16:00:44 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Meeting - Role Call 16:00:45 < mmcgrath> Who's here? 16:00:46 * ricky waves to warren and jeremy :P 16:00:55 * skvidal is here 16:00:57 * lmacken 16:00:57 -!- warren [i=warren@redhat/wombat/warren] has quit Remote closed the connection 16:00:57 -!- jeremy [i=katzj@nat/redhat/x-282f78b789f9fc9d] has quit Remote closed the connection 16:00:58 < mmcgrath> heheheh 16:01:00 < mmcgrath> there they go 16:01:00 < skvidal> hahahaha 16:01:00 < ricky> Hehe. 16:01:02 < skvidal> how on earth 16:01:05 < mmcgrath> like clock work 16:01:48 -!- jeremy [i=katzj@nat/redhat/x-0f82d1e06695232a] has joined #fedora-meeting 16:02:09 < mmcgrath> mbonnet_: mdomsch lmacken abadger1999 dgilmore jima ping 16:02:13 < mmcgrath> anyone I forgot ping 16:02:37 < abadger1999> heheh, I wonder what would happen if I started watching for "anyone" 16:02:46 * nirik sits in the spectator seats. 16:02:47 -!- warren [i=warren@nat/redhat/x-f451cb84616c1460] has joined #fedora-meeting 16:03:07 < warren> connection died 16:03:20 < mmcgrath> Ok, lets get started 16:03:28 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Tickets 16:03:39 < mmcgrath> https://hosted.fedoraproject.org/projects/fedora-infrastructure/query?status=new&status=assigned&status=reopened&group=milestone&keywords=%7EMeeting&order=priority 16:03:40 -!- giarc [i=hidden-u@xxxxxxxxxxxxxxxx] has joined #fedora-meeting 16:03:59 < mmcgrath> So first a new ticket # 152 16:04:06 -!- glezos [n=glezos@fedora/glezos] has joined #fedora-meeting 16:04:07 < mmcgrath> VPN setup. 16:04:18 < mmcgrath> Did everyone get my email to the list earlier this week? 16:04:32 * jima stumbles in 16:04:38 * glezos jumps in too 16:04:48 < mmcgrath> Did anyone get it? 16:04:49 < ricky> mmcgrath: Sorry, what was the subject again? 16:05:06 < jima> oh, about vpn stuff 16:05:07 < skvidal> architecture changes 16:05:23 < ricky> Oops, got it- missed that the first time somehow. 16:05:28 < warren> "external systems" meaning what? 16:05:32 < abadger1999> Yep. 16:05:37 < mmcgrath> I'm still deciding on some of the technical bits on it. For example do we want bridged or routed, etc. 16:05:41 < mmcgrath> warren: anything not in PHX. 16:05:54 < mmcgrath> which at this point would include Duke and the tummy.com servers. 16:06:12 < mmcgrath> s/servers/hosts/ 16:06:16 * dgilmore is here 16:06:18 < warren> what is running on tummy.com? 16:06:38 < skvidal> nothing, yet 16:06:46 < mmcgrath> Right now xen9 and proxy3. Its not official as its blocking on an ok from legal and the VPN (described in #152) 16:06:49 < ricky> proxy3 in the future? 16:06:52 < mmcgrath> ricky: yep 16:07:17 < mmcgrath> xen9 is actually up and using puppet and everything, proxy3 is up but not configured yet. 16:07:43 < mmcgrath> Anyone have any comments on the email? Did it sound sane enough to try? 16:07:50 < ricky> So I assume that the way the Duke servers was setup required going through Redhat IS to get firewall stuff? 16:07:54 < mmcgrath> paulobanon: ping (forgot to ping you earlier) 16:08:07 < mmcgrath> well, there's a couple of problems we're solving by using vpn. 16:08:31 < mmcgrath> the biggies are access to the internal network, and encrypted communications (for example with bacula) 16:08:38 * nirik is a big fan of openvpn. Works great and is very flexable. 