Re: Freeze Break Request : Update CommOps bot rules
On 07/04/2017 11:38 AM, Sachin S. Kamath wrote: > Hi Kevin, > > On Mon, Jul 3, 2017, 9:17 PM Stephen John Smoogen wrote: > >> +1 also >> > > Since this has green light now, can you please apply the patch? Thanks. :) Yep. Done. kevin signature.asc Description: OpenPGP digital signature ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: retrace / faf issues
Below is a patch to add firewalld to the base_pkg_erase var (used by base role). Like the Fedora var, this will remove firewalld from RHEL systems and should fix the issue below. >From dc7c5dc38efab1873c43b6a5d85978d44843bc72 Mon Sep 17 00:00:00 2001 From: Brandon Gray Date: Wed, 5 Jul 2017 08:12:54 -0500 Subject: [PATCH] added firewalld to base package removal for rhel --- vars/RedHat.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/RedHat.yml b/vars/RedHat.yml index bd4c73c..3aff512 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -1,7 +1,7 @@ --- dist_tag: el{{ ansible_distribution_version[0] }} base_pkgs_inst: [] -base_pkgs_erase: ['firstboot-tui','bluez-utils', 'sendmail'] +base_pkgs_erase: ['firstboot-tui','bluez-utils', 'sendmail', 'firewalld'] service_disabled: [] service_enabled: [] is_rhel: True -- 2.9.4 > That does bring up one more issue: You are using firewalld there and > aren't allowing our nagios/nrpe. I added a rule to allow port 5666/tcp. > You might also add this upstream/ansible. > > ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: July status update for Fedora Infrastructure Apprentices
> > 0. Whats your fedora account system login? > Skeer > > 1. Have you logged in and used your fi-apprentice membership to look at > our machines/setup in the last month? Do you plan to? > No, Yes > 2. Has it helped you decide any area you wish to focus on or contribute > to more? > No > > 3. Have you looked at or been able to work on any of the fi-apprentice > 'easyfix' tickets? > https://pagure.io/fedora-infrastructure/issues?status=Open&tags=easyfix Yes but not in the past month > > > 4. Do you still wish to be a member of the group? If not (for whatever > reason) could you provide any hints to help others down the road? > Yes > > 5. Is there any help or communication or ideas you have that would help > you do any of the above? > No > > 6. What do you find to be the hardest part of getting involved? Finding > things to work on? Getting attention from others to help you? Finding > tickets in your interest area? > Finding things to work on > > 7. Have you been able to make any weekly irc meetings? Do you find them > helpful or interesting? Do you have any suggestions for changing them? > Yes > > 8. Have you logged into our Gobby instance and read/seen/added to our > meeting agenda? https://fedoraproject.org/wiki/Gobby Yes > > > 9. Since it's summer (at least in the northern hemisphere), what is your > favorite way to cool down in the summer heat? > Soak up the shade > > > > > > > > > ___ > infrastructure mailing list -- infrastructure@lists.fedoraproject.org > To unsubscribe send an email to infrastructure-leave@lists. > fedoraproject.org > > ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: retrace / faf issues
Looks good. I would +1 this On 5 July 2017 at 09:22, Brandon Gray wrote: > Below is a patch to add firewalld to the base_pkg_erase var (used by base > role). Like the Fedora var, this will remove firewalld from RHEL systems > and should fix the issue below. > > From dc7c5dc38efab1873c43b6a5d85978d44843bc72 Mon Sep 17 00:00:00 2001 > From: Brandon Gray > Date: Wed, 5 Jul 2017 08:12:54 -0500 > Subject: [PATCH] added firewalld to base package removal for rhel > > --- > vars/RedHat.yml | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/vars/RedHat.yml b/vars/RedHat.yml > index bd4c73c..3aff512 100644 > --- a/vars/RedHat.yml > +++ b/vars/RedHat.yml > @@ -1,7 +1,7 @@ > --- > dist_tag: el{{ ansible_distribution_version[0] }} > base_pkgs_inst: [] > -base_pkgs_erase: ['firstboot-tui','bluez-utils', 'sendmail'] > +base_pkgs_erase: ['firstboot-tui','bluez-utils', 'sendmail', 'firewalld'] > service_disabled: [] > service_enabled: [] > is_rhel: True > -- > 2.9.4 > > >> >> That does bring up one more issue: You are using firewalld there and >> aren't allowing our nagios/nrpe. I added a rule to allow port 5666/tcp. >> You might also add this upstream/ansible. >> > > ___ > infrastructure mailing list -- infrastructure@lists.fedoraproject.org > To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org > -- Stephen J Smoogen. ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: July status update for Fedora Infrastructure Apprentices
