From Fedora Project Wiki
No edit summary
(Move to Fedora 22, see tracking bug for more details)
 
(7 intermediate revisions by 3 users not shown)
Line 1: Line 1:
= (A)Periodic Updates to Images =
= (A)Periodic Updates to Cloud Images =


== Summary ==
== Summary ==
We want to be able to release updated images not just at release time. Hope for a one-month regular cadence, plus emergency updates if needed.
We want to be able to release updated cloud images not just at release time. Hope for a one-month regular cadence, plus emergency updates if needed.


== Owner ==
== Owner ==
* Name: Cloud WG collectively, [[User:mattdm| Matthew Miller]] as point of contact.
* Name: Cloud WG collectively, [[User:mattdm| Matthew Miller]] as point of contact.
* Email: cloud at lists.fedoraproject, mattdm at fedoraproject
* Email: cloud at lists.fedoraproject, mattdm at fedoraproject
* Release notes owner: <!--- To be assigned by docs team [[User:FASAccountName| Release notes owner name]] <email address> -->
* Release notes owner: [[User:Pbokoc| Petr Bokoc]] pbokoc at redhat dot com
<!--- UNCOMMENT only for Changes with assigned Shepherd (by FESCo)
<!--- UNCOMMENT only for Changes with assigned Shepherd (by FESCo)
* FESCo shepherd: [[User:FASAccountName| Shehperd name]] <email address>
* FESCo shepherd: [[User:FASAccountName| Shehperd name]] <email address>
Line 15: Line 15:


== Current status ==
== Current status ==
* Targeted release: [[Releases/21 | Fedora 21 ]]  
* Targeted release: [[Releases/22 | Fedora 22 ]]  
* Last updated: 2014-04-08
* Last updated: 2014-04-08
<!-- After the change proposal is accepted by FESCo, tracking bug is created in Bugzilla and linked to this page  
<!-- After the change proposal is accepted by FESCo, tracking bug is created in Bugzilla and linked to this page  
Line 25: Line 25:
CLOSED as NEXTRELEASE -> change is completed and verified and will be delivered in next release under development
CLOSED as NEXTRELEASE -> change is completed and verified and will be delivered in next release under development
-->
-->
* Tracker bug: <will be assigned by the Wrangler>
* Tracker bug: [https://bugzilla.redhat.com/show_bug.cgi?id=1091299 #1091299]


== Detailed Description ==
== Detailed Description ==
Line 90: Line 90:
Let's not make promises in the release notes.
Let's not make promises in the release notes.


[[Category:ChangeReadyForWrangler]]
[[Category:ChangePageIncomplete]]
<!-- The Wrangler announces the Change to the devel-announce list and changes the category to Category:ChangeAnnounced (no action required) -->  
<!-- The Wrangler announces the Change to the devel-announce list and changes the category to Category:ChangeAnnounced (no action required) -->  
<!-- After review, the Wrangler will move your page to Category:ChangeReadyForFesco... if it still needs more work it will move back to Category:ChangePageIncomplete-->
<!-- After review, the Wrangler will move your page to Category:ChangeReadyForFesco... if it still needs more work it will move back to Category:ChangePageIncomplete-->

Latest revision as of 13:16, 20 October 2014

(A)Periodic Updates to Cloud Images

Summary

We want to be able to release updated cloud images not just at release time. Hope for a one-month regular cadence, plus emergency updates if needed.

Owner

  • Name: Cloud WG collectively, Matthew Miller as point of contact.
  • Email: cloud at lists.fedoraproject, mattdm at fedoraproject
  • Release notes owner: Petr Bokoc pbokoc at redhat dot com
  • Product: Cloud
  • Responsible WG: Cloud

Current status

Detailed Description

We need to be able to produce official updates to the Fedora Cloud images. Initially, we plan to release these updates monthly, but also need the ability to release an out-of-cycle update in the event of a severe security issue.

This involves:

  1. policy for level of security issue required for out-of-cycle updates
  2. procedure for notification of security updates in images (as with rpm updates)
  3. automated QA (at least smoketests)
  4. documentation of QA expectations
  5. release engineering process
  6. mirroring of updated images
  7. updates to web site for new download links and EC2 AMI IDs.

Note that this will apply to the Cloud Base Image, the Docker Host Image, the Big Data Image, and the Docker Container Base Image. (The latter may need separate handling.)

Ultimately, we would like to produce updates whenever a package on the image or the kickstart file for the image changes. This is a step towards that goal.

Benefit to Fedora

When a massive security problem hits Fedora, we currently do image updates manually. Because this is exceptional, there is a lot to go wrong, and of course, things always go wrong at the worst possible times. The primary benefit of this change is to make image updates routine, so that when emergency update happens, we can handle it as if it were no big deal.

The actual updated images are, of course, a valuable secondary benefit. Since cloud images are usually short-lived, this allows new instances to be created without the overhead of applying several months' updates.

Scope

  • Proposal owners: Create policies and procedures as outlined above. Will also assist with changes to release engineering.
  • Other developers: Contributions welcome!
  • Release engineering: Significant impact, obviously. Cloud WG will interact heavily with Release Engineering and work in concert.
  • Policies and guidelines: No changes to existing policies.

Upgrade/compatibility impact

Users are expected to replace one image with the next.

How To Test

The test of this feature is simply whether new images are available and functional.

Tests of the image are part of the feature proposal itself.

User Experience

Users will be able to select versioned images for download or launch in cloud providers. We may provide a simple web service for selecting images, (perhaps compatible with simplestreams).

Dependencies

No package dependencies but there are significant dependencies on release engineering.

Contingency Plan

  • Contingency mechanism: continue to do updates by hand
  • Contingency deadline: technically, first critical security update after F21 release, or first month after, whichever comes first.
  • Blocks release? no
  • Blocks product? no

Documentation

TBD

Release Notes

Let's not make promises in the release notes.