Adam Miller: Fedora Infrastructure Hackathon 2017

Fedora Infrastructure Hackathon 2017

Last week, hot on the heels of my trip to Boston for Red Hat Summit,
I attended the 2017 Edition Fedora Infrastructure Hackathon. The primary
goal of the Hackathon was to make a lot of progress in a relatively short amount
of time on defining Fedora Infrastructure requirements necessary to support
upcoming Fedora Project objectives, as defined by the Council and
FESCo, and doing work to satisfy those requirements. In some cases this was
simply “define policies around how this should work with the infrastructure”,
but in most it scenarios is meant digging in and doing work such as patching
multiple code bases to support new AuthN/AuthZ protocols and providers,
deploying net-new infrastructure services, or even bringing up services in a new
datacenter hosted by a fellow Open Source Community Project in order to leverage
newly donated hardware. We’ll cover all of that in the recap of the journey

It all started Monday 2017-05-08, we were hosted graciously in the Red Hat
, which as a proud Red Hatter and overall Red Hat fanboi it was extremely
cool to get to spend a week there, and worked as hard as we could to get a lot
done in about 4.5 days (Monday-Friday, but most people had to travel home on
Friday evening). Representative members of various aspects of the Fedora
were in attendance, the obvious Fedora Infrastructure Team was
well represented, but also Fedora QA, Fedora Modularity, Fedora Atomic
, CentOS, and Fedora RelEng.

Things kicked off by defining an agenda, all notes held in a Gobby Doc. We
effectively came up with a loose fitting outline of the following:

  • Monday:

    • AuthN / AuthZ – FAS, FreeIPA, CommunityIPA, Ipsilon, CentOS Infra overlap
    • Modularity
    • CI
  • Tuesday:

    • OpenShift in the AM, CI in the PM
  • Wed/Thu:

    • Hack sessions on OpenShift and CI (break out into teams)
  • Friday:

    • Breakout hack sessions and wrap up


Things started off with Patrick explaining many aspects of various
AuthN/AuthZ protocols and technologies that are currently in use within the
Fedora Infrastructure as well as migration plans to bring systems and services
using older technology in line with newer technologies. There were discussions
focused around Fedora Authentication, OAuth2, Kerberos, OpenID,
OpenID Connect, FreeIPA, FAS2, and how different Fedora Apps are
using different combinations of these technologies. From there and
identification of what apps need to be ported away from older technologies was
done along with work assigned to people in the room with the intent of
accomplishing these tasks over the next few days (and beyond, if necessary).

Bi-Directional Replication

Something that’s come up a lot in recent history within the Fedora
Infrastructure is database high availability. The Fedora Infrastructure Team
already maintains a high level of best practices around database administration
but being able to do maintenance with extremely minimal or zero downtime to the
database servers is an extremely nice-to-have. Therefore a section of time was
dedicated to working through an approach to roll out Postgres BDR for certain
applications in the Fedora Infrastructure.

App Porting and Libraries

The Fedora Apps developers in the room had a some targeted breakout session
focusing on porting old Fedora web applications away from outdated or no longer
recommended libraries and frameworks in order to bring more uniformity to how
the applications are developed and maintained, but also make them easier to
support by reigning in the spread of tooling required by the group to have to
follow along with upstream developments.


Members from the Fedora Modularity Team presented on the Module Build
and Arbitrary Branching concept in order to discuss integration
points into the Fedora Infrastructure’s existing systems. This was a lot of
discussion that resulted in documentation of processes, identification of issues
to resolve, and establishing a realistic timeline for a phased approach to
accomplish these tasks.


The Fedora Infrastructure Team is always trying to make the most out of the
hardware that it has, and as such has been evaluating container technologies
for use in the Infrastructure. Recently an evaluation of OpenShift began and
the decision was made to move forward with using it for applications within
Fedora. During this session we worked through a series of questions about
as they would pertain to a production deployment and had the good
fortune of being able to ask for best practices and general recommendations from
the OpenShift Online Ops Team. We then formulated a plan to have an OpenShift
Environment up and running fully automated with Ansible Playbooks (based on
openshift-ansible and ansible-ansible-openshift-ansible) in stage by the
end of the week. We were successful in this endeavor but are waiting on
a certificate for new domain names.

Continuous Integration

Next up we hear from a group within Fedora who are taking on the massive task of
attempting to perform Continuous Integration on the entire Fedora Operating
System. Alright, maybe not the entire set of packages but they are targeting
an installable Fedora Operating System via Fedora Atomic Host. For more
information, check out the Fedora Atomic CI wiki page.

During this working session we were joined by our good friends from the
CentOS team because they were graciously offering up hardware resources in
their very own CentOS CI environment. There was a lot of work done here in
the initial days discussion around how to tie the two infrastructures together
as well as bridge things like account systems and grant appropriate permissions
throughout. Action items were tackled as the week continued.

Wrap Up

We met at the end of the week for a short time before most folks departed to
travel home and tallied up the score. All in all we accomplished all but one of
the objectives we set out for the hack days and the one that wasn’t had
progress made on it but it was too large a piece of work to accomplish in just
a couple days and is still being worked on at this time. There’s all sorts of
great info on the Fedora Infrastructure Hackathon wiki page for anyone who’s
interested in digging into the details (also, check the
CI-Infrastructure-Hackathon-2017 Gobby Doc for a pay-by-play).

It was absolutely fantastic to get so many members of the Fedora Community into
one room and hack on things. It’s also great just to get to spend time hanging
out with everyone since we rarely see one another in person. I’m even more
excited about Flock 2017 than I was before!

Until next time…

Source From:
Original article title: Adam Miller: Fedora Infrastructure Hackathon 2017.
This full article can be read at: Adam Miller: Fedora Infrastructure Hackathon 2017.


Random Article You May Like

Leave a Reply

Your email address will not be published. Required fields are marked *