0. Whats your fedora account system login? amitsharma928 1. Have you logged in and used your fi-apprentice membership to look at our machines/setup in the last month? Do you plan to? i)No ii) Yes. 2. Has it helped you decide any area you wish to focus on or contribute to more? No. 3. Have you looked at or been able to work on any of the fi-apprentice 'easyfix' tickets? https://pagure.io/fedora-infrastructure/issues?status=Open&tags=easyfix Yes. 4. Do you still wish to be a member of the group? If not (for whatever reason) could you provide any hints to help others down the road? Yes. 5. Is there any help or communication or ideas you have that would help you do any of the above? No. 6. What do you find to be the hardest part of getting involved? Finding things to work on? Getting attention from others to help you? Finding tickets in your interest area? I am new here. So trying to figure out where to contribute. 7. Have you been able to make any weekly irc meetings? Do you find them helpful or interesting? Do you have any suggestions for changing them? Yes. 8. Have you logged into our Gobby instance and read/seen/added to our meeting agenda? https://fedoraproject.org/wiki/Gobby Yes. 9. Since it's summer (at least in the northern hemisphere), what is your favorite way to cool down in the summer heat? Drinking Shikanji (Indian style lemon/mint water) *Best Regards,**Amit* On Mon, Jul 3, 2017 at 8:24 PM, Kevin Fenzi wrote: > You are getting this email because you are in the 'fi-apprentice' group > in the fedora account system (or are reading this on the infrastructure > list). > > Feel free to reply just directly to me, or cc the infrastructure list > for everyone to see and comment on. > > https://fedoraproject.org/wiki/Infrastructure_Apprentice > > At the first of every month(or so), I am going to be sending out an > email like this one. I would like feedback on how things are going for > you. I'd like to ask for everyone to send me a quick reply with the > following data or anything related you can think of that might help us > make the apprentice program more useful. > > 0. Whats your fedora account system login? > > 1. Have you logged in and used your fi-apprentice membership to look at > our machines/setup in the last month? Do you plan to? > > 2. Has it helped you decide any area you wish to focus on or contribute > to more? > > 3. Have you looked at or been able to work on any of the fi-apprentice > 'easyfix' tickets? > https://pagure.io/fedora-infrastructure/issues?status=Open&tags=easyfix > > 4. Do you still wish to be a member of the group? If not (for whatever > reason) could you provide any hints to help others down the road? > > 5. Is there any help or communication or ideas you have that would help > you do any of the above? > > 6. What do you find to be the hardest part of getting involved? Finding > things to work on? Getting attention from others to help you? Finding > tickets in your interest area? > > 7. Have you been able to make any weekly irc meetings? Do you find them > helpful or interesting? Do you have any suggestions for changing them? > > 8. Have you logged into our Gobby instance and read/seen/added to our > meeting agenda? https://fedoraproject.org/wiki/Gobby > > 9. Since it's summer (at least in the northern hemisphere), what is your > favorite way to cool down in the summer heat? > > Any other general feedback is also quite welcome, including improvements > to this email, the wiki page, etc. Note that we recently revamped the > getting started and other pages. Please do take a minute to re-read them > and let me know if they are more clear or need further adjustments. > > Any folks I do not hear from in the next week will be removed from the > group. (Note that it's easy to be readded when you have time or whatever > and it's nothing at all personal, we just want to keep the group up to > date with active folks). > > Thanks, and looking forward to your feedback! > > kevin > > > > > > > ___ > infrastructure mailing list -- infrastructure@lists.fedoraproject.org > To unsubscribe send an email to infrastructure-le...@lists.fed > oraproject.org > > ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: OpenShift plans
On Tue, 2017-07-04 at 11:16 -0600, Kevin Fenzi wrote: > I am pretty sure you can get it to dump out the json > of the existing config, so you could in theory set things up, adjust > via > the web interface and get it the way you want it, then dump the json > and > we can use that in prod. I think this is the right workflow, but I wanted to point out that the JSON will have to be "massaged" in some way. I recently took an OpenShift course at Red Hat and we learned that this JSON export/import process does require some hand editing, but the course was an intro course and so we didn't go into the details about what exactly needed to be edited or in what way. signature.asc Description: This is a digitally signed message part ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
2 package reviews
