21:00:46 <oneswig> #startmeeting scientific-sig 21:00:47 <openstack> Meeting started Tue May 26 21:00:46 2020 UTC and is due to finish in 60 minutes. The chair is oneswig. Information about MeetBot at http://wiki.debian.org/MeetBot. 21:00:48 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 21:00:50 <openstack> The meeting name has been set to 'scientific_sig' 21:00:56 <oneswig> Let's roll 21:01:10 <oneswig> hi all 21:01:33 <trandles> Hi there 21:01:48 <oneswig> hi trandles 21:03:26 <oneswig> Sad to see the news about Rich Brueckner 21:03:36 <trandles> That came as a shock. 21:03:51 <rbudden> hello 21:03:56 <oneswig> hi rbudden 21:04:14 <martial> Hello :) 21:04:34 <oneswig> Hi martial 21:04:37 <oneswig> #chair martial 21:04:39 <openstack> Current chairs: martial oneswig 21:05:51 <oneswig> I am not sure I ever spoke to Rich but I saw him around, he seemed to be at all the conferences. Which must have been hard work for him. 21:07:23 <oneswig> OK I think we should cover PTG planning. 21:07:35 <oneswig> #topic ptg planning 21:08:03 <oneswig> We have two hours earlier and two hours later next Tuesday. 21:08:18 <oneswig> brb 21:10:13 <oneswig> I think this is an opportunity to try and fix some pain points, or at least spend a couple of hours actually moving them forwards 21:10:36 <martial> logistic wise, what time did we get? 21:10:42 <trandles> What specifically are the hot topic items? 21:11:20 <martial> are we setting up any additional tools to work with the remote teams? 21:11:51 <oneswig> I'll get the times, 1 sec 21:12:37 <oneswig> #link ptg schedule https://object-storage-ca-ymq-1.vexxhost.net/swift/v1/6e4619c416ff4bd19e1c087f27a43eea/www-assets-prod/ptg/PTG2020-Schedule.pdf 21:13:00 <trandles> I see that the Vancouver link on the openstack site now goes to a different opendev 3-part series rather than next week's PTG 21:13:40 <oneswig> Kick-off for us is 2 hours on Tuesday 15:00 UTC, then back for 2 more hours at 2100 UTC (this time) 21:14:15 <oneswig> Apologies, it's Monday, not Tuesday 21:14:17 <oneswig> My mistake 21:15:00 <trandles> Good times for me, 0900-1100 and 1500-1700 :D 21:16:04 <diablo_rojo_phon> trandles: try openstack.org/ptg 21:16:07 <janders> the second time slot is a life-saver for my timezone :) 21:16:47 <trandles> diablo_rojo_phon, +1 Thanks! 21:17:28 <oneswig> We aim to please trandles janders, over here the second slot is almost too late for the virtual beer Tim suggested :-) 21:17:53 <oneswig> But I'm sure I'll cope... 21:19:03 <martial> or too early :) 21:20:00 <oneswig> Are people happy with a Zoom session or is there a need for something else? 21:20:37 <trandles> I'm allowed to do zoom as long as web browser is supported. I've had vendors require the app and that's verboten on my work computer. 21:21:03 <rbudden> ditto here 21:22:16 <martial> diablo_rojo_phon: asking you re the above? 21:22:28 <martial> tim/bob: anything else you can use? 21:22:50 <trandles> Skype, Webex, bluejeans, google meet...pretty much anything but zoom 21:23:51 <rbudden> I can fire up the personal laptop if itโs easier, but yeah, as trandles said, itโs largely anything but Zoom 21:24:08 <martial> I can set a Google Meet if needed 21:24:52 <trandles> I can steal Lucy's laptop for zoom if that's easier for everyone else. 21:25:18 <martial> Kendall sent us a link last week about https://meetpad.opendev.org/ 21:25:39 <martial> that uses "Jitsi" 21:26:43 <martial> give me a sec, to set up both google meet 21:27:21 <trandles> I'll just use Lucy's laptop. My laptop has had the camera and microphone hardware destroyed so I'd also have to be able to call in using a phone. 21:27:49 <trandles> I have workarounds, pick something everyone else is happy with. 21:28:24 <diablo_rojo_phon> You are welcome to use meetpad too it's just more experimental. We tried to stick to options that fit our requirements. 21:28:48 <diablo_rojo_phon> And tried to narrow options so we can have a more cohesive event. 21:29:33 <oneswig> Hopefully we will settle on something that works quickly but it's going to be hard to do in advance unless the people who need to fall back to BYOD 21:31:01 <diablo_rojo_phon> We'll have details out in the next day or two for testing zoom. Meetpad is available for testing now. 21:31:03 <martial> Google Meet setup ... up to 250 people 21:31:34 <diablo_rojo_phon> Be aware that using Google meet will keep anyone from China from being able to participate. 21:32:17 <trandles> The Venn diagram of conferencing tools and countries has a big hole in the middle of it. :P 21:32:36 <diablo_rojo_phon> Zoom works in China which is why we selected it. 21:32:46 <diablo_rojo_phon> Meetpad does as well. 21:33:40 <martial> Tim and Stig should have received the first invite but if I did it right 1100-1300 EST ( 1500-1700 UTC) 21:34:10 <martial> I have a link if we decide to us it 21:34:18 <trandles> IIRC Zoom doesn't work from India 21:34:19 <martial> (Setting up No 2) 21:35:26 <diablo_rojo_phon> It is available as far as I know, it's just noted that it shouldn't be used by government officials. 21:35:38 <diablo_rojo_phon> But I'd argue Google meet shouldn't either ;) 21:36:21 <trandles> Got the invites martial 21:36:27 <martial> 2/2 setup 21:37:26 <martial> Stig, what do you think re: Google Meet vs ... 