FAS OpenID patch
by Pierre-Yves Chibon
Hi,
So tonight I have been working on making working the jenkins OpenID
plugin [1].
This was a little more challenging than anticipated as the plugin ask
for the url of the OpenID provider. In our case we want to point to FAS.
The 'problem' is that we ask for a username in the OpenID url, while the
plugin does not allow this.
So I came up with the attached patch which does two things:
- Allow to contact /accounts/openid/yavis/ directly (w/o running into an
error 500) which allows OpenID discovery by the client.
- Allow to authenticate even if the url asked does not contain the
username (which the case when coming from jenkins).
I'm sending this patch for review, to me approach sounds fine, but I am
wondering if the second change here is reducing the security or not.
For comparison, google seems to allow url not containing the username,
just let the user log-in in if he is not already.
Good week-end to all,
Pierre
[1] https://wiki.jenkins-ci.org/display/JENKINS/OpenID+plugin
11 years, 6 months
ask.fp.o - OpenID providers
by Bryan Sutherland
Hey All
Is there anyone available to take a look at the ask.fp.o logs to see which
OpenID providers are in the top, with the ideal numbers showing the
percentage of use. I would like this to be able to look at the order of
icons on the ask login page since we are already looking at adding an icon
for FAS.
Bryan
11 years, 6 months
Traveling Thursday/Friday
by Kevin Fenzi
Greetings.
Just wanted to let folks know that I will be traveling this coming
thursday/friday and likely off line much of the time.
If you need me for anything, drop an email and I'll get back to you
when I get back.
For any normal issues, please file a ticket and/or seek help in
#fedora-admin on freenode.
Thanks,
kevin
11 years, 6 months
Introduction
by Patrick Day
Hello All,
My name is Patrick Day, and I have been using Fedora for a few years now
and I absolutely enjoy working with it. I am very interested in
contributing to the Fedora community. I am currently a Test Automation
Developer, where I enjoy the flexibility of both coding and testing at
different phases of the SDLC. I deciding to join the infrastructure team
because it seems to be a good fit for current skill set and my current
interests. I am seeking to contribute whatever I can and I'm eager to learn
and willing to try anything. If anyone has any questions about my
experience please feel free to contact me.
Patrick
11 years, 6 months
tracking cloud instances
by Seth Vidal
So - as we noodle around with cloud instances more the most obvious
problem I have seen is getting a list of instance ids like:
i-F7AA3F96
i-77B34039
i-B1EB403D
i-2C294684
and then trying to figure out which ones are jenkins slaves, the torrent
seed test and the fedocal instance. And which can be nuked safely or not.
I'm thinking we need a tool that would poll the cloudlet(s), retrieve all
the basic, available, info about the running instances.
Then admins could either add metadata to any given instance id to know
whence things come.
Data I'd be interested in having:
- who owns it - not just the account/tenant
- what it is for
- expected expiration date (if any)
- who should have access to it (usernames from fas and or group names from
fas, ideally) - this will make keeping ssh keys on it somewhat sane
- what, if any, configuration script was run on it (eg: an ansible
playbook)
- published urls and where they should alias from?
Now we probably also need something that keeps a list of persistent
instances we should always restart and register them.
for example: let's say we want one instance always running as a simple
webserver - maybe as a touchstone to verify the cloud is always working.
So we should be able to register this instance. Say which img it should
use, what security group, etc and note that it should ALWAYS be running.
Then when that instance is running its instance id/public ip should be
registered in the db listed above.
We can use the data in the db to generate aliases, perhaps.
still fleshing out these ideas.
-sv
11 years, 6 months
Plan for tomorrow's Fedora Infrastructure meeting (2012-10-18)
by Kevin Fenzi
The infrastructure team will be having it's weekly meeting tomorrow,
2012-10-18 at 18:00 UTC in #fedora-meeting on the freenode network.
Suggested topics:
#topic New folks introductions and Apprentice tasks.
If any new folks want to give a quick one line bio or any apprentices
would like to ask general questions, they can do so in this part of the
meeting. Don't be shy!
#topic Applications status / discussion
Check in on status of our applications: pkgdb, fas, bodhi, koji,
community, voting, tagger, packager, dpsearch, etc.
If there's new releases, bugs we need to work around or things to note.
#topic Sysadmin status / discussion
Here we talk about sysadmin related happenings from the previous week,
or things that are upcoming.
#topic Private Cloud status update
#topic Security FAD update
#topic Upcoming Tasks/Items
#info 2012-10-23 to 2012-11-06 F18 Beta Freeze
#info 2012-11-01 nag fi-apprentices
#info 2012-11-06 F18 Beta release
#info 2012-11-07 - switch smolt server to placeholder code.
#info 2012-11-20 FY2014 budget due
#info 2012-11-22 to 2012-11-23 Thanksgiving holiday
#info 2012-11-26 to 2012-11-29 Security FAD
#info 2012-11-27 to 2012-12-11 F18 Final Freeze
#info 2012-11-30 end of 3nd quarter
#info 2012-12-11 F18 release.
#info 2012-12-24 to 2013-01-01 Red Hat Shutdown for holidays.
#info 2013-01-18 to 2013-01-20 FUDCON Lawrence
#topic Open Floor
Submit your agenda items, as tickets in the trac instance and send a
note replying to this thread.
