Thursday, 2019-08-29

« Wednesday, 2019-08-28 Index Friday, 2019-08-30 »
*** eharney has quit IRC00:06
*** eharney has joined #openstack-meeting00:18
*** ijw_ has joined #openstack-meeting00:20
*** gyee has quit IRC00:22
*** tetsuro has quit IRC00:23
*** ijw has quit IRC00:23
*** ijw_ has quit IRC00:24
*** markvoelker has joined #openstack-meeting00:26
*** brinzhang has joined #openstack-meeting00:28
*** markvoelker has quit IRC00:30
*** enriquetaso has quit IRC00:47
*** larainema has joined #openstack-meeting01:01
*** slaweq has joined #openstack-meeting01:11
*** slaweq has quit IRC01:15
*** jamesmcarthur has joined #openstack-meeting01:17
*** markvoelker has joined #openstack-meeting01:25
*** markvoelker has quit IRC01:30
*** zhubx has quit IRC01:41
*** zhubx has joined #openstack-meeting01:41
*** zhubx has quit IRC01:42
*** zhubx has joined #openstack-meeting01:42
*** ricolin has joined #openstack-meeting01:48
*** jamesmcarthur has quit IRC01:48
*** jamesmcarthur has joined #openstack-meeting01:49
*** jamesmcarthur has quit IRC01:49
*** jamesmcarthur has joined #openstack-meeting01:49
*** ricolin has quit IRC02:04
*** ricolin has joined #openstack-meeting02:05
*** jamesmcarthur has quit IRC02:06
*** ekcs has quit IRC02:06
*** apetrich has quit IRC02:10
*** slaweq has joined #openstack-meeting02:12
*** slaweq has quit IRC02:16
*** jamesmcarthur has joined #openstack-meeting02:18
*** ricolin has quit IRC02:32
*** brault has joined #openstack-meeting02:32
*** ricolin has joined #openstack-meeting02:32
*** brault has quit IRC02:36
*** jamesmcarthur has quit IRC02:37
*** jamesmcarthur has joined #openstack-meeting02:49
*** jamesmcarthur has quit IRC02:59
*** zhubx has quit IRC03:05
*** zhubx has joined #openstack-meeting03:05
*** psachin has joined #openstack-meeting03:10
*** ykatabam has quit IRC03:13
*** rcernin has quit IRC03:13
*** ricolin has quit IRC03:21
*** yaawang has quit IRC03:26
*** yaawang has joined #openstack-meeting03:27
*** ykatabam has joined #openstack-meeting04:03
*** rcernin has joined #openstack-meeting04:05
*** slaweq has joined #openstack-meeting04:11
*** slaweq has quit IRC04:16
*** jamesmcarthur has joined #openstack-meeting05:00
*** jamesmcarthur has quit IRC05:04
*** Luzi has joined #openstack-meeting05:05
*** zhubx has quit IRC05:16
*** boxiang has joined #openstack-meeting05:17
*** boxiang has quit IRC05:20
*** boxiang has joined #openstack-meeting05:21
*** markvoelker has joined #openstack-meeting05:31
*** markvoelker has quit IRC05:36
*** boxiang has quit IRC05:45
*** boxiang has joined #openstack-meeting05:46
*** boxiang has quit IRC05:47
*** boxiang has joined #openstack-meeting05:48
*** rcernin_ has joined #openstack-meeting05:52
*** pwu has joined #openstack-meeting05:54
*** rcernin has quit IRC05:55
*** ykatabam has quit IRC05:57
*** ykatabam has joined #openstack-meeting06:03
*** slaweq has joined #openstack-meeting06:11
*** slaweq has quit IRC06:16
*** zhubx has joined #openstack-meeting06:16
*** boxiang has quit IRC06:16
*** zhubx has quit IRC06:19
*** zhubx has joined #openstack-meeting06:19
*** lpetrut has joined #openstack-meeting06:20
*** zhubx has quit IRC06:20
*** boxiang has joined #openstack-meeting06:21
*** markvoelker has joined #openstack-meeting06:31
*** markvoelker has quit IRC06:36
*** pwu has quit IRC06:37
*** brault has joined #openstack-meeting06:37
*** ricolin has joined #openstack-meeting06:38
*** brault has quit IRC06:40
*** brault has joined #openstack-meeting06:40
*** ircuser-1 has quit IRC06:44
*** ircuser-1 has joined #openstack-meeting06:47
*** slaweq has joined #openstack-meeting06:58
*** _pewp_ has quit IRC07:11
*** _pewp_ has joined #openstack-meeting07:12
*** ykatabam has