toggle quoted message
Show quoted text
I was about to mention that I indeed enjoyed the existing CF model of releases which roughly translated to “you better run fast” for consumers.
The thing I found needed some tweaking in the existing model was the approach to including fixes for prio very high CVEs. Often times, in our quest to run fast and keep systems secure as fast as possible, we ended up
pulling in a bunch of features which required additional validation and essentially slowed us down in our effort of rolling things out to production.
I felt that the better approach to support people that can keep the speed would have been to always provide fixes for prio very high CVEs as cherry-picks based on the latest released version (and then of course also include
those fixes into the next “regular” release, too).
Based on the comments so far, it sounds like for consumers “you better run fast” will actually be harder with the newly proposed approach. But maybe I’m not fully understanding the concepts, so it would be great to get
some more details on the plans.
From: <cf-dev@...> on behalf of Chip Childers <cchilders@...>
Reply-To: "cf-dev@..." <cf-dev@...>
Date: Wednesday, 18. July 2018 at 19:38
To: "cf-dev@..." <cf-dev@...>
Subject: Re: [cf-dev] cf-deployment 3.0
Food for thought: One of the challenges here is that maintaining patches for past coordinated releases is expensive (both in time and CI costs). In the CF ecosystem, this has traditionally been the responsibility of the downstream commercial
This isn't to say that there isn't a solution that can help all downstream users (including non-commercial users AND the distros), yet not burden the Rel Int team too much. I'm not sure what that solution is though...
On Mon, Jul 16, 2018 at 9:47 AM Franks, Geoff <geoff.franks@...
I’m going to agree with Marco’s concerns here. Making life harder and less stable for the end users of CF has a real potential to alienate and push away the CF
userbase altogether, even if it’s just in appearance (seeing monthly major releases of a product may cause new organizations to hesitate to migrate, until the release process appears more stable.
Thanks for the context, I wasn't aware of what happened before the release of networking 2.0. To stick with your example, though: From what you are saying I have understood that you would rather have done it this way
– please correct me here if I'm wrong:
integrate networking release 2.0 into cf-deployment,
integrate other PRs with breaking changes
bumping cf-deployment to a new major version, given above changes
merging the CVE fixes only into the new major version of cf-deployment
With this process, you would have achieved the following:
the development teams are happy, because they shipped as soon as they were ready to
operators are grumpy, because they have to bump networking to a new major version and adopt to other breaking changes in order to fix CVEs
I'm not saying you have to turn this tradeoff the other way around, but in my opinion this doesn't seem very consumer friendly.
In your team's mission, you have clearly stated that your goal is to enable development teams to maintain a high velocity. I'd like to stress
that we shouldn't leave the operators and users out of the picture here. In the end, you're developing for them, not for yourself.
I'm not sure if the consumer/operator persona is a thing for RelInt, but if that's the case, here's something I'd like to hold true for whatever
change RelInt makes to their process:
"As an operator of CF, I'd like to consume CVE fixes with as little changes to my existing installation as possible, such that I close known
vulnerabilities as soon as possible"
Does that sound reasonable?
I'm happy to provide more context on the container networking 2.0 reference.
The container networking team submitted a PR to cf-deployment with changes required for them to ship v2.0.
RelInt deferred the container networking team's PR for a few weeks due to competing priorities including multiple CVE's fixes.
During the deferral time, a few other PRs were submitted which included breaking changes.
These additional changes took much more time to integrate and validate than anticipated and in the end, the container networking team's 2.0 release was published in cf-d about 5 weeks after it was ready to go.
The introduction of a regular cadence aims to mitigate this type of delay in the future. Had we had one at the time, the networking team would have timed it's PR to align and we would have been poised to accept and publish it quickly.
We believe this will help teams confidently plan for, communicate about, and negotiate integrating their releases into cf-deployment.
And hopefully enable the RelInt team to integrate and ship major releases more seamlessly.
This is an evolving process so we'll see how things roll in the coming months and make adjustments where it makes sense to do so.
I appreciate and welcome any and all feedback along the way.
Thanks very much,
CTO, Cloud Foundry Foundation