15:59:33 <jbrooks> #startmeeting CentOS Atomic SIG
15:59:33 <centbot> Meeting started Thu Mar  2 15:59:33 2017 UTC.  The chair is jbrooks. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:59:33 <centbot> Useful Commands: #action #agreed #help #info #idea #link #topic.
16:00:29 <jbrooks> kbsingh, walters jlebon you guys around for an atomic check-in?
16:01:11 <walters> hi
16:01:17 <jbrooks> Hey Colin
16:01:25 <jlebon> morning!
16:01:55 <jbrooks> Morning, Jonathan
16:02:27 <jbrooks> I think KB's probably around, Josh, I think is traveling
16:02:36 <jbrooks> #chair walters jlebon kbsingh
16:02:36 <centbot> Current chairs: jbrooks jlebon kbsingh walters
16:02:51 <jbrooks> #topic downstream release
16:03:23 <jbrooks> We're waiting for upstream to release, and then we'll build the pkgs and the release
16:04:16 <walters> cool
16:04:22 <jbrooks> When we get KB, I'd like to talk a bit about the location of the repo -- he talked about moving it to buildlogs due to issues the mirrors are having w/ the large number of files in the tree
16:04:57 <jbrooks> Also, I know we want to move the alpha/continuous bits to a better place at some point, and buildlogs might be good for that, too
16:05:11 <jbrooks> #topic alpha/continuous stream
16:05:30 <jbrooks> walters, jlebon any issues around this to discuss?
16:05:42 <walters> we can have buildlogs or something else as a metadata server and use GCS/S3 as mirrors
16:06:11 <jbrooks> Are we using those right now? I wonder about who pays, etc?
16:06:13 <walters> one advantage of this is not paying egress costs if one is in S3
16:06:34 <jbrooks> And S3 is highly available ;)
16:07:07 <walters> see also https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org/message/3SSOCUZ4QLYAMXJ4K7LKOVJ6LFG5HZTV/
16:08:21 <jlebon> for those less familiar with centos infra internals, i'm guessing buildlogs is another server distinct from http://ci.centos.org/artifacts ?
16:08:23 <walters> s/if one is in AWS/
16:08:47 <jbrooks> jlebon, Yeah, and I believe it's connected to some sort of cdn
16:09:01 <jlebon> ahh, nice
16:10:16 <jbrooks> It's somewhat of a grab bag of centos things, it's where, for instance, our atomic-specific and from rhel but not part of the main centos pkgs are served from: https://github.com/CentOS/sig-atomic-buildscripts/blob/downstream/rhel-atomic-rebuild.repo
16:11:24 <walters> another independent thing to do is have a "pruned" repo with just the last 2 commits that mirrors that aren't object store backed can sync
16:11:29 <walters> that's very very easy
16:11:48 <walters> just: ostree prune --refs-only --depth=1
16:12:05 <jbrooks> Right, we're serving up lots of old stuff currently
16:12:08 <walters> well, create a new repo, use pull-local to mirror the upstream, then do that
16:12:19 <jbrooks> you think two back is sufficient?
16:12:44 <jbrooks> For the main downstream releases, I guess it would be
16:13:08 <walters> or 3
16:13:18 <walters> past that you start collecting a lot of security vulnerabilities
16:13:41 <jbrooks> I'd like to add a new ref that pulls in changes as they come, so that we could do our monthly media builds and tree updates, but allow ppl to get the latest pkgs if they choose: https://github.com/CentOS/sig-atomic-buildscripts/issues/230#issuecomment-280161658
16:13:59 <walters> one variant of this we can do is a "pruned repo except keep deltas"...ostree doesn't support this out of the box but it wouldn't be hard
16:14:45 <jbrooks> I think that 2 or 3 back would be plenty, though
16:14:54 <jbrooks> For the main release
16:16:11 <jbrooks> Well, I may have to follow up w/ KB directly later, are there other issues to talk about while we're here?
16:16:22 <jbrooks> We have some things to do around alpha here https://github.com/CentOS/sig-atomic-buildscripts/issues/164
16:16:48 <jbrooks> We're talking locations, for signing, we need to consult KB
16:16:57 <jbrooks> I imagine he'd want a separate key
16:17:30 * kbsingh here but on series of calls. will catchup shortly
16:21:28 <walters> it's a would-be-nice but not currently high on my radar right now honestly
16:21:35 <walters> the audience seems relatively small
16:21:57 <walters> we need it to exist for testing...and well, GPG signing *would* be nice
16:22:05 <jbrooks> Yeah
16:22:27 <jbrooks> To me the most attractive thing about it is that it doesn't have those old kube pkgs
16:22:37 <jbrooks> half-kube
16:23:46 <walters> yeah...that's a whole world of topic
16:23:53 <jbrooks> Although I guess the way I've been doing the containers, starting them from systemd, I could run the newer kube node containers even w/ those present
16:25:14 <walters> right, i think we need to do that
16:26:05 * walters does https://github.com/CentOS/sig-atomic-buildscripts/pull/256
16:26:05 <jbrooks> It works pretty well w/ the master containers, and I've gotten the whole thing working w/ fedora -- master, node and etcd and flannel system containers
16:27:31 <walters> you're doing some great work there
16:27:43 <walters> feels like we need a landing page for this somewhere with the current status
16:27:48 <kbsingh> are you writing this up
16:27:54 <walters> i say that but I am *awful* at docs...
16:28:14 <kbsingh> s/i am/we are/
16:28:15 <jbrooks> A landing page for containerized kube?
16:28:49 <jbrooks> I can write something up, I've done a few blog posts, but they could use an update
16:29:33 <jbrooks> I've been working on doing it w/ ansible in this fork: https://github.com/jasonbrooks/contrib/tree/atomic-update
16:29:36 <walters> jbrooks, yeah, the blog posts are good, but they can rotate out quickly
16:30:04 <jbrooks> walters, I'll write it up and talk to Josh about a good place to put it / keep it updated
16:30:38 <jbrooks> It applies pretty equally to centos and fedora
16:31:32 <jlebon> jbrooks: maybe here: http://www.projectatomic.io/docs/kubernetes/ ?
16:31:46 <jlebon> it's already linked from the main docs page and it desperately needs content :)
16:31:50 <jbrooks> jlebon, heh, totally
16:32:34 <jbrooks> Yeah, I'll update that page, we could use, for one thing, a description of how kube is delivered on the various atomic hosts, because they're all different atm
16:33:41 <jbrooks> And cah has the origin-morphed-into-kube one, and fah has a pretty nicely up to date upstream one
16:33:45 <jbrooks> etc
16:34:09 <jbrooks> #action jbrooks to update http://www.projectatomic.io/docs/kubernetes/ as kube/atomic  landing page
16:34:36 <jbrooks> OK, anything else for this week? I can follow up w/ KB later on the bits we mentioned
16:34:59 <walters> i don't currently offhand
16:35:11 <jbrooks> cool
16:35:33 <jbrooks> #endmeeting