16:08:47 < mmcgrath> nirik: I am too, I've had great success with it in the past. 16:08:59 * jima is a big openvpn fan, as well. 16:09:05 < ricky> I've toyed with OpenVPN a bit- I like it a lot. 16:09:18 < mmcgrath> So there's a few questions still floating around in my head. 16:09:36 < mmcgrath> 1) name space 16:09:46 < mmcgrath> 2) ip space (routed vs bridged) 16:09:48 < jima> iow, i think there might be a general consensus that openvpn was the right software to use ;) 16:09:50 < mmcgrath> 3) bootstrapping 16:10:08 * jima has only done routed 16:10:19 < mmcgrath> With name space as it is we have proxy[1-2].fedora.phx.redhat.com and proxy3.fedoraproject.org 16:10:40 -!- fab__ [n=bellet@xxxxxxxxxxx] has quit Connection timed out 16:10:48 * jima winces a little 16:11:02 < mmcgrath> We (or I) have to figure out a proper domain for all of our stuff. I think this line of thought will ultimately end in us running our own DNS and ridding ourselves of fedora.phx.redhat.com 16:11:13 < mmcgrath> 2) Is still up for debate. 16:11:21 < mmcgrath> and 3) I think will just be a technical implementation. 16:11:39 < mmcgrath> does anyone have any comments/ideas/concerns for what I'm going for here? 16:11:52 -!- fab__ [n=bellet@xxxxxxxxxxx] has joined #fedora-meeting 16:12:24 < skvidal> any concerns this will play silly buggers with xen or kvm? 16:12:53 < mmcgrath> skvidal: AFAIK its gone fine. 16:12:54 < jima> what will? openvpn? 16:13:06 < mmcgrath> I've actually got proxy3 connected to bastion right now in a test via an SSH tunnel + openvpn. 16:13:10 < mmcgrath> seemed to play just fine. 16:13:16 < skvidal> mmcgrath: cool. thanks 16:13:31 * jima could spin up an openvpn link involving xen, if mmcgrath hadn't 16:13:40 < mmcgrath> :) 16:13:54 < mmcgrath> ok, so I'll keep everyone informed on that more when the blocks (RHIS mostly right now) are all figured out. 16:14:06 < mmcgrath> Next ticket is.... 16:14:13 < mmcgrath> #14 which I'd imagine is still on hold 16:14:22 < mmcgrath> no jcollie, we'll skip. 16:14:33 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Schedule 16:14:35 < mmcgrath> http://fedoraproject.org/wiki/Infrastructure/Schedule/ 16:14:37 -!- frankc [i=824c6013@gateway/web/cgi-irc/ircatwork.com/x-31ec561b1be00be3] has joined #fedora-meeting 16:14:51 < mmcgrath> First item is Corporate sponsorship. 16:15:06 < ricky> :( at the websites team response. 16:15:14 < skvidal> mmcgrath: you agreed to have the starbucks logo tatoo'd on your forehead? 16:15:20 < ricky> Hehe. 16:15:25 < mmcgrath> I've been in a couple of meetings this week. Some stuff looking good but nothing in stone yet. 16:15:30 < mmcgrath> skvidal: inner thy. 16:15:31 < glezos> ricky: sorry, I've been really busy lately :( 16:15:37 < mmcgrath> glezos: not your or ricky's fault. 16:15:40 < skvidal> mmcgrath: more people would see that, yah 16:15:41 < ricky> glezos: No problem. 16:15:46 < jima> mmcgrath: that sees much traffic, then? 16:15:47 * f13 peeks in. 16:15:48 < dgilmore> skvidal: we need to leave space there for a second logo also 16:15:50 < mmcgrath> I was actually thinking about sending a cattle call out for more 'web masters' 16:16:00 < mmcgrath> since it turns out both ricky and glezos actually know how to code :) 16:16:06 < skvidal> dgilmore: :) 16:16:18 < mmcgrath> It'd be nice to have one or two people who can focus ENTIRELY on the view and look of our pages. 16:16:26 < ricky> For the "record," I don't have anything started with the sponsorship page, as some people on the list thought. 16:16:27 -!- jwb is now known as jwb_gone 16:16:36 < jima> and who can do design worth >crap? wow! 16:16:40 < mmcgrath> ricky: thats my thought :) 16:16:43 < mmcgrath> err fault. 16:16:56 < ricky> Ah, no problem. 16:17:27 * mmcgrath sees if he can get mizmo's attention real quick for some consultation. 16:17:37 < ricky> I was expecting a slightly more excited response, though. It's basically just a "design and plug into template" type of thing. 16:17:51 -!