Hi, while I’m traveling with various public transports across Europe, I thought it would be a good opportunity to use the time and write down all the things, experiences, talks, and information that I gathered during my three conferences journey in Brussels and Ghent, still having them in my mind.
It was an amazing opportunity to meet our colleagues that I haven’t had a chance to meet previously in person, talk to the users and customers who are using Foreman, or thinking about utilizing it for their cases, or just simply talk with anyone who’s involved in the Linux and open source community.
I visited three conferences: CentOS Connect, Fosdem, and Cfgmgmt camp. Prepare yourself coffee & make yourself comfortable, it’s not exactly just a paragraph summary.
This year CentOS Connect wasn’t just a conference, but also a celebration as well, CentOS is 20 years old, so happy birthday!
One big heads-up for us is that CentOS 8 hitting the EOL soon, and we need to be ready for this in Foreman. The good news is that we already are working on it, so it’s not something that will bite us later and catch us unprepared.
From the talks, I found the interesting most:
- Ansible usage in CentOS Infra, especially the Ara tool
- Building And Utilizing Purpose-Built GNU/Linux Distribution Images Using Mkosi
- The self-abolition of Enterprise Linux Distributions
Oh man, Fosdem. When everyone said that “Fosdem is big”, I honestly underestimated the meaning of “big” in this case. From what I remember from the official statistics, there were more than 900 speakers and over 40,000 connected unique devices on the university’s network.
As not a big fan of overcrowded places, this was quite a challenge for me, but I managed it and had a chance to see some interesting talks. Sadly I wasn’t able to meet any of our users at the booth, simply because the crowd and noise were so big that I couldn’t make any meaningful conversation.
For the talks I visited, I can recommend watching the following presentations:
Oh man, I enjoyed my time there. Of all of these conferences, I enjoyed the Cfgmgmt camp the most.
Interesting talks, awesome people, less crowded than Fosdem, yet plenty of people from the Linux & Foreman community, eager to talk, share ideas, or just chat about technical stuff.
On Monday we met with guys from ATIX and had a chance to talk about provisioning and the current state of Foreman. We discussed possible implementations of the SecureBoot provisioning, but about that later.
Since the teams are working on similar features, I think that both sides would benefit from having regular sync meetings, let’s say bi-weekly, to sync about our team efforts, discuss open PRs, reviews, and so on.
For example, we’ve been told that ATIX is already working on VMware 8 support, which could be an ideal topic for our regular meetups and we could cooperate on it more effectively.
P.I.G. (or F.P.G.)
Foreman devs came up with the idea of having a Provisioning Interest Group, or Foreman Provisioning Group, depending on which name you prefer, focused on meeting with people who are directly involved in the development of features related to the provisioning and computing resources.
PS: Thanks @evgeni for the naming idea
Foreman Birthday party
And of course, I cannot forget to mention that we’ve been invited to the Foreman BDay party in Munich, organized by the ATIX team.
I don’t know how about you folks, but I think it’s another great opportunity to meet again.
Quite a few people mentioned leaving VMware due to the changes in their licensing after they had been bought by Broadcom company. Simply it’s more expensive than it was before and users are looking for cheaper alternatives.
Terraform is not going to be open source anymore after a specific version. There is an open source alternative called OpenTofu which is gaining popularity pretty fast. Several other visitors mentioned Terraform as their go-to tool for daily work. And it seemed to me all of them were pretty happy with it. One user asked if we have any plans to implement Terraform in Foreman, for which I tried to motivate them to write their plugin.
I talked to three Foreman users about their willingness to share anonymized data.
- The first user said, “Absolutely not”. Not that he as the user wasn’t willing to share them, but because of his employer - the Government. “It doesn’t matter if it’s anonymized”, he said, “it will never pass through the management.”
- The second user said that they might be interested in it, but my feeling was that they would do it only if it would gain something for them.
- The third user was totally for the idea, and willing to share it without any problems. They also suggest having multiple levels of privacy, so they can choose from what they want to share, and what not.
For example: 1. level would be just number statistics, 2. level would be HW details, 3. level would be something more private, and so on …
The number of users that don’t use UI at all was (for me) surprisingly high. They just use API or Hammer, and that’s it.
Outdated docs in GitHub repos
One customer was asking about how to install Hammer as a stand-alone package. I googled some stuff and found something in GitHub repo. The only problem was, that it was outdated and didn’t work at all. Which is something the customer pointed out.
Maybe we should do a proper cleanup of publicly available docs and make sure they are up-to-date or at least with a warning about deprecated status.
What’s new since the last year?
That was a question from one of the users, for which I didn’t know what to answer. It took me a while to come up with something. Lessons learned, next time, have a list of all new changes.
Other provisioning stories
Users without access to DHCP, users deciding if Puppet is better than Ansible (and opposite), provisioning and management of network devices (routers, switches), high-CPU computing, and last, but not least, ARM and IOT.
For each of these topics, we had at least one or more users that are working on that and were interested in how Foreman fits into this category and how it can help them solve their problems.
Bootdisk and discovery
A lot of people were not aware of foreman_bootdisk or foreman_discovery features. Like at all. We should do something with it.
RFC for deprecating template
A small feature we discussed with guys from Sweden, see RFC: Deprecating templates
Give users a chance to vote
One interesting idea was to have a system where we could allow users to vote on issues and requested features, something like UserVoice, but open source of course. It could be another valuable input, with a simple and clear message of what the community wants.
On Wednesday we met to talk about the Secure Boot, and how to tackle & understand the problem. Or feature depends on how you look at it.
There were many great ideas, various approaches, and ideas for solutions that had been posted at the same time by someone (looking at you @lzap) as an RFC.
- Setup UEFI provisioning on local DEV, check the process for RHEL & Debian
- Setup SecureBoot for RHEL and Debian on the Fedora machine
- UEFI HTTP provisioning with Foreman+smart-proxy
- Implement the feature (see below)
- Users would have to get their shims for the OS they want to provision manually. The Installer will take care only of shims that are for the smart proxy’s host.
- When the user creates the host with SecureBoot, we’ll check that the shims are present. If not, raise an error.
- Smart Proxy will create config files for the grub, and make sure they are pointing to shims that are required for the provisioned OS.
- Provision the host
For VMware, guys from Sweden University have a plugin that enables secure boot for VMware, so we’ll take inspiration there for sure.
And just one small note, this is not by any means a complete description and final feature solution, it might change in the upcoming weeks, talking is still in progress, and we need to sync it with current open PRs from Jan (ATIX), and still do some investigations.
Don’t worry, we will share more details when we will have them, I promise.
And that’s all folks for today, I probably (more likely definitely) forgot to mention something, apologizing in advance, but my writing skills are hitting their limits, plus there were simply so many talks and ideas that writing them down would be for a small book.
If you made it here, thank you for your time, and feel free to share your thoughts here or contact me on IRC and Slack.