15:00:10 #startmeeting openstack-helm 15:00:11 Meeting started Tue Sep 22 15:00:10 2020 UTC and is due to finish in 60 minutes. The chair is gagehugo. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:00:12 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:00:14 The meeting name has been set to 'openstack_helm' 15:00:18 #link https://etherpad.opendev.org/p/openstack-helm-weekly-meeting agenda 15:00:20 o/ 15:00:28 \o 15:00:41 o/ 15:00:48 \o 15:05:25 #topic wording changes for docs 15:05:49 megheisler: was this you? 15:05:58 yeah, sorry forgot to put name 15:06:26 no worries 15:06:44 but the Diversity wg had their meeting yesterday where it was discussed that the board is making efforts to change some problematic wording 15:07:01 Is this the email? 15:07:02 http://lists.openstack.org/pipermail/openstack-discuss/2020-September/017375.html 15:07:34 yep! So that meeting happened yesterday 15:08:03 I feel very "divided" on this topic naturally 15:08:03 would this be find-and-replace only? 15:08:21 it's up to individual projects to decide if they're are tackling the issue but we have to evaluate how much effort it takes 15:08:49 If that's the direction the opendev community is going, then we can follow suit 15:09:17 megheisler: is this something you'd be interested in evaluating for OSH? 15:09:31 I honestly have no idea how much we use the terms in that etherpad 15:09:42 yeah, I've started going through things and would be happy to head the effort 15:09:57 cool 15:10:04 awesome 15:10:42 thanks megheisler! 15:10:59 #topic Sync logging values with upstream repos 15:11:17 This ps was put below the agenda for today so I assume someone wants to discuss? 15:11:19 #link https://review.opendev.org/#/c/751896/ 15:12:04 I think we discussed this last week too 15:12:57 looks like it's merged so not sure what else there is to talk about 15:13:18 yeah 15:13:39 Feel free to ping me if anyone wanted to discuss that in #openstack-helm 15:13:46 #topic libvirt TLS 15:13:55 #link https://review.opendev.org/#/c/752125/ 15:14:04 lamt: I am curious about the approach here 15:14:38 I believe an attempt was made a few years ago 15:15:16 to secure the connection and the idea was to use socket instead of http/tcp 15:15:29 I have to find that patch 15:16:03 but there is probably a need to TLS libvirt 15:16:15 or a want 15:16:28 I will have to look at the patch 15:16:33 Yeah, TLS'ing libvirt seems fine 15:16:50 I have concerns about having libvirt use an entirely different mechanism for TLS'ing than the rest of OSH though 15:17:38 I don't see a flag for enabling/disabling it atm 15:17:49 I'll leave a comment on the ps and we can continue conversation there 15:18:11 sure - but one can argue why would we want an insecure deployment at the first place 15:18:33 better performance? 15:18:47 wouldn't using socket be less messy than dealing with all the internal certs? 15:18:54 is there not an existing gate for TLS already? 15:18:56 probably tbh 15:19:14 Andrii has activated one I believe 15:19:23 as experimental 15:19:33 so is there a new to create a seperate gate here? 15:20:00 I think the plan is to enable TLS on the default gates 15:20:06 we need to move to better nodesets however 15:20:21 or... 15:20:22 the 8gb ones seem to be pushed to their limits with TLS on 15:20:28 we fix that multinode gate ;) 15:21:16 That too 15:22:16 Anyway, lets continue the conversation on that ps (and fix the gates too) 15:22:22 #topic open discussion 15:22:28 Anyone have anything else for this week? 15:25:24 thanks everyone, have a good week! 15:25:26 #endmeeting