Re: Support for Debian on OpenShift Virtualization for s390x

2025-07-23 Thread Bastian Blank
Hi On Wed, Jul 23, 2025 at 02:34:11PM +, Nestor Acuna Blanco wrote: > I am part of an IBM team working to enable Debian by default in OpenShift > Virtualization for the s390x architecture. To achieve this, we are developing > containerdisks based

Bug#1108403: cloud-init: CVE-2024-6174

2025-06-29 Thread Bastian Blank
Hi Thomas Please fix your emails, they are really hard to read. On Sun, Jun 29, 2025 at 05:55:30PM +0200, tho...@goirand.fr wrote: > > Could someone see if openstack could finally fix that broken default? > There's as much as I know, no way to fix the default. That's why I ask to get OpenStack

Bug#1108403: cloud-init: CVE-2024-6174

2025-06-29 Thread Bastian Blank
On Sun, Jun 29, 2025 at 12:48:20PM +, Jeremy Stanley wrote: > But since we're talking about a very small subset of clouds right now > (specifically those with non-amd64 compute nodes), I think the behavior > change is probably not a major concern. Just one. Debian does not support config driv

Bug#1108403: (no subject)

2025-06-28 Thread Bastian Blank
On Fri, Jun 27, 2025 at 11:51:08PM +, Jeremy Stanley wrote: > The biggest risk I see with shipping it in stable is that an apt upgrade of > cloud-init could leave some virtual machines in these environments > unreachable after a reboot. How that? Most parts of cloud-init are one shot, includi

Bug#1104426: The core issue is cloud-init on IPv6-only networks

2025-05-03 Thread Bastian Blank
On Sun, May 04, 2025 at 08:05:00AM +0200, Bastian Blank wrote: > On Sat, May 03, 2025 at 10:57:39PM -0400, Noah Meyerhans wrote: > > There shouldn't be any name resolution involved here at all. My guess > > is that something is not recognizing the scoped link-local address

Bug#1104426: The core issue is cloud-init on IPv6-only networks

2025-05-03 Thread Bastian Blank
On Sat, May 03, 2025 at 10:57:39PM -0400, Noah Meyerhans wrote: > There shouldn't be any name resolution involved here at all. My guess > is that something is not recognizing the scoped link-local address as an > IP address, and is treating it as a hostname that needs to be resolved > in DNS. Whi

Bug#1104426:

2025-05-01 Thread Bastian Blank
On Thu, May 01, 2025 at 09:36:29AM +0330, Zar VPN wrote: > Unfortunately, this approach is not applicable in our case. We are using > the official `debian-12-genericcloud-amd64` image, which is specifically > designed for cloud environments and intentionally excludes certain > hardware-related driv

Bug#1102657: cloud-init - Ec2 instructs netplan to change interface name

2025-04-11 Thread Bastian Blank
Package: cloud-init Version: 25.1.1-1 Severity: important X-Debbugs-Cc: bastian.bl...@credativ.de The Ec2 and Azure datasources generate netplan config with "set-name". Ec2 uses the same name that udev already set, Azure generates a new "ethX". This instructs netplan to forcibly change the name,

Bug#1100338: cloud.debian.org: cloud-init is not consistently enabled on azure

2025-03-14 Thread Bastian Blank
Meyerhans wrote: > On Thu, Mar 13, 2025 at 07:23:24PM +0100, Bastian Blank wrote: > > > You mentioned on IRC that you've observed this on the generic images, > > > and I've now observed the same thing. Note that it doesn't occur only > > > on first boot; it

Bug#1100338: cloud.debian.org: cloud-init is not consistently enabled on azure

2025-03-13 Thread Bastian Blank
On Thu, Mar 13, 2025 at 01:36:03PM -0400, Noah Meyerhans wrote: > Yep. One of my earlier updates contains the full debug output from > systemd. Interestingly, it doesn't seem like systemd logs anything at > all when it sends a SIGTERM (at least to generators). That mail did not make it to the lis

Bug#1100338: cloud.debian.org: cloud-init is not consistently enabled on azure

2025-03-13 Thread Bastian Blank
On Wed, Mar 12, 2025 at 10:36:19PM -0400, Noah Meyerhans wrote: > The systemd docs > (https://manpages.debian.org/unstable/systemd/systemd.generator.7.en.html) > indicate that generators are executed synchronously during the boot > process and should thus take care to not "delay the entire boot if

Re: Issue using recent bookworm generic images with vmware?

