Supporting Ansible as another tool for ovirt infra mgmt
I'd like to ask the team what do you think on $subject, in terms of pros & cons. As you all know we have been using puppet to manage our production infra (user access, server configuration,etc... ). Recently we started looking into migrating our mailman instance into new hyper-kitty instance to run on the oVirt DC in PHX. It seems that there is no true puppet classes available to install/manage mailman3 but there is an Ansible playbook used / written by fedora to deploy their instance. So the question is should we start using/supporting Ansible as another tool to manage our infra and leverage existing playbooks out there to reduce work on migration of new services? I'm not suggesting to migrate all puppet code into Ansible, but to allow using Ansible when it make sense. Here is what I had in mind with regards to pro/cons: Pros - Saving time writing puppet classes for services (if Ansible playbook exists) - Bringing in new infra members which are interested in Ansbile (maybe publish the team in the relevant communities) Cons: - Another tool to support/maintain - No real support to manage in foreman as we do for puppet (for sure not in our old version) I'd love to hear your thoughts about it. -- Eyal Edri Associate Manager RHEV DevOps EMEA ENG Virtualization R&D Red Hat Israel phone: +972-9-7692018 irc: eedri (on #tlv #rhev-dev #rhev-integ)
On 3 April 2016 at 10:21, Eyal Edri <eedri@redhat.com> wrote:
I'd like to ask the team what do you think on $subject, in terms of pros & cons.
As you all know we have been using puppet to manage our production infra (user access, server configuration,etc... ).
Recently we started looking into migrating our mailman instance into new hyper-kitty instance to run on the oVirt DC in PHX. It seems that there is no true puppet classes available to install/manage mailman3 but there is an Ansible playbook used / written by fedora to deploy their instance. So the question is should we start using/supporting Ansible as another tool to manage our infra and leverage existing playbooks out there to reduce work on migration of new services? I'm not suggesting to migrate all puppet code into Ansible, but to allow using Ansible when it make sense.
Here is what I had in mind with regards to pro/cons: Pros
Saving time writing puppet classes for services (if Ansible playbook exists) Bringing in new infra members which are interested in Ansbile (maybe publish the team in the relevant communities)
Cons:
Another tool to support/maintain No real support to manage in foreman as we do for puppet (for sure not in our old version)
I'd love to hear your thoughts about it.
As I've already stated elsewhere Ansible is interesting for a number of reasons, but a dual-tool scenario will not be welcome IMO. There is also a lage question of the possibility of replacing Puppet with Ansible. Puppet is a continues configuration-management system that monitors servers for configuration drift and repairs it (deploying missing components in the process), to do that it supports a declarative language and a master/slave-agent architecture. The common Ansible usage scenario OTOH seems to be AFAIK a developer/op launching a deployment task from his laptop. For that Ansible supports a more imperative syntax and an SSH-based agent-less architecture. IMO, for long-running on-premise infrastructure (Not ad-hoc in "the cloud") which is what oVirt has and what what it targets, the drift monitoring approach is more suitable. Now, I've hared that that Ansible could also be deployed with agents and a central server (Tower? Foreman? something else?), but I'm not sure how mature that deployment scenario is right now, nor wither existing Ansible code fits that scenario. -- Barak Korren bkorren@redhat.com RHEV-CI Team
I think another point for consideration is the Puppet+Foreman support, foreman doesn't support puppet 4 yet[1], but f23 runs only with puppet >4 agents, if that doesn't get fixed soon and we can't upgrade puppet to 4, we will hit a big problem when we need to migrate more slaves to f23. [1] http://projects.theforeman.org/issues/8447 On Sun, Apr 3, 2016 at 10:42 AM, Barak Korren <bkorren@redhat.com> wrote:
I'd like to ask the team what do you think on $subject, in terms of pros & cons.
As you all know we have been using puppet to manage our production infra (user access, server configuration,etc... ).
Recently we started looking into migrating our mailman instance into new hyper-kitty instance to run on the oVirt DC in PHX. It seems that there is no true puppet classes available to install/manage mailman3 but there is an Ansible playbook used / written by fedora to deploy their instance. So the question is should we start using/supporting Ansible as another tool to manage our infra and leverage existing playbooks out there to reduce work on migration of new services? I'm not suggesting to migrate all puppet code into Ansible, but to allow using Ansible when it make sense.
Here is what I had in mind with regards to pro/cons: Pros
Saving time writing puppet classes for services (if Ansible playbook exists) Bringing in new infra members which are interested in Ansbile (maybe
On 3 April 2016 at 10:21, Eyal Edri <eedri@redhat.com> wrote: publish
the team in the relevant communities)
Cons:
Another tool to support/maintain No real support to manage in foreman as we do for puppet (for sure not in our old version)
I'd love to hear your thoughts about it.
As I've already stated elsewhere Ansible is interesting for a number of reasons, but a dual-tool scenario will not be welcome IMO.
There is also a lage question of the possibility of replacing Puppet with Ansible. Puppet is a continues configuration-management system that monitors servers for configuration drift and repairs it (deploying missing components in the process), to do that it supports a declarative language and a master/slave-agent architecture. The common Ansible usage scenario OTOH seems to be AFAIK a developer/op launching a deployment task from his laptop. For that Ansible supports a more imperative syntax and an SSH-based agent-less architecture.
IMO, for long-running on-premise infrastructure (Not ad-hoc in "the cloud") which is what oVirt has and what what it targets, the drift monitoring approach is more suitable.
Now, I've hared that that Ansible could also be deployed with agents and a central server (Tower? Foreman? something else?), but I'm not sure how mature that deployment scenario is right now, nor wither existing Ansible code fits that scenario.
-- Barak Korren bkorren@redhat.com RHEV-CI Team _______________________________________________ Infra mailing list Infra@ovirt.org http://lists.ovirt.org/mailman/listinfo/infra
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --AKJMEmsUhTmxAKhMvv3kTD5ur8Dt6DHge Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Quack, On 04/03/2016 04:42 PM, Barak Korren wrote:
IMO, for long-running on-premise infrastructure (Not ad-hoc in "the cloud") which is what oVirt has and what what it targets, the drift monitoring approach is more suitable.
It is possible to run Ansible on an admin machine with a crontab or triggered by git pushes or Jenkins. It can report changes/drifts in dry run mode, but the results are not easy to read. I think there is something in Tower for parsing the output and do proper report but I never could try it (https://www.ansible.com/security-and-compliance). I wonder when it will be opensourced. Misc do you have any idea on this (and maybe tested some of these features)? Regards. --AKJMEmsUhTmxAKhMvv3kTD5ur8Dt6DHge Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJXAc4GAAoJEFXp+fesHEQ/qTYP/1JGIk1A4+rstbh/Oe8Bd6Xc rCvqaPizJB8Fpl7gRWnOXo+lLgiCHAdzJEdJf0y7tIDs9UiI/a6FAoOJf0+BfTg6 evcdlMSBt/6qx8FvPojYmjg50d0/IhjTMbkS4OrywMDAQTOR8dEKd0ThYnu7DLuM A17k8Qy5Rd2X7wbE3sUO2TzJfgz4KG+QAKGVqugr8S4Mc3cb2JvdTN5HCVj3brpY 9QLImKfGmz4wpjk3HosgWYzJuxok5ipDazs/gwVtzBMH6dRV6Jr6kiYc8RB6Mj9u +eATaCkC5ewvtRj9NUAC6LcFrVZjSqfPTZ8kLTIFKDDr1pnn3tUU+I13GoPPSeTl m7DZq90LY7NDV8nN2d0SxIsOWuq93PABSLpeSBZih2i84P1R/dxKL9+vBfbIQHd0 cIdUsHtQVlkOONTnS6If+Y4OCUZB5bppQgLUCCtuA/RDUODwGXHWEISplIQPDRzV ZYPslJ3McSZC1qDPL+SjfQ3qos25PTHceV/WHla/rHsyYKmXaJ34Un7hsaC5boZN qzTtWaXadhbzG+WR7dXV6sPd17kFzJbzufjYzCpwwy+48pwdPy/ViX/Kggdp5GhE lgIZ+69i5533XG7jKTQuydLxIsICFfl9JRfW1zxEkqhemdzcV0THWm3hZWKqQwDG yqRaKOS2m9ixUCmGkYV7 =oxM3 -----END PGP SIGNATURE----- --AKJMEmsUhTmxAKhMvv3kTD5ur8Dt6DHge--
Le lundi 04 avril 2016 à 11:14 +0900, Marc Dequènes (Duck) a écrit :
Quack,
On 04/03/2016 04:42 PM, Barak Korren wrote:
IMO, for long-running on-premise infrastructure (Not ad-hoc in "the cloud") which is what oVirt has and what what it targets, the drift monitoring approach is more suitable.
It is possible to run Ansible on an admin machine with a crontab or triggered by git pushes or Jenkins. It can report changes/drifts in dry run mode, but the results are not easy to read.
I think there is something in Tower for parsing the output and do proper report but I never could try it (https://www.ansible.com/security-and-compliance). I wonder when it will be opensourced. Misc do you have any idea on this (and maybe tested some of these features)?
No idea on when this is gonna be open sourced (I keep asking), and didn't test the feature. However, foreman do support reporting from ansible, IIRC. You can get the list of server from foreman since a long time, you can store result in foreman, and I am quite sure that would be trivial to store facts in foreman. There was a few demo during fosdem and cfgmgmt camp, but I didn't listened as closely as I should (due to breakage and sysadmin stuff during the talk) See http://cfgmgmtcamp.eu/schedule/speakers/DanielLobatoGarcia.html so maybe someone can contact him so he can tell the state of the art regarding integration ? -- Michael Scherer Sysadmin, Community Infrastructure and Platform, OSAS
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --eexd0K4tW6WBvWOqwe3sxXOdoqPFnxjvu Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Quack, On 04/04/2016 06:29 PM, Michael Scherer wrote:
However, foreman do support reporting from ansible, IIRC. =20 You can get the list of server from foreman since a long time, you can store result in foreman, and I am quite sure that would be trivial to store facts in foreman. There was a few demo during fosdem and cfgmgmt camp, but I didn't listened as closely as I should (due to breakage and=
sysadmin stuff during the talk) =20 See http://cfgmgmtcamp.eu/schedule/speakers/DanielLobatoGarcia.html so maybe someone can contact him so he can tell the state of the art regarding integration ?=20
There's no video recording or links to slides on the cfgmgmt site unfortunately. Nevertheless this person is contrinuting to several modules like this one: https://github.com/dLobatog/foreman_ansible It links to a dynamic inventory module, and there's facts and reporting. So, dear list, is there any other features you would miss? any concern? I'd be glad to contact this guy but I don't know much about Foreman except FOSDEM talks and not much (yet) about your needs, so please help! Regards. --eexd0K4tW6WBvWOqwe3sxXOdoqPFnxjvu Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJXA2opAAoJEFXp+fesHEQ/saEP/RewBmopciHauBCuPV1olx4C 0054s8lnxJ8oPm22jvbMqy5EfXFux+thPLZx7mg/rTlmhGusQWF1YWuBVVjrgiPk tq2X/MZ5pFMg43vU+o2UsgMBHJmYf/Kj88bZoMb0TW8E+Uk0klRePTcoTOKZLWjy Rfr3mZydhlWxml5QOPyliL6Ap3/XJw7RNPsjCGFGd+wiLRAV1k5T2X7Pi52yPOph 2J9vmCJsd56bKBm+2nuTKpyHMw8ISxwb4zF7tKmlxG1OAUIUm9r8wvpQdJ7VHzpp /w7qE0wnQg/8uTbAOrojFfuPjUhU302mb8Lk5KmgbuB7moM0HG40L2TCCoBe96kA 1DGF7zTr4Ne0yVVRM/zTqS8b0r2dpCeECwmXzIOhw1j2HD/R7aNXdkZutrN5ho9u 57XQKfY7+2RrTE95Znm8OY/QlYrzwS+RWdgFyuBYUvHpY8ikB/zunbHSeiHVsIwu /IwGU5ll4nmssmyDF01Z8qLppFejeWqFHCLo1IUjC8OYIhAlqZz/yYrAGly1Rt3Z m4WJCw56MRj2ww4e5eBsQ1Qr73tN33Hq4LE9FIJXYuDmG6c1mOh6qdCXgSUXUdRd 5VWlcR/QfC8FH4hdk9crjf/pzds/pjY+hWDqBKUmmcZW4kJWlabllpyqoTJLk1aZ VzhZpVlZ7geo7Wf0qUsg =279O -----END PGP SIGNATURE----- --eexd0K4tW6WBvWOqwe3sxXOdoqPFnxjvu--
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ukXOxSq2QXX1FenopQJ9UpSKCbKln4jqn Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Quack, On 04/05/2016 04:32 PM, Marc Dequ=E8nes (Duck) wrote:
So, dear list, is there any other features you would miss? any concern?=
I'd be glad to contact this guy but I don't know much about Foreman except FOSDEM talks and not much (yet) about your needs, so please help= !
Would anyone give a hand please? The Foreman version is old, so maybe this is the right time to reflect on some modernization. This is clearly a more bold task than we expected, but in the long run=85 I can also most probably get some time t= o give a hand on this migration. If needed I will learn Puppet, but this is not a 5 minute job. As the upstream Puppet rules are crap, this means some work, so expect more time to get to it. Let's at least raise the concerns you may have with this Foreman+Ansible combination now, this will surely be useful in the future if not now. Regards. --ukXOxSq2QXX1FenopQJ9UpSKCbKln4jqn Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJXC1yvAAoJEFXp+fesHEQ/xAMP/2LMA/UBLDCvUWHbPootmPBV eCPLbQcrEzqpQ8JmBSzds6blcr2F1YviZ21zCDUE3n37VOAd8CNe5pQfh5H6PlxE VVZcxM0Y/xrn5HCO+NuEEDcXq001txgdL/qz38n838eh/qGDKQQx1EOkRwGmbBUt /MB8IfRPsMidhUSy1SylX/y6omeurt65P71cuFLLKAFpm4l16xK92rQ7xmIenY6a afWl6JFOPi8utYaRxG6TDEaCftPBm6QMdpq6txmv0LOBOAMKYIYveVB5GWjj1Ag9 oHgqb4HtxfOyHIJS6r2ePkPO0/2JIQLqL4eFRzWwQX4lklZPlXygL71YR3JSHesv lBA2jkB9Y4pT96110wSvfhVUu0n/N+8X3eQkCnh3kWH/6Cw/j8MUE/Wcn08zA9X3 C4hYyKzDYVUaSIz775+aeXl9LwdFXQ8ZMdZekl6gvnhzAXyapY8E9gvAFEOUyv7P pcG14YnlI48btpj7v2or1z1PY1AHziOdMcinN4iPyRt9cdOmDPhnG0R6K4NMfiNq jLHSbJ9/oyhhP/HwqC9XrFiLeLfDFDDlZMAARyW1y4LVyQtR6hIH1dHZ1EPFv6Cn rW83px4/p618ht35sLTZYShE2OW1HJ9Bhc/pSMDGB4cdr94nYEj499uk9x2Jsi6n 05NelH4bdxNzinmOCtCs =45lw -----END PGP SIGNATURE----- --ukXOxSq2QXX1FenopQJ9UpSKCbKln4jqn--
So, dear list, is there any other features you would miss? any concern? I'd be glad to contact this guy but I don't know much about Foreman except FOSDEM talks and not much (yet) about your needs, so please help!
Would anyone give a hand please?
Well, what kind of hand is needed? I remain unconvinced about the benefits of using Ansible here as oppsed to the downsides of maintaining two CM systems in parallel.
The Foreman version is old, so maybe this is the right time to reflect on some modernization. This is clearly a more bold task than we expected, but in the long run… I can also most probably get some time to give a hand on this migration.
