#openstack-meeting-alt log

17:01:38 <hyakuhei> #startmeeting security
17:01:39 <openstack> Meeting started Thu Dec 15 17:01:38 2016 UTC and is due to finish in 60 minutes.  The chair is hyakuhei. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:01:40 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
17:01:42 <openstack> The meeting name has been set to 'security'
17:01:48 <lhinds> o/
17:01:49 <singlethink> o/
17:01:58 <hyakuhei> Hi all, sorry for the delay, my bouncer died and that took me a second to figure out :)
17:02:00 <tkelsey> ol
17:02:05 <mdong> o/
17:02:06 <capnoday> o/
17:02:10 <tkelsey> *o/
17:02:11 <vds> o/
17:02:19 <knangia> o/
17:02:33 <unrahul> o/
17:02:54 <hyakuhei> I don't think a huge amount has happened but the standing agenda, as always, is here: #link https://etherpad.openstack.org/p/security-agenda
17:03:41 <hyakuhei> ok, lets crack on then :)
17:03:46 <hyakuhei> #topic Syntribos
17:03:51 <hyakuhei> How's it going guys?
17:04:03 <unrahul> hey guys
17:04:06 <lhinds> good thanks hyakuhei
17:04:40 <unrahul> so we are still continuing testing of swift this week as well, mostly tyring to DoS swift by writing large amount of data
17:04:51 <unrahul> deleting , writing at the same time .. and things of that sort..
17:04:59 <mdong> they sent us a list of fun things to try
17:05:16 <unrahul> we are also working on redesigning the parser , I think mdong just pushed a patch for it
17:05:21 <unrahul> yup.. indeed they did..
17:05:39 <unrahul> the swift team here at OSIC has helped us identifying possible places where we should look at
17:05:41 <notmyname> unrahul: what are you expecting to find with large amounts of read/write to swift? (or where's the better channel to ask this if not here in the meeting)
17:06:08 <unrahul> pdardeau , ntata etc of the swift team
17:06:45 <unrahul> well we are trying to see if the proxy would be able to handle it.. and will there be delays or when we try to write files with null characters if things work okay etc
17:07:09 <singlethink> Are you checking the consistency of the resulting objects?  Or is that out of scope?
17:07:16 <unrahul> notmyname:  basically a set of smoke tests to identify if everything would work as normal..
17:07:25 <unrahul> singlethink:  consistency in what way..?
17:07:48 <singlethink> if I write, then delete, then read the object shouldn't be there
17:07:51 <unrahul> like if the file md5s remains the same?
17:07:51 <singlethink> that sort of stuff
17:07:55 <unrahul> yup..
17:07:56 <singlethink> that too
17:08:30 <unrahul> we are trying things like that, create delete, then try to read.. and if we create a lot of containers and delete them and at the same time write to it.. if things go haywire..
17:08:40 <singlethink> cool
17:09:12 <notmyname> http://lists.openstack.org/pipermail/openstack/2016-December/018132.html would be a good overview of what to expect and not expect
17:09:43 <unrahul> thanks notmyname  we shall go through it..
17:10:03 <unrahul> if there is anything else you guys are curious about regarding swift,.. we could try and test it.. as well.
17:10:05 <notmyname> also, you might what to look at swift's probe tests which are set up to test this exact sort of thing, albeit in a very controlled way. it's very difficult to test edge cases in swift when you're treating it like a black box
17:10:16 <hyakuhei> That's a nicely written email
17:10:20 <notmyname> thanks
17:10:27 <hyakuhei> Though a tldr might have helped :P
17:10:28 <unrahul> other than that.. we are also trying to test the ACL controls of swift as well.. lets see if something comes up..
17:11:05 <unrahul> notmyname:  thats a detailed email.. thank you for the link :)
17:11:25 <notmyname> unrahul: lol, I thought I glossed over all of the real details ;-)
17:11:25 <unrahul> thats it from us.. mdong  anything else?
17:12:24 <hyakuhei> You guys have discussed what your releases are going to look line in terms of lining up with community expectations right? I'm sure we covered that in one of those meetings where I was trying to do too many things at once
17:13:51 <hyakuhei> I'll take that as a yes I guess :)
17:13:57 <unrahul> ehh.. hyakuhei  yes.. So this time, we are trying to push the major patch of simplifying templates and writing some smoke tests, fixing bugs.. if there is time, request chaning
17:14:00 <unrahul> as well..
17:14:11 <unrahul> is that what you had in mind?
17:14:38 <mdong> I think the answer is a no. Which meeting was this discussed in? I must’ve missed it personally
17:15:08 <unrahul> we had said what we would be doing this cycle.. a few meetings back..