2025-03-12 Thread Bastian Blank
On Wed, Mar 12, 2025 at 04:22:09PM +, Steve McIntyre wrote: > 20241004-1890  works > 20241110-1927  fails Between those two versions is one point release: 12.8. There are no relevant image build changes. I don't see any relevant package changes. > We're struggling to see what might have c

Next team meeting: 2025-03-12 21:00 UTC

2025-03-11 Thread Bastian Blank
Hi Our next team meeting is scheduled for 2025-03-12 21:00 UTC. We'll be on jitsi: https://jitsi.debian.social/DebianCloudMeeting20250312. Regards, Bastian -- To live is always desirable. -- Eleen the Capellan, "Friday's Child", stardate 3498.9

Next team meeting: 2024-11-13 21:00 UTC

2024-11-12 Thread Bastian Blank
Hi Our next team meeting is scheduled for 2024-11-13 21:00 UTC, please note the changed time. We'll be on jitsi: https://jitsi.debian.social/DebianCloudMeeting20241113. Regards, Bastian -- "Evil does seek to maintain power by suppressing the truth." "Or by misleading the innoce

Time for next team meeting: 2024-11-13

2024-11-11 Thread Bastian Blank
Hi Our regular meeting is scheduled for this Wednesday. We did not manage to do a meeting since August, but I have some stuff to talk about, so it would be nice if we would manage that. Due to the time change, I now have a conflicting meeting. Could we move this one here to 2100 UTC (so matchin

Re: Do generic cloud images not use the local cloud-init data source?

2024-11-07 Thread Bastian Blank
On Thu, Nov 07, 2024 at 03:27:31PM +, Jeremy Stanley wrote: > On 2024-11-07 10:22:09 -0500 (-0500), Nick Lockheart wrote: > [...] > > Is the virtual CD-ROM drive one of the missing drivers? I think that's > > how virt-install passes the cloud-init data- as a mounted CDROM disk. > > Yes, this h

Bug#1082897: cloud-init - Keeps dhcpcd running

2024-09-27 Thread Bastian Blank
Package: cloud-init Version: 24.3.1-1 Severity: serious X-Debbugs-Cc: wa...@debian.org After the cloud-init run, a dhcpcd keeps running and regularly redoing the network config: | Sep 27 20:40:01 boot1 dhcpcd[686]: eth0: pid 1 deleted default route via fe80::1234:5678:9abc | Sep 27 20:40:01 boot

Bug#1081679: waagent: build-depends on python3-nose or uses it for autopkgtest

2024-09-24 Thread Bastian Blank
On Mon, Sep 23, 2024 at 05:39:07PM -0400, Noah Meyerhans wrote: > On Mon, Sep 23, 2024 at 07:32:05PM +0200, Alexandre Detiste wrote: > > I seen 1 remaining refererence > > tests/common/test_cgroupconfigurator.py:from nose.plugins.attrib import attr > Yeah, but we don't actually fail on test failure

Re: Generic image not working with IPv6 only

2024-08-16 Thread Bastian Blank
On Fri, Aug 16, 2024 at 02:11:48PM +0200, Thomas Goirand wrote: > Well, no. This is a wrong design. We really want the AHCI driver to be in > the cloud kernel. You are free to reconfigure OpenStack to use virtio for the cdrom. Bastian -- Beam me up, Scotty! It ate my phaser!

Re: IPv6 only on the generic image doesn't work as it should

2024-08-14 Thread Bastian Blank
On Wed, Aug 14, 2024 at 04:39:49PM +0200, Thomas Goirand wrote: > Currently, using the generic-cloud image (and even when switching to a > non-cloud kernel), if using a v6only network, systemd-networkd is waiting > forever for network to be up, when it should not, and continue booting. Those image

Next team meeting: 2024-08-14 20:00 UTC

2024-08-13 Thread Bastian Blank
Hi Our next team meeting is scheduled for 2024-08-14 20:00 UTC. We'll be on jitsi: https://jitsi.debian.social/DebianCloudMeeting20240814. Regards, Bastian -- Madness has no purpose. Or reason. But it may have a goal. -- Spock, "The Alternative Factor", stardate 3088.7

Re: Request to join cloud team

2024-08-05 Thread Bastian Blank
Hi Nilesh On Fri, Aug 02, 2024 at 11:10:23PM +0900, Nilesh Patra wrote: > I am Nilesh and I'm a Debian Developer for ~3 years. I am interested to get > involved in Debian cloud team efforts. I am more intersted in helping out with > cloud building itself. If that can't happen right now, I'd be hap

Re: Next team meeting: 2024-07-10 20:00 UTC

2024-07-10 Thread Bastian Blank
On Tue, Jul 09, 2024 at 10:09:43PM +0200, Bastian Blank wrote: > Our next team meeting is scheduled for 2024-07-10 20:00 UTC. We'll be > on jitsi: https://jitsi.debian.social/DebianCloudMeeting20240710. Turns out https://jitsi.debian.social/ seems to be broken, at least I can't a

Next team meeting: 2024-07-10 20:00 UTC

2024-07-09 Thread Bastian Blank
Hi Our next team meeting is scheduled for 2024-07-10 20:00 UTC. We'll be on jitsi: https://jitsi.debian.social/DebianCloudMeeting20240710. Regards, Bastian -- Vulcans worship peace above all. -- McCoy, "Return to Tomorrow", stardate 4768.3

Next team meeting: 2024-06-12 20:00 UTC

2024-06-11 Thread Bastian Blank
Hi Our next team meeting is scheduled for 2024-06-12 20:00 UTC. We'll be on jitsi: https://jitsi.debian.social/DebianCloudMeeting20240612. Regards, Bastian -- Extreme feminine beauty is always disturbing. -- Spock, "The Cloud Minders", stardate 5818.4

