Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Thierry Carrez wrote: > As announced previously[1][2], there were no PTL candidates within the > election deadline for a number of official OpenStack project teams: > Astara, UX, OpenStackSalt and Security. > > In the Astara case, the current team working on it would like to abandon > the project (and let it be available for any new team who wishes to take > it away). A change should be proposed really soon now to go in that > direction. The change was proposed, +1ed by past PTLs and approved by the TC members at the last TC meeting: https://review.openstack.org/#/c/376609/ > In the UX case, the current PTL (Piet Kruithof) very quickly reacted, > explained his error and asked to be considered for the position for > Ocata. The TC will officialize his nomination at the next meeting, > together with the newly elected PTLs. This was confirmed at the TC meeting: http://eavesdrop.openstack.org/meetings/tc/2016/tc.2016-09-27-20.01.html > That leaves us with OpenStackSalt and Security, where nobody reacted to > the announcement that we are missing PTL candidates. [...] Following the discussion on this thread and the engagements of the team, the Security project team was kept as-is, with Rob Clark continuing as PTL: http://eavesdrop.openstack.org/meetings/tc/2016/tc.2016-09-27-20.01.html As hinted toward on this thread, the Salt team was removed, while the team members there reassess their priorities. The team did not produce any deliverable within the Newton cycle. The removal was proposed, +1ed by the current Salt team PTL and approved by TC members: https://review.openstack.org/#/c/377906/ -- Thierry Carrez (ttx) __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Sorry for the top post - fyi, i've submitted a review for OpenStackSalt https://review.openstack.org/#/c/377906/ -- Dims On Mon, Sep 26, 2016 at 2:58 AM, Flavio Percoco wrote: > On 22/09/16 17:15 -0400, Anita Kuno wrote: >> >> On 16-09-21 01:11 PM, Doug Hellmann wrote: >>> >>> Excerpts from Clint Byrum's message of 2016-09-21 08:56:24 -0700: I think it might also be useful if we could make the meeting bot remind teams of any pending actions they need to take such as elections upon #startmeeting. >>> >>> I could see that being useful, yes. >>> >> I am not convinced this situation arose due to lack of available >> information. > > > You may be right here but I don't think having other means to spread this > information is a bad thing, if there's a way to automate this, of course. > > Flavio > > -- > @flaper87 > Flavio Percoco > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > -- Davanum Srinivas :: https://twitter.com/dims __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 22/09/16 17:15 -0400, Anita Kuno wrote: On 16-09-21 01:11 PM, Doug Hellmann wrote: Excerpts from Clint Byrum's message of 2016-09-21 08:56:24 -0700: I think it might also be useful if we could make the meeting bot remind teams of any pending actions they need to take such as elections upon #startmeeting. I could see that being useful, yes. I am not convinced this situation arose due to lack of available information. You may be right here but I don't think having other means to spread this information is a bad thing, if there's a way to automate this, of course. Flavio -- @flaper87 Flavio Percoco signature.asc Description: PGP signature __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Hiya, On 24/09/2016 03:46, Mike Perez wrote: On 11:03 Sep 21, Doug Hellmann wrote: A separate mailing list just for “important announcements” would need someone to decide what is “important”. It would also need everyone to be subscribed, or we would have to cross-post to the existing list. That’s why we use topic tags on the mailing list, so that it is possible to filter messages based on what is important to the reader, rather than the sender. This has came up in the past and I have suggested that people who can't spend that much time on the lists to refer to the Dev Digest at blog.openstack.org which mentioned the PTL elections being open. Fwiw, I'd endorse Mike's comments about the Dev digest - it's an easily digestible (sorry!) and concise summary of what's happening on openstack-dev - I refer to it regularly myself. Two other sources that come to mind for less detailed but topical summaries of traffic are Jason Baker's summary on opensource.com [0] and Lwood [1] which I put together each week. Both flag upcoming Election related topics pretty reliably and might suit some folk. For what my $0.20 is worth I don't think splitting out into further logistics or announcement oriented lists would be beneficial in the long term. Cheers, Hugh [0] https://opensource.com/business/16/9/openstack-news-september-26 [1] http://hugh.blemings.id.au/openstack/lwood/ __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