Yeah I'm the current owner of the ticket to upgrade it and migrate it to PHX, I will get to it eventually...
If needed I will learn Puppet, but this is not a 5 minute job. As the upstream Puppet rules are crap, this means some work, so expect more time to get to it.
I think doing this kind of work will benefit us as well as others, it should not be too much trouble imo. Consider sending a rough patch to Gerrit, we can help and lead you from there.
Let's at least raise the concerns you may have with this Foreman+Ansible combination now, this will surely be useful in the future if not now.
Eyal suggested using Ansible right now in a one-off fashion to get the Mailman server up. I don't particularity like that idea beucase it seems to me it would make us incur some technical debt we will not pay quickly. I'd rather pay it upfront. But I can understand if we want to take such short cuts it the interest of getting Mailman out of some bad state it is currently it. I'm not sure what is the situation with it right now. -- Barak Korren bkorren@redhat.com RHEV-CI Team
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --2CJSCa5kfB0ILu2JVP8i3TauuEkNCqE1m Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Quack, On 04/11/2016 05:38 PM, Barak Korren wrote:
Well, what kind of hand is needed?
Help about the VM, you replied to this part (which unfortunately began off-list, my bad), thanks. The other part is tracking the features you need, to see if upgrading Foreman and using the work Misc pointed at could be a working solution. Because if an important feature is missing, then this path will not happen now. And then if it is a possible path, are you all willing to work on this migration?
I remain unconvinced about the benefits of using Ansible here as oppsed to the downsides of maintaining two CM systems in parallel.
I only viewed Mailman as a proof of concept. I agree maintaining both systems sux. So that's why I'm talking about a possible migration. I guess if it fails then we'll be back to reintegrating MailMan in the current system and this is not that horrible. If it works we can work on converting the rest with the knowledge we gained. I'd be happy to help but clearly I would need some time and energy from people in the project. Other OSAS members could also give a hand.
Yeah I'm the current owner of the ticket to upgrade it and migrate it to PHX, I will get to it eventually...
I think doing this kind of work will benefit us as well as others, it should not be too much trouble imo. Consider sending a rough patch to Gerrit, we can help and lead you from=
I've no idea about your workload, nor about the urgency of migrating Mailman. I think this is important to check our availability and will to invest on this. there. Probably. Nevertheless it seems most projects OSAS are in touch with are getting out of Puppet and I myself in other projects decided not to go into this solution after some comparison and XP collection. So you may understand I'd like to invest my time in something not totally ephemeral. But if this migration is rejected or postponed, I will.
Eyal suggested using Ansible right now in a one-off fashion to get the Mailman server up. I don't particularity like that idea beucase it seems to me it would make us incur some technical debt we will not pay quickly. I'd rather pay it upfront. But I can understand if we want to take such short cuts it the interest of getting Mailman out of some bad state it is currently it. I'm not sure what is the situation with it right now.
I'm new here :-), neither do I. Regards. --2CJSCa5kfB0ILu2JVP8i3TauuEkNCqE1m Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJXC3AHAAoJEFXp+fesHEQ/DMoP+wW7QqdAwmfRlp/tDDTDUcxA 8JBVQm4r4kxSZWCBTfGEtacLrAPPcXg+H5trjANMVErP49wPMJgzkMeZ50lIZMYA CdLalTor/U0leZGAoc4Xp/trYKORBc0An3gUxb3fIdZqJ4yRgsR00NNgIuex8RuK DzEtMmTWMkuOIxlOUnyH1+g1ON6pw9uzyN0cAIqrY/igakkYNPO58BEzL2MinCYx HvKOb2Q3loDDkI7/W/0tsdwFOOtH8UE3UWbUfyjedDcIfiybzCCVKjCHjuNcIV0C O7BYBeVj0mwuKxVQGQFK2BSsstGHIqhe+iand9bYt8QwtbV/bBdESMe5GPJb+fLJ tvpP4VCOhqagrlPjSLxYBBqGfSmRME6Cq1s982TADWAfgQpZy7gLY3HMn3p2xroh LPeMkWOijVYeGQ56lUalmC/Zwd+nxPGJFdzl0TVYfKc0vrzNpifi64hAyFhFJtHS 22olt8odUa8wCLij9xshGhwfD3VwIuABsP4Q+mb7Q62hNEjW89IJSifen0Hvdw86 QF2s/NMdOdIg97v+VL7jCl0sFm39HOgRMtIJwf22XKM2a8cYgB2rMSPXjyX2xvCO hz4/xTEmLgrVaDOl7JrQWDBZkLD9y6xAkkU17ATIfprSJoosLTyA3o77kAqEiGq2 bo7QjPn+MhstG/bhyBWw =ukmb -----END PGP SIGNATURE----- --2CJSCa5kfB0ILu2JVP8i3TauuEkNCqE1m--
Top posting to summarize things: I'm OK with doing a 'POC' of using Ansible with mailman 3 in order to move forward with this migration and release linode server which we pay money for it on a regular basis while we could use this for other usage. This is what I suggest: 1. Create a VM in PHX called 'mail.phx.ovirt.org' - anyone from the team can do it - if no one is doing it by the end of this week, I'll do it. 2. You should get access to that VM (please send you ssh public key to infra list so we can add you and you'll get access to the VM). 3. Using the Ansible playbook to install the new service (hyperkitty) on the new VM. 4. Documenting the current configuration we have on lists.ovirt.org (existing mailman) and applying it to the new server. ( adapting the Ansible playbook to include our configuration ) 5. Pushing the Ansible code into a repo (we might need to create a new git repo for it) 6. Migrating the server ( with a rollback option ) Up until now this didn't include managing Ansible via foreman and only refers to migrating existing mailman to new server using Ansible. The second part is more tricky: 1. Install new foreman VM on PHX ( that's a pending task we need prioritze regarless of the mailman migration and we'll do it soon after jenkins migrated ) 2. Check if its possible manage Ansible via foreman or what does it mean to do it 3. If we'll see that its not correlate to how we manage the infra right now and takes a big toll on management, we will decide the POC is a fail and we will need to write puppet classes to the new installed mailman. As you can understand this approach has a "risk" of doing some duplicate work, but I think its the best way to go because it will allow us to: - Migrate the quickest way, saving money on hosting we don't need - Testing Ansible support, which is something we can't ignore, as we see more and more Ansible adoption and I believe we should evaluate it. - We will be able to open bugs to foreman if we'll hit any issues which is blocking us - If we will end up writing puppet manifest, we would have not wasted too much time on Ansible since most of the code is already available. Lets move forward with this. Eyal. On Mon, Apr 11, 2016 at 12:36 PM, Marc Dequènes (Duck) <duck@redhat.com> wrote:
Quack,
On 04/11/2016 05:38 PM, Barak Korren wrote:
Well, what kind of hand is needed?
Help about the VM, you replied to this part (which unfortunately began off-list, my bad), thanks.
The other part is tracking the features you need, to see if upgrading Foreman and using the work Misc pointed at could be a working solution. Because if an important feature is missing, then this path will not happen now.
And then if it is a possible path, are you all willing to work on this migration?
I remain unconvinced about the benefits of using Ansible here as oppsed to the downsides of maintaining two CM systems in parallel.
I only viewed Mailman as a proof of concept. I agree maintaining both systems sux. So that's why I'm talking about a possible migration. I guess if it fails then we'll be back to reintegrating MailMan in the current system and this is not that horrible. If it works we can work on converting the rest with the knowledge we gained.
I'd be happy to help but clearly I would need some time and energy from people in the project. Other OSAS members could also give a hand.
Yeah I'm the current owner of the ticket to upgrade it and migrate it to PHX, I will get to it eventually...
I've no idea about your workload, nor about the urgency of migrating Mailman. I think this is important to check our availability and will to invest on this.
I think doing this kind of work will benefit us as well as others, it should not be too much trouble imo. Consider sending a rough patch to Gerrit, we can help and lead you from there.
Probably. Nevertheless it seems most projects OSAS are in touch with are getting out of Puppet and I myself in other projects decided not to go into this solution after some comparison and XP collection. So you may understand I'd like to invest my time in something not totally ephemeral. But if this migration is rejected or postponed, I will.
