16:01:25 <mkonecny> #startmeeting Infrastructure (2022-05-12)
16:01:26 <zodbot> Meeting started Thu May 12 16:01:25 2022 UTC.
16:01:26 <zodbot> This meeting is logged and archived in a public location.
16:01:26 <zodbot> The chair is mkonecny. Information about MeetBot at https://fedoraproject.org/wiki/Zodbot#Meeting_Functions.
16:01:26 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
16:01:26 <zodbot> The meeting name has been set to 'infrastructure_(2022-05-12)'
16:01:26 <mkonecny> #meetingname infrastructure
16:01:26 <zodbot> The meeting name has been set to 'infrastructure'
16:01:26 <mkonecny> #chair nirik siddharthvipul mobrien zlopez bodanel dtometzki jnsamyak computerkid
16:01:26 <mkonecny> #info Agenda is at: https://board.net/p/fedora-infra
16:01:26 <mkonecny> #info About our team: https://docs.fedoraproject.org/en-US/cpe/
16:01:26 <zodbot> Current chairs: bodanel computerkid dtometzki jnsamyak mkonecny mobrien nirik siddharthvipul zlopez
16:01:26 <mkonecny> #info Fedora Infra documentation: https://docs.fedoraproject.org/en-US/infra
16:01:27 <mkonecny> #topic greetings!
16:01:27 <mkonecny> Hi everyone
16:01:32 <mobrien> .hi
16:01:32 <nirik> morning everyone.
16:01:33 <zodbot> mobrien: mobrien 'Mark O'Brien' <markobri@redhat.com>
16:01:35 <mkonecny> .hello zlopez
16:01:37 <zodbot> mkonecny: zlopez 'Michal Konecny' <michal.konecny@psmail.xyz>
16:01:39 <bittin> .hello bittin
16:01:40 <zodbot> bittin: bittin 'Luna Jernberg' <droidbittin@gmail.com>
16:02:20 <darknao> .hi
16:02:21 <zodbot> darknao: darknao 'Francois Andrieu' <darknao@drkn.ninja>
16:03:30 <mkonecny> It seems that we have plenty of people here today :-)
16:03:41 <mkonecny> Let's see if there is anyone new
16:03:45 <mkonecny> #topic New folks introductions
16:03:45 <mkonecny> #info This is a place where people who are interested in Fedora Infrastructure can introduce themselves
16:03:45 <mkonecny> #info Getting Started Guide: https://fedoraproject.org/wiki/Infrastructure/GettingStarted
16:04:05 <nirik> Fedora 36 is new... :)
16:04:08 <mkonecny> Don't be shy :-)
16:04:26 <mkonecny> Welcome Fedora 36 :-D
16:04:31 <bittin> guess i am pretty new, don't really attend the Infra meetings that much but had some spare time
16:04:48 <nirik> welcome bittin!
16:04:52 <bittin> also yay F36, first updates for F36 just dropped and release party online from tommorow: https://hopin.com/events/fedora-linux-36-release-party
16:05:29 <phsmoura> welcome bittin
16:05:33 <mkonecny> welcome bittin
16:06:08 <mkonecny> It doesn't seem we have anybody else, who is new here
16:06:16 <mkonecny> So let's go to the next item on our list
16:06:31 <mkonecny> #topic Next chair
16:06:31 <mkonecny> #info magic eight ball says:
16:06:34 <mkonecny> #info chair 2022-05-12 - zlopez
16:06:34 <mkonecny> #info chair 2022-05-19 - nirik
16:06:34 <mkonecny> #info chair 2022-05-26 - ?
16:06:52 <mkonecny> Anybody wants to chair 2022-05-26?
16:07:42 <mobrien> I can do that day
16:08:22 <mkonecny> Sold!
