Fedora 23 Beta

Of course, last week marked the release of Fedora 23 beta. So far, reports are good, and I’m really happy using it on my system. (I’ve heard at least one “even better than F22 final release”!) If you haven’t yet, check it out (making sure to scan the F23 Common Bugs page, which to my eye is comfortingly short — looks like we’re on good track for our Halloween release!

FUDCon LATAM reflections

I posted about FUDCon Cordoba a couple of weeks ago, and since that time, there’ve been a number of interesting posts about it on Fedora Planet, our community blog aggregator. Neville Cross asks What is FUDCon really about?, and María “tatica” Leandro writes about Building a better FUDCon experience. I found both of these very fascinating reading. We have great people in this region and a lot of opportunity for both user and contributor growth, and it’s exciting to see this discussion of how we can make FUDCon better serve that.

Puppet-driven collaboration

In this case, not the automation software, but an actual puppet, Mr. Lunduke, alter-ego of Linux community personality Bryan Lunduke (perhaps most famous for his regular “Linux Sucks” talk — which, spoiler alert, has the punchline that it mostly doesn’t suck). Anyway, the other day I was part of a panel discussion with Ubuntu Community Manager Michael Hall and openSUSE Board Chairman Richard Brown, talking about how these various Linux flavors collaborate and how we could do it better.

Updated proposal on “bundling”

Based on feedback from last month, Fedora Engineering Steering Committee (“FESCo” — Fedora’s all-elected technical leadership body) member Stephen Gallagher put forth a revised Proposal to reduce anti-bundling requirements. “Bundling” is what we call the practice of where software developers who need bits of supporting code (“libraries”) include a copy of that right in their own project. In some software development circles, this is known as “vendoring”. In others, like with Go, it’s “the thing you normally do to use those libraries”.

Traditionally, Fedora has not just frowned on it, but actively fought against it. That’s primarily because this can end up being a security nightmare — when a bug is found in some library, you have to track it down and update it everywhere. But, this practice has also caused us a lot of pain. It generates a lot of work up front, and many upstream software projects see it as actively detrimental — users get something very different from the software that they’ve tested.  Mandatory unbundling increases the barrier to contributing toFedora, and being at odds with upstreams means it’s harder to scale up the Fedora package collection even as open source is increasingly the default for new software development. So, while that security story is a big benefit, we pay a high cost.

Stephen’s proposal aims to keep the benefits of unbundling for the “critical path” part of the distro, and relax it for the fringes — while keeping a strict policy of mandated labeling for bundling. (Matthias Clasen adds that to be really meaningful, this should be supported by automation, which I also agree with — if we put all the effort into building those tools that we spend on unbundling, we’d be in a much better place.)

Ansible for all Fedora Infrastructure

And, ending on another technical note: Kevin “Nirik” Fenzi writes that Fedora’s infrastructure team has completed a three-year migration from Puppet to Ansible for configuration management. This is worth mentioning as a milestone, but also an interesting quick read for anyone interested in topics around systems administration.