quit IRC07:26
*** slaweq has quit IRC07:27
*** jbadiapa has joined #openstack-meeting07:28
*** slaweq has joined #openstack-meeting07:31
*** apetrich has joined #openstack-meeting07:37
*** rcernin_ has quit IRC07:40
*** trident has quit IRC07:40
*** trident has joined #openstack-meeting07:49
*** priteau has joined #openstack-meeting07:54
*** rcernin_ has joined #openstack-meeting07:58
*** ralonsoh has joined #openstack-meeting08:04
*** lpetrut has quit IRC08:08
*** markvoelker has joined #openstack-meeting08:10
*** e0ne has joined #openstack-meeting08:11
*** markvoelker has quit IRC08:15
*** e0ne has quit IRC08:20
*** e0ne has joined #openstack-meeting08:34
*** brinzhang has quit IRC08:36
*** brinzhang has joined #openstack-meeting08:37
*** e0ne has quit IRC08:59
*** e0ne has joined #openstack-meeting09:27
*** e0ne has quit IRC09:27
*** apetrich has quit IRC09:47
*** radeks has joined #openstack-meeting10:09
*** markvoelker has joined #openstack-meeting10:11
*** radeks_ has joined #openstack-meeting10:14
*** radeks has quit IRC10:16
*** markvoelker has quit IRC10:20
*** e0ne has joined #openstack-meeting10:21
*** e0ne has quit IRC10:27
*** jawad_axd has joined #openstack-meeting10:29
*** apetrich has joined #openstack-meeting10:44
*** radeks_ has quit IRC10:51
*** carloss has joined #openstack-meeting10:53
*** radeks has joined #openstack-meeting10:53
*** radeks has quit IRC10:58
*** e0ne has joined #openstack-meeting11:00
*** tesseract has joined #openstack-meeting11:15
*** zhubx has joined #openstack-meeting11:16
*** radeks has joined #openstack-meeting11:17
*** boxiang has quit IRC11:18
*** Lucas_Gray has joined #openstack-meeting11:19
*** e0ne has quit IRC11:20
*** e0ne has joined #openstack-meeting11:23
*** lpetrut has joined #openstack-meeting11:24
*** lpetrut has quit IRC11:30
*** e0ne has quit IRC11:32
*** brault has quit IRC11:37
*** dviroel has joined #openstack-meeting11:38
*** e0ne has joined #openstack-meeting11:40
*** Lucas_Gray has quit IRC11:45
*** zhubx has quit IRC11:50
*** njohnston has joined #openstack-meeting12:00
*** brault has joined #openstack-meeting12:03
*** markvoelker has joined #openstack-meeting12:10
*** e0ne has quit IRC12:11
*** markvoelker has quit IRC12:16
*** apetrich has quit IRC12:16
*** rfolco has joined #openstack-meeting12:28
*** larainema has quit IRC12:32
*** markvoelker has joined #openstack-meeting12:38
*** Lucas_Gray has joined #openstack-meeting12:40
*** markvoelker has quit IRC12:42
*** Luzi has quit IRC12:44
*** markvoelker has joined #openstack-meeting12:44
*** markvoelker has quit IRC12:44
*** markvoelker has joined #openstack-meeting12:45
*** lpetrut has joined #openstack-meeting12:52
*** panda|rover|off is now known as panda|rover12:53
*** enriquetaso has joined #openstack-meeting13:00
*** mriedem has joined #openstack-meeting13:07
*** zbr has quit IRC13:08
*** zbr has joined #openstack-meeting13:16
*** apetrich has joined #openstack-meeting13:23
*** baojg has quit IRC13:27
*** kaisers has quit IRC13:29
*** dklyle has quit IRC13:35
*** dklyle has joined #openstack-meeting13:35
*** priteau has quit IRC13:35
*** e0ne has joined #openstack-meeting13:40
*** rcernin_ has quit IRC13:41
*** e0ne has quit IRC13:43
*** AlanClark has joined #openstack-meeting13:46
*** hongbin has joined #openstack-meeting13:48
*** lpetrut has quit IRC13:51
*** zbitter has quit IRC13:53
*** zbitter has joined #openstack-meeting13:54
*** rcernin_ has joined #openstack-meeting13:56
*** jawad_axd has quit IRC13:56
*** mordred has quit IRC13:57
*** d34dh0r53 has quit IRC13:57
*** jawad_axd has joined #openstack-meeting13:57
*** jawad_axd has quit IRC13:57
*** jawad_axd has joined #openstack-meeting13:58
*** mordred