Bug#1072878: waagent: places systemd unit into /lib

2024-06-09 Thread Bastian Blank
On Sun, Jun 09, 2024 at 06:38:14PM +0200, Chris Hofstaedtler wrote: > It appears your upload introduced a new file into /lib: > /lib/systemd/system/waagent.service Ah damn, I forgot that Debian builds are done in a completely unsandboxed environment. And someone added a broken auto-detection that

Re: Kernel features and Cloud (and GCE)

2024-05-27 Thread Bastian Blank
Hi Andrew On Wed, May 22, 2024 at 07:44:33AM -0700, Andrew Jorgensen wrote: > The Debian images in Google Compute Engine use the Debian cloud > kernel. This has been working well for us, because it includes the > VirtIO, NVMe, and gVNIC drivers that are needed for most GCE machine > types. As we m

Re: ocfs2_dlmfs missing from the cloud kernel

2024-05-17 Thread Bastian Blank
On Fri, May 17, 2024 at 12:44:32PM +0200, Bastian Blank wrote: > On Fri, May 17, 2024 at 12:31:51PM +0200, Thomas Goirand wrote: > > how do I change this? > You install the non-cloud kernel. The cloud kernel is limited in scope. And the decision was that not everything you can do on

Re: ocfs2_dlmfs missing from the cloud kernel

2024-05-17 Thread Bastian Blank
On Fri, May 17, 2024 at 12:31:51PM +0200, Thomas Goirand wrote: > how do I change this? You install the non-cloud kernel. Bastian -- Those who hate and fight must stop themselves -- otherwise it is not stopped. -- Spock, "Day of the Dove", stardate unknown

Re: Debian 10 backports repo moved to archives

2024-04-16 Thread Bastian Blank
On Mon, Apr 15, 2024 at 11:45:33AM -0700, Noah Meyerhans wrote: > The Debian cloud team also builds and ships images with buster-backports > enabled, and will need to deal with this change. I just disabled it: https://salsa.debian.org/cloud-team/debian-cloud-images/-/merge_requests/403 Bastian -

Re: RESCHEDULED: Next team meeting: 2024-04-11 20:00 UTC

2024-04-08 Thread Bastian Blank
On Mon, Apr 08, 2024 at 04:32:37PM -0700, Ross Vandegrift wrote: > Apologies, I didn't pay enough attention. Bastian- would 4/18 work? Sure. Bastian -- Emotions are alien to me. I'm a scientist. -- Spock, "This Side of Paradise", stardate 3417.3

Re: Next team meeting: 2024-04-10 20:00 UTC

2024-04-04 Thread Bastian Blank
On Thu, Apr 04, 2024 at 11:24:22AM -0700, Ross Vandegrift wrote: > Tues 4/9, Thurs 4/11, or Fri 4/12 @ 20:00 UTC would work with me. I could do thursday and friday. Bastian -- Sometimes a man will tell his bartender things he'll never tell his doctor. -- Dr. Phillip Boyce, "The

Bug#1068107: cloud.debian.org: pull images with compromised xz packages

2024-04-01 Thread Bastian Blank
On Sat, Mar 30, 2024 at 12:44:35PM -0700, Ross Vandegrift wrote: > Finally, apologies for not being able to do this myself - I still do not have > my account setup for access to core machines. Tasks related to this incident are tracked here: https://salsa.debian.org/ftp-team/xz-2024-incident/-/iss

Re: Call to GCE metadata/compute in nocloud buster image

2024-03-22 Thread Bastian Blank
On Fri, Mar 22, 2024 at 10:03:29AM +0100, Stephan Müller wrote: > Can this be related to the underlying genericcloud image? So far, I was > unable to find anything with "computeMetadata" in the systemlogs of the VMs. > I checked the boot log (including cloud-init process) using virsh console > b

Re: Debian 11.9 Azure image release enquiry

2024-02-19 Thread Bastian Blank
Hi Amrutha On Sun, Feb 18, 2024 at 10:42:00PM +, Devidas Shanbhag, Amrutha wrote: > Debian 11.9 was released on February 10th, 2024. > https://www.debian.org/News/2024/2024021002 When can we expect the vm images > in Azure? The images are already available for AWS and GCP. For Azure there i

Re: Next team meeting: 2024-02-14 20:00 UTC

2024-02-14 Thread Bastian Blank
On Wed, Feb 14, 2024 at 12:04:58PM -0800, Ross Vandegrift wrote: > On Fri, Feb 09, 2024 at 08:56:19AM -0800, Ross Vandegrift wrote: > > Our next team meeting is scheduled for 2024-02-14 @ 20:00UTC. We'll be > > on jitsi at: https://jitsi.debian.social/DebianCloudMeeting20240214 > > Looks like tha

Re: Resignation as cloud team delegate

2024-02-05 Thread Bastian Blank
On Mon, Feb 05, 2024 at 08:59:56PM +0200, Jonathan Carter wrote: > Let me know what you think, Looks good. Bastian -- Superior ability breeds superior ambition. -- Spock, "Space Seed", stardate 3141.9

Re: using zstd for qcow2 cloud images

2023-12-20 Thread Bastian Blank
On Wed, Dec 20, 2023 at 11:45:18AM -0800, Ross Vandegrift wrote: > > What is the minimum qemu version for using those files? > 5.1, I think: qemu seems to have a single block implementation for qemu and > qemu-img. zstd was added in [1] & [2], which are in their v5.1.0 tag. In Debian it is 6.1, a