+1! The security project adds tremendous value to OpenStack. Regards -steve From: Doug Hellmann Reply-To: "OpenStack Development Mailing List (not for usage questions)" Date: Friday, September 23, 2016 at 10:35 AM To: openstack-dev Subject: Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent Excerpts from Rob C's message of 2016-09-23 17:46:46 +0100: I wanted to provide a quick update from Security. We had our weekly IRC meeting yesterday, dhellman was kind enough to attend to help broker some of the discussion. In advance of the meeting I prepared a blog post where I tried to articulate my position and where I think things need to go next [1]. This was discussed at length during the IRC meeting [2]. We discussed the option of becoming a WG or staying in the big tent, this resulted in a vote, where the team all indicated their desire to stay within the big tent. My proposal for the future is outlined in some depth with [1] but the summary is that we've identified the areas that we need to improve on in order to be better members of the community, we want to stay within the big-tent and for me to maintain leadership through this transformational process with a view to having multiple candidates stand in the next election. Cheers -Rob Thanks, Rob. Based on the discussions yesterday I think the team has a better understanding of the communication issues and I'm convinced that everyone is committed to improving. I support keeping the team in the tent. Doug [1] https://openstack-security.github.io/organization/2016/09/22/maturing-the-security-project.html [2] http://eavesdrop.openstack.org/meetings/security/2016/security.2016-09-22-17.00.log.html On Fri, Sep 23, 2016 at 4:23 AM, Davanum Srinivas mailto:dava...@gmail.com>> wrote: > Steven, > > Fair point. > > Thanks, > Dims > > On Thu, Sep 22, 2016 at 11:04 PM, Steven Dake (stdake) > mailto:std...@cisco.com>> > wrote: > > Dims, > > > > This isn’t any of my particular business except it could affect emerging > technology projects (which I find important to OpenStack’s future) > negatively – so I thought I’d chime in. > > > > A lack of activity in a specs repo doesn’t mean much to me. For > example, as Kolla was an emerging project we didn’t use any specs process > at all (or very rarely). There is a reason behind this. Now that Kolla is > stable and reliable and we feel we are not an emerging project, we plan to > make use of a specs repo starting in Ocata. > > > > I have no particular concerns with the other commentary – but please > don’t judge a project by activity or lack of activity in one repo of its > deliverables. Judge it holistically (You are judging holistically. I > believe a lack of one repo’s activity shouldn’t be part of that judgement). > > > > Regards > > -steve > > > > > > On 9/21/16, 2:08 PM, "Davanum Srinivas" > > mailto:dava...@gmail.com>> wrote: > > > > Jakub, > > > > Please see below. > > > > On Wed, Sep 21, 2016 at 3:46 PM, Jakub Pavlik < > jakub.pav...@tcpcloud.eu<mailto:jakub.pav...@tcpcloud.eu>> wrote: > > > Hello all, > > > > > > it took us 2 years of hard working to get these official. > OpenStack-Salt is > > > now used by around 40 production deployments and it is focused > very on > > > operation and popularity is growing. You are removing the project > week after > > > one of top contributor announced that they will use that as part of > > > solution. We made a mistakes, however I do not think that is > reason to > > > remove us. I do no think that quality of the project is measured > like this. > > > Our PTL got ill and did not do properly his job for last 3 weeks, > but this > > > can happen anybody. > > > > > > It is up to you. If you think that we are useless for community, > then > > > remove us and we will have to continue outside of this community. > However > > > growing successful use cases will not be under official openstack > community, > > > which makes my feeling bad. > > > > Data points so far are: > > 1. No response during Barcelona planning for rooms > > 2. Lack of candidates for PTL election > > 3. No activity in the releases/ repository hence no entries in > > https://releases.openstack.org/ > > 4. Meetings are not so regular? > > http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ > (supposed > > to be weekly) > > 5. Is the specs repo really active? > >