has joined #openstack-meeting13:59
*** jawad_ax_ has joined #openstack-meeting14:00
*** d34dh0r53 has joined #openstack-meeting14:01
*** jawad_axd has quit IRC14:02
*** jawad_ax_ has quit IRC14:04
*** jawad_axd has joined #openstack-meeting14:09
*** jawad_axd has quit IRC14:13
*** davee_ has quit IRC14:22
*** e0ne has joined #openstack-meeting14:22
*** Lucas_Gray has quit IRC14:32
*** Wryhder has joined #openstack-meeting14:32
*** Wryhder is now known as Lucas_Gray14:33
*** Lucas_Gray has quit IRC14:35
*** jamesmcarthur has joined #openstack-meeting14:42
*** AlanClark has quit IRC14:45
*** AlanClark has joined #openstack-meeting14:45
*** jbadiapa has quit IRC14:47
*** nickthetait has joined #openstack-meeting14:52
*** mhen has joined #openstack-meeting14:52
*** gagehugo has joined #openstack-meeting14:57
*** jbadiapa has joined #openstack-meeting15:00
gagehugo#startmeeting security15:00
openstackMeeting started Thu Aug 29 15:00:48 2019 UTC and is due to finish in 60 minutes.  The chair is gagehugo. Information about MeetBot at http://wiki.debian.org/MeetBot.15:00
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.15:00
*** openstack changes topic to " (Meeting topic: security)"15:00
openstackThe meeting name has been set to 'security'15:00
gagehugo#link https://etherpad.openstack.org/p/security-agenda agenda15:01
gagehugoo/15:01
mheno/15:01
nickthetaithi hi15:01
nickthetaitahem15:01
nickthetaito/15:01
*** diablo_rojo has joined #openstack-meeting15:01
* fungi is half-here15:01
*** AlanClark has quit IRC15:02
*** AlanClark has joined #openstack-meeting15:02
gagehugo#topic OSSA-2019-00415:03
*** openstack changes topic to "OSSA-2019-004 (Meeting topic: security)"15:03
gagehugo#link https://security.openstack.org/ossa/OSSA-2019-004.html15:03
gagehugoHot off the press15:04
gagehugothanks fungi for handling that15:04
fungino sweat15:05
*** baojg has joined #openstack-meeting15:05
fungithe public workflow is a lot easier than dealing with embargoes ;)15:05
nickthetaitfor sure!15:06
funginote that deliverable technically isn't vulnerability:managed15:06
fungibut handling it was related to a wip governance change i've proposed15:07
fungiUpdate vulnerability:managed policy15:07
*** jamesmcarthur has quit IRC15:07
fungier...15:07
funginote that deliverable technically isn't vulnerability:managed15:07
fungi#link https://review.opendev.org/678426 Update vulnerability:managed policy15:07
*** jamesmcarthur has joined #openstack-meeting15:07
fungiclearly i'm not as thoroughly caffeinated as i should be15:07
* nickthetait takes a sip of tea15:08
fungianyway, feedback is encouraged on that since it's a bit of a paradigm shift in how the openstack vmt has been operating for a number of years15:08
nickthetaitwhat is the change in process?15:09
fungiit's more of a change in policy15:09
fungisummary is: turn the risk assessment requirement into more of a recommendation, but also lower the number of embargoed bugs the vmt needs to track by setting a hard limit on how long a report can remain private15:10
nickthetaitok that sounds sensible15:10
fungialso clarifies that extended-maintenance branches are "best effort"15:10
fungiand that the vmt doesn't track or publish advisories about software components which might be included in release artifacts but which are not themselves written by openstack15:11
fungi(for example, vulnerable glibc in a kolla image)15:11
*** jawad_axd has joined #openstack-meeting15:11
nickthetaitI'll commit to doing a full review of that today15:13
*** e0ne has quit IRC15:14
fungiyeah, the only major changes are the risk assessment and the max embargo period, the rest are just clarifications15:16
*** jawad_axd has quit IRC15:16
gagehugocool15:18
