#openstack-meeting log

00:01:05 <ekcs> #startmeeting congressteammeeting
00:01:06 <openstack> Meeting started Thu Mar  9 00:01:05 2017 UTC and is due to finish in 60 minutes.  The chair is ekcs. Information about MeetBot at http://wiki.debian.org/MeetBot.
00:01:07 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
00:01:09 <openstack> The meeting name has been set to 'congressteammeeting'
00:01:27 <masahito> hello
00:01:32 <thinrichs> hi all
00:01:32 <ekcs> hi all. hope it’s been a good week so far!
00:01:44 <aimeeu> greetings!
00:02:28 <ekcs> Here are the topics on deck for today. I’ll give everyone a couple minutes to look over and add anything else
00:02:34 <ekcs> #link https://etherpad.openstack.org/p/congress-meeting-topics
00:04:41 <ekcs> ok let’s get started then =)
00:05:01 <ekcs> #topic policy library
00:06:00 <thinrichs> I made some progress on the policy library.
00:06:03 <thinrichs> Let me dig up the link.
00:06:25 <thinrichs> https://docs.google.com/document/d/12f1VciulhT9yCYOc7jiulGiLT-tFpffLxNOpr-2QX2I/edit
00:06:26 <ekcs> great.
00:06:28 <thinrichs> Can people see that?
00:07:18 <ekcs> yup.
00:07:37 <thinrichs> I just wanted to get something started so took AT&T's policies and put them into the doc.
00:07:45 <masahito> I can see
00:08:32 <ekcs> that’s great.
00:08:44 <ekcs> I added a section on rules similar to AWS.
00:08:54 <ekcs> https://docs.google.com/document/d/12f1VciulhT9yCYOc7jiulGiLT-tFpffLxNOpr-2QX2I/edit#heading=h.rw4lcq2348oz
00:09:26 <thinrichs> I think some of those policies we can include in the API.
00:09:33 <thinrichs> As they are.
00:09:50 <thinrichs> If the policy isn't exactly what the user wants, they can go in and edit the policy.
00:10:20 <thinrichs> In the UI, it would be somewhat easy to give people a text-box to go and edit the entire policy at once (instead of one rule at a time).
00:11:01 <ekcs> makes sense.
00:11:06 <thinrichs> In the API/CLI I'd think we'd want to add a way for people to submit an entire YAML file (that is described at the top of the googledoc) so they can edit an entire policy at once (instead of one rule at a time).
00:11:44 <thinrichs> The API/CLI could be almost (i) show/download a YAML file from the library and (ii) upload a YAML file describing a policy.
00:13:08 <ekcs> seems like a good workflow.
00:13:34 <ekcs> aimeeu and bryan_att if you’re around, does that workflow make sense from your perspectiveL
00:14:21 <aimeeu> yes for me - bryan is  on vacation so I'll say yes from him as well
00:14:31 <ekcs> haha ok great.
00:15:29 <ekcs> any thoughts on how the libarry would be shipped? as yaml files to be loaded by the user?
00:15:56 <aimeeu> that's a possibility
00:16:24 <thinrichs> Maybe a directory of yaml files that get loaded on startup automatically (configurable, of course)?
00:17:30 <ekcs> makes sense. maybe also an addition to API/CLI/GUI loading from that special directory.
00:17:54 <thinrichs> We could also have full CRUD in the API for the library, so that people could load their own policies into it.
00:17:55 <ekcs> s/loading/for loading
00:19:03 <ekcs> interesting. that could be useful for supporting the modular policy use case bryan_att mentioned. without needing to enable/disable policies.
00:20:04 <ekcs> glad we’re making good progress on this front. policy library might be the most important feature for P release.
00:20:10 <aimeeu> I think being able to upload a policy in YAML format is important.
00:20:38 <thinrichs> Once there is full CRUD for a /library endpoint, then everyone could build up their own library for users.  And we could have a simple script loading a directory of YAML files from a config directory (at least for devstack).