- mizmo [i=duffy@nat/redhat/x-686300b264b66012] has joined #fedora-meeting 16:17:52 < mizmo> yo 16:17:55 < mmcgrath> ricky: me too, I think we have a shy bunch there. 16:18:19 < mmcgrath> mizmo: Who do you think would be more interested in the design / presentation aspect of our websites. The art-list or the marketing-list? 16:18:29 < glezos> mmcgrath: or puzzled on how to start/publish somthing.. 16:18:32 < mmcgrath> I'm thinking about sending a notification that we're looking for some more people in the websites list. 16:18:36 < mmcgrath> glezos: yeah. 16:18:51 < mizmo> mmcgrath: i think art list 16:19:04 < ricky> I'm really hoping that website buildsystem thingy that I'm playing with will stir up some life on the list. 16:19:06 < mmcgrath> k, thanks. 16:19:15 < mmcgrath> ricky: <nod> 16:19:30 < glezos> ricky: cool 16:19:39 < mmcgrath> so How about this, I'll send an email to the art list to see if we can get a few people (3 or 4) to join the websites team to help work on just those aspects of the website. 16:19:48 < mizmo> sounds good 16:19:52 < mmcgrath> that should help take the load off of ricky and glezos since they're actually working on some apps right now. 16:20:18 < mmcgrath> The thing thats tricky here is that I'd really like the websites team to be able to take and do requests similar to how the art team has their page now. 16:20:40 < mmcgrath> Anyone have any comments on that? If not we'll move on to the next topic. 16:20:54 < dgilmore> mmcgrath: sounds good to me 16:20:58 * jima avoids design like it might be contagous 16:21:20 < glezos> mmcgrath: +1. Some more documentation on how to checkout code and build a local fpo website could help newcomers. 16:21:21 < jima> contagious, even 16:21:23 < mmcgrath> jima: I do too, I'm just terrible at it. 16:21:27 < jima> mmcgrath: ditto 16:21:36 < mmcgrath> glezos: indeed, is there even a site on the wiki for the websites team? 16:21:38 < ricky> +1 for the websites team taking requests, etc. like the art team. 16:21:44 < mmcgrath> I guess now's a good time to bring up governance a bit. 16:21:44 < ricky> mmcgrath: fp.o/wiki/Websites 16:21:47 < dgilmore> thast why we have people like mizmo to make things look pretty 16:21:53 < glezos> mmcgrath: there is, but it seems dead :/ 16:21:57 < ricky> May be slightly outdated :( 16:22:03 < jima> more power to those who can do design :| 16:22:10 < mmcgrath> dgilmore: more than just that, people like mizmo makes them usable in many cases. 16:22:24 < glezos> I think the overlapping between art, infra, docs and websites has caused the latter to become a bit stalled 16:22:44 < mmcgrath> So here's a general question, should the websites team remain a separate entity or should it be considered a subset of the infrastructure group? 16:23:06 < ricky> glezos: Once we expand the static pages a bit, the websites team will have a much more defined/specific goal. 16:23:07 < mmcgrath> On the one hand I'd like it to be different, but it feels like the infrastructure team has a total overlap with it and that we keep 'kick starting' it over the last couple of years. 16:23:08 < skvidal> does it matter? 16:23:14 < mmcgrath> skvidal: you've been aroudn longest, what do you think? 16:23:18 < ricky> (Which is my larger goal with what I'm doing now). 16:23:20 < mmcgrath> skvidal: I have no idea, just thinking out loud. 16:23:27 < skvidal> well, I mean - from a hierarchy standpoint what does it get us? 16:23:42 < skvidal> if the websites team stops doing things we kick start it and maybe it does something 16:23:43 < f13> that's a question of content vs service 16:23:44 < mmcgrath> I have no idea. 16:24:00 < skvidal> if the websites team is a subset and it stops doing things, we kick start it and maybe it does something 16:24:04 < skvidal> sounds like a toss up either way 16:24:05 < f13> infrastructure team owns the services, httpd, daemons whatever. content folks own teh content served by those services. 