Re: using zstd for qcow2 cloud images

2023-12-16 Thread Bastian Blank
On Sat, Dec 16, 2023 at 06:15:43PM +0100, Thomas Lange wrote: > Is it worth to switch? What is the minimum qemu version for using those files? Bastian -- Only a fool fights in a burning house. -- Kank the Klingon, "Day of the Dove", stardate unknown

Next team meeting: 2023-11-08 20:00 UTC

2023-11-07 Thread Bastian Blank
Hi Our next team meeting is scheduled for 2023-11-08 20:00 UTC. We'll be on jitsi: https://jitsi.debian.social/DebianCloudMeeting20231108. Regards, Bastian -- The joys of love made her human and the agonies of love destroyed her. -- Spock, "Requiem for Methuselah", stardate 584

Re: Moving AWS auth from IAM users to salsa.debian.org

2023-10-28 Thread Bastian Blank
On Sun, Aug 06, 2023 at 09:05:39PM +0200, Bastian Blank wrote: > On Thu, Jul 27, 2023 at 01:39:39PM +0200, Bastian Blank wrote: > > There exists now a branch "use-identity". This seems to work with > > Firefox. At least the authentication part itself works and I already

Bug#1054240: Grub install failure with grub-cloud-amd64

2023-10-19 Thread Bastian Blank
On Thu, Oct 19, 2023 at 07:31:08PM +0200, Alexis CAMILLERI wrote: > I suggest using grub-probe -t disk instead of grub-probe -t device. > Disk param will return the disk name instead of the partition, so the sed > command can be removed and raid device will work. > > local basedev=$(grub-probe -t

Bug#1054240: Grub install failure with grub-cloud-amd64

2023-10-19 Thread Bastian Blank
On Thu, Oct 19, 2023 at 07:31:08PM +0200, Alexis CAMILLERI wrote: > Installing grub on an i386 server with raid partitioning does not work > because the script does not manage a raid mount for /boot, due to > https://salsa.debian.org/cloud-team/grub-cloud/-/blob/debian/0.1.0/debian/grub-cloud-amd64

Re: S3-backed snapshot implementation on AWS?

2023-09-24 Thread Bastian Blank
On Sun, Sep 24, 2023 at 04:09:31PM -0700, Noah Meyerhans wrote: > I agree that it would be best to design something more cloud-oriented. > However, if there's an existing infrastructure that can be moved as a > "lift & shift" into AWS now, with architectural refactoring happening > later, that's an

Re: S3-backed snapshot implementation on AWS?

2023-09-24 Thread Bastian Blank
On Sun, Sep 24, 2023 at 09:21:16PM +0200, Michael Kesper wrote: > Be aware that AWS S3, while featuring negligible staorage cost, > can become very expensive if ever the need arises to get the data back > out of AWS: > https://discourse.nixos.org/t/the-nixos-foundations-call-to-action-s3-costs-requ

Re: Changes to sources.list

2023-09-22 Thread Bastian Blank
Hi On Wed, Sep 20, 2023 at 10:48:12AM +, Sathish Mathimaran wrote: > I was testing out the Debian 12 release and found that the sources.list file > is different from how it used to be in Debian 11. Our team has written > automations around the sources.list to list the security packages and t

Re: S3-backed snapshot implementation on AWS?

2023-09-22 Thread Bastian Blank
Hi Lucas On Fri, Sep 22, 2023 at 08:42:10AM +0200, Lucas Nussbaum wrote: > Could we use the Debian AWS account to host that service? I would assume that a service like snapshot would be within the scope for our AWS usage. Noah? > It woul

Re: Next team meeting: 2023-09-13 20:00 UTC

2023-09-13 Thread Bastian Blank
On Mon, Sep 11, 2023 at 03:43:05PM -0700, Ross Vandegrift wrote: > Our next team meeting is scheduled for 2023-09-13 20:00 UTC. We'll be > on jitsi: https://jitsi.debian.social/DebianCloudMeeting20230913. I most likely won't be able to attend. Regards, Bastian -- Superior ability breeds superi

Bug#1051421: cloud-init: Avoid hard dependency on isc-dhcp-client

2023-09-07 Thread Bastian Blank
On Thu, Sep 07, 2023 at 05:50:41PM +0200, Bastian Blank wrote: > When the following commit is includes: Just for background information: cloud-init depends on isc-dhcp-client because it uses the dhclient binary. So removing that as dependency is not feasible right now. Bastian -- Fascinat

Bug#1051421: cloud-init: Avoid hard dependency on isc-dhcp-client

2023-09-07 Thread Bastian Blank
On Thu, Sep 07, 2023 at 05:36:06PM +0200, Michael Prokop wrote: > Please consider adapting the Depends for the new cloud-init version > in Debian accordingly, so one can use e.g. cloud-init with udhcpc > (which also allows co-installation next to dhcpcd), but without > having to also have isc-dhcp-

