On Tue, Nov 26, 2019 at 10:59 AM Igor Gnatenko <ignatenkobrain@xxxxxxxxxxxxxxxxx> wrote: > > Hello fellows, > > After last publication on LWN about Fedora Modularity mess, I think it > is time to describe the idea I was proposing internally with few other > folks (Adam Samalik, Brian Exelbierd) back in the RH times. > > Before I actually go deep, I'll try to answer main questions to myself > (so that you can understand why I am proposing this particular thing). > > 1. Do we want to package multiple streams only for "leaf" software or > any kind of it? > I believe that we need both, and we do support both. However, it might > not look as nice as it could: > * Need to create multiple repos for different "streams" > * Need to maintain epel7/epel8/f30/f31/master branches > * Package names have to be "mangled" (e.g. mozjs38, mozjs60) and it is > manual work > * However, those are supposed to be (according to the guidelines) > parallel-installable (and not be conflicting in any way) > Doing git merge / git cherry-pick and maintaining many git remotes > requires some advanced git knowledge and a time. And we can't actually > have multiple versions of a package with same name (without "mangled" > names) in a repo due to the way how our buildsystem works (and not > only buildsystem, with some caveats). > We do have some kind of a solution for multiple releases building from > one branch (package.cfg), however this work has been never finished, > thus there are many problems with this approach. > I think we need to recognize that we've done some poor optimization for the majority of packager workflows. Even if we consider modules, the vast majority of components will never be modularized. Moreover, we already know that the overwhelming majority of specs are managed identically across branches. In these cases, we can make fedpkg better for handling this. There's no reason that people can't have a single master branch and only branch for distro releases as needed. I'm trying this workflow myself with libeconf[1], but unfortunately fedpkg doesn't handle this model well right now. I proposed a particular feature request for this[2], but there might be other ways to make this work. The current approach for package.cfg is terribly broken, though. As for the name mangling, I think this is a relatively minor issue for supporting multiple versions of software. There *are* things we could do to minimize this, but it's not a good point to focus on right now. [1]: https://src.fedoraproject.org/rpms/libeconf [2]: https://pagure.io/fedpkg/issue/352 > 2. Do we want to support buildtime-only packages? > I would rather generalize this category as "less-supported packages". > I maintain 800+ Rust packages and very often I need to update them to > an incompatible version. In Rawhide I just do it, update all dependent > packages to use new version, and if I can't do that for some reason, > create "compat" package. Obviously, all patches are sent to the > upstream. I think we should categorically disallow build-time-only/buildroot-only packages. They don't make sense in a Fedora context and make it impossible to share resources. What's worse with this model as it is currently implemented is that nobody can figure out whether there are buildroot-only packages involved, and multiple maintainers of packages basically can't happen. Re-introducing those buildroot-only packages back into the main package collection gives people an opportunity to depend on them freely and co-maintain them. Now, we can't force anyone to co-maintain packages, but as we see with the large number of orphanings that have been happening lately, if people actually want or need packages, they tend to take them on too. I think we can make it easier to support shipping these things to stable releases too. The ability to use side tags to map to Bodhi update submissions is going to be a good step forward there. > Upstreams are removing features, I need to deal with Obsoletes but I > simply can't continuously add new Obsoletes into the > fedora-obsolete-packages. And what for if they are used only during > build of other, more important, packages? Why do I have to spend time > with upgradepaths? I definitely want some mechanism which will tell to > user that "THIS PACKAGE IS NOT FULLY SUPPORTED." > Obviously, for packages which are used in runtime need a proper > support as we do today for all packages to share work (that's the > place where I agree with Kevin Kofler.) > I'm not sure I want to have a concept of "not fully supported" (do we have a concept of supported, really?). But at least for the RHEL context, it makes sense to consider it. An RPM tag for setting that data could be added. I think it probably makes sense to have an RPM tag where we could declare supportability. Something less dumb than the RPMTAG_MODULARITYLABEL tag that would be more generically useful... Short term, we could "cheat" by adding Provides, but I think a tag would be better since we can easily pass a definition to rpmbuild for a package build. Adding tags to RPM is relatively easy, but we should convince the RPM developers to do it. As for the whole Obsoletes thing, I think you could have some kind of dynamically generated package that is set up to self-destruct and include those Obsoletes. Templating a variation of the fedora-obsolete-packages package that could be updated and generate all the needed Obsoletes should be