I'd like to propose another way which is to release 1.2.1 to replace 1.2.0 repos. I'm resuming the work on 1.2.1 but we still have something broken. Let me post more info when I get into it.
Kevin Monroe <[email protected]>於 2017年9月2日 週六,上午7:25寫道: > On Fri, Sep 1, 2017 at 6:00 PM, Konstantin Boudnik <[email protected]> wrote: > > > On Fri, Sep 01, 2017 at 05:28PM, Kevin Monroe wrote: > > > Hey Cos, > > > > > > On Fri, Sep 1, 2017 at 4:46 PM, Konstantin Boudnik <[email protected]> > > wrote: > > > > > > > Sorry, my earlier message had to say > > > > "...removal of Kafka should NOT affect..." > > > > > > > > Anyway, I don't really get it why the key is unavailable, all of a > > sudden. > > > > It > > > > belongs to Rvs [1] and seems to be valid. I take it, the > installations > > were > > > > working fine before Sep 1st (the Kafka removal day), right? > > > > > > > > > > I haven't actually confirmed this. As mentioned, it doesn't matter to > my > > > bigtop deployments if the repo is signed or not because of this: > > > > > > https://github.com/juju-solutions/bigtop/blob/master/ > > bigtop-deploy/puppet/manifests/bigtop_repo.pp#L45 > > > > > > I'll see what I can do to replicate a deployment pre-Sept1 and see if > > > something is different. But for now, things work as they always > have. I > > > do still think a repo adjustment (removing kafka) and potential > resigning > > > is in order. > > > > I would hate to see you wasting any of your time on what is, at this > > point, an > > academic musing. Fixing the repo (both from the signing and metadata > > points of > > view) is more important, IMO. > > > > Not a time waste at all! I just needed to find a pre-Sept1 deployment to > do some apt-get stuff. It seems the repo signing has been an issue before > Sept 1 (note, i didn't apt-get update before this, so it's using pre-sept1 > repo metadata): > > $ sudo apt-get install hive > Reading package lists... Done > Building dependency tree > Reading state information... Done > The following additional packages will be installed: > hadoop-client hive-jdbc > The following NEW packages will be installed: > hadoop-client hive hive-jdbc > 0 upgraded, 3 newly installed, 0 to remove and 8 not upgraded. > Need to get 86.3 MB of archives. > After this operation, 104 MB of additional disk space will be used. > Do you want to continue? [Y/n] > WARNING: The following packages cannot be authenticated! > hadoop-client hive-jdbc hive > Authentication warning overridden. > Get:1 > http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ubuntu/16.04/ppc64le > bigtop/contrib > <http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ubuntu/16.04/ppc64lebigtop/contrib> > ppc64el hadoop-client ppc64el 2.7.3-1 [3,426 B] > Get:2 > http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ubuntu/16.04/ppc64le > bigtop/contrib > <http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ubuntu/16.04/ppc64lebigtop/contrib> > ppc64el hive-jdbc all 1.2.1-1 [42.4 MB] > Get:3 > http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ubuntu/16.04/ppc64le > bigtop/contrib > <http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ubuntu/16.04/ppc64lebigtop/contrib> > ppc64el hive all 1.2.1-1 [43.9 MB] > > The important bit there is: > > WARNING: The following packages cannot be authenticated! > > I'm curious if others have seen a problem with apt (and super curious if it > affects yum repos as well), or if we've all just been cool > with "APT::Get::AllowUnauthenticated 1;". Again, this doesn't break > anything atm! Just noting it here because it came up with the kafka > removal. If it's something we should fix, let's do it! > > Thanks, > -Kevin > > > > > > Thanks for clarification though! > > Cos > > > > > > On Fri, Sep 01, 2017 at 03:47PM, Kevin Monroe wrote: > > > > > Ahhhh, sorry Evans! I saw the users note but didn't correlate my > > issue > > > > > being kafka-related. Thank you for the explanation! > > > > > > > > > > As for the signing error, this hasn't actually hindered my ability > to > > > > > deploy things: > > > > > > > > > > W: GPG error: http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ > > > > > ubuntu/16.04/ppc64le bigtop InRelease: The following signatures > > couldn't > > > > be > > > > > verified because the public key is not available: NO_PUBKEY > > > > 13971DA39475BD5D > > > > > > > > > > Apt-get (versus 'apt') are ok to deploy from unsigned repos because > > of > > > > this: > > > > > > > > > > https://github.com/juju-solutions/bigtop/blob/master/ > > > > bigtop-deploy/puppet/manifests/bigtop_repo.pp#L45 > > > > > > > > > > I'm not advocating that this is "good"; just noting that it works > and > > > > why. > > > > > Anyway, I'm not sure if the repo needs to be resigned after > removing > > a > > > > > package, but minimally I think the metadata should be updated to > > reflect > > > > > the removal of kafka. As it stands, I can "sudo