00:01:10 <thinrichs> #startmeeting CongressTeamMeeting 00:01:11 <openstack> Meeting started Thu Oct 15 00:01:10 2015 UTC and is due to finish in 60 minutes. The chair is thinrichs. Information about MeetBot at http://wiki.debian.org/MeetBot. 00:01:12 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 00:01:14 <openstack> The meeting name has been set to 'congressteammeeting' 00:01:20 <thinrichs> Hi all! 00:01:30 <masahito> Hi! 00:01:36 <43UAC07HU> hi 00:01:42 <RuiChen> hi 00:02:24 <pballand> hi 00:02:28 <ramineni> hi 00:03:26 <thinrichs> Here's my agenda today: several short items… 00:03:43 <thinrichs> Liberty, Kilo, Stable maintenance team,… 00:03:56 <shelleea007> hi 00:03:58 <thinrichs> Tokyo summit, master, devstack plugin, ... 00:04:03 <thinrichs> status updates 00:04:08 <thinrichs> Anything else? 00:04:22 <su_zhang> hi 00:04:55 <thinrichs> Okay, then let's get started. 00:05:00 <thinrichs> #topic Liberty 00:05:08 <thinrichs> We officially released liberty today. 00:05:12 <thinrichs> Congratulations everyone! 00:05:50 <thinrichs> Using the new semantic versioning, we're at 2.0.0 00:05:52 <RuiChen> awesome! 00:06:29 <thinrichs> You can see a pretty graph of the series and milestones here: 00:06:31 <thinrichs> #link https://launchpad.net/congress 00:08:11 <thinrichs> This release we cut the stable branch from master earlier than was convenient … 00:08:23 <thinrichs> so that we could continue aggressively developing the distributed architecture. 00:08:40 <thinrichs> That means that we had to backport changes from master to the stable branch moreso than we would typically like. 00:08:53 <thinrichs> But it wasn't too bad. 00:09:12 <thinrichs> Does anyone have any comments/suggestions about improving the release process, or about the liberty cycle in general? 00:10:37 <thinrichs> Feel free to drop me emails or post to the mailing list if anything comes to mind. 00:10:45 <thinrichs> #topic Kilo 00:11:19 <thinrichs> su_zhang: did you get a chance to look into kilo (you had volunteered, correct?)? 00:12:48 <thinrichs> Sorry—I dropped off there for a second. 00:13:00 <thinrichs> su_zhang: you there? 00:13:41 <thinrichs> Maybe we'll come back to kilo. 00:13:46 <thinrichs> #topic Tokyo 00:13:58 <thinrichs> I posted a tentative schedule for Tokyo. 00:14:00 <thinrichs> #link https://wiki.openstack.org/wiki/Design_Summit/Mitaka/Etherpads 00:14:29 <thinrichs> masahito: could you reach out to the OPNFV people to check if that schedule works? 00:14:45 <masahito> thinrichs: sure 00:14:52 <thinrichs> How does the schedule look to everyone? 00:14:58 <thinrichs> masahito: thanks 00:16:05 <thinrichs> Ping me if you have suggestions for schedule changes then. 00:16:17 <thinrichs> #topic Stable maintenance team 00:16:34 <thinrichs> Just a reminder: it'd be good to have a couple of people belong to the stable maintenance team. 00:17:09 <thinrichs> These people will be responsible for keeping the stable branches in shape. 00:17:15 <thinrichs> I'd imagine it'll be low work for us. 00:17:29 <thinrichs> masahito already volunteered. 00:17:32 <thinrichs> masahito: thanks! 00:17:50 <masahito> thinrichs: no problem. 00:18:02 <ramineni> thinrichs: i can also take it up 00:18:19 <thinrichs> ramineni: Great! 00:18:38 <RuiChen> I would like to be a volunteer 00:18:54 <thinrichs> RuiChen: Fantastic! 00:19:10 <thinrichs> That's probably enough. I don't think there'll be a ton of work. 00:19:32 <thinrichs> Of course, anyone who is super-excited can help out as well. 00:19:53 <thinrichs> #topic master 00:19:59 <thinrichs> master was blocked for a couple of days. 00:20:49 <thinrichs> It was a group effort to get it unblocked: zhenzan, yingxin, and ekcs all worked on it 00:21:19 <thinrichs> I think all the weird -1s from both python27 and devstack should be gone now. 00:21:29 <thinrichs> So if you've got errors at this point, they're probably legit 00:22:04 <thinrichs> #topic devstack plugin 00:22:13 <thinrichs> We have a plugin for devstack now in review. 