#openstack-meeting-alt log

14:00:08 <dkrol> #startmeeting trove
14:00:08 <openstack> Meeting started Wed Jan 16 14:00:08 2019 UTC and is due to finish in 60 minutes.  The chair is dkrol. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:00:09 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
14:00:11 <openstack> The meeting name has been set to 'trove'
14:00:16 <dkrol> Hello
14:01:53 <mpiwowarczy> hi
14:02:00 <dkrol> Hello
14:02:59 <dkrol> Is there Anyone else?
14:03:58 <mpiwowarczy> Bartosz is going :)
14:10:50 <bzurkowski> Hello
14:11:18 <dkrol> Hello
14:11:28 <dkrol> Can we start?
14:11:47 <cezary_zukowski> Hi
14:11:59 <bzurkowski> Cezary and Marcin are on the board
14:12:03 <bzurkowski> Let's start!
14:12:14 <mpiwowarczy> hi
14:12:33 <mpiwowarczy> yeah, lets move on
14:12:34 <dkrol> Ok
14:12:53 <dkrol> #topic upgrade pre check
14:14:05 <dkrol> I made another change
14:14:14 <dkrol> I hope it is ready now
14:14:32 <dkrol> Could you check it?
14:14:40 <bzurkowski> I already voted +2
14:14:54 <bzurkowski> It looks good to me
14:14:55 <mpiwowarczy> dkrol: I will do that soon
14:15:05 <dkrol> Yes, thank you
14:15:13 <mpiwowarczy> thanks for working on that
14:15:16 <dkrol> I need another one :)
14:16:06 <dkrol> And we can close another wide goal
14:16:07 <mpiwowarczy> be of good cheer :)
14:16:23 <bzurkowski> Good job Dariusz
14:16:29 <bzurkowski> Nice to see some progress in the project
14:16:44 <dkrol> Ok
14:16:48 <dkrol> Let's move on
14:17:52 <dkrol> #topic documentation
14:18:45 <cezary_zukowski> nothing changed from the last meeting
14:19:03 <dkrol> I've made review of Cezary document
14:19:29 <dkrol> And I gave some small comments on etherhub
14:19:42 <cezary_zukowski> ok, many thanks
14:19:50 <dkrol> Generally it looks very nice
14:19:59 <cezary_zukowski> it might trigger further work :)
14:20:38 <dkrol> I'm thinking if we could link to other parts of trove documentation we could save some time
14:21:14 <cezary_zukowski> what do you mean exactly?
14:21:23 <cezary_zukowski> provide cross-references?
14:21:47 <dkrol> You are showing how to create trove instance, database and user
14:22:09 <dkrol> This is described in the existing docs
14:22:19 <dkrol> I've added link in my comments
14:22:25 <dkrol> Please take a look
14:22:47 <dkrol> I suppose we can move on
14:23:04 <dkrol> #topic security of message bus
14:23:10 <cezary_zukowski> ok, thanks, but then we likely have to verify those specific parts of the documentation
14:23:48 <dkrol> Yes, but it is better to enhance existing docs than to copy
14:24:33 <cezary_zukowski> true, although more time consuming
14:25:06 <dkrol> Otherwise we will have too many overlapping docs
14:25:29 <dkrol> Ok
14:25:35 <dkrol> Another topic
14:25:54 <dkrol> I wanted to start discussion about rabbitmq and security
14:26:18 <dkrol> As it is related to your discussion from the summit
14:27:11 <dkrol> It turned out that there was already some effort to encrypt communication between guest agents and control plane with guest agent specific keys
14:27:27 <bzurkowski> #link https://www.youtube.com/watch?v=dzvcKlt3Lx8
14:27:27 <dkrol> This has been implemented in ocata
14:28:11 <dkrol> Exactly
14:28:20 <dkrol> Did you have time to watch it?
14:28:29 <bzurkowski> dkrol: Partialy
14:29:16 <dkrol> I think it is a very important video and we all should watch it :)
14:29:18 <bzurkowski> But not carefully enough to start intelligent discussion regarding this issue
14:29:28 <bzurkowski> dkrol: Agree
14:29:42 <dkrol> It seems that security concerns have been solved
14:30:03 <dkrol> But there is another issue regarding ddos attacks on mq
14:30:21 <dkrol> And we should investigate it more
14:30:37 <mpiwowarczy> a little bit advanced topic
14:30:48 <dkrol> My understanding of the root cause is there is no throttling in rabbimq
14:30:50 <mpiwowarczy> dkrol: are you going start working on this topic?
14:31:15 <dkrol> I need more understanding first
14:31:24 <mpiwowarczy> we should start from any blueprint or spec to more evaluate this topic
14:31:29 <mpiwowarczy> I see
14:31:45 <dkrol> Regarding recurity I think there is no reason to implement Octavia way
14:32:38 <mpiwowarczy> except Octavia, is there any project with similar use case to ours?
14:32:40 <dkrol> The only aspect is potential ddos attack
14:33:02 <dkrol> I'm not sure
14:33:12 <cezary_zukowski> does it really matters in a private cloud?
14:33:41 <cezary_zukowski> matter*
14:33:45 <dkrol> This topic came up in my recent talk with a Sweden company who would like to use trove in a public cloud
14:33:57 <cezary_zukowski> ah, ok
14:34:06 <dkrol> Also ovh had this concern
14:34:31 <mpiwowarczy> some messages queue implementations allows to configure quota on specific topic
14:34:33 <dkrol> I think it is very important for the project
14:35:02 <mpiwowarczy> not sure how it is in Rabbit, but maybe it would solve ddos issues
14:35:03 <dkrol> It would be interesting to know if we can switch rabbitmq to such a mq
14:35:03 <cezary_zukowski> yeah, security in terms of cloud is in fact among top concerns
14:35:22 <dkrol> Al
14:35:40 <dkrol> Another thing from the presentation is guest agent upgrade
14:36:19 <dkrol> It can be done with standard data store upgrade operation - I didn't think about it before
14:37:28 <dkrol> But if it works we should focus on it too much right know
14:37:38 <dkrol> Should not :)
14:38:24 <dkrol> Guest agent upgrade was another imports thing from the summit as far as I remember
14:38:57 <dkrol> Ok, anyway I think the video is worth watching
14:39:39 <dkrol> This is everything I have for this week
14:39:49 <dkrol> Anything from your side?
14:43:09 <dkrol> If not then we can finish earlier
14:44:32 <bzurkowski> Nothing from my side
14:44:35 <bzurkowski> Thanks for meeting
14:44:50 <dkrol> Ok,
14:44:55 <dkrol> Thanks for coming
14:45:00 <cezary_zukowski> Thanks guys
14:45:06 <dkrol> #endmeeting