possible. Ordinarily, these Obsoletes would be part of the package it replaces, but at the Rust ecosystem scale, it makes sense to have a self-destructing package that does that centrally. How we'd specifically implement this? I don't know. > 3. Can we have different lifecycles for the software in Fedora? > Right now we have to keep all versions of software which was there at > GA point. And from the updates repo. We never remove packages > entirely. That said, if package was there at GA time, it will have to > be "supported" until the end of that Fedora release. > I don't think we can (should?) do much in this regard. If we make > packages to build from "stream" branch, we can put an information to > that branch that this package should be built for all distributions > (Fedora, EPEL) until this date. Or even store this info somewhere else > like PDC (yes, I know we want to kill it). fedpkg build will take this > into account and submit proper builds. And we can design some API in > infra which would tell until when some particular stream of a package > is supported. Much like it is done with Fedora releases & GNOME > Software. > Software shipped in *any* default enabled repositories that other packages can depend on *must* be available for the life of a Fedora release. I think we could be more flexible for software shipped in repositories not enabled by default. But today, fedora-modular is enabled by default and is now supported as a buildroot input. So that's completely toast. For EPEL, we need to have RHEL-like flexibility for supportability. Ideally, we could compose the supportability ranges for components (i.e. packages) through the RPM tag or Provides... Regardless, if we consider the existing modularity system, we can't actually set SLAs right now anyway, so this is a problem we need to solve for any solution. > 4. Do we want to have some kind of "stream expansion" where software > builds against all Pythons, Perls and whatnot? > I think this should be conscious choice of a distribution, and in > specific cases, maintainer. Using some examples from previous threads, > why does bugzilla have to be built against 2 different versions of > perl and users could choose? I think maintainer should choose one > version of perl and let bugzilla use it. Being able to build > combinations of software is definitely nice, but I don't think this > should be standard practice. openSUSE does that with ruby and python > (they build all modules automatically for all versions) and I like > this. But having all packages built against all is just combinatoric > explosion. Given how many updates have feedback in Bodhi, I'm pretty > sure 99% of combination won't be tested (or even installed?) ever. > I think we should be able to do this, but Fedora probably doesn't have near the build system resources that openSUSE has to pull it off. To give an idea of the disparity here, there's somewhere around ~100 build machines that can take on ~8-10 builds at a time for x86 builds. There's 7 POWER machines that can take on ~35 builds each for ppc64le. There's 30 s390x LPARs that can run ~5-10 builds each. There's ~30 ARM machines that can take on ~5-10 builds at a time for armv7hl/aarch64 builds. We compete favorably for POWER and match up for s390x and ARM, but we are massively outclassed on x86 builds. Even if you consider that the large chunk of noarch packages we have to build can largely be built on any architecture, packagers get penalized for it building on ARM machines (because they're awful, unfortunately, and they're *never* going to get better because the ARM ecosystem doesn't really care about performance in the same way that all the other supported architectures do). Even if we were forcibly scheduling noarch builds on x86, we'd still wipe out our resources easily with stream expansion. We already have problems with existing module builds wiping out all the available build resources by pushing hundreds of builds without any reasonable scheduling, ordering, or prioritization. We need to deal with the resourcing and scheduling issues before we can consider doing this on a broad scale. > 5. Are we still trying to be a Linux distribution or we are just > letting people to do whatever they want in our infrastructure? > This question bothers me from time to time and I don't have answer. > For example, Modularity is very flexible and I very often find people > saying that you can expand this and that, but in Fedora we limit its > usefulness. Do we actually need to develop something like this > (knowing in advance that probably nobody outside of Fedora/RHEL will > be using this software / technology)? Are we trying to create > technologies which would be very extensible and used in other > distributions instead of solving some specific problems? If former, > why don't we talk to others about things in advance and not getting > other people to work on these cool things? > The ideal situation would be that we'd develop technology that all distributions would like to use. But, of course, that requires something that the RPM distribution communities aren't used to doing: collaborating at the early stage. We did it with Rust, but that was an unusual event. It doesn't help that the two major RPM distributions are commercial rivals and the two companies aren't used to collaborating with each other on these kinds of things. Fortunately, there *are* some links among the