Re: Moving AWS auth from IAM users to salsa.debian.org

2023-08-10 Thread Bastian Blank
On Mon, Jul 24, 2023 at 07:56:03PM +0200, Bastian Blank wrote: > On Sat, Jan 21, 2023 at 11:58:26PM +0100, Bastian Blank wrote: > > Please verify that this login works for you. I would like to remove > > existing users in a few weeks. > I will cleanup the remaining users at t

Re: Moving AWS auth from IAM users to salsa.debian.org

2023-08-06 Thread Bastian Blank
On Thu, Jul 27, 2023 at 01:39:39PM +0200, Bastian Blank wrote: > There exists now a branch "use-identity". This seems to work with > Firefox. At least the authentication part itself works and I already > recorded the correct URL in the application. You just can't use th

Bug#1042367: bookworm cloud images missing since 20230725 (only backports images)

2023-07-27 Thread Bastian Blank
Control: tags -1 pending On Thu, Jul 27, 2023 at 06:44:56AM +0200, Martin Pitt wrote: > We could adjust our scripts for the renaming, but this smells like a bug -- > it may be nice to have cloud images with some/all backports enabled, but can > we > also have the "pure bullseye" images back? Yea

Re: Moving AWS auth from IAM users to salsa.debian.org

2023-07-27 Thread Bastian Blank
Hi Antonio On Wed, Jul 26, 2023 at 11:17:42PM +0200, Bastian Blank wrote: > I know. You are welcome to try and get this to work. There exists now a branch "use-identity". This seems to work with Firefox. At least the authentication part itself works and I already recorded the c

Re: Moving AWS auth from IAM users to salsa.debian.org

2023-07-26 Thread Bastian Blank
Hi Antonio On Wed, Jul 26, 2023 at 05:34:53PM -0300, Antonio Terceiro wrote: > I have to say, though, that being forced to use Chromium is not exactly > fun, as I use Firefox for everything else. I know. You are welcome to try and get this to work. The extension itself should work fine, I think

Re: Moving AWS auth from IAM users to salsa.debian.org

2023-07-24 Thread Bastian Blank
Hi On Mon, Jul 24, 2023 at 08:29:41PM +0200, Lucas Nussbaum wrote: > How can I verify that this login works for me? > I installed the extension. What's next? You can access the extension this way: https://salsa.debian.org/-/snippets/648 Or go directly to chrome-extension://afldafidllnmipiemfnjod

Re: Moving AWS auth from IAM users to salsa.debian.org

2023-07-24 Thread Bastian Blank
Hi On Sat, Jan 21, 2023 at 11:58:26PM +0100, Bastian Blank wrote: > Please verify that this login works for you. I would like to remove > existing users in a few weeks. I will cleanup the remaining users at the end of the week. Regards, Bastian -- You're too beautiful to ignore

Re: help wanted, standing up mirroring sync proxies on public cloud

2023-07-03 Thread Bastian Blank
Hi Julien On Wed, Apr 26, 2023 at 02:10:05PM +0200, Julien Cristau wrote: > I haven't been able to get connections to the host working again after > the dhcp issues, can we maybe start over, using debian 11, and if > possible some form of OOB access? I finally managed to get to it, sorry about th

Bug#1038691: bookworm cloud images have broken "netdev" group

2023-06-20 Thread Bastian Blank
Package: cloud.debian.org Severity: serious Hi Martin Thanks for reporting this. On Tue, Jun 20, 2023 at 08:03:48AM +0200, Martin Pitt wrote: > This isn't done by any package postinst -- `grep -r netdev > /var/lib/dpkg/info/*` > shows no relevant hits. So this must be somewhere in the scripts t

Re: Network on debian-cloud image

2023-05-22 Thread Bastian Blank
Hi Jeremy On Mon, May 22, 2023 at 08:14:14AM +, Jeremy Collin wrote: > We are seeing right now that you have change the network management to > netplan for debian12. Yep. And this means network setup via cloud-init will actually work in a lot more ways then before. > One of my colleague wa

Next team meeting: 2023-05-10 20:00 UTC

2023-05-09 Thread Bastian Blank
Hi Our next team meeting is scheduled for 2023-05-10 20:00 UTC. We'll be on jitsi: https://jitsi.debian.social/DebianCloudMeeting20230510. Regards, Bastian -- Another dream that failed. There's nothing sadder. -- Kirk, "This side of Paradise", stardate 3417.3

Re: help wanted, standing up mirroring sync proxies on public cloud

2023-03-13 Thread Bastian Blank
On Sat, Mar 11, 2023 at 12:43:52PM +0100, Julien Cristau wrote: > I finally got around to the initial setup. A couple of things so far: > - the machine is running bookworm; that's going to cause extra work > initially. I'll give it a try anyway, since it's essentially work > we'll need to do

Re: help wanted, standing up mirroring sync proxies on public cloud

2023-02-17 Thread Bastian Blank
On Thu, Feb 16, 2023 at 06:14:53PM +0100, Bastian Blank wrote: > On Thu, Feb 16, 2023 at 01:23:41PM +0100, Bastian Blank wrote: > > Okay, 4TB it is. We can always grow if we need to. > Setup complete. IP is 2600:1f13:fb2:f400:6b1e:beae:ebbc:c6a Some remarks: Please always communica

