From Fedora Project Wiki
m (First draft yet unfinished as such)
(First draft completed)
Line 2: Line 2:
|-
|-
| style="border-width: 0;" | {{admon/tip | Fedora Server Ansible Team |  
| style="border-width: 0;" | {{admon/tip | Fedora Server Ansible Team |  


'''Activists'''
'''Activists'''
Line 9: Line 8:
* '''[[User:jwhimpel | John Himpel]]''' (jwhimpel)
* '''[[User:jwhimpel | John Himpel]]''' (jwhimpel)
* more to add (hopefully)
* more to add (hopefully)
'''Communicating'''
* '''Mailing list:''' [https://lists.fedoraproject.org/mailman/listinfo/server server@lists.fedoraproject.org]
* '''IRC:''' #fedora-server on freenode
}}
}}
|}
|}


= Providing easy installation and pre-configuration for key services with Ansible =
== Providing easy installation and pre-configuration for key services with Ansible ==


This page is intended to organize and structure the discussion about improving the use of Ansible to support Fedora Server Edition system management. It is work in progress, not documentation of finished procedures.
This page is intended to organize and structure the discussion about improving the use of Ansible to support Fedora Server Edition system management. It is work in progress, not documentation of finished procedures.


== Use Cases – What do we want to achieve ==
It is intended to be uses as a kind of (simple) content federation tool. We specify items to discuss here, discuss on mailing list or IRC meetings and bring their results together here.


=== 1. Installation of application server - the Wildfly example ===
=== Use Cases – What do we want to achieve ===
 
==== 1. Installation of application server - the Wildfly example ====


* Experience has shown that building a wildfly rpm is not feasible. This is not only true for Fedora, but also for other distributions. As a way out, many instructions for installation can be found, which follow different ways and installation systematics.
* Experience has shown that building a wildfly rpm is not feasible. This is not only true for Fedora, but also for other distributions. As a way out, many instructions for installation can be found, which follow different ways and installation systematics.
** '''Goal''' is to ensure a systemtatic, reproduceable und smooth integration into the Fedora way of installing software


* One idea is to provide a "wildfly-installation-preparation.rpm" that installs the systemd infrastructure and a script that informs that an installation of the software is required to use it. For installation, a script or an Ansible playbook is provided to guide the system administrator.  
* One idea is to provide a "wildfly-installation-preparation.rpm" that installs the systemd infrastructure and a script that informs that an installation of the software is required to use it. For installation, a script or an Ansible playbook is provided to guide the system administrator.
** This idea is inspired by the postgresql dbinit process.  


* Script or Playbook ensure that all installations of this type follow the same principles and comply with the Fedora guidelines for installing Java software.
* Script or Playbook ensure that all installations of this type follow the same principles and comply with the Fedora guidelines for installing Java software.
Line 28: Line 36:
'''Cons'''
'''Cons'''


* Fedora policies prohibit this type of rpm.  
* Fedora policies (may) prohibit this type of rpm.  


=== 2. Installation of a complex service using different packages - the example Mail Service ===
'''Alternatives'''
 
* prebuilt containers as a stopgap option
** not everywhere a container is a good or even a feasible solution (administrative overhead, disposable strategy, additional workflow and build environment, etc.) 
 
==== 2. Installation of a complex service using different Fedora packages - the example Mail Service ====


* A mail service includes several different packages, e.g. Postfix, Dovecot, SpamAssassin, OpenDKIM, etc., which must be configured to work together.  
* A mail service includes several different packages, e.g. Postfix, Dovecot, SpamAssassin, OpenDKIM, etc., which must be configured to work together.  
* There are manuals that often contain configuration instructions that do not apply to Fedora. General idea so far:
* There are guides that often contain configuration instructions that do not apply to Fedora or packages for various reasons not available in Fedora
** '''Goal''' is to provide an easy way to a cross-package and coordinated configuration of a service.


=== 3. Linux System Roles ===
'''Cons'''
 
* There are so many different possible Installation options
** We may need to develop different prototype use cases, each containing customization capabilities.
 
