July 07, 2020

CentOS Community newsletter, July 2020 (#2007)

July 07, 2020 04:42 AM

Dear CentOS enthusiasts,

Thanks for coming back for another edition of the CentOS community newsletter.

News

8.2.2004 release

We are pleased to announce the general availability of CentOS Linux 8.2.2004. Effectively immediately, this is the current release for CentOS Linux 8 and is tagged as 2004, derived from Red Hat Enterprise Linux 8.2 Source Code.

As always, read through the Release Notes at : http://wiki.centos.org/Manuals/ReleaseNotes/CentOS8.2004  - these notes contain important information about the release and details about some of the content inside the release from the CentOS QA team. These notes are updated constantly to include issues and incorporate feedback from the users.

More information at https://lists.centos.org/pipermail/centos-announce/2020-June/035756.html

You can track the status of upcoming 7.x and 8.x releases at  https://wiki.centos.org/About/Building_7 and https://wiki.centos.org/About/Building_8 respectively

centos.org refresh

With a great deal of help from community members Fabian Arrotin and Alain Reguera Delgado, we are proud to announce our new centos.org website, which you can see today at https://centos.org/   The new site is built using Jekyll - https://jekyllrb.com/ - which makes it easier to contribute to, and easier to build and deploy.

If you want to contribute patches or changes to the website, that is now done via https://git.centos.org/centos/centos.org  The new workflow makes it easy to test your changes locally, and send pull requests which can be approved and rolled out automatically to the live site.

Additionally, of course the site design has been refreshed and redesigned, updating the site that was last refreshed in 2013. So a huge thank you in particular to Alain for that work.

Board meeting minutes

The minutes of the June CentOS Board of Directors meeting may be found on the CentOS Blog at https://blog.centos.org/2020/06/minutes-for-centos-board-of-directors-for-2020-06-10/

Highlights include:

Board Liaison role has passed from Karsten Wade to Brian “bex” Exelbierd, due to his strategic placement in Red Hat’s RHEL business unit. Please welcome bex to the board.

The Community Architect (currently Rich Bowen) has been added as a permanent invite to board meetings. This is to give you, the community, another way to have your voice heard.

The Secretary role has passed from Karsten Wade to Thomas Oulevey as part of the regular rotation of that position.

The July board meeting will be held on July 8th. (it’s always on the second Wednesday of the month.) If you have issues that you need to raise to the board, you are encouraged to open a ticket at https://git.centos.org/centos/board/issues

CPE Updates

CPE (Community Platform Engineering) is the group in Red Hat which provides infrastructure support to the CentOS and Fedora projects. Their weekly updates, posted both to the centos-devel mailing list and to the CentOS blog, provide insight into what they’re working on, and what’s coming next.

To learn more about what CPE is doing, come to the CPE office hours, every other Tuesday at 15:00 UTC on the #centos-meeting IRC channel, on Freenode.

Events

Please plan to join us September 24th and 25th for DevConf.US, an event for open source developers. The call for presentations is still open for one more day!

Updates

Errata and Enhancements Advisories

We issued the following CEEA (CentOS Errata and Enhancements Advisories) during June:

Errata and Security Advisories

We issued the following CESA (CentOS Errata and Security Advisories) during June:

Errata and Bugfix Advisories

We issued the following CEBA (CentOS Errata and Bugfix Advisories) during June:

Other releases

The following releases also happened during June:

CentOS Stream

We've done a lot of work over the past few weeks to keep up to date with Red Hat Enterprise Linux Development. Currently Red Hat is in the middle of the development cycle for the upcoming RHEL 8.3, and you should be seeing some content from 8.3 reflected in CentOS Stream. Expect to see more content coming through as we add more modules. There is an updated installer and refreshed install media on the mirrors for you to try right now!

RealTime in CentOS Stream

One major addition to CentOS Stream is the RealTime (RT) repository. This is a set of packages that is developed alongside Red Hat Enterprise Linux, focused on latency-sensitive workloads. Because these packages are developed so closely with a given RHEL release, it makes perfect sense to include these packages in and gather feedback from CentOS Stream. The packages in the RealTime repository represent what's coming in the Red Hat Enterprise Linux for Real Time addon for RHEL 8.3.

You can see the documentation for Red Hat Enterprise Linux for Real Time here:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/8/html/installation_guide/index

To enable this repository on your system, make sure you have a fresh install of CentOS Stream or `dnf update` to be sure you have the latest `centos-release-stream package` and enable the `Stream-RT` repository

Yum repo files are located in: `/etc/yum.repos.d/CentOS-Stream-RT.repo`

As always, bugs can be reported against the CentOS Stream version in bugzilla: https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20Enterprise%20Linux%208&version=CentOS%20Stream

SIG Reports

Software Collections SIG Report

 Membership update

We are always looking for new members. However, no changes in membership happened in the last six months.

Process changes and releases

  1. The SIG started to reap benefits of the new, streamlined process of releasing packages from the CentOS build system. As a consequence, packages successfully build in CBS should be now coming to you with less bureaucracy.

    However, this move required changes in the release CI. Although most of the associated issues are now resolved, there are still some kinks to iron out as we go along.

  1. The Red Hat Software Collections 3.5 were sucessfully rebuilt and should be presently available in the testing (buildlogs) repository. Due to the changes mentioned in the previous point, not all of the collections reached the release repositories (mirrors) yet, but they should be appearing gradually in a few weeks.

 New collections included in this release are:

    -   Perl 5.30 (rh-perl530)
    -   Python 3.8 (rh-python38)
    -   Ruby 2.7 (rh-ruby27)

    Several other existing collections also received updates.

    For details, please see the official release notes.

  1. The https://www.softwarecollections.org/ website was migrated to run in OpenShift environment. The benefits should include increased availability and stability. As the backend changes necessary were not insignificant, there may be unforeseen new issues still present despite the testing done beforehand. Please do not hesitate to report them to the sclorg mailing list.

Health and activity

The SIG remains active and tries to respond to any issues raised while keeping the official Red Hat collections available and up-to-date on CentOS.

However, most of the actual work is done by a single person (jstanek). More active members would be more than welcome, at least in order to increase the bus factor above 1 🙂

 

[Video] KDE on CentOS 8

July 07, 2020 02:32 AM

Enabling and configuring KDE on CentOS 8 (A presentation from Red Hat Summit)

June 30, 2020

[Video] CentOS Buildsystems and infrastructure

June 30, 2020 08:32 AM

(A presentation from Red Hat Summit)

There's a lot of work behind the scenes to support the CentOS community. In this presentation, we'll learn a little about CentOS community buildsystems and infrastructure.

June 29, 2020

CPE Weekly: 2020-06-28

June 29, 2020 08:38 PM

Background:
The Community Platform Engineering group is the Red Hat team combining
IT and release engineering from Fedora and CentOS. Our goal is to keep
core servers and services running and maintained, build releases, and
other strategic tasks that need more dedicated time than volunteers
can give.

See our wiki page here for more
information: https://docs.fedoraproject.org/en-US/cpe/

## General Project Updates

The CPE team have finished our Quarterly Planning for Q3, July -
September, and will begin work on the following projects starting from
Monday 5th July:
* Data Centre Move - Final Works
* CentOS Stream Phase 3
* Noggin Phase 3
* Packager Workflow Healthcare
* Fedora Messaging Schemas

Details of the above projects, and of projects currently in progress,
done and what projects are in our backlog, can be found on our taiga
board per project card:
https://tree.taiga.io/project/amoloney1-cpe-team-projects/kanban?epic=null

We also have an updated initiative timetable for briefing in new
projects to our team & key dates
here: https://docs.fedoraproject.org/en-US/cpe/time_tables/
*Note: Initiatives are large pieces of work that require a team of
people and weeks/months to complete. Please continue to open tickets
in the normal way for bugs, issues, etc.

CPE Product Owner Office Hours

#fedora-meeting-1

* Weekly on Thursdays @ 1300 UTC on #fedora-meeting-1
* Meeting log from 2020-06-25:
https://meetbot.fedoraproject.org/teams/cpe_project_owner_office_hours/cpe_project_owner_office_hours.2020-06-25-13.01.log.html
* Next Meeting: 2020-07-02

#centos-meeting

* Every second Tuesday @ 1500 UTC on #centos-meeting
* Meeting log from 2020-06-23:
https://www.centos.org/minutes/2020/June/centos-meeting.2020-06-23-15.00.log.html
* Next Meeting: 2020-07-07

Fedora Updates

Data Centre Move

* We are now officially operating under reduced Fedora services until
est 28th July to facilitate the final shipment of hardware to the new
data centre.
* Please View project card on taiga for builder - staging - remaining
app bringup dates here
https://tree.taiga.io/project/amoloney1-cpe-team-projects/us/42?kanban-status=2139945
* A list of affected services is available here
https://hackmd.io/hpYYJQRjQy-oHxUS7IonIA?view
* Details on what this move may mean for you can be found here
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/thread/27U6YT73556KYW2RIFJO6J2HYMYVP22U/
* If an application is not working correctly at all, please check this
list https://hackmd.io/hpYYJQRjQy-oHxUS7IonIA?view before opening a
ticket to make sure its not listed as being moved. If it is being
moved, please wait a day or two, then try again.
* Similarly, please be patient when opening tickets for service issues
in general as we have now reached the critical point in this move and
all of our sys-admins and wider teams will be assisting in the
successful bringup of the reduced Fedora service and facilitation of
the final hardware shipment and move.
* Most recent update to devel-announce is here
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/thread/5DNRZ4OUUNGSUJONQLEXXP3CKME43SCE/

AAA Replacement

* The team are finishing some work on applications including
* Codebase changes to applications
* Application maintainers can use the API to look up group and
account information
* And addressing how to add a spam blocking feature
* Please feel free to check out the team kanban board for more
information on the features the team are working on and have already
completed here https://github.com/orgs/fedora-infra/projects/6

Mbbox

* Project Dashboard here https://github.com/fedora-infra/mbbox/projects/1
* Tasks completed in the project currently
* MBBox handover to CentOS Stream
* Mbbox has been deployed to the staging environment
* Cleaning old code from the project was done
* Deployment guide - https://mbbox-operator.readthedocs.io/en/latest/
* Blog post published - check it out here
https://communityblog.fedoraproject.org/mbbox-module-building-in-a-box/

* Tasks expected to be complete by 3rd July
* MBox shared CRD - tests and polishing

Gitforge

We are still discussing technical aspects of the project and these are
tracked here:
https://gitlab.com/gitlab-org/gitlab/-/issues/217350
And are working on a date in August/September for an AMA session with
GitLab that will be run through IRC for any questions the Fedora and
CentOS communities may have to ask direct.
We will keep you up to date with the developments as and when we have
information to share and thank you for your patience.

CentOS Updates

 

CentOS

* CentOS Linux 8.2.2004 has been released
https://lists.centos.org/pipermail/centos-announce/2020-June/035756.html
* CentOS 7.x AMI images to land soon
* Infra Nodes are also moving
* The CentOS CPE team members are also working on a new website design
with the community, so this should be pushed soon too.