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 11:03 Sep 21, Doug Hellmann wrote: > > > On Sep 21, 2016, at 8:58 AM, Filip Pytloun > > wrote: > > > > Hello, > > > > it's definately our bad that we missed elections in OpenStackSalt > > project. Reason is similar to Rob's - we are active on different > > channels (mostly IRC as we keep regular meetings) and don't used to > > reading mailing lists with lots of generic topics (it would be good to > > have separate mailing list for such calls and critical topics or > > individual mails to project's core members). > > With 59 separate teams, even emailing the PTLs directly is becoming > impractical. I can’t imagine trying to email all of the core members > directly. > > A separate mailing list just for “important announcements” would need someone > to decide what is “important”. It would also need everyone to be subscribed, > or we would have to cross-post to the existing list. That’s why we use topic > tags on the mailing list, so that it is possible to filter messages based on > what is important to the reader, rather than the sender. This has came up in the past and I have suggested that people who can't spend that much time on the lists to refer to the Dev Digest at blog.openstack.org which mentioned the PTL elections being open. -- Mike Perez __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Excerpts from Rob C's message of 2016-09-23 17:46:46 +0100: > I wanted to provide a quick update from Security. > > We had our weekly IRC meeting yesterday, dhellman was kind enough to attend > to help broker some of the discussion. In advance of the meeting I prepared > a blog post where I tried to articulate my position and where I think > things need to go next [1]. This was discussed at length during the IRC > meeting [2]. We discussed the option of becoming a WG or staying in the big > tent, this resulted in a vote, where the team all indicated their desire to > stay within the big tent. > > My proposal for the future is outlined in some depth with [1] but the > summary is that we've identified the areas that we need to improve on in > order to be better members of the community, we want to stay within the > big-tent and for me to maintain leadership through this transformational > process with a view to having multiple candidates stand in the next > election. > > Cheers > -Rob Thanks, Rob. Based on the discussions yesterday I think the team has a better understanding of the communication issues and I'm convinced that everyone is committed to improving. I support keeping the team in the tent. Doug > > [1] > https://openstack-security.github.io/organization/2016/09/22/maturing-the-security-project.html > [2] > http://eavesdrop.openstack.org/meetings/security/2016/security.2016-09-22-17.00.log.html > > On Fri, Sep 23, 2016 at 4:23 AM, Davanum Srinivas wrote: > > > Steven, > > > > Fair point. > > > > Thanks, > > Dims > > > > On Thu, Sep 22, 2016 at 11:04 PM, Steven Dake (stdake) > > wrote: > > > Dims, > > > > > > This isn’t any of my particular business except it could affect emerging > > technology projects (which I find important to OpenStack’s future) > > negatively – so I thought I’d chime in. > > > > > > A lack of activity in a specs repo doesn’t mean much to me. For > > example, as Kolla was an emerging project we didn’t use any specs process > > at all (or very rarely). There is a reason behind this. Now that Kolla is > > stable and reliable and we feel we are not an emerging project, we plan to > > make use of a specs repo starting in Ocata. > > > > > > I have no particular concerns with the other commentary – but please > > don’t judge a project by activity or lack of activity in one repo of its > > deliverables. Judge it holistically (You are judging holistically. I > > believe a lack of one repo’s activity shouldn’t be part of that judgement). > > > > > > Regards > > > -steve > > > > > > > > > On 9/21/16, 2:08 PM, "Davanum Srinivas" wrote: > > > > > > Jakub, > > > > > > Please see below. > > > > > > On Wed, Sep 21, 2016 at 3:46 PM, Jakub Pavlik < > > jakub.pav...