Hello all, I wanted to bring up the topic of the future of Fedora's Layered Image Build System (FLIBS) as it pertains to OpenShift as a backend technology that FLIBS is built on top of.
TL;DR - Does anyone care if we move FLIBS to be run on OpenShift Container Platform instead of OpenShift Origin in the future?
OpenShift itself comes in two forms. The first is the upstream OpenShift Origin which is very rapidly releasing which has no official support for older releases (no N-1 support), so it would require a fresh roll out every three months. The second is the Red Hat OpenShift Container Platform which is the productized version based on OpenShift Origin, follows a slower release cadence, and offers longer life support per release than Origin. I would like to note for the sake of posterity for the mailing list thread that both of these are Open Source.
I outline these points in order to ask if there is any preference from the Fedora Infrastructure Team on which "edition" of OpenShift that FLIBS is built on top of in the future. I ask this because currently FLIBS is built on OpenShift Origin which has already proven difficult to keep up with latest releases since I'm currently the only one working on FLIBS and it's not the only thing I am actively working on at any one point in time and I would like to move to OpenShift Container Platform in the future.
Thank you, -AdamM
Yeah, I don't mind. We choose to use RHOSCP for our openshift we setup in staging, so I don't see any problem with switching to use this for the FLIBS.
Probibly something to do after f26 is out the door tho.
kevin
On Tue, Jun 20, 2017 at 3:40 PM, Kevin Fenzi kevin@scrye.com wrote:
Yeah, I don't mind. We choose to use RHOSCP for our openshift we setup in staging, so I don't see any problem with switching to use this for the FLIBS.
+1 Thanks
Probibly something to do after f26 is out the door tho.
Oh yeah, this is probably something I'll do well after f26 is out the door and I'd start in stage either way. It was just something I was thinking about and wanted to be sure to bring it up with enough lead time that there could be a discussion thread about it if needed.
Thanks, -AdamM
kevin,
infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-leave@lists.fedoraproject.org
On Tue, Jun 20, 2017 at 02:40:53PM -0600, Kevin Fenzi wrote:
Yeah, I don't mind. We choose to use RHOSCP for our openshift we setup in staging, so I don't see any problem with switching to use this for the FLIBS.
I know that as is now OSBS requires a special independent installation of OpenShift. This is probably too much to hope for, but is there any chance that OSBS has advanced such that future-FLIBS could just be a tenant of that instance once it graduates from staging?
On Tue, Jun 20, 2017 at 6:36 PM, Matthew Miller mattdm@fedoraproject.org wrote:
On Tue, Jun 20, 2017 at 02:40:53PM -0600, Kevin Fenzi wrote:
Yeah, I don't mind. We choose to use RHOSCP for our openshift we setup in staging, so I don't see any problem with switching to use this for the FLIBS.
I know that as is now OSBS requires a special independent installation of OpenShift. This is probably too much to hope for, but is there any chance that OSBS has advanced such that future-FLIBS could just be a tenant of that instance once it graduates from staging?
There's no real technical reason why it can't be a tenant, OSBS these days is OpenShift namespace aware. However, from a Fedora Project standpoint I expect we'll keep OSBS on it's own independent installation because it's in the builder network within the Fedora Infrastructure and therefore is quite locked down compared to what people would expect out of a traditional OpenShift environment (for example, containers don't have access to the outside Internet).
If there was a point in time where Infrastructure and Release Engineering criteria about the build infrastructure were to change, we could technically make the transition.
-AdamM
-- Matthew Miller mattdm@fedoraproject.org Fedora Project Leader _______________________________________________ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-leave@lists.fedoraproject.org
On Thu, Jun 22, 2017 at 05:12:32PM -0500, Adam Miller wrote:
There's no real technical reason why it can't be a tenant, OSBS these days is OpenShift namespace aware. However, from a Fedora Project standpoint I expect we'll keep OSBS on it's own independent installation because it's in the builder network within the Fedora Infrastructure and therefore is quite locked down compared to what people would expect out of a traditional OpenShift environment (for example, containers don't have access to the outside Internet).
Could we do that lock-down with OpenShift multitenant features? Like: https://docs.openshift.com/container-platform/3.3/admin_guide/managing_pods....
