16:31:32 #startmeeting fedora_atomic_wg 16:31:32 Meeting started Wed Jan 3 16:31:32 2018 UTC. The chair is dustymabe. Information about MeetBot at http://wiki.debian.org/MeetBot. 16:31:32 Useful Commands: #action #agreed #halp #info #idea #link #topic. 16:31:32 The meeting name has been set to 'fedora_atomic_wg' 16:31:36 #topic roll call 16:31:38 .hellomynameis kushal 16:31:39 kushal: kushal 'Kushal Das' 16:31:43 .hello2 16:31:44 dustymabe: dustymabe 'Dusty Mabe' 16:32:00 Happy new year everyone :) 16:32:25 .hello2 16:32:26 sanja: sanja 'Sanja Bonic' 16:32:29 .hello sinnykumari 16:32:32 ksinny: sinnykumari 'Sinny Kumari' 16:32:48 Hi everyone and happy new year indeed. 16:33:02 Happy New Year! 16:33:51 2018! 16:35:02 do we have jbrooks or jberkus today? 16:35:11 I'm here 16:35:25 is jberkus still vacationing? 16:35:56 Yeah, cal says PTO 16:35:58 .hello2 16:35:59 davdunc: davdunc 'David Duncan' 16:36:05 cool 16:36:20 .chair kushal sanja ksinny jbrooks davdunc 16:36:20 kushal sanja ksinny jbrooks davdunc is seated in a chair with a nice view of a placid lake, unsuspecting that another chair is about to be slammed into them. 16:36:27 .hello jasonbrooks 16:36:28 jbrooks: jasonbrooks 'Jason Brooks' 16:36:38 .hello2 16:36:39 miabbott: miabbott 'Micah Abbott' 16:37:32 weird I got booted by a spam bot 16:37:33 #commands 16:37:33 Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #rejected #restrictlogs #save #startmeeting #topic #unchair #undo #unlurk 16:37:34 anti-spam bot 16:37:42 #chair kushal sanja ksinny jbrooks davdunc 16:37:42 Current chairs: davdunc dustymabe jbrooks ksinny kushal sanja 16:39:14 back, sigh 16:39:16 one moment while I try to deal with this 16:39:48 dustymabe: i see you 16:40:08 i'm talking with patrick now to try to figure out why 16:40:43 #chair kushal 16:40:43 Current chairs: davdunc dustymabe jbrooks ksinny kushal sanja 16:40:48 #chair sanja 16:40:48 Current chairs: davdunc dustymabe jbrooks ksinny kushal sanja 16:40:56 #chair ksinny 16:40:56 Current chairs: davdunc dustymabe jbrooks ksinny kushal sanja 16:41:02 #chair jbrooks 16:41:02 Current chairs: davdunc dustymabe jbrooks ksinny kushal sanja 16:41:07 #chair davdunc 16:41:07 Current chairs: davdunc dustymabe jbrooks ksinny kushal sanja 16:41:30 ok I was mentioning too many people when I tried to '#chair kushal sanja ksinny jbrooks davdunc' all at the same time 16:41:32 (background info: Dusty was mentioning too many people, and the spam bots don't like that... We are going to boot the spambot) 16:42:01 interesting 16:42:05 what's the limit? 16:42:11 Not published 16:42:27 None of the settings on it are published, to prevent the spammers from learning them and working around them 16:43:03 cool 16:43:27 I wonder if Dusty will be allowed back in... I wouldn't be surprised if he got k-lined.... 16:43:35 Ah, he is back. Good 16:43:46 dustymabe: I just explained why you keep getting kicked. 16:43:47 mhh, being k-lined would kick just the user, or the whole IP ? 16:43:56 j 16:43:57 misc: k-lined is a ban 16:43:58 \o/ 16:44:00 ok we can move forward 16:44:21 misc: however, he won't get k-lined actually due to the fact that he has a claok 16:44:24 cloak 16:44:24 am I on some terrorist list now? 16:44:32 dustymabe: no, because you're cloaked, you aren't. 16:44:48 * dustymabe wonders if I'm cloaked on purpose 16:44:54 If you have a cloak you are exempt from Sigyn, unless it's a nat/ (like you) or gateway/, then you get kicked but not banned 16:45:07 dustymabe: no, but you get the nat/redhat/ cloak from the office 16:45:12 * dustymabe knows just enough about IRC to know he knows not very much about IRC 16:45:18 ahh cool 16:45:29 .hello markllama 16:45:30 markllama: markllama 'Mark Lamourine' 16:45:30 dustymabe (dustymabe@nat/redhat/x-eslvfolevlrsplxg) has joined #fedora-meeting-1 16:45:33 ok we'll go forward with the meeting then and I'll try not to get banned again 16:45:41 it's gone now 16:45:52 #topic previous meeting action items 16:45:56 good resolution 16:46:05 * jberkus to add proposal to pagure ticket and link atomic-devel mail 16:46:07 thread to proposal for potential discussion 16:46:16 jberkus is not here soo... 16:46:44 I think this was related to the different container runtimes ticket 16:48:00 I'll re-action for now 16:48:10 I know he added the proposal to the pagure ticket 16:48:23 i'll actually do the linking today. so he won't need to 16:48:28 so we can scratch that AI 16:49:03 #topic Decide strategy for including container runtimes in Atomic Host 16:49:10 #link https://pagure.io/atomic-wg/issue/360 16:49:37 this one is mostly decided I believe. josh has a proposal in the ticket. please comment if you have any more information you want to add. 16:49:47 will move on to next ticket in 20s 16:51:09 #topic Overhaul list of members, Quorum Rules 16:51:16 #link https://pagure.io/atomic-wg/issue/363 16:51:27 Josh has a proposal in this ticket too 16:51:47 Please +1 or -1 in the ticket 16:52:32 I'll give some time to read the proposal 16:52:42 https://pagure.io/atomic-wg/issue/363#comment-485567 16:53:14 ^^ that was the membership proposal 16:53:28 and there was a voting/quorum proposal too: https://pagure.io/atomic-wg/issue/363#comment-485561 16:53:37 so essentially two different proposals 16:54:30 I see I'm not in the WG list. 16:54:44 https://fedoraproject.org/wiki/Atomic_WG 16:54:52 sanja: i think we can handle that two ways 16:54:55 I'm not in the WG either, but I gave it a +1 for being a good idea. 16:55:03 we need to update the list 16:55:31 we either need to wholesale add/remove (a one time thing) or individuals can open tickets for getting added 16:55:58 i like the idea of opening a ticket. 16:56:09 sounds good 16:56:21 feel free to open a ticket if you want to be added to the WG 16:56:45 dustymabe, do the wholesale change in 3 months (of inactivity), and the rest with tickets in the meantime. 16:56:57 Yeah for this one time maybe let's just add the people who requested adding - e.g. ashcrow, me, who else? 16:56:57 sure 16:57:44 ok moving on to next ticket 16:57:58 #topic Using buildah in Atomic Host 16:58:04 #link https://pagure.io/atomic-wg/issue/402 16:58:59 ashcrow opened this ticket. I don't have anything to add to it right now. my preference is that we don't add it to the base compose since it is a large go binary 16:59:21 well.. it is a go binary. i'm not sure exactly how large it is 16:59:29 if someone wants to add that to the ticket it might be useful info 16:59:56 thoughts? 17:00:12 I'm +1 to not adding 17:00:29 does it impact bodhi2 workflow? 17:00:38 i'll add my comment to the ticket 17:00:41 masta: what do you mean? 17:02:41 in terms of the fedora update system, I'm wondering if anything would change for buildah 17:03:13 masta: not that I can think of 17:03:19 it's just an rpm that would be included in atomic host 17:03:27 if we were to go that route 17:05:10 masta: does that make sense? 17:05:16 anyone else with any comments on this one? 17:05:27 otherwise we'll wait for ashcrow and jberkus to return 17:06:21 ok moving on to open floor 17:06:24 #topic open floor 17:06:31 I have a few items for open floor 17:06:34 anyone else? 17:06:45 An item: flibs release? 17:07:12 i think cverna and puiterwijk were talking about it earlier, puiterwijk mboddu - any updates on FLIBS release? 