Tuesday, 2018-03-13

« Monday, 2018-03-12 Index Wednesday, 2018-03-14 »
*** liujiong has joined #openstack-barbican00:50
*** openstackgerrit has joined #openstack-barbican01:01
openstackgerritOpenStack Proposal Bot proposed openstack/barbican master: Updated from global requirements  https://review.openstack.org/55145301:01
*** liujiong has quit IRC01:08
*** liujiong has joined #openstack-barbican01:16
*** namnh has joined #openstack-barbican01:39
*** annp has joined #openstack-barbican02:13
aleebarbican weekly meeting starting in a few minutes ..02:59
alee#startmeeting barbican03:00
openstackMeeting started Tue Mar 13 03:00:13 2018 UTC and is due to finish in 60 minutes.  The chair is alee. Information about MeetBot at http://wiki.debian.org/MeetBot.03:00
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.03:00
*** openstack changes topic to " (Meeting topic: barbican)"03:00
openstackThe meeting name has been set to 'barbican'03:00
alee#topic roll call03:00
*** openstack changes topic to "roll call (Meeting topic: barbican)"03:00
liujionghi alee03:00
aleehello :)03:00
dave-mccowano/03:01
liujiongfinally, I get chance to attend our weekly meeting03:01
aleehi dave-mccowan03:01
liujionghi dave-mccowan03:01
dave-mccowanhello all03:01
dave-mccowannamnh ping03:01
namnhdave-mccowan: pong03:01
aleenamnh, its the barbican weekly meeting now in case you'd like  to join03:02
namnhalee: yes, i'm going to join it03:02
aleenamnh, good to see you here03:03
aleewelcome everyone - good to see a good attendance for our new time03:04
aleewe'll keep it at this time from now onwards03:04
alee#topic rocky03:05
*** openstack changes topic to "rocky (Meeting topic: barbican)"03:05
aleeI have collected some thoughts on what could be our focuses in rocky03:05
aleehttps://etherpad.openstack.org/p/barbican-tracker-rocky03:05
aleeas well as various important dates.03:06
openstackgerritRajat Sharma proposed openstack/barbican master: [WIP]Retrieving DER DSA keys  https://review.openstack.org/55196703:06
aleeIf there is anything else you'd like to add, or comment on, please go ahead03:06
aleerajat__, hello :)03:07
aleeplease add any bugs that concern youin particular to the list at the bottom as well.03:07
aleeI have not had a chance to go trough the bugs yet - but knowing which ones folks are working on/ or are affected by will help.03:08
aleeany questions /concerns/ comments?03:09
liujiongok03:09
namnhyes, got it03:10
aleecool03:10
dave-mccowando we want to try to match work items to milestones?  i like deadlines to help prioritize work.  it'll also help to know which items need high priority reviews, etc.03:10
aleedave-mccowan, that dos sound like a good idea -- it would also be nice to match works items with folks too.03:11
aleeall, are there work items that folks would like to sign up for?  or others they'd like to propose03:12
alee?03:12
aleethat way we can see who will work on various things through03:13
aleei would also be nice to get any new specs written by milestone one too03:13
aleedave-mccowan, certainly though I think though we can try to get all the queens carry-ovwer work done by milestone 103:14
aleedave-mccowan, namnh is that possible?03:14
dave-mccowanalee i'll commit to the three client item for m-1.03:16
aleenamnh, I know you've been waiting on reviews -- are there further patches needed afterwards for rolling upgrades?03:16
namnhalee: well, i try my best to update OVO but there are so many unit-test need to be updated.03:17
aleenamnh, is milestone 2 a more realistic target?03:18
namnhalee: i will trying my best03:18
namnhalee: i will try my best03:18
aleeI do plan to review your existing patch very soon - hopefully this week03:18
aleenamnh, all we can ask for :)03:19
aleelets put milestone 2 for now and see how it goes ..03:19
namnhalee: yes03:19
aleeif anyone is interested in any other topics/ features on the list, please fill in and propose milestone03:21
aleeor any other features they would like to work on03:21
aleeany other comments/questions on this topic?03:22
alee#topic intros03:23
*** openstack changes topic to "intros (Meeting topic: barbican)"03:23
*** rajat_ has joined #openstack-barbican03:24
aleeI should have lead with this - but given that this is the first time we're having this meting at this time,03:24
aleewe are probably chatting for the first time with a few folks.03:24
aleeI'm particlatrly interested in what your interest in barbican is, whether you're using it and how, and what you'e interested in03:25
aleeI guess I'll start ..03:25
aleeI'm Ade Lee (PTL).  I work for Red Hat . anwe;ll be releasing Barbican as part of OSP 13 very soon03:26
aleeso I have been working on integration of Barbican with tripleo03:26