Centos Other

* Fedora CI and Noobaa tenants have been onboarded to CentOS CI infra
* The team are also looking at automation work within CI

CentOS Stream

* RealTime for Stream is built!
* The team have also finished laying out repos and are doing final
tests with the installer
* This will be pushed to the mirrors very soon so keep an eye out!

As always, feedback is welcome, and we will continue to look at ways
to improve the delivery and readability of this weekly report.

Have a great week ahead!

Aoife

Source: https://hackmd.io/8iV7PilARSG68Tqv8CzKOQ?view

 

June 23, 2020

[Video] CentOS PaaS (Platform as a Service) SIG

June 23, 2020 08:29 AM

(A presentation from Red Hat Summit)

The CentOS PaaS SIG builds, tests, and delivers CentOS packages for platform as a service software. In this talk, we learn specifically about the work on OKD (OpenShift Origin Kubernetes Distribution).

June 22, 2020

Minutes for CentOS Board of Directors for 2020-06-10

June 22, 2020 11:57 PM

On 2020-06-10 the CentOS Board of Directors met with Chris Wright and Deb Bryant to settle open discussions on the future of the Red Hat Liaison role on the CentOS Board. The Board also welcomed Rich Bowen as an ex-officio member, Thomas Oulevey as the new Board Secretary, and approved Brian Exelbierd as a new member Director and Red Hat Liaison. Additional topics included clarifying that voting does not occur in the new issue tracker, and asking Rich Bowen to lead an open vision and strategy process to refresh the project’s goals.

In support of these efforts, the Board came to the following decisions, resolutions, and agreements:

  1. Shall the CentOS Community Architect (Rich Bowen) be permanently added as an ex-officio attendee to all future CentOS Board meetings as a non-voting voice for the wider community?
    1. AGREED Yes, this should be a permanent seat in all Board discussions, public and private.
    2. ACTION Karsten and Rich need to coordinate and make changes to add to governance.
  2. Shall Brian Exelbierd be appointed to the CentOS Board as a member Director based on his experience and understanding of the CentOS Project and its many relationships, on his working years as a community architect, and on his performance over the years in the broader CentOS and Fedora Linux communities?
    1. AGREED Yes, Brian Exelbierd (bex) is hereby welcomed to the Board as a full voting Director.
    2. ACTION Rich to change the website to reflect this addition.
  3. Does the Board accept Red Hat’s change of the Red Hat Liaison role from Karsten Wade to Brian Exelbierd, who can fulfill this role directly out of his work at Red Hat?
    1. AGREED Yes, effective immediately.
    2. ACTION Rich Bowen to change the website to reflect this change.
  4. Does the Board accept Red Hat’s request to change the Red Hat Liaison role to be always representing Red Hat on the Board? I.e., remove the “hat on/hat off” aspect of the Liaison role.
    1. AGREED Yes, the Board welcomes this clarification that helps the Liaison be an effective two-way voice between Red Hat and the CentOS Project.
    2. ACTION Karsten and Rich need to coordinate and make changes to add to governance.
  5. Shall the role of Board Secretary transfer from Karsten Wade to Thomas Oulevey, to last for a period no shorter than six months and no longer than eighteen months?
    1. AGREED Yes, Thomas shall take over the Secretary role beginning 01 July, transition to begin immediately.
    2. ACTION Thomas and Karsten need to finalize the Secretary duties and details to be rolled into governance; Karsten needs to update the governance to reflect the changes; Rich to update the website to reflect this change.
  6. Should the new issue tracker be used for conducting voting, or only for announcing the results of discussions occurring elsewhere?
    1. AGREED No, the issue tracker should not be used for discussions or debate, public or private, on the item in the issue. Discussions should happen in the appropriate forum, with relevant links, notes, and decisions reflected into the individual ticket.
    2. ACTION Voting portion of governance should include this clarification, if it’s unclear. Karsten and Rich to review and propose changes to governance, if needed.
  7. Does the Board request Rich Bowen to take lead on an update to the project’s vision and strategy, to bring all the stakeholders to the discussion in working with the planned co-authors?
    1. AGREED Yes, the Board thinks this is a better approach in having Rich work from his position in the middle of the many voices and stakeholders.
    2. ACTION Rich to announce this effort and next steps.
  8. No Community Architect report nor triage of the issue tracker occurred in this meeting due to time constraints.

Present at the meeting:

  • Jim Perrin
  • Johnny Hughes
  • Pat Riehecky
  • Thomas Oulevey
  • Tru Hyunh
  • Ralph Angenendt
  • Karanbir Singh (Chair)
  • Chris Wright (Guest)
  • Deb Bryant (Guest)
  • Mike McLean
  • Rich Bowen
  • Karsten Wade (Secretary)

June 21, 2020

CPE Weekly: 2020-06-21

June 21, 2020 08:22 PM

CPE Weekly: 2020-06-21

Background:
The Community Platform Engineering group is the Red Hat team combining
IT and release engineering from Fedora and CentOS. Our goal is to keep
core servers and services running and maintained, build releases, and
other strategic tasks that need more dedicated time than volunteers
can give.

See our wiki page here for more
information: https://docs.fedoraproject.org/en-US/cpe/

General Project Update

Please check out our updated initiative timetable for briefing in new
projects to our team
here: https://docs.fedoraproject.org/en-US/cpe/time_tables/
*Note: Initiatives are large pieces of work that require a team of
people and weeks/months to complete. Please continue to open tickets
in the normal way for bugs, issues, etc.

Dont forget to view our taiga board to see the projects we are
currently working on, what we have scoped and whats in our backlog
https://tree.taiga.io/project/amoloney1-cpe-team-projects/kanban?epic=null

CPE Product Owner Office Hours
* Weekly on Thursdays @ 1300 UTC on #fedora-meeting-1
* Every second Tuesday @ 1500 UTC on #centos-meeting (next meeting 23rd June)

Fedora Updates

Data Centre Move

* We are now officially operating under reduced Fedora services until
est 28th July to facilitate the final shipment of hardware to the new
data centre.
* Most recent update to devel-announce is here
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/thread/5DNRZ4OUUNGSUJONQLEXXP3CKME43SCE/
* A list of affected services is available here
https://hackmd.io/hpYYJQRjQy-oHxUS7IonIA?view
* Details on what this move may mean for you can be found here
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/thread/27U6YT73556KYW2RIFJO6J2HYMYVP22U/
* If an application is not working correctly at all, please check this
list https://hackmd.io/hpYYJQRjQy-oHxUS7IonIA?view before opening a
ticket to make sure its not listed as being moved. If it is being
moved, please wait a day or two, then try again.
* Similarly, please be patient when opening tickets for service issues
in general as we have now reached the critical point in this move and
all of our sys-admins and wider teams will be assisting in the
successful bringup of the reduced Fedora service and facilitation of
the final hardware shipment and move.

AAA Replacement

* The team are working on the changing application code bases to use
the new solution
* The work required to facilitate multiple contributor agreements
under one account is now complete
* The team have also enabled group attributes during this sprint
* Please feel free to check out the team kanban board for more
information on the features the team are working on and have already
completed here https://github.com/orgs/fedora-infra/projects/6

Mbbox

* Project Dashboard here https://github.com/fedora-infra/mbbox/projects/1
* Tasks completed in the project currently
* MBS Frontend CRD + documentation
* Staging environment - thanks to CentOS CI team
* MBox shared CRD - certificates and PVCs

* Tasks underway currently
* Staging environment - testing
* MBox shared CRD - tests and polishing

Gitforge

With the data centre move taking most of the teams focus this week,
discussions with gitlab have been quiet. We are still discussing
technical aspects of the project and these are tracked here:
https://gitlab.com/gitlab-org/gitlab/-/issues/217350
We will keep you up to date with the developments as and when we have
information to share and thank you for your patience.

CentOS Updates

 

CentOS

* CentOS Linux 8.2.2004 Released!!!
https://lists.centos.org/pipermail/centos-announce/2020-June/035756.html

Centos Other

* OCP4 staging cluster is up and running
* CentOS will have a booth at Open Source Summit starting June 29th -
https://events.linuxfoundation.org/open-source-summit-north-america/

### CentOS Stream
* The team are still working on building packages from the RHEL 8.3
nightly composes

As always, feedback is welcome, and we will continue to look at ways
to improve the delivery and readability of this weekly report.

Have a great week ahead!

Aoife

Source: https://hackmd.io/8iV7PilARSG68Tqv8CzKOQ?view

 

June 16, 2020

[Video] Neal Gompa Adapting To Appstreams

June 16, 2020 08:26 AM

Adapting to AppStreams: Delivering the Datto Linux Agent for RHEL 8, with Neal Gompa

(A presentation from Red Hat Summit)

CPE IRC Office Hours, June 9th

June 16, 2020 02:43 AM

Last week we had our first CPE/CentOS IRC office hours. This will become a regular thing, every second Thesday at 15:00 UTC. It's an opportunity to ask anything to the CPE - Community Platform Engineering - team about their work with the CentOS (and Fedora!) infrastructure, from the status of ongoing work, to requesting new work.

This meeting ended up mostly being me - Rich Bowen - asking Aoife Moloney questions that I've been hearing from the community over the past months, and so came across as a bit of a one-on-one interview. So I figured I'd just post it as such, for those who missed it.

We hope to see you on Tuesday, June 23, for the next edition of this meeting.

