From: Ariadne Conill <ariadne@dereferenced.org>
To: Mike Crute <mike@crute.us>
Cc: ~alpine/devel@lists.alpinelinux.org, tomalok@gmail.com
Subject: Re: [3.14] Release process change proposal: Add official Alpine Linux cloud images
Message-ID: <25544517.Nm2VenqIb5@nanabozho>
In-Reply-To: <20201215030452.GA359703@crute.us>
References: <134020455.7nPEQRCJ1u@nanabozho> <20201215030452.GA359703@crute.us>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
Date: Tue, 15 Dec 2020 06:07:59 GMT

Hello,

On Monday, December 14, 2020 8:04:52 PM MST Mike Crute wrote:
> On Tue, Dec 15, 2020 at 02:29:08AM +0000, Ariadne Conill wrote:
> > Hello,
> > 
> > I believe it is time (beyond time, really) for us to start mastering
> > official Alpine cloud images as part of the release process.  This is
> > something that other distributions comparable to us have been doing
> > for some time.
> > 
> > Additionally, due to the vacuum of official cloud images, there has
> > been a few people offering custom Alpine images on AWS at prices that
> > any reasonable person would consider predatory [1].  Multiple people
> > have been lead at first glance to believe these activities were
> > somehow connected to the project, which is also a problem [2].
> > 
> > This lead to community members banding together to create unofficial
> > community AMIs for using Alpine on EC2 that are offered gratis [3],
> > but those efforts have not had the official backing of the project,
> > which continues to enable the predatory vendors to unjustly profit
> > from our project and its reputation.
> > 
> > ## Benefits to Alpine
> > 
> > Adopting the Alpine Linux EC2 images (and adjusting them to use
> > cloud-init [4]) would give users a clear path to an Alpine image on
> > the cloud provider of their choice, at least AWS, Google Cloud, Azure
> > and Oracle would be targeted to begin with.  With a clear path to an
> > officially supported image, predatory vendors would find it more
> > difficult to continue misusing the Alpine name and reputation to sell
> > their custom images and pass them off as official.
> > 
> > ## Organizational Plan
> > 
> > These images would be maintained by a new Cloud team which would
> > coordinate the image mastering process, as well as all packages
> > relating to using, creating and publishing the images.
> > 
> > They would participate in the release management process, ensuring
> > that Alpine images are generated and published automatically by the
> > build servers when a release is generated.
> > 
> > ## Support Requirements from Alpine Infrastructure Team
> > 
> > The resources relating to the the community AMI image effort would be
> > transferred to the Infrastructure team.  This primarily consists of a
> > small application that acts as a credential broker.
> > 
> > Storage for the images would also become managed by the infrastructure
> > team, but most likely we could get the costs of doing so offset as
> > other distributions have.
> > 
> > A GitLab team would be created for the Cloud team so that they may own
> > packages and Git repositories in the Alpine project.
> > 
> > Ariadne
> 
> Hi Ariadne,
> 
> I started the community images that you are referring to and am one of
> the maintainers of them. I completely support pulling these into the
> upstream Alpine project and treating them as official release. I would
> be happy to assist in doing that and, with my co-maintainers, continuing
> to maintain and release them as part of the Cloud team going forward.

Yes, this is basically the idea I had in mind after talking to you about it on 
IRC.  I would prefer to see you lead this new team in fact, since you're 
already producing the community images anyway.

> The current images all reside in an AWS account dedicated to only the
> hosting and production of those images. Migrating it to Alpine should be
> trivial, and current users would not be required to change their
> orchestration scripts to continue using the official images.
> 
> There's a little bit of private infrastructure that facilitates secure
> credential management that would need to be open sourced and transferred
> to the Alpine Infrastructure team but that too should be pretty
> straightforward. That infrastructure will need to grow a bit to support
> multi-cloud use-cases in the future.

Most likely the credential broker software itself would still be maintained by 
the cloud team, with infra team handling the deployment of the software.  This 
is how it is done with other services managed by the infra team.

> We've been primarily focused on stability and feature completeness for
> AWS at this point and I think we're on good footing there. I'd recommend
> releasing those images as official as soon as reasonably possible, then
> we can start to investigate the work that would be required to begin
> adding support for other clouds. This would also put us into a good
> position to advertise the images on the AWS marketplace as official
> Alpine images and to make the case for the removal of the existing,
> predatory, images.

Right that is my hope that we can have this for 3.14, and thus put that $2500/
year image out of business.  I think it is something achievable.  Obviously 
getting something together for 3.13 is not doable, since we are already close 
to release.

> I've opened issues in our GitHub project [0] to begin research on the
> other items you've mentioned.
> 
> [0] https://github.com/mcrute/alpine-ec2-ami/issues

We will probably want to move the github repo into the Alpine gitlab, but for 
now, we can work through issues over on github until the necessary 
infrastructure begins to be set up.

Right now, my main goal is to get everyone interested in making this happen 
talking to each other, so we can move forward with establishing a more formal 
relationship with AWS, Azure, Google, Oracle and whoever else's cloud we want 
our images on.

Ariadne