@tcpcloud.eu> wrote: > > > > Hello all, > > > > > > > > it took us 2 years of hard working to get these official. > > OpenStack-Salt is > > > > now used by around 40 production deployments and it is focused > > very on > > > > operation and popularity is growing. You are removing the project > > week after > > > > one of top contributor announced that they will use that as part of > > > > solution. We made a mistakes, however I do not think that is > > reason to > > > > remove us. I do no think that quality of the project is measured > > like this. > > > > Our PTL got ill and did not do properly his job for last 3 weeks, > > but this > > > > can happen anybody. > > > > > > > > It is up to you. If you think that we are useless for community, > > then > > > > remove us and we will have to continue outside of this community. > > However > > > > growing successful use cases will not be under official openstack > > community, > > > > which makes my feeling bad. > > > > > > Data points so far are: > > > 1. No response during Barcelona planning for rooms > > > 2. Lack of candidates for PTL election > > > 3. No activity in the releases/ repository hence no entries in > > > https://releases.openstack.org/ > > > 4. Meetings are not so regular? > > > http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ > > (supposed > > > to be weekly) > > > 5. Is the specs repo really active? > > > http://git.openstack.org/cgit/openstack/openstack-salt-specs/ is the > > > work being done elsewhere? > > > 6. Is there an effort to add stuff to the CI jobs running on > > openstack > > > infrastructure? (can't seem to find much > > > http://codesearch.openstack.org/?q=salt&i=nope&files=zuul% > > 2Flayout.yaml&repos=project-config) > > > > > > I'll stop here and switch to #openstack-salt channel to help work you > > > all through if there is a consensus/willingness from the > > > openstack-salt team that there's significant work to be done. If you > > > think you are better off not on the governance, that would be your > > > call as well. > > > > > > Thanks, > > > Dims > > > > > > > Th
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 13:17 Sep 21, Rob C wrote: > For my part, I missed the elections, that's my bad. I normally put a > calendar item in for that issue. I don't think that my missing the election > date should result in the group being treated in this way. Members of the > TC have contacted me about unrelated things recently, I have always been > available however my schedule has made it hard for me to sift through -dev > recently and I missed the volley of nomination emails. This is certainly a > failing on my part. > > It's certainly true that the security team, and our cores tend not to pay > as much attention to the -dev mailing list as we should. The list is pretty > noisy and traditionally we always had a separate list that we used for > security and since moving away from that we tend to focus on IRC or direct > emails. Though as can be seen with our core announcements etc, we do try to > do things the "openstack way" Yes the list can be a bit much. I write a digest of some important threads from the list. For example the elections being open: http://www.openstack.org/blog/2016/09/openstack-developer-mailing-list-digest-20160916/ -- Mike Perez __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
I wanted to provide a quick update from Security. We had our weekly IRC meeting yesterday, dhellman was kind enough to attend to help broker some of the discussion. In advance of the meeting I prepared a blog post where I tried to articulate my position and where I think things need to go next [1]. This was discussed at length during the IRC meeting [2]. We discussed the option of becoming a WG or staying in the big tent, this resulted in a vote, where the team all indicated their desire to stay within the big tent. My proposal for the future is outlined in some depth with [1] but the summary is that we've identified the areas that we need to improve on in order to be better members of the community, we want to stay within the big-tent and for me to maintain leadership through this transformational process with a view to having multiple candidates stand in the next election. Cheers -Rob [1] https://openstack-security.github.io/organization/2016/09/22/maturing-the-security-project.html [2] http://eavesdrop.openstack.org/meetings/security/2016/security.2016-09-22-17.00.log.html On Fri, Sep 23, 2016 at 4:23 AM, Davanum Srinivas wrote: > Steven, > > Fair point. > > Thanks, > Dims > > On Thu, Sep 22, 2016 at 11:04 PM, Steven Dake (stdake) > wrote: > > Dims, > > > > This isn’t any of my particular business except it could affect emerging > technology projects (which I find important to OpenStack’s future) > negatively – so I thought I’d chime in. > > > > A lack of activity in a specs repo doesn’t mean much to me. For > example, as Kolla was an emerging project we didn’t use any specs process > at all (or very rarely). There is a reason behind this. Now that Kolla is > stable and reliable and we feel we are not an emerging project, we plan to > make use of a specs repo starting in Ocata. > > > > I have no particular concerns with the other commentary – but please > don’t judge a project by activity or lack of activity in one repo of its > deliverables. Judge it holistically (You are judging holistically. I > believe a lack of one repo’s activity shouldn’t be part of that judgement). > > > > Regards > > -steve > > > > > > On 9/21/16, 2:08 PM, "Davanum Srinivas" wrote: > > > > Jakub, > > > > Please see below. > > > > On Wed, Sep 21, 2016 at 3:46 PM, Jakub Pavlik < > jakub.pav...@tcpcloud.eu> wrote: > > > Hello all, > > > > > > it took us 2 years of hard working to get these official. > OpenStack-Salt is > > > now used by around 40 production deployments and it is focused > very on > > > operation and popularity is growing. You are removing the project > week after > > > one of top contributor announced that they will use that as part of > > > solution. We made a mistakes, however I do not think that is > reason to > > > remove us. I do no think that quality of the project is measured > like this. > > > Our PTL got ill and did not do properly his job for last 3 weeks, > but this > > > can happen anybody. > > > > > > It is up to you. If you think that we are useless for community, > then > > > remove us and we will have to continue outside of this community. > However > > > growing successful use cases will not be under official openstack > community, > > > which makes my feeling bad. > > > > Data points so far are: > > 1. No response during Barcelona planning for rooms > > 2. Lack of candidates for PTL election > > 3. No activity in the releases/ repository hence no entries in > > https://releases.openstack.org/ > > 4. Meetings are not so regular? > > http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ > (supposed > > to be weekly) > > 5. Is the specs repo really active? > > http://git.openstack.org/cgit/openstack/openstack-salt-specs/ is the > > work being done elsewhere? > > 6. Is there an effort to add stuff to the CI jobs running on > openstack > > infrastructure? (can't seem to find much > > http://codesearch.openstack.org/?q=salt&i=nope&files=zuul% > 2Flayout.yaml&repos=project-config) > > > > I'll stop here and switch to #openstack-salt channel to help work you > > all through if there is a consensus/willingness from the > > openstack-salt team that there's significant work to be done. If you > > think you are better off not on the governance, that would be your > > call as well. > > > > Thanks, > > Dims > > > > > Thanks, > > > > > > Jakub > > > > > > > > > On 21.9.2016 21:03, Doug Hellmann wrote: > > >> > > >> Excerpts from Filip Pytloun's message of 2016-09-21 20:36:42 > +0200: > > >>> > > >>> On 2016/09/21 13:23, Doug Hellmann wrote: > > > > The idea of splitting the contributor list comes up pretty > regularly > > and we rehash the same suggestions each time. Given that what > we > > have now worked fine for 57 of the 59 offical teams (the Astara > >
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Steven, Fair point. Thanks, Dims On Thu, Sep 22, 2016 at 11:04 PM, Steven Dake (stdake) wrote: > Dims, > > This isn’t any of my particular business except it could affect emerging > technology projects (which I find important to OpenStack’s future) negatively > – so I thought I’d chime in. > > A lack of activity in a specs repo doesn’t mean much to me. For example, as > Kolla was an emerging project we didn’t use any specs process at all (or very > rarely). There is a reason behind this. Now that Kolla is stable and > reliable and we feel we are not an emerging project, we plan to make use of a > specs repo starting in Ocata. > > I have no particular concerns with the other commentary – but please don’t > judge a project by activity or lack of activity in one repo of its > deliverables. Judge it holistically (You are judging holistically. I > believe a lack of one repo’s activity shouldn’t be part of that judgement). > > Regards > -steve > > > On 9/21/16, 2:08 PM, "Davanum Srinivas" wrote: > > Jakub, > > Please see below. > > On Wed, Sep 21, 2016 at 3:46 PM, Jakub Pavlik > wrote: > > Hello all, > > > > it took us 2 years of hard working to get these official. > OpenStack-Salt is > > now used by around 40 production deployments and it is focused very on > > operation