delay 17:13:40 This root cause is a lack of reviewers, right? 17:13:46 eseyman: Thanks, I just saw it. Nevertheless, you are the king. 17:14:23 eseyman: Yes, lack of reviewers, or some of them are obviously too busy. 17:14:37 cockpit-file-sharing will be approved by FESCo in another two days, assuming no one votes -1 (I doubt they will) 17:14:54 thanks! 17:15:07 👍️ 17:15:24 good job! 17:15:40 okay, lack of manpower is a hard problem to solve 17:15:59 proposal: we wait with the reviews another week. If there are no reviewer, we should publish anyway and correct mistakes as soon as reviews arrive. 17:16:33 counter-proposal: Assume that "no complaints == no issues" and just publish today. Making edits later is easy. 17:16:43 yes, pboy. That make sense 17:17:04 I still would prefer pre-publication reviews 17:17:17 sgallagh's idea is better, I think. 17:17:20 but I'm not even sure badges will incite people in this case 17:17:54 The problem is, in 4-6 weeks we have to update to F36. :-) 17:18:22 yes 17:18:23 #proposed Assume that "no complaints == no issues" and just publish today. 17:18:29 +1 17:18:30 Let good not be the enemy of perfect! 17:18:33 3 17:18:43 2 17:18:47 1 17:18:55 jdubby: I think you have that backwards :) 17:19:00 +1 17:19:07 #agreed Regarding doc: Assume that "no complaints == no issues" and just publish today. 17:19:17 sgallagh: Oops! 17:19:30 #topic Using Ansible to install and configure Wildfly 17:19:41 #link https://pagure.io/fedora-server/issue/60 17:20:07 Let's try to limit discussion to 20 mins so we have time for technical specs. 17:20:08 I have made some progress. I have wildfly running with a nginx reverse-proxy in front of it. 17:20:26 Many many thanks to John Himpel! His efforts are the only one of our 5 technical work projects that have reached a runnable status, albeit perhaps alpha at the moment. 17:20:55 But it is not accessible from the internet. I don't know how to make my various vm's that are bridged accessible to both internal and external networks. 17:21:37 Because of network issues above, I can't test ssl between the reverse-proxy and wildfly. 17:21:43 jdubby: I can set up a test ground for you on one of our public servers. 17:22:12 I am trying to use certs from letsencrypt rather than locally issued certs. 17:22:30 But do we need ssl between the reverse-proxy and wildfly on an internal, protected network? 17:23:38 I come from a corporate environment with billions of online-money. So I am biased towards multi-layered security. 17:24:07 your internal network is protected until you find out it isn't 17:24:09 OK. that makes sense in such a context. 17:24:20 eseyman +1 17:24:50 I am testing with small arm systems. I don't know if I can fit nginx and wildfly on the same 4G box. 17:25:34 I suppose, wildfly is enough for 1 ARM 4g box. 17:25:41 I am trying to find a reasonably priced RPi 4b with 8G, but it's either out of stock or exhorbitantly priced. Manufacturing will not resume for a couple of months. 17:26:16 jdubby, same issue here in Germany. 17:26:35 General question: If I get a RHEL Developer Subscription, does that entitle me to access RHEL knowledge base? 17:27:19 jdubby as far as I know, yes. 17:27:26 no idea 17:27:42 is there a redhatter here? 17:28:28 I have a subscription and until now i didn't find any rejection there. 17:28:40 I'll give it a try then. 17:30:01 Wildfly is managed by jboss-cli.sh. Unfortunately there is not an ansible modules that interfaces well with that cli. 17:30:21 jcliff was developed and runs under ansible to address that shortcoming. 17:31:29 But I find documentation of jcliff to be sketchy at best and it usually assumes a working knowledge of jboss-cli.sh (which I am still learning). Any pointers to tutorials/how-to's would be appreciated. 17:31:52 Oh, we are very deep in wildfly details. I must admit, I wasn't so deep inside yet. 17:32:14 Also, our project uses wildfly as frontend- 17:32:38 Also documentation and examples of using elytron (the new wildfly security framework) are very few and far between. 17:32:40 Proposal: let's try to establish a workable and accessible alpha. jdubby and pboy work on that 17:33:43 Sounds good to me. I'll try to establish a respository on gitlab so we can collaborate. 17:33:56 OK. then 17:34:12 #agreed we try to establish a workable and accessible alpha. jdubby and pboy work on that 17:34:34 #topic Review current Fedora Server Technical Specification 17:34:41 #link https://pagure.io/fedora-server/issue/58 17:34:48 #link https://hackmd.io/qBGmKuZPQ5OloAec3_Nh3w 17:34:57 The floor is open 17:35:30 In a first step we may identify, which sections we have to update. 17:35:55 the biggest item for me: Section server roles 17:36:17 Should we replace it by "Core Services" 17:36:55 In the last meeting it was discussed that we could just eliminate that section on "server roles" and replace it with documentation for Fedora Server that covers different use cases. 