On 06/23/2017 09:17 AM, Matthew Miller wrote:
On Thu, Jun 22, 2017 at 05:12:32PM -0500, Adam Miller wrote:
There's no real technical reason why it can't be a tenant, OSBS these days is OpenShift namespace aware. However, from a Fedora Project standpoint I expect we'll keep OSBS on it's own independent installation because it's in the builder network within the Fedora Infrastructure and therefore is quite locked down compared to what people would expect out of a traditional OpenShift environment (for example, containers don't have access to the outside Internet).
Could we do that lock-down with OpenShift multitenant features? Like: https://docs.openshift.com/container-platform/3.3/admin_guide/managing_pods....
Thats possible, but I am pretty sure releng will not want us to put this into the same basket at the openshift we use for general applications.
For really the same reason we don't run general purpose vm's on the koji builders, ie, we want to make sure that all build artifacts are made in an isolated env where there is no chance something else will interfere with them. (And vm's are much more isolating than containers).
kevin
On Tue, Jun 20, 2017 at 9:09 PM, Adam Miller maxamillion@fedoraproject.org wrote:
Hello all, I wanted to bring up the topic of the future of Fedora's Layered Image Build System (FLIBS) as it pertains to OpenShift as a backend technology that FLIBS is built on top of.
TL;DR - Does anyone care if we move FLIBS to be run on OpenShift Container Platform instead of OpenShift Origin in the future?
OpenShift itself comes in two forms. The first is the upstream OpenShift Origin which is very rapidly releasing which has no official support for older releases (no N-1 support), so it would require a fresh roll out every three months. The second is the Red Hat OpenShift Container Platform which is the productized version based on OpenShift Origin, follows a slower release cadence, and offers longer life support per release than Origin. I would like to note for the sake of posterity for the mailing list thread that both of these are Open Source.
I outline these points in order to ask if there is any preference from the Fedora Infrastructure Team on which "edition" of OpenShift that FLIBS is built on top of in the future. I ask this because currently FLIBS is built on OpenShift Origin which has already proven difficult to keep up with latest releases since I'm currently the only one working on FLIBS and it's not the only thing I am actively working on at any one point in time and I would like to move to OpenShift Container Platform in the future.
+1 we use RHEL and other downstream of the community in other places within the infrastructure too for various reasons, I think it makes perfect sense to move to a platform that has less churn and active support so that people, whether it be Infra team or yourself, have more time to work on enhancements to the service that sits on top rather than just churning to maintain the underlying infrastructure.
Peter
On Wed, Jun 21, 2017 at 11:27:58AM +0100, Peter Robinson wrote:
On Tue, Jun 20, 2017 at 9:09 PM, Adam Miller maxamillion@fedoraproject.org wrote:
Hello all, I wanted to bring up the topic of the future of Fedora's Layered Image Build System (FLIBS) as it pertains to OpenShift as a backend technology that FLIBS is built on top of.
TL;DR - Does anyone care if we move FLIBS to be run on OpenShift Container Platform instead of OpenShift Origin in the future?
OpenShift itself comes in two forms. The first is the upstream OpenShift Origin which is very rapidly releasing which has no official support for older releases (no N-1 support), so it would require a fresh roll out every three months. The second is the Red Hat OpenShift Container Platform which is the productized version based on OpenShift Origin, follows a slower release cadence, and offers longer life support per release than Origin. I would like to note for the sake of posterity for the mailing list thread that both of these are Open Source.
I outline these points in order to ask if there is any preference from the Fedora Infrastructure Team on which "edition" of OpenShift that FLIBS is built on top of in the future. I ask this because currently FLIBS is built on OpenShift Origin which has already proven difficult to keep up with latest releases since I'm currently the only one working on FLIBS and it's not the only thing I am actively working on at any one point in time and I would like to move to OpenShift Container Platform in the future.
+1 we use RHEL and other downstream of the community in other places within the infrastructure too for various reasons, I think it makes perfect sense to move to a platform that has less churn and active support so that people, whether it be Infra team or yourself, have more time to work on enhancements to the service that sits on top rather than just churning to maintain the underlying infrastructure.
And with my manager hat on, +1 here. Not meaning, "yes, we must do this." Rather, as someone who monitors how cycles get spent, I mean it makes sense as a change that frees up those cycles for more productive, net-new work.
infrastructure@lists.fedoraproject.org