17:09:09 jbrooks: i guess we'll have to ping them in #atomic in a bit 17:09:14 aight 17:09:25 * dustymabe might go back and read the scrollback in #atomic 17:09:39 any other open floor items? 17:10:19 For open floor. Is the project working on a website for searching the repository of system containers? 17:10:59 there's a url that links to all containers... 17:11:34 walters: could you post that url? 17:11:39 walters: the wiki page? 17:11:46 i think jberkus created it 17:11:48 https://src.fedoraproject.org/projects/container/%2A 17:11:52 ahh, that 17:12:11 not exactly what you want but...maybe we should define some process that scrapes that data? 17:12:47 that mostly works. I'm looking for the dockerhub version of fedora system containers 17:13:09 deuscapturus_: maxamillion or puiterwijk might know the answer to the 'Is the project working on a website' question 17:13:20 ask over in #atomic or on the atomic devel list 17:13:25 I think the answer is probably no, though 17:13:35 dustymabe: the answer is yes. 17:13:42 oh, that's great 17:13:48 puiterwijk: is there a ticket for that work? 17:13:50 https://registry.fedoraproject.org/ 17:13:59 what???? 17:14:02 when did that happen? 17:14:08 About a year ago? 17:14:18 puiterwijk: excellent. that's exactly what I'm looking for 17:14:23 omg, really? 17:14:24 (Note that clicking on a tag doesn't work yet. I'm about to fix that.) 17:14:29 That's also the reason it wasn't announced yet 17:14:42 wow. i had no idea 17:14:47 me neither 17:14:47 wasn't that something that scollier was working on dustymabe? 17:14:49 hah i didn't know either 17:15:03 puiterwijk: well that's great news 17:15:33 yay puiterwijk 17:15:46 indeed! 🙌 17:15:47 puiterwijk: where is the code for that app? 17:15:56 dustymabe: link is on the bottom 17:16:00 https://github.com/jessfraz/reg/tree/master/server 17:16:10 and... is there any way to get a candidate-registry.fedoraproject.org ? 17:16:36 If that's something people are interested in, yes, that's possible. 17:16:57 jbrooks: would that be useful? 17:17:07 * dustymabe admittedly hasn't built any containers in fedora infra yet 17:17:12 dustymabe, I'd prefer prompt releases 17:17:25 it only matters because it's been so long since a release 17:17:29 jbrooks: of course, I'm just talking about a web interface though 17:18:02 (note that in our setup, we currently do not have the vuln scanning of reg-server enabled. That's going to take a bit more time to get working) 17:18:17 yeah. i'm not too worried about that 17:18:35 it also uses CoreOS Claire and I think we have a vuln scanning techology too 17:18:35 Right. I just figured I'd say it as that is somewhere on my todo list :) 17:18:36 I don't think what's in candidate- ought to matter to the general public 17:18:43 jbrooks: +1 ok 17:18:57 puiterwijk: ok, since you're here we had another question for you earlier 17:19:15 12:07:12 dustymabe | i think cverna and puiterwijk were talking about it earlier, puiterwijk mboddu - any updates on FLIBS release? 17:19:28 dustymabe: yes, I just read that back. (had been eating dinner). I just finished the changes and am going to commit and push the ansible stuff in a few minutes 17:19:43 puiterwijk: ok, so automation will be in prod at that point? 17:19:47 Yes 17:19:56 And then comes the fun buildcycle 17:20:01 and then we will kick off a fully automated release? 