17:37:49 A list of "core services" as examples of how Fedora could be used could work too. 17:38:16 The word "core" rubs me the wrong way but that's just me 17:38:26 I'm not sure whether use cases are the same as a technical specification of a service we will support. 17:39:15 eseyman: OK. just "services" or "guarantee services" 17:39:35 Or just provided services? 17:39:49 Ok, what are examples of "core services" that we support in F35 right now, perhaps that will spur some ideas. 17:40:12 The idea is: Functioning of that service will be a release criteria 17:40:15 I believe that "Server Roles" hasn't worked for a while in the installer. 17:40:25 i would say services or provided services. guarantee could raise issues or concerns. imo 17:40:38 apache server? dhcp server? mail? dns? 17:40:40 examples are: File server, Web server, PostgresQL, etc. 17:40:50 eseyman: yes 17:41:13 propably supported by Ansible roles / playbooks 17:41:43 mowest[m]: Indeed. they are gone for a while 17:41:45 but does it belong in the FSTS 17:41:49 ? 17:42:12 cooltshirtguy: Agreed 17:43:08 The list that was given are any of these able to be installed in a preconfigured way that just works when you boot into your first install of Fedora Server. I probably need to do a new install to refresh my memory, but I thought on my install I had a working ssh server and Cockpit and that was it. 17:43:11 Are we just saying that the required software is on the installation media? Or are we saying we have tested that it starts? Or what are we saying to the reader? 17:43:59 jdubby: the later 17:44:25 Working will be one of the release criteria 17:45:02 We habe currently just 2 or 3 release criteriy: working postrgres and working IPA 17:45:22 Then we will need to develop QA tests and provide them to Adam and Company. 17:45:37 and participate in Test Days 17:45:47 Yes, that's the idea 17:46:29 So in other words, we strive to say in this section, if you dnf install PostgresQL it will install and work. If you dnf install Samba, it will install and serve files to Windows computers... 17:46:44 mowest[m]: Not installed by default, but support in one or other way so you will get a supported installation 17:47:08 Currently there are only 2 or 3 active & contributing members in this group, this is a pretty big jump in requirements for such a small group. 17:48:17 I think, there are more. 17:48:17 yes but we gain contributors by increasing users and increase users by releasing a product that works 17:48:32 eseyman. +1 17:48:47 Just a question: does somepone know what was that "pulic D-Bus API to support Server Roles" for? 17:49:34 Then I would suggest we start with a small scope of services and add as time/volunteers allow. 17:50:09 jdubby +1. For me wildfly would be some of the early group 17:51:21 Perhaps it would be best to start with a scope of what gets tested regularly by the active members of the Server Working Group, and the grow from there. 17:51:44 yes, that makes sense 17:51:55 mowest[m] good idea, yes! 17:52:00 sgallagh: Do you have any idea what the D-Bus API statment might have meant? 17:53:14 I thought that was a possible replacement for the old tech that was used for the "Server Roles", I remember reading something about it two weeks ago when I looked at the website, but decided it was above my head. 17:54:44 I just looked up D-Bus API "If you use this low-level API directly, you're signing up for some pain." not sure if I'm looking at the right thing 17:55:33 Sounds not encouraging. :-) 17:55:33 I know D-Bus is a data bus with publishers and subscribers used to pass/broadcast information about events that subscribers need to know occurred for subscribers to take appropriate actions. 17:56:26 I see, we should ask for that on mailing list. 17:56:36 I have gathered some ideas about a renewed technical specification paper. I could make a complete proposal. 17:56:49 Eseyman, are you still onboard to comment on such a thing? 17:57:08 Fedora Infra structure and release management use that feature extensively in the various build processes. 17:57:37 sure 17:57:52 I thought my thoughts were on the hackmd, TBH 17:58:35 eseyman: Yes, a would make a renewed version. Ant that one would need an initial critical review. 17:58:47 a -> I 17:58:58 sure, I'll be glad to review 17:59:30 #proposed pboy and eseyman will write an updated proposal based on discussion so far. 17:59:48 Discussion about that in about 4 weeks. 18:00:10 3 18:00:19 2 18:00:24 1 18:00:36 #action pboy and eseyman will write an updated proposal based on discussion so far. 18:00:47 Time is up. 18:01:01 #topic Open Floor 18:01:58 what do you know? we managed to cover everything in 60 minutes 18:02:15 Just for information: It someone wants to know what is lying ahead: 18:02:24 #link https://pagure.io/fedora-server/boards/Works%20in%20progress 18:02:52 I didnt know about that 18:03:11 I wanted to know if someone objects the proposal. 18:04:08 cooltshirtguy Each time I look at it, I think we need longer days, probably 48 hours. :-) 18:04:34 Well time is up. Hopefully, we see us in 14 days.! 18:04:45 #endmeeting