 <amoloney> #startmeeting

 <amoloney> #meetingname CPE PO Office Hours
 <centbot> The meeting name has been set to 'cpe_po_office_hours'
 <amoloney> #info About the CPE team: https://docs.fedoraproject.org/en-US/cpe/
 <amoloney> #topic Open floor and Introductions
 <amoloney> Hi Everyone!
 <amoloney> For those of you who dont know me, my name is Aoife Moloney and I am the Product Owner on the Community Platform Engineering Team
 <rbowen> Hi, amoloney. Thanks for hosting.
 <amoloney> I included a link to the fedora wiki site as I had it in my notes handy to share :)
 <amoloney> And hi Rich! You're welcome! Im happy to be here in the CentOS channel
 <rbowen> Questions, anybody?
 <rbowen> Don't be shy.
 <amoloney> I have not set an agenda or specific topic today so if there are people on this meeting who have them, please feel free to ask
 <amoloney> Even if its how to phonetically pronounce my first name  - there are a lot of vowels in there :)
 <rbowen> I think there is still some confusion about how you - CPE - work in conjunction with the CentOS infra group. Is there some way we can improve that situation?
 <amoloney> I can offer my understanding of how CPE includes CentOS infra if that gives any clarity? The CPE team as a whole is comprised of both Fedora and CentOS sys-admins, developers and release engineers. Both communities rely on our team to maitain and support both infrastructures. We also have projects that our team works on that are outside of the sustainment of the infrastructures and often the communities of the infras
 <amoloney> we support are unaware that the engineers that are doing this work in the infra are actually working across other projects too
 <amoloney> We have been working hard over the last few months to try to lessen these situations, or better yet to mitigate these situations altogether, but it has proven challenging at times!
 <amoloney> What we have done is try to diffretiate between our work request types to two categories: Large initiatives or projects that take a team and time to complete, and responsive, 'lights-on' work
 <amoloney> * What we have done is try to differentiate between our work request types to two categories: Large initiatives or projects that take a team and time to complete, and responsive, 'lights-on' work
 <rbowen> Is this tracked publicly somewhere that the community can inspect and comment on what you're prioritizing?
 <amoloney> This 'lights-on' work probably speaks to the relationship between CentOS infra and CPE as this, to me, would be support and maintenance of the distros infra
 <rbowen> I mean, other than your weekly emails to the centos-devel list, that is.
 <amoloney> Sure!  Not sure I have a CentOS infra tracker as I am not familiar with this side of the house (which is in part why Im here, to talk to the community first hand) :)
 <amoloney> but the initiatives can be found here https://tree.taiga.io/project/amoloney1-cpe-team-projects/kanban?epic=null
 <amoloney> This board and the cards are intended to be view only for drive-by viewing
 <rbowen> Oh, right, and I see that you linked to that in your weekly report email, too.
 <amoloney> This reflects what the CPE team are currently working on per quarter, what we are scoped and/or scoping, and the initiatives that are in our backlog
 <amoloney> Yep I've started to include it in there too
 <rbowen> Latest report is here: https://blog.centos.org/2020/06/cpe-weekly-2020-06-07/
 <amoloney> How are people finding those emails? Do you find them informative? Too long?
 <rbowen> I'm concerned by the fact that there has never been a response to one of those emails. I'm curious who is reading them. I read them every week, but it's kind of my job.
 <amoloney> Im glad to hear someone reads them :)
 <amoloney> No I am more than happy to provide the emails weekly, and I am assuming the format is suitable for people
 <amoloney> however, as I have learned today, 'assuming' makes an ass out of U and ME :)
 <amoloney> Hope Im ok to say that on this channel haha :)
 <amoloney> So please, if there are tips/stricks/suggestions you would like to make in relation to my weekly emails and/or how CPE can engage with CentOS Community & vice versa, please tell me
 <rbowen> Ok, so asking that question the other direction - if community members feel that your priorities should be different - that you should be working on something else - where do we make that request? How do we talk to you?
 <rbowen> I'm kind of asking a question I already know the answer to, but not everyone in the community can pick up the phone and call you or Leigh.
 <rbowen> What's the *public* API?
 <amoloney> You can drop me an email, that is the best way to contact me: amoloney@redhat.com
 <amoloney> Im happy to discuss priorities here in this meeting slot too on a weekly/bi/weekly basis if people want?
 <Evolution> there was a theory that once jira was migrated, some of this would be more open as well, yes?
 <amoloney> I have also started to send emails to the CentOS stakeholders, Rich as Community Architect and Karsten Wade as Board Secretary, leting them know whats coming down the line with CPE in the next quarter
 <Evolution> aside - I miss jira. ADO is...less ideal
 <amoloney> Oh hey Jim!
 <Evolution> Y HALLO THERE
 <amoloney> Yes and I hope it will be more than a theory :)
 <amoloney> With the launch of Red Hat One, the open  version of Jira, I would like to move all CPE initiatives from the taiga instance to a  centralized board there
 <Evolution> wait, Red Hat One?
 <Evolution> that's what they're calling it
 <amoloney> It would be an ideal scenario then that initiatives that CentOS & Fedora want worked on that require a team of people and a lot of time to complete will land on that board for me to pick up and scope with the requestor
 <Evolution> sounds like the name of Paul Cormier's plane.
 <amoloney> Yeah thats what Ive heard it being called but it could be different when released
 <amoloney> 'Launching  RED HAT ONE in T minus..' comes to mind ha
 <amoloney> but Im not really concerned what its called once it helps (selfishly) me interact with the community more directly when prioritizing initiatives, and equally gives visibility on WHY a project is either picked up and proiritized or rejected
 <amoloney> that information is important to share and Im very conscious of that
 <amoloney> Would a public instance of Jira work for the CentOS community to engage with me through?
 <rbowen> Yes, I think it would.
 <amoloney> I have added myself as a watcher to the boards issue tracker too to learn more about the types of requests you see
 <rbowen> It has already helped as a way to engage better with the board.
 <amoloney> oh thats good!
 <rbowen> But that's the difference between executive and operations, I suppose. The requests are going to be different, although many will inevitably be sent to the wrong place.
 <amoloney> In an ideal, and hopefully not too distant future, it would be wonderful to see both CentOS & Fedora project requests that are put forward by the Board and Council/FESCo land on the jira instance for me to pick up, and for operational requests like bug fixes, RAFs to land on a centralized Sustaining Team dashboard. We have some of our team working in this way, but it is currently more tilted to the Fedora side, but
 <amoloney> the end goal is to have CentOS infra requests operate in this way too and keep consistency throughout the team and to the communities we serve
 <rbowen> I think that many of the requests would come from our SIGs, rather than from the board, since they are the primary folks relying on this infrastructure.
 <amoloney> Not RAFS, RFE's :)
 <rbowen> Unfamilar with those TLAs.
 <amoloney> So was I haha - it means, and I did have to ask, its stands for Requested Feature Enhancements
 <amoloney> this is work thats minor to existing applications or services CPE maintain
 <amoloney> they could take a day or three, but would typically not need to have a team put around them
 <rbowen> Oh, this is the project/task distinction that you were making earlier. Got it.
 <amoloney> actually I have a Community Engagement Email drafted that I am waiting to add a graphic design of our initiative workflow to before sending, but Im wondering would this be better as a blog in the CentOS community?
 <rbowen> You're always welcome to post stuff to the blog, then we can promote it to all the various places our community lives.
 <amoloney> Thanks Rich, do you think it would also be equally beneficial to have our teams and the projects they work on listed on the wiki too?
 <rbowen> Having more ways that community members can participate in the work - whether that's packaging, infra, or whatever - would be great. Historically we haven't done much of that.
 <rbowen> That could be helpful, sure, so that people know who they can contact about what.
 <rbowen> Although I wouldn't want to circumvent your management process either.
 <amoloney> Im not sure people realize how much is asked of this team, from both communities, so having the work we do and the people who do that work on the wiki might help peoples awareness and might even offer opportunities to help us too when things get busy around release times
 <amoloney> and data centre moves!
 <rbowen> So, speaking of data center moves, I've heard some grumbling that the people who are most responsible for getting 8.2 out the door have been pulled onto other projects.
 <rbowen> Having a clearer understanding of how all of this interrelates is always going to help allay those kinds of concerns.
 <amoloney> So as the product owner of the entire team and all its projects, both CentOS and Fedora related, I can definitely help answer concerns on this
 <rbowen> (I suppose I should have brought that up earlier. We're almost out of time!)
 <amoloney> Fedoras hardware is moving currently across the USA. Its a well publicised  event and has been in my weekly emails for months (yet another reason to read them if you dont 🙂)
 <amoloney> I'll type fast so people know
 <amoloney> We have x2 sys-admins in Fedora and I think CentOS can emapthize here that that is not enough
 <amoloney> so, the bulk of this project has fallen on two sets of shoulders
 <amoloney> to move an entire distros stuff
 <amoloney> but we are fortunate to be in a collaborative team, CPE, and those sys-admins were able to reach ou to the CentOS sys-admin(s) to help because we are all part of the same team
 <amoloney> and thankfully, they are able to help their fellow teammates, because its the right thing to do
 <amoloney> and its very important this week to have the services we are maintaining for Fedora brought up in time to complete the move safely and on time for the F33 mass rebuild
 <rbowen> So, when people ask "Why is 8.2 taking so long" and we answer "The people working on that have other responsibilities", every single time they come back with "how can I help move that along." I, for one, would like to work towards a world where community members can help build the next release. Do we know what it would take to get there?
 <rbowen> (That's obviously a longer-term goal, but something that people ask me about pretty much every week.)
 <amoloney> Honestly, I have no idea how to get community members to build the next CentOS release, but I am more than willing to help facilitate those conversations if it helps my team feeling pressurized both internally and externally
 <amoloney> Im here to learn about the community and help find better ways of working for my team as their product owner, so if you have suggestions or ideas to make things more open and inclusive that I can help with, please reach out to me
 <rbowen> We're going to try to do this every 2 weeks, right?
 <rbowen> Perhaps next time we'll have more participation.
 <amoloney> Yes Im good with that
 <amoloney> Hopefully! :)
 <amoloney> Rich thanks for asking questions though, I hope i was able to give ok answers to them and anything I missed please let me know and I can follow up on
 <amoloney> Right were at time, thanks for having  me on here and Im looking forward to chatting to you all again!
 <amoloney> #endmeeting

June 15, 2020

CPE Weekly: 2020-06-14

June 15, 2020 02:57 PM

Background:
The Community Platform Engineering group is the Red Hat team combining
IT and release engineering from Fedora and CentOS. Our goal is to keep
core servers and services running and maintained, build releases, and
other strategic tasks that need more dedicated time than volunteers
can give.

See our wiki page here for more
information: https://docs.fedoraproject.org/en-US/cpe/

General Project Updates

 

Please check out our updated initiative timetable for briefing in new
projects to our team
here: https://docs.fedoraproject.org/en-US/cpe/time_tables/
*Note: Initiatives are large pieces of work that require a team of
people and weeks/months to complete. Please continue to open tickets
in the normal way for bugs, issues, etc.

Don't forget to view our taiga board to see the projects we are
currently working on, what we have scoped and whats in our backlog
https://tree.taiga.io/project/amoloney1-cpe-team-projects/kanban?epic=null

CPE Product Owner Office Hours
* Weekly on Thursdays @ 1300 UTC on #fedora-meeting-1
* Every second Tuesday @ 1500 UTC on #centos-meeting (next meeting 23rd June)
* Meeting Logs
* Fedora: https://meetbot.fedoraproject.org/teams/cpe_product_owner_office_hours/cpe_product_owner_office_hours.2020-06-11-13.01.log.html
* CentOS: https://www.centos.org/minutes/2020/June/centos-meeting.2020-06-09-15.00.log.html

Fedora Updates

 

Data Centre Move

* The final Fedora hardware shipment is due to happen on Tuesday 16th June.
* We expect the shipment to arrive in the new data centre the week
beginning 22nd June and the team will begin bringing up services that
are affected by the move.
* A list of affected services is available here
https://hackmd.io/hpYYJQRjQy-oHxUS7IonIA?view
* Please read the below email sent by kfenzi if you have not already
done so: https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org/thread/E7HJULW2S76FZCAICURWXX223N5ZXXD7/
* Details on what this move may mean for you can be found here
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/thread/27U6YT73556KYW2RIFJO6J2HYMYVP22U/
* If an application is not working correctly at all, please check this
list https://hackmd.io/hpYYJQRjQy-oHxUS7IonIA?view before opening a
ticket to make sure its not listed as being moved. If it is being
moved, please wait a day or two, then try again.
* Similarly, please be patient when opening tickets for service issues
in general as we have now reached the critical point in this move and
all of our sys-admins and wider teams will be assisting in the
successful bringup of the reduced Fedora service and facilitation of
the final hardware shipment and move.

