BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Pentabarf//Schedule 0.3//EN CALSCALE:GREGORIAN METHOD:PUBLISH X-WR-CALDESC;VALUE=TEXT:Infra Management devroom X-WR-CALNAME;VALUE=TEXT:Infra Management devroom X-WR-TIMEZONE;VALUE=TEXT:Europe/Brussels BEGIN:VEVENT METHOD:PUBLISH UID:13536@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220205T100000 DTEND:20220205T104500 SUMMARY:A practical guide to CUE: patterns for everyday use DESCRIPTION:
CUE (https://cuelang.org/) solves a previously unsolved technical problem in the configuration space. It does so by taking a compositional approach that reduces the complexity of managing configuration from a combinatorial problem to a linear problem. CUE is based on 20 years of experience in the field of configuration. Its declarative, aspect-oriented approach is powerful yet simple, making it possible to manage large amounts of configuration data and policies in multiple formats (JSON, YAML, Protocol Buffers, OpenAPI, etc.) with relative ease.It also makes CUE well suited to a wide range of applications.
This all sounds great! But for someone new to CUE, it may not be obvious how to get started.
In this talk, Marcel van Lohuizen and Paul Jolly start with a quick overview of CUE the language, then move on to present practical examples of CUE in action, including common patterns for validation, policy, integration with existing non-CUE configuration and more. Because CUE is new, established patterns are still in the making, but at the very least it will be a reflection of the current thinking.
No previous experience of CUE required, although familiarity with an existing configuration and data languages will help provide some context to the examples.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Infra Management URL:https:/fosdem.org/2022/schedule/2022/schedule/event/cue_pratical_guide/ LOCATION:D.infra ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Marcel van Lohuizen":invalid:nomail ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Paul Jolly":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:13530@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220205T110000 DTEND:20220205T114500 SUMMARY:Migrating Foreman/Katello from EL7 to EL8 using LEAPP/ELevate DESCRIPTION:With the Foreman Project dropping support for EL7 in Foreman 3.3 (~Summer 2022), it's finally time to tackle that migration to EL8 you have been putting off for a while now.In this session we will present various ways how you can migrate your installation from EL7 to EL8, with the main focus on the in-place upgrade using LEAPP/ELevate.
The Foreman Project is planning to drop support for EL7-based deployments in Foreman 3.3, mostly due to the fact that EL7 is considered "feature complete" and there are no further updates (besides security fixes) planned for it.Contrary to Debian or Fedora, EL-based distributions aren't designed to be upgraded in-place without special tooling. This tooling exists in form of the LEAPP project for RHEL and the ELevate fork by AlmaLinux for AlmaLinux, CentOS, Rocky Linux, and Oracle Linux.We have developed a plugin for LEAPP that helps with the Foreman-specific parts of the migration, which we would like to present to you. As usual, there were a few challenges during the development, which will hopefully entertain you and maybe even help if you need to write own LEAPP plugins.And last but not least, we will also discuss other approaches you can take for the migration, if you do not want to upgrade in-place.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Infra Management URL:https:/fosdem.org/2022/schedule/2022/schedule/event/foreman_katello_leapp_elevate/ LOCATION:D.infra ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Evgeni Golov":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:13535@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220205T120000 DTEND:20220205T124500 SUMMARY:Using Ansible and Proxmox to manage an embedded RPM distro build factory: lessons learned DESCRIPTION:With redpesk, we provide customers the ability to cross-build an embedded, CentOS Stream-based Linux distribution in the cloud. This requires a significant infrastructure: Koji/RPM builders, Angular-based WebUI, Gitlab forge, network and RPM package dependency management, Qemu test lab management, all need to come together and be connected, in a mix of Qemu virtual machines and LXC containers. Fortunately, Ansible and Proxmox comes to the rescue to manage this complexity.
In this talk, we'll present our architecture of a self-contained CI/CD environment in the cloud, to cross-build RPM packages and Linux images. We will then dive into the specifics of using Ansible to drive Proxmox and deploy a mix of Packer-built Qemu virtual machines and LXC containers. Those provide a full Koji build system (hub and builders), an Angular frontend, Go backend, a Gitlab forge as well as network isolation/firewalling and a Qemu virtual target lab.We'll continue with lessons learned from doing these deployments for multiple customers. We will finish describing solutions we are currently working on, like Ansible AWX, to address the challenges of doing it at scale and increase automation.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Infra Management URL:https:/fosdem.org/2022/schedule/2022/schedule/event/ansible_proxmox_rpmbuild/ LOCATION:D.infra ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Vincent Rubiolo":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:13531@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220205T130000 DTEND:20220205T134500 SUMMARY:Running trusted payloads with Nomad and Waypoint DESCRIPTION:Things like Infrastructure as Code, Service Discovery and Config Management can and have helped us to quickly build and rebuild infrastructure but we haven't nearly spend enough time to train our self to review, monitor and respond to outages.
With the the introduction of CI/CD best practices into our day to day workflows we protect ourselves for introducing "bad" code into production and exposing flaws to our (end-)users. But what about influences from bad actors in- and out-side our projects. This talk will focus on the additional steps we can add to our Waypoint build pipelines to also protect ourselves to so called supply chain attacks while running our jobs in Nomad. We ll discuss scanning for vulnerabilities in incoming code, packages and images and signing the content artifacts we trust before exposing them to our users.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Infra Management URL:https:/fosdem.org/2022/schedule/2022/schedule/event/trusted_payload_nomand_waypoint/ LOCATION:D.infra ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Bram Vogelaar":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:13533@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220205T140000 DTEND:20220205T144500 SUMMARY:Simple (but useful) Ansible reporting with ara DESCRIPTION:ARA Records Ansible playbooks and makes them easier to understand and troubleshoot.The author will explain why he created the project back in 2016 and how it might be useful for a wide range of use cases wherever Ansible runs from.Including a live demo, we'll see how it works under the hood and you can expect to walk away from the presentation with an understanding on how to get started for your own Ansible playbooks within minutes.