00:20:51 <aimeeu> I'm still trying to track down what OpenECOMP (now ONAP) does but I'm pretty sure it involves YAML
00:21:01 <ekcs> specifically YAML being imporltant? or some kind of file?
00:21:15 <thinrichs> Looking at some of those policies in the google doc, I started to think it'll be hard to just enable/disable them.
00:21:17 <ekcs> I’m thinking about YAML vs the JSON format masahito used.
00:21:29 <aimeeu> policy being written to a YAML file that can be consumed by policy engines (but don't quote me on that)
00:21:36 <thinrichs> There are too many details that a user would want to change.
00:22:08 <thinrichs> Whether YAML or JSON is probably not so important.  YAML is definitely better for people.  JSON is probably better for machines.
00:22:36 <ekcs> thinrichs: yes some of them may be too specific. like the naming of security groups. but they can be adapted so that the special security groups are identified by a new table rather than by name.
00:23:04 <thinrichs> Right.
00:23:15 <ekcs> for example, the dmz related policy may have a table that identifies a list of security groups as “dmz”
00:23:34 <thinrichs> What I'm really thinking though is that for those policies that do remediation, you wouldn't want to just Activate them before making modifications.
00:24:22 <ekcs> thinrichs: hmm true. I guess I’ve been thinking mostly monitoring. I wonder if it makes sense to enable/disable execution by policy.
00:24:30 <thinrichs> And since the common case is that people will be modifying the policies before activating them, a workflow where we just provide (i) a library of examples and (ii) a simple way to upload entire poolicies make sense.
00:24:43 <ekcs> so one can import policy and see results, before allowing actions.
00:25:47 <thinrichs> Longer term I could see more sophisticated functionality like having a bit on every policy that determines whether or not to obey 'execute[]
00:26:26 <ekcs> thinrichs: makes sense.
00:26:28 <thinrichs> But short term the library + upload functionality is both easy to build and gets to the heart of the problem
00:27:05 <ekcs> thinrichs: maybe you could add some of these tentative conclusions to the doc?
00:27:14 <thinrichs> Yep
00:27:32 <ekcs> awesome. we should probably move on to other topics =)
00:27:52 <ekcs> but let’s definitely keep prioritizing policy lib
00:28:07 <ekcs> #topic angular.js
00:28:19 <ekcs> ramineni_: would you like to talk about angular.js?
00:28:36 <ramineni_1> ekcs: hi
00:28:54 <ekcs> hi ramineni_1
00:29:35 <ekcs> we could skip it if it’s not important for right now.
00:29:53 <ramineni_1> ekcs: actually , i dont know much about angular js, just heard its better than django and everyone moving onto it
00:30:25 <ramineni_1> ekcs: just added that topic, if anyone has more idea to it..can discuss
00:31:30 <ekcs> ok I see. anyone have thoughts about angular.js? I don’t know much about it. but I did hear from david lyle it supports some active things.
00:32:22 <mordred> angular is what people have been using for web uis
00:32:34 <mordred> with normal REST services on the backend
00:32:46 <masahito> Horizon will stop to support django?
00:32:49 <mordred> the pattern exists in a few different openstack projects
00:33:04 <mordred> I'm not sure if horizon will ever be able to delete django
00:33:16 <aimeeu> mordred do you know which projects use angular.js?
00:33:34 <mordred> but it's the only place that's really doing any django things, and since the rest of openstack are REST API services, just putting a pure client-side UI on top of them makes a lot of sense
00:33:58 <mordred> aimeeu: I know horizon and storyboard. for a while someone was working on an ironic ui, but I'm not sure where that's at
00:34:13 <aimeeu> thanks mordred
00:34:21 <ekcs> thanks mordred !
00:34:23 <mordred> I know if I was going to be spinning up a new web ui in any way in openstack, I'd focus on client-side javascript on top of backend REST service
00:34:28 <mordred> sure!
00:34:32 * mordred crawls back into his hole
00:34:56 * aimeeu aimeeu chuckles at modred's comment
00:35:25 <mordred> http://git.openstack.org/cgit/openstack-infra/storyboard-webclient http://git.openstack.org/cgit/openstack/ironic-ui for some examples ...