AAA Replacement

* The team are working on the changing application code bases to use
the new solution
* They are also working on the CentOS account integration and the
solution will see users be able to select the contributor agreements
that are relative to their account.
* They are also testing a script to use in data migration from the
current FAS system to Noggin to allow for very little, if any, changes
to the user
* The team are also completing user documentation that includes a
how-to migration guide for maintainers and a guide to help users
understand the differences between Noggin and the current FAS option
(issue #246 on board)
* Please feel free to check out the team kanban board for more
information on the features the team are working on and have already
completed here https://github.com/orgs/fedora-infra/projects/6

Mbbox

* Project Dashboard here https://github.com/fedora-infra/mbbox/projects/1
* Tasks completed in the project currently
* MBS Backend CRD + documentation
* MBS Frontend CRD - configuration and certificates
* Draft of blog post about MBBox
* Tasks underway currently
* MBS Frontend CRD - deployment config and service
* Staging environment required
* MBox shared CRD

Gitforge

With the data centre move taking most of the teams focus this week,
discussions with gitlab have been quiet. We are still discussing
technical aspects of the project and these are tracked here:
https://gitlab.com/gitlab-org/gitlab/-/issues/217350
We will keep you up to date with the developments as and when we have
information to share and thank you for your patience.

CentOS Updates

 

CentOS

* OCP4 staging cluster in progress
* CentOS Linux 8.2.2004 content is in pre-release with more artifacts to come
* There was also a recent CentOS AMA on Reddit, logs are here so check
it out if you missed it
https://www.reddit.com/r/CentOS/comments/gwnvd2/centos_ama/

CentOS Stream

* The team have been working really hard to get package sources pushed
to keep caught up with RHEL
* We are also working on tooling for more push automation
* And tooling for RealTime and other Variants are coming in Stream soon

As always, feedback is welcome, and we will continue to look at ways
to improve the delivery and readability of this weekly report.

Have a great week ahead!

Aoife

Source: https://hackmd.io/8iV7PilARSG68Tqv8CzKOQ?view

June 09, 2020

[Video] Understanding and Using Convert2RHEL

June 09, 2020 08:25 AM

(A presentation from Red Hat Summit)

Migration to RHEL Converting RHEL-like systems to RHEL with convert2rhel

See also

June 08, 2020

CPE Weekly: 2020-06-07

June 08, 2020 06:52 PM

Background:

The Community Platform Engineering group is the Red Hat team combining
IT and release engineering from Fedora and CentOS. Our goal is to keep
core servers and services running and maintained, build releases, and
other strategic tasks that need more dedicated time than volunteers
can give.

See our wiki page here for more
information: https://docs.fedoraproject.org/en-US/cpe/

## General Project Updates

Please check out our updated initiative timetable for briefing in new
projects to our team
here: https://docs.fedoraproject.org/en-US/cpe/time_tables/
*Note: Initiatives are large pieces of work that require a team of
people and weeks/months to complete. Please continue to open tickets
in the normal way for bugs, issues, etc.

Don't forget to view our taiga board to see the projects we are
currently working on, what we have scoped and whats in our backlog
https://tree.taiga.io/project/amoloney1-cpe-team-projects/kanban?epic=null

CPE Product Owner Office Hours: Thursdays @ 1300 UTC on #fedora-meeting-1

Fedora Updates

Data Centre Move

* A reduced services offering of Fedora will begin tomorrow, June 8th
until July 28th, est.
* This is to complete the final shipment of hardware from Phoenix to
Washington, so please be patient and understanding during this
timeframe as some services will be off and the rest, much slower.
* Please read the below email sent by kfenzi if you have not already
done so: https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org/thread/E7HJULW2S76FZCAICURWXX223N5ZXXD7/
* Details on what this move may mean for you can be found here
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/thread/27U6YT73556KYW2RIFJO6J2HYMYVP22U/
* If an application is not working correctly at all, please check this
list https://hackmd.io/hpYYJQRjQy-oHxUS7IonIA?view before opening a
ticket to make sure its not listed as being moved. If it is being
moved, please wait a day or two, then try again.
* Similarly, please be patient when opening tickets for service issues
in general as we have now reached the critical point in this move and
all of our sys-admins and wider teams will be assisting in the
successful bringup of the reduced Fedora service and facilitation of
the final hardware shipment and move.

AAA Replacement

* The team are working on implementing an aspect of the service that
will allow users to select their applicable contributor agreement(s)
as we are merging both Fedora and CentOS authentication system under
the Noggin' solution.
* The team have also added a blog pref to the feature set in Noggin
* They have added pagination to the solution
* And are working through redirecting applications to interface with the new API
* Please feel free to check out the team kanban board for more
information on the features the team are working on and have already
completed here https://github.com/orgs/fedora-infra/projects/6

Mbbox

* Project Dashboard here https://github.com/fedora-infra/mbbox/projects/1
* Sprint 4 is underway with the following work being addressed:
* Kojira CRD & Documentation completed
* MBS Backend CRD is almost done
* And the team are now waiting on a staging environment to deploy
and test in. We hope to have this in place by the end of this week

Gitforge

Good discussion on the CPE PO Office Hours meeting this Thursday, 4th
June around the possibility of scheduling an AMA session/technical
panel session with some folks from GitLab to allow the Fedora
community a direct line to discuss services, potential blockers, etc.
General feedback is that this will be welcome so I will work with
GitLab and cverna, who is still leading the technical side of the
project (link to ticket below) to plan the best time for this session
& work with you all to set an agenda/discussion points for the
meeting. NOTE: Due to the data centre move, this session will not
happen before late August or early September at a minimum. Thank you
for your engagement with us on this!
Link to public issue ticket:
https://gitlab.com/gitlab-org/gitlab/-/issues/217350
Meeting minutes log
https://meetbot.fedoraproject.org/fedora-meeting-1/2020-06-04/cpe_po_office_hours.2020-06-04-13.00.log.html

CentOS Updates

 

CentOS

* CentOS Linux 8.2.2004 RC composes are with QA

CentOS Stream

* The team resolved all of the 8.2 build failures in CentOS Stream in
their recent sprint (May 21st - June 5th)
* An issue where a SIG was unable to push new content to
git.centos.org was resolved, and is currently in staging
* The team are also investigating how best to separate CentOS Linux
branding from CentOS Stream
* We are also focusing on building more packages in Stream for our
current sprint (June 5th - 19th) and working on more automation and
variance to help improve the current process and time it takes for our
team to build packages

As always, feedback is welcome, and we will continue to look at ways
to improve the delivery and readability of this weekly report.

Have a great week ahead!

Aoife

Source: https://hackmd.io/8iV7PilARSG68Tqv8CzKOQ?view

 

June 04, 2020

User Survey – preliminary results

June 04, 2020 06:24 AM

We have been running the CentOS User Survey for about a month (you can still fill it out - it's just 4 questions) and we're ready to share some preliminary results. We do play to keep running it for another month, to get a wider pool of respondants.

Main use

Asked what you use CentOS for, you answered:

(Note that numbers don't add up to 100% because you're free to select multiple categories.)

28% - Professional software development
31% - Hobby software development
63% - Running services at work
62% - Running services at home
25% - Desktop system

Where you'd like to participate

Asked where you'd like to participate more, you said:

58% - Testing
36% - Packaging
18% - Design
23% - Promotion
6%  - Event planning

Systems

Asked how many systems you run on, you said:

42% - 1-5 systems
36% - 6-50 systems
10% - 51-100 systems
10% - 101-1000 systems
3% - More than 1000 systems

Frequency of updates

Asked how often you update, you said:

17% - Daily
31% - Weekly
32% - Monthly
6% - Every new release
14% - Less frequently

Thank you for your input, which gives us a little better idea of how CentOS gets used. This is always hard to track for any software that's free to download, free to use, and has no registration or reporting requirements, so we really appreciate people's willingness to give us this little glimpse into use patterns.

June 02, 2020

CentOS Community newsletter, June 2020 (#2006)

June 02, 2020 01:46 AM

Dear CentOS enthusiast,

We hope you are all doing well and staying healthy, and, as always, thank you for being part of this great community.

In this edition:

  • News
  • Releases and updates
  • Events
  • SIG reports

News

User Survey

Over the past month we have been conducting a user survey of how people use CentOS, and how they would like to participate in the community. We hope to close the survey at the end of June and report on it, although there will also be an intermediate report on the blog in a few days.

You can still participate in the survey - just 4 questions - at https://tm3.org/survey

Removal of Pike and Ocata Trunk repos

The RDO project and the Cloud SIG have announced the removal of the Pike and Ocata repos, which have been EOL'ed (End Of Life). Details are at https://lists.centos.org/pipermail/centos-devel/2020-May/036890.html

Reddit AMA

This Thursday we will be holding an AMA (Ask Me Anything) on the CentOS subreddit, at 20:00 UTC. Come to https://www.reddit.com/r/CentOS/ with your questions, which will be fielded by a panel of CentOS engineers and community members. Details are at  https://lists.centos.org/pipermail/centos-devel/2020-May/036943.html

SIG Authentication Retooling

Board member Jim Perrin has posted an article describing what we're doing with the SIG authentication retooling, and how it will affect you. If you contribute to any part of CentOS or Fedora (or plan to) you should read it, at https://blog.centos.org/2020/05/sig-authentication-retooling/

CPE Office Hours

CPE - Community Platform Engineering - is a team within Red Hat who do some of the infrastructure work to support the CentOS and Fedora projects. With their greater involvement in CentOS in the past few months, you might have some questions. Join us on the #centos-meeting channel (on Freenode IRC) every second Thursday (starting June 9th) at 15:00 UTC, where CPE engineers will answer your questions.

Board Issue Tracker

A recent thread on centos-devel asked what the best way is to get the attention of the board of issues that require a decision or answer. In response, the board has provided an issue tracker at  https://git.centos.org/centos/board where you can raise these issues, and expect to receive a timely answer.

CPE updates:

CPE posts (approximately) weekly updates on what they've been doing for the benefit of our community. These are perhaps the best place to find out what they've been up to, and ask them about specific items.

Releases and updates

In May we issued the following updates and releases.

