[15:04] mmcgrath has set the subject to Fedora Infrastructure -- Who's here? [15:04] * abadger1999 stops coding for a minute and prepares for a meeting [15:04] * xDamox is ehre [15:04] fchiulli: frank is here [15:05] jcollie: hello... [15:05] f13: I'm somewhat here [15:05] mmcgrath: we'll be following http://fedoraproject.org/wiki/Infrastructure/Schedule as usual. [15:06] mmcgrath has set the subject to Ticketing System -- All [15:06] MrBawb has joined the group chat (i=abob@xxxxxxxxxxxxxxx) [15:06] mmcgrath: So https://hosted.fedoraproject.org/projects/fedora-infrastructure/ is up. [15:06] mmcgrath: AFAIK, people have been testing with it. [15:06] mmcgrath: I like it quite a bit. [15:06] G: mmcgrath: looks good, but can we please put the header image on HTTPS? [15:06] mmcgrath: G: sure. [15:06] mmcgrath: f13: should we put just the login on https? [15:07] mmcgrath: we can leave it for now as is. [15:07] * skvidal is here - just grumbly [15:07] mmcgrath: Does anyone have any issues with me sending out a notification and migrating some items to it? [15:08] G: well yeah, just not a mix, some browsers *cough*IE*cough* don't like it [15:08] mmcgrath: <nod> [15:08] mmcgrath: I'll take that as a no. [15:08] paulobanon: im here [15:08] mmcgrath: paulobanon: yo [15:08] * warren here [15:08] f13: mmcgrath: we should just do all I suppose. Easier. [15:08] f13: I hate to auth via https then suddenly drop to non https [15:08] * mmcgrath does too [15:09] GeroldKa has joined the group chat (n=GeroldKa@fedora/geroldka) [15:09] mmcgrath: So after the announcement and migration of old tickets I'll be removing a bunch of queues and things from OTRS. [15:09] mmcgrath: we still need to figure out what to do with logo@xxxxxxxxxxxxxxxxx and webmaster@xxxxxxxxxxxxxxxxx [15:09] warren: ah, OTRS is shutting down? [15:10] mmcgrath: I've thought about just having a filter that replies with something like "we've moved to a web based system, please go here" [15:10] mmcgrath: but I'll leave that up to those teams. [15:10] mmcgrath: warren: I'd like it to but we've committed to something at least for webmaster and logo. I'll have to work out something with them. [15:10] Rasther has joined the group chat (n=diego@fedora/Rasther) [15:10] mmcgrath: We'll see, anyone have anything else on that topic before we move on? [15:11] mmcgrath: alllrighty [15:11] paulobanon: when _! [15:11] paulobanon: ? [15:11] paulobanon: [15:11] mmcgrath: paulobanon: hopefully by the end of the week. [15:11] paulobanon: k [15:11] mmcgrath has set the subject to Package Database -- abadger1999 [15:11] mmcgrath: abadger1999: whats the latest? [15:12] abadger1999: I'm lagging behind but I think I've just fixed the last issue for bugzilla sync [15:12] abadger1999: I also made a few changes that enable logging into the packagedb from the commandline. [15:13] mmcgrath: abadger1999: any chance for you to move your main testing to publictest1? [15:13] abadger1999: So I can jump right into writing a script to insert information from new completed reviews and branch requests in to the db. [15:13] abadger1999: I've been trying to complete the initial rollout so I didn't work on that but I can. [15:13] abadger1999: Does it use supervisor? [15:14] abadger1999: I'll need to make that port anyho. [15:14] mmcgrath: abadger1999: it doesn't have any tg on there yet at all. [15:14] abadger1999: mmcgrath: k. I'll see about setting it up. [15:14] mmcgrath: solid. [15:14] mmcgrath: anything else? [15:14] warren: one thing [15:14] abadger1999: Anyways -- all that's left is koji sync + the new branch/package script. [15:15] warren: Did we agree on where non-people accounts should be? [15:15] warren: We'll need a koji account (with a cert) for automated sync from pkgdb to koji [15:15] abadger1999: Ah. So I have a few non-people users in the account system living at 9900+ [15:15] abadger1999: But none of those are supposed to login to anything. [15:15] warren: although FAS accounts != koji [15:16] warren: so I'm a little confuse [15:16] warren: d [15:16] abadger1999: The koji account is slightly different. [15:16] * mmcgrath is too [15:16] mmcgrath: these accounts are a requirement for the pkgdb? [15:16] abadger1999: warren: Don't koji accounts sync from FAS? [15:16] warren: abadger1999, I'll ask f13 to confirm [15:16] abadger1999: mmcgrath: All owners in the pkgdb have to be in the FAS. [15:17] f13: yes [15:17] mbonnet: abadger1999: there's no syncing...users are created in koji on-demand, when someone with a FAS client cert logs in [15:17] f13: koji just allows in proper SSL certs [15:17] f13: and creates users on the fly IIRC [15:17] abadger1999: Ah. So you have to get a cert from the FAS. Once you have that, koji gives you permission to connect. [15:17] mmcgrath: yep [15:18] abadger1999: But doesn't actually share any information (like human_name_ with each other. [15:18] f13: correct [15:18] f13: koji's userdb is very very simple. [15:19] f13: username: permissions [15:19] abadger1999: Does koji have a list of revoked certs? [15:19] f13: I don't know. [15:19] * abadger1999 think of roozbeh's stolen laptop. [15:19] mbonnet: abadger1999: not yet...it could though [15:19] f13: that's a good question for mbonnet [15:19] f13: oh there he is (: [15:19] mbonnet: would just need to be configured in mod_ssl [15:20] * mmcgrath smells an SOP [15:21] mmcgrath: should we talk about that later? [15:22] mmcgrath: abadger1999: can we move on for now? [15:22] abadger1999: Well... warren, what do you need for koji sync to proceed? [15:22] mbonnet: however, nalin pointed out a problem with our certificate generation (they all use serial# 0) that might make certificate revocation a problem [15:22] warren: abadger1999, just for me to finish it, it is relatively straightforward [15:22] abadger1999: And a cert? [15:23] warren: abadger1999, that's a separate problem that can be solved after, I'll develop using my account [15:23] abadger1999: k. Then yes, let's move on. [15:24] mmcgrath has set the subject to Config Management -- mmcgrath [15:24] mmcgrath: Nothing new here really. skvidal is trying to figure out a good way to bring puppet to our external servers. [15:24] * skvidal wants to hate puppet a lot [15:24] skvidal: no, [15:24] skvidal: actually that's not true [15:24] skvidal: I hate the pix [15:25] skvidal: it is not puppet's fault that our routing is weird [15:25] f13: the pix. oh god, the pix [15:25] rordway|m: not the pix [15:25] mmcgrath: same old story where fp.o doesn't exist internally and fedora.phx.redhat.com doesn't exist externally. [15:25] jcollie: is there a reason that we can't replace the pix with a fedora box/iptables? [15:25] mmcgrath: our routing is very normal [15:25] skvidal: jcollie: capacity [15:25] f13: and eew. [15:25] mmcgrath: jcollie: $, space, TIME, don't forget we'd need 2 (redundancy) [15:25] f13: please no networking infrastructure running on FEdora. [15:26] paulobanon: skvidal: which PIX and which IOS ? [15:26] skvidal: paulobanon: no clue - we just get to ask for things to be changed on it [15:26] mmcgrath: paulobanon: the problem is the pix can't route traffic out the same interface that it came in on. [15:26] paulobanon: 515E with anyacelarator cards ? [15:26] mmcgrath: tis a 'feature' [15:26] * jcollie should package up rancid so that we can backup the pix configs [15:26] paulobanon: you can create virtual interfaces [15:27] skvidal: paulobanon: so you route to that one from your hosts and it routes you back into the other [15:27] paulobanon: i used to do that in my old company, unless im not following what u guys are trying to do [15:27] paulobanon: basically i had 1 physical interface with 3 virtual ones there [15:27] mmcgrath: we've got external IP on one interface, internal ip on the internal interface. [15:27] mmcgrath: we're trying to have the internal network contact the external IP and have it come back correctly. [15:28] mmcgrath: and AFAIK, its disabled in the PIX as a feature [15:28] * mmcgrath would love to be corrected in this matter [15:28] MrBawb: paulobanon: it can't route back out the same virtual interface [15:28] skvidal: MrBawb: wouldn't have to [15:28] paulobanon: mmcgrath send me a diagram with what you need [15:28] mmcgrath: the guys in #cisco would be able to say better [15:28] mmcgrath: buhh [15:29] mmcgrath: paulobanon: 10.8.34.0 | int1 (PIX) ext1 | 209.132.176.0 [15:29] mmcgrath: we want a 10.8.34.4 to be able to access 209.132.176.7 [15:29] paulobanon: u want both to talk directly is that it ? [15:29] paulobanon: do a static [15:29] mmcgrath: the pix is using nat. [15:30] mmcgrath: won't work. [15:30] mmcgrath: talk to the guys in #cisco [15:30] MrBawb: I'm told in PIX 7.2 there's a way to enable traffic to route out the same virtual interface it comes in on [15:30] MrBawb: as a config feature [15:30] mmcgrath: now that you mention that I seem to remember that being enabled in a later version as well. [15:30] mmcgrath: more research then. [15:31] paulobanon: [15:31] * mmcgrath will move on so we can get done with the meeting. [15:31] mmcgrath: paulobanon: do you know pix's? [15:31] mmcgrath: if you could let us know exactly what to do I could pass that on to the network guys. [15:31] mmcgrath has set the subject to VCS Choice -- jcollie [15:31] mmcgrath: jcollie: any news on your git stuff? [15:31] jcollie: i've updated by git page a bit [15:31] paulobanon: well i used to get AD replications go over a PIX, and that had dynamic ports [15:32] jcollie: i've got the conversion script running on publictest1 [15:32] mmcgrath: how's publictest1 working for you? [15:32] jcollie: although it needs a few more tweaks [15:32] jcollie: now that git and emacs are installed it works great [15:32] mmcgrath: good [15:32] mmcgrath: jcollie: have you had a look at tailor? [15:32] jcollie: although once i'm ready to convert the entire repo i'll need some more disk space [15:33] jcollie: mmcgrath, yeah i've used tailor before but git has better tools natively [15:33] mmcgrath: cool [15:33] mmcgrath: jcollie: well let us know if you need anything. [15:33] mmcgrath has set the subject to db1 -- mmcgrath knurd is now known as knurd_afk [15:33] mmcgrath: an outage is scheduled for this monday. Hopefully we'll have no bumps. [15:34] mmcgrath: I'd appreciate it if any of you that could be around, to be around. [15:34] mmcgrath: never hurts to have people on hand for these types of things. [15:34] mmcgrath has set the subject to Server Upgrades -- mmcgrath [15:34] mmcgrath: I've put in a request for a memory upgrade for two boxes. I'm still awaiting to hear exactly what will come of it. [15:35] mmcgrath has set the subject to Xen Conversion -- mmcgrath [15:35] mmcgrath: as I mentioned on the list I've created a "scanXen.sh" on bastion. [15:35] mmcgrath: should let everyone know what hosts are running on what guests. [15:35] paulobanon: nice scripts btw! [15:35] mmcgrath: danks [15:35] mmcgrath has set the subject to Bacula Transition -- mmcgrath [15:35] mmcgrath: I've gotten the ok from ixs to comaintain this pacakge. [15:36] mmcgrath: I'm waiting for one more post from him then hopefully we can get it accepted. [15:36] mmcgrath: ixs: any word on that? [15:36] * mmcgrath will assume ixs isn't around [15:37] mmcgrath has set the subject to Elvis move -- mmcgrath [15:37] mmcgrath: so I'm working on moving some modules from elvis to cvs. [15:37] mmcgrath: http://fedoraproject.org/wiki/Infrastructure/RFR/ElvisMove [15:37] mmcgrath: its... coming along I suppose. [15:37] paulobanon: full of confidence i see... [15:37] mmcgrath: I've run into a few errors, rather than assume the correct next action I've contacted the devs. [15:37] paulobanon: [15:37] mmcgrath: heh [15:38] mmcgrath has set the subject to FAS2 -- mmcgrath [15:38] mmcgrath: right now I've moved FAS2 to publictest1 but I can't get FDS to start, I need to contact the fds guys as to why that is. [15:38] mmcgrath: As soon as the translation, db1 and hosted.fp.o thing settle down I'm hoping to hit it pretty hard. [15:39] mmcgrath has set the subject to Project Hosting -- f13 [15:39] mmcgrath: f13: any news? [15:39] paulobanon: is FAS2 in dev status or already in testing phase ? [15:39] f13: mmcgrath: going to package up the plugins I use for Trac so they're proper [15:39] mmcgrath: dev [15:39] mmcgrath: f13: do you have a time frame on that? [15:39] ixs: mmcgrath: I'm around. finishing up tomorrows