gagehugo#topic Open Discussion15:18
*** openstack changes topic to "Open Discussion (Meeting topic: security)"15:18
gagehugoFloor is open if anyone has anything15:18
nickthetaitI have good news :D15:18
* fungi braces for good news15:18
gagehugogood news is always good15:18
nickthetaithttps://docs.openstack.org/security-guide/ now says "last updated during Train"15:18
nickthetaitlanded at like 5am today hehe15:19
nickthetaita few other major changes were merged yesterday too15:19
gagehugoyup, a lot of good cleanup has gone in15:19
gagehugothanks for doing all those nickthetait15:19
nickthetaityep!15:19
nickthetaittwo other minor ones waiting on reviews15:20
nickthetait#link https://review.opendev.org/#/c/677494/15:20
nickthetait#link https://review.opendev.org/#/c/677513/15:20
nickthetaitAlso have a question about this15:22
nickthetait#link https://bugs.launchpad.net/ossp-security-documentation/+bug/170335315:22
openstackLaunchpad bug 1703353 in OpenStack Security Guide Documentation "Need sections on api audit / cadf" [High,Confirmed]15:22
nickthetaitis it still relevant/needed15:22
nickthetaitI'm not clear on what content it is asking for15:22
gagehugosure15:22
gagehugolemme find some links15:23
gagehugo(as someone who's org uses cadf) I'd say sure it's relevant15:23
nickthetait:)15:25
gagehugo#link https://www.dmtf.org/standards/cadf15:25
gagehugothere's some specs on CADF itself (only 183 pages)15:25
gagehugoand the audit middleware is good too15:26
gagehugo#link https://docs.openstack.org/keystonemiddleware/latest/audit.html15:26
gagehugoand keystone has a page that dives into more details about the event notifications themselves15:27
gagehugo#link https://docs.openstack.org/keystone/latest/admin/event_notifications.html15:27
gagehugonickthetait: have you configured event notifications for openstack before?15:28
nickthetaiti sure haven't15:28
gagehugoI can help out with that one, I've done it for our cloud15:28
nickthetaitthis would be a new page under the compliance chapter?15:28
gagehugoeither that, or monitoring and logging15:29
nickthetaitok15:29
*** jbadiapa has quit IRC15:30
gagehugoas CADF events are notifications from events in openstack (project create, user auth, server create, etc.)15:30
nickthetaitgotcha15:31
nickthetaitwell thats it from me15:31
gagehugonickthetait: I'll see if I can throw something together for that15:32
gagehugoimo it would be good to have a guide on how to do it, I had to wing it myself and I wish I had a clearer guide15:32
nickthetaitthrow a comment on that bug and I'll work my magic and turn it into documentation15:33
gagehugowill do15:33
gagehugo#action: gagehugo to leave a comment on https://bugs.launchpad.net/ossp-security-documentation/+bug/170335315:33
openstackLaunchpad bug 1703353 in OpenStack Security Guide Documentation "Need sections on api audit / cadf" [High,Confirmed]15:33
gagehugoanything else?15:34
mhenI've got another small topic I'd want to address15:34
mhensorry, I haven't been able to attend the last two meetings15:35
gagehugomhen: sure!15:35
gagehugothe last couple meetings were fairly non-existant so no worries15:35
mhenbut I started a discussion before about Cinder suddenly deciding to change the policy format standard15:35
mhenwas there any update on that so far?15:35
gagehugomhen: I still have a sticky note on my monitor to dig into that15:35
gagehugono update yet, sorry15:36
mhenno problem15:36
gagehugoit's on my todo list though :)15:36
mhentoday I happened to notice that Cinder still used .json in Pike15:36
mhenbut changed it in Queens15:36
mhenand so far it still seems to be the only one15:36
gagehugohmm ok15:36
nickthetaitwhat format is it changing to?15:36
