15:03:24 #startmeeting oVirt Infra weekly 15:03:24 Meeting started Mon Mar 11 15:03:24 2013 UTC. The chair is quaid. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:03:24 Useful Commands: #action #agreed #help #info #idea #link #topic. 15:03:27 the only question is, what timezone is the meeting following :-P 15:03:32 right 15:03:33 I always assume CET 15:03:51 oh, it actually is written down as following EST 15:04:08 but that can change to match the needs of the actual regular attendees, i think 15:04:33 #chair ewoud Rydekull dcaro eedri 15:04:33 Current chairs: Rydekull dcaro eedri ewoud quaid 15:04:34 let's do the agenda and make the meeting time a topic 15:04:40 +1 15:04:45 go ahead if you are ready 15:04:53 * quaid not organized :) 15:04:57 +1 15:05:00 * ewoud neither 15:05:15 normally at $dayjob where I have bookmarks, but a day off isn't bad either 15:05:42 from http://www.ovirt.org/Infrastructure_team_meetings#2013-03-11 15:05:47 Introductions 15:05:47 New member process 15:05:47 New documentation live? 15:05:47 Hosting 15:05:47 rackspace01 installed? 15:05:50 Puppet 15:05:52 Summarize the ML thread 15:05:55 Jenkins 15:05:57 How is migration? Ready for DNS switch? 15:06:00 Other business? 15:06:02 Trac review 15:06:16 and meeting time before Other business 15:06:26 anything else? 15:06:46 I'll take that as a no 15:06:50 #topic introductions 15:07:01 any new people? 15:07:49 guessing not 15:07:54 #topic new member process 15:07:54 Not as far as I know 15:08:07 I did not see any replies to my mail 15:08:45 no intention to be a /ignore, just a /busy :-) 15:08:55 also noticed http://www.ovirt.org/Infrastructure_team_administrators has a list of SSH keys, but that may be dangerous if anyone can edit it and people copy paste 15:09:32 ah, that's a good point 15:09:38 we could protect the page, or just be careful with history 15:10:07 Well 15:10:08 honestly 15:10:16 if people use keys without a password 15:10:22 they ought to be shot anyway, imho 15:10:28 how about we add the public keys to a puppet git repo 15:10:39 Rydekull: that's not the point 15:10:41 I think its good to have it centrally collected, but we dont have to have it on the wiki, a pointer on the wiki though 15:10:53 whichever way actually works for us, puppet makes sense since we're going to create accounts from it 15:11:06 if someone gives them access by copy-pasting the public key from that page you give that key access 15:11:34 but if some attacked changed the key on the wiki page, you've given the attacker access 15:11:36 * eedri here 15:11:45 sorry my irc client got freezed 15:12:18 I intended to start work on the puppet repo, but /busy here as well 15:12:50 I did update my foreman instance and installed ovirt on my desktop to play, but haven't gotten around to combining the 2, but that's for a later topic 15:12:57 Anyway, $topic? 15:13:30 yes, I'd like a simple list of steps we follow when we have a new infra team member 15:13:59 I agree, I wanted that when I started ;-) 15:14:10 should we do that in etherpad right now? 15:14:38 not sure if we should do it now or after the meeting 15:14:48 http://etherpad.ovirt.org/p/new-infra-member-steps 15:14:50 After, +1 15:15:00 how about we do it in parallel, we can move on topics, but if anyone wants to work that we can 15:15:11 can we quickly go through the agenda and at the end we come back 15:15:24 ok 15:15:37 #topic hosting 15:15:43 quaid: is rackspace01 installed? 15:15:59 * quaid hangs his head in shame 15:16:05 nope /busy here too 15:16:20 but I do foresee a nice block of time today ! 15:16:54 I'm honestly not sure if I can just hand off the task to someone else, I haven't determined how the access works yet 15:17:18 well, you're the only one who can determine that :-P 15:17:33 #action quaid to figure out the mystery of RackSpace today to make progress on the install 15:17:37 true that 15:17:44 I have some time today since in March and April I'm taking the mondays off 15:18:09 * ewoud built up some spare vacation days he has to use before July 15:18:28 quaid: so please ping me if you need help 15:19:00 I think there's nothing else to discuss on hosting, we just need to do the work now 15:19:08 yes 15:20:04 #topic puppet 15:20:59 as I said before, updated