00:22:15 <thinrichs> #link https://review.openstack.org/#/c/233347/ 00:22:33 <thinrichs> This is great! Remember that without it all our gating devstack tests will break at M1 00:23:20 <thinrichs> Let's all make sure to review the code and help venkatamahesh get it in place 00:23:46 <thinrichs> I think that's it for me. 00:23:59 <thinrichs> We finally have time to spend some time with status updates. 00:24:03 <thinrichs> #topic Status 00:24:28 <thinrichs> Going down the list of people I see who have changes in review… 00:24:47 <thinrichs> ekcs: what have you been working on recently? 00:25:29 <ekcs> I’m investigating whether we can migrate to antlr4 00:26:05 <ekcs> comparing that with manually fixing antlr3 generated code for py3 compatibility. 00:26:12 <thinrichs> antlr4 generates python3 code? 00:26:17 <ekcs> yes. 00:27:01 <su_zhang> what's current topic/ 00:27:06 <thinrichs> Have you doubled-checked whether the generated code runs without the antlr3 infrastructure? 00:27:13 <thinrichs> su_zhang: Status updates 00:27:17 <su_zhang> cool 00:27:38 <thinrichs> ekcs: meaning: would it be safe to completely remove antlr3 from the repo and just check in the code it generates? 00:28:36 <ekcs> Still figuring that out. I think we’d then need to use antlr4 runtime in place of antlr3 runtime. the basic architecture hasn’t changed. 00:28:46 <ekcs> generating some code that relies on antlr runtime. 00:29:00 <RuiChen> ekcs: antlr4 is fully compatible with antlr3? 00:29:31 <ekcs> no, but I think for the features we’re using it’ll work without major changes. still investigating. 00:30:03 <ekcs> ie, take essentially the same grammar and let antlr4 generate parser and lexer from it. 00:30:14 <su_zhang> nice. what's the advantage of adopting antlr4 for congress? 00:30:58 <ramineni> su_zhang: its for python3 compatibility for now 00:31:10 <ekcs> 1. the generated code is py3. 2. antlr3 no longer supported. (may not matter to us) 00:31:13 <su_zhang> that's important 00:31:55 <ekcs> One problem: according to the docs antlr4 can generate py3 code OR py2 code. the not the same code. I’ll need to do some testing to figure out if we can get compatibility with both at the same time. 00:32:26 <ekcs> if not, may need to do some conditional code based on version. 00:32:35 <thinrichs> ekcs: Thanks for the update. Let us know if you need anything from us. It'd be great to finish off the antlr3 compatibility. 00:32:51 <thinrichs> ekcs: I don't think OpenStack is going to be backwards compatible with python2 anyway. 00:33:07 <ekcs> ok 00:33:21 <thinrichs> alexsyip: want to give a status update? 00:33:43 <alexsyip> Working on policy and rule synchronization. 00:34:17 <su_zhang> I am working on a datasource_driver of cmdb for congress 00:34:41 <thinrichs> alexsyip: I didn't manage to review your changes today. 00:34:41 <su_zhang> this is the cmdb https://github.com/eBay/YiDB/wiki 00:34:50 <thinrichs> I'll get to it tomorrow hopefully. 00:35:11 <alexsyip> Therey’re not ready yet. 00:35:28 <su_zhang> can we make auth_url as an optional argument for congress datasource? 00:35:31 <thinrichs> alexsyip: got it. 00:35:37 <su_zhang> some of the drivers do not need it. 00:35:47 <su_zhang> for example, the one I am working on 00:36:17 <thinrichs> alexsyip: if you think about it, could you mark them as WIP (-1 on Workflow) so we don't review before they're ready? 