apt-get install > > kafka" > > > > and > > > > > it looks like it's gonna work until I hit the 403 Forbidden > error. I > > > > would > > > > > prefer that 'kafka' not be advertised as available at all in the > > repo. > > > > > This would require a change to Packages for apt repos -- i'm sure > > there's > > > > > an equivalent for yum repos as well. > > > > > > > > > > Thanks again Evans for letting me know what's up. I was ready to > > hunt > > > > down > > > > > Amir to figure out what he broke ;) > > > > > -- > > > > > Kevin Monroe > > > > > > > > > > On Fri, Sep 1, 2017 at 12:47 PM, Konstantin Boudnik < > [email protected]> > > > > wrote: > > > > > > > > > > > The removal of Kafka should affect the existence of the signing > > key. > > > > > > On the other hand, when you remove a package you'd need to > > recalculate > > > > YUM > > > > > > repo checksums, IIRC. > > > > > > > > > > > > Cos > > > > > > > > > > > > On Sat, Sep 02, 2017 at 12:26AM, Evans Ye wrote: > > > > > > > I've removed Kafka packages due to license issues. > > > > > > > Please search "[IMPORTANT] Removing Facebook's BSD+Patents > > License > > > > > > > dependencies" on user or announce mailing list. > > > > > > > There're some options provided in that announcement. > > > > > > > > > > > > > > On the Bigtop side, in order to release Kafka binaries again, > we > > > > need to > > > > > > > upgrade Kafka to a release that includes newer version of > > rocksdb. > > > > > > > Currently they've depend on rocksDB: "5.3.6", we need 5.5.4 or > > 5.5.5, > > > > > > which > > > > > > > is released under duel license. > > > > > > > > > > > > > > > > > > > > > 2017-09-01 23:12 GMT+08:00 Kevin Monroe < > > [email protected] > > > > >: > > > > > > > > > > > > > > > Hey folks! > > > > > > > > > > > > > > > > I've heard reports that 1.2.0 repos aren't working this > > morning. > > > > > > Verified > > > > > > > > on both x86 and ppc on ubuntu 16.04: > > > > > > > > > > > > > > > > $ sudo apt-get update > > > > > > > > Hit:1 http://ports.ubuntu.com/ubuntu-ports xenial InRelease > > > > > > > > Hit:2 http://ports.ubuntu.com/ubuntu-ports xenial-updates > > > > InRelease > > > > > > > > Hit:3 http://ports.ubuntu.com/ubuntu-ports xenial-backports > > > > InRelease > > > > > > > > Hit:4 http://ports.ubuntu.com/ubuntu-ports xenial-security > > > > InRelease > > > > > > > > Get:5 > > > > > > > > http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ > > > > > > ubuntu/16.04/ppc64le > > > > > > > > bigtop InRelease [2,665 B] > > > > > > > > Ign:5 > > > > > > > > http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ > > > > > > ubuntu/16.04/ppc64le > > > > > > > > bigtop InRelease > > > > > > > > Fetched 2,665 B in 1s (2,045 B/s) > > > > > > > > Reading package lists... Done > > > > > > > > W: GPG error: > > > > > > > > http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ > > > > > > ubuntu/16.04/ppc64le > > > > > > > > bigtop InRelease: The following signatures couldn't be > verified > > > > > > because the > > > > > > > > public key is not available: NO_PUBKEY 13971DA39475BD5D > > > > > > > > W: The repository ' > > > > > > > > http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ > > > > > > ubuntu/16.04/ppc64le > > > > > > > > bigtop InRelease' is not signed. > > > > > > > > N: Data from such a repository can't be authenticated and is > > > > therefore > > > > > > > > potentially dangerous to use. > > > > > > > > N: See apt-secure(8) manpage for repository creation and user > > > > > > configuration > > > > > > > > details. > > > > > > > > > > > > > > > > $ sudo apt-get install kafka > > > > > > > > Reading package lists... Done > > > > > > > > Building dependency tree > > > > > > > > Reading state information... Done > > > > > > > > The following NEW packages will be installed: > > > > > > > > kafka > > > > > > > > 0 upgraded, 1 newly installed, 0 to remove and 8 not > upgraded. > > > > > > > > Need to get 32.1 MB of archives. > > > > > > > > After this operation, 36.3 MB of additional disk space will > be > > > > used. > > > > > > > > WARNING: The following packages cannot be authenticated! > > > > > > > > kafka > > > > > > > > Authentication warning overridden. > > > > > > > > Err:1 > > > > > > > > http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ > > > > > > ubuntu/16.04/ppc64le > > > > > > > > bigtop/contrib ppc64el kafka all 0.10.1.1-1 > > > > > > > > 403 Forbidden > > > > > > > > E: Failed to fetch > > > > > > > > http://bigtop-repos.s3.amazonaws.com/releases/1.2.0/ > > > > > > > > ubuntu/16.04/ppc64le/pool/contrib/k/kafka/kafka_0.10.1. > > 1-1_all.deb > > > > > > > > 403 Forbidden > > > > > > > > > > > > > > > > E: Unable to fetch some archives, maybe run apt-get update or > > try > > > > with > > > > > > > > --fix-missing? > > > > > > > > > > > > > > > > Anyone know what's up? Thanks! > > > > > > > > -Kevin > > > > > > > > > > > > > > > > > > > > >
