18:00:38 #startmeeting OpenStack Security Group 18:00:39 Meeting started Thu Sep 19 18:00:38 2013 UTC and is due to finish in 60 minutes. The chair is bdpayne. Information about MeetBot at http://wiki.debian.org/MeetBot. 18:00:40 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 18:00:42 The meeting name has been set to 'openstack_security_group' 18:00:53 hi everyone, time for OSSG meeting 18:00:57 hi 18:01:20 do we have others in attendance? 18:01:29 brb 18:01:46 whaddup 18:01:55 yes. 18:01:55 hey there! 18:02:04 ah, hyakuhei nice to see you here :-) 18:02:07 :) I've missed this place 18:02:15 alright, let's begin 18:02:29 #topic Previous Action Items 18:02:47 elo -- greetings 18:02:48 We had a few action items from last week 18:03:11 malini1 any update on the glossary? 18:03:27 malini2 ^^ 18:03:37 Oh yes, I'm happy to review that tomorrow if it's still in review. 18:03:44 * bdpayne gets confused when people change user names :-) 18:03:55 sorry, not had chance to work much on it .. thus no updates to patch 18:03:59 but a little progress 18:04:03 ok 18:04:04 re 18:04:11 same malini .. i must register a nickname 18:04:21 no worries 18:04:34 the other action items were releated to polishing up the wiki page 18:04:39 the how to contribute page 18:04:43 I didn't get to that this week 18:04:50 but, it remains on my todo list 18:05:06 Also, I quick logo update 18:05:07 hyakuhei -- no do not review, we got help from doc folks on how to use the master glossary, now just need to update our chapters to use that 18:05:14 So I had a todo list but I burnt it 18:05:32 oh ok cool, is that documented somewhere nice? I'll contribute where I can 18:05:41 I heard back from the foundation and they have denied our request for an OSSG logo that is a derivative of the OS logo 18:06:09 We can, however, use the OS logo… subject to the normal usage guidelines 18:06:23 So that project has come to a conclusion. 18:06:37 ok, moving on... 18:06:43 #topic Ongoing Work 18:06:46 :( I guess that means we've got freedom to come up with something more creative? Just using the OpenStack logo on it's own isn't very exciting 18:07:04 bdpayne -- they decided this based on our rough draft or after we spent good money to make a fancy logo? 18:07:04 Yes, we could certainly do a completely fresh logo 18:07:15 They decided this on the rough draft 18:07:51 bdpayne -- a tad bit mollified 18:07:52 Personally, I'm a little logo'd out, but it someone else wants to push this effort ahead with another logo design, I'm ok with that 18:08:07 It'd be nice to have _something_ for the summit 18:08:14 but not massively important 18:08:24 I'm ok just using the OS logo 18:08:32 but, that's just me 18:08:51 i am logo-ed out .. we can stick a little lock image on the footer of our presentations 18:09:04 heh 18:09:06 ok 18:09:21 hyakuhei I saw you did some OSSN updating today, care to provide an update here? 18:09:42 may be they felt the original logo becomes "insecure" if we have a "secure" version 18:09:57 There are no more outstanding OSSNs at the moment. Some of them weren't perfect but they'd been in a draft state for far too long 18:10:08 Things I'd like: Someone who can commit to proof reading all OSSNs 18:10:28 Someone to write OSSNs when I'm not around / share the load - We should be publishing more than we are 18:10:34 hyakuhei -- I read all of yours 18:10:39 I still need to go through the security guide and add the OSSN references 18:11:00 Thanks malini2 - the help is appreciated but I'd like to formalize the process a little 18:11:18 hyakuhei you looking for a committed team? 18:11:44 A little more process perhaps, I'd like to not be a single point of failure 18:11:52 other than that I'm looking for ways to speed it up is all 18:11:53 hyakuhei -- I will be out all of November, other than conference, will commit in Jan, I apologize. 18:12:02 Heh 18:12:16 I'll draft something up, it'll be good fodder for the 'get involved' wiki 18:12:24 sounds good 18:12:49 also, there's been some discussion on slides 18:12:59 malini2 care to provide an update there? 18:13:08 i just sent a few of you link to google doc 18:13:22 Sure, whats it in relation to? Did the panel discussion get accepted? 18:13:46 this is the general slide deck for OSSG 18:13:54 Aaaah nice 18:14:01 malini2 care to share the link here? 18:14:20 I remember now. The deck is looking reasonably tidy already, Lots of tidying required and a few gaps but I like the looks of it 18:14:26 or would you like further review first? 18:15:07 "OpenStack is made up of defensible technologes" - That again! 