16:08:32 <mkonecny> #info chair 2022-05-26 - mobrien
16:08:56 <mkonecny> And now let's see what is there to announce
16:09:00 <eddiejennings> .hi
16:09:01 <zodbot> eddiejennings: eddiejennings 'Eddie Jennings' <eddie@eddiejennings.net>
16:09:03 <mkonecny> #topic announcements and information
16:09:03 <mkonecny> #info CPE Infra&Releng EU-hours team has a Monday through Thursday 30 minute meeting going through tickets at 1030 Europe/paris in #centos-meeting
16:09:03 <mkonecny> #info CPE Infra&Releng NA-hours team has a Monday through Thursday 30 minute meeting going through tickets at 1800 UTC in #fedora-meeting-3
16:09:09 <mkonecny> #info If your team wants support from the Fedora Program Management Team, file an isssue: https://pagure.io/fedora-pgm/pgm_team/issues?template=support_request
16:09:09 <mkonecny> #info thread on fedoraplanet on infrastructure list, chime in if you have thoughts on it
16:09:09 <mkonecny> #info please help us with improving contribution to fedora infra
16:09:19 <mkonecny> https://discussion.fedoraproject.org/t/improving-contribution-to-fedora-infrastructure/38294/8
16:09:19 <mkonecny> #info oncall should also handling #fedora-releng pings if possible
16:09:19 <mkonecny> #info Fedora 36 released! get it now! https://getfedora.org/
16:09:54 <mobrien> I have a semi announcement
16:10:10 <nirik> I have a potential announcement, but needs a bit of discussion first. ;)
16:10:23 <mobrien> Where possible try to use the oncall rather than pinging people directly
16:10:46 <mkonecny> Also you can ask on the standups
16:11:01 <nirik> +1
16:12:02 <mobrien> We encourage anyone to join our standups and ask questions
16:12:57 <mkonecny> You can even talk to us on jitsi on Monday and Thursday EU meeting :-)
16:14:12 <mkonecny> Any other announcement?
16:14:29 <nirik> so, I was thinking we should perhaps do a mass update/reboot next week...
16:14:36 <nirik> mobrien: what do you think? next wed?
16:14:49 <nirik> since rhel8.6 came out...
16:15:13 <mkonecny> nirik: It's already in our plan :-)
16:15:18 <mobrien> Yep
16:15:24 <mobrien> I'm game
16:15:34 <bittin> so the infra is running rhel and not fedora?, just curious
16:15:48 <mobrien> bittin: We use both
16:16:06 <bittin> i see so F36 and rhel 8.6 mass updates
16:16:07 <nirik> yeah, depends on the need...
16:16:17 <nirik> we do have many more fedora instances than rhel
16:16:30 <bittin> ah i see. was just curious
16:16:35 <nirik> also, I need to generate a list of Fedora-34 things... so we can move them up.
16:17:27 <mobrien> We wouldn't automatically move everything up to F36 as there maybe some legacy dependancies on some servers
16:18:05 <mobrien> But we try to keep as up to date as we can
16:18:56 <mkonecny> Let's continue with oncall
16:18:57 <mkonecny> #topic Oncall
16:18:57 <mkonecny> #info https://fedoraproject.org/wiki/Infrastructure/Oncall
16:18:57 <mkonecny> #info https://docs.fedoraproject.org/en-US/cpe/day_to_day_fedora/
16:18:57 <mkonecny> ## .oncalltakeeu .oncalltakeus
16:19:03 <mkonecny> #info mobrien on call from 2022-05-06 to 2022-05-12
16:19:03 <mkonecny> #info mkonecny on call from 2022-05-13 to 2022-05-19
16:19:03 <mkonecny> #info ??? on call from 2022-05-20 to 2022-05-26
16:19:23 <nirik[m]> Here's the distribution for anyone who cares:     285  35... (full message at https://libera.ems.host/_matrix/media/r0/download/libera.chat/f2970d4a55b492adfb9598edad350eea81d940b7)
16:19:27 <mkonecny> So we still have free oncall slot for taking from 2022-05-20 to 2022-05-26
16:19:27 <eddiejennings> I can be on-call for 2022-05-20
16:19:51 <mkonecny> Who wants to take it?
16:19:57 <bittin> nirik[m], neat thx
16:20:05 <eddiejennings> mkonecny, I'll take it
16:21:07 <darknao> and I can take the next slot
16:21:18 <mobrien> I think we have a small turnout today so short on volunteers
16:21:33 <mobrien> ha! I am wrong
16:21:44 <mkonecny> I will give it to you
16:22:01 <mkonecny> #info eddiejennings on call from 2022-05-20 to 2022-05-26
16:22:19 <eddiejennings> :D
16:22:28 <mkonecny> #info darknao on call from 2022-05-27 to 2022-06-02
16:23:30 <mkonecny> Ok, we are pretty ready for the oncall in following weeks
16:23:40 <mkonecny> .oncalltakeeu
16:23:40 <zodbot> mkonecny: Kneel before zod!
16:23:53 <mkonecny> #info Summary of last week: (from current oncall )
16:24:13 <mkonecny> mobrien: Any ping?
16:24:34 <mobrien> I actually took this late as I wasn't here for the meeting last week and didn't realise, sorry nirik
16:24:38 <mobrien> I had 2 pings
16:24:53 <mobrien> One was zodbot acting up so I restarted it.