mhen.yaml15:36
nickthetaitah15:36
mhenit overrides oslo_policy's default15:36
mhenwhich no  other OpenStack service does currently afaik15:37
mhenso, any expectation about services behaving consistently is now broken15:37
gagehugoThere was an effort to move all policy files to yaml (for comment support), but it seems that multiple projects are inconsistent about describing that they support15:37
nickthetaitugh messy15:37
mhenbiggest problem is, services ignore any format that is not the default15:38
mhen*their defaut ;)15:38
mhen*default15:38
mhenjeez15:38
mhen:D15:38
nickthetaithehe15:38
*** bcafarel has quit IRC15:38
mhenhad this again today, an infrastructure upgraded from Pike to Queens and then things started to break because the policy file for Cinder (previously working .json) was now ignored15:39
fungiany idea if that has improved since queens?15:41
fungiwe've had two more releases since then and are about to have another15:41
mhenlast time I checked (2 weeks ago), the master branch still had the same overriding code in Cinder15:41
mhen#link https://github.com/openstack/cinder/blob/master/cinder/policy.py#L3115:42
mhencompare to15:42
mhen#link https://github.com/openstack/cinder/blob/stable/pike/cinder/policy.py#L2615:42
gagehugoIt looks like it's an issue when upgrading and there not being clear direction that your policies will suddenly start getting ignored because they're not the correct file format, when it worked fine previous release15:43
mhenexactly15:43
gagehugoand some services work, and others don't15:43
smcginnisIt could have been better, but that was documented in the upgrade notes: https://docs.openstack.org/releasenotes/cinder/queens.html#upgrade-notes15:44
* fungi wonders if folks don't read upgrade notes when upgrading15:44
smcginnisUsually not. ;)15:44
gagehugo"The sample file is YAML (because unlike JSON, YAML allows comments). If you prefer, you may use a JSON policy file."15:46
gagehugoI assume you need to specify your policy file though15:46
smcginnis"The policy file to be used may be specified in the /etc/cinder/cinder.conf"15:46
nickthetaitwell thats annoying but not unfixable for an operator15:46
mhenif you wanna use .json, you have to set 'policy_file' in the config starting with Queens15:46
fungiahh, so it does continue to support json, you just need to add a config line15:48
mhenyes15:48
fungiand i guess the upgrade notes weren't clear enough on that point15:48
nickthetaitso the line smcginnis quoted should really say "starting with Queens if you want to use .json, you must set 'policy_file' in /etc/cinder/cinder.conf"?15:48
smcginnisWell, .json or whatever other file you want to use other than the default.15:49
nickthetait"Starting with Queens .yaml is the default format. If you want to use any other format you must set 'policy_file' in /etc/cinder/cinder.conf"15:50
gagehugoI assume the nova issue you saw mhen might be similar15:51
mhenyes, it's imply vice versa, defaulting to .json - ignoring .yaml15:51
mhenI just mentioned it as a comparison15:51
mhenso that you can't use a single consistent format if relying on defaults across the components15:52
mhenI agree that it wasn't entirely undocumented and is an avoidable problem. However, I see this more as a general issue considering that OpenStack components should have consistent and sensible defaults across the board when it comes to security critical configuration, in my opinion.15:52
mhenespecially, since from my experience the documentation about which format to choose for which component is very scattered and even misleading at times15:52
*** bcafarel has joined #openstack-meeting15:52
gagehugoSo a good path forward would be to improve the documentation then, that's something we can do.15:53