18:15:09 do not know how to share 18:15:22 bdpayne: I completely hold you responsible for that (as your boss isn't here)( 18:15:43 Ahaha. Ok I should read the whole slide - my reply is there. 18:15:48 lol 18:15:49 https://docs.google.com/file/d/0B7YGqQvPhrazaHkxdTVFdmc5UDg/edit?usp=sharing 18:15:55 ^^ link to view the slides 18:15:58 bdpayne: Error: "^" is not a valid command. 18:16:02 taking a look now 18:16:05 sorry Mr Bot 18:16:26 anyway, this is worth reviewing and improving for anyone who is interested 18:16:37 Looks good 18:16:39 the goal here is to have a slide deck that we, as a group, keep up to date 18:16:41 Edit on google docs? 18:16:58 then people could talk openstack security in user groups and such more easily 18:17:02 looks good 18:17:06 direct edits seems fine 18:17:06 :-) thanks bdpayne! networking etc not fleshed out .. the book is loaded with good stuff, but on the bright side I have read book cover to cover 18:17:06 Obviously a lot of work has gone into this already, malini2 was this mainly your effort? 18:17:39 Are you ok with us all diving in and changing things? 18:17:42 yes :-) :-) 18:17:52 and networking adds new services in Havana 18:17:54 thanks malini2! 18:18:02 cutting and pasting nice pictures from git 18:18:03 Superb work! 18:18:24 Do we want crib notes for each slide? 18:18:40 absolutely -- dig in 18:18:42 I think that would be nice 18:18:53 do add crib notes 18:18:53 #action everyone to help review / edit slides 18:19:12 yes… so we all know what are the main points to highligh in each slide... 18:19:22 Ok cool, we'll I'll look to present this at FOSDEM, so I'll put some effort in over the next few months. 18:19:22 any other ongoing work that people would like to discuss? 18:19:46 i thought if we each add a slide or two, this will get done just like the book, and if you do not mind, I will edit, so it does not get too verbose 18:19:58 sounds reasonable 18:20:51 #topic Summit 18:21:05 I'd like to discuss the summit a litlte bit today 18:21:19 I had thought we would know which talks were accepted by now 18:21:28 Looks like that may not happen until next week 18:21:35 Nevertheless… 18:21:46 Is anyone submitting a dev session topic? 18:21:48 Christ. I've got _so_ many things to write! 18:21:56 someone said to me by the 23rd 18:22:20 elo 23rd is what I've heard as welll, for the summit talks 18:22:31 I'm working on Neutron HOL with my coworker 18:22:34 The format of the summit this year is making life hard for security folks 18:22:36 design session submissions are open http://summit.openstack.org/ 18:23:23 I'd like for the OSSG to put together a google doc spreadsheet to track these 18:23:38 As in a security-related list? 18:23:48 listing both summit sessions and -- more importantly -- design sessions that are security relavent 18:23:51 yeah 18:24:09 and then we should aim to get some good coverage from the group in attending the sessions we think are most important 18:24:25 good idea on spreadsheet 18:24:27 there will be too many for any one person to cover 18:24:46 I'm happy to take the lead on putting that together 18:24:55 Are you thinking that we do a roundup afterwards? 18:25:05 #action bdpayne to put together spreadsheet for tracking security related sessions at summit 18:25:12 yes 18:25:17 This scares me: http://summit.openstack.org/cfp/details/45 18:25:27 after the summit, we should sync on what we heard and next steps 18:25:34 we can do that here in these meetings 18:25:36 Sounds good 18:26:21 hyakuhei yeah… there are people pushing lxc as a good (and secure?!?!) alternative to VMs 18:26:26 which is prolematic 18:26:30 *problematic 18:26:47 ok, that's all I have for today… anything else ? 18:26:56 nope. 18:26:59 nope. 18:27:29 yes yes, one more thing. intel has microservers .. say 8 atom servers, while they can run VMs, their best use is low power, high IO etc 18:28:12 at intel idf there was interest in them .. t hey come into the data center .. they will come into cloud and thier performance/watt may make them good bare 18:28:16 metal candidate 18:28:52 interesting, though bare metal scares me 18:28:54 sso we need to watch and guide the LXC/barenetal stuff 18:29:13 agreed 18:29:18 there's a time and place for these solutions 18:29:27 but the security implications aren't obvious to most people 18:29:29 Same for Moonshot I guess 18:29:42 so I think our role is to help provide clarity around that 18:30:07 the microservers came into existence for bing-like workloads .. 18:30:45 will send offline some specs/data so we could discuss next meeting 18:30:51 sounds good, thanks 18:30:59 ok, have a great week everyone 18:31:07 bye 18:31:10 #endmeeting