Errata and Enhancements Advisories

We issued the following CEEA (CentOS Errata and Enhancements Advisories) during May:

Errata and Security Advisories

We issued the following CESA (CentOS Errata and Security Advisories) during May:

Errata and Bugfix Advisories

We issued the following CEBA (CentOS Errata and Bugfix Advisories) during May:

CentOS Stream and CentOS 8

The best place for the latest information about CentOS Stream and CentOS 8 is on the https://feeds.centos.org/ site, where there's one stream for each of the releases for which we provide package updates.

Events

We will be holding the first online edition of devconf.us on September 24th - 25th. Details, and the call for papers are available at devconf.us

In conjunction with this event, we'll be holding the first virtual CentOS Dojo. Details, and the call for presentations for that event, are available in the wiki.

SIG Reports

The SIGs - special interest groups - are where most of the interesting stuff in CentOS happens. They are communities packaging and testing layered projects on top of CentOS, and ensuring that they work reliably.

Virtualization SIG:

advanced-virtualization: packages from Red Hat Advanced Virtualization are now available in CentOS Virt SIG. Still missing a release rpm to be added to CentOS extras for allowing users to easily enable the repo also if they are not using oVirt.

oVirt: upstream released several 4.3 updates but the most interesting update is the release of oVirt 4.4.0 which dropped packaging for CentOS 7 and switched to CentOS 8 and consuming advanced-virtualization and ovirt-4.4 packages built in CentOS Virt SIG.

Also consuming Collectd 5.11 from CentOS OpsTools SIG.

Several new people joined the oVirt group within the SIG in last 3 months:

- Yash Mankad (ymankad) from the Virtualization group at Red Hat, working closely with oVirt an the Virt group on Advanced Virtualization

- Dominik Holler (dholler) from oVirt Network team

- Martin Perina (mperina) from oVirt infra team

 

OpsTools SIG Quarterly Report

This report also includes reporting for the Messaging SIG, which is marked explicitly, where it's appropriate.

Purpose
-------

Provide tools for second day operations for operators of large infrastructure.

The Messaging SIG is providing infrastructure for sending messages like RabbitMQ or Apache QPID.

In the time-frame between March 1st and May 31st, we were able to rebuild and publish our contents for CentOS 8.
Kolla containers as part of OpenStack were now moved to use Opstools SIG artifacts built on CentOS 8. Part of this
effort was also to split off messaging related components to the messaging SIG.

We deprecated Sensu and Uchiwa a while ago and did not rebuild them. There is collectd-sensubility, which is a collectd plugin and uses the same configuration as sensu, but is hooked into collectd.

Issues for the board
--------------------

None. The issues we had in the past were now fortunately resolved.

[Video] About CentOS SIGs

June 02, 2020 12:59 AM

(A presentation from Red Hat Summit)

Special Interest Groups (SIG) are smaller groups within the CentOS community that focus on a small set of issues, in order to either create awareness or to focus on development along a specific topic. CentOS Community Manager Rich Bowen talks a little about what that means.

June 01, 2020

CPE Weekly status email – 2020-05-31

June 01, 2020 06:11 PM

CPE Weekly: 2020-05-31

Background:

The Community Platform Engineering group is the Red Hat team combining IT and release engineering from Fedora and CentOS. Our goal is to keep core servers and services running and maintained, build releases, and other strategic tasks that need more dedicated time than volunteers can give.

See our wiki page here for more information: https://docs.fedoraproject.org/en-US/cpe/

General Project Updates

Please check out our updated initiative timetable for briefing in new projects to our team here: https://docs.fedoraproject.org/en-US/cpe/time_tables/
*Note: Initiatives are large pieces of work that require a team of people and weeks/months to complete. Please continue to open tickets in the normal way for bugs, issues, etc.

Don't forget to view our taiga board to see the projects we are currently working on, what we have scoped and whats in our backlog https://tree.taiga.io/project/amoloney1-cpe-team-projects/kanban?epic=null

I also currently have weekly IRC office hours on #fedora-meeting-1 @ 1300 - 1400 UTC and I will have a bi-weekly office hours on Centos-meeting @ 1500 - 1600 UTC beginning June 9th also, with Rich Bowen helping me set it up, thanks Rich 🙂

There is (usually) no agenda for these meetings and is an open floor, so please feel free to stop by and chat casually, or about any projects the CPE team are working on/working on next. The choice of topic is completely yours 🙂

Gitforge

Just a quick note to say this project has not made any more notable progress. Our team have some very time-intensive projects currently in flight, so our focus has been and will be on the completion of these projects over the next few months. We are still using the gitlab project tracker https://gitlab.com/gitlab-org/gitlab/-/issues/217350 to record issues/technical requirements, and thank you again for your patience during this slower period of the project, it is very much appreciated.

Fedora Updates

 

Data Centre Move

* A reduced services offering of Fedora will be in effect from June 8th until July 28th, est.
* This is to complete the final shipment of hardware from Phoenix to Washington, so please be patient and understanding during this timeframe as some services will be off and the rest, much slower.
* Kevin Fenzi has sent some details on service validation and a call to arms to help us meet the June 15th deadline to have the reduced Fedora operational, please read:
https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org/thread/E7HJULW2S76FZCAICURWXX223N5ZXXD7/
* Details on what this move may mean for you can be found here
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/thread/27U6YT73556KYW2RIFJO6J2HYMYVP22U/

AAA Replacement

* Adding the ability to sign user agreements
* Adding the blog/website attribute for users
* Client library migration to python-freeipa 1.0.0.

Mbbox

* Project Dashboard here https://github.com/fedora-infra/mbbox/projects/1
* Sprint 3 is done:
* Refactor molecule test suit to share test-cases
* Koji-hub and koji-builder SSL issues solved
* Sprint 4 is in progress
* Kojira CRD
* MBS Backend CRD (MBS doesn’t support fedora messaging)
* Staging environment

CentOS Updates

 

CentOS

* Post OCP4 cluster Installation tasks - storage, TLS cert/ IDP configs, exploring operators that we can use.
* We have a public accessible ocp4 cluster
(https://console-openshift-console.apps.ocp.ci.centos.org/). We are on the verge of figuring out subscriptions.
* Documentation: https://centosci.github.io/ocp4-docs/
* Linux 8.2 work is still with QA

CentOS Stream

* The team are working on adding some 8.2 builds to Stream that failed or did not make it into Stream for whatever reason.

As always, feedback is welcome, and we will continue to look at ways to improve the delivery and readability of this weekly report.

Have a great weekend!

Aoife

Source: https://hackmd.io/8iV7PilARSG68Tqv8CzKOQ?view

May 25, 2020

[Video] CentOS Stream Contribution Workflow Demonstration

May 25, 2020 08:19 AM

(A presentation from Red Hat Summit)

In this video, we walk through the CentOS Stream contribution workflow, with an example contribution

See also https://youtu.be/Si7mHbMefiQ for a quick overview of the contribution model.

See http://centos.org/stream for more information about CentOS Stream

 

May 19, 2020

Deploying OpenShift 4 on bare-metal and disabling dhcp

May 19, 2020 10:00 PM

Recently I had to work with one of my colleagues (David) on something that was new to me : Openshift. I never really looked at OpenShift but knew the basic concepts, at least on OKD 3.x.

With 4.x, OCP is completely different as instead of deploying "normal" Linux distro (like CentOS in our case), it's now using RHCOS (so CoreOS) as it's foundation. The goal of this blog post is not to dive into all the technical steps required to deploy/bootstrap the openshift cluster, but to discuss of one particular 'issue' that I found myself annoying while deploying: how to disable dhcp on the CoreOS provisioned nodes.

To cut a long story short, you can read the basic steps needed to deploy Openshift on bare-metal in the official doc

Have you read it ? Good, now we can move forward :)

After we had configured our install-config.yaml (with our needed values) and also generated the manifests with openshift-install create manifests --dir=/path/ we thought that it would be just deploying with the ignition files built by the openshift-install create ignition-configs --dir=/path step (see in the above doc for all details)

It's true that we ended up with some ignition files like:

  • bootstrap.ign
  • worker.ign
  • master.ign

Those ignition files are (more or less) like traditional kickstart files to let you automate the RHCOS deploy on bare-metal. The other part is really easy, as it's a matter (with ansible in our case) to just configure the tftp boot argument, and call an ad-hoc task to remotely force a physical reinstall of the machine (through ipmi):

So we kicked off first the bootstrap node (ephemeral node being used as a temporary master, from which the real master forming the etcd cluster will get their initial config from), but then we realized that, while RHCOS was installed and responding with the fixed IP we set through pxeboot kernel parameters (and correctly applied on the reboot), each RHCOS node was also trying by default to activate all present NICs on the machine.

That was suddenly "interesting" as we don't fully control the network where those machines are, and each physical node has 4 NICs, all in the same vlan , in which we have also a small dhcp range for other deployments. Do you see the problem about etcd and members in the same subnet and multiple IP addresses ? yeah, it wasn't working as we saw some requests coming from the dhcp interfaces instead of the first properly configured NIC in each system.

The "good" thing is that you can still ssh into each deployed RHCOS (even if not adviced to) , to troubleshoot this. We discovered that RHCOS still uses NetworkManager but that default settings would be to enable all NICs with DHCP if nothing else declared which is what we need to disable.

After some research and help from Colin Walters, we were pointed to this bug report for coreos

With the traditional "CentOS Linux" sysadmin mindset, I thought : "good, we can just automate with ansible ssh'ing into each provisioned rhcos to just disable it", but there should be a clever other way to deal with this, as it was also impacting our initial bootstrap and master nodes (so no way to get cluster up)

That's then that we found this : Customing deployment with Day0 config : here is a simple example for Chrony

That's how I understood the concept of MachineConfig and how that's then supposed to work for a provisioned cluster, but also for the bootstrap process. Let's so use those informations to create what we need and start a fresh deploy.

Assuming that we want to create our manifest in :

openshift-install create manifests --dir=/<path>/

And now that we have manifests, let's inject our machine configs : You'll see that because it's YAML all over the place, injecting Yaml in Yaml would be "interesting" so the concept here is to inject content as base64 encoded string, everywhere.

Let's suppose that we want the /etc/NetworkManager.conf.d/disabledhcp.conf having this content on each provisioned node (master and worker) to tell NetworkManager to not default to auto/dhcp:

[main]
no-auto-default=*

Let's first encode it to base64:

/etc/NetworkManager.conf.d/disabledhcp.conf
cat << EOF | base64
[main]
no-auto-default=*
EOF

Our base64 value is W21haW5dCm5vLWF1dG8tZGVmYXVsdD0qCg==

So now that we have content, let's create manifests to create automatically that file at provisioning time :

pushd <path>
# To ensure that provisioned master will try to become master as soon as they are installed
sed -i 's/mastersSchedulable: true/mastersSchedulable: false/g' manifests/cluster-scheduler-02-config.yml

pushd openshift
for variant in master worker; do 
cat << EOF > ./99_openshift-machineconfig_99-${variant}-nm-nodhcp.yaml
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
  labels:
    machineconfiguration.openshift.io/role: ${variant}
  name: nm-${variant}-nodhcp
spec:
  config:
    ignition:
      config: {}
      security:
        tls: {}
      timeouts: {}
      version: 2.2.0
    networkd: {}
    passwd: {}
    storage:
      files:
      - contents:
          source: data:text/plain;charset=utf-8;base64,W21haW5dCm5vLWF1dG8tZGVmYXVsdD0qCg==
          verification: {}
        filesystem: root
        mode: 0644
        path: /etc/NetworkManager/conf.d/disabledhcp.conf
  osImageURL: ""
EOF

done
popd
popd

I think this snipped is pretty straight-forward, and you see in the source how we "inject" the content of the file itself (previous base64 value we got in previous step)

Now that we have added our customizations, we can just proceed with the openshift-install create ignition-configs --dir=/<path> command again, retrieve our .ign file, and call ansible again to redeploy the nodes, and this time they were deployed correctly with only the IP coming from ansible inventory and no other nic in dhcp.