Hello! As an infra member, I've been working on updating pyramid to the latest 1.9 release[0], but it has two new dependencies. Could someone review them for me? They're pretty standard Python spec files: https://bugzilla.redhat.com/show_bug.cgi?id=1467417 https://bugzilla.redhat.com/show_bug.cgi?id=1467418 [0] https://bugzilla.redhat.com/show_bug.cgi?id=1465428 signature.asc Description: This is a digitally signed message part ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
FBR for f26 atomic two week nightly compose
We are planning to start composing f26 atomic two week nightly composes, could you verify the diff - https://paste.fedoraproject.org/paste/Ne6ctmNq0QyE4a5mmiSFXQ and do the necessary tasks. Thanks. Mohan Boddu. ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: FBR for f26 atomic two week nightly compose
On 07/05/2017 04:14 PM, Mohan Boddu wrote: > We are planning to start composing f26 atomic two week nightly composes, > could you verify the diff - > https://paste.fedoraproject.org/paste/Ne6ctmNq0QyE4a5mmiSFXQ and do the > necessary tasks. > Don't know if my vote counts, but +1 Dusty ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: FBR for f26 atomic two week nightly compose
the changes look fine. however we should keep f26 with f25 in the file Dennis ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: FBR for f26 atomic two week nightly compose
diff --git a/roles/releng/files/twoweek-updates b/roles/releng/files/twoweek-updates index 3b6df85..022c7ec 100644 --- a/roles/releng/files/twoweek-updates +++ b/roles/releng/files/twoweek-updates @@ -1,6 +1,6 @@ -# 2 week updates nightly compose +#Fedora 25 two-week updates nightly compose MAILTO=releng-c...@lists.fedoraproject.org -15 5 * * * root TMPDIR=`mktemp -d /tmp/twoweek.XX` && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f25 && LANG=en_US.UTF-8 ./twoweek-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR +15 5 * * * root TMPDIR=`mktemp -d /tmp/twoweekF25.XX` && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f25 && LANG=en_US.UTF-8 ./twoweek-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR #Fedora 24 CloudImage nightly compose MAILTO=releng-c...@lists.fedoraproject.org @@ -9,3 +9,7 @@ MAILTO=releng-c...@lists.fedoraproject.org #Fedora 25 CloudImage nightly compose MAILTO=releng-c...@lists.fedoraproject.org 15 7 * * * root TMPDIR=`mktemp -d /tmp/CloudImageF25.XX` && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f25 && LANG=en_US.UTF-8 ./cloud-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR + +#Fedora 26 two-week updates nightly compose +MAILTO=releng-c...@lists.fedoraproject.org +15 8 * * * root TMPDIR=`mktemp -d /tmp/twoweekF26.XX` && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f26 && LANG=en_US.UTF-8 ./twoweek-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR Same from above fpaste, since fpaste expires I want to copy it here. ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: OpenShift plans
Excerpts from Randy Barlow's message of 2017-07-05 13:42 -04:00: > On Tue, 2017-07-04 at 11:16 -0600, Kevin Fenzi wrote: > > I am pretty sure you can get it to dump out the json > > of the existing config, so you could in theory set things up, adjust > > via > > the web interface and get it the way you want it, then dump the json > > and > > we can use that in prod. > > I think this is the right workflow, but I wanted to point out that the > JSON will have to be "massaged" in some way. I recently took an > OpenShift course at Red Hat and we learned that this JSON export/import > process does require some hand editing, but the course was an intro > course and so we didn't go into the details about what exactly needed > to be edited or in what way. Speaking only from my very limited experience -- I think the reason it needs massaging is that when you export an object with oc, it includes various (read-only) status properties -- ones which reflect the current state in time and are not configurable. You wouldn't want those to be tracked in git or posted back when you update the object, because that's kind of meaningless. Here is an example below (and btw I suggest YAML over JSON because it's easier to edit, oc happily deals in either format). You can see large parts are not configuration, for example the top-level "status" key, "creationTimestamp", the JSON blob in "kubectl.kubernetes.io/last-applied-configuration" annotation, "selfLink", "uid", etc. I think oc knows to ignore those when you post an object back, but you would want to edit them out before you commit it to git I guess. $ oc -n waiverdb-stg get route waiverdb-stg-web -o yaml apiVersion: v1 kind: Route metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: '{"kind":"Route","apiVersion":"v1","metadata":{"name":"waiverdb-stg-web","creationTimestamp":null,"labels":{"app":"waiverdb"}},"spec":{"host":"waiverdb.stage.engineering.redhat.com","to":{"kind":"Service","name":"waiverdb-stg-web","weight":null},"port":{"targetPort":"web"},"tls":{"termination":"edge","insecureEdgeTerminationPolicy":"Redirect"}},"status":{"ingress":null}}' creationTimestamp: 