Re: [VOTE] Graduate Apache HAWQ (incubating)

[Don Bosco Durai]

+1 (non binding)

Bosco

On 7/28/18, 9:27 PM, "侯宗田"  wrote:

+1 (non-binding) 







> On Jul 27, 2018, at 7:13 PM, Roman Shaposhnik  wrote:

> 

> Hi!

> 

> after a very positive discussion in the HAWQ community

> and at the IPMC level:

> 
https://lists.apache.org/thread.html/67a2d52ef29cbf9e93d8050ed0193cc110a919962dd92f8436b343b7@%3Cdev.hawq.apache.org%3E

> 
https://lists.apache.org/thread.html/3a142d758ef5ae119e421071893615992ea5ee937b5d02007f5e@%3Cgeneral.incubator.apache.org%3E

> 

> I'd like to bring the following resolution for a formal vote.

> 

> Please vote on the resolution pasted below to graduate

> Apache HAWQ from the incubator to top level project.

> 

> [ ] +1 Graduate Apache HAWQ from the Incubator.

> [ ] +0 Don't care.

> [ ] -1 Don't graduate Apache HAWQ from the Incubator because...

> 

> This vote will be open for at least 72 hours.

> 

> Many thanks to our mentors and everyone else for the support,

> Roman (on behalf of the Apache HAWQ PPMC).

> 

> ## Resolution to create a TLP from graduating Incubator podling

> 

>X. Establish the Apache HAWQ Project

> 

>   WHEREAS, the Board of Directors deems it to be in the best

>   interests of the Foundation and consistent with the

>   Foundation's purpose to establish a Project Management

>   Committee charged with the creation and maintenance of

>   open-source software, for distribution at no charge to

>   the public, related to Hadoop native SQL query engine that

>   combines the key technological advantages of MPP database

>   with the scalability and convenience of Hadoop.

> 

>   NOW, THEREFORE, BE IT RESOLVED, that a Project Management

>   Committee (PMC), to be known as the "Apache HAWQ Project",

>   be and hereby is established pursuant to Bylaws of the

>   Foundation; and be it further

> 

>   RESOLVED, that the Apache HAWQ Project be and hereby is

>   responsible for the creation and maintenance of software

>   related to Hadoop native SQL query engine that

>   combines the key technological advantages of MPP database

>   with the scalability and convenience of Hadoop;

>   and be it further

> 

>   RESOLVED, that the office of "Vice President, Apache HAWQ" be

>   and hereby is created, the person holding such office to

>   serve at the direction of the Board of Directors as the chair

>   of the Apache HAWQ Project, and to have primary responsibility

>   for management of the projects within the scope of

>   responsibility of the Apache HAWQ Project; and be it further

> 

>   RESOLVED, that the persons listed immediately below be and

>   hereby are appointed to serve as the initial members of the

>   Apache HAWQ Project:

> 

>* Alan Gates   

>* Alexander Denissov   

>* Amy Bai  

>* Atri Sharma  

>* Bhuvnesh Chaudhary   

>* Bosco

>* Chunling Wang

>* David Yozie  

>* Ed Espino

>* Entong Shen  

>* Foyzur Rahman

>* Goden Yao

>* Gregory Chase

>* Hong Wu  

>* Hongxu Ma

>* Hubert Zhang 

>* Ivan Weng

>* Jesse Zhang  

>* Jiali Yao

>* Jun Aoki 

>* Kavinder Dhaliwal

>* Lav Jain 

>* Lei Chang

>* Lili Ma  

>* Lirong Jian  

>* Lisa Owen

>* Ming Li  

>* Mohamed Soliman  

>* Newton Alex  

>* Noa Horn 

>* Oleksandr Diachenko  

>* Paul Guo 

>* Radar Da Lei 

>* Roman Shaposhnik 

>* Ruilong Huo  

>* Shivram Mani 

>* Shubham Sharma   

>* Tushar Pednekar  

>* Venkatesh Raghavan   

>* Vineet Goel  

>   

Re: [VOTE] Accept Eagle into Apache Incubation

[Don Bosco Durai]

+1 non binding 
Bosco 



_
From: Li Yang 
Sent: Sunday, October 25, 2015 8:13 PM
Subject: Re: [VOTE] Accept Eagle into Apache Incubation
To:  


+1 (non-binding)

On Mon, Oct 26, 2015 at 10:50 AM, hongbin ma  wrote:

> +1 (non binding)
>
> On Mon, Oct 26, 2015 at 12:20 AM, Ralph Goers 
> wrote:
>
> > +1 (binding)
> >
> > Ralph
> >
> > > On Oct 23, 2015, at 7:11 AM, Manoharan, Arun 
> > wrote:
> > >
> > > Hello Everyone,
> > >
> > > Thanks for all the feedback on the Eagle Proposal.
> > >
> > > I would like to call for a [VOTE] on Eagle joining the ASF as an
> > incubation project.
> > >
> > > The vote is open for 72 hours:
> > >
> > > [ ] +1 accept Eagle in the Incubator
> > > [ ] ±0
> > > [ ] -1 (please give reason)
> > >
> > > Eagle is a Monitoring solution for Hadoop to instantly identify access
> > to sensitive data, recognize attacks, malicious activities and take
> actions
> > in real time. Eagle supports a wide variety of policies on HDFS data and
> > Hive. Eagle also provides machine learning models for detecting anomalous
> > user behavior in Hadoop.
> > >
> > > The proposal is available on the wiki here:
> > > https://wiki.apache.org/incubator/EagleProposal
> > >
> > > The text of the proposal is also available at the end of this email.
> > >
> > > Thanks for your time and help.
> > >
> > > Thanks,
> > > Arun
> > >
> > > 
> > >
> > > Eagle
> > >
> > > Abstract
> > > Eagle is an Open Source Monitoring solution for Hadoop to instantly
> > identify access to sensitive data, recognize attacks, malicious
> activities
> > in hadoop and take actions.
> > >
> > > Proposal
> > > Eagle audits access to HDFS files, Hive and HBase tables in real time,
> > enforces policies defined on sensitive data access and alerts or blocks
> > user’s access to that sensitive data in real time. Eagle also creates
> user
> > profiles based on the typical access behaviour for HDFS and Hive and
> sends
> > alerts when anomalous behaviour is detected. Eagle can also import
> > sensitive data information classified by external classification engines
> to
> > help define its policies.
> > >
> > > Overview of Eagle
> > > Eagle has 3 main parts.
> > > 1.Data collection and storage - Eagle collects data from various hadoop
> > logs in real time using Kafka/Yarn API and uses HDFS and HBase for
> storage.
> > > 2.Data processing and policy engine - Eagle allows users to create
> > policies based on various metadata properties on HDFS, Hive and HBase
> data.
> > > 3.Eagle services - Eagle services include policy manager, query service
> > and the visualization component. Eagle provides intuitive user interface
> to
> > administer Eagle and an alert dashboard to respond to real time alerts.
> > >
> > > Data Collection and Storage:
> > > Eagle provides programming API for extending Eagle to integrate any
> data
> > source into Eagle policy evaluation framework. For example, Eagle hdfs
> > audit monitoring collects data from Kafka which is populated from
> namenode
> > log4j appender or from logstash agent. Eagle hive monitoring collects
> hive
> > query logs from running job through YARN API, which is designed to be
> > scalable and fault-tolerant. Eagle uses HBase as storage for storing
> > metadata and metrics data, and also supports relational database through
> > configuration change.
> > >
> > > Data Processing and Policy Engine:
> > > Processing Engine: Eagle provides stream processing API which is an
> > abstraction of Apache Storm. It can also be extended to other streaming
> > engines. This abstraction allows developers to assemble data
> > transformation, filtering, external data join etc. without physically
> bound
> > to a specific streaming platform. Eagle streaming API allows developers
> to
> > easily integrate business logic with Eagle policy engine and internally
> > Eagle framework compiles business logic execution DAG into program
> > primitives of underlying stream infrastructure e.g. Apache Storm. For
> > example, Eagle HDFS monitoring transforms audit log from Namenode to
> object
> > and joins sensitivity metadata, security zone metadata which are
> generated
> > from external programs or configured by user. Eagle hive monitoring
> filters
> > running jobs to get hive query string and parses query string into object
> > and then joins sensitivity metadata.
> > > Alerting Framework: Eagle Alert Framework includes stream metadata API,
> > scalable policy engine framework, extensible policy engine framework.
> > Stream metadata API allows developers to declare event schema including
> > what attributes constitute an event, what is the type for each attribute,
> > and how to dynamically resolve attribute value in runtime when user
> > configures policy. Scalable policy engine framework allows policies to be
> > executed on different physical nodes in parallel. It is 

Re: [DISCUSS] Eagle incubator proposal

[Don Bosco Durai]

Hi Arun

This looks really good and fills some obvious gaps in the security landscape.

Happy to contribute anyway you want.

All the best!!!

Bosco





On 10/20/15, 8:02 AM, "Alex Karasulu"  wrote:

>Hi Arun,
>
>Eagle sounds very promising. I just had a discussion with someone about
>this exact need. I do however agree with Greg on the name. As far as I can
>see, besides the name, your weakest point is the all eBay employed team.
>It's not a blocker and can be fixed during incubation. Good luck to you.
>
>Alex
>
>
>On Tue, Oct 20, 2015 at 5:51 PM, Manoharan, Arun 
>wrote:
>
>> Hi Greg,
>>
>> Thank you for reviewing the proposal.
>>
>> Originally we thought Eagle might be trademarked by someone already but I
>> went thru eBay legal team to get the clearance for the name to be used. We
>> will look into it again to see if there will be potential problems.
>>
>> Thanks,
>> Arun
>>
>> On 10/20/15, 1:52 AM, "Greg Stein"  wrote:
>>
>> >Hey there, Arun! ... I have no commentary on the proposal itself, as it
>> >looks like a great proposal. I would suggest being a bit wary of the name,
>> >as "Eagle" is a *very* popular PCB design program.
>> >
>> >On Mon, Oct 19, 2015 at 10:33 AM, Manoharan, Arun 
>> >wrote:
>> >
>> >> Hello Everyone,
>> >>
>> >> My name is Arun Manoharan. Currently a product manager in the Analytics
>> >> platform team at eBay Inc.
>> >>
>> >> I would like to start a discussion on Eagle and its joining the ASF as
>> >>an
>> >> incubation project.
>> >>
>> >> Eagle is a Monitoring solution for Hadoop to instantly identify access
>> >>to
>> >> sensitive data, recognize attacks, malicious activities and take
>> >>actions in
>> >> real time. Eagle supports a wide variety of policies on HDFS data and
>> >>Hive.
>> >> Eagle also provides machine learning models for detecting anomalous user
>> >> behavior in Hadoop.
>> >>
>> >> The proposal is available on the wiki here:
>> >> https://wiki.apache.org/incubator/EagleProposal
>> >>
>> >> The text of the proposal is also available at the end of this email.
>> >>
>> >> Thanks for your time and help.
>> >>
>> >> Thanks,
>> >> Arun
>> >>
>> >> 
>> >>
>> >> Eagle
>> >>
>> >> Abstract
>> >> Eagle is an Open Source Monitoring solution for Hadoop to instantly
>> >> identify access to sensitive data, recognize attacks, malicious
>> >>activities
>> >> in hadoop and take actions.
>> >>
>> >> Proposal
>> >> Eagle audits access to HDFS files, Hive and HBase tables in real time,
>> >> enforces policies defined on sensitive data access and alerts or blocks
>> >> user¹s access to that sensitive data in real time. Eagle also creates
>> >>user
>> >> profiles based on the typical access behaviour for HDFS and Hive and
>> >>sends
>> >> alerts when anomalous behaviour is detected. Eagle can also import
>> >> sensitive data information classified by external classification
>> >>engines to
>> >> help define its policies.
>> >>
>> >> Overview of Eagle
>> >> Eagle has 3 main parts.
>> >> 1.Data collection and storage - Eagle collects data from various hadoop
>> >> logs in real time using Kafka/Yarn API and uses HDFS and HBase for
>> >>storage.
>> >> 2.Data processing and policy engine - Eagle allows users to create
>> >> policies based on various metadata properties on HDFS, Hive and HBase
>> >>data.
>> >> 3.Eagle services - Eagle services include policy manager, query service
>> >> and the visualization component. Eagle provides intuitive user
>> >>interface to
>> >> administer Eagle and an alert dashboard to respond to real time alerts.
>> >>
>> >> Data Collection and Storage:
>> >> Eagle provides programming API for extending Eagle to integrate any data
>> >> source into Eagle policy evaluation framework. For example, Eagle hdfs
>> >> audit monitoring collects data from Kafka which is populated from
>> >>namenode
>> >> log4j appender or from logstash agent. Eagle hive monitoring collects
>> >>hive
>> >> query logs from running job through YARN API, which is designed to be
>> >> scalable and fault-tolerant. Eagle uses HBase as storage for storing
>> >> metadata and metrics data, and also supports relational database through
>> >> configuration change.
>> >>
>> >> Data Processing and Policy Engine:
>> >> Processing Engine: Eagle provides stream processing API which is an
>> >> abstraction of Apache Storm. It can also be extended to other streaming
>> >> engines. This abstraction allows developers to assemble data
>> >> transformation, filtering, external data join etc. without physically
>> >>bound
>> >> to a specific streaming platform. Eagle streaming API allows developers
>> >>to
>> >> easily integrate business logic with Eagle policy engine and internally
>> >> Eagle framework compiles business logic execution DAG into program
>> >> primitives of underlying stream infrastructure e.g. Apache Storm. For
>> >> example, Eagle HDFS monitoring transforms audit 