==== 3. Linux System Roles ====


There is a project that provides a collection of Ansible Playbooks for typical system administration tasks:
There is a project that provides a collection of Ansible Playbooks for typical system administration tasks:
Line 44: Line 63:
Topics to discuss:
Topics to discuss:


# Do the scripts play well with Fedora Server
# Do the scripts play well with Fedora Server?
# Do we want to encourage use ot those scripts
# Do we want to encourage the use of those scripts and how?
# How can we make the (better) usable in Fedora Server
# How can we make them (better) usable in Fedora Server?
# Can we use them as a kind of base library for more complex, cross-package services?
 
=== Fedora Policy requirements ===
 
Fedora policies impose requirements on artifacts that Fedora distributes. Obviously, some of the current rules are:
 
* Helper rpms that only contain the systemd environment and an installation script do not comply with Fedora policy
 
* Packaged Ansible roles, collections and things should be referencing packages and leverage Fedora content rather than external stuff
* Fedora containers as well should leverage Fedora content


== Fedora Policy requirements ==
We need to investigate the regulations and analyze the possibilities they provide.


== How to distribute / distribution options ==
=== How to distribute / distribution options ===


* downloadable from server-wg home page (??)
* downloadable from server-wg home page (??)

Revision as of 07:22, 22 May 2021

Fedora Server Ansible Team
Activists

Communicating

Providing easy installation and pre-configuration for key services with Ansible

This page is intended to organize and structure the discussion about improving the use of Ansible to support Fedora Server Edition system management. It is work in progress, not documentation of finished procedures.

It is intended to be uses as a kind of (simple) content federation tool. We specify items to discuss here, discuss on mailing list or IRC meetings and bring their results together here.

Use Cases – What do we want to achieve

1. Installation of application server - the Wildfly example

  • Experience has shown that building a wildfly rpm is not feasible. This is not only true for Fedora, but also for other distributions. As a way out, many instructions for installation can be found, which follow different ways and installation systematics.
    • Goal is to ensure a systemtatic, reproduceable und smooth integration into the Fedora way of installing software
  • One idea is to provide a "wildfly-installation-preparation.rpm" that installs the systemd infrastructure and a script that informs that an installation of the software is required to use it. For installation, a script or an Ansible playbook is provided to guide the system administrator.
    • This idea is inspired by the postgresql dbinit process.
  • Script or Playbook ensure that all installations of this type follow the same principles and comply with the Fedora guidelines for installing Java software.

Cons

  • Fedora policies (may) prohibit this type of rpm.

Alternatives

  • prebuilt containers as a stopgap option
    • not everywhere a container is a good or even a feasible solution (administrative overhead, disposable strategy, additional workflow and build environment, etc.)

2. Installation of a complex service using different Fedora packages - the example Mail Service

  • A mail service includes several different packages, e.g. Postfix, Dovecot, SpamAssassin, OpenDKIM, etc., which must be configured to work together.
  • There are guides that often contain configuration instructions that do not apply to Fedora or packages for various reasons not available in Fedora
    • Goal is to provide an easy way to a cross-package and coordinated configuration of a service.

Cons

  • There are so many different possible Installation options
    • We may need to develop different prototype use cases, each containing customization capabilities.

3. Linux System Roles

There is a project that provides a collection of Ansible Playbooks for typical system administration tasks:

Topics to discuss:

  1. Do the scripts play well with Fedora Server?
  2. Do we want to encourage the use of those scripts and how?
  3. How can we make them (better) usable in Fedora Server?
  4. Can we use them as a kind of base library for more complex, cross-package services?

Fedora Policy requirements

Fedora policies impose requirements on artifacts that Fedora distributes. Obviously, some of the current rules are:

  • Helper rpms that only contain the systemd environment and an installation script do not comply with Fedora policy
  • Packaged Ansible roles, collections and things should be referencing packages and leverage Fedora content rather than external stuff
  • Fedora containers as well should leverage Fedora content

We need to investigate the regulations and analyze the possibilities they provide.

How to distribute / distribution options

  • downloadable from server-wg home page (??)