Eyal suggested using Ansible right now in a one-off fashion to get the Mailman server up. I don't particularity like that idea beucase it seems to me it would make us incur some technical debt we will not pay quickly. I'd rather pay it upfront. But I can understand if we want to take such short cuts it the interest of getting Mailman out of some bad state it is currently it. I'm not sure what is the situation with it right now.
I'm new here :-), neither do I.
Regards.
-- Eyal Edri Associate Manager RHEV DevOps EMEA ENG Virtualization R&D Red Hat Israel phone: +972-9-7692018 irc: eedri (on #tlv #rhev-dev #rhev-integ)
----_com.boxer.email_1057195513138980 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 SSBoYWQgYSBzbWFsbCBjaGF0IHdpdGggZGxvYmF0bywgaXQgc2VlbXMgdGhhdCB0aGUgRm9yZW1h bi1hbnNpYmxlIGludGVncmF0aW9uIGlzIGhhbHRlZCBiZWNhdXNlIGl0IHBvdGVudGlhbGx5IGNv bmZsaWN0cy9jb2xsaWRlcyB3aXRoIHRvd2VyLCBidXQgdGhhdCBpZiB3ZSBwdWJsaWNseSByZXF1 ZXN0IGl0IGFzIHByb2plY3Qgd2UgbWlnaHQgZ2V0IGl0IHVubG9ja2VkLgoKRGF2aWQgQ2FybwoK RWwgMTIvNC8yMDE2IDE1OjUyLCBFeWFsIEVkcmkgPGVlZHJpQHJlZGhhdC5jb20+IGVzY3JpYmnD szoKClRvcCBwb3N0aW5nIHRvIHN1bW1hcml6ZSB0aGluZ3M6CgoKSSdtIE9LIHdpdGggZG9pbmcg YSAnUE9DJyBvZiB1c2luZyBBbnNpYmxlIHdpdGggbWFpbG1hbiAzIGluIG9yZGVyIHRvIG1vdmUg Zm9yd2FyZCB3aXRoIHRoaXMgbWlncmF0aW9uIGFuZCByZWxlYXNlIGxpbm9kZSBzZXJ2ZXIgd2hp Y2ggd2UgcGF5IG1vbmV5IGZvciBpdAoKb24gYSByZWd1bGFyIGJhc2lzIHdoaWxlIHdlIGNvdWxk IHVzZSB0aGlzIGZvciBvdGhlciB1c2FnZS4KCgpUaGlzIGlzIHdoYXQgSSBzdWdnZXN0OgoKCjEu IENyZWF0ZSBhIFZNIGluIFBIWCBjYWxsZWQgJ21haWwucGh4Lm92aXJ0Lm9yZycgLSBhbnlvbmUg ZnJvbSB0aGUgdGVhbSBjYW4gZG8gaXQgLSBpZiBubyBvbmUgaXMgZG9pbmcgaXQgYnkgdGhlIGVu ZCBvZiB0aGlzIHdlZWssIEknbGwgZG8gaXQuCgoyLiBZb3Ugc2hvdWxkIGdldCBhY2Nlc3MgdG8g dGhhdCBWTSAocGxlYXNlIHNlbmQgeW91IHNzaCBwdWJsaWMga2V5IHRvIGluZnJhIGxpc3Qgc28g d2UgY2FuIGFkZCB5b3UgYW5kIHlvdSdsbCBnZXQgYWNjZXNzIHRvIHRoZSBWTSkuCgozLiBVc2lu ZyB0aGUgQW5zaWJsZSBwbGF5Ym9vayB0byBpbnN0YWxsIHRoZSBuZXcgc2VydmljZSAoaHlwZXJr aXR0eSkgb24gdGhlIG5ldyBWTS4KCjQuIERvY3VtZW50aW5nIHRoZSBjdXJyZW50IGNvbmZpZ3Vy YXRpb24gd2UgaGF2ZSBvbiBsaXN0cy5vdmlydC5vcmcgKGV4aXN0aW5nIG1haWxtYW4pIGFuZCBh cHBseWluZyBpdCB0byB0aGUgbmV3IHNlcnZlci4gKCBhZGFwdGluZyB0aGUgQW5zaWJsZSBwbGF5 Ym9vayB0byBpbmNsdWRlIG91ciBjb25maWd1cmF0aW9uICkKCjUuIFB1c2hpbmcgdGhlIEFuc2li bGUgY29kZSBpbnRvIGEgcmVwbyAod2UgbWlnaHQgbmVlZCB0byBjcmVhdGUgYSBuZXcgZ2l0IHJl cG8gZm9yIGl0KQoKNi4gTWlncmF0aW5nIHRoZSBzZXJ2ZXIgKCB3aXRoIGEgcm9sbGJhY2sgb3B0 aW9uICkKCgpVcCB1bnRpbCBub3cgdGhpcyBkaWRuJ3QgaW5jbHVkZSBtYW5hZ2luZyBBbnNpYmxl IHZpYSBmb3JlbWFuIGFuZCBvbmx5IHJlZmVycyB0byBtaWdyYXRpbmcgZXhpc3RpbmcgbWFpbG1h biB0byBuZXcgc2VydmVyIHVzaW5nIEFuc2libGUuCgoKVGhlIHNlY29uZCBwYXJ0IGlzIG1vcmUg dHJpY2t5OgoKCjEuIEluc3RhbGwgbmV3IGZvcmVtYW4gVk0gb24gUEhYICggdGhhdCdzIGEgcGVu ZGluZyB0YXNrIHdlIG5lZWQgcHJpb3JpdHplIHJlZ2FybGVzcyBvZiB0aGUgbWFpbG1hbiBtaWdy YXRpb24gYW5kIHdlJ2xsIGRvIGl0IHNvb24gYWZ0ZXIgamVua2lucyBtaWdyYXRlZCApCgoyLiBD aGVjayBpZiBpdHMgcG9zc2libGUgbWFuYWdlIEFuc2libGUgdmlhIGZvcmVtYW4gb3Igd2hhdCBk b2VzIGl0IG1lYW4gdG8gZG8gaXQKCjMuIElmIHdlJ2xsIHNlZSB0aGF0IGl0cyBub3QgY29ycmVs YXRlIHRvIGhvdyB3ZSBtYW5hZ2UgdGhlIGluZnJhIHJpZ2h0IG5vdyBhbmQgdGFrZXMgYSBiaWcg dG9sbCBvbiBtYW5hZ2VtZW50LCB3ZSB3aWxsIGRlY2lkZSB0aGUgUE9DIGlzIGEgZmFpbCBhbmQg d2Ugd2lsbCBuZWVkIHRvIHdyaXRlIHB1cHBldCBjbGFzc2VzIHRvIHRoZSBuZXcgaW5zdGFsbGVk IG1haWxtYW4uCgoKCkFzIHlvdSBjYW4gdW5kZXJzdGFuZCB0aGlzIGFwcHJvYWNoIGhhcyBhICJy aXNrIiBvZiBkb2luZyBzb21lIGR1cGxpY2F0ZSB3b3JrLCBidXQgSSB0aGluayBpdHMgdGhlIGJl c3Qgd2F5IHRvIGdvIGJlY2F1c2UgaXQgd2lsbCBhbGxvdyB1cyB0bzoKCk1pZ3JhdGUgdGhlIHF1 aWNrZXN0IHdheSwgc2F2aW5nIG1vbmV5IG9uIGhvc3Rpbmcgd2UgZG9uJ3QgbmVlZFRlc3Rpbmcg QW5zaWJsZSBzdXBwb3J0LCB3aGljaCBpcyBzb21ldGhpbmcgd2UgY2FuJ3QgaWdub3JlLCBhcyB3 ZSBzZWUgbW9yZSBhbmQgbW9yZSBBbnNpYmxlIGFkb3B0aW9uIGFuZCBJIGJlbGlldmUgd2Ugc2hv dWxkIGV2YWx1YXRlIGl0LldlIHdpbGwgYmUgYWJsZSB0byBvcGVuIGJ1Z3MgdG8gZm9yZW1hbiBp ZiB3ZSdsbCBoaXQgYW55IGlzc3VlcyB3aGljaCBpcyBibG9ja2luZyB1c0lmIHdlIHdpbGwgZW5k IHVwIHdyaXRpbmcgcHVwcGV0IG1hbmlmZXN0LCB3ZSB3b3VsZCBoYXZlIG5vdCB3YXN0ZWQgdG9v IG11Y2ggdGltZSBvbiBBbnNpYmxlIHNpbmNlIG1vc3Qgb2YgdGhlIGNvZGUgaXMgYWxyZWFkeSBh dmFpbGFibGUuCgoKTGV0cyBtb3ZlIGZvcndhcmQgd2l0aCB0aGlzLgoKCkV5YWwuCgoKCk9uIE1v biwgQXByIDExLCAyMDE2IGF0IDEyOjM2IFBNLCBNYXJjIERlcXXDqG5lcyAoRHVjaykgPGR1Y2tA cmVkaGF0LmNvbT4gd3JvdGU6CgpRdWFjaywKCk9uIDA0LzExLzIwMTYgMDU6MzggUE0sIEJhcmFr IEtvcnJlbiB3cm90ZToKCj4gV2VsbCwgd2hhdCBraW5kIG9mIGhhbmQgaXMgbmVlZGVkPwoKSGVs cCBhYm91dCB0aGUgVk0sIHlvdSByZXBsaWVkIHRvIHRoaXMgcGFydCAod2hpY2ggdW5mb3J0dW5h dGVseSBiZWdhbgpvZmYtbGlzdCwgbXkgYmFkKSwgdGhhbmtzLgoKVGhlIG90aGVyIHBhcnQgaXMg dHJhY2tpbmcgdGhlIGZlYXR1cmVzIHlvdSBuZWVkLCB0byBzZWUgaWYgdXBncmFkaW5nCkZvcmVt YW4gYW5kIHVzaW5nIHRoZSB3b3JrIE1pc2MgcG9pbnRlZCBhdCBjb3VsZCBiZSBhIHdvcmtpbmcg c29sdXRpb24uCkJlY2F1c2UgaWYgYW4gaW1wb3J0YW50IGZlYXR1cmUgaXMgbWlzc2luZywgdGhl biB0aGlzIHBhdGggd2lsbCBub3QKaGFwcGVuIG5vdy4KCkFuZCB0aGVuIGlmIGl0IGlzIGEgcG9z c2libGUgcGF0aCwgYXJlIHlvdSBhbGwgd2lsbGluZyB0byB3b3JrIG9uIHRoaXMKbWlncmF0aW9u PwoKPiBJIHJlbWFpbiB1bmNvbnZpbmNlZCBhYm91dCB0aGUgYmVuZWZpdHMgb2YgdXNpbmcgQW5z aWJsZSBoZXJlIGFzCj4gb3Bwc2VkIHRvIHRoZSBkb3duc2lkZXMgb2YgbWFpbnRhaW5pbmcgdHdv IENNIHN5c3RlbXMgaW4gcGFyYWxsZWwuCgpJIG9ubHkgdmlld2VkIE1haWxtYW4gYXMgYSBwcm9v ZiBvZiBjb25jZXB0LiBJIGFncmVlIG1haW50YWluaW5nIGJvdGgKc3lzdGVtcyBzdXguIFNvIHRo YXQncyB3aHkgSSdtIHRhbGtpbmcgYWJvdXQgYSBwb3NzaWJsZSBtaWdyYXRpb24uIEkKZ3Vlc3Mg aWYgaXQgZmFpbHMgdGhlbiB3ZSdsbCBiZSBiYWNrIHRvIHJlaW50ZWdyYXRpbmcgTWFpbE1hbiBp biB0aGUKY3VycmVudCBzeXN0ZW0gYW5kIHRoaXMgaXMgbm90IHRoYXQgaG9ycmlibGUuIElmIGl0 IHdvcmtzIHdlIGNhbiB3b3JrIG9uCmNvbnZlcnRpbmcgdGhlIHJlc3Qgd2l0aCB0aGUga25vd2xl ZGdlIHdlIGdhaW5lZC4KCkknZCBiZSBoYXBweSB0byBoZWxwIGJ1dCBjbGVhcmx5IEkgd291bGQg bmVlZCBzb21lIHRpbWUgYW5kIGVuZXJneSBmcm9tCnBlb3BsZSBpbiB0aGUgcHJvamVjdC4gT3Ro ZXIgT1NBUyBtZW1iZXJzIGNvdWxkIGFsc28gZ2l2ZSBhIGhhbmQuCgo+IFllYWggSSdtIHRoZSBj dXJyZW50IG93bmVyIG9mIHRoZSB0aWNrZXQgdG8gdXBncmFkZSBpdCBhbmQgbWlncmF0ZSBpdAo+ IHRvIFBIWCwgSSB3aWxsIGdldCB0byBpdCBldmVudHVhbGx5Li4uCgpJJ3ZlIG5vIGlkZWEgYWJv dXQgeW91ciB3b3JrbG9hZCwgbm9yIGFib3V0IHRoZSB1cmdlbmN5IG9mIG1pZ3JhdGluZwpNYWls bWFuLiBJIHRoaW5rIHRoaXMgaXMgaW1wb3J0YW50IHRvIGNoZWNrIG91ciBhdmFpbGFiaWxpdHkg YW5kIHdpbGwgdG8KaW52ZXN0IG9uIHRoaXMuCgo+IEkgdGhpbmsgZG9pbmcgdGhpcyBraW5kIG9m IHdvcmsgd2lsbCBiZW5lZml0IHVzIGFzIHdlbGwgYXMgb3RoZXJzLCBpdAo+IHNob3VsZCBub3Qg YmUgdG9vIG11Y2ggdHJvdWJsZSBpbW8uCj4gQ29uc2lkZXIgc2VuZGluZyBhIHJvdWdoIHBhdGNo IHRvIEdlcnJpdCwgd2UgY2FuIGhlbHAgYW5kIGxlYWQgeW91IGZyb20gdGhlcmUuCgpQcm9iYWJs eS4gTmV2ZXJ0aGVsZXNzIGl0IHNlZW1zIG1vc3QgcHJvamVjdHMgT1NBUyBhcmUgaW4gdG91Y2gg d2l0aCBhcmUKZ2V0dGluZyBvdXQgb2YgUHVwcGV0IGFuZCBJIG15c2VsZiBpbiBvdGhlciBwcm9q ZWN0cyBkZWNpZGVkIG5vdCB0byBnbwppbnRvIHRoaXMgc29sdXRpb24gYWZ0ZXIgc29tZSBjb21w YXJpc29uIGFuZCBYUCBjb2xsZWN0aW9uLiBTbyB5b3UgbWF5CnVuZGVyc3RhbmQgSSdkIGxpa2Ug dG8gaW52ZXN0IG15IHRpbWUgaW4gc29tZXRoaW5nIG5vdCB0b3RhbGx5CmVwaGVtZXJhbC4gQnV0 IGlmIHRoaXMgbWlncmF0aW9uIGlzIHJlamVjdGVkIG9yIHBvc3Rwb25lZCwgSSB3aWxsLgoKPiBF eWFsIHN1Z2dlc3RlZCB1c2luZyBBbnNpYmxlIHJpZ2h0IG5vdyBpbiBhIG9uZS1vZmYgZmFzaGlv biB0byBnZXQgdGhlCj4gTWFpbG1hbiBzZXJ2ZXIgdXAuIEkgZG9uJ3QgcGFydGljdWxhcml0eSBs aWtlIHRoYXQgaWRlYSBiZXVjYXNlIGl0Cj4gc2VlbXMgdG8gbWUgaXQgd291bGQgbWFrZSB1cyBp bmN1ciBzb21lIHRlY2huaWNhbCBkZWJ0IHdlIHdpbGwgbm90IHBheQo+IHF1aWNrbHkuIEknZCBy YXRoZXIgcGF5IGl0IHVwZnJvbnQuIEJ1dCBJIGNhbiB1bmRlcnN0YW5kIGlmIHdlIHdhbnQgdG8K PiB0YWtlIHN1Y2ggc2hvcnQgY3V0cyBpdCB0aGUgaW50ZXJlc3Qgb2YgZ2V0dGluZyBNYWlsbWFu IG91dCBvZiBzb21lCj4gYmFkIHN0YXRlIGl0IGlzIGN1cnJlbnRseSBpdC4gSSdtIG5vdCBzdXJl IHdoYXQgaXMgdGhlIHNpdHVhdGlvbiB3aXRoCj4gaXQgcmlnaHQgbm93LgoKSSdtIG5ldyBoZXJl IDotKSwgbmVpdGhlciBkbyBJLgoKUmVnYXJkcy4KCgoKCi0tIAoKRXlhbCBFZHJpCkFzc29jaWF0 ZSBNYW5hZ2VyCgpSSEVWIERldk9wcwpFTUVBIEVORyBWaXJ0dWFsaXphdGlvbiBSJkQKUmVkIEhh dCBJc3JhZWwKCnBob25lOiArOTcyLTktNzY5MjAxOAppcmM6IGVlZHJpIChvbiAjdGx2ICNyaGV2 LWRldiAjcmhldi1pbnRlZykKCg== ----_com.boxer.email_1057195513138980 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: base64 PHAgZGlyPSJsdHIiPkkgaGFkIGEgc21hbGwgY2hhdCB3aXRoIGRsb2JhdG8sIGl0IHNlZW1zIHRo YXQgdGhlIEZvcmVtYW4tYW5zaWJsZSBpbnRlZ3JhdGlvbiBpcyBoYWx0ZWQgYmVjYXVzZSBpdCBw b3RlbnRpYWxseSBjb25mbGljdHMvY29sbGlkZXMgd2l0aCB0b3dlciwgYnV0IHRoYXQgaWYgd2Ug cHVibGljbHkgcmVxdWVzdCBpdCBhcyBwcm9qZWN0IHdlIG1pZ2h0IGdldCBpdCB1bmxvY2tlZC48 L3A+CjxwIGRpcj0ibHRyIj5EYXZpZCBDYXJvPC9wPgo8ZGl2IGNsYXNzPSJxdW90ZSI+RWwgMTIv NC8yMDE2IDE1OjUyLCBFeWFsIEVkcmkgJmx0O2VlZHJpQHJlZGhhdC5jb20mZ3Q7IGVzY3JpYmnD szo8YnIgdHlwZT0nYXR0cmlidXRpb24nPjxibG9ja3F1b3RlIGNsYXNzPSJxdW90ZSIgc3R5bGU9 Im1hcmdpbjowIDAgMCAuOGV4O2JvcmRlci1sZWZ0OjFweCAjY2NjIHNvbGlkO3BhZGRpbmctbGVm dDoxZXgiPjxkaXYgZGlyPSJsdHIiPlRvcCBwb3N0aW5nIHRvIHN1bW1hcml6ZSB0aGluZ3M6PGRp dj48YnI+PC9kaXY+PGRpdj5JJiMzOTttIE9LIHdpdGggZG9pbmcgYSAmIzM5O1BPQyYjMzk7IG9m IHVzaW5nIEFuc2libGUgd2l0aCBtYWlsbWFuIDMgaW4gb3JkZXIgdG8gbW92ZSBmb3J3YXJkIHdp dGggdGhpcyBtaWdyYXRpb24gYW5kIHJlbGVhc2UgbGlub2RlIHNlcnZlciB3aGljaCB3ZSBwYXkg bW9uZXkgZm9yIGl0PC9kaXY+PGRpdj5vbiBhIHJlZ3VsYXIgYmFzaXMgd2hpbGUgd2UgY291bGQg dXNlIHRoaXMgZm9yIG90aGVyIHVzYWdlLjwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+VGhpcyBp cyB3aGF0IEkgc3VnZ2VzdDo8L2Rpdj48ZGl2Pjxicj48L2Rpdj48ZGl2PjEuIENyZWF0ZSBhIFZN IGluIFBIWCBjYWxsZWQgJiMzOTs8YSBocmVmPSJodHRwOi8vbWFpbC5waHgub3ZpcnQub3JnIj5t