Re: [VOTE] Accept MADlib into the Apache Incubator

[Don Bosco Durai]

+1 (non binding)


On 9/11/15, 10:02 AM, "Gautam Muralidhar" 
wrote:

>+1 nonbinding
>
>Sent from my iPhone
>
>> On Sep 11, 2015, at 9:43 PM, Gregory Chase  wrote:
>> 
>> +1 nonbinding
>> 
>>> On Fri, Sep 11, 2015 at 8:12 AM, Chris Rawles 
>>>wrote:
>>> 
>>> --
>>> Chris
>> 
>> 
>> 
>> -- 
>> Greg Chase
>> 
>> Director of Big Data Communities
>> http://www.pivotal.io/big-data
>> 
>> Pivotal Software
>> http://www.pivotal.io/
>> 
>> 650-215-0477
>> @GregChase
>> Blog: http://geekmarketing.biz/
>
>-
>To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
>For additional commands, e-mail: general-h...@incubator.apache.org
>



-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [VOTE] Accept HAWQ into the Apache Incubator

[Don Bosco Durai]

gnment section, HAWQ may consider various
>>> > degrees of integration and code exchange with Apache Hadoop, Apache
>>> > Spark and Apache Hive projects. We expect integration points to be
>>> > inside and outside the project. We look forward to collaborating with
>>> > these communities as well as other communities under the Apache
>>> > umbrella.
>>> >
>>> > === An Excessive Fascination with the Apache Brand ===
>>> > While we intend to leverage the Apache ‘branding’ when talking to
>>> > other projects as testament of our project’s ‘neutrality’, we have no
>>> > plans for making use of Apache brand in press releases nor posting
>>> > billboards advertising acceptance of HAWQ into Apache Incubator.
>>> >
>>> > == Documentation ==
>>> > The documentation is currently available at
>>>http://hawq.docs.pivotal.io/
>>> >
>>> > == Initial Source ==
>>> > Initial source code will be available immediately after Incubator PMC
>>> > approves HAWQ joining the Incubator and will be licensed under the
>>> > Apache License v2.
>>> >
>>> > == Source and Intellectual Property Submission Plan ==
>>> > As soon as HAWQ is approved to join the Incubator, the source code
>>> > will be transitioned via an exhibit to Pivotal's current Software
>>> > Grant Agreement onto ASF infrastructure and in turn made available
>>> > under the Apache License, version 2.0.  We know of no legal
>>> > encumberments that would inhibit the transfer of source code to the
>>> > ASF.
>>> >
>>> > == External Dependencies ==
>>> >
>>> > Runtime dependencies:
>>> >   * gimli (BSD)
>>> >   * openldap (The OpenLDAP Public License)
>>> >   * openssl (OpenSSL License and the Original SSLeay License, BSD
>>>style)
>>> >   * proj (MIT)
>>> >   * yaml (Creative Commons Attribution 2.0 License)
>>> >   * python (Python Software Foundation License Version 2)
>>> >   * apr-util (Apache Version 2.0)
>>> >   * bzip2 (BSD-style License)
>>> >   * curl (MIT/X Derivate License)
>>> >   * gperf (GPL Version 3)
>>> >   * protobuf (Google)
>>> >   * libevent (BSD)
>>> >   * json-c (https://github.com/json-c/json-c/blob/master/COPYING)
>>> >   * krb5 (MIT)
>>> >   * pcre (BSD)
>>> >   * libedit (BSD)
>>> >   * libxml2 (MIT)
>>> >   * zlib (Permissive Free Software License)
>>> >   * libgsasl (LGPL Version 2.1)
>>> >   * thrift (Apache Version 2.0)
>>> >   * snappy (Apache Version 2.0 (up to 1.0.1)/New BSD)
>>> >   * libuuid-2.26 (LGPL Version 2)
>>> >   * apache hadoop (Apache Version 2.0)
>>> >   * apache avro (Apache Version 2.0)
>>> >   * glog (BSD)
>>> >   * googlemock (BSD)
>>> >
>>> > Build only dependencies:
>>> >   * ant (Apache Version 2.0)
>>> >   * maven (Apache Version 2.0)
>>> >   * cmake (BSD)
>>> >
>>> > Test only dependencies:
>>> >   * googletest (BSD)
>>> >
>>> > Cryptography N/A
>>> >
>>> > == Required Resources ==
>>> >
>>> > === Mailing lists ===
>>> >   * priv...@hawq.incubator.apache.org (moderated subscriptions)
>>> >   * comm...@hawq.incubator.apache.org
>>> >   * d...@hawq.incubator.apache.org
>>> >   * iss...@hawq.incubator.apache.org
>>> >   * u...@hawq.incubator.apache.org
>>> >
>>> > === Git Repository ===
>>> > https://git-wip-us.apache.org/repos/asf/incubator-hawq.git
>>> >
>>> > === Issue Tracking ===
>>> > JIRA Project HAWQ (HAWQ)
>>> >
>>> > === Other Resources ===
>>> >
>>> > Means of setting up regular builds for HAWQ on builds.apache.org will
>>> > require integration with Docker support.
>>> >
>>> > == Initial Committers ==
>>> >   * Lirong Jian
>>> >   * Hubert Huan Zhang
>>> >   * Radar Da Lei
>>> >   * Ivan Yanqing Weng