And also that it works, deploying/adding more workers node in the OCP cluster is just a matter to calling ansible and physical nodes are deployed in a matter of ~5minutes (as RHCOS is just extracting its own archive on disk and reboot)

I don't know if I'll have to take multiple deep dives into OpenShift in the future , but at least I learned multiple things, and yes : you always learn more when you have to deploy something for the first time and that it doesn't work straight away .. so while you try to learn the basics from official doc, you have also to find other resources/docs elsewhere :-)

Hope that it can help people in the same situation when having to deploy OpenShift on premises/bare-metal.

CPE Achievements during Q1 2020 (Jan-Mar 2020)

May 19, 2020 03:36 PM

Hi Everyone,

2020 has seen a lot of changes for everyone - understatement of the year right? One of these changes though has been how the Community Platform Engineering Team has decided to try adjust how they work. We are on an agile workflow journey and we began this year with quarterly planning, for the first time ever! We kicked off the start of the year working on some prioritised initiatives that we discussed as a review team during our first quarterly planning session. The review team included Brian ‘Bex’ Exelbierd, Paul Frields, Jim Perrin,Leigh Griffin, Pierre-Yves Chibon, Brian Stinson and Clément Verna.

The initiatives chosen to be worked on during Quarter One were:

  • FAS Replacement Login Phase 1 
  • Fedora Data Centre Move
  • CentOS Stream Phase 1 
  • CI/CD 

It was agreed that the CPE team would work on these from January - March 2020 as well as resourcing our sustaining team to support “lights on” work and Fedora & CentOS releases. 

And let us be the first to tell you, while it did not seem like it would be a monumental change from the outside from switching to  scheduling our work in advance rather than responding to ‘fire fire fire!’, it has been tricky to adjust to but we are getting there!

We had a Q1 celebration call hosted by our Agile Practitioner Sarah Finn to highlight the successes we achieved in that timeframe, and we were all a little surprised and a lot pleased with what we accomplished as a team 🙂

So, what did we achieve in this time?

CPE Sustaining team 

Team members: Clément Verna, Kevin Fenzi, Stephen Smoogen, Mohan Boddu

Michal Konecny, Vipul Siddharth, Tomas Hrcka, Petr Bokoc along with support from wider CPE Team/RH/Community as required.

Achievements: 

  • Preparation for Data Center Move (Archives, Old Cloud retirement, Communication to Community)
  • Applications Update ( Bodhi, Anitya, mdapi, compose-tracker, fedscm-admin, python-cicoclient, …)
  • Fedora 32 Beta release infra and releng support
  • CentOS CI (Update of images used to run tests for Fedora)
  • Mbbox project start (Requirements, PoC, Dev Environment)

User Benefits:

  • Fedora 32 Beta release.
  • It is not too difficult to contribute to Fedora!

FAS Replacement Login Phase 1

Team members: Aoife Moloney, Aurelien Bompard, Rick Elrod (Jan- Feb), Ryan Lerch, Stephen Coady, James Richardson, Leonardo Rossetti along with support from wider CPE Team/RH/Community as required.

Achievements: : 

  • Registration page, user profile, user settings, user groups, groups list
  • 2FA & OTP authentication working
  • Fedora messaging is integrated
  • Users can reset their password when they have forgotten it
  • The FASJSON API is versioned and follows an OpenAPI spec
  • Theming support, with a Fedora and an OpenSUSE theme

Fedora Data Centre Move

Team members: Aoife Moloney, Stephen Smoogen, Kevin Fenzi along with support from wider CPE Team/RH/Community as required.

Achievements: : 

  • Minimum Viable Fedora offering defined
  • Future business growth for Fedora safeguarded in IAD2
  • COPR backups upgraded
  • Hardware budget approved and purchased 
  • Hardware inventory updated
  • Full Move schedule created and published
  • Impacted services list created and published

User Benefits:

  • Red Hat bought us some new stuff
  • New datacenter will provide better access to large cloud providers, and thus Fedora users using those providers.
  • Refreshed hardware should allow Fedora Infrastructure to meet growth needs for this year and beyond.
  • Planning and work should ensure outages for the datacenter move are as short as possible.

CentOS Stream Phase 1

Team members: Aoife Moloney, Brian Stinson, Fabian Arrotin, Johnny Hughes, James Antill, Carl George, Siteshwar Vashisht along with support from wider CPE Team/RH/Community as required.

Achievements: : 

  • Account creation in git.centos.org for Stream
  • Regular compose created & merged
  • Nightly composes running
  • Testing & QA suite running
  • List of packages available in Stream
  • Modules added to Stream
  • RPM signing tool written & implemented for CBS content in Stream
  • Workflow for contributor patches enabled
  • Stream is ahead of RHEL 8.1

User Benefits:

  • CentOS Stream releases ship like a tree and has nightly composes
  • Stream accounts are available on git.stg.centos.org
  • QA and testing in Stream are finding issues quicker than in RHEL and CentOS Linux
  • 240+ packages are now available in Stream
  • There is a new signing tool written for CBS content

CI/CD

Team members: Aoife Moloney, Pierre-Yves Chibon, Nils Philippsen, Adam Saleh along with support from wider CPE Team/RH/Community as required.

Achievements: : 

User Benefits:

  • A backlog of ideas in the Fedora Infra and releng ecosystems can tackle to increase automation
  • The packager workflow is now monitored regularly and automatically
    • This will give us a way to measure the health of the packager workflow and in the long term potentially figure out the least reliable parts to improve them
  • Removing the changelogs and release fields from spec files allows for more automation around spec files and removes the two major sources of conflicts when doing pull-request on dist-git. This can be tested today in staging, allowing to gather more user feedback and experience before deciding on proceeding with this or not.

We have now had our second quarterly planning session for Q2, April - June, and if you want to check out what we are working on, stop by our taiga board to see our ‘in progress’ lane and read our blog post here. If you any questions regarding anything above or want to give us feedback, please reach out on our #redhat-cpe channel on IRC Freenode or mailing lists. 

And it is part for the course that when changes happen things get missed or overlooked, so this blog post is going out a little later than we would like, but we will try to have your next window wins published by the latest mid July. We just won’t say what year 🙂

Thank you everyone for your contributions to the above initiatives in our Q1, we had some great community engagement across our projects and we hope to have the same for the remainder of the year, because some things should never change 🙂

Take care everyone and see you around IRC!

May 18, 2020

[Video] CentOS Stream Contribution Model

May 18, 2020 08:51 AM

(A presentation from Red Hat Summit)

CentOS Stream is a rolling preview of the next minor version of Red Hat Enterprise Linux (RHEL), allowing you to try it out, and contribute changes into the RHEL development process. Carl George gives a brief overview of how that contribution model works.

See also https://youtu.be/UA5QCqwma7Y for a walkthrough of a contribution. See https://centos.org/stream for more information about CentOS Stream

May 15, 2020

Updated CentOS Vagrant Images Available (v2004.01)

May 15, 2020 06:40 PM

We are pleased to announce new official Vagrant images of CentOS Linux 6.10 and CentOS Linux 7.8.2003 for x86_64. All included packages have been updated to May 30th, 2019.

We are unfortunately not able to create images for CentOS 8.x om our build infrastructure at this time, but are working on this.

Known Issues

  1. The VirtualBox Guest Additions are not preinstalled; if you need them for shared folders, please install the vagrant-vbguest plugin and add the following line to your Vagrantfile:
    config.vm.synced_folder ".", "/vagrant", type: "virtualbox"

    We recommend using NFS instead of VirtualBox shared folders if possible; you can also use the vagrant-sshfs plugin, which, unlike NFS, works on all operating systems.

  2. Since the Guest Additions are missing, our images are preconfigured to use rsync for synced folders. Windows users can either use SMB for synced folders, or disable the sync directory by adding the line
    config.vm.synced_folder ".", "/vagrant", disabled: true

    to their Vagrantfile, to prevent errors on "vagrant up".

  3. Installing open-vm-tools is not enough for enabling shared folders with Vagrant’s VMware provider. Please follow the detailed instructions in https://github.com/mvermaes/centos-vmware-tools
  4. Some people reported "could not resolve host" errors when running the centos/7 image for VirtualBox on Windows hosts. We don't have access to any Windows computer, but some people reported that adding the following line to the Vagrantfile fixed the problem:
    vb.customize ["modifyvm", :id, "--natdnshostresolver1", "off"]

Recommended Setup on the Host

Our automatic testing is running on a CentOS Linux 7 host, using Vagrant 1.9.4 with vagrant-libvirt and VirtualBox 5.1.20 (without the Guest Additions) as providers. We strongly recommend using the libvirt provider when stability is required.

Downloads

The official images can be downloaded from Vagrant Cloud. We provide images for HyperV, libvirt-kvm, VirtualBox and VMware.

If you never used our images before:

vagrant box add centos/6 # for CentOS Linux 6, or...
vagrant box add centos/7 # for CentOS Linux 7

Existing users can upgrade their images:

vagrant box update --box centos/6
vagrant box update --box centos/7

Verifying the integrity of the images

The SHA256 checksums of the images are signed with the CentOS 7 Official Signing Key. First, download and verify the checksum file:

$ curl http://cloud.centos.org/centos/7/vagrant/x86_64/images/sha256sum.txt.asc -o sha256sum.txt.asc
$ gpg --verify sha256sum.txt.asc

Once you are sure that the checksums are properly signed by the CentOS Project, you have to include them in your Vagrantfile (Vagrant unfortunately ignores the checksum provided from the command line). Here's the relevant snippet from my own Vagrantfile, using v1803.01 and VirtualBox:

Vagrant.configure(2) do |config|
  config.vm.box = "centos/7"

  config.vm.provider :virtualbox do |virtualbox, override|
    virtualbox.memory = 1024
    override.vm.box_download_checksum_type = "sha256"
    override.vm.box_download_checksum = "b24c912b136d2aa9b7b94fc2689b2001c8d04280cf25983123e45b6a52693fb3"
    override.vm.box_url = "https://cloud.centos.org/centos/7/vagrant/x86_64/images/CentOS-7-x86_64-Vagrant-1803_01.VirtualBox.box"
  end
end

Feedback

If you encounter any unexpected issues with the Vagrant images, feel free to ask on the centos-devel mailing list, or in #centos on Freenode IRC.