aleeand will be working on doing things like performace testing esecially against the pkcs11 and dogtag plugins03:27
*** tajar has quit IRC03:27
aleeand getting more inegration scenarios in place.03:27
aleeone of the things that might happen in the triple-o space is that we may put barbica in the undercloud to hndle secrets there03:28
aleeI'm also keeping tabs in the ongoing castellan /oslo integration work.03:28
aleeok -- next up?03:28
aleedave-mccowan, ?03:29
aleenamnh, liujiong , rajat_ ?03:31
liujiongso i'll be the next one03:31
liujiongI'm Jeremy Liu, work for GohighSec in China, a company aims to enhance security in cloud computing03:32
aleeliujiong, hey Jeremy -  do you guys have deployments with barbican?03:33
liujiongRecently, we've been integrating SGX with barbican to provide secure communication channel/secret transportation.03:33
aleeoh nice!03:34
dave-mccowani'm Dave.  My focus is cloud security at my company.  I started contributing to Barbican a few years ago and have been PTL and a core reviewer.  I see Barbican as instrumental in OpenStack to enable data encryption.  My company's offerings do not currently include Barbican, but I hope we can include it soon.  (Support in OSP 13 will help.)03:34
dave-mccowanliujiong Is there much extra code to use SGX?  can that code be committed back to OpenStack?03:35
liujiongThat work is mostly a PoC, there's much to improve03:36
namnhI am Nam, from Fujitsu VN which is IT company. For now, I am focusing on rolling upgrade for Barbican and i hope that i can implement this interesting feature.03:36
namnhfor Barbican03:36
aleenamnh, does your company use barbican?03:37
namnhYes, we do03:37
aleedo you guys use it with an hsm or other backend?03:37
aleeor just with simple crypto03:38
alee?03:38
namnhi am not sure about this information. maybe HSM03:39
aleenamnh, just curious :)03:39
namnhFor now, Fujitsu Japan is using Barbican, that company is parent of Fujitsu VN03:40
aleeI'd like to try to find out if anyone is actually using barbican in production with an HSM so we can actually make sure its well tested03:40
aleenamnh, are there other features you're interested in - once we wrap up rolling upgrades?03:41
namnhalee: ok, i will ask Fujitsu Japan about use-cases03:42
namnh:)) all of my effort are focusing on rolling-upgrade03:42
aleenamnh, cool - that would be great to know.03:42
namnhalee: ^^03:43
aleeanyone else for intros?03:43
aleerajat_, ?03:43
namnhsorry, but "intros?", what do that mean?03:43
namnhintroduction?03:44
aleeyup introductions03:44
namnh:) thanks03:44
aleenp:)03:45
alee#topic sgx03:45
*** openstack changes topic to "sgx (Meeting topic: barbican)"03:45
aleeliujiong, I'm pretty interested in the sgx stuff.03:46
aleeneat to know that you're working on it03:46
aleeI've seen the code, but yeah - its all poc -- and needs work to actually get it into the upsteam barbican03:47
liujiongyeah, much to improve to meet upstream requirements03:47
liujiongand deployment requirements03:48
aleeliujiong, would you guys be interested in taking some of that on?03:49
aleeI know its a lot, and the intel guys seem to want to throw it over the wall as it were.03:49
liujiongyes, I do, but not sure for R cycle03:50
aleeyeah I think it would be too much for that.03:50
aleewould be really useful though - especially if you add the attestation bits as well03:51
liujiongyup, we tested RA feature03:51
liujiongworks fine03:51
aleegood to know ..03:52
dave-mccowanSGX could be a good Forum talk at summit03:52
aleeI know they have proposed a talk at the summit -- if that gets accepted, we can certainly open a forum talk for them there too.03:53
aleeI'll continue to let them know that folks are interested and trying their stuff out ..03:54
liujiongcool03:54
alee#topic anything else?03:54
*** openstack changes topic to "anything else? (Meeting topic: barbican)"03:54
aleeany other topics?03:54
namnhyes03:55
namnhhttps://review.openstack.org/#/c/547120/03:55
namnhFor there are a error during upgrade Barbican database with maridbdb 10.2.1203:55
liujiongthat's all from me, and it's lunch time, thank you all for this meeting03:55
aleeliujiong, thats Jeremy!03:56
aleethanks03:56
namnhI already checkit, it will be fixed at mariadb 10.2.1303:56
*** dave-mccowan has quit IRC03:56
aleenamnh, oh - thats really good to know --I've been trying to reproduce this03:56
aleenamnh, whats the issue in mariadb 10.2.12?03:57
namnhhere is the bug which was fixed at 10.2.1303:58
namnhhttps://jira.mariadb.org/browse/MDEV-1350803:58
aleenamnh, nice detctive work -- I see a koji build https://koji.fedoraproject.org/koji/buildinfo?buildID=105432903:59
aleefor 10.2.13-2 -- so maybe that update is not pushed yet?04:00