2017-06-22T00:18:48Z labels: app: waiverdb name: waiverdb-stg-web namespace: waiverdb-stg resourceVersion: "6225347" selfLink: /oapi/v1/namespaces/waiverdb-stg/routes/waiverdb-stg-web uid: 5cc0dced-56e0-11e7-83a0-009b1a10019b spec: host: waiverdb.stage.engineering.redhat.com port: targetPort: web tls: insecureEdgeTerminationPolicy: Redirect termination: edge to: kind: Service name: waiverdb-stg-web weight: 100 wildcardPolicy: None status: ingress: - conditions: - lastTransitionTime: 2017-06-22T00:18:48Z status: "True" type: Admitted host: waiverdb.stage.engineering.redhat.com routerName: router wildcardPolicy: None - conditions: - lastTransitionTime: 2017-06-30T09:50:58Z status: "True" type: Admitted host: waiverdb.stage.engineering.redhat.com routerName: storage-project-router wildcardPolicy: None -- Dan Callaghan Senior Software Engineer, Products & Technologies Operations Red Hat signature.asc Description: PGP signature ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: OpenShift plans
Excerpts from Dan Callaghan's message of 2017-07-06 09:05 +10:00: > Here is an example below (and btw I suggest YAML over JSON because > it's easier to edit, oc happily deals in either format). You can see > large parts are not configuration, for example the top-level "status" > key, "creationTimestamp", the JSON blob in > "kubectl.kubernetes.io/last-applied-configuration" annotation, > "selfLink", "uid", etc. Oh I just remembered... The oc get command *does* have an option --export which is supposed to strip out all this stuff. But it seems to leave some things in. For example the selfLink, status, last-applied-configuration are all still present (although there is certainly *less* gunk): $ oc -n waiverdb-stg get route waiverdb-stg-web -o yaml --export apiVersion: v1 kind: Route metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: '{"kind":"Route","apiVersion":"v1","metadata":{"name":"waiverdb-stg-web","creationTimestamp":null,"labels":{"app":"waiverdb"}},"spec":{"host":"waiverdb.stage.engineering.redhat.com","to":{"kind":"Service","name":"waiverdb-stg-web","weight":null},"port":{"targetPort":"web"},"tls":{"termination":"edge","insecureEdgeTerminationPolicy":"Redirect"}},"status":{"ingress":null}}' creationTimestamp: null labels: app: waiverdb name: waiverdb-stg-web selfLink: /oapi/v1/namespaces//routes/waiverdb-stg-web spec: host: waiverdb.stage.engineering.redhat.com port: targetPort: web tls: insecureEdgeTerminationPolicy: Redirect termination: edge to: kind: Service name: waiverdb-stg-web weight: 100 wildcardPolicy: None status: ingress: null -- Dan Callaghan Senior Software Engineer, Products & Technologies Operations Red Hat signature.asc Description: PGP signature ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: FBR for f26 atomic two week nightly compose
New diff as per your comments, putting f26 first and both f26 and f25 atomic composes are one after the other: diff --git a/roles/releng/files/twoweek-updates b/roles/releng/files/twoweek-updates index 3b6df85..052a6e3 100644 --- a/roles/releng/files/twoweek-updates +++ b/roles/releng/files/twoweek-updates @@ -1,6 +1,10 @@ -# 2 week updates nightly compose +#Fedora 26 two-week updates nightly compose MAILTO=releng-c...@lists.fedoraproject.org -15 5 * * * root TMPDIR=`mktemp -d /tmp/twoweek.XX` && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f25 && LANG=en_US.UTF-8 ./twoweek-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR +15 8 * * * root TMPDIR=`mktemp -d /tmp/twoweekF26.XX` && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f26 && LANG=en_US.UTF-8 ./twoweek-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR + +#Fedora 25 two-week updates nightly compose +MAILTO=releng-c...@lists.fedoraproject.org +15 5 * * * root TMPDIR=`mktemp -d /tmp/twoweekF25.XX` && pushd $TMPDIR && git clone -n https://pagure.io/pungi-fedora.git && cd pungi-fedora && git checkout f25 && LANG=en_US.UTF-8 ./twoweek-nightly.sh RC-$(date "+\%Y\%m\%d").0 && popd && rm -rf $TMPDIR #Fedora 24 CloudImage nightly compose MAILTO=releng-c...@lists.fedoraproject.org ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org
Re: 2 package reviews
Excerpts from Randy Barlow's message of 2017-07-05 15:14 -04:00: > Hello! > > As an infra member, I've been working on updating pyramid to the latest > 1.9 release[0], but it has two new dependencies. Could someone review > them for me? They're pretty standard Python spec files: > > https://bugzilla.redhat.com/show_bug.cgi?id=1467417 > https://bugzilla.redhat.com/show_bug.cgi?id=1467418 I can take these. -- Dan Callaghan Senior Software Engineer, Products & Technologies Operations Red Hat signature.asc Description: PGP signature ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org