00:36:12 <ekcs> haha ok then. seems like a good long term thing.
00:36:17 <ekcs> thanks for the references mordred
00:36:55 <mordred> sure nuff!
00:37:22 <ekcs> if/when we get around to doing notifications on UI, or investing any major time adding to the current UI, we’d probably want to study it some more.
00:37:34 <ekcs> let’s move on then if we’re done with this topic for now.
00:38:05 <ekcs> #topic tempest plugin
00:38:19 <ekcs> ramineni_1: would you like to fill us in on this topic?
00:38:50 <ramineni_1> ekcs: sure
00:39:03 <ramineni_1> ekcs: its basically regarding the comment here https://review.openstack.org/#/c/441798/
00:40:00 <ramineni_1> ekcs: there seems to be couple of tempest changes , which affects the gate , needs to be backported to all branches as tempest is branch less
00:40:42 <ramineni_1> ekcs: one idea from tempest folks to avoid that is..make congress tempest_plugin seperate repo and make it branchless as tempest
00:42:18 <ekcs> I see. so roughly speaking, which files would go into the new repo?
00:42:51 <ramineni_1> ekcs: i am thinking, may be if we could do that, it will avoid stable branch failures as we may run both jobs (stable/master) on that new repo , so any change in tempest, we have idea if breaking stable branch also
00:42:53 <ekcs> the whole congress_tempest_tests directory? or only part?
00:42:57 <ramineni_1> ekcs: yes
00:43:05 <ramineni_1> i think whole
00:43:19 <masahito> Can't we specify release tag or something in gate job for stable branch?
00:43:57 <ekcs> tempest doesn’t maintain stable branches it seems.
00:44:16 <ramineni_1> masahito: im not sure, if we could do that..it would be good
00:44:37 <ekcs> masahito: oh I see. use release tag instead of stable branch.
00:45:07 <masahito> ekcs: ramineni_1: yes. I can see release tag like 15.0.0.
00:45:40 <masahito> if we can use it we don't need the new repo.
00:45:53 <ramineni_1> masahito: yes
00:47:00 <ekcs_> My laptop froze. On my phone now.
00:47:10 <ramineni_1> masahito: we need to check if its possible to add that in infra/tests ..
00:47:20 <ramineni_1> somehow
00:49:28 <masahito> ekcs_: it's good to move on to next?
00:49:56 <masahito> ekcs_: I think typing on a phone is hard
00:50:00 <ekcs_> Great let's move on then. Sounds like something we can follow up on if someone wants to gather more information and make a recommendation.
00:51:40 <ekcs_> So remaining topics:
00:51:47 <ekcs_> Horizon dashboard project
00:52:02 <ekcs_> Any discussion we may want to have about pike tasks
00:52:19 <ekcs_> And open discussion if anyone has something to talk about.
00:54:02 <ekcs> ok sorry I’m back. 5 minutes left.
00:54:13 <ramineni_1> ekcs_: its fyi mainly, congress_dashboard project is created now .. https://github.com/openstack/congress-dashboard
00:54:13 <ekcs> #topic open discussion
00:54:35 <ramineni_1> will copy the folder onto new project this week..may be
00:54:49 <ekcs> great!
00:55:13 <masahito> nice
00:55:50 <ekcs> open discusion item: anyone understand this patch? https://review.openstack.org/#/c/441864/
00:57:46 <aimeeu> I don't. I was going to ask for a better commit message but got distracted
00:58:00 <thinrichs> Looks like they're removin a css class from that button.  Anyone know what that class does?
00:58:10 <ramineni_1> ekcs: no , not sure what it is fixing actually
00:58:12 <ekcs> it’s removing the close class from a button. not totally sure what the problem is.
00:58:31 <ekcs> ok then. guess we can ask for more info.
00:58:37 <ekcs> thanks!
00:58:41 <ekcs> 2 minutes left.
01:00:23 <ekcs> ok then! great progress this week with policy lib and dashboard project. see you guys next week!
01:00:57 <masahito> thanks
01:01:05 <ekcs> #endmeeting