*** daidv has joined #openstack-barbican04:01
namnhyes, i check in devstack.log in gate barbican-dogtag-devstack-functional-fedora-2704:01
namnhit is using mariadb 10.2.1204:02
namnhhttp://logs.openstack.org/20/547120/2/check/barbican-dogtag-devstack-functional-fedora-27/8f93ca1/logs/devstacklog.txt.gz04:02
aleenamnh, ok - thanks for tracking down the issue -- I can follow up with the maintainer for mariadb to find out the status of the update - and maybe get it pushed out sooner rather than later04:03
aleecheecking bodhi04:04
aleenamnh, https://bodhi.fedoraproject.org/updates/FEDORA-2018-00647ae0d504:06
aleenamnh, so shoudl go to stable in looks like 3 days04:07
namnhalee: yes, i just need to wait for now, right?04:08
aleewhich should hopefully resolve this issue04:08
aleenamnh, I think so :)04:08
aleenamnh, I can check wth the maintainer if we need to hurry it up - do we?04:08
namnhalee: i think no need :004:10
aleecool - nice figuring it out :)04:10
aleeany other  business?04:10
namnhthat's all to me04:10
namnh:)04:11
aleethank for coming, all !  see ya next week !04:11
alee#endmeeting04:11
*** openstack changes topic to "Discussion about development of OpenStack Barbican and its client libraries. - Logs: http://eavesdrop.openstack.org/irclogs/%23openstack-barbican/"04:11
openstackMeeting ended Tue Mar 13 04:11:17 2018 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)04:11
openstackMinutes:        http://eavesdrop.openstack.org/meetings/barbican/2018/barbican.2018-03-13-03.00.html04:11
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/barbican/2018/barbican.2018-03-13-03.00.txt04:11
openstackLog:            http://eavesdrop.openstack.org/meetings/barbican/2018/barbican.2018-03-13-03.00.log.html04:11
namnhalee:  bye for now04:12
aleenamnh, thanks - bye for now --04:12
* alee going to bed :)04:12
namnhalee: :)) thank you so much for your changing time. it's good to me, but not good to you :((04:13
aleenamnh, can you update the review to indicate your findings?  so that others know what we're waiting for ..04:14
aleenamnh, no prob - I'm usually up late04:14
namnhsure, i will04:14
aleecool04:14
aleeI'll keep an eye on that update04:15
namnh:))04:16
*** daidv has quit IRC04:22
*** daidv has joined #openstack-barbican04:22
*** rajat__ has quit IRC05:08
*** jaosorior has quit IRC05:22
*** dpawar has joined #openstack-barbican05:24
*** daidv has quit IRC06:04
*** pbourke has quit IRC06:28
*** pbourke has joined #openstack-barbican06:29
openstackgerritOpenStack Proposal Bot proposed openstack/barbican master: Updated from global requirements  https://review.openstack.org/55145306:47
openstackgerritOpenStack Proposal Bot proposed openstack/barbican-tempest-plugin master: Updated from global requirements  https://review.openstack.org/53630506:47
openstackgerritOpenStack Proposal Bot proposed openstack/castellan master: Updated from global requirements  https://review.openstack.org/55230806:48
*** jaosorior has joined #openstack-barbican07:02
openstackgerritOpenStack Proposal Bot proposed openstack/python-barbicanclient master: Updated from global requirements  https://review.openstack.org/54555207:24
*** pcaruana has joined #openstack-barbican07:42
*** liujiong has quit IRC09:07
*** mburrows has quit IRC09:30
*** namnh has quit IRC09:58
*** salmankhan has joined #openstack-barbican10:12
openstackgerritRajat Sharma proposed openstack/python-barbicanclient master: Trouble accessing generated DSA keys  https://review.openstack.org/55247310:43
*** pcaruana has quit IRC10:45
*** dpawar has quit IRC10:49
*** dave-mccowan has joined #openstack-barbican11:43
*** dpawar has joined #openstack-barbican11:43
*** dpawar has quit IRC11:50
*** noslzzp has joined #openstack-barbican12:00
*** raildo has joined #openstack-barbican12:04
*** annp has quit IRC12:07
*** salmankhan has quit IRC12:12
*** salmankhan has joined #openstack-barbican12:27
*** zhurong has joined #openstack-barbican12:35
*** zhurong has quit IRC12:42
*** zhurong has joined #openstack-barbican12:45
*** zhurong has quit IRC13:15
*** jaosorior has quit IRC13:19
*** jaosorior has joined #openstack-barbican13:55
*** jaosorior has quit IRC15:34
*** noslzzp has quit IRC16:33
*** noslzzp has joined #openstack-barbican17:39
*** pbourke has quit IRC17:42
*** salmankhan has quit IRC18:08
*** jaosorior has joined #openstack-barbican18:25
*** AnnabailEBT7FR has joined #openstack-barbican19:34
*** AnnabailEBT7FR has quit IRC19:36
*** raildo has quit IRC19:58
*** mburrows has joined #openstack-barbican20:52
*** mburrows has quit IRC21:31
*** mburrows has joined #openstack-barbican21:31
*** noslzzp has quit IRC22:02
« Monday, 2018-03-12 Index Wednesday, 2018-03-14 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!