More info here:
https://fedoraproject.org/wiki/Infrastructure/Meetings#Meetings
Thanks
kevin
11 years, 6 months
why did this appliance build fail in koji?
by Matthew Miller
http://koji.fedoraproject.org/koji/taskinfo?taskID=4568545
The appliance log is:
Adding disk sda as /var/tmp/imgcreate-l4uR5m/tmp-mYGLa0/Fedora-18-Beta-ec2-20121007-x86_64-sda.raw
Extending sparse file /var/tmp/imgcreate-l4uR5m/tmp-mYGLa0/Fedora-18-Beta-ec2-20121007-x86_64-sda.raw to 10485760000
Losetup add /dev/loop0 mapping to /var/tmp/imgcreate-l4uR5m/tmp-mYGLa0/Fedora-18-Beta-ec2-20121007-x86_64-sda.raw
Formatting disks
Initializing partition table for /dev/loop0 with msdos layout
Unable to create appliance : Failed mount disks : Error writing partition table on /dev/loop0
Losetup remove /dev/loop0
Can we get any deeper insight into what went wrong?
--
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm(a)fedoraproject.org>
11 years, 7 months
Meeting Agenda Item: New Member Codegerbil
by P L
Hello!
I am very pleased and excited to be joining the Bug Zappers team!
My name is Codegerbil. My day job is a Systems Analyst, in Tennessee, and
the plan is to end up in infrastructure. I have been using Linux since
childhood, and remember using RedHat and Mandrake, back when it was
Mandrake. I have also used Ubuntu and OpenSuse. My experience with Fedora
amounts to a solid week. However, I installed it specifically to join
Fedora projects. Most of all, I want to learn and build.
My skills include bash, java (and junit), some ruby (dealt with minitest),
some python, some c++, and a bit of perl and sql. My interests include
testing code, as well as networking and security. I also have a couple of
years experience with maintaining databases, research, and reporting. I
look forward to learning about infrastructure and working with the team!
Thank you,
Codegerbil
IRC handle: codegerbil
11 years, 7 months
Jenkins in the Fedora infrastructure
by Pierre-Yves Chibon
Hi,
This week Seth, Toshio and I have been thinking about and playing with
Jenkins.
The current jenkins we used is administrted by Luke at:
http://jenkins.turbogears.org/
and runs on hardware which is not within the Fedora infrastructure.
This machine is:
Processor: Dual Xeon @ 2.50GHz (on a dual quad-core Xen dom0)
Memory: 1G allocated; 12G on dom0
OS: Red Hat Enterprise Linux Server 5.8
Python: python-2.4, 2.5, 2.6 and 2.7
This week had two co-occurring events:
- fedora-review did not build on this instance of jenkins due to missing
dependencies on the system
- Toshio started to port Kitchen to python3 and had no place to run his
unit-tests in an automated way.
So we thought about using our new cloud system for setting up jenkins
build nodes.
We now have two build nodes within our cloud, one running Fedora 17 and
one running EL6 (down right now as it is being rebuilt).
[http://jenkins.turbogears.org/computer/]
Where do we stand from this:
- We can create nodes on our cloud
- Seth created an Ansible routine to configure the nodes directly after
their creation [http://fpaste.org/jRX1/raw/]
So adding new nodes to a Jenkins instance becomes really easy and rather
fast.
If we want to run our own jenkins master:
This is the system I can think of:
* Configure the Jenkins master in a machine within the Fedora
infrastructure
* This master is not allowed to do build
* The master can send emails (current jenkins can not due to mail server
restrictions)
* All the builds ran in nodes in the cloud
* Nodes are reinstalled every 6 month, when there is a new version of
Fedora or when needed (via Ansible)
* Nodes can be thrown away at any time
Maintenance wise:
* Upstream provides a rpm and a repo
* the rpm is pretty much a .jar file and an init script doing java -jar
everything else is extracted the first time the app is deployed and goes
into /var/lib/jenkins
* we should be able to use mod_proxy or iptable to redirect the port
8080 (default) to 80.
* Master would have backup, but we should also be able to have an
Ansible routine to re-install it (up to jenkins' configuration)
Thoughs/Questions/Suggestions/Comments?
Regards,
Pierre
11 years, 7 months
Plan for tomorrow's Fedora Infrastructure meeting (2012-10-11)
by Kevin Fenzi
The infrastructure team will be having it's weekly meeting tomorrow,
2012-10-04 at 18:00 UTC in #fedora-meeting on the freenode network.
Suggested topics:
#topic New folks introductions and Apprentice tasks.
If any new folks want to give a quick one line bio or any apprentices
would like to ask general questions, they can do so in this part of the
meeting. Don't be shy!
#topic Applications status / discussion
Check in on status of our applications: pkgdb, fas, bodhi, koji,
community, voting, tagger, packager, dpsearch, etc.
If there's new releases, bugs we need to work around or things to note.
#topic Sysadmin status / discussion
Here we talk about sysadmin related happenings from the previous week,
or things that are upcoming.
#topic Private Cloud status update
#topic Security FAD update
#topic Upcoming Tasks/Items
#info 2012-10-16 to 2012-10-30 F18 Beta Freeze
#info 2012-10-30 F18 Beta release
#info 2012-11-01 nag fi-apprentices
#info 2012-11-07 - switch smolt server to placeholder code.
#info 2012-11-20 to 2012-12-04 F18 Final Freeze
#info 2012-11-20 FY2014 budget due
#info 2012-11-22 to 2012-11-23 Thanksgiving holiday
#info 2012-11-26 to 2012-11-29 Security FAD
#info 2012-11-30 end of 3nd quarter
#info 2012-12-04 F18 release.
#info 2012-12-24 to 2013-01-01 Red Hat Shutdown for holidays.
#info 2013-01-18 to 2013-01-20 FUDCON Lawrence
#topic Open Floor
Submit your agenda items, as tickets in the trac instance and send a
note replying to this thread.
More info here:
https://fedoraproject.org/wiki/Infrastructure/Meetings#Meetings
Thanks
kevin
11 years, 7 months