foreman.ekohl.nl and now in the process of adding a few clients so we can set up our puppet git repo 15:21:25 if you want an account there, poke me in a query 15:22:12 anything else? 15:22:22 I vote for using programmatic puppet modules (no data inside) and using foreman as a data source, using parameters or even as hiera backend 15:22:34 dcaro: +1 15:22:35 dcaro: +1 15:22:57 not sure how easy we can achieve this in the start, but it should certainly be a goal 15:23:41 the first thing I'd like to puppetize is the user accounts btw 15:23:58 least invasive for running services and we need it everywhere 15:24:12 #agreed to us programmatic puppet modules (no data inside) and use foreman as a data source 15:24:20 ok, I can help there too 15:24:20 +1 15:24:25 me too 15:24:25 +1 15:24:53 ok, next topic? 15:25:04 #topic jenkins 15:25:15 the DNS is over 15:25:33 is the VM also off? 15:25:41 old amazon master that is 15:26:04 i sent request to itamar 15:26:09 to shut it 15:26:35 yay 15:26:44 very good :) 15:26:55 hopefully we'll shut them all! (after we have ovirt running :) 15:27:20 I'm not aware of anything else we need to discuss 15:27:31 functional tests? 15:27:42 i saw a thread on it, not sure its for infra though 15:27:46 that needed disk space? 15:28:00 no, adding new tests to jenkins using igord service 15:28:03 oh right, that one 15:28:03 similar to ovirt-node 15:28:55 http://lists.ovirt.org/pipermail/infra/2013-March/002292.html 15:29:03 and yea, the f18 slave needs addtional space 15:29:05 either that, or we can force ovirt-node to run only on one f18 slave (the one with the 100gb disk) 15:30:14 my preference would be to add additional space, but I have no idea if that's possible 15:31:00 and how well does igord work together with ovirt? 15:31:51 we want ovirt on rackspace01 and use nested virt there, can we have a jenkins slave in there that launches the VMs which in turn test vdsm with creating VMs or is it something that has to happen on the host? 15:31:52 maybe we can add a flag for slaves with extra space and use that, so if anytime we have hosts that o not have that space the job will not run there and will not fail 15:32:54 +1 for a flag if that's easy 15:33:00 it sounds like it can happen fast 15:33:36 ewoud, not sure you need the nested vm as jenkins slave 15:33:45 ewoud, the engine will be jenkins slave and it will use the nested as host 15:34:27 ewoud, the is no logic that a host will be jenkins slave... since the test runs on the engine side (rest/cli/sdk commands) 15:35:57 but it talks to libvirt and vdsm wants to be the sole owner of libvirt 15:37:36 eedri: shall we revive the mail thread and discuss it there? 15:38:17 ewoud, ok, it doesn't contrtics it 15:38:30 ewoud, we should ensure that a host is used only by one host 15:38:47 ewoud, i have lots of experience with it running tests on rhevm 15:38:54 eedri: ok 15:39:13 #action ewoud eedri reply to the vdsm functional tests thread 15:40:02 eedri: dcaro other jenkins issues we should be aware of? 15:40:55 ewoud, not that i can think of at the moment 15:41:00 ewoud, i think new server works faster 15:41:04 ewoud, for sure 15:41:07 ewoud: It was a little hacky to set up the python nose libraries to work.... 15:41:17 eedri: good that it's faster :) 15:41:30 dcaro: yes, I don't like that 15:41:59 ewoud, we should direct that to the vdsm maintaiers then 15:42:10 ewoud, since it was thier unit tests failing due to that 15:42:28 eedri: could you? 15:42:40 ewoud, i did, didn't got a real answer or solution 15:42:46 ewoud, they proposed the link to new nose 15:42:58 ewoud, so we could either make the change or not run the tests... 15:43:35 eedri: I do think you did the right thing, but now it's up to vdsm devs to do the right thing and detect the newer nose if possible 15:45:35 we'll revisit it later I suppose 15:46:10 sure 15:46:18 #topic meeting time 15:46:40 as said earlier, there was some confusion about DST 15:46:58 what's the preference here? 15:47:15 I think quaid is the only one here actually in the US 15:48:29 Well, to me, personally. This time have a tendence to conflict with my schedule in general 15:48:33 i'm fine either way,. 15:48:41 but as for the confusing about timezones, just say which timezone the meeting follows 15:48:59 Rydekull: any other time that would generally be better? 15:49:14 it does say EST, but I'm OK with changing to what works for others, i don't have a conflict 15:50:43 since it's only for 2 or 3 meetings I don't have a strong preference either 15:52:18 anyone some ideas about partitioning Linux ? I'm reviewing my way of doing that 15:52:33 maybe it's odd that we ask during the meeting if the time is OK since people who aren't here may not be able to make 15:52:45 ewoud: +1 15:53:07 Well, I guess it depends on how we view peoples time. Should we have it during "office hours" in europe/america 15:53:11 but since I see no preferences here let's keep it on EST for now and I'll send a mail about the meeting time since Rydekull said this wasn't optimal 15:53:17 or do we want to have it outside of "office hours"? 15:53:34 #action ewoud start a thread on the ML about the meeting time 15:53:38 heh, this is pretty outside of office hours for me in America :) 15:53:46 well, the 7 am time is anyway 15:54:02 #agreed keep meeting time at EST for now 15:54:40 quaid: come to europe then, we have beer and cookies :) 15:55:11 one is tempted 15:55:27 if we can get a house swap for the summer to spend it in Venice ... :) 15:56:05 I've been to venice once; great city but not sure if I want to live there 15:56:11 but that's slightly offtopic I suppose :) 15:56:26 as a reminder: http://etherpad.ovirt.org/p/new-infra-member-steps 15:56:41 #topic other business 15:56:59 So, now the ssh-keys fit in here 15:57:05 Who fixes that? 15:57:27 I'm going to prepare something with puppet, which is hopefully a better solution 15:57:49 #action ewoud sort out the ssh-keys location instead of the wiki 15:58:01 Leave pointer at wiki though 15:58:10 ofc 15:58:32 I sort of took over the meeting from quaid and I'm interested how you have experienced it so far 15:58:55 I enjoy it :) 15:58:56 I know I try to rush through it a bit, but seeing as we still spend an hour I think it's needed 15:59:27 I think the pace is fine, it's good to respect the timing needs of everyone 15:59:31 quaid: don't try to spare my feelings ;) 15:59:41 I think it goes way to slow... 15:59:46 to be honest :-) 15:59:49 heh, see! 16:00:03 Im mostly sitting here pacing 16:00:31 I get that 16:00:51 what's the problem with public keys being public? 16:00:59 problem is that maybe not everyone is dedicated to this meeing and has to multitask $dayjob 16:01:09 eedri: them getting easily exchanged to someone elses 16:01:20 eedri: short summary from earlier: the wiki is not a secure place since everyone can alter them now 16:01:23 eedri: its not a problem if the page is watched 16:01:23 Rydekull, so? as long as they don't have private key.. what's the hard? 16:01:39 can't we make one wiki page not editable but for the infra team? 16:01:47 s /hard/harm 16:02:07 eedri: Switch my public key to Mr. X, ewoud later finds the need to add my key, adds Mr. X, key, Mr. X gets access 16:02:24 exactly 16:02:35 Rydekull, how mr x can access if he doesn have the private ket? 16:02:44 eedri: he can access the wiki 16:02:52 but can can't access the vms 16:03:01 eedri: Like I said, switch my public key to his, he can do that on the wiki 16:03:06 ok, got it 16:03:08 eedri: as soon as that's switched, he just have to wait 16:03:47 it needs one of the infra memeber to change it 16:03:47 my preference would be to have it in puppet and let puppet install the keys; that way we can use gerrit for reviews and iterate from there 16:03:50 Im all for having the public keys easily accesible, I agree that its bad when its publicly switchable 16:03:54 in order to enter 16:04:11 but as dcaro said, protecting the page may be the quick fix 16:04:32 ewoud: well, if that's your worry, you can just aswell watch the history page like quaid said 16:05:09 I guess the up-side to the repo is that its checked in with a key aswell 16:05:11 Rydekull: I am now :) 16:05:24 wiki was just a temporary idea to make it easier to add users until puppet 16:05:44 ok 16:06:06 I see we don't have time for trac ticket review 16:07:13 shall we finish the meeting now? 16:07:20 5Yes please 16:07:23 * Rydekull is pacing :-P 16:07:28 going once 16:07:36 going twice 16:07:41 * Rydekull disappears 16:07:45 #endmeeting