16:25:12 <mobrien> The other was a wiki issue that I asked them to take a ticket about
16:25:28 <mobrien> s/take/create
16:26:38 <mkonecny> Ok, thanks mobrien
16:26:44 <mkonecny> #topic Monitoring discussion [nirik]
16:26:44 <mkonecny> #info https://nagios.fedoraproject.org/nagios
16:26:44 <mkonecny> #info Go over existing out items and fix
16:27:24 <nirik> so, nothing really changed here
16:27:43 <nirik> we continue to get badges and resultsdb alerts anoyingly
16:27:56 <mobrien> I will do that ocp cert tomorrow now that freeze is over
16:28:22 <nirik> was just about to mention that one. ;)
16:28:43 <nirik> also, in other news... I got that zabbix staging instance we setup a long time ago working.
16:28:44 <mobrien> 🙂
16:28:51 <nirik> It's currently only monitoring... itself...
16:28:52 <mobrien> Nice one!
16:29:09 <nirik> but I thought I would add the client to all stg and see what it looks like...
16:29:20 <mobrien> everything healthy I hope
16:30:00 <nirik> yeah, I also need to look at the centos configs for any ideas.
16:30:05 <mobrien> Is it local users for auth?
16:30:32 <nirik> oddly, the gssapi/kerberos auth I was trying to get working the other day, now works.
16:30:42 <nirik> You have to create a local user, but then you can auth via kerberos.
16:31:55 <mobrien> ah ok
16:33:01 <nirik> thats all on monitoring for now I think.
16:33:41 <mkonecny> Thanks nirik
16:33:57 <mkonecny> And we have a learning topic for today
16:34:02 <mkonecny> #topic Learning topic
16:34:03 <mkonecny> #info Intro to AWS and Terraform [mobrien] 2022-05-12
16:34:36 <mobrien> I actually forgot I was doing this till this morning so its a bit rough and ready but here goes
16:34:46 <mobrien> Terraform is a tool made by hashicorp. It is primarily used to deploy Infrastructure as code.
16:34:54 <mobrien> One of the key benefits of Terraform over something like AWS Cloudformation is that it is vendor agnostic.
16:35:11 <mobrien> This means you can deploy to multiple different cloud providers using terraform code.
16:35:17 <mobrien> Terraform is written declaritively which means that you just provide what infrastructure you want and don't have to worry about how the api works to create it.
16:35:56 <mobrien> Terraform uses HCL (Hashicorp Configuration Language) although json can be used. All the docs which are quite good are in HCL
16:36:29 <mobrien> Documentation can be found here https://www.terraform.io/language/syntax/configuration
16:37:00 <mobrien> Generally it based on blocks and argument definitions which I will show as we go.
16:37:12 <mobrien> There is a ton of examples here for aws: https://github.com/hashicorp/terraform-provider-aws/tree/main/examples
16:37:20 <mobrien> They also provide examples for other providers too which can be found on github.
16:37:50 <mobrien> It uses "providers" to define your target, these are plugins which you define depending on where or what you would like to build.
16:38:01 <mobrien> Aws or Azure for example are providers. A list of which you can see here:
16:38:13 <mobrien> https://registry.terraform.io/browse/providers
16:38:29 <mobrien> You will need to define a provider for terraform to understand your code.
16:38:39 <mobrien> An example of defining a provider:
16:38:52 <mobrien> provider "aws" {region = "us-east-1"}
16:39:01 <mobrien> I will be flattening any of the code block examples I use for ease of reading on irc
16:39:21 <mobrien> Generaaly that would be written something like :
16:39:31 <mobrien> provider "aws" {
16:39:44 <mobrien> region = "us-east-1"
16:39:47 <mobrien> }
16:40:55 <mobrien> The HCL language doesn't use "," to separate objects so newlines are important
16:41:07 <mobrien> These are a little awkward to show on irc however
16:41:29 <mobrien> Anyway I digress...
16:41:46 <mobrien> Resource blocks are the back bone of Terraform, they are somewhat like modules in Ansible
16:42:05 <mobrien> They are defined for each object and take variables needed to define the object.
16:42:18 <mobrien> For example creating a vpc in AWS is as simple as
16:42:28 <mobrien> resource "aws_vpc" "vpc_name" { cidr_block = "10.0.0.0/16" }
16:42:53 <mobrien> "resource" is a key word in terraform to say what you are defining, much like provider in the example above
16:43:11 <mobrien> "aws_vpc" is the resource type. These are defined by the provider plugin and specify the type of resource you wish to deploy.