>>> >   * Zhanwei Wang
>>> >   * Yi Jin
>>> >   * Lili Ma
>>> >   * Jiali Yao
>>> >   * Zhenglin Tao
>>> >   * Ruilong Huo
>>> >   * Ming Li
>>> >   * Wen Lin
>>> >   * Lei Chang
>>> >   * Alexander V Denissov
>>> >   * Newton Alex
>>> >   * Oleksandr Diachenko
>>> >   * Jun Aoki
>>> >   * Bhuvnesh Chaudhary
>>> >   * Vineet Goel
>>> >   * Shivram Mani
>>> >   * Noa Horn
>>> >   * Sujeet S Varakhedi
>>> >   * Junwei (Jimmy) Da
>>> >   * Ting (Goden) Yao
>>> >   * Mohammad F (Foyzur) Rahman
>>> >   * Entong Shen
>>> >   * George C Caragea
>>> >   * Amr El-Helw
>>> >   * Mohamed F Soliman
>>> >   * Venkatesh (Venky) Raghavan
>>> >   * Carlos Garcia
>>> >   * Zixi (Jesse) Zhang
>>> >   * Michael P Schubert
>>> >   * C.J. Jameson
>>> >   * Jacob Frank
>>> >   * Ben Calegari
>>> >   * Shoabe Shariff
>>> >   * Rob Day-Reynolds
>>> >   * Mel S Kiyama
>>> >   * Charles Alan Litzell
>>> >   * David Yozie
>>> >   * Ed Espino
>>> >   * Caleb Welton
>>> >   * Parham Parvizi
>>> >   * Dan Baskette
>>> >   * Christian Tzolov
>>> >   * Tushar Pednekar
>>> >   * Greg Chase
>>> >   * Chloe Jackson
>>> >   * Michael Nixon
>>> >   * Roman Shaposhnik
>>> >   * Alan Gates
>>> >   * Owen O'Malley
>>> >   * Thejas Nair
>>> >   * Don Bosco Durai
>>> >   * Konstantin Boudnik
>>> >   * Sergey Soldatov
>>> >   * Atri Sharma
>>> >
>>> > == Affiliations ==
>>> >   * Barclays:  Atri Sharma
>>> >   * Bloomberg: Justin Erenkrantz
>>> >   * Hortonworks: Alan Gates, Owen O'Malley, Thejas Nair, Don Bosco
>>>Durai
>>> >   * WANDisco: Konstantin Boudnik, Sergey Soldatov
>>> >   * Pivotal: everyone else on this proposal
>>> >
>>> > == Sponsors ==
>>> >
>>> > === Champion ===
>>> > Roman Shaposhnik
>>> >
>>> > === Nominated Mentors ===
>>> >
>>> > The initial mentors are listed below:
>>> >   * Alan Gates - Apache Member, Hortonworks
>>> >   * Owen O'Malley - Apache Member, Hortonworks
>>> >   * Thejas Nair - Apache Member, Hortonworks
>>> >   * Konstantin Boudnik - Apache Member, WANDisco
>>> >   * Roman Shaposhnik - Apache Member, Pivotal
>>> >   * Justin Erenkrantz - Apache Member, Bloomberg
>>> >
>>> > === Sponsoring Entity ===
>>> > We would like to propose Apache incubator to sponsor this project.
>>> >
>>> > -
>>> > To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
>>> > For additional commands, e-mail: general-h...@incubator.apache.org
>>> >
>>>
>>> -
>>> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
>>> For additional commands, e-mail: general-h...@incubator.apache.org
>>>
>>>
>
>-
>To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
>For additional commands, e-mail: general-h...@incubator.apache.org
>



-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Reform of Incubator {was; [DISCUSSION] Graduate Ignite from the Apache Incubator)

[Don Bosco Durai]

My only concern is now the mentor(s) need to check everything before
approving. In my experience, during the early stages of the releases, lot
of the license, naming, release location, etc. related issues were
identified during the approval in the general@ list. Which were very
helpful to us.

Knowing that the mentors are generally busy, it might be good to have an
extra oversight.

Take a poll among podlings and ask Do you want to be more autonomous
from the IPMC? and see what they say...
We should qualify what autonomous means here.


Thanks

Bosco



On 7/26/15, 8:06 AM, Niclas Hedhman nic...@hedhman.org wrote:

On Sun, Jul 26, 2015 at 7:38 PM, Branko Čibej br...@apache.org wrote:

 The only downside of this proposal is that it assumes that every podling
 has at least three active (!) mentors.

No, I don't necessarily mean that you need 3 mentors either. One active
mentor would be fine with me. Empower the podling to stand on its own
feet.
The Incubation disclaimers are plenty warning, otherwise it would be full
releases.

Take a poll among podlings and ask Do you want to be more autonomous from
the IPMC? and see what they say...

Cheers
--
Niclas Hedhman, Software Developer
http://zest.apache.org - New Energy for Java



-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Last chance to tell your story at ApacheCON EU 2015

[Don Bosco Durai]

Can I have write permission (wiki id=bosco) or someone update the wiki for
me?

Don Bosco Durai - Apache Ranger

I am still not sure who will talk, but can we put mine as a place holder
for now?

