16:04:38 #startmeeting Infrastructure (2022-03-3) 16:04:38 Meeting started Thu Mar 3 16:04:38 2022 UTC. 16:04:38 This meeting is logged and archived in a public location. 16:04:38 The chair is jrichardson. Information about MeetBot at https://fedoraproject.org/wiki/Zodbot#Meeting_Functions. 16:04:38 Useful Commands: #action #agreed #halp #info #idea #link #topic. 16:04:38 The meeting name has been set to 'infrastructure_(2022-03-3)' 16:04:38 morning 16:04:38 #meetingname infrastructure 16:04:38 #chair nirik siddharthvipul mobrien zlopez pingou bodanel dtometzki jnsamyak computerkid 16:04:38 #info Agenda is at: https://board.net/p/fedora-infra 16:04:38 #info About our team: https://docs.fedoraproject.org/en-US/cpe/ 16:04:38 The meeting name has been set to 'infrastructure' 16:04:38 Current chairs: bodanel computerkid dtometzki jnsamyak jrichardson mobrien nirik pingou siddharthvipul zlopez 16:04:39 #topic greetings! 16:04:44 .hello petebuffon 16:04:46 petebuffon: petebuffon 'Peter Buffon' 16:04:47 .hi 16:04:49 eddiejennings: eddiejennings 'Eddie Jennings' 16:04:59 morning all 16:04:59 .hi 16:05:00 jrichardson: jrichardson 'James Richardson' 16:05:32 jrichardson, Thanks for starting the meeting. I'm now available :D 16:05:43 no prob ;) 16:06:17 #topic New folks introductions 16:06:40 bah. Do I need to do '#chair' to be able to interact with zod? 16:07:50 #addchair eddiejennings 16:08:07 #addchair eddiejennings 16:08:09 .hi 16:08:10 darknao: darknao 'Francois Andrieu' 16:08:34 addchair eddiejennings 16:08:42 hmm 16:09:37 .hi 16:09:38 AustinPowered[m]: Sorry, but user 'AustinPowered [m]' does not exist 16:09:59 .hi 16:10:00 austinpowered: austinpowered 'T.C. Williams' 16:10:23 Do we have anyone new with us? If so, introduce yourself and say a little bit about yourself :) 16:10:38 Don't be shy. nirik and the rest won't bite :D 16:10:46 every day seems like a new day, does that count? no? ;) 16:11:15 I still feel like a newbie drinking from a fire hose 16:11:44 nirik do you have some sage advice on how to allow me to interact with zod since jrichardson started the meeting in my absence? 16:12:32 ill log off 16:12:35 naw... 16:12:39 see if that helps 16:12:40 #chair eddiejennings 16:12:40 Current chairs: bodanel computerkid dtometzki eddiejennings jnsamyak jrichardson mobrien nirik pingou siddharthvipul zlopez 16:12:45 thats what you need ^ 16:12:48 should be all fine now. 16:12:51 nirik has the power! 16:13:05 Hearing no new folks chime in, let's move along. 16:13:09 #topic Next chair 16:13:09 #info magic eight ball says: 16:13:09 #info chair 2022-03-10 - dtometzki 16:13:09 #info chair 2022-03-17 - mkonecny 16:13:13 .hello zlopez 16:13:14 mkonecny: zlopez 'Michal Konecny' 16:13:33 Any volunteers for 3/24? 16:14:59 It's not critical we have one right now, since the next two weeks are covered. But if anyone is interested let us know. 16:15:46 Hearing none, let's move along. 16:15:51 #topic announcements and information 16:15:51 #info CPE Infra&Releng EU-hours team has a Monday through Thursday 30 minute meeting going through tickets at 1030 Europe/paris in #centos-meeting 16:15:51 #info CPE Infra&Releng NA-hours team has a Monday through Thursday 30 minute meeting going through tickets at 1800 UTC in #fedora-meeting-3 16:15:51 #info If your team wants support from the Fedora Program Management Team, file an isssue: https://pagure.io/fedora-pgm/pgm_team/issues?template=support_request 16:15:53 #info matrix sig is forming, see https://discussion.fedoraproject.org/t/bi-weekly-meeting-for-matrix-sig-or-matrix-team/35947/3 if interested 16:15:56 #info Bugzilla will introduce breaking Authentication API change on 28th February 16:15:58 #info Infrastructure freeze in place leading up to the Fedora 36 Beta release. 16:16:17 Any new announcements for this week? 16:16:18 The bugzilla breakage is now Mar 15th 16:16:46 #info thread on fedoraplanet on infrastructure list, chime in if you have thoughts on it. 16:16:46 #info Bugzilla will introduce breaking Authentication API change on 15th March 16:17:43 Any other announcements? 