16:43:24 <mobrien> Inside the braces is where the required vars are defined.
16:43:48 <mobrien> Variables are also defined in blocks (the clunkiest part of Terraform in my opinion)
16:43:59 <mobrien> It does however let you more tightly type the variable. An example:
16:44:03 <mobrien> variable "image_id" { type = string }
16:44:19 <mobrien> In this case "image_id" is the variable name. It is not required to pass any parameters to a variable.
16:44:32 <mobrien> Variables can then be used with the var keyword e.g. "var.image_id" would use the variable above.
16:45:16 <mobrien> I will pause there for a minute to give people a chance to read the wall of text and ask any questions on what I have so far before I go on
16:46:41 <nirik> so, I have one:
16:47:06 <nirik> where does one 'run' this? do you install run terraform on your local machine? or do you upload the scripts and it runs in the cloud side?
16:47:09 <mobrien> go for it
16:47:29 <mobrien> You install and run locally
16:48:06 <mobrien> You could set up something like what we have in the batcave for team use
16:48:09 <nirik> ok, cool.
16:48:25 <nirik> so it has some config to know how to talk to your provider?
16:48:29 <mobrien> It is important to keep track of the state of the infra but I will get to that later
16:49:25 <mobrien> So when you write the code you set a provider in the code and then before you run it it will install the required plugins to talk to that provider
16:49:48 * nirik nods
16:50:25 <mobrien> So terraform has a base package and then relies on "providers" which are plugins. They support a lot themselves and there are also community ones
16:51:23 <mobrien> One of the best things about terraform in my opinion is it tries to keep writing the code simple and abstracts a lot away from the user
16:51:49 <mobrien> Now let me move onto the next part
16:51:56 <mobrien> ll the files needed are appended with a ".tf" extension.
16:52:07 <mobrien> When you run a terraform command all the files in the folder with the .tf extension are combined as one and run.
16:52:17 <mobrien> It is up to the developer if they wish to modularise into different files or put everything in one.
16:52:51 <mobrien> Although it is recommended to group objects in files for easier development
16:53:39 <mobrien> As I alluded to earlier Terraform keeps its state in a local file terraform.state by default although this can be stored remotely.
16:54:15 <mobrien> This state file is used when attempting to apply your code for idempotency and bindings.
16:54:27 <mobrien> For exapmle if you just add a new resource to existing infra it will check the state file to know that it only needs to deploy that and not the whole file again.
16:54:38 <mobrien> Also if you wish to delete something with a dependancy it will stop you from doing so.
16:54:58 <mobrien> More info on that here: https://www.terraform.io/language/state
16:55:22 <mobrien> and here: https://www.terraform.io/language/state/purpose
16:55:57 <mobrien> It is integral to how terraform works so if you are thinking of using terraform I strongly advise you read those docs
16:56:22 <mobrien> Finally, running the code.
16:56:30 <mobrien> Terraform has an inbuilt cli: https://www.terraform.io/cli/commands
16:56:39 <mobrien> Some of the important commands:
16:56:46 <mobrien> terraform init
16:56:53 <mobrien> This needs to be run before you run any other commands as it will install and needed plugins
16:57:29 <mobrien> So nirik this is where terraform will pull the required plugins for the providers. it will then store them locally for future runs.
16:57:51 <mobrien> If you add new providers you will need to run this command again otherwise its a run once command
16:58:22 <mobrien> `terraform plan`
16:58:32 <mobrien> This shows an output of what will be created if you run your code
16:58:53 <mobrien> This is very useful to ensure what you are planning to run does exactly what you want.
16:59:08 <nirik> cool. So where would one want to use this over say a ansible playbook? where it's more complex or ? (I have another meeting in a few min, so may need to head out so thought I would toss this out)
17:00:18 <mobrien> The idea is that Terraform is better for infrastructure as code, it's generally simpler and ansible is better at provisioning machines.
17:00:18 <mkonecny> Ok, we are at the end of your time
17:00:30 <mobrien> They would be used in tandem ideally
17:00:49 <mobrien> Dang!
17:00:58 <mkonecny> It's interesting, but we need to end it
17:01:04 <davdunc[m> mobrien: is there still a requirement to maintain a state file?
17:01:17 <mobrien> The end of my talk was just about the cli
17:01:17 <mkonecny> You can continue with discussion outside the meeting
17:01:40 <mobrien> Its mostly whats in the docs anyway
17:01:40 <mkonecny> Thanks everybody for joining today
17:01:43 <mkonecny> #endmeeting