Thanks

Bosco


On 6/29/15, 10:09 AM, jan i j...@apache.org wrote:

On 29 June 2015 at 01:28, Anatole Tresch atsti...@gmail.com wrote:

 Hi all

 I proposed to talk on Tamaya. I would also do a speed date on Tamaya,
but
 unfortunately I cannot update:
 https://wiki.apache.org/apachecon/ACEU15Incubator
 Can somebody do this for me, or give the rights todo so (UID:
 AnatoleTresch)?

updated

have fun
jan i.


 Thanks,
 Anatole


 2015-06-27 23:10 GMT+02:00 Roman Shaposhnik ro...@shaposhnik.org:

  On Sat, Jun 27, 2015 at 1:44 PM, Pierre Smits pierre.sm...@gmail.com
  wrote:
   Roman,
  
   There is a talk in preparation regarding Trafodion.
 
  Great! Once it it submitted, could you please update the wiki?
 
  Thanks,
  Roman.
 
  -
  To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
  For additional commands, e-mail: general-h...@incubator.apache.org
 
 


 --
 *Anatole Tresch*
 Java Engineer  Architect, JSR Spec Lead
 Glärnischweg 10
 CH - 8620 Wetzikon

 *Switzerland, Europe Zurich, GMT+1*
 *Twitter:  @atsticks*
 *Blogs: **http://javaremarkables.blogspot.ch/
 http://javaremarkables.blogspot.ch/*

 *Google: atsticksMobile  +41-76 344 62 79*




-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [VOTE] Release Apache Ranger 0.5.0 (incubating)

[Don Bosco Durai]

Justin

Thanks for looking into this. The MPL license was used by pnotify. We
removed it as part of JIRA
https://issues.apache.org/jira/browse/RANGER-316, but we didn¹t update the
LICENSE.txt file. Is it okay to remove the license text from the file
during our next release or is it a blocker for this release? I have
created JIRA https://issues.apache.org/jira/browse/RANGER-542 to track it.

We will also address your rest of your concerns during our next release. I
have created the following JIRA to track it
https://issues.apache.org/jira/browse/RANGER-541.

Thanks

Bosco


On 6/6/15, 6:35 PM, Justin Mclean jus...@classsoftware.com wrote:

Hi,

+0 binding until MPL issue clarified, then I¹ll change my vote to +1.

But there a few other things that need to be fixed for next release.

I checked
- Release does¹t contain incubating in release name.
- Signatures and hash good (but could be improved)
- DISCLAIMER exists
- Year range in NOTICE file is incorrect
- NOTICE file has minor issues (see below)
- LICENSE file also have a few minor issues
- All source file have Apache headers
- No unexpected binaries in source release
- Can compile from source

The LICENSE notes that you using JQuery Pine Notify which is triple
licensed under GPL, LGPL and MPL. MPL is a category B license and as such
needs to be handled with care [6]. However I¹m not sure that it is
actually bundled in the software - can you confirm this. If it is not it
can be removed from the LICENSE.

Permissive licenses such as Apache and MIT do not normally get mentioned
in the NOTICE file [4] as the NOTICE file places a burden on downstream
projects can these please be removed.

The following seem to be missing from the LICENSE
- font awesome (MIT + SIL) see
security-admin/src/main/webapp/fonts/fontawesome/fontawesome-webfont.svg
and 
ranger-0.5.0/security-admin/src/main/webapp/fonts/fontawesome/FontAwesome.
* + 
ranger-0.5.0/security-admin/src/main/webapp/fonts/fontopensans/open-sans*
- backbone forms (MIT)  see
ranger-0.5.0/security-admin/src/main/webapp/libs/bower/backbone-forms/*
- select2 (MIT) see
security-admin/src/main/webapp/libs/bower/select2/select2.css
- bootstrap (MIT) see
ranger-0.5.0/security-admin/src/main/webapp/themejs/1.3.0/bootstrap.min.js
- QUnit (MIT) see 
security-admin/src/main/webapp/libs/bower/globalize/test/qunit/qunit.js
- jsDump (BSD -part of QUnit) see
security-admin/src/main/webapp/libs/bower/globalize/test/qunit/qunit.js
- Sizzle.js (part of jQuery) see
security-admin/src/main/webapp/libs/bower/globalize/examples/browser/jquer
y-1.4.4.js

Also VisualSearch.js could be placed with the other MIT licenses.

There is also no need to list Apache licensed software in LICENSE,
however it¹s not an licensing error, and up to you if you want to leave
them there.

For the next release can you please fix the following:
- Add incubating to the release name [1]
- Place the release in the correct place [2][3]
- Put the contents of hashes in a standard format (making it easier to
check)
- Consider adding apache to release artefact name
- Correct years in NOTICE file
- Remove unnecessary information from NOTICE
- Add missing licenses to LICENSE

Note that the first two items are marked as MUST in the incubator policy.

Thanks,
Justin

1.http://incubator.apache.org/incubation/Incubation_Policy.html#Releases
2. http://www.apache.org/dist/incubator/ranger/
3. http://incubator.apache.org/incubation/Incubation_Policy.html#Releases
4. http://www.apache.org/dev/licensing-howto.html#permissive-deps
5. http://www.apache.org/legal/resolved.html#category-b


-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org





-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: Final draft of IPMC report for January 2015

[Don Bosco Durai]

Daniel, sorry about. I have updated the Wiki.

Attaching the link to you email for reference to others:

http://mail-archives.apache.org/mod_mbox/ranger-dev/201501.mbox/ajax/%3C54A
920A7.5000501%40apache.org%3E

Thanks for your help and guidance.

Regards

Bosco



On 1/14/15, 8:48 AM, Daniel Gruno humbed...@apache.org wrote:

*ahem*, I did sign off on both reports.
However, my wiki access was fubared at the time, so I asked if anyone
from the Ranger project could put a check mark next to my name. This has
apparently not happened. I have also signed off on the Corinthia report.

With regards,
Daniel.

On 2015-01-14 17:42, Roman Shaposhnik wrote:
 The following will be submitted to the board at midnight:

 The Apache Incubator is the entry path into the ASF for projects and
 codebases wishing to become part of the Foundation's efforts.

