From 3195685ae82ede499b299e1994a3f31df5330a85 Mon Sep 17 00:00:00 2001 From: Major Hayden Date: Sep 29 2022 15:54:47 +0000 Subject: Guidelines for changing Fedora cloud images Per the discussion in the mailing list thread[0] from May 2022, these image guidelines are proposed for making changes to cloud images. [0] https://lists.fedoraproject.org/archives/list/cloud@lists.fedoraproject.org/thread/3ZZC4HBUEM5CMUZLBKCGNOOEN6QTICQX/ Signed-off-by: Major Hayden --- diff --git a/guidelines/changing-fedora-cloud-images.md b/guidelines/changing-fedora-cloud-images.md new file mode 100644 index 0000000..76c79a3 --- /dev/null +++ b/guidelines/changing-fedora-cloud-images.md @@ -0,0 +1,93 @@ +# Guidelines for changing Fedora Cloud images + +Status: DRAFT + +## Preface + +### Purpose + +Cloud images are highly opinionated installations of Fedora that are meant to support the widest array of cloud use cases. +When cloud users deploy Fedora cloud images, they skip the usual steps of downloading media, running kickstats, or clicking through Anaconda. +Changing these images requires a careful, efficient, and objective review process. + +As mentioned in the [original mailing list thread], a strong set of guidelines for cloud images could benefit the Fedora community in many ways: + +* Allows the Fedora Cloud SIG to review image changes more objectively +* Ensures that change proposals meet a certain set of criteria +* Asks the right questions up front for a more efficient review +* Helps change submitters consider all the effects of their proposed change + + [original mailing list thread]: https://lists.fedoraproject.org/archives/list/cloud@lists.fedoraproject.org/thread/3ZZC4HBUEM5CMUZLBKCGNOOEN6QTICQX/ + +### Governance + +These guidelines must be part of a living document. +As Fedora evolves and as cloud providers offer more capabilities, many guidelines will require updates. +The Fedora Cloud SIG owns the list of guidelines and reviews any potential changes before they go into effect. + +## Guidelines + +Fedora cloud images serve a very specific purpose as the _foundation layer_ for cloud deployments. +Just like a foundation under a house, these images should be secure, reliable, and minimal. +They should support as many cloud use cases as possible and make it easy for any user to add packages or adjust configuration. + +### Minimalism + +Cloud images should contain the most minimal set of packages possible. +In addition, they should run the fewest number of daemons possible -- especially those that listen on TCP or UDP ports. +Many cloud instances are exposed to untrusted networks or the entire internet immediately after boot. + +### Network filtering + +Most public cloud providers and private cloud systems offer software-defined network segmentation or filtering. +These networks and filters are handled dynamically via APIs outside of the Fedora instance and should be the primary method for securing network traffic. +Fedora cloud images should not boot with network filtering enabled. +This avoids confusion between a firewall ruleset in the Fedora instance and the network filters inside the cloud provider's system. + +### Virtual and physical systems + +Certain changes in other parts of Fedora, such as the Workstation or Server editions, may or may not make sense in cloud deployments. +Although most clouds are focused on offering shared resources from the same physical machine with a virtual layer in between, some clouds offer bare metal instance types where Fedora is deployed directly on hardware. +Both use cases should be considered so that Fedora users can deploy the same images to both types of instances. + +### Preserve defaults + +Default configurations used elsewhere in Fedora should be maintained in cloud images whenever possible. +This allows users to flow between other editions, such as Workstation or Server, to cloud images without significant differences. + +## Making a Fedora cloud image change + +Fedora cloud images must evolve over time and the Fedora Cloud SIG welcomes any proposed changes. +To propose a change, copy this list of questions and paste them into an issue within the [cloud-sig] project: + + [cloud-sig]: https://pagure.io/cloud-sig/issues + +* **Configuration** + * Does your change cause the cloud image configuration to differ from other editions, such as Workstation or Server? + * If yes, explain why the defaults from the other editions cannot be used. +* **Daemons & Services** + * Does your change add any daemons or services that run at boot time? + * If yes, do these daemons or services listen on a UNIX socket or a TCP/UDP port? + * Does your change remove any daemons or services that currently run at boot time? +* **Packages** + * Does your change add any packages to the system? + * If yes, please list each and the reason why each is required. + * Does your change remove any packages from the system? + * If yes, please list each and explain why they should be removed. +* **User impact** + * Some users deploy cloud instances for long-lived applications and they manage them by hand. + How would they be affected by your change? + * Some users deploy short-lived cloud instances with automation. + How would they be affected by your change? + * Is there something that a cloud image user should know about your change that would help them? + * Is your change covered in a [Fedora change] submission? + * Does your change correspond to a particular upcoming Fedora release? + + [Fedora change]: https://docs.fedoraproject.org/en-US/program_management/changes_guide/ + +After [submitting the change proposal], monitor the issue in Pagure for any updates or other questions from the Fedora Cloud SIG. +The proposal might require further discussion in a Cloud SIG meeting. +[Fedora Calendar] keeps the most up to date schedule of our meetings. + + [submitting the change proposal]: https://pagure.io/cloud-sig/issues + [Fedora Calendar]: https://calendar.fedoraproject.org/list/cloud/