16:24:23 < skvidal> f13: that's a fair distinction and it speaks to maintaining the status quo 16:24:29 < mmcgrath> f13: I don't want that to change, Infrastructure + content scares the crap out of me :) 16:24:34 * ricky adds the l10n team into the websites-related teams medley. 16:25:09 < f13> mmcgrath: right, keep the content out of infrastructure. 16:25:28 < mmcgrath> So lets leave it as it is, even if it is an artificial separation right now. That may not be the case in the future. 16:25:47 < mmcgrath> One of the problems is that the websites team has only just started seeing work to do over the last couple of months for the most part so its hard to gauge it. 16:25:51 * mmcgrath will contact the arts list. 16:25:56 < glezos> FWIW, we use templating a lot, so it shouldn't be hard for the designers to contribute *only* on design. 16:26:05 < mmcgrath> <nod> 16:26:14 < mmcgrath> anything else on this topic? If not we'll move on. 16:26:35 < mmcgrath> k, next topic 16:26:48 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Architectural Documentation 16:27:00 < mmcgrath> When the VPN roles out we'll actually be in an environment that is reasonably complex. 16:27:20 < mmcgrath> In theory we could have 4 or 5 external proxy/cache servers at the end of the year. Hopefully in different countries. 16:27:43 < mmcgrath> how they all communicate and what they all do will be, by far, the most complex environment this team has seen so we'll have to do a better job of documentation. 16:28:03 < mmcgrath> This has typically fallen on me for most stuff (I was very happy to see glezos add an SOP this week) 16:28:10 -!- rdieter_away is now known as rdieter 16:28:24 < mmcgrath> but we may have to spend a week or two, as a team, getting http://fedoraproject.org/wiki/Infrastructure/Architecture/ setup better. 16:28:36 < mmcgrath> anyone have any ideas on how best to allow others in the team to do this? 16:29:23 < mmcgrath> jima: this would be a good thing from the noc point of view btw. 16:29:38 < mmcgrath> We'll talk about that as we start to implement it more. 16:29:39 < ricky> Split it up into categories/pieces that need documentation? 16:29:42 * jima nods 16:29:52 * jima looks at that wiki page 16:30:04 < mmcgrath> ricky: yeah, I could put a section under there that has everything listed including what has not yet been documented. 16:30:24 < mmcgrath> I'll move on for now though 16:30:30 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- SOP 16:30:36 -!- clarkbw [n=clarkbw@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx] has quit Read error: 110 (Connection timed out) 16:30:39 < jima> AIEE! drawings! 16:31:16 * jima flees 16:31:16 < mmcgrath> New SOP from this week was provided by glezos, everyone take a look - http://fedoraproject.org/wiki/Infrastructure/SOP/Translations 16:31:23 < mmcgrath> glezos: good job with that. 16:31:38 < mmcgrath> Next topic 16:31:47 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- User Sponsorship 16:31:59 < mmcgrath> No new infrastructure users 16:32:06 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Open Floor 16:32:16 < mmcgrath> Ok, so we're at the half hour mark or so, anyone have anything they'd like to discuss? 16:32:48 < skvidal> facter 16:32:48 < nirik> anyone have ideas on how to fix https://hosted.fedoraproject.org/projects/fedora-infrastructure/ticket/89 it's been busted for a while. ;( 16:32:51 -!