00:36:47 <thinrichs> su_zhang: all the config options can be changed by each datasource driver. 00:37:05 <thinrichs> su_zhang: are you asking if auth_url can be made optional by default for all the drivers? 00:37:35 <su_zhang> okay, you mean by default it is required. but I can make it optional within my our driver, right? 00:37:41 <alexsyip> thinrichs: done 00:37:43 <thinrichs> su_zhang: yep 00:37:53 <su_zhang> do you know where to make the change? I am still learning. 00:38:17 <su_zhang> I can use a faked url to get it around and it works fine 00:38:19 <thinrichs> su_zhang: just override (or change) the get_datasource_info method for your driver. 00:38:33 <su_zhang> okay i will look into it 00:38:57 <thinrichs> su_zhang: anything else for your status update? 00:39:11 <thinrichs> alexsyip: thanks! 00:39:28 <su_zhang> I am working on setting up security group management in the demo VM 00:39:57 <su_zhang> but I am swamped recently 00:40:05 <su_zhang> still in progress 00:40:19 <thinrichs> su_zhang: great! I never heard what exactly happened with the demo VM. Do you know? 00:40:45 <su_zhang> it works fine for me. but I cannot launch horizon 00:41:06 <su_zhang> http://paloaltan.net/Congress/Congress_Usecases_Sept_25_2015.ova 00:41:09 <su_zhang> this is the url 00:41:22 <su_zhang> given by Shiv 00:41:36 <thinrichs> Thanks. 00:41:39 <thinrichs> ramineni: want to do a status update? 00:42:02 <ramineni> i had initial patch up for review for row_model 00:42:18 <ramineni> thinrichs: just saw some comments , will have a look at them today 00:42:48 <su_zhang> I am thinking of hooking up https://github.com/ikeydoherty/cve-check-tool with congress. any thoughts? sorry about the interruption 00:43:11 <thinrichs> ramineni: sounds good 00:43:46 <thinrichs> su_zhang: I don't know anything about it. I'd say we want to only have drivers for actively maintained projects. 00:44:18 <thinrichs> su_zhang: That said, having a CVE datasource sounds really useful. 00:44:34 <su_zhang> okay, because the vulnerability/patch management has been mentioned in the several times in the usecase doc 00:44:52 <thinrichs> su_zhang: How does it know what scans to make? 00:44:55 <su_zhang> I think it worth sometime of getting that done 00:45:31 <su_zhang> it check specs against national vulnerability database to locate known vulnerabilities within the target machine 00:45:55 <shelleea007> i'd be interested in assisting with that type of thing 00:46:12 <su_zhang> based on the scan info, we can further decide to patch or not depending on its severity and patch cost. 00:46:33 <su_zhang> shelleea007: did you mean vulnerability scan? 00:46:37 <shelleea007> yes 00:46:42 <su_zhang> I will let you guys know my progress 00:47:06 <shelleea007> anything having to do with security is interesting to me 00:47:32 <su_zhang> thinrichs: btw, you mentioned someone has already been looking into mistral. May I have his contact? 00:47:52 <su_zhang> shelleea007: glad to hear that. it seems like we share same interest. 00:48:03 <thinrichs> su_zhang: no one I know of worked on hooking mistral up directly to Congress. 00:48:11 <su_zhang> shelleea007: let me know whenever you have thoughts of applying security stuff with congress 00:48:29 <su_zhang> thinrichs: okay 00:48:30 <thinrichs> su_zhang: but the HP team that integrated murano and congress hooked up mistral to murano as well, I believe.talked about hooking up murano 00:48:50 <su_zhang> thinrichs: do you know who is the contact person? 