YWlsLnBoeC5vdmlydC5vcmc8L2E+JiMzOTsgLSBhbnlvbmUgZnJvbSB0aGUgdGVhbSBjYW4gZG8g aXQgLSBpZiBubyBvbmUgaXMgZG9pbmcgaXQgYnkgdGhlIGVuZCBvZiB0aGlzIHdlZWssIEkmIzM5 O2xsIGRvIGl0LjwvZGl2PjxkaXY+Mi4gWW91IHNob3VsZCBnZXQgYWNjZXNzIHRvIHRoYXQgVk0g KHBsZWFzZSBzZW5kIHlvdSBzc2ggcHVibGljIGtleSB0byBpbmZyYSBsaXN0IHNvIHdlIGNhbiBh ZGQgeW91IGFuZCB5b3UmIzM5O2xsIGdldCBhY2Nlc3MgdG8gdGhlIFZNKS48L2Rpdj48ZGl2PjMu IFVzaW5nIHRoZSBBbnNpYmxlIHBsYXlib29rIHRvIGluc3RhbGwgdGhlIG5ldyBzZXJ2aWNlICho eXBlcmtpdHR5KSBvbiB0aGUgbmV3IFZNLjwvZGl2PjxkaXY+NC4gRG9jdW1lbnRpbmcgdGhlIGN1 cnJlbnQgY29uZmlndXJhdGlvbiB3ZSBoYXZlIG9uIDxhIGhyZWY9Imh0dHA6Ly9saXN0cy5vdmly dC5vcmciPmxpc3RzLm92aXJ0Lm9yZzwvYT4gKGV4aXN0aW5nIG1haWxtYW4pIGFuZCBhcHBseWlu ZyBpdCB0byB0aGUgbmV3IHNlcnZlci4gKCBhZGFwdGluZyB0aGUgQW5zaWJsZSBwbGF5Ym9vayB0 byBpbmNsdWRlIG91ciBjb25maWd1cmF0aW9uICk8L2Rpdj48ZGl2PjUuIFB1c2hpbmcgdGhlIEFu c2libGUgY29kZSBpbnRvIGEgcmVwbyAod2UgbWlnaHQgbmVlZCB0byBjcmVhdGUgYSBuZXcgZ2l0 IHJlcG8gZm9yIGl0KTwvZGl2PjxkaXY+Ni4gTWlncmF0aW5nIHRoZSBzZXJ2ZXIgKCB3aXRoIGEg cm9sbGJhY2sgb3B0aW9uICk8L2Rpdj48ZGl2Pjxicj48L2Rpdj48ZGl2PlVwIHVudGlsIG5vdyB0 aGlzIGRpZG4mIzM5O3QgaW5jbHVkZSBtYW5hZ2luZyBBbnNpYmxlIHZpYSBmb3JlbWFuIGFuZCBv bmx5IHJlZmVycyB0byBtaWdyYXRpbmcgZXhpc3RpbmcgbWFpbG1hbiB0byBuZXcgc2VydmVyIHVz aW5nIEFuc2libGUuPC9kaXY+PGRpdj48YnI+PC9kaXY+PGRpdj5UaGUgc2Vjb25kIHBhcnQgaXMg bW9yZSB0cmlja3k6PC9kaXY+PGRpdj48YnI+PC9kaXY+PGRpdj4xLiBJbnN0YWxsIG5ldyBmb3Jl bWFuIFZNIG9uIFBIWCAoIHRoYXQmIzM5O3MgYSBwZW5kaW5nIHRhc2sgd2UgbmVlZCBwcmlvcml0 emUgcmVnYXJsZXNzIG9mIHRoZSBtYWlsbWFuIG1pZ3JhdGlvbiBhbmQgd2UmIzM5O2xsIGRvIGl0 IHNvb24gYWZ0ZXIgamVua2lucyBtaWdyYXRlZCApPC9kaXY+PGRpdj4yLiBDaGVjayBpZiBpdHMg cG9zc2libGUgbWFuYWdlIEFuc2libGUgdmlhIGZvcmVtYW4gb3Igd2hhdCBkb2VzIGl0IG1lYW4g dG8gZG8gaXQ8L2Rpdj48ZGl2PjMuIElmIHdlJiMzOTtsbCBzZWUgdGhhdCBpdHMgbm90IGNvcnJl bGF0ZSB0byBob3cgd2UgbWFuYWdlIHRoZSBpbmZyYSByaWdodCBub3cgYW5kIHRha2VzIGEgYmln IHRvbGwgb24gbWFuYWdlbWVudCwgd2Ugd2lsbCBkZWNpZGUgdGhlIFBPQyBpcyBhIGZhaWwgYW5k IHdlIHdpbGwgbmVlZCB0byB3cml0ZSBwdXBwZXQgY2xhc3NlcyB0byB0aGUgbmV3IGluc3RhbGxl ZCBtYWlsbWFuLjwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+QXMgeW91 IGNhbiB1bmRlcnN0YW5kIHRoaXMgYXBwcm9hY2ggaGFzIGEgJnF1b3Q7cmlzayZxdW90OyBvZiBk b2luZyBzb21lIGR1cGxpY2F0ZSB3b3JrLCBidXQgSSB0aGluayBpdHMgdGhlIGJlc3Qgd2F5IHRv IGdvIGJlY2F1c2UgaXQgd2lsbCBhbGxvdyB1cyB0bzo8L2Rpdj48ZGl2Pjx1bD48bGk+TWlncmF0 ZSB0aGUgcXVpY2tlc3Qgd2F5LCBzYXZpbmcgbW9uZXkgb24gaG9zdGluZyB3ZSBkb24mIzM5O3Qg bmVlZDwvbGk+PGxpPlRlc3RpbmcgQW5zaWJsZSBzdXBwb3J0LCB3aGljaCBpcyBzb21ldGhpbmcg d2UgY2FuJiMzOTt0IGlnbm9yZSwgYXMgd2Ugc2VlIG1vcmUgYW5kIG1vcmUgQW5zaWJsZSBhZG9w dGlvbiBhbmQgSSBiZWxpZXZlIHdlIHNob3VsZCBldmFsdWF0ZSBpdC48L2xpPjxsaT5XZSB3aWxs IGJlIGFibGUgdG8gb3BlbiBidWdzIHRvIGZvcmVtYW4gaWYgd2UmIzM5O2xsIGhpdCBhbnkgaXNz dWVzIHdoaWNoIGlzIGJsb2NraW5nIHVzPC9saT48bGk+SWYgd2Ugd2lsbCBlbmQgdXAgd3JpdGlu ZyBwdXBwZXQgbWFuaWZlc3QsIHdlIHdvdWxkIGhhdmUgbm90IHdhc3RlZCB0b28gbXVjaCB0aW1l IG9uIEFuc2libGUgc2luY2UgbW9zdCBvZiB0aGUgY29kZSBpcyBhbHJlYWR5IGF2YWlsYWJsZS48 L2xpPjwvdWw+PGRpdj48YnI+PC9kaXY+PC9kaXY+PGRpdj5MZXRzIG1vdmUgZm9yd2FyZCB3aXRo IHRoaXMuPC9kaXY+PGRpdj48YnI+PC9kaXY+PGRpdj5FeWFsLjwvZGl2PjxkaXY+PGJyPjxkaXYg Y2xhc3M9ImdtYWlsX2V4dHJhIj48YnI+PGRpdiBjbGFzcz0iZ21haWxfcXVvdGUiPk9uIE1vbiwg QXByIDExLCAyMDE2IGF0IDEyOjM2IFBNLCBNYXJjIERlcXXDqG5lcyAoRHVjaykgPHNwYW4gZGly PSJsdHIiPiZsdDs8YSBocmVmPSJtYWlsdG86ZHVja0ByZWRoYXQuY29tIiB0YXJnZXQ9Il9ibGFu ayI+ZHVja0ByZWRoYXQuY29tPC9hPiZndDs8L3NwYW4+IHdyb3RlOjxicj48YmxvY2txdW90ZSBj bGFzcz0iZ21haWxfcXVvdGUiIHN0eWxlPSJtYXJnaW46MCAwIDAgLjhleDtib3JkZXItbGVmdDox cHggI2NjYyBzb2xpZDtwYWRkaW5nLWxlZnQ6MWV4Ij5RdWFjayw8YnI+DQo8c3BhbiBjbGFzcz0i Ij48YnI+DQpPbiAwNC8xMS8yMDE2IDA1OjM4IFBNLCBCYXJhayBLb3JyZW4gd3JvdGU6PGJyPg0K PGJyPg0KJmd0OyBXZWxsLCB3aGF0IGtpbmQgb2YgaGFuZCBpcyBuZWVkZWQ/PGJyPg0KPGJyPg0K PC9zcGFuPkhlbHAgYWJvdXQgdGhlIFZNLCB5b3UgcmVwbGllZCB0byB0aGlzIHBhcnQgKHdoaWNo IHVuZm9ydHVuYXRlbHkgYmVnYW48YnI+DQpvZmYtbGlzdCwgbXkgYmFkKSwgdGhhbmtzLjxicj4N Cjxicj4NClRoZSBvdGhlciBwYXJ0IGlzIHRyYWNraW5nIHRoZSBmZWF0dXJlcyB5b3UgbmVlZCwg dG8gc2VlIGlmIHVwZ3JhZGluZzxicj4NCkZvcmVtYW4gYW5kIHVzaW5nIHRoZSB3b3JrIE1pc2Mg cG9pbnRlZCBhdCBjb3VsZCBiZSBhIHdvcmtpbmcgc29sdXRpb24uPGJyPg0KQmVjYXVzZSBpZiBh biBpbXBvcnRhbnQgZmVhdHVyZSBpcyBtaXNzaW5nLCB0aGVuIHRoaXMgcGF0aCB3aWxsIG5vdDxi cj4NCmhhcHBlbiBub3cuPGJyPg0KPGJyPg0KQW5kIHRoZW4gaWYgaXQgaXMgYSBwb3NzaWJsZSBw YXRoLCBhcmUgeW91IGFsbCB3aWxsaW5nIHRvIHdvcmsgb24gdGhpczxicj4NCm1pZ3JhdGlvbj88 YnI+DQo8c3BhbiBjbGFzcz0iIj48YnI+DQomZ3Q7IEkgcmVtYWluIHVuY29udmluY2VkIGFib3V0 IHRoZSBiZW5lZml0cyBvZiB1c2luZyBBbnNpYmxlIGhlcmUgYXM8YnI+DQomZ3Q7IG9wcHNlZCB0 byB0aGUgZG93bnNpZGVzIG9mIG1haW50YWluaW5nIHR3byBDTSBzeXN0ZW1zIGluIHBhcmFsbGVs Ljxicj4NCjxicj4NCjwvc3Bhbj5JIG9ubHkgdmlld2VkIE1haWxtYW4gYXMgYSBwcm9vZiBvZiBj b25jZXB0LiBJIGFncmVlIG1haW50YWluaW5nIGJvdGg8YnI+DQpzeXN0ZW1zIHN1eC4gU28gdGhh dCYjMzk7cyB3aHkgSSYjMzk7bSB0YWxraW5nIGFib3V0IGEgcG9zc2libGUgbWlncmF0aW9uLiBJ PGJyPg0KZ3Vlc3MgaWYgaXQgZmFpbHMgdGhlbiB3ZSYjMzk7bGwgYmUgYmFjayB0byByZWludGVn cmF0aW5nIE1haWxNYW4gaW4gdGhlPGJyPg0KY3VycmVudCBzeXN0ZW0gYW5kIHRoaXMgaXMgbm90 IHRoYXQgaG9ycmlibGUuIElmIGl0IHdvcmtzIHdlIGNhbiB3b3JrIG9uPGJyPg0KY29udmVydGlu ZyB0aGUgcmVzdCB3aXRoIHRoZSBrbm93bGVkZ2Ugd2UgZ2FpbmVkLjxicj4NCjxicj4NCkkmIzM5 O2QgYmUgaGFwcHkgdG8gaGVscCBidXQgY2xlYXJseSBJIHdvdWxkIG5lZWQgc29tZSB0aW1lIGFu ZCBlbmVyZ3kgZnJvbTxicj4NCnBlb3BsZSBpbiB0aGUgcHJvamVjdC4gT3RoZXIgT1NBUyBtZW1i ZXJzIGNvdWxkIGFsc28gZ2l2ZSBhIGhhbmQuPGJyPg0KPHNwYW4gY2xhc3M9IiI+PGJyPg0KJmd0 OyBZZWFoIEkmIzM5O20gdGhlIGN1cnJlbnQgb3duZXIgb2YgdGhlIHRpY2tldCB0byB1cGdyYWRl IGl0IGFuZCBtaWdyYXRlIGl0PGJyPg0KJmd0OyB0byBQSFgsIEkgd2lsbCBnZXQgdG8gaXQgZXZl bnR1YWxseS4uLjxicj4NCjxicj4NCjwvc3Bhbj5JJiMzOTt2ZSBubyBpZGVhIGFib3V0IHlvdXIg d29ya2xvYWQsIG5vciBhYm91dCB0aGUgdXJnZW5jeSBvZiBtaWdyYXRpbmc8YnI+DQpNYWlsbWFu LiBJIHRoaW5rIHRoaXMgaXMgaW1wb3J0YW50IHRvIGNoZWNrIG91ciBhdmFpbGFiaWxpdHkgYW5k IHdpbGwgdG88YnI+DQppbnZlc3Qgb24gdGhpcy48YnI+DQo8c3BhbiBjbGFzcz0iIj48YnI+DQom Z3Q7IEkgdGhpbmsgZG9pbmcgdGhpcyBraW5kIG9mIHdvcmsgd2lsbCBiZW5lZml0IHVzIGFzIHdl bGwgYXMgb3RoZXJzLCBpdDxicj4NCiZndDsgc2hvdWxkIG5vdCBiZSB0b28gbXVjaCB0cm91Ymxl IGltby48YnI+DQomZ3Q7IENvbnNpZGVyIHNlbmRpbmcgYSByb3VnaCBwYXRjaCB0byBHZXJyaXQs IHdlIGNhbiBoZWxwIGFuZCBsZWFkIHlvdSBmcm9tIHRoZXJlLjxicj4NCjxicj4NCjwvc3Bhbj5Q cm9iYWJseS4gTmV2ZXJ0aGVsZXNzIGl0IHNlZW1zIG1vc3QgcHJvamVjdHMgT1NBUyBhcmUgaW4g dG91Y2ggd2l0aCBhcmU8YnI+DQpnZXR0aW5nIG91dCBvZiBQdXBwZXQgYW5kIEkgbXlzZWxmIGlu IG90aGVyIHByb2plY3RzIGRlY2lkZWQgbm90IHRvIGdvPGJyPg0KaW50byB0aGlzIHNvbHV0aW9u IGFmdGVyIHNvbWUgY29tcGFyaXNvbiBhbmQgWFAgY29sbGVjdGlvbi4gU28geW91IG1heTxicj4N CnVuZGVyc3RhbmQgSSYjMzk7ZCBsaWtlIHRvIGludmVzdCBteSB0aW1lIGluIHNvbWV0aGluZyBu b3QgdG90YWxseTxicj4NCmVwaGVtZXJhbC4gQnV0IGlmIHRoaXMgbWlncmF0aW9uIGlzIHJlamVj dGVkIG9yIHBvc3Rwb25lZCwgSSB3aWxsLjxicj4NCjxzcGFuIGNsYXNzPSIiPjxicj4NCiZndDsg RXlhbCBzdWdnZXN0ZWQgdXNpbmcgQW5zaWJsZSByaWdodCBub3cgaW4gYSBvbmUtb2ZmIGZhc2hp b24gdG8gZ2V0IHRoZTxicj4NCiZndDsgTWFpbG1hbiBzZXJ2ZXIgdXAuIEkgZG9uJiMzOTt0IHBh cnRpY3VsYXJpdHkgbGlrZSB0aGF0IGlkZWEgYmV1Y2FzZSBpdDxicj4NCiZndDsgc2VlbXMgdG8g bWUgaXQgd291bGQgbWFrZSB1cyBpbmN1ciBzb21lIHRlY2huaWNhbCBkZWJ0IHdlIHdpbGwgbm90 IHBheTxicj4NCiZndDsgcXVpY2tseS4gSSYjMzk7ZCByYXRoZXIgcGF5IGl0IHVwZnJvbnQuIEJ1 dCBJIGNhbiB1bmRlcnN0YW5kIGlmIHdlIHdhbnQgdG88YnI+DQomZ3Q7IHRha2Ugc3VjaCBzaG9y dCBjdXRzIGl0IHRoZSBpbnRlcmVzdCBvZiBnZXR0aW5nIE1haWxtYW4gb3V0IG9mIHNvbWU8YnI+ DQomZ3Q7IGJhZCBzdGF0ZSBpdCBpcyBjdXJyZW50bHkgaXQuIEkmIzM5O20gbm90IHN1cmUgd2hh dCBpcyB0aGUgc2l0dWF0aW9uIHdpdGg8YnI+DQomZ3Q7IGl0IHJpZ2h0IG5vdy48YnI+DQo8YnI+ DQo8L3NwYW4+SSYjMzk7bSBuZXcgaGVyZSA6LSksIG5laXRoZXIgZG8gSS48YnI+DQo8YnI+DQpS ZWdhcmRzLjxicj4NCjxicj4NCjwvYmxvY2txdW90ZT48L2Rpdj48YnI+PGJyIGNsZWFyPSJhbGwi PjxkaXY+PGJyPjwvZGl2Pi0tIDxicj48ZGl2IGNsYXNzPSJnbWFpbF9zaWduYXR1cmUiPjxkaXYg ZGlyPSJsdHIiPjxkaXY+PGRpdiBkaXI9Imx0ciI+PGRpdj5FeWFsIEVkcmk8YnI+QXNzb2NpYXRl IE1hbmFnZXI8L2Rpdj48ZGl2PlJIRVYgRGV2T3BzPGJyPkVNRUEgRU5HIFZpcnR1YWxpemF0aW9u IFImYW1wO0Q8YnI+UmVkIEhhdCBJc3JhZWw8YnI+PGJyPnBob25lOiArOTcyLTktNzY5MjAxODxi cj5pcmM6IGVlZHJpIChvbiAjdGx2ICNyaGV2LWRldiAjcmhldi1pbnRlZyk8L2Rpdj48L2Rpdj48 L2Rpdj48L2Rpdj48L2Rpdj4NCjwvZGl2PjwvZGl2PjwvZGl2Pg0KPC9ibG9ja3F1b3RlPjwvZGl2 Pg== ----_com.boxer.email_1057195513138980--
Hello David, All. Maybe it makes sense to rereview foreman alternatives for future... Tower might be a good choice, but not open sourced yet and no plans for that. Also using puppet from it needs to be reviewed. Anton. On Tue, Apr 12, 2016 at 5:52 PM, David Caro Estevez <dcaroest@redhat.com> wrote:
I had a small chat with dlobato, it seems that the Foreman-ansible integration is halted because it potentially conflicts/collides with tower, but that if we publicly request it as project we might get it unlocked.
David Caro El 12/4/2016 15:52, Eyal Edri <eedri@redhat.com> escribió:
Top posting to summarize things:
I'm OK with doing a 'POC' of using Ansible with mailman 3 in order to move forward with this migration and release linode server which we pay money for it on a regular basis while we could use this for other usage.
This is what I suggest:
1. Create a VM in PHX called 'mail.phx.ovirt.org' - anyone from the team can do it - if no one is doing it by the end of this week, I'll do it. 2. You should get access to that VM (please send you ssh public key to infra list so we can add you and you'll get access to the VM). 3. Using the Ansible playbook to install the new service (hyperkitty) on the new VM. 4. Documenting the current configuration we have on lists.ovirt.org (existing mailman) and applying it to the new server. ( adapting the Ansible playbook to include our configuration ) 5. Pushing the Ansible code into a repo (we might need to create a new git repo for it) 6. Migrating the server ( with a rollback option )
Up until now this didn't include managing Ansible via foreman and only refers to migrating existing mailman to new server using Ansible.
The second part is more tricky:
1. Install new foreman VM on PHX ( that's a pending task we need prioritze regarless of the mailman migration and we'll do it soon after jenkins migrated ) 2. Check if its possible manage Ansible via foreman or what does it mean to do it 3. If we'll see that its not correlate to how we manage the infra right now and takes a big toll on management, we will decide the POC is a fail and we will need to write puppet classes to the new installed mailman.
As you can understand this approach has a "risk" of doing some duplicate work, but I think its the best way to go because it will allow us to:
- Migrate the quickest way, saving money on hosting we don't need - Testing Ansible support, which is something we can't ignore, as we see more and more Ansible adoption and I believe we should evaluate it. - We will be able to open bugs to foreman if we'll hit any issues which is blocking us - If we will end up writing puppet manifest, we would have not wasted too much time on Ansible since most of the code is already available.
Lets move forward with this.
Eyal.
On Mon, Apr 11, 2016 at 12:36 PM, Marc Dequènes (Duck) <duck@redhat.com> wrote:
Quack,
On 04/11/2016 05:38 PM, Barak Korren wrote:
Well, what kind of hand is needed?
Help about the VM, you replied to this part (which unfortunately began off-list, my bad), thanks.
The other part is tracking the features you need, to see if upgrading Foreman and using the work Misc pointed at could be a working solution. Because if an important feature is missing, then this path will not happen now.
And then if it is a possible path, are you all willing to work on this migration?
I remain unconvinced about the benefits of using Ansible here as oppsed to the downsides of maintaining two CM systems in parallel.
I only viewed Mailman as a proof of concept. I agree maintaining both systems sux. So that's why I'm talking about a possible migration. I guess if it fails then we'll be back to reintegrating MailMan in the current system and this is not that horrible. If it works we can work on converting the rest with the knowledge we gained.
I'd be happy to help but clearly I would need some time and energy from people in the project. Other OSAS members could also give a hand.
Yeah I'm the current owner of the ticket to upgrade it and migrate it to PHX, I will get to it eventually...
I've no idea about your workload, nor about the urgency of migrating Mailman. I think this is important to check our availability and will to invest on this.
I think doing this kind of work will benefit us as well as others, it should not be too much trouble imo. Consider sending a rough patch to Gerrit, we can help and lead you from there.
Probably. Nevertheless it seems most projects OSAS are in touch with are getting out of Puppet and I myself in other projects decided not to go into this solution after some comparison and XP collection. So you may understand I'd like to invest my time in something not totally ephemeral. But if this migration is rejected or postponed, I will.
Eyal suggested using Ansible right now in a one-off fashion to get the Mailman server up. I don't particularity like that idea beucase it seems to me it would make us incur some technical debt we will not pay quickly. I'd rather pay it upfront. But I can understand if we want to take such short cuts it the interest of getting Mailman out of some bad state it is currently it. I'm not sure what is the situation with it right now.
I'm new here :-), neither do I.
Regards.
-- Eyal Edri Associate Manager RHEV DevOps EMEA ENG Virtualization R&D Red Hat Israel
phone: +972-9-7692018 irc: eedri (on #tlv #rhev-dev #rhev-integ)
_______________________________________________ Infra mailing list Infra@ovirt.org http://lists.ovirt.org/mailman/listinfo/infra
-- Anton Marchukov Senior Software Engineer - RHEV CI - Red Hat
----_com.boxer.email_1134529558349850 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 SSB3YXMgbm90IHRhbGtpbmcgYWJ1dCB1c2luZyB0b3dlciwgYnV0IGFib3V0IGFza2luZyB0aGVt IHRvIHB1c2ggdGhlIHN1cHBvcnQgb24gZm9yZW1hbiBhbmQga2VlcCB1c2luZyBmb3JlbWFuLgoK RGF2aWQgQ2FybwoKRWwgMTIvNC8yMDE2IDY6MDAgcC4gbS4sIEFudG9uIE1hcmNodWtvdiA8YW1h cmNodWtAcmVkaGF0LmNvbT4gZXNjcmliacOzOgoKSGVsbG8gRGF2aWQsIEFsbC4KCk1heWJlIGl0 IG1ha2VzIHNlbnNlIHRvIHJlcmV2aWV3IGZvcmVtYW4gYWx0ZXJuYXRpdmVzIGZvciBmdXR1cmUu Li4gVG93ZXIgbWlnaHQgYmUgYSBnb29kIGNob2ljZSwgYnV0IG5vdCBvcGVuIHNvdXJjZWQgeWV0 IGFuZCBubyBwbGFucyBmb3IgdGhhdC4gQWxzbyB1c2luZyBwdXBwZXQgZnJvbSBpdCBuZWVkcyB0 byBiZSByZXZpZXdlZC4gCgpBbnRvbi4KCgpPbiBUdWUsIEFwciAxMiwgMjAxNiBhdCA1OjUyIFBN LCBEYXZpZCBDYXJvIEVzdGV2ZXogPGRjYXJvZXN0QHJlZGhhdC5jb20+IHdyb3RlOgoKSSBoYWQg YSBzbWFsbCBjaGF0IHdpdGggZGxvYmF0bywgaXQgc2VlbXMgdGhhdCB0aGUgRm9yZW1hbi1hbnNp YmxlIGludGVncmF0aW9uIGlzIGhhbHRlZCBiZWNhdXNlIGl0IHBvdGVudGlhbGx5IGNvbmZsaWN0 cy9jb2xsaWRlcyB3aXRoIHRvd2VyLCBidXQgdGhhdCBpZiB3ZSBwdWJsaWNseSByZXF1ZXN0IGl0 IGFzIHByb2plY3Qgd2UgbWlnaHQgZ2V0IGl0IHVubG9ja2VkLgoKRGF2aWQgQ2FybwoKRWwgMTIv NC8yMDE2IDE1OjUyLCBFeWFsIEVkcmkgPGVlZHJpQHJlZGhhdC5jb20+IGVzY3JpYmnDszoKClRv cCBwb3N0aW5nIHRvIHN1bW1hcml6ZSB0aGluZ3M6CgoKSSdtIE9LIHdpdGggZG9pbmcgYSAnUE9D JyBvZiB1c2luZyBBbnNpYmxlIHdpdGggbWFpbG1hbiAzIGluIG9yZGVyIHRvIG1vdmUgZm9yd2Fy ZCB3aXRoIHRoaXMgbWlncmF0aW9uIGFuZCByZWxlYXNlIGxpbm9kZSBzZXJ2ZXIgd2hpY2ggd2Ug cGF5IG1vbmV5IGZvciBpdAoKb24gYSByZWd1bGFyIGJhc2lzIHdoaWxlIHdlIGNvdWxkIHVzZSB0 aGlzIGZvciBvdGhlciB1c2FnZS4KCgpUaGlzIGlzIHdoYXQgSSBzdWdnZXN0OgoKCjEuIENyZWF0 ZSBhIFZNIGluIFBIWCBjYWxsZWQgJ21haWwucGh4Lm92aXJ0Lm9yZycgLSBhbnlvbmUgZnJvbSB0 aGUgdGVhbSBjYW4gZG8gaXQgLSBpZiBubyBvbmUgaXMgZG9pbmcgaXQgYnkgdGhlIGVuZCBvZiB0 aGlzIHdlZWssIEknbGwgZG8gaXQuCgoyLiBZb3Ugc2hvdWxkIGdldCBhY2Nlc3MgdG8gdGhhdCBW TSAocGxlYXNlIHNlbmQgeW91IHNzaCBwdWJsaWMga2V5IHRvIGluZnJhIGxpc3Qgc28gd2UgY2Fu IGFkZCB5b3UgYW5kIHlvdSdsbCBnZXQgYWNjZXNzIHRvIHRoZSBWTSkuCgozLiBVc2luZyB0aGUg QW5zaWJsZSBwbGF5Ym9vayB0byBpbnN0YWxsIHRoZSBuZXcgc2VydmljZSAoaHlwZXJraXR0eSkg b24gdGhlIG5ldyBWTS4KCjQuIERvY3VtZW50aW5nIHRoZSBjdXJyZW50IGNvbmZpZ3VyYXRpb24g d2UgaGF2ZSBvbiBsaXN0cy5vdmlydC5vcmcgKGV4aXN0aW5nIG1haWxtYW4pIGFuZCBhcHBseWlu ZyBpdCB0byB0aGUgbmV3IHNlcnZlci4gKCBhZGFwdGluZyB0aGUgQW5zaWJsZSBwbGF5Ym9vayB0 byBpbmNsdWRlIG91ciBjb25maWd1cmF0aW9uICkKCjUuIFB1c2hpbmcgdGhlIEFuc2libGUgY29k ZSBpbnRvIGEgcmVwbyAod2UgbWlnaHQgbmVlZCB0byBjcmVhdGUgYSBuZXcgZ2l0IHJlcG8gZm9y IGl0KQoKNi4gTWlncmF0aW5nIHRoZSBzZXJ2ZXIgKCB3aXRoIGEgcm9sbGJhY2sgb3B0aW9uICkK CgpVcCB1bnRpbCBub3cgdGhpcyBkaWRuJ3QgaW5jbHVkZSBtYW5hZ2luZyBBbnNpYmxlIHZpYSBm b3JlbWFuIGFuZCBvbmx5IHJlZmVycyB0byBtaWdyYXRpbmcgZXhpc3RpbmcgbWFpbG1hbiB0byBu ZXcgc2VydmVyIHVzaW5nIEFuc2libGUuCgoKVGhlIHNlY29uZCBwYXJ0IGlzIG1vcmUgdHJpY2t5 OgoKCjEuIEluc3RhbGwgbmV3IGZvcmVtYW4gVk0gb24gUEhYICggdGhhdCdzIGEgcGVuZGluZyB0 YXNrIHdlIG5lZWQgcHJpb3JpdHplIHJlZ2FybGVzcyBvZiB0aGUgbWFpbG1hbiBtaWdyYXRpb24g YW5kIHdlJ2xsIGRvIGl0IHNvb24gYWZ0ZXIgamVua2lucyBtaWdyYXRlZCApCgoyLiBDaGVjayBp ZiBpdHMgcG9zc2libGUgbWFuYWdlIEFuc2libGUgdmlhIGZvcmVtYW4gb3Igd2hhdCBkb2VzIGl0 IG1lYW4gdG8gZG8gaXQKCjMuIElmIHdlJ2xsIHNlZSB0aGF0IGl0cyBub3QgY29ycmVsYXRlIHRv IGhvdyB3ZSBtYW5hZ2UgdGhlIGluZnJhIHJpZ2h0IG5vdyBhbmQgdGFrZXMgYSBiaWcgdG9sbCBv biBtYW5hZ2VtZW50LCB3ZSB3aWxsIGRlY2lkZSB0aGUgUE9DIGlzIGEgZmFpbCBhbmQgd2Ugd2ls bCBuZWVkIHRvIHdyaXRlIHB1cHBldCBjbGFzc2VzIHRvIHRoZSBuZXcgaW5zdGFsbGVkIG1haWxt YW4uCgoKCkFzIHlvdSBjYW4gdW5kZXJzdGFuZCB0aGlzIGFwcHJvYWNoIGhhcyBhICJyaXNrIiBv ZiBkb2luZyBzb21lIGR1cGxpY2F0ZSB3b3JrLCBidXQgSSB0aGluayBpdHMgdGhlIGJlc3Qgd2F5 IHRvIGdvIGJlY2F1c2UgaXQgd2lsbCBhbGxvdyB1cyB0bzoKCk1pZ3JhdGUgdGhlIHF1aWNrZXN0 