17:20:12 Yes* 17:20:33 and, reading into your tone, i'm guessing that takes a long time? 17:20:46 I don't know :) 17:20:49 or is otherwise problematic :) 17:20:57 Basically, it needs to rebuild every container we have. 17:21:06 I do not know how long that takes, or whether stuff is broken :) 17:21:18 ok, well it would be great if once you kick that off you can ping me and jbrooks, even better if there is a way for us to monitor its progress 17:21:36 You should be able to see all the builds going through koji/osbs as normal 17:21:45 Just all submitted by the releng user 17:21:49 ahh, ok 17:22:06 sure, so just ping us and we'll check them out 17:22:08 thanks puiterwijk 17:22:08 (or compose. I'm not 100% sure what it is displayed as in koji) 17:22:26 ok other open floor topics? 17:22:30 I have a few 17:22:47 - we are doing a FAH release today (emails should be going out soon) 17:23:00 \o/ 17:23:24 - the cloud-utils growpart aarch64 issue is getting closer to being fixed, should be in next release 17:23:33 #info we are doing a FAH release today (emails should be going out soon) 17:23:41 #info the cloud-utils growpart aarch64 issue is getting closer to being fixed, should be in next release 17:23:45 thanks to ksinny for that 17:23:55 dustymabe: np :) 17:24:01 dustymabe: not sure whether it's been discussed here before or if it's on your list, http2? 17:24:15 puiterwijk: i was actually just going to say something about it 17:24:20 Hah 17:24:22 * puiterwijk shuts up 17:24:27 but mostly as a user awareness thing 17:24:50 so. we've noticed some issues when people try to upgrade getting errors/timeouts 17:25:01 this is related to http2 and a bug in libcurl 17:25:19 the version of atomic host that will be released today has http2 disabled temporarily 17:25:42 #link https://pagure.io/atomic-wg/issue/405 17:25:56 IOW http2 is disabled for ostree pulls from the remote 17:26:09 I am going to disable http2 on the Fedora servers from today for the next two weeks to give users a chance to update to this tree 17:26:18 puiterwijk++ 17:26:22 that would probably be helpful 17:26:43 also on a somewhat related note @jlebon is going to be working on automatic updates in https://github.com/projectatomic/rpm-ostree/issues/247 which will help close a longstanding gap vs the competition and would also help with issues like this in terms of helping ensure more people have updated 17:26:46 Especially since, as of yesterday, every one of our proxies supports http/2 17:26:53 i've heard reports from people. mostly they are able to work around it by just continuing to retry the upgrade 17:27:09 so you disabling it for two weeks will be great 17:27:32 dustymabe: right. For fun detail: it will work longer if they start it at 1 minute past the hour 17:27:33 after that anyone having trouble can either retry til it downloads all bits, or can ask us and we;ll help them through it 17:27:45 i'll post instructions for doing a temp hotfix 17:27:47 puiterwijk: fun 17:27:47 (the server reloads which trigger the libcurl bug happen every hour around :00) 17:27:50 walters++ 17:28:20 puiterwijk: ahh, so it only happens if you have an open download stream running that crosses the hour boundary? 17:28:26 Correct 17:28:32 wow 17:28:43 fun 17:28:49 thanks for that detail 17:29:00 yeah it's evil =( 17:29:02 Basically, at :00, our servers get reloaded, on which Apache gracefully terminates http/2 connections, asking clients to reconnect. Only, libcurl doesn't handle that request gracefully 17:29:12 good info 17:29:13 thanks! 17:29:17 ok that's it from me 17:29:19 pretty easy integration testing bug for people doing clients and servers to miss 17:29:19 And no, disabling the hourly reload is not an option. That is being done for security reasons 17:29:35 i'll close out meeting in a minute unless anyone has anything else 17:29:57 puiterwijk: though i'd guess it could be made to do only-reload-if-changed? 17:30:05 walters: it is changed 17:30:41 #endmeeting