00:49:20 <thinrichs> su_zhang: ping me offline and I'll try to dig up the contact info 00:49:23 <shelleea007> i will, right now I am trying to get a feel for it and see how it operates first as I am still somewhat new to Congress 00:49:28 <su_zhang> thinrichs: okay 00:50:06 <thinrichs> shelleea007: one thing you could do is try out the Use Case VM that we're working on. 00:50:25 <su_zhang> did you guys watch this? http://content.mirantis.com/Whats-New-In-OpenStack-Liberty-Thank-You-Page.html?mkt_tok=3RkMMJWWfF9wsRonvqnJZKXonjHpfsX77ewtXLHr08Yy0EZ5VunJEUWy2YEISdQ%2FcOedCQkZHblFnVgNS62nXrkNq60I 00:50:39 <su_zhang> congress is highly recommended by mirantis 00:50:40 <thinrichs> shelleea007: it might get you up and running quickly, and you could give us feedback about how to improve it. 00:50:40 <shelleea007> thinrichs: ok, where can I find that? 00:50:50 <su_zhang> which is a great news! 00:50:55 <shelleea007> ok, definately 00:51:28 <thinrichs> su_zhang: I hadn't seen that. Am now listening to it in the background :) 00:51:33 <thinrichs> pballand: how's the DSE node work coming? 00:51:41 <su_zhang> shelleea007: if possible, let us know if you can lanuch horizon smoothly and how? 00:51:51 <su_zhang> thinrichs: nice 00:52:12 <pballand> still working on setting up testing/examples using the oslo.messaging ‘fake’ driver 00:52:26 <pballand> seems there’s a bug in broadcast delivery inside the fake driver, but still narrowing it down 00:53:02 <shelleea007> alright, I will take a look at that in the next few days and take some notes on what I see 00:53:11 <su_zhang> thinrichs: you can start from 43:38 00:53:29 <thinrichs> pballand: sounds good 00:53:35 <thinrichs> su_zhang: thanks 00:53:56 <pballand> once the test code works standalone (without setting up rabbit or another message service), I think we will be in pretty good shape for the summit 00:53:56 <thinrichs> 7 minutes left.. 00:54:45 <su_zhang> one more thing 00:55:00 <thinrichs> pballand: you mean we'll be able to merge your DSENode, and get everything working before actually turining out rabbit, etc.? 00:55:05 <su_zhang> For example 00:55:05 <su_zhang> P(a, b): - A(a, c), B(b, c). 00:55:05 <su_zhang> How can I ensure 'a' and 'b' are different? 00:55:07 <su_zhang> Does this policy already imply that they are different? 00:55:08 <thinrichs> s/out/on 00:55:09 <su_zhang> Or I need to explicitly indicate that they are different? If so, then how can I do that? 00:55:14 <su_zhang> sry.. 00:55:43 <pballand> thinrichs: without turning on rabbit, we can only communicate within process, so it will only work for test cases 00:55:54 <thinrichs> su_zhang: use 'not eq(a, b)' in the body 00:56:12 <su_zhang> thinrichs: thanks 00:56:40 <thinrichs> pballand: so we can get all the unit tests working. Cool! 00:56:48 <thinrichs> 4 minutes left. 00:57:10 <thinrichs> Anyone else want to give a status update, or discuss anything else? 00:58:33 <RuiChen> thinrichs: su_zhang: I think it should be not equal(a,b) :-) 00:58:57 <thinrichs> RuiChen: I always forget the actual builtin name. Thanks! 00:59:03 <su_zhang> thanks 00:59:21 <RuiChen> welcome 00:59:45 <su_zhang> have you guys seen this? https://blogs.aws.amazon.com/security/post/Tx2XKTVE4JWD0F9/New-Security-Services-Launched-at-AWS-re-Invent-2015-Amazon-Inspector-AWS-WAF-an 00:59:57 <su_zhang> with congress, we can have the same service 01:00:05 <su_zhang> more importantly, it will be FREE!!!! 01:00:21 <shelleea007> +1 01:00:27 <su_zhang> :) 01:00:35 <RuiChen> no special thing from me in this week, do some review and discuss with su_zhang about security group use case. 01:00:44 <RuiChen> update status 01:01:00 <su_zhang> RuiChen: thanks for reviewing my use case 01:01:04 <thinrichs> Notice that ConfigRules is like Congress but uses Lambda functions instead of Datalog. 01:01:08 <thinrichs> We're over time. 01:01:13 <thinrichs> Thanks all! 01:01:17 <thinrichs> #endmeeting