IHdheSwgc2F2aW5nIG1vbmV5IG9uIGhvc3Rpbmcgd2UgZG9uJ3QgbmVlZFRlc3RpbmcgQW5zaWJs ZSBzdXBwb3J0LCB3aGljaCBpcyBzb21ldGhpbmcgd2UgY2FuJ3QgaWdub3JlLCBhcyB3ZSBzZWUg bW9yZSBhbmQgbW9yZSBBbnNpYmxlIGFkb3B0aW9uIGFuZCBJIGJlbGlldmUgd2Ugc2hvdWxkIGV2 YWx1YXRlIGl0LldlIHdpbGwgYmUgYWJsZSB0byBvcGVuIGJ1Z3MgdG8gZm9yZW1hbiBpZiB3ZSds bCBoaXQgYW55IGlzc3VlcyB3aGljaCBpcyBibG9ja2luZyB1c0lmIHdlIHdpbGwgZW5kIHVwIHdy aXRpbmcgcHVwcGV0IG1hbmlmZXN0LCB3ZSB3b3VsZCBoYXZlIG5vdCB3YXN0ZWQgdG9vIG11Y2gg dGltZSBvbiBBbnNpYmxlIHNpbmNlIG1vc3Qgb2YgdGhlIGNvZGUgaXMgYWxyZWFkeSBhdmFpbGFi bGUuCgoKTGV0cyBtb3ZlIGZvcndhcmQgd2l0aCB0aGlzLgoKCkV5YWwuCgoKCk9uIE1vbiwgQXBy IDExLCAyMDE2IGF0IDEyOjM2IFBNLCBNYXJjIERlcXXDqG5lcyAoRHVjaykgPGR1Y2tAcmVkaGF0 LmNvbT4gd3JvdGU6CgpRdWFjaywKCk9uIDA0LzExLzIwMTYgMDU6MzggUE0sIEJhcmFrIEtvcnJl biB3cm90ZToKCj4gV2VsbCwgd2hhdCBraW5kIG9mIGhhbmQgaXMgbmVlZGVkPwoKSGVscCBhYm91 dCB0aGUgVk0sIHlvdSByZXBsaWVkIHRvIHRoaXMgcGFydCAod2hpY2ggdW5mb3J0dW5hdGVseSBi ZWdhbgpvZmYtbGlzdCwgbXkgYmFkKSwgdGhhbmtzLgoKVGhlIG90aGVyIHBhcnQgaXMgdHJhY2tp bmcgdGhlIGZlYXR1cmVzIHlvdSBuZWVkLCB0byBzZWUgaWYgdXBncmFkaW5nCkZvcmVtYW4gYW5k IHVzaW5nIHRoZSB3b3JrIE1pc2MgcG9pbnRlZCBhdCBjb3VsZCBiZSBhIHdvcmtpbmcgc29sdXRp b24uCkJlY2F1c2UgaWYgYW4gaW1wb3J0YW50IGZlYXR1cmUgaXMgbWlzc2luZywgdGhlbiB0aGlz IHBhdGggd2lsbCBub3QKaGFwcGVuIG5vdy4KCkFuZCB0aGVuIGlmIGl0IGlzIGEgcG9zc2libGUg cGF0aCwgYXJlIHlvdSBhbGwgd2lsbGluZyB0byB3b3JrIG9uIHRoaXMKbWlncmF0aW9uPwoKPiBJ IHJlbWFpbiB1bmNvbnZpbmNlZCBhYm91dCB0aGUgYmVuZWZpdHMgb2YgdXNpbmcgQW5zaWJsZSBo ZXJlIGFzCj4gb3Bwc2VkIHRvIHRoZSBkb3duc2lkZXMgb2YgbWFpbnRhaW5pbmcgdHdvIENNIHN5 c3RlbXMgaW4gcGFyYWxsZWwuCgpJIG9ubHkgdmlld2VkIE1haWxtYW4gYXMgYSBwcm9vZiBvZiBj b25jZXB0LiBJIGFncmVlIG1haW50YWluaW5nIGJvdGgKc3lzdGVtcyBzdXguIFNvIHRoYXQncyB3 aHkgSSdtIHRhbGtpbmcgYWJvdXQgYSBwb3NzaWJsZSBtaWdyYXRpb24uIEkKZ3Vlc3MgaWYgaXQg ZmFpbHMgdGhlbiB3ZSdsbCBiZSBiYWNrIHRvIHJlaW50ZWdyYXRpbmcgTWFpbE1hbiBpbiB0aGUK Y3VycmVudCBzeXN0ZW0gYW5kIHRoaXMgaXMgbm90IHRoYXQgaG9ycmlibGUuIElmIGl0IHdvcmtz IHdlIGNhbiB3b3JrIG9uCmNvbnZlcnRpbmcgdGhlIHJlc3Qgd2l0aCB0aGUga25vd2xlZGdlIHdl IGdhaW5lZC4KCkknZCBiZSBoYXBweSB0byBoZWxwIGJ1dCBjbGVhcmx5IEkgd291bGQgbmVlZCBz b21lIHRpbWUgYW5kIGVuZXJneSBmcm9tCnBlb3BsZSBpbiB0aGUgcHJvamVjdC4gT3RoZXIgT1NB UyBtZW1iZXJzIGNvdWxkIGFsc28gZ2l2ZSBhIGhhbmQuCgo+IFllYWggSSdtIHRoZSBjdXJyZW50 IG93bmVyIG9mIHRoZSB0aWNrZXQgdG8gdXBncmFkZSBpdCBhbmQgbWlncmF0ZSBpdAo+IHRvIFBI WCwgSSB3aWxsIGdldCB0byBpdCBldmVudHVhbGx5Li4uCgpJJ3ZlIG5vIGlkZWEgYWJvdXQgeW91 ciB3b3JrbG9hZCwgbm9yIGFib3V0IHRoZSB1cmdlbmN5IG9mIG1pZ3JhdGluZwpNYWlsbWFuLiBJ IHRoaW5rIHRoaXMgaXMgaW1wb3J0YW50IHRvIGNoZWNrIG91ciBhdmFpbGFiaWxpdHkgYW5kIHdp bGwgdG8KaW52ZXN0IG9uIHRoaXMuCgo+IEkgdGhpbmsgZG9pbmcgdGhpcyBraW5kIG9mIHdvcmsg d2lsbCBiZW5lZml0IHVzIGFzIHdlbGwgYXMgb3RoZXJzLCBpdAo+IHNob3VsZCBub3QgYmUgdG9v IG11Y2ggdHJvdWJsZSBpbW8uCj4gQ29uc2lkZXIgc2VuZGluZyBhIHJvdWdoIHBhdGNoIHRvIEdl cnJpdCwgd2UgY2FuIGhlbHAgYW5kIGxlYWQgeW91IGZyb20gdGhlcmUuCgpQcm9iYWJseS4gTmV2 ZXJ0aGVsZXNzIGl0IHNlZW1zIG1vc3QgcHJvamVjdHMgT1NBUyBhcmUgaW4gdG91Y2ggd2l0aCBh cmUKZ2V0dGluZyBvdXQgb2YgUHVwcGV0IGFuZCBJIG15c2VsZiBpbiBvdGhlciBwcm9qZWN0cyBk ZWNpZGVkIG5vdCB0byBnbwppbnRvIHRoaXMgc29sdXRpb24gYWZ0ZXIgc29tZSBjb21wYXJpc29u IGFuZCBYUCBjb2xsZWN0aW9uLiBTbyB5b3UgbWF5CnVuZGVyc3RhbmQgSSdkIGxpa2UgdG8gaW52 ZXN0IG15IHRpbWUgaW4gc29tZXRoaW5nIG5vdCB0b3RhbGx5CmVwaGVtZXJhbC4gQnV0IGlmIHRo aXMgbWlncmF0aW9uIGlzIHJlamVjdGVkIG9yIHBvc3Rwb25lZCwgSSB3aWxsLgoKPiBFeWFsIHN1 Z2dlc3RlZCB1c2luZyBBbnNpYmxlIHJpZ2h0IG5vdyBpbiBhIG9uZS1vZmYgZmFzaGlvbiB0byBn ZXQgdGhlCj4gTWFpbG1hbiBzZXJ2ZXIgdXAuIEkgZG9uJ3QgcGFydGljdWxhcml0eSBsaWtlIHRo YXQgaWRlYSBiZXVjYXNlIGl0Cj4gc2VlbXMgdG8gbWUgaXQgd291bGQgbWFrZSB1cyBpbmN1ciBz b21lIHRlY2huaWNhbCBkZWJ0IHdlIHdpbGwgbm90IHBheQo+IHF1aWNrbHkuIEknZCByYXRoZXIg cGF5IGl0IHVwZnJvbnQuIEJ1dCBJIGNhbiB1bmRlcnN0YW5kIGlmIHdlIHdhbnQgdG8KPiB0YWtl IHN1Y2ggc2hvcnQgY3V0cyBpdCB0aGUgaW50ZXJlc3Qgb2YgZ2V0dGluZyBNYWlsbWFuIG91dCBv ZiBzb21lCj4gYmFkIHN0YXRlIGl0IGlzIGN1cnJlbnRseSBpdC4gSSdtIG5vdCBzdXJlIHdoYXQg aXMgdGhlIHNpdHVhdGlvbiB3aXRoCj4gaXQgcmlnaHQgbm93LgoKSSdtIG5ldyBoZXJlIDotKSwg bmVpdGhlciBkbyBJLgoKUmVnYXJkcy4KCgoKCi0tIAoKRXlhbCBFZHJpCkFzc29jaWF0ZSBNYW5h Z2VyCgpSSEVWIERldk9wcwpFTUVBIEVORyBWaXJ0dWFsaXphdGlvbiBSJkQKUmVkIEhhdCBJc3Jh ZWwKCnBob25lOiArOTcyLTktNzY5MjAxOAppcmM6IGVlZHJpIChvbiAjdGx2ICNyaGV2LWRldiAj cmhldi1pbnRlZykKCgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fXwpJbmZyYSBtYWlsaW5nIGxpc3QKSW5mcmFAb3ZpcnQub3JnCmh0dHA6Ly9saXN0cy5vdmly dC5vcmcvbWFpbG1hbi9saXN0aW5mby9pbmZyYQoKCgoKLS0gCgpBbnRvbiBNYXJjaHVrb3YKU2Vu aW9yIFNvZnR3YXJlIEVuZ2luZWVyIC0gUkhFViBDSSAtIFJlZCBIYXQKCg== ----_com.boxer.email_1134529558349850 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: base64 PHAgZGlyPSJsdHIiPkkgd2FzIG5vdCB0YWxraW5nIGFidXQgdXNpbmcgdG93ZXIsIGJ1dCBhYm91 dCBhc2tpbmcgdGhlbSB0byBwdXNoIHRoZSBzdXBwb3J0IG9uIGZvcmVtYW4gYW5kIGtlZXAgdXNp bmcgZm9yZW1hbi48L3A+CjxwIGRpcj0ibHRyIj5EYXZpZCBDYXJvPC9wPgo8ZGl2IGNsYXNzPSJx dW90ZSI+RWwgMTIvNC8yMDE2IDY6MDAgcC4gbS4sIEFudG9uIE1hcmNodWtvdiAmbHQ7YW1hcmNo dWtAcmVkaGF0LmNvbSZndDsgZXNjcmliacOzOjxiciB0eXBlPSdhdHRyaWJ1dGlvbic+PGJsb2Nr cXVvdGUgY2xhc3M9InF1b3RlIiBzdHlsZT0ibWFyZ2luOjAgMCAwIC44ZXg7Ym9yZGVyLWxlZnQ6 MXB4ICNjY2Mgc29saWQ7cGFkZGluZy1sZWZ0OjFleCI+PGRpdiBkaXI9Imx0ciI+PGRpdj48ZGl2 PkhlbGxvIERhdmlkLCBBbGwuPGJyPjxicj48L2Rpdj5NYXliZSBpdCBtYWtlcyBzZW5zZSB0byBy ZXJldmlldyBmb3JlbWFuIGFsdGVybmF0aXZlcyBmb3IgZnV0dXJlLi4uIFRvd2VyIG1pZ2h0IGJl IGEgZ29vZCBjaG9pY2UsIGJ1dCBub3Qgb3BlbiBzb3VyY2VkIHlldCBhbmQgbm8gcGxhbnMgZm9y IHRoYXQuIEFsc28gdXNpbmcgcHVwcGV0IGZyb20gaXQgbmVlZHMgdG8gYmUgcmV2aWV3ZWQuIDxi cj48YnI+PC9kaXY+QW50b24uPGJyPjwvZGl2PjxkaXYgY2xhc3M9ImdtYWlsX2V4dHJhIj48YnI+ PGRpdiBjbGFzcz0iZ21haWxfcXVvdGUiPk9uIFR1ZSwgQXByIDEyLCAyMDE2IGF0IDU6NTIgUE0s IERhdmlkIENhcm8gRXN0ZXZleiA8c3BhbiBkaXI9Imx0ciI+Jmx0OzxhIGhyZWY9Im1haWx0bzpk Y2Fyb2VzdEByZWRoYXQuY29tIiB0YXJnZXQ9Il9ibGFuayI+ZGNhcm9lc3RAcmVkaGF0LmNvbTwv YT4mZ3Q7PC9zcGFuPiB3cm90ZTo8YnI+PGJsb2NrcXVvdGUgY2xhc3M9ImdtYWlsX3F1b3RlIiBz dHlsZT0ibWFyZ2luOjAgMCAwIC44ZXg7Ym9yZGVyLWxlZnQ6MXB4ICNjY2Mgc29saWQ7cGFkZGlu Zy1sZWZ0OjFleCI+PHAgZGlyPSJsdHIiPkkgaGFkIGEgc21hbGwgY2hhdCB3aXRoIGRsb2JhdG8s IGl0IHNlZW1zIHRoYXQgdGhlIEZvcmVtYW4tYW5zaWJsZSBpbnRlZ3JhdGlvbiBpcyBoYWx0ZWQg YmVjYXVzZSBpdCBwb3RlbnRpYWxseSBjb25mbGljdHMvY29sbGlkZXMgd2l0aCB0b3dlciwgYnV0 IHRoYXQgaWYgd2UgcHVibGljbHkgcmVxdWVzdCBpdCBhcyBwcm9qZWN0IHdlIG1pZ2h0IGdldCBp dCB1bmxvY2tlZC48L3A+PHNwYW4gY2xhc3M9IkhPRW5aYiI+PGZvbnQgY29sb3I9IiM4ODg4ODgi Pg0KPHAgZGlyPSJsdHIiPkRhdmlkIENhcm88L3A+PC9mb250Pjwvc3Bhbj48ZGl2IGNsYXNzPSJI T0VuWmIiPjxkaXYgY2xhc3M9Img1Ij4NCjxkaXY+RWwgMTIvNC8yMDE2IDE1OjUyLCBFeWFsIEVk cmkgJmx0OzxhIGhyZWY9Im1haWx0bzplZWRyaUByZWRoYXQuY29tIiB0YXJnZXQ9Il9ibGFuayI+ ZWVkcmlAcmVkaGF0LmNvbTwvYT4mZ3Q7IGVzY3JpYmnDszo8YnIgdHlwZT0iYXR0cmlidXRpb24i PjxibG9ja3F1b3RlIHN0eWxlPSJtYXJnaW46MCAwIDAgLjhleDtib3JkZXItbGVmdDoxcHggI2Nj YyBzb2xpZDtwYWRkaW5nLWxlZnQ6MWV4Ij48ZGl2IGRpcj0ibHRyIj5Ub3AgcG9zdGluZyB0byBz dW1tYXJpemUgdGhpbmdzOjxkaXY+PGJyPjwvZGl2PjxkaXY+SSYjMzk7bSBPSyB3aXRoIGRvaW5n IGEgJiMzOTtQT0MmIzM5OyBvZiB1c2luZyBBbnNpYmxlIHdpdGggbWFpbG1hbiAzIGluIG9yZGVy IHRvIG1vdmUgZm9yd2FyZCB3aXRoIHRoaXMgbWlncmF0aW9uIGFuZCByZWxlYXNlIGxpbm9kZSBz ZXJ2ZXIgd2hpY2ggd2UgcGF5IG1vbmV5IGZvciBpdDwvZGl2PjxkaXY+b24gYSByZWd1bGFyIGJh c2lzIHdoaWxlIHdlIGNvdWxkIHVzZSB0aGlzIGZvciBvdGhlciB1c2FnZS48L2Rpdj48ZGl2Pjxi cj48L2Rpdj48ZGl2PlRoaXMgaXMgd2hhdCBJIHN1Z2dlc3Q6PC9kaXY+PGRpdj48YnI+PC9kaXY+ PGRpdj4xLiBDcmVhdGUgYSBWTSBpbiBQSFggY2FsbGVkICYjMzk7PGEgaHJlZj0iaHR0cDovL21h aWwucGh4Lm92aXJ0Lm9yZyIgdGFyZ2V0PSJfYmxhbmsiPm1haWwucGh4Lm92aXJ0Lm9yZzwvYT4m IzM5OyAtIGFueW9uZSBmcm9tIHRoZSB0ZWFtIGNhbiBkbyBpdCAtIGlmIG5vIG9uZSBpcyBkb2lu ZyBpdCBieSB0aGUgZW5kIG9mIHRoaXMgd2VlaywgSSYjMzk7bGwgZG8gaXQuPC9kaXY+PGRpdj4y LiBZb3Ugc2hvdWxkIGdldCBhY2Nlc3MgdG8gdGhhdCBWTSAocGxlYXNlIHNlbmQgeW91IHNzaCBw dWJsaWMga2V5IHRvIGluZnJhIGxpc3Qgc28gd2UgY2FuIGFkZCB5b3UgYW5kIHlvdSYjMzk7bGwg Z2V0IGFjY2VzcyB0byB0aGUgVk0pLjwvZGl2PjxkaXY+My4gVXNpbmcgdGhlIEFuc2libGUgcGxh eWJvb2sgdG8gaW5zdGFsbCB0aGUgbmV3IHNlcnZpY2UgKGh5cGVya2l0dHkpIG9uIHRoZSBuZXcg Vk0uPC9kaXY+PGRpdj40LiBEb2N1bWVudGluZyB0aGUgY3VycmVudCBjb25maWd1cmF0aW9uIHdl IGhhdmUgb24gPGEgaHJlZj0iaHR0cDovL2xpc3RzLm92aXJ0Lm9yZyIgdGFyZ2V0PSJfYmxhbmsi Pmxpc3RzLm92aXJ0Lm9yZzwvYT4gKGV4aXN0aW5nIG1haWxtYW4pIGFuZCBhcHBseWluZyBpdCB0 byB0aGUgbmV3IHNlcnZlci4gKCBhZGFwdGluZyB0aGUgQW5zaWJsZSBwbGF5Ym9vayB0byBpbmNs dWRlIG91ciBjb25maWd1cmF0aW9uICk8L2Rpdj48ZGl2PjUuIFB1c2hpbmcgdGhlIEFuc2libGUg Y29kZSBpbnRvIGEgcmVwbyAod2UgbWlnaHQgbmVlZCB0byBjcmVhdGUgYSBuZXcgZ2l0IHJlcG8g Zm9yIGl0KTwvZGl2PjxkaXY+Ni4gTWlncmF0aW5nIHRoZSBzZXJ2ZXIgKCB3aXRoIGEgcm9sbGJh