From Fedora Project Wiki
Fedora Release Engineering Meeting :: Monday 2008-10-20
Fedora 10 Snap 2
- bittorrent went much better compared to Snap1
- pre-seeders helped
- 700 downloads so far
- Finding that a little more time is needed to get bittorrent setup for good user experience
- Last snapshot is Snapshot 3 this week before Final Development Freeze next week
- DECISION:
- Rel-eng approves adjusting snapshots to start on Wed to give extra time to stage/prepare the torrents
- Moving on to FESCo for final approval, may happen in time for Snapshot 3
Signing Server
- proposal: https://fedoraproject.org/wiki/User:Mitr
- basically, it's 1 dedicated server/VM guest to do the signatures, and 1 network server to help with security, interface with koji, etc.
- Everyone should read proposal and give feedback before next week's meeting
IRC Transcript
| f13 | ping: notting jeremy spot lmacken rdieter wwoods poelcat | 10:07 |
|---|---|---|
| rdieter | here | 10:07 |
| * notting is here | 10:08 | |
| notting | f13: so, the proposals and actions of rel-eng have now caused fedora-devel to be drowned by ... german sociopolitics. i commend you, that's impressive! | 10:09 |
| * poelcat here | 10:09 | |
| f13 | notting: not too often you can create an instant godwin's law break | 10:10 |
| f13 | alright, lets get rolling | 10:11 |
| -!- f13 changed the topic of #fedora-meeting to: Fedora releng - Snapshot 2 | 10:11 | |
| f13 | snapshot2 torrents went a lot better, because a few folks were able to help out with the seeding at the beginning | 10:11 |
| * lmacken rolls in | 10:11 | |
| f13 | I'm seeing over 700 downloads of the various snap2 offerings | 10:12 |
| f13 | the biggest winner is the i686 live image with 259 downloads alone | 10:12 |
| f13 | behind it was the i386 DVD with 151 | 10:13 |
| jwb | yay for XO | 10:13 |
| * lmacken had no luck with snap2 on his XO :( | 10:13 | |
| f13 | I still need to stage out the source isos so our seeders can pick it up and test | 10:14 |
| f13 | and I'd really like to adjust the schedule as I proposed on list, start the snapshot attempts on Wed instead of Thu, that way if we fail wed, we try again thu and have thu night to stage/sync things up, and start torrenting on Friday | 10:14 |
| f13 | staggering the torrent bring up seemed to help as well | 10:14 |
| f13 | We've only got one more snapshot, and then a preview release which is just a snapshot by a different name. | 10:15 |
| f13 | can we vote here on the proposal to move the snapshot day back by one? | 10:16 |
| f13 | I'm +1 obviously | 10:16 |
| notting | generally +1. sort of worried that it leads to spending most of the time snapshotting, with very little interim change time | 10:17 |
| f13 | I think that's the price we pay by trying to make these snapshots public | 10:19 |
| f13 | and by doing both live, and split, and DVD install media, with source | 10:19 |
| rdieter | +1 | 10:19 |
| f13 | lmacken: jeremy spot ?? | 10:23 |
| lmacken | +1 | 10:23 |
| spot | +1 | 10:26 |
| f13 | well, I guess that's enough voters. | 10:29 |
| f13 | I'll run it through FESCo just to be sure. | 10:29 |
| f13 | poelcat: Decision: Rel-eng approves adjusting snapshots to start on Wed to give extra time to stage/prepare the torrents. Moving on to FESCo for final approval, may happen in time for Snapshot 3 | 10:30 |
| f13 | Anybody else have anything on snapshot 2? | 10:30 |
| f13 | ok, moving on | 10:32 |
| -!- f13 changed the topic of #fedora-meeting to: Fedora Releng - Signing Server | 10:32 | |
| f13 | There was a post just recently about a proposal for a signing server system, made by Miloslav Trmač | 10:33 |
| f13 | I haven't had a chance to read it, but I would ask all of you interested to read and comment either in email or on the wiki discuss page | 10:33 |
| f13 | https://fedoraproject.org/wiki/User:Mitr is the current location of hte page | 10:33 |
| lmacken | where was this posted to ? | 10:33 |
| mitr | Just rel-eng. | 10:34 |
| mitr | Sorry about posting it so late. | 10:34 |
| mitr | Basically, it's 1 dedicated server/VM guest to do the signatures, and 1 network server to help with security, interface with koji, etc. | 10:35 |
| * jeremy is here now | 10:36 | |
| f13 | We don't need to discuss it right now, just save it as reading to do soon. | 10:37 |
| lmacken | "Each user with access to the key has their own password, and the key passphrase is encrypted with user's password. When adding a new user, the key passphrase is decrypted using the key admin's password, and encrypted using the new user's password. " | 10:37 |
| lmacken | that was my initial design from day 1 :) | 10:38 |
| lmacken | part of, rather | 10:38 |
| * jeremy adds to his reading list | 10:38 | |
| notting | not really keen on the keys/passphrases being on a VM | 10:38 |
| lmacken | this design looks pretty solid at a first glance | 10:38 |
| notting | run it by some other security folks? looks reasonable. | 10:39 |
| mitr | notting: You mean a physical computer would be preferred? | 10:39 |
| mitr | Or something else? | 10:40 |
| jeremy | mitr: physical computer at least gets rid of the "attack the host of the VM" problem | 10:40 |
| mitr | right | 10:40 |
| f13 | that's why I had it as a different physical computer in my rough draft | 10:40 |
| f13 | and connecting via something other than network | 10:41 |
| jeremy | but that then adds the risk of "hardware goes boom. now we have to have someone physically go to the colo and set up a new piece of hardware" | 10:42 |
| f13 | sure | 10:43 |
| notting | jeremy: if you can quickly replicate it on a VM in time of crisis, sure. but i don't think that's the default mode | 10:43 |
| jeremy | anyway, I need to actually read more of what mitr wrote to give a sensible architecture critique | 10:43 |
| -!- f13 changed the topic of #fedora-meeting to: Fedora releng - Open Floor | 10:46 | |
| f13 | anybody got anything else to talk about, if not, it's back to the grind stone | 10:46 |
| f13 | alright looks like no. | 10:49 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!