ARA Records Ansible playbook results in local (sqlite) or remote (mysql/postgresql) databases with a regular Ansible callback plugin. It provides an API, a reporting interface as well as a CLI to query, search and browse detailed and granular playbook task results for individual hosts.Highlighting simplicity as a feature of the project, this presentation will provide examples that are appropriate for use whether Ansible runs from a laptop or at a large scale in production.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Infra Management URL:https:/fosdem.org/2022/schedule/2022/schedule/event/ansible_reporting_ara/ LOCATION:D.infra ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="David Moreau-Simard":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:13529@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220205T150000 DTEND:20220205T154500 SUMMARY:Immutable Infrastructure with Flatcar Container Linux DESCRIPTION:Flatcar Container Linux is a minimal base OS to run containers.As a friendly fork of CoreOS Container Linux it continues the project under a new name.The main features are the A/B partitions for automatic updates and rollbacks, and the integration of Ignition for declarative configuration on first boot.Declarative configuration is a key element for managing machines following the principle of Immutable Infrastructure, but causes friction if it means that the whole machine has to be reprovisioned for configuration changes.With Ansible instead of Ignition for the configuration management we can find a compromise by giving up on avoiding configuration drift due to leftovers of old configurations and their side effects.Out of this experience the idea was born to rerun Ignition on configuration changes.While the big hammer method is to reformat the filesystem and losing application data, a more fine-grained solution could exist by clearing only parts of the filesystem.This talk shows how to use Flatcar Container Linux with Terraform, Ignition, and Ansible, and ends with a proof-of-concept demo for Flatcar Container Linux to allow configuration changes through Ignition while avoiding configuration drift.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Infra Management URL:https:/fosdem.org/2022/schedule/2022/schedule/event/flatcar_container_linux/ LOCATION:D.infra ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Kai Lüke":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:13534@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220205T160000 DTEND:20220205T164500 SUMMARY:Central Infrastructure Management: a user friendly deployment of OpenShift on Bare Metal DESCRIPTION:The use of Bare Metal to run containerized workload is coming back into popularity.There are multiple reasons for this increase of interest. First, the rise of big data analytics, high performance computing, machine learning workloads that need high-bandwidth and low latency and sometimes even requires access to special hardware devices like GPUs or DPUs. And at the same time, in the telecommunication space, the 5G networks technology stacks that drive the need for IPv6, SR-IOV, Container Network Functions (CNFs), NUMA topologies, and other innovations in containerized applications on bare metal.
All of these emphasize the need for the ability to easily create Bare Metal based OpenShift clusters as automatically as possible.
Central Infrastructure Management (CIM) exposes an intuitive user interface, allowing the infrastructure administrator to define a pool of Bare Metal machines making them available for users to independently create OpenShift clusters from them.
Assisted Installer is an operator that introduces a new way to deploy a new OpenShift cluster on bare metal basically by only booting the nodes that will be part of the cluster, with an ISO it generates. The Assisted Installer will report inventory, run validations and orchestrate the needed steps based on the user parameters.
CIM and Assisted Installer are components of Open Cluster Management (OCM), an operator that enables a single OCP cluster to manage a fleet of clusters.
In this session, you will learn about Central Infrastructure Management and Assisted Installer architecture and its components. We will discuss the installation flow and how the components interact with each other. Finally, we will demonstrate how to build a pool of Bare Metal and install an OpenShift cluster on them via the CIM user interface.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Infra Management URL:https:/fosdem.org/2022/schedule/2022/schedule/event/openshift_baremetal/ LOCATION:D.infra ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Jiří Tomášek":invalid:nomail ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Eran Cohen":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:13532@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220205T170000 DTEND:20220205T174500 SUMMARY:RPort remote access and remote management DESCRIPTION:An introduction (live demo with questions and answers) into RPort - a new open-source software for remote access and remote management of heterogeneous it-landscapes. Use the UI, the command line or an REST API to manage servers and desktop efficiently from a central place.
RPort is a comprehensive solution for remote management of servers and desktop systems. Even if they are behind firewalls, routers and NAT. RPort is built on the client-server principle, clients connect to the server, the management component, using a secure reverse tunnel. Unlike pure SSH, RPort is made for heterogeneous environments (Windows, Linux, macOS) and addresses four basic needs of system administrators:• Secure remote access from anywhere via tunnels and SSH/RDP/VNC/HTTP and other TCP connections• Script and command execution on target machines via a central dashboard.• Automation of recurring tasks such as updates, inventory, configuration and fine-tuning of systems.• Monitoring and logging system load and resource usage.
With RPort, a complete IT infrastructure with Windows, Linux and macOS systems can be managed via command line or a convenient web-based, central dashboard. The server component can be self-hosted or deployed in minutes using the automated installer provided by RPort.RPort is released under the MIT open-source license.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Infra Management URL:https:/fosdem.org/2022/schedule/2022/schedule/event/rport_remote_access_management/ LOCATION:D.infra ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="tkramm":invalid:nomail END:VEVENT END:VCALENDAR