Y2sgb3B0aW9uICk8L2Rpdj48ZGl2Pjxicj48L2Rpdj48ZGl2PlVwIHVudGlsIG5vdyB0aGlzIGRp ZG4mIzM5O3QgaW5jbHVkZSBtYW5hZ2luZyBBbnNpYmxlIHZpYSBmb3JlbWFuIGFuZCBvbmx5IHJl ZmVycyB0byBtaWdyYXRpbmcgZXhpc3RpbmcgbWFpbG1hbiB0byBuZXcgc2VydmVyIHVzaW5nIEFu c2libGUuPC9kaXY+PGRpdj48YnI+PC9kaXY+PGRpdj5UaGUgc2Vjb25kIHBhcnQgaXMgbW9yZSB0 cmlja3k6PC9kaXY+PGRpdj48YnI+PC9kaXY+PGRpdj4xLiBJbnN0YWxsIG5ldyBmb3JlbWFuIFZN IG9uIFBIWCAoIHRoYXQmIzM5O3MgYSBwZW5kaW5nIHRhc2sgd2UgbmVlZCBwcmlvcml0emUgcmVn YXJsZXNzIG9mIHRoZSBtYWlsbWFuIG1pZ3JhdGlvbiBhbmQgd2UmIzM5O2xsIGRvIGl0IHNvb24g YWZ0ZXIgamVua2lucyBtaWdyYXRlZCApPC9kaXY+PGRpdj4yLiBDaGVjayBpZiBpdHMgcG9zc2li bGUgbWFuYWdlIEFuc2libGUgdmlhIGZvcmVtYW4gb3Igd2hhdCBkb2VzIGl0IG1lYW4gdG8gZG8g aXQ8L2Rpdj48ZGl2PjMuIElmIHdlJiMzOTtsbCBzZWUgdGhhdCBpdHMgbm90IGNvcnJlbGF0ZSB0 byBob3cgd2UgbWFuYWdlIHRoZSBpbmZyYSByaWdodCBub3cgYW5kIHRha2VzIGEgYmlnIHRvbGwg b24gbWFuYWdlbWVudCwgd2Ugd2lsbCBkZWNpZGUgdGhlIFBPQyBpcyBhIGZhaWwgYW5kIHdlIHdp bGwgbmVlZCB0byB3cml0ZSBwdXBwZXQgY2xhc3NlcyB0byB0aGUgbmV3IGluc3RhbGxlZCBtYWls bWFuLjwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+QXMgeW91IGNhbiB1 bmRlcnN0YW5kIHRoaXMgYXBwcm9hY2ggaGFzIGEgJnF1b3Q7cmlzayZxdW90OyBvZiBkb2luZyBz b21lIGR1cGxpY2F0ZSB3b3JrLCBidXQgSSB0aGluayBpdHMgdGhlIGJlc3Qgd2F5IHRvIGdvIGJl Y2F1c2UgaXQgd2lsbCBhbGxvdyB1cyB0bzo8L2Rpdj48ZGl2Pjx1bD48bGk+TWlncmF0ZSB0aGUg cXVpY2tlc3Qgd2F5LCBzYXZpbmcgbW9uZXkgb24gaG9zdGluZyB3ZSBkb24mIzM5O3QgbmVlZDwv bGk+PGxpPlRlc3RpbmcgQW5zaWJsZSBzdXBwb3J0LCB3aGljaCBpcyBzb21ldGhpbmcgd2UgY2Fu JiMzOTt0IGlnbm9yZSwgYXMgd2Ugc2VlIG1vcmUgYW5kIG1vcmUgQW5zaWJsZSBhZG9wdGlvbiBh bmQgSSBiZWxpZXZlIHdlIHNob3VsZCBldmFsdWF0ZSBpdC48L2xpPjxsaT5XZSB3aWxsIGJlIGFi bGUgdG8gb3BlbiBidWdzIHRvIGZvcmVtYW4gaWYgd2UmIzM5O2xsIGhpdCBhbnkgaXNzdWVzIHdo aWNoIGlzIGJsb2NraW5nIHVzPC9saT48bGk+SWYgd2Ugd2lsbCBlbmQgdXAgd3JpdGluZyBwdXBw ZXQgbWFuaWZlc3QsIHdlIHdvdWxkIGhhdmUgbm90IHdhc3RlZCB0b28gbXVjaCB0aW1lIG9uIEFu c2libGUgc2luY2UgbW9zdCBvZiB0aGUgY29kZSBpcyBhbHJlYWR5IGF2YWlsYWJsZS48L2xpPjwv dWw+PGRpdj48YnI+PC9kaXY+PC9kaXY+PGRpdj5MZXRzIG1vdmUgZm9yd2FyZCB3aXRoIHRoaXMu PC9kaXY+PGRpdj48YnI+PC9kaXY+PGRpdj5FeWFsLjwvZGl2PjxkaXY+PGJyPjxkaXYgY2xhc3M9 ImdtYWlsX2V4dHJhIj48YnI+PGRpdiBjbGFzcz0iZ21haWxfcXVvdGUiPk9uIE1vbiwgQXByIDEx LCAyMDE2IGF0IDEyOjM2IFBNLCBNYXJjIERlcXXDqG5lcyAoRHVjaykgPHNwYW4gZGlyPSJsdHIi PiZsdDs8YSBocmVmPSJtYWlsdG86ZHVja0ByZWRoYXQuY29tIiB0YXJnZXQ9Il9ibGFuayI+ZHVj a0ByZWRoYXQuY29tPC9hPiZndDs8L3NwYW4+IHdyb3RlOjxicj48YmxvY2txdW90ZSBjbGFzcz0i Z21haWxfcXVvdGUiIHN0eWxlPSJtYXJnaW46MCAwIDAgLjhleDtib3JkZXItbGVmdDoxcHggI2Nj YyBzb2xpZDtwYWRkaW5nLWxlZnQ6MWV4Ij5RdWFjayw8YnI+DQo8c3Bhbj48YnI+DQpPbiAwNC8x MS8yMDE2IDA1OjM4IFBNLCBCYXJhayBLb3JyZW4gd3JvdGU6PGJyPg0KPGJyPg0KJmd0OyBXZWxs LCB3aGF0IGtpbmQgb2YgaGFuZCBpcyBuZWVkZWQ/PGJyPg0KPGJyPg0KPC9zcGFuPkhlbHAgYWJv dXQgdGhlIFZNLCB5b3UgcmVwbGllZCB0byB0aGlzIHBhcnQgKHdoaWNoIHVuZm9ydHVuYXRlbHkg YmVnYW48YnI+DQpvZmYtbGlzdCwgbXkgYmFkKSwgdGhhbmtzLjxicj4NCjxicj4NClRoZSBvdGhl ciBwYXJ0IGlzIHRyYWNraW5nIHRoZSBmZWF0dXJlcyB5b3UgbmVlZCwgdG8gc2VlIGlmIHVwZ3Jh ZGluZzxicj4NCkZvcmVtYW4gYW5kIHVzaW5nIHRoZSB3b3JrIE1pc2MgcG9pbnRlZCBhdCBjb3Vs ZCBiZSBhIHdvcmtpbmcgc29sdXRpb24uPGJyPg0KQmVjYXVzZSBpZiBhbiBpbXBvcnRhbnQgZmVh dHVyZSBpcyBtaXNzaW5nLCB0aGVuIHRoaXMgcGF0aCB3aWxsIG5vdDxicj4NCmhhcHBlbiBub3cu PGJyPg0KPGJyPg0KQW5kIHRoZW4gaWYgaXQgaXMgYSBwb3NzaWJsZSBwYXRoLCBhcmUgeW91IGFs bCB3aWxsaW5nIHRvIHdvcmsgb24gdGhpczxicj4NCm1pZ3JhdGlvbj88YnI+DQo8c3Bhbj48YnI+ DQomZ3Q7IEkgcmVtYWluIHVuY29udmluY2VkIGFib3V0IHRoZSBiZW5lZml0cyBvZiB1c2luZyBB bnNpYmxlIGhlcmUgYXM8YnI+DQomZ3Q7IG9wcHNlZCB0byB0aGUgZG93bnNpZGVzIG9mIG1haW50 YWluaW5nIHR3byBDTSBzeXN0ZW1zIGluIHBhcmFsbGVsLjxicj4NCjxicj4NCjwvc3Bhbj5JIG9u bHkgdmlld2VkIE1haWxtYW4gYXMgYSBwcm9vZiBvZiBjb25jZXB0LiBJIGFncmVlIG1haW50YWlu aW5nIGJvdGg8YnI+DQpzeXN0ZW1zIHN1eC4gU28gdGhhdCYjMzk7cyB3aHkgSSYjMzk7bSB0YWxr aW5nIGFib3V0IGEgcG9zc2libGUgbWlncmF0aW9uLiBJPGJyPg0KZ3Vlc3MgaWYgaXQgZmFpbHMg dGhlbiB3ZSYjMzk7bGwgYmUgYmFjayB0byByZWludGVncmF0aW5nIE1haWxNYW4gaW4gdGhlPGJy Pg0KY3VycmVudCBzeXN0ZW0gYW5kIHRoaXMgaXMgbm90IHRoYXQgaG9ycmlibGUuIElmIGl0IHdv cmtzIHdlIGNhbiB3b3JrIG9uPGJyPg0KY29udmVydGluZyB0aGUgcmVzdCB3aXRoIHRoZSBrbm93 bGVkZ2Ugd2UgZ2FpbmVkLjxicj4NCjxicj4NCkkmIzM5O2QgYmUgaGFwcHkgdG8gaGVscCBidXQg Y2xlYXJseSBJIHdvdWxkIG5lZWQgc29tZSB0aW1lIGFuZCBlbmVyZ3kgZnJvbTxicj4NCnBlb3Bs ZSBpbiB0aGUgcHJvamVjdC4gT3RoZXIgT1NBUyBtZW1iZXJzIGNvdWxkIGFsc28gZ2l2ZSBhIGhh bmQuPGJyPg0KPHNwYW4+PGJyPg0KJmd0OyBZZWFoIEkmIzM5O20gdGhlIGN1cnJlbnQgb3duZXIg b2YgdGhlIHRpY2tldCB0byB1cGdyYWRlIGl0IGFuZCBtaWdyYXRlIGl0PGJyPg0KJmd0OyB0byBQ SFgsIEkgd2lsbCBnZXQgdG8gaXQgZXZlbnR1YWxseS4uLjxicj4NCjxicj4NCjwvc3Bhbj5JJiMz OTt2ZSBubyBpZGVhIGFib3V0IHlvdXIgd29ya2xvYWQsIG5vciBhYm91dCB0aGUgdXJnZW5jeSBv ZiBtaWdyYXRpbmc8YnI+DQpNYWlsbWFuLiBJIHRoaW5rIHRoaXMgaXMgaW1wb3J0YW50IHRvIGNo ZWNrIG91ciBhdmFpbGFiaWxpdHkgYW5kIHdpbGwgdG88YnI+DQppbnZlc3Qgb24gdGhpcy48YnI+ DQo8c3Bhbj48YnI+DQomZ3Q7IEkgdGhpbmsgZG9pbmcgdGhpcyBraW5kIG9mIHdvcmsgd2lsbCBi ZW5lZml0IHVzIGFzIHdlbGwgYXMgb3RoZXJzLCBpdDxicj4NCiZndDsgc2hvdWxkIG5vdCBiZSB0 b28gbXVjaCB0cm91YmxlIGltby48YnI+DQomZ3Q7IENvbnNpZGVyIHNlbmRpbmcgYSByb3VnaCBw YXRjaCB0byBHZXJyaXQsIHdlIGNhbiBoZWxwIGFuZCBsZWFkIHlvdSBmcm9tIHRoZXJlLjxicj4N Cjxicj4NCjwvc3Bhbj5Qcm9iYWJseS4gTmV2ZXJ0aGVsZXNzIGl0IHNlZW1zIG1vc3QgcHJvamVj dHMgT1NBUyBhcmUgaW4gdG91Y2ggd2l0aCBhcmU8YnI+DQpnZXR0aW5nIG91dCBvZiBQdXBwZXQg YW5kIEkgbXlzZWxmIGluIG90aGVyIHByb2plY3RzIGRlY2lkZWQgbm90IHRvIGdvPGJyPg0KaW50 byB0aGlzIHNvbHV0aW9uIGFmdGVyIHNvbWUgY29tcGFyaXNvbiBhbmQgWFAgY29sbGVjdGlvbi4g U28geW91IG1heTxicj4NCnVuZGVyc3RhbmQgSSYjMzk7ZCBsaWtlIHRvIGludmVzdCBteSB0aW1l IGluIHNvbWV0aGluZyBub3QgdG90YWxseTxicj4NCmVwaGVtZXJhbC4gQnV0IGlmIHRoaXMgbWln cmF0aW9uIGlzIHJlamVjdGVkIG9yIHBvc3Rwb25lZCwgSSB3aWxsLjxicj4NCjxzcGFuPjxicj4N CiZndDsgRXlhbCBzdWdnZXN0ZWQgdXNpbmcgQW5zaWJsZSByaWdodCBub3cgaW4gYSBvbmUtb2Zm IGZhc2hpb24gdG8gZ2V0IHRoZTxicj4NCiZndDsgTWFpbG1hbiBzZXJ2ZXIgdXAuIEkgZG9uJiMz OTt0IHBhcnRpY3VsYXJpdHkgbGlrZSB0aGF0IGlkZWEgYmV1Y2FzZSBpdDxicj4NCiZndDsgc2Vl bXMgdG8gbWUgaXQgd291bGQgbWFrZSB1cyBpbmN1ciBzb21lIHRlY2huaWNhbCBkZWJ0IHdlIHdp bGwgbm90IHBheTxicj4NCiZndDsgcXVpY2tseS4gSSYjMzk7ZCByYXRoZXIgcGF5IGl0IHVwZnJv bnQuIEJ1dCBJIGNhbiB1bmRlcnN0YW5kIGlmIHdlIHdhbnQgdG88YnI+DQomZ3Q7IHRha2Ugc3Vj aCBzaG9ydCBjdXRzIGl0IHRoZSBpbnRlcmVzdCBvZiBnZXR0aW5nIE1haWxtYW4gb3V0IG9mIHNv bWU8YnI+DQomZ3Q7IGJhZCBzdGF0ZSBpdCBpcyBjdXJyZW50bHkgaXQuIEkmIzM5O20gbm90IHN1 cmUgd2hhdCBpcyB0aGUgc2l0dWF0aW9uIHdpdGg8YnI+DQomZ3Q7IGl0IHJpZ2h0IG5vdy48YnI+ DQo8YnI+DQo8L3NwYW4+SSYjMzk7bSBuZXcgaGVyZSA6LSksIG5laXRoZXIgZG8gSS48YnI+DQo8 YnI+DQpSZWdhcmRzLjxicj4NCjxicj4NCjwvYmxvY2txdW90ZT48L2Rpdj48YnI+PGJyIGNsZWFy PSJhbGwiPjxkaXY+PGJyPjwvZGl2Pi0tIDxicj48ZGl2PjxkaXYgZGlyPSJsdHIiPjxkaXY+PGRp diBkaXI9Imx0ciI+PGRpdj5FeWFsIEVkcmk8YnI+QXNzb2NpYXRlIE1hbmFnZXI8L2Rpdj48ZGl2 PlJIRVYgRGV2T3BzPGJyPkVNRUEgRU5HIFZpcnR1YWxpemF0aW9uIFImYW1wO0Q8YnI+UmVkIEhh dCBJc3JhZWw8YnI+PGJyPnBob25lOiA8YSBocmVmPSJ0ZWw6JTJCOTcyLTktNzY5MjAxOCIgdmFs dWU9Iis5NzI5NzY5MjAxOCIgdGFyZ2V0PSJfYmxhbmsiPis5NzItOS03NjkyMDE4PC9hPjxicj5p cmM6IGVlZHJpIChvbiAjdGx2ICNyaGV2LWRldiAjcmhldi1pbnRlZyk8L2Rpdj48L2Rpdj48L2Rp dj48L2Rpdj48L2Rpdj4NCjwvZGl2PjwvZGl2PjwvZGl2Pg0KPC9ibG9ja3F1b3RlPjwvZGl2Pjwv ZGl2PjwvZGl2Pjxicj5fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fXzxicj4NCkluZnJhIG1haWxpbmcgbGlzdDxicj4NCjxhIGhyZWY9Im1haWx0bzpJbmZyYUBv dmlydC5vcmciPkluZnJhQG92aXJ0Lm9yZzwvYT48YnI+DQo8YSBocmVmPSJodHRwOi8vbGlzdHMu b3ZpcnQub3JnL21haWxtYW4vbGlzdGluZm8vaW5mcmEiIHJlbD0ibm9yZWZlcnJlciIgdGFyZ2V0 PSJfYmxhbmsiPmh0dHA6Ly9saXN0cy5vdmlydC5vcmcvbWFpbG1hbi9saXN0aW5mby9pbmZyYTwv YT48YnI+DQo8YnI+PC9ibG9ja3F1b3RlPjwvZGl2Pjxicj48YnIgY2xlYXI9ImFsbCI+PGJyPi0t IDxicj48ZGl2IGNsYXNzPSJnbWFpbF9zaWduYXR1cmUiPjxkaXYgZGlyPSJsdHIiPjxkaXY+PGRp diBkaXI9Imx0ciI+PHNwYW4+PGZvbnQgY29sb3I9IiM4ODg4ODgiPjxkaXY+QW50b24gTWFyY2h1 a292PGJyPlNlbmlvciBTb2Z0d2FyZSBFbmdpbmVlciAtIDxzcGFuPjxzcGFuPjxmb250IGNvbG9y PSIjODg4ODg4Ij48c3Bhbj48c3Bhbj48Zm9udCBjb2xvcj0iIzg4ODg4OCI+PHNwYW4+PHNwYW4+ PGZvbnQgY29sb3I9IiM4ODg4ODgiPlJIRVYgQ0kgLSA8L2ZvbnQ+PC9zcGFuPjwvc3Bhbj48L2Zv bnQ+PC9zcGFuPjwvc3Bhbj5SZWQgSGF0PC9mb250Pjwvc3Bhbj48L3NwYW4+PGJyPjxicj48L2Rp dj48L2ZvbnQ+PC9zcGFuPjwvZGl2PjwvZGl2PjwvZGl2PjwvZGl2Pg0KPC9kaXY+DQo8L2Jsb2Nr cXVvdGU+PC9kaXY+ ----_com.boxer.email_1134529558349850--
--=-otveoOJhLjC/wERAXH+D Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Le dimanche 03 avril 2016 =C3=A0 10:42 +0300, Barak Korren a =C3=A9crit :
On 3 April 2016 at 10:21, Eyal Edri <eedri@redhat.com> wrote:
I'd like to ask the team what do you think on $subject, in terms of pro= s & cons.