16:18:35 nope 16:18:53 Excellent. Moving along. 16:18:55 #topic Oncall 16:19:09 #info https://fedoraproject.org/wiki/Infrastructure/Oncall 16:19:09 #info https://docs.fedoraproject.org/en-US/cpe/day_to_day_fedora/ 16:19:09 ## .oncalltakeeu .oncalltakeus 16:19:09 #info darknao on call from 2022-03-04 to 2022-03-10 16:19:09 #info Leo on call from 2022-03-11 to 2022-03-17 16:19:42 Any volunteers for 2022-03-18 - 2022-03-24? 16:20:26 I can do the week after from 2022-03-25 - 2022-03-31 16:20:39 sure, I can... 16:20:58 #info eddiejennings on call from 2022-03-25 to 2022-03-31 16:21:26 sold to nirik! 3/18 - 3/24 16:21:41 #info nirik on call from 2022-03-18 to 2022-03-24 16:22:17 #info Summary of last week: (from current oncall ) 16:22:32 What news from oncall from this past weeek? 16:22:40 no pings 16:22:54 That's the best kind of news :D 16:22:57 quiet is good 16:23:03 indeed :) 16:23:14 And with that we hand the floor to nirik 16:23:16 #topic Monitoring discussion [nirik] 16:23:17 We have a beta freeze, so this could be it 16:23:26 #info https://nagios.fedoraproject.org/nagios 16:23:26 #info Go over existing out items and fix 16:23:51 so, we got a lot of clean up last week... 16:24:12 bunch of our mgmt interfaces were in a weird state and that got cleared so they show up now. 16:24:41 we still have one totally down machine, worker05.stg, but folks are at the datacenter today and will reset it. 16:25:07 badges has been alerting a lot... not sure why. :( misc was looking into it. 16:25:49 thats about it. mostly the normal stuff after that 16:25:55 any questions? if not we can move on 16:26:40 Hearing none, let's move on. 16:27:01 I was out last week on honeymoon, but according to the agenda it looks like we have a learning topic this week on koji 16:27:03 thus. . . 16:27:22 #topic Learning topic 16:27:35 * nirik tries to remember if that was me, or mkonecny ? 16:27:38 i started interacting with koji this week so i'm excited! 16:28:01 also hope you had a nice time eddiejennings 16:28:07 On the board.net board it says you nirik, but I'm sure either would be fine :) 16:28:08 nirik: It should be mentioned on the learning topic 16:28:31 ah yeah, me. 16:28:39 petebuffon, I did. Thanks! 16:28:40 ok, no worries, happy to pontificate on this for a bit. ;) 16:29:30 So, koji is our main buildystem. We run a instance, but we aren't upstream development. There's a team of folks in Red Hat that maintain it upstream. 16:29:50 Long ago it started out just building rpms, but now bunches of other things have been tacked on. 16:30:44 koji has several parts. There are hub(s), builder(s) and usually a database server (I suppose you could run all of them on one host if you wanted, but we don't) 16:31:37 The hubs are the heart of the system. On them, koji runs as a wsgi application. The hubs run the web interface to koji as well as a xmlrpc interface. 16:32:01 the hubs talk to the database for keeping track of things. (only the hubs talk to the db, nothing else needs to) 16:32:26 Builders talk to the hub and get build jobs from the hub. 16:32:56 This sometimes confuses folks, but it's a pull model... the builders ask the hub 'hey, what can I build' and get jobs... the hubs never reach out to builders. 16:33:27 In our setup we have a db ( db-koji01), two hubs (koji01 and koji02) and a LOT of builder. 16:33:59 Builders take build jobs (if they can do it, based on arch, weight of the job, etc) 16:34:37 Then typically for rpms at least, they run mock to setup a chroot, then do the build in that chroot, then they upload any results back to the hub 16:35:17 For other things, say containers, a builder may run openshift code to hand off the build to OSBS to build. 16:35:43 Or image builds, builder may call oz/ImageFactory, or live-media-creator 16:36:43 There's also a build type called 'runroot'. This basically tells the builder to run the command and in these cases only, results are written out to nfs volume instead of uploading back to the hub. 16:37:08 koji also keeps track of everything it can. It was designed to make sure you knew exactly what rpms were used to build your rpm. 16:37:26 so it keeps track of every buildroot of every package that it build (and shipped). 