Ackowledgements

I would like to warmly thank Brian Stinson, Fabian Arrotin and Thomas Oulevey for their work on the build infrastructure, as well as Patrick Lang from Microsoft for testing and feedback on the Hyper-V images. I would also like to thank the CentOS Project Lead, Karanbir Singh, without whose years of continuous support we wouldn't have had the Vagrant images in their present form.

I would also like to thank the following people (in alphabetical order):

  • Graham Mainwaring, for helping with tests and validations;
  • Michael Vermaes, for testing our official images, as well as for writing the detailed guide to using them with VMware Fusion Pro and VMware Workstation Pro;
  • Kirill Kalachev, for reporting and debugging the host name errors with VirtualBox on Windows hosts.

May 14, 2020

CPE Weekly: 2020-05-11

May 14, 2020 02:21 PM

Background:

The Community Platform Engineering group is the Red Hat team combining
IT and release engineering from Fedora and CentOS.Check out our teams
info here https://docs.fedoraproject.org/en-US/cpe/

GitForge Updates

* We are tracking our progress here (nothing new added yet, fyi) https://fedoraproject.org/wiki/Git_forge_update
* And the council are tracking the community issues in this ticket https://pagure.io/Fedora-Council/tickets/issue/292
* I have an Office hours IRC meeting slot on #fedora-meeting-1 @ 1300-1400 UTC every Thursday. Feel free to stop by and say hi! We can talk about Gitforge, or not 🙂 Note, this is an update to the meeting time from when this update was originally posted.

Data Centre Move

* Communishift is unfortunately offline until mid to end of June. The guys hit some unfortunate roadblocks which cost us a lot of time and energy. As we are starting to bring up hardware in IAD2 for the reduced Fedora offering next week, the hard but necessary decision was taken to pause bringing up CommuniShift in RDU-CC for now and come back to this once the  *slightly* more critical work is done or close to complete in IAD2.
* Thank you for your patience, this is a colossal undertaking for the team and your support and understanding is very much appreciated.
* Full amended schedule is here https://hackmd.io/vDwoayVLQ8yjyDk3PDvC8A?view
* And updates are being posted here https://status.fedoraproject.org/
* Again, as this project is currently being run by a two man team, we appreciate and thank you for your patience for delayed replies to tickets/requests/pings related to Fedora infra.

AAA Replacement

* The team have met with openSUSE and are supporting them when deploying Noggin
* Noggin UI improvements based on feedback have also been implemented
* Th2 team will begin to work on upstream code changes of existing apps to the FASjson api in their next sprint
* You can view the teams current, completed and backlog work here https://github.com/orgs/fedora-infra/projects/6

Sustaining Team

* The team are using this dashboard to track their work https://github.com/fedora-infra/mbbox/projects/1
* They are also supportg the ELN work
* The ansible repo has also been moved to pagure! https://pagure.io/fedora-infra/ansible

* Mbbox Upgrade
* ssl fix is done
* The team are also working on CRD for koji-builder
* Work is being tracked here if you wish to view in more detail https://github.com/fedora-infra/mbbox/projects/1

CentOS Updates

CentOS CI

* The team are working on
* Improving monitoring on CI agents
* Manual install of RHCOS bootstrap node on bare metal
* Importing EL6 Image for CICO cloud
* VMs migration from OpenStack to OpenNebula

CentOS

* CentOS 7.8.2003 was released for x86_64, aarch64,ppc64, ppc64le and armhfp architectures. Including Cloud images (on
https://cloud.centos.org) - https://blog.centos.org/2020/04/release-centos last week
* CentOS Linux 8.2 work is ongoing with compose level testing due to start soon

CentOS Stream

* The team are working through debranding CentOS Stream content from CentOS Linux
* Using CentOS Stream in the CentOS QA group to prep for 8.2

As always, feedback is welcome, and we will continue to look at ways to improve the delivery and readability of this weekly report.

Have a great week ahead!

Aoife

Source: https://hackmd.io/8iV7PilARSG68Tqv8CzKOQ

May 12, 2020

[Video] What is CentOS Stream?

May 12, 2020 08:39 AM

(A presentation from Red Hat Summit)

CentOS Stream is a release from the CentOS Project. It’s an effort, along with the Red Hat Enterprise Linux (RHEL) engineering team, to increase transparency and collaboration around the RHEL development process. This video gives a little more detail about the what, why, and how of CentOS Stream

May 06, 2020

What’s coming up next in Fedora and CentOS infrastructure?

May 06, 2020 01:00 PM

As you may know, the Community Platform Engineering (CPE) team that helps manage both infrastructure for both Fedora and CentOS is trying to improve how the different initiatives or requests for changes we receive are planned and prioritized. This effort to improve has led us to look at planning our work in three-month windows. By planning, limiting, and focusing our work every three months, we can dedicate a substantial team around each initiative, driving it to completion before working on the next. Overall this helps us finish and deliver work faster.

The prioritization work involves the Fedora Council, the CentOS Board, a representative of the Red Hat Business Unit and the CPE team for each three-month window. Initiatives are considered against the team’s mission statement and weighed against each other to ensure that the most valuable initiatives are properly prioritized. This way of working  is quite new for us so any feedback on the overall process is greatly appreciated.

So, What’s coming up next (April - June 2020*)?

CentOS Stream (Phase 2)

In the next 3 months the team will be focusing on making CentOS Stream easier to consume and release. This means investing in automation of the packaging and compose processes. 

More information about this effort at : https://tree.taiga.io/project/amoloney1-cpe-team-projects/us/19?kanban-status=2139946

Fedora Account System (FAS) Replacement (Phase 2)

This project is the second phase of the work that was started at the beginning of this year to replace FAS (which you may have heard referred to as “AAA”: Authentication, Authorization, Accounting). T first three months of the year were focused on building the web portal allowing users to register and manage their account. This phase will focus on the integration with other applications. Most of the work will be done in fasjson & fasjson-client.

More information about this effort at : https://tree.taiga.io/project/amoloney1-cpe-team-projects/us/22?kanban-status=2139946

Fedora Data Centre Move

This is a big effort that in fact has already started and will continue for most of the next 3 months (current estimated end date for this is mid-July). The work will involve deploying critical infrastructure in the new data centre so that we can continue to build Fedora while the hardware is shipped from the old data centre. Then as the hardware arrives at the new location we will be working on redeploying the services and adding more capacity to that infrastructure.

More information about this effort at : https://tree.taiga.io/project/amoloney1-cpe-team-projects/us/29?kanban-status=2139946

DNF Counting

This project will update and improve the current solution that gathers anonymous statistics about the number of installed Fedora systems by making use of the new DNF “countme” flag. This will help the project better understand how Fedora’s various offerings are used in the world, and give us better insight into the real-world lifecycle of our releases while taking great care to preserve our user's privacy. 

More information about this effort:  https://tree.taiga.io/project/amoloney1-cpe-team-projects/us/7?kanban-status=2139946

CentOS CI Infrastructure Phase 1

This work will allow us to update the current infrastructure used by ci.centos.org from an OpenShift 3.x version to an OpenShift 4.x version. The goal of this work is also to build up more administration knowledge of OpenShift in the team as well as improving the performance and reducing the maintenance effort needed to run the current infrastructure.

More information about this effort: https://tree.taiga.io/project/amoloney1-cpe-team-projects/us/30?kanban-status=2139946

Mbbox

The goal of this project is to make the current solution used to build rpms and modules for CentOS easier to maintain and update. The core of the work is to deploy koji and MBS using Kubernetes operators in order to manage the upgrade and deployment of new versions.

More information about this effort at: https://tree.taiga.io/project/amoloney1-cpe-team-projects/us/34?kanban-status=2139946

You will find regular updates on our Taiga board relating to teams progress on each initiative. If you have any questions or if you want to know more about any of these initiatives or would like to contribute, please join our #redhat-cpe channel on IRC Freenode or visit the taiga links for more information.

In addition, a dedicated sub-team, the sustaining team, will continue to service the lights on operation work for CentOS & Fedora.

We recognize that this email/blog post is late, our 3 months window has started for a month already, as we said this is still a new process for us and we're still in the adjustment phase. Hopefully we'll do better in June!

May 05, 2020

CentOS Community newsletter, May 2020 (#2005)

May 05, 2020 04:07 PM

Dear CentOS enthusiast,

We hope you are all doing well and staying healthy, and, as always, thank you for being part of this great community.

In this edition:

  • News
  • Releases and updates
  • Events
  • SIG reports

News

After a great deal of work with Red Hat Legal, we are pleased to announce our new project licencing policy. This is an important step as we continue to move towards accepting more contributions in CentOS Stream  - https://blog.centos.org/2020/04/new-centos-project-licensing-policy/

We're also delighted to welcome Pat and Thomas as new members of the CentOS Board of Directors - https://blog.centos.org/2020/04/welcome-to-our-new-board-members/ 

If you are involved in contributing to CentOS in any way, we ask that you take a moment to read the description of the work on SIG Authentication retooling - https://blog.centos.org/2020/05/sig-authentication-retooling/

CentOS Stream Updates:

CentOS Stream is working to get further ahead than in the past. Previously there were times when the content set of CentOS Stream reset to being ahead only with the Kernel and systemd. We recently pushed a batch of almost 100 source packages intended for the Red Hat Enterprise Linux 8.3 nightly development snapshots. Over the next period of time we expect to focus on pushing more batches into Stream until we're fully caught up with those nightly snapshots.

To give feedback on this content, you can open Red Hat Bugzillas directly against the CentOS Stream component.

CPE updates:

Our friends at CPE - Community Platform Engineering - have been posting weekly updates on their progress on the Fedora and CentOS infrastructure and engineering.

April 4th: https://lists.centos.org/pipermail/centos-devel/2020-April/036725.html

April 14th: https://lists.centos.org/pipermail/centos-devel/2020-April/036734.html

April 18th: https://lists.centos.org/pipermail/centos-devel/2020-April/036755.html

April 26th: https://lists.centos.org/pipermail/centos-devel/2020-April/036799.html

Releases and updates

Errata and Security Advisories

We issued the following CESA (CentOS Errata and Security Advisories) during April:

Errata and Bugfix Advisories

We issued the following CEBA (CentOS Errata and Bugfix Advisories) during April:

Events

Last week we “attended” Red Hat Summit, where we had a number of video presentations, and a well-attended “Ask The Expert” session with Brian Stinson about CentOS Stream. All of this content is available online. Go to https://redhat.com/summit (register for free and log in), then click “Explore” and you’ll see the Fedora/CentOS room there, with video and printed content about our projects.

We’ve also posted the videos to YouTube - https://www.youtube.com/theCentosProject - subscribe today to be notified when we post new content there.

