Created
June 28, 2024 20:55
-
-
Save richm/b6f4c498a7d429d877f1aac25bfc97bd to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| NOTES on https://docs.fedoraproject.org/en-US/server-working-group/docs/server-technical-specification/#_4_server_roles | |
| My comments indicate if Linux System Roles https://linux-system-roles.github.io/ are suitable for the requirement. | |
| > 4.1 Server Roles Requirements | |
| > A mechanism to install the packages necessary to deploy the service. | |
| Yes. And the mechanism will handle cases where the packages are different depending on the platform/version (which is | |
| not as important for Fedora as it is for Enterprise Linuxes) | |
| > A mechanism to deploy a service whose packages are already installed on the system by providing the necessary | |
| > information and procedures to provision it. | |
| Yes, depending on what you mean by "information and procedures" | |
| > A mechanism to install optional components of a service after deployment. | |
| Most of the roles have something like this e.g. the metrics role allows you to install and configure optional pcp components, | |
| redis, grafana, etc. | |
| > A configuration interface to modify high-level configuration options. | |
| Yes. | |
| > A helper tool (preferrable based on LVM snapshot) to perform a backup or alternatively | |
| > a list of files on the filesystem that should be included in a backup set. | |
| I'm not sure what you mean by this. | |
| > A list of system services provided by the Supported Server Service, as well as data about whether | |
| > those services are currently running (or enabled, in the case of socket-activated services) | |
| This is printed to the Ansible log, but is not available directly e.g. as a role exported variable. | |
| > A list of the ports that the role operates on, as well as data about whether those ports are currently firewalled. | |
| No. | |
| > A mechanism to open and close ports that the server service operates on for some or all interfaces. | |
| Most system roles use the firewall role (and selinux role) to open/label ports as necessary. | |
| > If the Server Service is designed to operate on the network, it should automatically open those | |
| > ports (see Firewall) during deployment. | |
| Most system roles use the firewall role (and selinux role) to open/label ports as necessary. | |
| > An interface to set processor affinity, memory limits, etc. where sensible. | |
| There is a kernel_settings role - but IIUC you want the service role to automatically manage whatever kernel | |
| settings it needs to operate - that could be easily done. | |
| > The Fedora Server Domain Controller Service will be provided by the FreeIPA project | |
| > This Server Service is a blocker for the release of Fedora Server. | |
| The ansible-freeipa collection. | |
| > The Fedora Server Database Management Systemn is provided by the PostgreSQL project. This Server Service | |
| > is a blocker for the release of Fedora Server. | |
| The role https://github.com/linux-system-roles/postgresql | |
| > The Fedora Server Fileservice will be provided by the Samba project. | |
| We do not have a linux system role for that. | |
| > The Fedora Server Web Server will be provided by the Apache project. | |
| We do not have a linux system role for that. | |
| > The Fedora Server Web Application Server service will be provided by the Wildfly project. | |
| We do not have a linux system role for that. | |
| > The Fedora Server Mail Service will be provided by the Postfix project and supporting | |
| > projects like Dovecot, Spamassassin, Dkim, etc. | |
| We do have a role https://github.com/linux-system-roles/postfix which has some configurability | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment