20:00:31 <redrobot> #startmeeting barbican
20:00:32 <openstack> Meeting started Mon Sep 14 20:00:31 2015 UTC and is due to finish in 60 minutes.  The chair is redrobot. Information about MeetBot at http://wiki.debian.org/MeetBot.
20:00:34 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
20:00:36 <openstack> The meeting name has been set to 'barbican'
20:00:47 <redrobot> #topic Roll Call
20:00:57 <dave-mccowan> :-D
20:00:57 <rellerreller> o/
20:00:58 <silos1> o/
20:01:00 <diazjf> 0/
20:01:06 <elmiko> o/
20:01:10 <kfarr> o/
20:01:13 <hockeynut> o/
20:01:24 <woodster_> o/
20:01:27 <redrobot> dave-mccowan channeling your inner chellygel? :)
20:01:28 <alee> o/
20:01:40 <hockeynut> dave-mccowan getting all fancy on us
20:01:43 <arunkant> o/
20:01:47 <lisaclark1> o/
20:02:01 * dave-mccowan looking for something to cut and paste.
20:02:04 <jkf> o/
20:02:14 <redrobot> lots of barbicaneers here today
20:02:23 <redrobot> let's get this started
20:02:33 <redrobot> as usual the agenda can be found here:
20:02:34 <redrobot> #link https://wiki.openstack.org/wiki/Meetings/Barbican
20:02:50 <redrobot> #topic Dave McCowan nominated for Core team
20:03:01 <redrobot> #link http://lists.openstack.org/pipermail/openstack-dev/2015-September/073866.html
20:03:41 <redrobot> as a reminder the core process is outlined here:
20:03:42 <redrobot> #link https://wiki.openstack.org/wiki/Barbican/CoreTeam
20:03:50 <jaosorior> well, it appears dave-mccowan has gotten the 5 votes already
20:03:52 <redrobot> I counted 5x +1 ad no -1s
20:03:57 <dave-mccowan> thanks all for the nomination and votes!  i'm happy to serve. :-)
20:04:17 <elmiko> nice, early congrats dave-mccowan ;)
20:04:21 <redrobot> so unless someone is opposed, I'll add dave-mccowan to the core team after the meeting
20:04:32 <diazjf> congrats :-D
20:04:32 <hockeynut> + oo
20:04:38 <rellerreller> woot!
20:04:50 <jaosorior> yay :D
20:04:50 * redrobot does not expect anyone to oppose
20:04:55 <alee> redrobot, lets get him +2 ability asap please :)
20:05:09 <silos1> congrats!!
20:05:13 <redrobot> alee should be good to go as soon as I add him tot he Gerrit group
20:05:27 <jaosorior> Congrats dave-mccowan! You really earned it :D
20:05:27 <edtubill> congrats :)
20:05:31 <arunkant> congrats dave-mccowan
20:05:39 <hockeynut> drinks are on dave-mccowan ~
20:05:51 <redrobot> agreed hockeynut
20:05:56 <kfarr> Hooray!  Congrats! \o/
20:05:57 * redrobot expects sake in Tokyo
20:06:06 <elmiko> redrobot++
20:06:12 <alee> I like that ++
20:06:26 <dave-mccowan> sake in tokyo it is.  +W
20:06:56 <elmiko> hehe, nice
20:07:00 <dave-mccowan> thanks all
20:07:04 <redrobot> #agreed dave-mccowan will buy a round of sake in Tokyo
20:07:18 <redrobot> ok, moving on
20:07:32 <redrobot> #topic Federated Barbican Update
20:07:38 <redrobot> silos1 this is your topic, yes?
20:07:41 <silos1> yes
20:07:46 <silos1> As always the wiki is here: https://wiki.openstack.org/wiki/Barbican/Discussion-Federated-Barbican#Related_Articles
20:08:11 <silos1> I've reached out to Mercador to get their input on Federated barbican and we are tyring to set something up later this week.