 There are currently 36 podlings undergoing incubation.  One podling
 joined us this month (Corinthia). One member joined and two members
 left the IPMC.

 IPMC has recognized the need for tightening up mentorship requirements
 and overall structure of the incubation process. Active discussions
 on how to this in the best possible way are on going and the
recommendation
 is expected to be available in a few weeks.

 * Community

New IPMC members:

  Hyunsik Choi


People who left the IPMC:

  Sean Owen
  Marvin Humphrey

Mentors who didn't sign off on the reports:

  Alan Gates
  Alex Karasulu
  Andrei Savu
  Andrew Purtell
  Arun Murthy
  Ashutosh Chauhan
  Benjamin Hindman
  Daniel Gruno
  David Blevins
  Devaraj Das
  Drew Farris
  Enis Soztutar
  Gerhard Petracek
  Henri Gomez
  Henry Saputra
  Lewis John Mcgibbney
  Luciano Resende
  Marcel Offermans
  Matt Hogstrom
  Nick Burch
  Olivier Lamy
  Sam Ruby
  Sergio Fernandez
  Suresh Marru
  Suresh Srinivas
  Todd Lipcon
  Tom White
  Yegor Kozlov

 * New Podlings

  Corinthia

 * Graduations

The board has motions for the following:

  Samza



 * Releases

The following releases were made since the last Incubator report:

  Dec 05 2014   Apache Falcon 0.6-incubating
  Dec 08 2014   Apache Samza 0.8.0-incubating
  Dec 22 2014   Apache Brooklyn 0.7.0-M2-incubating

 * IP Clearance

* Corinthia initial source grant

 * Legal / Trademarks



 * Infrastructure



 * Miscellaneous

* NPanday community seems to be in agreement that retirement is the
best
  option at this point. The only outstanding issue before formally
  recommending graduation VOTE is to decide whether there's enough
cycles
  available for one last release before retirement.

  Summary of podling reports 

 * Still getting started at the Incubator

  SAMOA
  Corinthia
  Kylin
  NiFi
  Taverna (delayed software grant)
  Zeppelin

 * Not yet ready to graduate

No release:

  DataFu
  HTrace
  Ignite
  Kalumet
  Lens
  Tamaya

Community growth:

  Aurora
  Brooklyn
  Calcite
  MRQL
  ODF Toolkit
  Parquet
  Ranger
  Usergrid

 * Ready to graduate

The Board has motions for the following:

  Samza

 * Did not report, expected next month

  NPanday
  Ripple

 --
 Table of Contents
 Aurora
 Brooklyn
 Calcite
 Corinthia
 DataFu
 HTrace
 Ignite
 Kalumet
 Kylin
 Lens
 MRQL
 NiFi
 NPanday
 ODF Toolkit
 Parquet
 Ranger
 SAMOA
 Samza
 Tamaya
 Taverna
 Usergrid
 Zeppelin

 --

 
 Aurora

 Aurora is a service scheduler used to schedule jobs onto Apache Mesos.

 Aurora has been incubating since 2013-10-01.

 Three most important issues to address in the move towards graduation:

1. Expanding the community's diversity and adding new committers.
2. Third Apache release, progress being tracked in ticket AURORA-872
3.

 Any issues that the Incubator PMC (IPMC) or ASF Board wish/need to be
 aware of?

* None at this time.

 How has the community developed since the last report?

Latest Additions:

* PMC addition:
  * David McLaughlin, 2014-08-20
* Contributor additions: No additional contributors had code
committed
  since the last report, however three new contributors currently
have
  code under review that was submitted within the past 6 weeks. At
least
  one of these contributions is a large feature addition, which is
  promising.

Issue backlog status since last report (Oct 1, 2014):

* Created:   212
* Resolved:  177

Mailing list activity since last report:

* @dev  480 messages
* @issues   1085 messages
* @reviews  2235 messages

 How has the project developed since the last report?

* 

Need write access to Wiki

[Don Bosco Durai]

Can someone please provide me write access to the incubator report wiki
pages?

My wiki id is ³bosco²

Thank you

Bosco

Re: [PROPOSAL] Apache Argus Proposal

[Don Bosco Durai]

 How do you define the 'Hadoop complex eco-system'? If that definition
Agreed, complex is a relative term. I used the term complex, because now more 
than 20 products use Hadoop and list is growing. There are 10 products listed 
on http://hadoop.apache.org/. Then there are others projects like Accumulo, 
Impala, Storm, Kafka, Falcon, Pig, Flume, Sqoop, Oozie, etc. which uses HDFS or 
support/enable other products within Hadoop ecosystem. If we dig deeper, each 
component might have multiple processes (Name Node, Data Node, Job Tracker, 
Storm Nimbus Server, HBase Master Servers, HBase Regions Servers, HA, etc). 
With YARN, now user can run their applications in the cluster, which is a great 
feature, but it is very scary from security point of view, because now users 
can write their custom application and run it within a secure data center.

I don’t feel one technology or one company or one small group or one approach 
can solve this problem. This has to be addressed by the community working 
together. This would also require a lot of support from each dependent projects 
and lot of co-ordination. And there would be multiple security solutions 
available for the end users to pick from.

 includes projects such as HBase, we have significant security controls, so
The mature projects have started beefing up their security features. In recent 
releases, HBase added cell based access control and encryption, HDFS added 
advanced ACLs and now working on file level encryptions, Hive added ATZ-NG, no 
encryption yet. The newer ones like Solr, Storm, Falcon have very basic 
security control. On the good news side, most components have started 
supporting Kerberos and SSL. But encryption at rest is still a challenge. In 
most cases it is all or none, except probably HBase and Accumulo. Access 
control and auditing is also not that mature among the newer projects. The goal 
is here is not to reinvent or impose on each project, but to reuse the existing 
security technologies consistently across projects and at the same extend it 
where applicable.

 or the combination of Hive+Sentry would agree with that statement either.
Personally, Hive is my ideal role model for all hadoop projects to follow. Out 
of the box, it has inbuilt access control, but also provides APIs to plug your 
authorization model. Now security projects like Argus can extend it to support 
attribute based access control, cell based access control, tagging, 
multi-tenancy, auditing, etc. Users based on their security requirement or 
appetite might decide to go with the default or choose one of the other 
security providers. Similar requirements might be there for HBase, but 
expecting all Hadoop components to keep up with each other is counter 
productive, while a dedicated security provider (project) might do more 
extensive and uniform job. Users might also pick multiple security providers 
within their cluster to address specific security concerns.