Re: help wanted, standing up mirroring sync proxies on public cloud

2023-02-16 Thread Bastian Blank
On Thu, Feb 16, 2023 at 01:23:41PM +0100, Bastian Blank wrote: > Okay, 4TB it is. We can always grow if we need to. Setup complete. IP is 2600:1f13:fb2:f400:6b1e:beae:ebbc:c6a Regards, Bastian -- Knowledge, sir, should be free to all! -- Harry Mudd, "I, Mudd", stardate 4513.3

Re: help wanted, standing up mirroring sync proxies on public cloud

2023-02-16 Thread Bastian Blank
Hi On Wed, Feb 15, 2023 at 02:47:00PM +0100, Julien Cristau wrote: > On Wed, Feb 15, 2023 at 02:16:08PM +0100, Bastian Blank wrote: > > On Mon, Feb 13, 2023 at 10:12:01AM +0100, Bastian Blank wrote: > > > - One dedicated /56 per region for all DSA stuff > > > - One i

Re: help wanted, standing up mirroring sync proxies on public cloud

2023-02-15 Thread Bastian Blank
Hi On Mon, Feb 13, 2023 at 10:12:01AM +0100, Bastian Blank wrote: > - One dedicated /56 per region for all DSA stuff > - One instance, m6g.2xlarge, arm64, Debian 12 (also possible is Debian > 11) > - One dedicated data volume with ext4, on instance creation mounted on > /s

Re: help wanted, standing up mirroring sync proxies on public cloud

2023-02-13 Thread Bastian Blank
Hi On Wed, Feb 08, 2023 at 09:26:55PM -0800, Ross Vandegrift wrote: > Okay, great. We're going to go ahead and work on deploying this. > Here's what we're going to deploy, please let us know if anything sounds > wrong: This is now https://salsa.debian.org/cloud-admin-team/debian-cloud-hosting-se

Re: help wanted, standing up mirroring sync proxies on public cloud

2023-02-11 Thread Bastian Blank
On Sat, Feb 11, 2023 at 11:59:16AM +0100, Julien Cristau wrote: > On Wed, Feb 08, 2023 at 09:26:55PM -0800, Ross Vandegrift wrote: > > Do you have a list of hosts that should be permitted ssh access? > Can we (DSA) control the cloud-side firewall? If not then we'll > probably want it open to the w

Re: help wanted, standing up mirroring sync proxies on public cloud

2023-02-08 Thread Bastian Blank
On Wed, Feb 08, 2023 at 09:26:55PM -0800, Ross Vandegrift wrote: > - 8 cpu arm64, 16G of RAM (in AWS-speak: c6g.2xlarge) My thought was on m6g.2xlarge. With a more useful amount of ram (32 GB). While rsync is CPU intensive, it needs a lot of cache. Bastian -- Military secrets are the most fle

Re: help wanted, standing up mirroring sync proxies on public cloud

2023-01-28 Thread Bastian Blank
Hi Julien On Thu, Mar 17, 2022 at 12:03:18PM +0100, Julien Cristau wrote: > Would it be possible to work with the cloud team to stand up appropriate > accounts and so on on one of the cloud infras Debian has a relationship > with? I don't have a whole lot of knowledge of this space so will > prob

Moving AWS auth from IAM users to salsa.debian.org

2023-01-21 Thread Bastian Blank
Hi folks You are receiving this e-mail, because you have somewhat used IAM users to access Debian AWS accounts. The cloud team intents to deprecate the use of IAM users for accessing the (new) Debian AWS accounts. In the future, logins to those AWS accounts will be done via a Debian IdP (current

Re: Bug#1025618: cloud-init and firewalld systemd unit files have ordering cycles

2022-12-17 Thread Bastian Blank
On Fri, Dec 16, 2022 at 03:48:00PM -0800, Ross Vandegrift wrote: > - from firewalld: > sysinit.target < dbus.service < firewalld.service < network-pre.target > - from cloud-init: > cloud-init-local.service < network-pre.target < > systemd-networkd-wait-online.service < cloud-init.service < sys

Re: Strange emails from AWS and Azure

2022-12-14 Thread Bastian Blank
On Wed, Dec 14, 2022 at 10:16:22PM +0100, Tomasz Rybak wrote: > I suspect this is some left-over from my times as delegate. > Probably someone restored/changed configuration and I'm > receiving those emails again. > Anyways - can someone (don't know whether current delegates, > or SPI) unsubscribe

Re: Enabling secure boot support on the generic / generic-cloud images

2022-12-10 Thread Bastian Blank
On Thu, Dec 08, 2022 at 11:12:28AM +0100, Thomas Goirand wrote: > However, our image doesn't have secure boot support by default if I'm not > mistaking. Why do you think? We install grub-efi-amd64-signed, so we have a signed boot loader and kernel. Bastian -- Peace was the way.