Coming up, we have an AMA - Ask Me Anything - in the works for our Reddit community, https://www.reddit.com/r/CentOS/  We don’t have a date confirmed yet, but we’ll be announcing it there, as well as to the other usual places - Twitter, Facebook, the Blog and the Forums - so subscribe to one or more of those places to find out when that’s coming.

We will soon be announcing our participation in DevConf.US, the annual developer conference. We intend to have a virtual CentOS Dojo as part of that event, and will be announcing our call for presentations soon.

SIG Reports

The SIGs - special interest groups - are where most of the interesting stuff in CentOS happens. They are communities packaging and testing layered projects on top of CentOS, and ensuring that they work reliably.

Cloud SIG Report

Purpose

Packaging and maintaining different FOSS based Private cloud infrastructure applications that one can install and run natively on CentOS.

https://wiki.centos.org/SpecialInterestGroup/Cloud

Membership Update

We are always looking for new members, especially representation from other cloud technologies.

No SIG members have been added in this quarter. However, the SIG membership list was updated on the SIG wiki page to reflect reality.

Releases and Packages

RDO

Aug 27 - Aug 31 Train Release https://blogs.rdoproject.org/2019/10/rdo-train-released/

Interesting things in the Train release include:

Openstack Ansible, which provides ansible playbooks and roles for deployment, added murano support and fully migrated to systemd-journald from rsyslog. This project makes deploying OpenStack from source in a way that makes it scalable while also being simple to operate, upgrade, and grow.

Ironic, the Bare Metal service, aims to produce an OpenStack service and associated libraries capable of managing and provisioning physical machines in a security-aware and fault-tolerant manner. Beyond providing basic support for building software RAID and a myriad of other highlights, this project now offers a new tool for building ramdisk images, ironic-python-agent-builder.

Other improvements include:

Tobiko is now available within RDO! This project is an OpenStack testing framework focusing on areas mostly complementary to Tempest. While the tempest main focus has been testing OpenStack rest APIs, the main Tobiko focus would be to test OpenStack system operations while “simulating” the use of the cloud as the final user would. Tobiko’s test cases populate the cloud with workloads such as instances, allows the CI workflow to perform an operation such as an update or upgrade, and then runs test cases to validate that the cloud workloads are still functional.

Other highlights of the broader upstream OpenStack project may be read via https://releases.openstack.org/train/highlights.html.

Jun 01 - Jun 05 Victoria Release Virtual Project Team Gathering https://www.openstack.org/ptg/

Health and Activity

The Cloud SIG remains fairly healthy. However, it is still, for the most part, a monoculture containing only OpenStack.

Issues for the Board

We have no issues to bring to the board’s attention at this time.

 

[Video] What is CentOS?

May 05, 2020 08:36 AM

A presentation from Red Hat Summit: Community member Karsten Wade gives a quick overview of what the CentOS Project is.

May 04, 2020

CPE Weekly: 2020-05-02

May 04, 2020 02:25 PM

Background:

The Community Platform Engineering group is the Red Hat team combining IT and release engineering from Fedora and CentOS. Check out our teams info here https://docs.fedoraproject.org/en-US/cpe/

GitForge Updates

* We are tracking our progress here (nothing new added yet, fyi) https://fedoraproject.org/wiki/Git_forge_update

* We are still doing a technical deep-dive with our own team on what we need from GitLab and will have a technical plan developed and publically available in the coming weeks - thanks again for your patience, this will take some time to map out.

* Fedora have also released a blog post https://communityblog.fedoraproject.org/fedora-council-and-the-git-forge/and

* And the council are tracking the community issues in this ticket https://pagure.io/Fedora-Council/tickets/issue/292

* We are looking at ways to engage closer with the community too so I will have an *optional* office hours slot on #fedora-meeting @ 1400-1500 UTC every Thursday. Feel free to stop by and say hi! We can talk about Gitforge, or not

Releases!!

* F32 released! Congrats to all those who helped make this such an awesome release

* Lenovo are releasing Fedora as a standard desktop offering!

* CentOS 7.8.2003 was released for x86_64, aarch64,ppc64, ppc64le and armhfp architectures, including Cloud images (on https://cloud.centos.org)!

Data Centre Move

* Communishift is still out, est back online 11th May.

* Full amended schedule will be published week ending 8th May to hackmd & will be sent to the devel & infra lists.

* Connectivity is now in place in IAD2 and should be in place in RDU-CC over the weekend.

* In particular, a HUGE shout out to Stephen Smoogen who has been working all the hours in every day for the last few weeks/months to get this phase of the move operatoinal for the Fedora infrastructure - we would not be able to do this without you Smooge

* This is literally a two man team of Kevin Fenzi and Stephen Smoogen, who are carrying the weight of this infrastructure on their shoulders and are invaluable to the success of this multi-team and multi-month project, so thank you both.

* Given the pressures on the Infra folks, a general ask for patience if your ticket / request / ping takes a little bit longer to reply to

AAA Replacement

* The team will work with openSUSE to deploy FreeIPA + Noggin to deploy it in their infra before we do!

* This is really exciting and the team are looking forward to seeing how the solution works in another infrastructure!

* You can view the teams current, completed and backlog work here https://github.com/orgs/fedora-infra/projects/6

Sustaining Team

* The team are using this dashboard to track their work https://github.com/fedora-infra/mbbox/projects/1

* Mbbox Upgrade

* Zuul CI set up is done

* Koji-hub TLS support added to CR

* Set up ReadTheDocs documentation - webhook missing for automatic build

* Identity container for testing

* Koji-builder CRD PR rebase - SSL authentication with koji-hub

* Refactor molecule test suite to share tests

CentOS Updates

CentOS CI

* OpenShift upgrade

* OpenStack to OpenNebula migration scripts

* Ansible playbooks to manage the creation and bootstrapping of bare metal nodes with RHCOS

* Packaging work (fixing dependencies)

* Updated ci-user list on efforts we are putting for CI Infrastructure

CentOS

* CentOS 7.8.2003 was released for x86_64, aarch64,ppc64, ppc64le and armhfp architectures. Including Cloud images (on https://cloud.centos.org) - https://blog.centos.org/2020/04/release-centos-linux-7-2003/

CentOS Stream

* Congratulations to Brian Stinson on his excellent session of Ask The Expert, facilitated by Rich Bowen during Red Hat Summit - we hope you caught it, it was really good!

* Using CentOS Stream in the CentOS QA group to prep for 8.2 As always, feedback is welcome, and we will continue to look at ways to improve the delivery and readability of this weekly report.

Have a great week ahead!

Aoife

Source: https://hackmd.io/8iV7PilARSG68Tqv8CzKOQ

SIG authentication retooling

May 04, 2020 06:05 AM

You may have seen the emails from Aoife about the work the Community Platform Engineering (CPE) team is doing around authentication tooling, and what that might mean for CentOS. Here’s a brief explainer for what’s happening.

The authentication software we use for SIGs (FAS or Fedora Account System) and a few other bits around the project will be EOL fairly soon. This is a 10+ year old, difficult to maintain software project with bugs that can’t be effectively addressed with its old code. The CPE team is writing a replacement for FAS that uses more of the standard distribution components, largely built around FreeIPA. This new tooling is intended to be an upgrade for use by anyone, but particularly Fedora and CentOS to replace both uses of FAS currently. There are a number of feature improvements and standardizations included in the new software, but in the end users shouldn’t notice any real impact in operation.

As we engaged with stakeholders including SIG chairs, the CentOS QA team, and other prominent community members, one issue became quickly apparent. We have many SIG contributors who push their work into both CentOS and Fedora, as well as Fedora’s EPEL repository. Having to work with separate auth systems makes it more difficult with automation, testing, and other parts of the contributor workflow. Because of this chance to improve the lives of our current and incoming contributors, our intention with the new authentication rewrite is for the CentOS and Fedora projects to share a single, unified authentication system. This would allow members of our communities who contribute in multiple places to do so via a single account, while having negligible impact on users who don’t. Group management, permissions, etc. will still be the purview of each project to manage as they see fit.

Fixing this gap between the auth systems the CPE team uses also solves some problems for the team itself. Sharing this system also encourages more cross-team work, which benefits both projects and communities (more hands). These communities are already sharing some resources, such as Fedora making use of the CentOS CI system. This work paves the way for easier resource sharing and management, which will cut down on the amount of duplicative work done across both infrastructures.

Over the next few months as the CPE team works toward its October implementation goal, you’ll see additional communication and messaging about the project. That doesn’t mean you need to wait to get involved though. If you’re interested in how we’re designing the auth, or want to participate in the development, please have a look at the git repository and see where you can help!

April 28, 2020

Release: CentOS Linux 7 (2003)

April 28, 2020 02:43 PM

We are very pleased to announce the latest release in the CentOS 7 series. The full release announcements may be seen on the centos-devel mailing list:

These releases were made possible due to the hard work of many people, and we thank all of them for their help as we move this platform forward.

April 27, 2020

New CentOS Project licensing policy

April 27, 2020 04:32 PM

Today the CentOS Project is rolling out a comprehensive licensing policy to document how licensing has been conducted normally in the Project, along with filling gaps that are crucial for being a contributor project. Your feedback and questions are welcome on the centos-devel mailing list. Please read the following for more detail and background.

One of the effects of adding CentOS Stream highlighted the fact we do not have any kind of clear policy about licensing contributions to the project. Obviously people have been contributing code and content to the project for a very long time, but none of those contributions went into the core Linux distribution. With CentOS Stream comes the need to manage a comparatively huge firehose of contributions needing clear guidelines and policies.

This gave us a chance to look at the state of the licenses the CentOS Project and its contributors put on code and content that originates in the project itself. Examples of this might be spec files for RPM packages, documentation on the wiki, or contributions to the branding of the project itself.

Presenting clear statements about how content and code is going to be licensed is a standard part of any open source project. The introduction of CentOS Stream has just raised the visibility of not having a licensing policy. The Board of Directors feels this policy better serves the needs of contributors and users.

https://centos.org/legal/licensing-policy/

An important purpose of this licensing policy is to provide a Default License--we’ve selected the MIT license--and a clear notice of attribution to the project under the MIT license. This Default License is used when a contribution does not have a license attached or is not destined for a repository that is already licensed, e.g. has a LICENSE file.

Otherwise, contributions are under the license of whatever is covering the rest of the content and code base--when you contribute to a software project repository, you put the contribution under the same license as the rest of the content and code in that repository.

This is also an opportunity to upgrade the version of our wiki license to CC BY-SA 4.0 for anything going forward; it is backward compatible with existing 3.0 content. This is a clean upgrade and improvement for the Project.

The CentOS Board of Directors received advice and drafting from Red Hat Legal in crafting this policy.

Your questions about this policy are welcome; the best place to discuss is the centos-devel mailing list.


Powered by Planet!
Last updated: July 14, 2020 05:15 AM