gagehugomhen: nickthetait is already helping us with our misleading documentation :)15:54
gagehugo(and quite outdated)15:54
* nickthetait strongly agrees with mhen15:54
mhenfrom a security point of view, I don't fully understand how Cinder is allowed to go it's own way so light-minded15:54
nickthetaitis there anything we can do outside docs?15:54
mhenconvince Cinder to stay in line again ;)15:55
nickthetaitthe complexity does impact the security of a deployment15:55
nickthetaitharder to maintain your current stance through an upgrade15:56
fungidid cinder "go its own way" or did the rest of the services simply not get around to implementing the new interface yet?15:56
fungibut i do agree that a coordinated transition for something like this across most projects would have been nicer for deployers15:57
gagehugoI think there's inconsistencies, if nova is indeed defaulting to json still15:57
smcginnisCinder followed what the community release goal was to implement policy in code. Part of that was using oslo_policy which sets the default. (IIRC)15:57
mhengagehugo, every service but Cinder does afaik15:58
*** hongbin has quit IRC15:58
gagehugoI thought keystone does yaml now15:58
* gagehugo digs though release notes15:58
gagehugomhen: or do you mean in the Queens release?15:58
mhenbut Cinder forcibly overrides the oslo_policy default, https://github.com/openstack/cinder/blob/master/cinder/policy.py#L3115:58
smcginnisAh, that was an oversight then. So is it worse to be different now or to make people change yet again?15:59
mhenI work with Queens on a daily basis, so yeah - I didn't check all current master branches15:59
*** gyee has joined #openstack-meeting16:00
gagehugowe're out of time, we can continue this in #openstack-security, thanks for coming everyone16:00
nickthetaitlater16:01
gagehugo#endmeeting16:01
*** openstack changes topic to "OpenStack Meetings || https://wiki.openstack.org/wiki/Meetings/"16:01
openstackMeeting ended Thu Aug 29 16:01:14 2019 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)16:01
openstackMinutes:        http://eavesdrop.openstack.org/meetings/security/2019/security.2019-08-29-15.00.html16:01
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/security/2019/security.2019-08-29-15.00.txt16:01
openstackLog:            http://eavesdrop.openstack.org/meetings/security/2019/security.2019-08-29-15.00.log.html16:01
*** nickthetait has left #openstack-meeting16:01
fungithanks gagehugo!16:03
gagehugosmcginnis: thanks for helping with clarifying things!16:06
smcginnisgagehugo: No problem, thanks for pointing out the issue. I wasn't aware of it's impact.16:07
*** markvoelker has quit IRC16:15
*** markvoelker has joined #openstack-meeting16:15
*** markvoelker has quit IRC16:27
*** brinzhang has quit IRC16:35
*** brinzhang has joined #openstack-meeting16:36
*** brinzhang has quit IRC16:36
*** brinzhang has joined #openstack-meeting16:37
*** brinzhang has quit IRC16:38
*** brinzhang has joined #openstack-meeting16:39
*** markvoelker has joined #openstack-meeting16:40
*** igordc has joined #openstack-meeting16:44
*** jamesmcarthur has quit IRC16:50
*** tesseract has quit IRC16:50
*** e0ne has joined #openstack-meeting17:02
*** ijw has joined #openstack-meeting17:02
*** e0ne has quit IRC17:04
*** e0ne has joined #openstack-meeting17:04
*** e0ne has quit IRC17:04
*** jbadiapa has joined #openstack-meeting17:07
*** panda|rover is now known as panda|rover|off17:18
*** enriquetaso has quit IRC17:21
*** jawad_axd has joined #openstack-meeting17:26
*** jawad_axd has quit IRC17:29
*** e0ne has joined #openstack-meeting17:35
*** e0ne has quit IRC17:35
*** ralonsoh has quit IRC17:43