Bug#1025849: cloud-initramfs-growroot - silently breaks initramfs build

2022-12-10 Thread Bastian Blank
Package: cloud-initramfs-growroot Version: 0.18.debian10 Severity: grave Installation of new kernel now silently fails: | Setting up linux-image-6.0.0-5-cloud-arm64 (6.0.10-2) ... | /etc/kernel/postinst.d/initramfs-tools: | update-initramfs: Generating /boot/initrd.img-6.0.0-5-cloud-arm64 | W: No

Re: awscli v2 dependencies (was Re: Next team meeting: 2022-11-09 20:00 UTC)

2022-11-28 Thread Bastian Blank
On Mon, Nov 28, 2022 at 09:02:01AM -0800, Noah Meyerhans wrote: > I understand that there's other software that may want to take direct > dependencies on the C libraries, but as I don't see any of that being > actively worked on in terms of packages that'll be ready for inclusion > in bookworm, I d

Re: qcow2 resize issue with latest unstable cloud images

2022-11-10 Thread Bastian Blank
On Thu, Nov 10, 2022 at 02:56:17PM +0100, Frédéric Bonnard wrote: > I don't think this is related to the image itself. > I just installed debian testing on a physical host, formatting manually > with a 1G / and 3G free behind (installer was based on kernel 6.0 too) . > I booted the machine, then :

s2n-tls_1.3.26+dfsg-1_amd64.changes REJECTED

2022-11-09 Thread Bastian Blank
Rejected by private request of maintainer === Please feel free to respond to this email if you don't understand why your files were rejected, or if you upload new files which address our concerns.

aws-c-common_0.8.4-1_amd64.changes REJECTED

2022-11-09 Thread Bastian Blank
Rejected by private request of maintainer === Please feel free to respond to this email if you don't understand why your files were rejected, or if you upload new files which address our concerns.

Bug#1023451: Current Bookworm daily image breaks root file system during resize

2022-11-07 Thread Bastian Blank
Control: reassign -1 linux/6.0-1~exp1 Control: forcemerge 1023450 -1 On Fri, Nov 04, 2022 at 02:04:05PM +0100, Sven Bartscher wrote: > [ 163.701342] EXT4-fs (sda1): resizing filesystem from 491515 to 4161531 > blocks > [ 163.870631] EXT4-fs (sda1): resized filesystem to 4161531 > [ 163.914439]

Bug#966573: progress packaging awscli v2

2022-11-04 Thread Bastian Blank
On Fri, Nov 04, 2022 at 09:08:22AM -0700, Noah Meyerhans wrote: > > Are you sure this library can have a 1 as ABI? Can you please reproduce > > the ABI stability promisses? > Allegedly upstream has recently committed to proper SONAME and ABI > management in support of efforts to get these packages

Re: qcow2 resize issue with latest unstable cloud images

2022-11-04 Thread Bastian Blank
On Fri, Nov 04, 2022 at 10:14:23AM +0100, Bastian Blank wrote: > Maybe running fsck before shipping the image will make it work better. > Currently we rely on the kernel of the build system to provide us with a > clean file system. fsck is not seeing any problem with that filesystem.

Re: qcow2 resize issue with latest unstable cloud images

2022-11-04 Thread Bastian Blank
Hi On Thu, Oct 20, 2022 at 03:33:53PM +0200, Frédéric Bonnard wrote: > I test the cloud images from unstable and since 2 days, the tests fail > to resize the qcow2 files : > example using > https://cloud.debian.org/images/cloud/sid/daily/latest/debian-sid-nocloud-amd64-daily.qcow2 > : Thanks fo

Bug#966573: progress packaging awscli v2

2022-11-04 Thread Bastian Blank
On Tue, Oct 05, 2021 at 11:10:43PM -0600, Ross Vandegrift wrote: > My first pass only produces -dev packages with headers and static libraries. > To test them out, build the debian/sid branch from these repos, in this order: > - https://salsa.debian.org/rvandegrift/aws-c-common Are you sure this l

Next team meeting: 2022-09-14 20:00 UTC

2022-09-13 Thread Bastian Blank
Hi Our next team meeting is scheduled for 2022-09-14 20:00 UTC. We'll be on jitsi: https://jitsi.debian.social/DebianCloudMeeting20220914. Regards, Bastian -- It would be illogical to kill without reason. -- Spock, "Journey to Babel", stardate 3842.4

Re: Closing of buster-backports?

2022-09-07 Thread Bastian Blank
On Wed, Sep 07, 2022 at 09:32:15AM -0700, Noah Meyerhans wrote: > Is there a plan to continue offering new kernels for buster LTS? Yes, the same as with the older ones. It just is broken right now. Bastian -- Lots of people drink from the wrong bottle sometimes. -- Edith Keeler

Re: Taking over root on legacy AWS account

2022-08-24 Thread Bastian Blank
Hi Ross Sorry, I did not respond earlier. On Tue, Aug 23, 2022 at 10:55:27PM -0700, Ross Vandegrift wrote: > On Fri, Aug 12, 2022 at 05:37:33PM +0100, Marcin Kulisz wrote: > > My take on the latter would be that one of the delegates if we'd have a > > chair > > would be holding MFA to this accou

Re: Use and rules of debian.cloud

2022-08-24 Thread Bastian Blank
On Tue, Aug 23, 2022 at 10:25:54PM -0700, Ross Vandegrift wrote: > Yea, that's not great- but it's better fallback than what we have today. > Making the fallback transparent to the VMs sounds awesome, but is it a > must-have feature? It comes done to: what do we expect to happen if someone uses it