20:08:36 <silos1> redrobot: I was also interested in hearing how your meeting went with respect to Federated Barbican.
20:08:51 <redrobot> silos1 I had a meeting with Joe Savak last week.  He's one of the architects for Identity here at the rack
20:09:28 <redrobot> we mainly talked about how federation might work at a high level
20:09:36 <silos1> redrobot: ah ok.
20:09:54 <redrobot> There's two workflows we talked about
20:10:21 <redrobot> The first one was for establishing a trust between the public barbican and the private one
20:10:57 <redrobot> this is where the owner of the private barbican configures the public barbican to make them aware of each other.
20:11:26 <redrobot> the second workflow was for actually using keys from the private barbican inside the public cloud
20:12:17 <redrobot> silos1 I'm not sure I fully undestand the second diagram in the wiki
20:12:20 <silos1> redrobot: that sounds awesome. The wiki for Federated barbican broken down to two main issues and it seems like we agree on the same issues.
20:13:18 <redrobot> silos1 yeah, I think we're starting to get a good idea of the scope of the problem
20:13:39 <redrobot> Joe's recommendation was to investigate to see if there are any existing protocols for key federation
20:13:41 <silos1> redrobot: That diagram is meant to represent the entire flow for retrieving the a key/secret from the private barbican
20:14:17 <redrobot> I have to turn Joe's whiteboard drawings into sequence diagrams and then we can discuss them
20:14:37 <redrobot> #action redrobot to make diagrams of federation workflows discussed with Joe
20:14:48 <diazjf> redrobot, that would be awesome, I would like to see that
20:14:56 <silos1> redrobot: sounds good. Were you still interestd in doing a fishbowl at Tokyo for Federated Barbican?
20:15:17 <redrobot> yes
20:15:47 <redrobot> we can talk about the summit next
20:15:54 <redrobot> silos1 anything else we should mention on this topic?
20:16:04 <silos1> redrobot: nope. thanks.
20:16:10 <redrobot> ok, moving on
20:16:21 <redrobot> #topic Tokyo Summit
20:16:23 <redrobot> so we ended up with 2 fishbowls, 8 design sessions and 1 meetup for the Tokyo
20:16:41 <redrobot> I'm thinking one fishbowl should be used for Federation
20:17:01 <alee> whats a meetup?
20:17:03 <redrobot> silos1 diazjf will either of you be attending?
20:17:18 <redrobot> alee it's the 1/2 day block during the last day, like we had in Vancouver
20:17:29 <silos1> diazjf will. I've kept him up to date on most of the Federation stuff.
20:18:03 <redrobot> cool, hopefully by then we've all agreed on good workflow diagrams and we can talk about them during the fishbowl
20:18:12 <silos1> awesome!
20:18:17 <redrobot> also I'd like to hear use cases from attendees
20:19:35 <redrobot> I was thinking the 2nd fishbowl we can use to talk about adding the option to turn off CAS features, and the eventual v2.
20:19:48 <redrobot> s/CAS/CMS/
20:20:21 <alee> sounds ok to me
20:21:24 <redrobot> I don't have a plan for Design Sessions yet
20:21:33 <rellerreller> How much focus on CMS and how much on v2?
20:22:18 <redrobot> rellerreller I don't want to dive too deep into v2.  I think fishbowls are great to get wide community feedback, but I don't want everyone bikeshedding the api there.
20:23:06 <alee> redrobot, I'm not sure theres a whole lot to discuss about an option to turn off CMS in a fishbowl ..
20:23:27 <rellerreller> With the v2 stuff what is there to discuss?
20:24:02 <redrobot> not much currently...  I was thinking we would talk about the roadmap for the next 1-2 cycles
20:24:06 <alee> seems like a design session topic to me .. we decided to provide it  and now just a matter of figuring out how to do it
20:24:13 <rellerreller> I'm trying to figure out how much I want to attend a session on CMS.