17:15:35 <unrahul> but I am not sure if there is anything else, like a mailing list summary that we have to give..hyakuhei ?
17:15:55 <hyakuhei> We don't need to do that, just making sure we follow the release schedule, milestones etc.
17:17:02 <unrahul> We are releasing out of cycle for now, should we try to release the new version along with the cycle.. from next time.., I think out of cycle release would help us a little bit..
17:18:03 <hyakuhei> Seems reasonable
17:18:10 <unrahul> As we are using a lot of openstack clients in our extensions.. we could help from waiting for them to be released and if there are no bugs, release syntribos then..
17:18:12 <hyakuhei> So long as that's communicated in the appropriate way
17:19:15 <unrahul> we could add this in our release note, when we release next time, that we are following this out of cycle release, because of these .. things..
17:19:41 <hyakuhei> That sounds reasonable, I'm sure there's an #openstack-thing that we can do to say we're not in the normal release cycle
17:19:48 <hyakuhei> @fungi might know
17:20:43 <unrahul> yup..we shall talk to @fungi , thanks hyakuhei
17:20:48 <fungi> catching up
17:21:20 <hyakuhei> hey @fungi we're making a bigger effort to look and smell like any other OpenStack project
17:21:33 <hyakuhei> the Syntribos team doesn't currently follow the release cycle
17:21:33 <fungi> oh, right that used to be handled with governance tags on each deliverable, but is tracked with metadata in teh releases repo since a month or two ago
17:21:45 * fungi find link for you
17:21:46 <hyakuhei> I knew something had changed recently... thanks @fungi
17:22:15 <hyakuhei> neither does the bandit or anchor teams of course.
17:22:48 <fungi> looks like it gets reflected in http://git.openstack.org/cgit/openstack/releases/tree/deliverables/ocata
17:22:57 <hyakuhei> Excellent, thank you @fungi
17:23:16 <hyakuhei> ok I think we are ready to move on, thanks for coming by fungi
17:23:23 <hyakuhei> #topic OSSN
17:23:25 <fungi> right now you have http://git.openstack.org/cgit/openstack/releases/tree/deliverables/_independent/syntribos.yaml
17:23:49 <fungi> you're welcome, always happy to help
17:24:21 <hyakuhei> lhinds lets talk OSSN
17:24:45 <unrahul> thanks fungi
17:25:00 <lhinds> k.
17:25:15 <lhinds> one is out on embargo, public next week (one of yours hyakuhei)
17:25:23 <hyakuhei> finally :)
17:25:46 <lhinds> that leaves two outstanding..one is for you hyakuhei (the other nova one) which is almost ready to go.
17:26:01 <lhinds> take a look if you can at my last comment, we might be able to get that one out to then.
17:26:24 <lhinds> the other remaining ossn is against travis, who I guess is on PTO atm.
17:26:46 <hyakuhei> Yeah, is it something I could help with lhinds ?
17:27:32 <lhinds> sure, please take a look at the last one against you set to 'new'
17:27:46 <lhinds> tristian just made a commment
17:28:03 <lhinds> but most of the draft is there, so should just need a minor poke to get it out.
17:28:19 <lhinds> I will chase up the other note with tmcpeak when he returns.
17:28:56 <hyakuhei> ok I'll take a look shortly
17:29:06 <lhinds> thx!
17:29:16 <lhinds> that;s it for now, can move to the next item.
17:29:54 <hyakuhei> ok, next item is.... blog
17:29:56 <hyakuhei> #topic Blog
17:30:06 <hyakuhei> Just some encouragement here for people to contribute
17:30:10 <hyakuhei> Including me
17:30:20 <hyakuhei> Who's been very bad at not delivering on the LF badge posting
17:30:38 <lhinds> I will try to do some more, I need to fix up my post, I reverted it as the date was wrong.
17:31:07 <hyakuhei> Ah righto
17:31:19 <hyakuhei> do we have capnoday with us?
17:31:25 <capnoday> sup
17:31:46 <hyakuhei> #topic Review
17:32:01 <hyakuhei> capnoday I know there's not much to report but say something insightful to inspire the crew over the xmas period
17:32:45 <capnoday> sorry, day job just happened
17:32:56 <hyakuhei> that's depressing not inspiring
17:33:06 <hyakuhei> didn't you push a big update to the template this week?
17:33:09 <capnoday> ok, I've just pushed up a new template for architecture pages
17:33:22 <capnoday> its designed to match the new process we developed in Austin
17:33:48 <ashcrack> i'm totally new here. i want to support you in sec review or audit or anything else. can you give me some tipps how can i do?