*** ekcs has joined #openstack-meeting17:43
*** psachin has quit IRC17:44
*** AlanClark has quit IRC17:53
*** ricolin has quit IRC17:55
*** dougwig has joined #openstack-meeting18:12
*** radeks has quit IRC18:15
*** ijw has quit IRC18:19
*** ijw has joined #openstack-meeting18:19
*** ijw has quit IRC18:21
*** ijw has joined #openstack-meeting18:22
*** ijw has quit IRC18:23
*** ijw has joined #openstack-meeting18:24
*** ijw has quit IRC18:26
*** ijw has joined #openstack-meeting18:27
*** brault has quit IRC18:27
*** ijw_ has joined #openstack-meeting18:28
*** e0ne has joined #openstack-meeting18:29
*** ijw_ has quit IRC18:29
*** ijw has quit IRC18:32
*** ijw_ has joined #openstack-meeting18:32
*** ijw_ has quit IRC18:32
*** e0ne has quit IRC18:32
*** ijw has joined #openstack-meeting18:35
*** ijw_ has joined #openstack-meeting18:36
*** ijw_ has quit IRC18:37
*** ijw has quit IRC18:38
*** ijw has joined #openstack-meeting18:39
*** ijw has quit IRC18:43
*** e0ne has joined #openstack-meeting18:55
*** hongbin has joined #openstack-meeting18:58
*** enriquetaso has joined #openstack-meeting19:01
*** e0ne has quit IRC19:01
*** ijw has joined #openstack-meeting19:01
*** e0ne has joined #openstack-meeting19:03
*** hongbin has quit IRC19:03
*** ijw has quit IRC19:04
*** slaweq has quit IRC19:04
*** e0ne has quit IRC19:04
*** e0ne has joined #openstack-meeting19:05
*** ijw has joined #openstack-meeting19:05
*** e0ne has quit IRC19:05
*** armstrong has joined #openstack-meeting19:11
*** slaweq has joined #openstack-meeting19:11
*** armstrong_ has joined #openstack-meeting19:13
*** armstrong has quit IRC19:15
*** armstrong_ is now known as armstrong19:15
*** slaweq has quit IRC19:15
*** enriquetaso has quit IRC19:21
*** enriquetaso has joined #openstack-meeting19:21
*** diablo_rojo has quit IRC19:27
*** enriquetaso has quit IRC19:44
*** brault has joined #openstack-meeting19:48
*** eharney has quit IRC19:50
*** brault has quit IRC19:52
*** slaweq has joined #openstack-meeting19:59
*** slaweq has quit IRC20:04
*** slaweq has joined #openstack-meeting20:11
*** slaweq has quit IRC20:16
*** eharney has joined #openstack-meeting20:17
*** ijw_ has joined #openstack-meeting20:20
*** ijw has quit IRC20:24
*** jamesmcarthur has joined #openstack-meeting20:36
*** lpetrut has joined #openstack-meeting20:45
*** lpetrut has quit IRC20:51
*** efried has joined #openstack-meeting21:01
efried#startmeeting nova21:01
openstackMeeting started Thu Aug 29 21:01:08 2019 UTC and is due to finish in 60 minutes.  The chair is efried. Information about MeetBot at http://wiki.debian.org/MeetBot.21:01
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.21:01
*** openstack changes topic to " (Meeting topic: nova)"21:01
openstackThe meeting name has been set to 'nova'21:01
mriedemo/21:01
aspierso/21:01
*** ijw_ has quit IRC21:02
efried#link agenda https://wiki.openstack.org/wiki/Meetings/Nova#Agenda_for_next_meeting21:06
efriedif it's just the three of us, I'm going to skip the agenda and just ask if y'all want to talk about anything.21:06
mriedemnot really21:07
*** ijw has joined #openstack-meeting21:07
efriedThese 2100 meetings seem to be pretty sparse of late. Wondering if we should move or drop them. I think the only people who miss the 1400 ones routinely are west-coasters21:07
aspiersNothing really, just to say that stephenfin stuck SEV on the runway this morning and it should all be ready to go21:07
aspiersI just cut it over to use his new scheduler/utils.py thing21:07
efriedcool21:07
efriedglad to see that merged. It's gonna make some things simpler21:08
efriedThere's this:21:08