20:24:20 <redrobot> ah
20:24:28 <rellerreller> A session on v2 and discussing what should and should not be in it interests me.
20:24:43 <rellerreller> A discussion on the API for CMS is interesting but not as much.
20:25:01 <dave-mccowan> Would cross project integration be a more interesting fishbowl?  updates on those in progress (swift, nova/cinder, neutron) and requirements from some new ones (magnum).
20:25:14 <hockeynut> dave-mccowan I like that idea
20:25:30 <woodster_> alee, I could see other teams wishing to integrate with barbican weighing in, not sure though. Related to the CMS use cases with barbican other projects have mentioned
20:26:02 <woodster_> dave-mccowan: +1
20:26:10 <alee> woodster_, weighing in to what?
20:26:36 <alee> woodster_, whether to provide option to turn off cms?  or on v2 api?
20:27:00 <woodster_> alee, well, the short and long term roadmap for CMS and v2
20:27:18 <alee> I like the idea of project integration - and also of roadmap
20:27:40 <alee> both are very good fishbowl topics
20:28:17 <alee> are those better fishbowl topics than fedreated barbican?
20:29:22 <rellerreller> I feel like federated barbican is a great topic that would spur a lot of discussion.
20:29:29 <dave-mccowan> is federated barbican different from federated keystone?
20:29:49 <rellerreller> Whereas integration with Barbican might turn out to be more of a how to as opposed to a discussion.
20:29:56 <alee> (I'm not proposing we not have a session on federated barbican - just wondering if this is something thats a fishbowl or design session)
20:30:09 <rellerreller> ah
20:30:22 <redrobot> I would think that Federation should be a fishbowl... I'm interested in use cases outside of our team
20:30:38 <silos1> dave-mccowan: I would think so. Federated keystone can be used for federated barican but there is more that is needed besides that.
20:30:49 <redrobot> dave-mccowan similar ideas, but they would be different in implementation
20:32:22 <redrobot> silos1 dave-mccowan the long explanation:  currently Keystone allows users external to itself to authenticate and access public cloud resources.  You could, for example, use federated keystone to grant access to barbican secrets to a user that is defined in some private cloud user management system.
20:33:07 <redrobot> silos1 dave-mccowan federation as a feature of barbican would expand that to allow any keystone user (real or federated) to use secrets stored in a private instance of barbican to decrypt public resources.
20:33:10 <alee> redrobot, silos1 , rellerreller I agree that fed barbican is interesting and something on which we want to get feedback.  On the other hand - integrating with barbican and road map haslots of things that are interesting to the other projjects
20:33:23 <alee> and there are lots of things to talk about there ..
20:33:39 <rellerreller> such as?
20:33:40 <alee> whats the raodmap / migration strategy to v2?  whats the role of castellan?
20:34:17 <woodster_> alee: isn't castellan's role settled now?
20:34:31 <alee> what have people done to integrate and waht other ways are people using to integrate?
20:35:42 <alee> but I'll defer to what you guys decide ..
20:36:02 <rellerreller> I feel like we have done that already. Joel gave a talk last time on how to integrate with barbican and castellan.
20:36:05 <redrobot> alee sounds a lot like the talk we gave last summit :)
20:36:42 <elmiko> i have a sahara patch up that uses castellan, trying to get an ffe for it now
20:36:50 <rellerreller> I still think a good topic to discuss but maybe not worth taking the spot of fishbowl or design session.
20:37:10 <elmiko> i'd be willing to share my experiences, time willing
20:37:11 <rellerreller> But I'm up for whatever.
20:37:40 <rellerreller> I do love a good conversation on castellan and content types
20:37:44 <redrobot> lol
20:37:44 <diazjf> elmiko, that would be very helpful
20:38:00 <alee> yeah - fair enough - maybe the second fishbowl is roadmap and integration together
20:38:22 <rellerreller> I would be good with that
20:38:24 <kfarr> Ahh I wish I could be there for the Castellan discussion!