Re: Use and rules of debian.cloud

2022-08-22 Thread Bastian Blank
Hi Ross On Sun, Aug 21, 2022 at 10:35:38PM -0700, Ross Vandegrift wrote: > According to apt-transport-mirror(1), apt can do this on the client side. > Once > the MR for mirror+file apt sources is merged, we'd do something like: > https://aws.deb.debian.cloud priority:1 > https://deb.debi

Use and rules of debian.cloud

2022-08-21 Thread Bastian Blank
Hi folks I propose the following initial use and associated policies for the domain debian.cloud. ## deb.debian.cloud Provides Debian mirrors, possibly limited, similar to deb.debian.org. Each provider gets a subdomain, which should be used in the apt config. Currently assigned are: - azure - a

Re: Resignation as cloud team delegate

2022-07-02 Thread Bastian Blank
Moin On Fri, Jul 01, 2022 at 10:21:51PM -0700, Ross Vandegrift wrote: > Great, most of that seems like a clear improvement. But there's one change > I'm > not sure about: > > --- original 2022-07-01 21:40:33.826069834 -0700 > +++ draft 2022-07-01 21:40:45.778221446 -0700 > @@ -1,3 +1,3 @@

Bug#1010555: cloud-init - Fails to read generated Azure keys from metadata service

2022-05-04 Thread Bastian Blank
Package: cloud-init Version: 20.4.1-2+deb11u1 Severity: important cloud-init fails to read keys provided by the new metadata service sometimes. In those instances, stray \r\n are embedded and should be stripped. See https://bugs.launchpad.net/cloud-init/+bug/1910835 Bastian -- System Informati

Re: plain VM images for arm64

2022-05-03 Thread Bastian Blank
On Tue, May 03, 2022 at 04:10:08PM +0100, Wookey wrote: > I note on https://cloud.debian.org/images/cloud/ that we supply 'plain VM' > images but only for x86. Actually we supply arm64 and ppc64el variants of the "nocloud" images. However it might be only for Sid. Bastian -- You canna change t

Re: fai bullseye image vs image from cloud.debian.org

2022-05-03 Thread Bastian Blank
Hi On Sun, May 01, 2022 at 07:53:01PM +, dimitris.paraskevopoulos wrote: > I checked out https://salsa.debian.org/cloud-team/debian-cloud-images and run > make image_bullseye_genericcloud_amd64 without my desired changes hoping that > it would be the exact same behaviour as the downloaded im

Re: [BOARD #5526] Re: [TREASURER #5526] Re: managing Huawei accounts

2022-04-25 Thread Bastian Blank via RT
On Mon, Apr 25, 2022 at 02:52:14PM +0200, Jonathan Carter wrote: > On 2022/04/24 19:53, Bastian Blank via RT wrote: > > It turns out, SPI can't help here. Huawei Cloud is on the US sanctions > > list. > So, time to forward the request to Debian Switzerland instead then? Sw

Re: [BOARD #5526] Re: [TREASURER #5526] Re: managing Huawei accounts

2022-04-25 Thread Bastian Blank
On Mon, Apr 25, 2022 at 02:52:14PM +0200, Jonathan Carter wrote: > On 2022/04/24 19:53, Bastian Blank via RT wrote: > > It turns out, SPI can't help here. Huawei Cloud is on the US sanctions > > list. > So, time to forward the request to Debian Switzerland instead then? Sw

[BOARD #5526] Re: [TREASURER #5526] Re: managing Huawei accounts

2022-04-24 Thread Bastian Blank via RT
Hi Hector On Thu, Mar 31, 2022 at 04:05:48PM -0400, Héctor Orón via RT wrote: > What is needed from SPI? Are there documents to sign or licenses to accept? It turns out, SPI can't help here. Huawei Cloud is on the US sanctions list. Regards, Bastian -- Bones: "The man's DEAD, Jim!"

Re: [TREASURER #5526] Re: managing Huawei accounts

2022-04-24 Thread Bastian Blank
Hi Hector On Thu, Mar 31, 2022 at 04:05:48PM -0400, Héctor Orón via RT wrote: > What is needed from SPI? Are there documents to sign or licenses to accept? It turns out, SPI can't help here. Huawei Cloud is on the US sanctions list. Regards, Bastian -- Bones: "The man's DEAD, Jim!"

Re: managing Huawei accounts

2022-04-22 Thread Bastian Blank
On Thu, Apr 21, 2022 at 06:37:59PM -0600, Sam Hartman wrote: > YMMV of course. My assessment was: | However. Huawei Cloud is on the US sanctions list. And trying to | actually create an account explicitly states that Europe and Russia are | not allowed. So it seems that all three trusted organ

Re: managing Huawei accounts

2022-04-21 Thread Bastian Blank
Hi On Thu, Apr 21, 2022 at 06:39:47PM +0800, Aron Xu wrote: > On Thu, Apr 21, 2022 at 6:09 AM Bastian Blank wrote: > > Notably, the list does not contain a single country of Europe, nor the > > USA or Canada. However thats where the Debian trusted orgs are located > > in.

  1   2   3   4   >