21:37:39 <oneswig> thanks diablo_rojo_phon - hard to please the entire world it seems 21:37:55 <martial> thanks Kendall, sorry for the chaos :) 21:38:48 <diablo_rojo_phon> It's alright. We knew there would be a lot of debate, just trying to help people understand why we made the decisions we did. Open communication and all that :) 21:39:27 <martial> ๐ 21:39:27 <oneswig> martial: we use google meet for our work, it functions. Zoom is better. If trandles and rbudden can source hardware that works, I'm in favour of sticking with the zoom for the virtual room. 21:40:01 <oneswig> But if they can't I'm in favour of providing an alternative 21:40:13 <trandles> oneswig, martial I can get a non-work laptop to use 21:40:17 <martial> kendall: they said they can join zoom "as long as they can join from the web browser" 21:40:24 <martial> how can we test? 21:40:33 <jmlowe> I'm good with whatever 21:41:03 <diablo_rojo_phon> I'll get the link and details out tomorrow martial we are configuring everything and doing our own testing today. 21:41:12 <martial> perfect 21:41:30 <martial> Stig, let's test tomorrow and then we can see what works :) 21:41:49 <martial> Thanks Kendall :) 21:42:02 <oneswig> In the manner of dining philosophers we are focusing on the cutlery rather than the main event :-) 21:42:16 <martial> true :) 21:42:18 <trandles> I'm available to test if it'll help. martial or oneswig can ping me on slack when it's time 21:42:32 <oneswig> thanks trandles that would be good 21:42:59 <oneswig> trandles: what's in your in-tray for Ironic these days? 21:43:18 <rbudden> iโm happy to test as well if needed 21:43:39 <trandles> Getting back to working with Ironic would be great. I need to find the time. It looks like we'll be making an offer for our cloud architect position soon so hopefully that frees me up some to work on other things. 21:43:49 <oneswig> I think I will bring the exercise of getting my efforts on vf-lag into the open. 21:44:11 <trandles> oneswig, has Kitrick done anything with Ironic recently? 21:45:02 <oneswig> trandles: not specifically on Ironic but he's got a few things going on. Some of this work with SDN and RDMA has him behind it. 21:46:37 <oneswig> trandles: did you ever get the Ironic boot-to-ramdisk into service? 21:47:17 <trandles> Got 90% of the way there. I had issues with my image and not necessarily with Ironic. In the midst of debugging I ran out of time 21:48:03 <oneswig> I see the PTG as the place for that kind of rainy-day activity 21:48:22 <janders> interesting! :) are there any publicly available resources on the SDN/RDMA work mentioned? 21:48:42 <janders> I also have an AOB question: 21:48:54 <oneswig> janders: no alas, but perhaps that can be fixed. 21:49:06 <trandles> Do we have a sense of how well the Scientific SIG has been able to influence things to address our specific concerns? 21:49:24 <janders> do any of you have experience HPC-aware security auditors? 21:50:11 <oneswig> hot topic right now! 21:50:47 <janders> we're looking at improving our security posture across the board and the guys we're working with are good with enterprise but some of their ideas are really causing havoc on the HPC side 21:50:51 <oneswig> trandles: depends on the project but the Ironic team I think have been really receptive 21:50:59 <trandles> oneswig, I agree 21:51:10 <trandles> I haven't held up my end of that relationship 21:51:29 <martial> Stig: we can jump on their PTG too to discuss this :) 21:51:35 <janders> +1 for Ironic guys taking our feedback on board 21:52:11 <oneswig> There's been a few cores/ptls from different projects who have joined the discussion here, and I think that is great. 21:52:25 <trandles> janders, perpetual problem. We've had success hiring an enterprise security guy, training him up on HPC, and having him interface with auditors. 21:52:29 <martial> ๐ go OpenStack teams! 21:53:30 <oneswig> janders: Is your team ISO27001 certified? If not you're at risk of your consultants advising that as low-hanging fruit. You'll want more than that from the fee. 21:54:07 <janders> no, we are not 21:54:57 <janders> yeah I was thinking if we can find an organisation which specialises in designing HPC systems with security in mind we'll get heaps more value out of that 21:55:11 <janders> so I was wondering if any of you ever worked with anyone like that 21:57:09 <oneswig> The UK national tier-1 Cray system (ARCHER) was affected in the recent issues with ssh vulnerabilities. 21:58:06 <oneswig> ... along with plenty of others. The people who didn't get hit are those who assiduously patch their systems. 21:59:18 <janders> true - yet on the other hand many HPC bits aren't really designed with this in mind 21:59:42 <janders> rolling updates occasionally break certain jobs 21:59:46 <martial> running low on time, so plan for tomorrow is after we get the zoom info to test it out with tim 21:59:47 <trandles> I wonder when folks will start disallowing key-based authentication? 22:00:11 <oneswig> <discuss for 60 seconds or less...> 22:00:20 <janders> I wonder what hardening-friendly cluster management solutions are out there 22:00:26 <janders> I suppose that's something for another time 22:00:28 <oneswig> ah, time's up :-) 22:00:29 <janders> thanks all! :) 22:00:41 <trandles> Monday! 22:00:43 <oneswig> But this is another interesting topic for next week, perhaps! 22:00:52 <oneswig> See y'all on Monday 22:00:55 <oneswig> #endmeeting