Since we are on the topic of complexity, one of the reason Hadoop is popular is 
because of its openness. Hive might be on top of anything, e.g. on HDFS,  
HBase+HDFS, flat file, etc. While you can access SQL queries via Hive, you can 
also write Pig or MR job to access the underlying HDFS file directly. This is a 
powerful feature, which now gives them ability to run sophisticated analytical 
jobs or use enterprise grade BI tool. But this also allows users to circumvent 
Hive’s native security. For Hive or any native component, cross component 
security is out of scope (and should be). This problem can be solved by 
security providers like Argus, who can enforce adequate security consistently 
across components or project boundaries. 

Happy to discuss more on this topic.

Thanks

Bosco


On Jul 16, 2014, at 7:38 PM, Andrew Purtell apurt...@apache.org wrote:

 This statement might not be quite right:
 
 Even within Hadoop complex eco-system, each components have limited or no
 security controls.
 
 How do you define the 'Hadoop complex eco-system'? If that definition
 includes projects such as HBase, we have significant security controls, so
 that wouldn't be a correct statement. Not sure those working on Accumulo,
 or the combination of Hive+Sentry would agree with that statement either.
 
 It's not necessary to survey the Hadoop ecosystem before incubating of
 course, or even after, but it sounds like that might be a good idea.
 
 
 
 On Wed, Jul 16, 2014 at 5:06 PM, Don Bosco Durai bdu...@hortonworks.com
 wrote:
 
 Hi JB
 
 We will be centralizing the administration and auditing for Knox. And we
 will be also standardizing the authentication for web applications for all
 components within Hadoop ecosystem, for which we might consider Shiro. I
 would like to understand more about Syncope and see how production ready it
 is...
 
 The principle is to leverage existing security solutions where applicable.
 Even within Hadoop complex eco-system, each components have limited or no
 security controls

Re: [PROPOSAL] Apache Argus Proposal

[Don Bosco Durai]

Andrews, thanks for your feedback. My responses are inline.

Regards

Bosco

On Jul 17, 2014, at 11:41 AM, Andrew Purtell apurt...@apache.org wrote:

 Thank you for writing back with a detailed clarification.
 
 Regarding encryption at rest, HDFS is adding it as HDFS-6134, so likely
 there will be a new core feature option for the ecosystem to consider
 shortly.
 
 ​ I don’t feel one technology or one company or one small group or one
 approach can solve this problem. This has to be addressed by the community
 working together. This would also require a lot of support from each
 dependent projects and lot of co-ordination. And there would be multiple
 security solutions available for the end users to pick from.​
 ​
 Completely agreed. However, the desired community cooperation has both
 technical and political components. I think there are some concerns about
 how successful an outcome Argus may produce, informed by experience.
 Perhaps it would be worthwhile to address those concerns. Argus proposes to

The current Argus solution already has integration with the core Hadoop 
components like HDFS, Hive and HBase. There are work in progress to support 
additional Hadoop components, which includes Knox. Anytime, we cross project 
boundaries, there were would be always challenges wrt technical and political. 
Working this out within the community makes more sense, rather than doing this 
outside. Not attempting would be counterproductive.

 develop a common security infrastructure for the Hadoop ecosystem. In my
 opinion (and informed by personal experience) we have new incubating Hadoop
 ecosystem security projects like Sentry and Knox and proposals such as
 Argus because Hadoop core is locked down. Argus et. al. are like the
 proverbial blocked river (user demand for features) seeking a new route
 around a landslide (obvious poisonous contention and litigation-via-JIRA on
 every significant topic). I would be curious your thoughts on how to avoid
 the same end state in the Argus project. In my opinion, it would be a
 tragedy if a potential solution ends up perpetuating the dysfunction it
 seeks to bypass to a greater proportion of Foundation projects instead. A
 Hadoop ecosystem project attempting to remain independent from the
 dysfunction of Hadoop core would be well advised to stay away from adoption
 of Argus components (security is so critical) if the governance of Argus
I don’t believe Argus existence is because HDFS or any other component is 
locked down or dysfunctional. Each component will continue to evolve  (core 
features and security) overtime based on their priority, severity and timeline. 
The option to externalize security is always a good thing. Option to 
externalize is a well accepted notion in the community. Commercial databases 
allow externalizing security, web applications externalize authentication and 
authorization, there are vulnerability management systems for file 
system/software version, etc. I don’t see a security provider like Argus or 
Sentry extending the native security as a risk or bad thing, instead, a good 
motivation for projects (particularly new) to focus on their core features. 

I also don’t feel this is a short term user demand. Security requirement 
changes on regular basis and as different type of industries adopt hadoop, 
their security requirements might be also different. They will look for 
different options for security and select what addresses their needs.

 perpetuates that dysfunction. By the way, it is also not too late for Knox
 and Sentry.
 
Security is most effective when it is deployed as layered solution. Knox 
addresses the perimeter security. Currently it is REST and they will extend it 
to support security for more external API technologies. Argus will not replace 
it, but complement Knox by centralizing the administration and common auditing. 
Sentry and Argus have some overlap, but at the core, they have different 
philosophies and approach. Similar discussion can be made between no-sql 
projects like Apache HBase, Apache Accumulo and Apache Cassandra. Varying 
options is always healthy.





-- 
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to 
which it is addressed and may contain information that is confidential, 
privileged and exempt from disclosure under applicable law. If the reader 
of this message is not the intended recipient, you are hereby notified that 
any printing, copying, dissemination, distribution, disclosure or 
forwarding of this communication is strictly prohibited. If you have 
received this communication in error, please contact the sender immediately 
and delete it from your system. Thank You.