- tibbs [i=tibbs@fedora/tibbs] has quit "Konversation terminated!" 16:33:17 < mmcgrath> nirik: we can disable the plugin I suppose. Thats an upstream thing though so I think many have been timid to take it on. 16:33:20 < mdomsch> nirik, it tracebacks... 16:33:20 < mmcgrath> <nod> 16:33:33 < mmcgrath> skvidal: talk about what you've done with facter 16:33:55 < f13> yeah, drop the plugin. 16:33:56 < skvidal> after a great deal of hating myself I've added a couple of facts to facter for puppet 16:33:57 < nirik> yeah, the ticket iself, not the problem it describes. ;) I mailed the submitter direct and I think it's complete. Perhaps there is some way for someone to mark it done in the db? 16:33:59 < ricky> mdomsch: It seems to be a bug with the git plugin. 16:34:08 < ricky> mdomsch: And when the git plugin is disabled, it complains about the SVN plugin- grrr. 16:34:13 < mdomsch> doh 16:34:20 < mdomsch> redirect git URLs -> gitweb 16:34:21 -!- couf [n=couf@fedora/couf] has quit "leaving" 16:34:31 < f13> ricky: huh? 16:34:44 < f13> ricky: perhaps the disabling was done wrong. 16:34:47 < skvidal> puppet uses the program facter to determine all sorts of things about the box - login to any infrastructure box and type 'facter' to see the results - I've added a file in cvs called fedora-local.rb 16:34:58 < f13> I've successfully disabled thigns in teh revisor trac so that they can deal with a ticket, then re-enable it. 16:34:59 < mmcgrath> f13: one sec, we'll talk about that in a bit. 16:35:01 < skvidal> we can edit that file to update the facts puppet can use as $variables 16:35:35 < skvidal> so right now I added: $distrorelease which is the result of rpm -q --qf "%{version}\n" --what-provides redhat-release 16:35:45 < skvidal> and I've added mmcgrathisawanker 16:35:48 < skvidal> which is always true 16:35:50 < skvidal> :) 16:35:50 < mmcgrath> facter | grep mcgrath 16:35:53 < mmcgrath> is amusing. 16:36:02 < mmcgrath> heh 16:36:03 * dgilmore is scared 16:36:05 < skvidal> I did that to show how to set facts as simple strings 16:36:18 < mmcgrath> And it is pretty simple. It will be nice to be able to use this. 16:36:30 < f13> skvidal: hrm, eventually that should probably change to "system-release" but not for a while. 16:36:33 < mmcgrath> skvidal: thank's for doing the research and getting that working and for the whole rhel5.repo file thing :) 16:36:34 < skvidal> the point is if we need to make a decision about something based on some value on the system we can add facts, push the file then use those facts in the next run of uppet 16:36:49 < skvidal> f13: not any time soon for rhel and centos :) 16:36:58 < f13> yeah, RHEL6 timeframe. 16:37:00 < skvidal> oh yah and I closed the reposync ticket 16:37:13 < skvidal> which just means we're using an 'ahem' local cache 16:37:14 -!- walters [n=walters@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx] has quit Read error: 110 (Connection timed out) 16:37:21 < skvidal> of things for updating our rhel5 boxes 16:37:23 < mmcgrath> hurray for a local cache. 16:37:28 * jima doesn't even know if he has shells on any infrastructure servers 16:37:31 < mmcgrath> skvidal: thanks again. 16:37:40 < skvidal> so the annoying rhn errors will be gone 16:37:48 < skvidal> mmcgrath: sorry it took so long 16:37:51 < mmcgrath> jima: you do, I thought I even asked you to look into somethign once. I just thought you were too busy / not interested. 16:37:57 < mmcgrath> skvidal: mostly my fault for not giving you a place to store it. 16:38:04 < mmcgrath> ok, we'll move on to the plugin error. 16:38:13 < mmcgrath> f13: actually I ran into that problem too, whats the right way to disable all plugins? 