presentation. [15:39] f13: and caught wind of another plugin we should probably use, a change multiple plugin. [15:39] f13: mmcgrath: I was hoping this afternoon, ran into some things. I'm working from home tomorrow and should have more time to do it then. [15:39] mmcgrath: f13: cool [15:40] mmcgrath: ixs: do you know when you'll have the latest bacula posted? [15:40] ixs: mmcgrath: I hope I'll manage saturday afternoon or sunday. [15:40] mmcgrath: ixs: k. [15:40] ixs: if not, I'll just hand over the current stuff to you and you can finish it while I'm having exams. [15:40] mmcgrath: ixs: solid, thanks. [15:40] mmcgrath: f13: anything else on project hosted? [15:42] * mmcgrath moving on [15:42] f13: I don't think so. WOuld still like a logo and such [15:42] mmcgrath: <nod> [15:42] rwmjones_ has joined the group chat (n=rjones@xxxxxxxxxxxxx) [15:42] mmcgrath has set the subject to fedorapeople.org -- skvidal [15:42] mmcgrath: skvidal: yo [15:42] mmcgrath: whats the word? [15:42] skvidal: yes [15:42] rwmjones_ has left ("Leaving" (n=rjones@xxxxxxxxxxxxx)) [15:42] skvidal: xen instance is up [15:42] skvidal: registetred host names [15:43] skvidal: I'm just fighting with puppet on external hosts to get it ocnfigured properly [15:43] skvidal: does anyone remember what the plan was for controlling the wildcard dns? [15:43] f13: plan? [15:43] mmcgrath: 'controlling' ? [15:43] skvidal: okay [15:43] skvidal: good times [15:43] paulobanon: heh [15:44] f13: can't we do some fun $GENERATE stuff? [15:44] mmcgrath: if alsdkfj.fedorapeople.org doesn't exist can't we just send it to the default location? [15:44] f13: or failing that, hook up some tool to parse active users and spit out a fully formed zone file? [15:44] skvidal: f13: that sounds like unfun [15:44] skvidal: I'm inclined to - if we don't find a match dump them elsewhere [15:44] f13: mmcgrath: I assume we don't want things like 'shihead.fedoraproject.org' actually loading a page. [15:45] f13: er 'shithead' [15:45] f13: or even worse words. [15:45] mmcgrath: s/fedoraproject/fedorapeople/g [15:45] f13: all the same [15:45] skvidal: f13: jessekeating.atemyballs.com ? [15:45] mmcgrath: I had assumed that an unfound address would bring up a page saying that "This user does not exist" [15:46] f13: that would probably be acceptable. [15:46] mmcgrath: something very un-interesting. [15:46] mmcgrath: skvidal: what did you have in mind? [15:46] skvidal: probably dumping them to a page with an index of all the users [15:46] skvidal: so they could figure out where they went wrong [15:47] mmcgrath: WORKSFORME [15:47] skvidal: okie doke [15:47] skvidal: once I get puppet/the firewalled boxes to behave [15:47] skvidal: I'll move on from there [15:47] skvidal: planet1.fedoraproject.org will be up by the end of the day [15:47] skvidal: once it is happy I'll repoint planet to it [15:48] mmcgrath: excellent. [15:48] mmcgrath: skvidal: whats the word on your quota strategy? [15:48] skvidal: mmcgrath: $magic [15:48] mmcgrath: buhhhhh perl? [15:48] mmcgrath: [15:49] skvidal: mmcgrath: it's all local disk - we can do per-user quotas soft/hard set equal so they fail immediately when they fill up [15:49] skvidal: the only trick I have to figure out is new user addition [15:49] skvidal: when make-shell-accounts automatically adds new folks [15:49] skvidal: how do we add their quotas [15:49] skvidal: optionally [15:50] skvidal: we can just add quotas to all users after every make-shell-accounts run [15:50] skvidal: for user in people [15:50] skvidal: setquota to protouser quota [15:50] skvidal: etc [15:50] skvidal: any objections? [15:50] abadger1999: skvidal: That second one sounds easier. [15:50] skvidal: easier than $magic? [15:51] skvidal: you must not be a real wizard, then [15:51] mmcgrath: skvidal: I'm up for whatever. [15:51] mmcgrath: we can always change it if its not working for some reason [15:51] skvidal: mmcgrath: I've heard that about you [15:51] * paulobanon wonders if everyone is waiting for the last Harry Potter book... [15:51] skvidal: paulobanon: I am [15:51] skvidal: oh and speaking of that [15:51] paulobanon: me too [15:51] skvidal: july 21st [15:51] paulobanon: haha [15:51] skvidal: do not expect to hear from me [15:51] paulobanon: 24h reading [15:52] jcollie: been on preorder at amazon.com for months [15:52] jcollie: skvidal, what about jul 11th? [15:52] mmcgrath: alright alright [15:52] mmcgrath: lets hold off on the hp stuff for a bit [15:52] mmcgrath: skvidal: anything else? [15:52] paulobanon: skvidal: please prepare an skvidal_outage and mail it [15:52] skvidal: mmcgrath: no - all good [15:52] f13: I may be out that day as well [15:53] f13: possibly longer depending on if I sustain injuries during fighting with my wife for the book [15:53] * kanarip keeps silent [15:53] * paulobanon apologises for taking the meeting out of trac [15:53] mmcgrath: no worries [15:53] mmcgrath has set the subject to Ibiblio Mirror -- My bad [15:54] mmcgrath: Still nothing new on this. [15:54] skvidal: mmcgrath: what's on the [s]hitlist for that? [15:54] mmcgrath: skvidal: test the new mirror from phx [15:54] mmcgrath: then find a group of mirrors to test with. [15:54] skvidal: sorta an mdomsch sort of thing [15:55] mmcgrath: well that first one we can do. [15:55] Rasther has left ("..." (n=diego@fedora/Rasther)) [15:55] mmcgrath: I was going to work with mdomsch on the test group but he's on vacation [15:55] mmcgrath: so thats where its att [15:55] mmcgrath has set the subject to Open Floor -- Anyone [15:55] mmcgrath: So I'm thinking for the next meetings we'll try to actually use the ticketing system. [15:55] paulobanon: mmcgrath can u create an are or in trac or in the wiki and upload our public scripts [15:56] paulobanon: so that they wont get lost [15:56] mmcgrath: paulobanon: OH thast right. [15:56] mmcgrath has set the subject to HG vs GIT -- All [15:56] mmcgrath: Ok, so both hg and git do what we need to do. [15:56] mmcgrath: seems like our group tilted to git. [15:56] mmcgrath: thoughts? [15:57] paulobanon: guess not [15:57] abadger1999: Let's do it. [15:57] skvidal: mmcgrath: darcs! [15:57] f13: rcs [15:57] abadger1999: skvidal: Because we don't spend enough quality time answering questions from our VCS [15:57] f13: I still try to do 'co -l' when I check something out. [15:58] skvidal: f13: see, this is why you're broken [15:58] f13: yes, I cut my teeth on sun solaris and rcs and bind. Aren't I lucky [15:58] paulobanon: talking about VCS, when will we resume the discussions about the new packagers VCS ? [15:58] mmcgrath: Well lets just take a vote [15:58] mmcgrath: +git [15:58] mmcgrath: or [15:58] mmcgrath: +hg [15:58] skvidal: +git [15:58] mmcgrath has set the subject to Vote [15:58] paulobanon: +git [15:59] f13: +git [15:59] blizzard: +cvs [15:59] * blizzard runs [15:59] * paulobanon waves to blizzard [15:59] halfline: f13: +git? I thought you were very +hg ? [15:59] tibbs has left ("Konversation terminated!" (n=tibbs@fedora/tibbs)) [15:59] abadger1999: +git [16:00] mmcgrath: ok, the gits have it [16:00] * mmcgrath is actually wearing a shirt right now that says "I'm with this stupid git" and there's an arrow. [16:00] mmcgrath: so I'll get working on that [16:00] mmcgrath has set the subject to Open Floor -- ALL [16:00] f13: halfline: well, that was until I wanted to do in-repo branching. [16:00] mmcgrath: we've got a couple minutes left. [16:00] mmcgrath: Anyone have anything to discuss? [16:00] ke4qqq has joined the group chat (n=chatzill@xxxxxxxxxxxxxxxxxxxxxxxxx) [16:00] f13: halfline: I still prefer hg's ui and simplicity, but in-repo branching is terrible there. [16:01] paulobanon: we should start talking about the future VCS in the ML again... [16:01] paulobanon: its never too early to take care of such an important thing [16:02] abadger1999: f13: bzr [16:02] * abadger1999 's turn to run [16:02] mmcgrath: paulobanon: thats true. Jcollie has been doing a good job working with getting some git stuff going too. [16:03] mmcgrath: Ok, its time, anyone have anything else? if not I'll close the meeting in 15 [16:03] eva has joined the group chat (n=eva@xxxxxxxxxxxxxx) [16:04] mmcgrath has set the subject to MEETING END
Attachment:
signature.asc
Description: This is a digitally signed message part