20:38:32 <alee> I just think that might be too much for one session , but we may be able to keep roadmap at high enough level
20:39:23 <redrobot> alee we can call it "Barbican: state of the union" and cover both...
20:39:59 <elmiko> +1
20:40:01 <alee> sure  - as long as we're more specific in the description
20:40:44 <redrobot> ok, sounds like we're in agreement then.  One fishbowl for Federation, and the other for Integration Status and Roadmap
20:41:37 <dave-mccowan> Integration Status and Requirements... let's make sure it sounds like an invitation to new (to us) projects that want a key manager
20:42:50 <redrobot> dave-mccowan sounds good
20:44:02 <redrobot> ok, moving on
20:44:06 <redrobot> #topic Open Discussion
20:44:18 <alee> any magnum foks here?
20:45:20 <alee> redrobot, just wanted to give an update on subcas
20:45:56 <alee> redrobot, looks like we have almost all the required functionality in there -- just a few outstanding issues
20:46:03 <redrobot> alee awesome!
20:46:22 <alee> redrobot, so someone needs to tell the magnum guys that
20:46:47 <dave-mccowan> i'll try to summon one.
20:46:49 <alee> and maybe we should think about doing some kind of build?
20:47:13 <dave-mccowan> Along those lines, what's next for the Liberty release schedule?  Do we need to bug scrub or blueprint scrub?
20:47:51 <redrobot> dave-mccowan https://wiki.openstack.org/wiki/Liberty_Release_Schedule
20:48:09 <redrobot> dave-mccowan release candidates are due in a couple of weeks.
20:48:40 <alee> redrobot, do we have a list of what should be in ?
20:49:05 <redrobot> alee the only FFE is the CAs feature you're working on
20:49:34 <redrobot> it would be good to do some bug squashing though!
20:49:45 <alee> redrobot, ok - I'll put together a list over the next day or so of things that need to  be completed
20:50:09 <alee> dave-mccowan has already voluntered to do at least one of them
20:50:54 <arunkant> redrobot: any idea why barbican is not listed in kilo release notes ..https://wiki.openstack.org/wiki/ReleaseNotes/Kilo ?
20:52:12 <dave-mccowan> there's a bunch of open bugs that are still in undecided/new state.
20:52:32 <redrobot> arunkant no idea...  I can't remember if we were incubated at the time... if so they may not have included us because of that.
20:52:34 <arunkant> redrobot: I was asked this question earlier and did not have answer other than that its not a integrated project?
20:53:53 <redrobot> arunkant I can ask the release managers
20:53:56 <arunkant> redrobot: Okay..so is it going to be included in liberty release notes ?
20:54:08 <redrobot> #action redrobot to ask release managers about Barbican in Kilo release notes
20:54:11 <arunkant> redrobot: okay. thanks
20:54:26 <redrobot> arunkant should be.  We've been included in all the milestone announcements.
20:55:07 <dave-mccowan> Is the PUT container feature desired for Liberty?  Chelsea was working on it last and it was close.
20:56:08 <redrobot> not sure if it's needed or not?
20:56:34 <redrobot> Chelsea's last day at Rackspace was last Friday, so I don't think she'll be doing much work on Barbican going forward
20:57:15 <lisaclark1> dave-mccowan: it's an outstanding feature that would be nice to get landed, but not something critical on our end
20:58:05 <lisaclark1> dave-mccowan: is it something that will take longer to dust off and revive if we hold off too long on picking it back up?
20:59:28 <dave-mccowan> if it's not required, it's better to defer.  but, i think it's about one patch set away from being complete.  target it for Mitaka-1, if a new contributor wants to volunteer?
21:00:03 <redrobot> dave-mccowan yeah, sounds like we can punt to mitaka
21:00:07 <redrobot> ok, we're out of time here
21:00:11 <redrobot> thanks everyone!
21:00:14 <redrobot> #endmeeting