16:38:17 < jima> mmcgrath: mostly i was like "...huh?" 16:38:54 < f13> just a tic 16:39:14 * jima logs into bastion. wow! 16:39:17 < mmcgrath> err all plugins for a specific repo 16:40:04 < f13> oh haha. 16:40:10 < skvidal> f13: ? 16:40:13 < f13> looks like you tried commenting with #, I think the config file comment is ; 16:40:24 < mmcgrath> yeah that sounds like me :) 16:40:37 < ricky> f13: I'm pretty sure that both are valid. 16:40:43 < mmcgrath> though I thought it just made it use the svn plugin instead. 16:40:48 < f13> is somebody editing it right now? 16:40:55 < mmcgrath> <nod> see - https://hosted.fedoraproject.org/projects/fedora-infrastructure/ticket/89 16:40:58 * mmcgrath is not. 16:41:01 * dgilmore goes to kick jima :) 16:41:03 < f13> there is a .swp file there. 16:41:19 < jima> dgilmore: ? 16:41:27 * f13 writes anyway 16:41:31 < dgilmore> jima: * jima logs into bastion. wow! 16:41:54 < ricky> f13: Oops, sorry- that's me. 16:42:06 < f13> Found a swap file by the name "/srv/web/trac/projects/fedora-infrastructure/conf/.trac.ini.swp" owned by: apache dated: Thu Sep 13 13:42:36 2007 16:42:15 < ricky> f13: I closed it- write away. 16:42:16 < f13> ricky: can you quit so I can write? 16:42:40 -!- rdieter [n=rdieter@xxxxxxxxxxxxx] has quit Remote closed the connection 16:43:36 < f13> interesting. 16:43:41 < mdomsch> mmcgrath, reason for httpd being stopped on app4? 16:43:55 < f13> it didn't used to do this. Wonder how 'svn' is not supported anymore. 16:44:20 < mmcgrath> mdomsch: nope, and actually puppet should be enabling it if its off, let me look at it real quick. 16:44:36 < ricky> trac.versioncontrol.* = disabled in [components] didn't even do it. Grrr. 16:44:43 < mdomsch> tuesday 11:39am it stopped with a SIGTERM 16:45:11 < mmcgrath> I seem to remember shutting it down for a test but I'm wondering why puppet didn't turn it back on. 16:45:26 < mdomsch> puppet will, or supervisor (which doesn't) 16:45:48 < f13> ricky: yeah, this is bothersom. svn should be a valid scm 16:45:51 < mmcgrath> puppet should turn on httpd. 16:46:04 < mmcgrath> f13: so you're seeing the same thing we are with that? Something strange is going on? 16:46:23 < ricky> My other question is.. why does the tickets component *care* about SCM? 16:46:50 < f13> ricky: some twisted path of Trac. You can have wiki entries that are SCM checkin IDs and it will tooltip the checkin comment 16:47:08 < f13> kind of neat, but means that anything wiki based (which tickets are) go through the scm plugin code path. 16:47:14 < f13> but svn /should/ be there, it's stock in trac. 16:47:18 < ricky> Sounds cool, but adds more points of failure. 16:47:31 < abadger1999> ricky: IIRC, someone added a link into the repository in that ticket (changeset:1111 type thing) 16:47:40 < ricky> Ahh. 16:47:57 < ricky> We could remove it manually, but it'd be nice if this kind of thing worked too :) 16:48:03 < mmcgrath> lets discuss this in #fedora-admin after the meeting (Since the meeting is almost done) 16:48:13 < ricky> Sure thing. 16:48:28 < mmcgrath> does anyone have anything else to discuss? If not we'll close the meeting in 30 16:48:38 * lmacken is upgrading bodhi as we speak :) 16:48:45 < mmcgrath> 15 16:48:58 < mmcgrath> 5 16:49:03 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Meeting End 16:49:05 < jima> lmacken: yay! 16:49:06 < mmcgrath> thanks for coming everyone 16:49:08 < ricky> Thanks. 16:49:12 < mmcgrath> mizmo: thanks for stopping by. 16:49:22 < mizmo> yep :) 16:49:27 -!- mizmo [i=duffy@nat/redhat/x-686300b264b66012] has left #fedora-meeting ["w00tw00t"] 16:49:33 < glezos> mmcgrath: thanks
Attachment:
pgpW1yRG2kN1Y.pgp
Description: PGP signature
