#openstack-meeting-alt log

16:01:37 <xarses> #startmeeting fuel
16:01:37 <xarses> #chair xarses
16:01:37 <xarses> Todays Agenda:
16:01:37 <xarses> #link https://etherpad.openstack.org/p/fuel-weekly-meeting-agenda
16:01:37 <xarses> Who's here?
16:01:38 <openstack> Meeting started Thu May 26 16:01:37 2016 UTC and is due to finish in 60 minutes.  The chair is xarses. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:01:39 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
16:01:41 <openstack> The meeting name has been set to 'fuel'
16:01:42 <mwhahaha> hi
16:01:42 <kozhukalov> hi
16:01:42 <openstack> Current chairs: xarses
16:01:44 <maximov> hi
16:01:46 <warpc> hi
16:01:46 <ikalnitsky> o/
16:01:47 <agordeev> hi
16:01:52 <fzhadaev> Hi!
16:02:03 <gkibardin> hi
16:02:12 <dpyzhov> hi
16:02:39 <xarses> short agenda today, lets get started
16:02:49 <xarses> #topic 9.0 HCF is coming (dpyzhov)
16:03:13 <dpyzhov> hi
16:03:21 <dpyzhov> my topic was the last one )
16:03:25 <ashtokolov> o/
16:03:38 <dpyzhov> I just want to highlight  that  we have only 2 weeks before hcf
16:04:07 <dpyzhov> and new bugs that are not going to fit into HCF are to be moved to 10.0
16:04:24 <dpyzhov> thats all
16:04:29 <xarses> sounds good, thanks
16:04:37 <xarses> to clarify, thats for 9.0.1
16:04:50 <dpyzhov> yes, exactly
16:05:02 <xarses> thanks
16:05:09 <xarses> #topic Telco Team Status (fzhadaev)
16:05:22 <fzhadaev> Our team continues fixing bugs:
16:05:23 <fzhadaev> * Done from the last update - 7
16:05:23 <fzhadaev> * In progress (in development and on review) - 6
16:05:23 <fzhadaev> Our second activity is scoping features for 10.0.
16:05:23 <fzhadaev> For now there are two features in work: SR-IOV+DPDK and DPDK+VXLAN. There are no BPs for them yet..
16:05:23 <fzhadaev> That's all.
16:06:08 <xarses> are we looking good for closing those before 9.0.1 HCF?
16:06:16 <xarses> the bugs
16:06:31 <fzhadaev> yep. part of them are for 10.0 only
16:06:36 <xarses> ok
16:06:43 <xarses> thanks
16:06:51 <xarses> #topic Toolbox Team status (ashtokolov)
16:06:57 <ashtokolov> Fuel toolbox Team is working on bugs
16:07:04 <ashtokolov> Current status: 16 bugs, all in progress
16:07:10 <ashtokolov> Last 2 weeks status: Income 12 bugs, Outcome: 14 bugs.
16:07:48 <maximov> ashtokolov: are we on track to close all these bugs by HCF ?
16:07:48 <ashtokolov> That's all
16:08:04 <ashtokolov> maximov: yes, we are on track
16:08:26 <maximov> ok
16:08:32 <xarses> any features for 10 yet?
16:08:56 <kozhukalov> not yet
16:09:01 <maximov> not yet I guess
16:09:09 <ashtokolov> we are discussing 10.0 with maximov: kozhukalov
16:09:20 <kozhukalov> definitely newton openstack and ubuntu 16
16:09:54 <xarses> #topic open discuss
16:09:59 <xarses> thats it for the schedule
16:10:09 <mwhahaha> We've got a security related bug that we need to address for 9.0.1, please review https://review.openstack.org/320575 (fuelclient) & https://review.openstack.org/320578 (nailgun) so we can get them backported before HCF. Thanks
16:10:14 <xarses> anything else to raise?
16:10:30 <xarses> thanks mwhahaha
16:11:01 <bookwar_> we have failing UCA deployments for master, are there any plans to look into it?
16:11:07 <mwhahaha> also please review outstanding stuff, there's a bunch of patches that have been sitting for a while now with no reviews
16:11:21 <mattymo> bookwar_, usually QA files bugs
16:11:32 <mattymo> without a duty to report swarm failures, nobody will look
16:11:41 <bookwar_> and developers fix them )
16:12:03 <mattymo> maybe this should get added to SergK's attention as next release manager?
16:12:03 <bookwar_> #link https://ci.fuel-infra.org/view/ISO/job/10.0-community.main.ubuntu.uca_neutron_ha/
16:12:39 <mwhahaha> looks like a qa failure, i'll look into it today
16:13:08 <bookwar_> mwhahaha: thanks
16:13:34 <mattymo> mwhahaha, indeed. deploy passed and ostf, just the package check failed
16:13:45 <mattymo> should be 1 or 2 lines to fix
16:13:52 <mwhahaha> yea, i'll get something proposed
16:14:14 <mwhahaha> we do need some bug/visibility on those job failures
16:14:33 <mihgen> mwhahaha: regarding /api/version, it was designed to be left open
16:14:39 <mihgen> I don't remember why though
16:14:47 <mwhahaha> for auth required
16:14:51 <vkramskikh> mwhahaha: as for you security patch, quite large UI patch will be required. we'll take care of this
16:14:52 <mwhahaha> which can be handled by checking for a 401
16:15:18 <mwhahaha> vkramskikh: ok let me know if i can help in anyway
16:15:18 <mihgen> I'd be careful with the patch, as I suspect that something may break..
16:15:23 <mattymo> mwhahaha, but keystone is auth
16:15:26 <mihgen> like qa scripts
16:15:37 <vkramskikh> i don't remember why it was needed, but i recall i'll tell you. for now id on't see any obstacles
16:15:49 <mwhahaha> the problem is version info leakage, so it's a requirment not to expose version info
16:16:16 <mattymo> security through obscurity afaik isn't really a fix
16:16:22 <mattymo> but security testers love it
16:16:23 * mwhahaha doesn't make the rules
16:16:30 <mwhahaha> i also agree
16:17:07 <mattymo> a trained attacker will figure out how to find the version
16:17:20 <vkramskikh> I know at least one thing which relies on open /api/version - fake nailgun scripts which detect if nailgun is started by polling /api/version
16:17:34 <vkramskikh> you got -1 from CI because of this
16:18:10 <xarses> it checks some box in the security scan, so we will need it if we like it or no
16:18:29 <mwhahaha> sounds like we need a health check url that doesn't contain any version info
16:18:36 <mwhahaha> perhaps /api/healthcheck ?
16:18:55 <mwhahaha> that can be open that just returns an OK or something to that effect
16:19:00 <vkramskikh> i think just / would be fine
16:19:25 <xarses> i was thinking that
16:19:38 <vkramskikh> unless we want to remove static handler from nailgun which isn't actually needed anymore
16:19:56 <mwhahaha> i think the health check would be useful if it did some connectivity tests like a db check
16:21:09 <mwhahaha> anyway, we can take it to the reviews
16:21:21 <xarses> anything else?
16:21:34 <xarses> otherwise I will close the meeting
16:21:44 <mattymo> mwhahaha, it should be inexpensive when possible.. though an authenticated check that verifies db connectivty is also useful
16:21:58 <mattymo> xarses, I have nothing more
16:22:39 <xarses> thanks everyone have a good week
16:22:45 <xarses> #endmeeting