distributions on the community side. But the modularity project started from within Red Hat, and I suspect there wasn't any talking to SUSE in the early stages of the development. There wasn't much community solicitation to Fedora in the beginning either, as we know... I hope that we can recover from this and develop a solution that all distributions would like to use. > === > > How I would imagine having multiple streams: > * rpms/nodejs has multiple branches - 10, 11, 12 > * in all of them, nodejs.spec exists as-is without "mangled" name > (just with different versions and such) > * each has package.cfg or some alternative which specifies what is the > EOL and/or for which releases to build > * when builds are submitted, Koji automatically adds suffix to a main > package and subpackages containing branch name > * during the rpmbuild, extra provides are added (for the unversioned > names and indication of a stream) and conflicts (possibly depending on > some macro which user can disable) automatically > We could do this with dynamically configured dep generators injected in to the buildroot or such along with other tweaks throughout the build process. > Notes: > * If software needs to specify that it wants 9 ≤ nodejs ≤ 11 it can > describe this in standard way (Requires: (nodejs >= 9 with nodejs <= > 11)) and one will be picked up automatically > * If user wants to switch from 9 to 10, he can run `dnf swap nodejs9 nodejs10` > * If that requires some conflicting dependency to be switched, it will > be switched automatically > * Packages produced from nodejs.src have Provides: stream(nodejs) > stream(nodejs:9) and Conflicts: stream(nodejs) so that it is > explicitly not possible to install 9 and 10 at the same time > * If desired, packages can depend on a specific stream via Requires: > stream(nodejs:10) without actually depending on nodejs (this requires > some small piece of code in libsolv) > * In the very similar way, user can lock themselves to a specific > stream by writing some conf file which DNF would read (if point above > is implemented, about just tens of lines of the code in libdnf, or > even libsolv can be teached about that as well) > * DNF can be teached about these special things so that you can > automatically swap conflicting dependencies, but lock yourself to some > streams of a package > * All standard Conflicts/Requires/Obsoletes/… will simply work > * With side tags on demand it is now much easier > * Mass rebuild scripts will be teached about stream branches and will > build packages properly > * After branching, there will be a script which untags all packages > which should not be supported in the new release > * fedpkg will be teached about stream branches and will show which > branches build where, so that maintainers can easily maintain them > * Packaging guidelines should be adopted to accept conflicting > packages and tooling should be improved to show the conflicts and how > to resolve them We already allow this, so I think we're fine. DNF needs some better representation and advice for what to do in these scenarios, but that's fixable. :) > * fedora-release will have Suggests: stream(nodejs:10) so that when > user types dnf install nodejs, for example nodejs10 would be picked up > (instead of nodejs12) I'm reluctant to stuff things into fedora-release. I think it'd work equally well if we had a fedora-modular-release to define these. I've used a variation of this technique in Mageia (mageia-repos-pkgprefs) and OpenMandriva (openmandriva-repos-pkgprefs), so I know it would work. > * Some macros can be added to generate virtual package with "default > stream", so that there will be actual nodejs package depending on > nodejs12 if that would be default in given Fedora release Makes sense to me. It also means it's easy to change things midway through (which would be necessary in RHEL land) > * Going further, I would extend Koji with fedora plugin which would > deal with the build submission instead of having this logic on clients > so that all people get same result > I'm not sure what you mean here... > === > > Now let me quote Matthew Miller with the list of requirements and > answer how we achieve them. > > 1. Users should have alternate streams of software available. > I think this is achieved with what I have said above. We will ship > nodejs9, nodejs10 at the same time. > > 2. Those alternate streams should be able to have different lifecycles. > nodejs 9 and 10 can automatically build for all distros until EOL > (which would be stored somewhere). EOL-date aware tooling (fedpkg) > would not build for excluded versions of distros and build for distros > where EOL of distro is further than EOL of component. > > 3. Packaging an individual stream for multiple outputs should be > easier than before. > As I wrote above, we will have one nodejs rpm repo with multiple > branches (aka streams) and no name mangling needed. fedpkg build will > spawn builds for all releases matching criteria (EOL date, excluded > distributions). > > === > > This is not the exact approach we have tried back in the days, but it > is very similar to that. Unfortunately I did not save any documents > from those times but Adam or Brian probably still can find them (since > they are RH internal). I'm curious what the original proposal was, but these are very solid ideas... -- 真実はいつも一つ!/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx