+ # Guidelines for changing Fedora Cloud images

+ 

+ Status: DRAFT

+ 

+ ## Preface

+ 

+ ### Purpose

+ 

+ Cloud images are highly opinionated installations of Fedora that are meant to support the widest array of cloud use cases.

+ When cloud users deploy Fedora cloud images, they skip the usual steps of downloading media, running kickstats, or clicking through Anaconda.

+ Changing these images requires a careful, efficient, and objective review process.

+ 

+ As mentioned in the [original mailing list thread], a strong set of guidelines for cloud images could benefit the Fedora community in many ways:

+ 

+ * Allows the Fedora Cloud SIG to review image changes more objectively

+ * Ensures that change proposals meet a certain set of criteria

+ * Asks the right questions up front for a more efficient review

+ * Helps change submitters consider all the effects of their proposed change

+ 

+   [original mailing list thread]: https://lists.fedoraproject.org/archives/list/cloud@lists.fedoraproject.org/thread/3ZZC4HBUEM5CMUZLBKCGNOOEN6QTICQX/

+ 

+ ### Governance

+ 

+ These guidelines must be part of a living document.

+ As Fedora evolves and as cloud providers offer more capabilities, many guidelines will require updates.

+ The Fedora Cloud SIG owns the list of guidelines and reviews any potential changes before they go into effect.

+ 

+ ## Guidelines

+ 

+ Fedora cloud images serve a very specific purpose as the _foundation layer_ for cloud deployments.

+ Just like a foundation under a house, these images should be secure, reliable, and minimal.

+ They should support as many cloud use cases as possible and make it easy for any user to add packages or adjust configuration.

+ 

+ ### Minimalism

+ 

+ Cloud images should contain the most minimal set of packages possible.

+ In addition, they should run the fewest number of daemons possible -- especially those that listen on TCP or UDP ports.

+ Many cloud instances are exposed to untrusted networks or the entire internet immediately after boot.

+ 

+ ### Network filtering

+ 

+ Most public cloud providers and private cloud systems offer software-defined network segmentation or filtering.

+ These networks and filters are handled dynamically via APIs outside of the Fedora instance and should be the primary method for securing network traffic.

+ Fedora cloud images should not boot with network filtering enabled.

+ This avoids confusion between a firewall ruleset in the Fedora instance and the network filters inside the cloud provider's system.

+ 

+ ### Virtual and physical systems

+ 

+ Certain changes in other parts of Fedora, such as the Workstation or Server editions, may or may not make sense in cloud deployments.

+ Although most clouds are focused on offering shared resources from the same physical machine with a virtual layer in between, some clouds offer bare metal instance types where Fedora is deployed directly on hardware.

+ Both use cases should be considered so that Fedora users can deploy the same images to both types of instances.

+ 

+ ### Preserve defaults

+ 

+ Default configurations used elsewhere in Fedora should be maintained in cloud images whenever possible.

+ This allows users to flow between other editions, such as Workstation or Server, to cloud images without significant differences.

+ 

+ ## Making a Fedora cloud image change

+ 

+ Fedora cloud images must evolve over time and the Fedora Cloud SIG welcomes any proposed changes.

+ To propose a change, copy this list of questions and paste them into an issue within the [cloud-sig] project:

+ 

+   [cloud-sig]: https://pagure.io/cloud-sig/issues

+ 

+ * **Configuration**

+     * Does your change cause the cloud image configuration to differ from other editions, such as Workstation or Server?

+         * If yes, explain why the defaults from the other editions cannot be used.

+ * **Daemons & Services**

+     * Does your change add any daemons or services that run at boot time?

+         * If yes, do these daemons or services listen on a UNIX socket or a TCP/UDP port?

+     * Does your change remove any daemons or services that currently run at boot time?

+ * **Packages**

+     * Does your change add any packages to the system?

+         * If yes, please list each and the reason why each is required.

+     * Does your change remove any packages from the system?

+         * If yes, please list each and explain why they should be removed.

+ * **User impact**

+     * Some users deploy cloud instances for long-lived applications and they manage them by hand.

+       How would they be affected by your change? 

+     * Some users deploy short-lived cloud instances with automation.

+       How would they be affected by your change?

+     * Is there something that a cloud image user should know about your change that would help them?

+     * Is your change covered in a [Fedora change] submission?

+     * Does your change correspond to a particular upcoming Fedora release?

+ 

+   [Fedora change]: https://docs.fedoraproject.org/en-US/program_management/changes_guide/

+ 

+ After [submitting the change proposal], monitor the issue in Pagure for any updates or other questions from the Fedora Cloud SIG.

+ The proposal might require further discussion in a Cloud SIG meeting.

+ [Fedora Calendar] keeps the most up to date schedule of our meetings.

+ 

+   [submitting the change proposal]: https://pagure.io/cloud-sig/issues

+   [Fedora Calendar]: https://calendar.fedoraproject.org/list/cloud/