17:34:03 <capnoday> thats great ashcrack!
17:34:23 <capnoday> we are still developing the process, so having someone else to help out with that would be really good
17:34:56 <ashcrack> nice. should we talk about how i can help after finishing the agenda?
17:35:33 <capnoday> over the break im going to get the process up to date, so we should be good to run through it in january
17:35:37 <lhinds> hi ashcrack , would you be Björn by any chance?
17:35:38 <capnoday> ashcrack sounds good
17:36:12 <ashcrack> you are right lhinds
17:36:31 <lhinds> ok, cool. Nice to have you here to get involved!
17:36:45 <hyakuhei> +1 welcome ashcrack
17:36:54 <ashcrack> lhinds
17:37:00 <ashcrack> your are jeremy?!
17:37:08 <lhinds> ashcrack: Luke Hinds
17:37:08 <fungi> ashcrack: yes
17:37:18 <fungi> ashcrack: i'm jeremy
17:37:29 <fungi> well, i'm _a_ jeremy anyway
17:37:30 <ashcrack> ah sorry^^
17:37:32 <lhinds> well yes, he is jeremy ^ :P
17:37:48 <lhinds> I replied to your email on the list. good to have you
17:37:53 <fungi> ashcrack: i just replied to the e-mail you sent me as well
17:38:04 <fungi> welcome!
17:38:07 <ashcrack> i get it few minutes ago
17:38:35 <hyakuhei> Excellent
17:38:47 <lhinds> ashcrack: I am just thinking, your at university?
17:38:58 <lhinds> *you're
17:39:01 <hyakuhei> Do we have any sec-guide folks around?
17:39:08 <ashcrack> yes. i'm writing my thesis
17:39:18 <capnoday> sicarie?
17:39:28 <lhinds> k, maybe intern stuff might be of use to you, we can look into later
17:39:37 <lhinds> sorry hyakuhei , as you are..
17:39:42 <hyakuhei> lol
17:39:47 <ashcrack> ok
17:39:58 <hyakuhei> We don't have a sicarie this week.
17:40:05 <hyakuhei> I don't know of any big changes in docs.
17:40:11 <lhinds> nothing in review atm
17:40:25 <hyakuhei> Well that takes us to AOB
17:40:31 <hyakuhei> #topic Any Other Business
17:40:45 <lhinds> festive meeting schedules?
17:40:52 <hyakuhei> Ah yes
17:40:58 <hyakuhei> I vote we meet again after NYD
17:41:08 <lhinds> sounds gtm
17:41:19 <hyakuhei> That'd be the 5th of Jan
17:41:19 <lhinds> so the 5th of Jan?
17:41:20 <capnoday> +1
17:41:26 <lhinds> +1
17:41:28 <hyakuhei> ok excellent
17:41:31 <hyakuhei> That passes
17:41:41 <hyakuhei> Glad you mentioned it, I'd forgotten.
17:41:49 <lhinds> np
17:42:06 <capnoday> hyakuhei update from sicarie - he cant tell the time. also no-op on the guide
17:42:19 <hyakuhei> rojer!
17:42:28 <hyakuhei> heh
17:42:35 <singlethink> Cisco is shutting down it's biggest OpenStack cloud deployment(s): http://www.theregister.co.uk/2016/12/13/cisco_to_kill_its_intercloud_public_cloud_on_march_31st_2017/
17:42:35 <hyakuhei> Ok, anything else people?
17:42:36 <singlethink> :-/
17:42:47 <hyakuhei> :-/
17:43:03 <capnoday> and yet the foundation is worried about what animal each team will be represented by...
17:43:21 <hyakuhei> now now, we love our duly elected overlords.
17:43:38 <capnoday> go pangolins!
17:44:27 <capnoday> speaking of which, is there anything we need to cover for the PTG or PTL elections
17:44:45 <fungi> well, the foundation's marketing team is striving to have better ways to display non-wall-of-text representations of openstack as a whole, and having mascots/logos helps they do that so i'm not going to dissuade them. ultimately we do rely a lot on their marketing prowess
17:44:46 <hyakuhei> I'll cover it on the 5th, elections start in the 3rd week of Jan I think
17:45:07 <fungi> s/they/them/
17:45:31 <capnoday> thanks fungi, I (partly) joke
17:45:38 <capnoday> hyakuhei awesome
17:45:51 <fungi> capnoday: i can totally see how it would seem trivial/silly, so completely understand
17:46:47 <hyakuhei> ok, I think that's it, have a good day all, talk to you after the holidays!
17:47:00 <hyakuhei> #endmeeting