16:38:27 For builders, we have x86_64 builders (both vms and hw), aarch64 (vm's and hw), armv7 (vm's), ppc64le (vm's) and s390x (vm's) 16:38:52 we have a staging setup also... 16:39:17 and from time to time we take the production database, prune it some and load it into staging. This allows us to keep it up with prod mostly. 16:39:41 we currently have around 200 builders. 16:40:19 Sadly, koji doesn;'t have any ability to 'burst' and add/remove builders based on load. You have to setup the builder and add it and then it's there until you disable/remove it. 16:40:45 There's also a process that keeps track of repos called 'kojira' 16:40:53 For us it runs on koji02. 16:41:20 So it looks and sees when something has built and was added to a build tag and regenerates the repo 16:41:45 koji operates on a concept of tags. Builds are tagged with various tags for various reasons. 16:42:39 Take a look at: 'koji list-tag-inheritance f37 --reverse' if you want to see how complex it can be. ;) 16:42:59 Basically for rawhide now we have a f37 tag. Builds that are tagged in f37 are in rawhide (or will be in the next compose) 16:43:32 when you build a rawhide package it goes to a f37-candidate tag, then it's signed and moved to a pending tag, etc... 16:44:30 It's important to note that koji has no concept of whats 'newer', it only knows what order things were tagged into a tag. So, it can get the latest tagged build, but you can't ask it for the highest version, you have to do that yourself. 16:45:22 While koji itself doesn't do any signing... it has some support around that. Our signing system imports signatures into koji and koji can then use that to write out a signed copy of a package. 16:46:13 We also have a koji-gc set of scripts that does garbage collection on builds we aren't going to use. Things that aren't tagged in anything, or where there's more things tagged after it, or were never used in a buildroot, etc. 16:46:55 Our backend storage for koji is a netapp NFS volume. It's mounted on koji01/02 and all builders in the runroot channel. 16:46:58 It's gigantic. 16:47:21 ntap-iad2-c02-fedora01-nfs01a:/fedora_koji 78T 76T 1.9T 98% /mnt/fedora_koji 16:47:36 wow 16:47:48 It's on my todo list to split it up, but it's not easy as koji expects things to be in specific trees. 16:48:00 is that size relatively stable or has it just been increasing over time? 16:48:08 it jumps around. 16:48:41 https://admin.fedoraproject.org/collectd/bin/graph.cgi?hostname=koji01.iad2.fedoraproject.org;plugin=df;plugin_instance=mnt-fedora_koji;type=df_complex;begin=-31622400 16:48:49 but I'm sure it's slowly growing over time. 16:49:32 got it 16:49:39 (do note that it's somewhat confusing because the netapp volume has autogrow, so it will make it bigger if it gets close enough to full...) 16:50:09 I remember we had a really nice diagram that was showing what the workflow of the tags is 16:50:10 But I can't find it now 16:50:19 The koji builders are all Fedora latest stable. After a new release we upgrade/reinstall them all to that version. 16:50:51 This is because we often have things like glibc or rpm that make changes that would make rhel builders unable to build fedora packages. 16:51:39 This isn't such a big deal these days because mock now uses bootstrap chroots (that is: it makes a chroot for the target os, then uses the rpm/dnf/yum from that to install the buildroot in another chroot and builds there) 16:52:04 I think thats mostly what I can think of. Any questions on any of it? 16:53:15 Thank you for the overview nirik 16:53:17 Happy to answer questions or explain more in detail whenever. :) 16:54:06 Let's move along 16:54:08 #topic Open Floor 16:54:18 nirik++ 16:54:24 nirik++ 16:54:37 Any other topics that need discussino 16:55:01 nirik++ 16:55:23 nirik++ 16:56:19 * nirik has nothing off hand 16:56:58 Any others? 16:58:12 I think that wraps it up. Thank you again for the assist at the beginning jrichardson :) 16:58:21 #endmeeting