-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [PROPOSAL] Apache Argus Proposal

[Don Bosco Durai]

Hi JB

We will be centralizing the administration and auditing for Knox. And we will 
be also standardizing the authentication for web applications for all 
components within Hadoop ecosystem, for which we might consider Shiro. I would 
like to understand more about Syncope and see how production ready it is...

The principle is to leverage existing security solutions where applicable. Even 
within Hadoop complex eco-system, each components have limited or no security 
controls. Instead of re-inventing everything, we will extend the core component 
security capabilities and add where needed. So the security is uniform, plug 
able and scalable.

Providing a layered security along with central administration and auditing 
capabilities will enhance the security, usability, enterprise integration, 
compliance, etc. which will lead to more adoption of Apache Hadoop and projects 
working within its eco system.

Regards

Bosco

`
On Jul 16, 2014, at 12:12 AM, Jean-Baptiste Onofré j...@nanthrax.net wrote:

 Hi,
 
 it looks interesting.
 
 Do you have an idea about the interactions with other projects (Knox, Shiro, 
 Syncope, whatever) ?
 
 Regards
 JB
 
 -- 
 Jean-Baptiste Onofré
 jbono...@apache.org
 http://blog.nanthrax.net
 Talend - http://www.talend.com
 
 -
 To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
 For additional commands, e-mail: general-h...@incubator.apache.org
 


-- 
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to 
which it is addressed and may contain information that is confidential, 
privileged and exempt from disclosure under applicable law. If the reader 
of this message is not the intended recipient, you are hereby notified that 
any printing, copying, dissemination, distribution, disclosure or 
forwarding of this communication is strictly prohibited. If you have 
received this communication in error, please contact the sender immediately 
and delete it from your system. Thank You.

-
To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
For additional commands, e-mail: general-h...@incubator.apache.org

Re: [PROPOSAL] Apache Argus Proposal

[Don Bosco Durai]

 to the problem should be 
 represented by different projects. This will provide better choices for 
 users to choose from.
 
 === An Excessive Fascination with the Apache Brand ===
 
 While we respect the reputation of the Apache brand and have no doubts that 
 it will attract contributors and users, our interest is primarily to give 
 Argus a solid home as an open source project with a broad developer base and 
 to encourage adoption by the related ASF projects and foster innovation 
 around security
 
 == Documentation ==
 http://hortonworks.com/blog/hortonworks-acquires-xasecure-to-provide-comprehensive-security-for-enterprise-hadoop/
 
 == Initial Source ==
 
 We will make the initial source available as a patch.
 
 == Source and IP Submission Plan ==
 1.  All source will be moved to Apache Infrastructure
 2.  All outstanding issues in our in-house JIRA infrastructure will be 
 replicated into the Apache JIRA system.
 3.  We will be acquiring a twitter handle for project Argus (eg: 
 @apacheargus )
 
 == External Dependencies ==
 
 Argus has no external dependencies except for some Java libraries that are 
 considered ASF-compatible (JUnit, SLF4J, …) and Apache artifacts : Hadoop, 
 Log4J and the transient dependencies of all these artifacts.
 
 == Cryptography ==
 
 Argus does not incorporate encryption currently.
 
 == Required Resources ==
 
 === Mailing Lists: ===
 1.  argus-dev
 2.  argus-commits
 3.  argus-private
 
 === Infrastructure: ===
 1.  Git repository
 2.  JIRA Argus
 3.  Gerrit for reviewing patches
 The existing code includes local host integration tests, so we would like a 
 Jenkins instance to run them whenever a new patch is submitted.
 
 == Initial Committers ==
 
 * Balaji Ganesan (bganesan at hortonworks.com)
 * Dilli Arumugam (darumugam at hortonworks.com)
 * Don Bosco Durai (bdurai at hortonworks.com)
 * Kevin Minder (kminder at apache.org)
 * Larry McCay (lmccay at apache.org)
 * Madhanmohan Neethiraj (mneethiraj at hortonworks.com)
 * Owen O’Malley (omalley at apache.org)
 * Ramesh Mani (rmani at hortonworks.com)
 * Sanjay Radia (sradia at apache.org)
 * Selvamohan Neethiraj (sneethiraj at hortonworks.com)
 
 == Affiliations ==
 
 * Balaji Ganesan - Hortonworks
 * Dilli Arumugam - Hortonworks
 * Don Bosco Durai - Hortonworks
 * Kevin Minder - Hortonworks
 * Larry McCay - Hortonworks
 * Madhanmohan Neethiraj - Hortonworks
 * Owen O’Malley - Hortonworks
 * Ramesh Mani - Hortonworks
 * Sanjay Radia - Hortonworks
 * Selvamohan Neethiraj - Hortonworks
 
 == Sponsors ==
 
 === Champion: ===
 
 * Owen O’Malley (omalley at apache.org) - Hortonworks
 
 === Nominated Mentors: ===
 
 * Alan Gates - Hortonworks
 * Devaraj Das - Hortonworks
 * Jakob Homan - LinkedIn
 * Owen O’Malley - Hortonworks
 
 === Sponsoring Entity ===
 
 Incubator PMC
 
 
 --
 CONFIDENTIALITY NOTICE
 NOTICE: This message is intended for the use of the individual or entity to
 which it is addressed and may contain information that is confidential,
 privileged and exempt from disclosure under applicable law. If the reader
 of this message is not the intended recipient, you are hereby notified that
 any printing, copying, dissemination, distribution, disclosure or
 forwarding of this communication is strictly prohibited. If you have
 received this communication in error, please contact the sender immediately
 and delete it from your system. Thank You.
 
 -
 To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
 For additional commands, e-mail: general-h...@incubator.apache.org
 
 
 -
 To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org
 For additional commands, e-mail: general-h...@incubator.apache.org
 


-- 
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to 
which it is addressed and may contain information that is confidential, 
privileged and exempt from disclosure under applicable law. If the reader 
of this message is not the intended recipient, you are hereby notified that 
any printing, copying, dissemination, distribution, disclosure or 
forwarding of this communication is strictly prohibited. If you have 
received this communication in error, please contact the sender immediately 
and delete it from your system. Thank You.