As you all know we have been using puppet to manage our production infr= a (user access, server configuration,etc... ).
Recently we started looking into migrating our mailman instance into ne= w hyper-kitty instance to run on the oVirt DC in PHX. It seems that there is no true puppet classes available to install/mana= ge mailman3 but there is an Ansible playbook used / written by fedora to d= eploy their instance. So the question is should we start using/supporting Ansible as another = tool to manage our infra and leverage existing playbooks out there to reduce= work on migration of new services? I'm not suggesting to migrate all puppet code into Ansible, but to allo= w using Ansible when it make sense.
Here is what I had in mind with regards to pro/cons: Pros
Saving time writing puppet classes for services (if Ansible playbook ex= ists) Bringing in new infra members which are interested in Ansbile (maybe pu= blish the team in the relevant communities)
Cons:
Another tool to support/maintain No real support to manage in foreman as we do for puppet (for sure not = in our old version)
I'd love to hear your thoughts about it.
=20 As I've already stated elsewhere Ansible is interesting for a number of reasons, but a dual-tool scenario will not be welcome IMO. =20 There is also a lage question of the possibility of replacing Puppet with Ansible. Puppet is a continues configuration-management system that monitors servers for configuration drift and repairs it (deploying missing components in the process), to do that it supports a declarative language and a master/slave-agent architecture. The common Ansible usage scenario OTOH seems to be AFAIK a developer/op launching a deployment task from his laptop. For that Ansible supports a more imperative syntax and an SSH-based agent-less architecture. =20 IMO, for long-running on-premise infrastructure (Not ad-hoc in "the cloud") which is what oVirt has and what what it targets, the drift monitoring approach is more suitable. =20 Now, I've hared that that Ansible could also be deployed with agents and a central server (Tower? Foreman? something else?), but I'm not sure how mature that deployment scenario is right now, nor wither existing Ansible code fits that scenario.
So in my case, I do prefer the configuration drift stuff, but I just use cron to make it converge if it drift with ansible.=20 Also, while I like the whole concept of configuration converging, servers usually do not go out of convergence by themself, so if the sysadmins do not change it, there isn't less pressure to make it converge. So far, what i do is that each push a on specific server trigger a ansible run, restricted to the server that should be impacted. This is either done with ssh (for manageiq.org), or using saltstack bus (for gluster.org, historical reason), or I also do have cron + local run of ansible (for theopensourceway.org). So while most people likely use it to deploy from laptop, that's kinda not how I envision, even in the cloud. --=20 Michael Scherer Sysadmin, Community Infrastructure and Platform, OSAS --=-otveoOJhLjC/wERAXH+D Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAABAgAGBQJXAqmgAAoJEE89Wa+PrSK9AL0P/27lDqMRRvBQoqKe1g/Psop6 bznlMUuwVv5fipf/GxuoZPhuB68iSpIZYlCZqVijzAG5lSwNGzd4KoGL8TiOuBj1 5rC/tI8QxZdmOPLdC/vU8ojydIz52hzMuirO3DVA6YnTCR1s0Kq2Od1Z2QTPZTcW A10gPhw7RC5RCgmxnfc97U6+o7iKfob1djgLeFvP/VzpvoC+pOdtuFDy+a1p79Au ZMMa8CXx48szhZmR4VnCHkzZISsiLV1M6TK9jB3WodRHp5lPrpOwjZCKiyxXWFVE cElIJxo4s95JA86KXSPixq/m7kj+hYecszE6nuDtdqoC37pmdXrp9oK0yF37WbIR uj1TIbyzzl8NL9aGJwVop3Q3eSUTMkdk1jZqkb7EdEuQ4QbsyESaZKT6PkcU5m4H J15YX6rox+qjHa83mSazOqkhBaXzDly1WauOEZsBiqFGsIfV69OD3L90ZaT6lDzQ 02g9vKf+qhORRFkqxLq7PI9xcKD1VWKrmA99uJ0LWWZkvEY/4pQeSBZzgmzk1xqP BKYDH/AWCFMOBAH7IaCv/y9sMsaIoiZPQ8/p8Pjgo1GMYID58Byi4pEJ/+Ajs4RP zQ15tDZW8TlC3vi1HOq1OympBYXZuPYVVQIr15i/0TXpMRgNhAVdztTENb9iIuSk nhyOBFc4v9dYxGkutaMd =AFNp -----END PGP SIGNATURE----- --=-otveoOJhLjC/wERAXH+D--
Hello All. I did not follow the recent Ansible developments, but at the time when I researched it looked like a fancy SSH playbook library (a "better" fabric) rather than "configuration management" system. This is not always bad depending on what we want. 1. The strongest benefit of the Ansible is that it is easy to start using it for anybody knowing Python, same way as fabric it is essentially SSH client with imperative Python code that sequentially execute the actions. They claim the concept of idempotence, but it is not desired state system like Puppet, so instead of declaring a desired state and letting the computer do the magic, you just list the steps to execute it imperatively and if done right several runs won't break anything due to idempotence. 2. Also it is push approach and uses SSH so unless we want to execute it from personal laptops as with fabric we will have to have a central server with root SSH access to all our Ansible-managed servers where we can execute it. There were orchestration tools such as Tower, but they were not open source and looks like are not open source yet. Maybe there is something other I am not aware about, please let me know. Given those two items I really not sure we can use Puppet and Ansible systems together as configuration management tools. The only ways to use them together that I see are: 1. Use Ansible as a fabric replacement - to run things ad hoc (e.g. running yum upgrade openssl) This does not work for mailman3 as it will be "unpuppetized" in our terms. 2. Use Ansible only on part of the hosts. This works for mailman3, but for us those host will leave as "unpuppetized" again plus we have to come up with infra to support those hosts deployment due to luck of foreman support. In addition we have to develop a way to transfer our users (puppet classes + hiera now) to those servers that complicates deployment even more. However it is not all or nothing problem, so the short term solution I would propose and agree with: It is ok to use Ansible for a limited set of hosts because it is easier for people to learn and use it and hence - contribute deployment instructions to us. But I would treat those hosts as "unpuppetized" on our side. The motivation for that is that well, we do have a bunch of unpuppetized hosts and obviously puppetizing everything is not a one day effort deal. Myabe it should not block PHX migration. If somebody wants to use Ansible instead of manually configuring hosts over SSH it is great. The host is still unpuppetzied, but same way we have deployment instructions as a playbook in SCM. And to get our users on the host we can use foreman + puppet infra classes the same way we do for manually installed servers. So the requirement for PHX migration than will be relaxed: deployment should be reproducible + the host should support our infra tools such as foreman and user classes. Anton. -- Anton Marchukov Senior Software Engineer - RHEV CI - Red Hat
OK, So if we agree Ansible can't replace Puppet or live side by side Puppet as CM tool for oVirt services, We can still leverage existing Ansible playbook to deploy a service (like mailman3) single time and then when its deployed with all the relevant basic configuration, It might be easier to prepare Puppet manifests for it, using existing conf we have to adapting it as needed. On Sun, Apr 3, 2016 at 11:59 AM, Anton Marchukov <amarchuk@redhat.com> wrote:
Hello All.
I did not follow the recent Ansible developments, but at the time when I researched it looked like a fancy SSH playbook library (a "better" fabric) rather than "configuration management" system. This is not always bad depending on what we want.
1. The strongest benefit of the Ansible is that it is easy to start using it for anybody knowing Python, same way as fabric it is essentially SSH client with imperative Python code that sequentially execute the actions. They claim the concept of idempotence, but it is not desired state system like Puppet, so instead of declaring a desired state and letting the computer do the magic, you just list the steps to execute it imperatively and if done right several runs won't break anything due to idempotence.
2. Also it is push approach and uses SSH so unless we want to execute it from personal laptops as with fabric we will have to have a central server with root SSH access to all our Ansible-managed servers where we can execute it. There were orchestration tools such as Tower, but they were not open source and looks like are not open source yet. Maybe there is something other I am not aware about, please let me know.
Given those two items I really not sure we can use Puppet and Ansible systems together as configuration management tools. The only ways to use them together that I see are:
1. Use Ansible as a fabric replacement - to run things ad hoc (e.g. running yum upgrade openssl) This does not work for mailman3 as it will be "unpuppetized" in our terms. 2. Use Ansible only on part of the hosts. This works for mailman3, but for us those host will leave as "unpuppetized" again plus we have to come up with infra to support those hosts deployment due to luck of foreman support. In addition we have to develop a way to transfer our users (puppet classes + hiera now) to those servers that complicates deployment even more.
However it is not all or nothing problem, so the short term solution I would propose and agree with:
It is ok to use Ansible for a limited set of hosts because it is easier for people to learn and use it and hence - contribute deployment instructions to us. But I would treat those hosts as "unpuppetized" on our side. The motivation for that is that well, we do have a bunch of unpuppetized hosts and obviously puppetizing everything is not a one day effort deal. Myabe it should not block PHX migration. If somebody wants to use Ansible instead of manually configuring hosts over SSH it is great. The host is still unpuppetzied, but same way we have deployment instructions as a playbook in SCM. And to get our users on the host we can use foreman + puppet infra classes the same way we do for manually installed servers. So the requirement for PHX migration than will be relaxed: deployment should be reproducible + the host should support our infra tools such as foreman and user classes.
Anton.
-- Anton Marchukov Senior Software Engineer - RHEV CI - Red Hat
-- Eyal Edri Associate Manager RHEV DevOps EMEA ENG Virtualization R&D Red Hat Israel phone: +972-9-7692018 irc: eedri (on #tlv #rhev-dev #rhev-integ)
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --obMr4GDnac6gtK4qsLH6gPA8MaWNAAUx2 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Quack, On 04/03/2016 04:21 PM, Eyal Edri wrote:
* Saving time writing puppet classes for services (if Ansible playboo= k exists)
don't know your needs well, but Misc has been building many classes shared among several other community projects, and I've been told we have several experienced sysadmin to help too.
* Bringing in new infra members which are interested in Ansbile (mayb= e publish the team in the relevant communities)
There's many classes which really are not project-specific. Each project has a website, wants user accounts, Jenkins is quite common too=85 So there's no reason not to shared the roles and publish them publicly. Sensitive stuff can be split in another repository, or use a Vault (encrypted config).
Cons: =20 * Another tool to support/maintain
You can use this as a way to experiment with this new tool. If you ever wish to switch, OSAS will help you do so.
* No real support to manage in foreman as we do for puppet (for sure not in our old version)
I heard in another discussion it was coming, but no date was raised. Regards. --obMr4GDnac6gtK4qsLH6gPA8MaWNAAUx2 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJXAcujAAoJEFXp+fesHEQ/l/cQAJcZUNdCE8Ra/+HY+06590mW m72EYnnL6eCLP6lNSnoAQEgCVji0LWDT7MUm6RyHmQxGtXN2tTDFfxFMdhdLv28f jKwCCGMeqOJhYFAHnrGibHw7GDTOfFUvj1rjtRHu83lbzudbKqz4eWBihicxlecj ILClnQO/1BqKM7atTrpKmcgNBbkDSg/roQ6M482/Vb54sgdeKFY72EF48e8JIf3S 08yHqApfibabhxjDPbd1E0DW610IYruEPV57TFmOMGK07BM1YTIEKzOvYX+zvwf+ jW7MFv87CtkXZeeU6ZD4hnwCqoN5xdVZHay9LVTPhJysPkrRTt4iF1oAssoUGXGe dkrHtRzGepmBsmALzG2ZoHURwPdYOZDHlN3+l/g+XwhWFBEfAegmA/lkE8llcko3 /mXmHRoFgK3x3tcAuKUlmutyW6URmUYfnuqNvPs9uiFy9QAdq1dpOubtrodKqvvR jESXEr9uZLMTNOHWkJeUjwPzlkK9IBnYemwZcFNQA+uYItmNAepn9gI1jYpcCLmZ 1z6H6Y7HaYMWijoCoMOz9aqutATmS6BrZ2VErBzjMUvXeyKXmTeme6+pXO1cRAtU +NLAPMYb6wibMQiJHF3by09bjunpB2JexCEXxzNXjSS8ps0Q4eUOkfhexexuqRth FQxTDmfiQhNr3SlPlFIT =FZYE -----END PGP SIGNATURE----- --obMr4GDnac6gtK4qsLH6gPA8MaWNAAUx2--
participants (8)
-
Anton Marchukov -
Barak Korren -
David Caro Estevez -
Eyal Edri -
Marc Dequènes (Duck) -
Michael Scherer -
Michael Scherer -
Nadav Goldin