efried(melwitt): I'm out on PTO today and tomorrow but wanted to seek approval for a specless blueprint https://blueprints.launchpad.net/nova/+spec/policy-rule-for-host-status-unknown21:08
efriedI have uploaded code to hopefully help with approval: https://review.opendev.org/67918121:08
aspiersbut the thing with moving vcpus etc. over to requested_resources still needs to be done, right?21:08
efriedaspiers: Yes21:08
aspiersit's all gradually beginning to make a bit more sense to me21:09
*** rfolco has quit IRC21:09
efriedThat 'host status UNKNOWN' thing sounds really familiar.21:09
efriedI thought we already talked about this a couple weeks ago.21:09
efriedo look, notes in the whiteboard21:10
*** slaweq has joined #openstack-meeting21:11
efriedSo... without digging into this more, I'm not going to be able to render an opinion21:11
efriedmriedem: can you tell at a glance whether this conforms to your suggestions?21:12
mriedemi haven't reviewed the change21:12
efriedIf we get your ack, we can kind of assume gibi's, based on his note there21:12
efriedwould be nice to get lbragstad's nod too21:13
efriedbut... does it really make sense for us to be approving a blueprint two weeks before FF?21:13
mriedemi'd rather not21:13
mriedemespecially when it touches the api21:13
mriedemand the code was posted yesterday21:14
efriedyeah, unless there's some reason this is important enough to preempt cores reviewing other stuff that's been approved & coded for a long time, I don't think it makes sense to add this straw to the camel's back.21:14
*** slaweq has quit IRC21:15
efriedwithout melwitt here to argue that justification, I think we have to assume21:15
* efried draws red X21:16
mriedem :x duh duh duh21:17
efriedokay, anything else to talk about?21:17
mriedemnot from me21:18
efriedallllrightythen21:18
efriedo/21:18
efried#endmeeting21:18
*** openstack changes topic to "OpenStack Meetings || https://wiki.openstack.org/wiki/Meetings/"21:18
openstackMeeting ended Thu Aug 29 21:18:26 2019 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)21:18
openstackMinutes:        http://eavesdrop.openstack.org/meetings/nova/2019/nova.2019-08-29-21.01.html21:18
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/nova/2019/nova.2019-08-29-21.01.txt21:18
openstackLog:            http://eavesdrop.openstack.org/meetings/nova/2019/nova.2019-08-29-21.01.log.html21:18
*** rcernin_ has quit IRC21:25
*** jamesmcarthur has quit IRC21:26
*** markvoelker has quit IRC21:32
*** jamesmcarthur has joined #openstack-meeting21:38
*** rfolco has joined #openstack-meeting21:42
*** jamesmcarthur has quit IRC21:43
*** jamesmcarthur has joined #openstack-meeting21:59
*** jamesmcarthur has quit IRC22:04
*** jamesmcarthur has joined #openstack-meeting22:10
*** slaweq has joined #openstack-meeting22:11
*** number80 has quit IRC22:12
*** eharney has quit IRC22:12
*** slaweq has quit IRC22:15
*** jamesmcarthur has quit IRC22:17
*** ijw has quit IRC22:18
*** armstrong has quit IRC22:22
*** jamesmcarthur has joined #openstack-meeting22:31
*** diablo_rojo has joined #openstack-meeting22:32
*** ijw has joined #openstack-meeting22:34
*** markvoelker has joined #openstack-meeting22:35
*** jamesmcarthur has quit IRC22:35
*** ijw has quit IRC22:37
*** ijw has joined #openstack-meeting22:38
*** markvoelker has quit IRC22:40
*** rcernin has joined #openstack-meeting22:43
*** markvoelker has joined #openstack-meeting23:01
*** ykatabam has joined #openstack-meeting23:08
*** markvoelker has quit IRC23:11
*** ykatabam has quit IRC23:43
*** brinzhang has quit IRC23:53
*** brinzhang has joined #openstack-meeting23:54
*** gyee has quit IRC23:55
*** hongbin has joined #openstack-meeting23:59
« Wednesday, 2019-08-28 Index Friday, 2019-08-30 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!