and popularity is growing. You are removing the project week > after > > one of top contributor announced that they will use that as part of > > solution. We made a mistakes, however I do not think that is reason to > > remove us. I do no think that quality of the project is measured like > this. > > Our PTL got ill and did not do properly his job for last 3 weeks, but > this > > can happen anybody. > > > > It is up to you. If you think that we are useless for community, then > > remove us and we will have to continue outside of this community. > However > > growing successful use cases will not be under official openstack > community, > > which makes my feeling bad. > > Data points so far are: > 1. No response during Barcelona planning for rooms > 2. Lack of candidates for PTL election > 3. No activity in the releases/ repository hence no entries in > https://releases.openstack.org/ > 4. Meetings are not so regular? > http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ (supposed > to be weekly) > 5. Is the specs repo really active? > http://git.openstack.org/cgit/openstack/openstack-salt-specs/ is the > work being done elsewhere? > 6. Is there an effort to add stuff to the CI jobs running on openstack > infrastructure? (can't seem to find much > > http://codesearch.openstack.org/?q=salt&i=nope&files=zuul%2Flayout.yaml&repos=project-config) > > I'll stop here and switch to #openstack-salt channel to help work you > all through if there is a consensus/willingness from the > openstack-salt team that there's significant work to be done. If you > think you are better off not on the governance, that would be your > call as well. > > Thanks, > Dims > > > Thanks, > > > > Jakub > > > > > > On 21.9.2016 21:03, Doug Hellmann wrote: > >> > >> Excerpts from Filip Pytloun's message of 2016-09-21 20:36:42 +0200: > >>> > >>> On 2016/09/21 13:23, Doug Hellmann wrote: > > The idea of splitting the contributor list comes up pretty regularly > and we rehash the same suggestions each time. Given that what we > have now worked fine for 57 of the 59 offical teams (the Astara > team knew in advance it would not have a PTL running, and Piet had > some sort of technical issue submitting his candidacy for the UX > team), I'm not yet convinced that we need to make large-scale changes > to our community communication standard practices in support of the > 2 remaining teams. > > That's not to say that the system we have now is perfect, but we > can't realistically support multiple systems at the same time. We > need everyone to use the same system, otherwise we have (even more) > fragmented communication. So, we either need everyone to agree to > some new system and then have people step forward to implement it, > or we need to all agree to do our best to use the system we have > in place now. > >>> > >>> I think it may work as is (with proper mail filters), but as someone > >>> already > >>> mentioned in this thread it would be better to have someone more > >>> experienced > >>> in Openstack community projects as a core team member or PTL to catch > all > >>> these things otherwise it may happen that inexperienced PTL/team just > >>> miss > >>> something like now. > >> > >> If the team needs help, please ask for it. We should be able to find >
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Dims, This isn’t any of my particular business except it could affect emerging technology projects (which I find important to OpenStack’s future) negatively – so I thought I’d chime in. A lack of activity in a specs repo doesn’t mean much to me. For example, as Kolla was an emerging project we didn’t use any specs process at all (or very rarely). There is a reason behind this. Now that Kolla is stable and reliable and we feel we are not an emerging project, we plan to make use of a specs repo starting in Ocata. I have no particular concerns with the other commentary – but please don’t judge a project by activity or lack of activity in one repo of its deliverables. Judge it holistically (You are judging holistically. I believe a lack of one repo’s activity shouldn’t be part of that judgement). Regards -steve On 9/21/16, 2:08 PM, "Davanum Srinivas" wrote: Jakub, Please see below. On Wed, Sep 21, 2016 at 3:46 PM, Jakub Pavlik wrote: > Hello all, > > it took us 2 years of hard working to get these official. OpenStack-Salt is > now used by around 40 production deployments and it is focused very on > operation and popularity is growing. You are removing the project week after > one of top contributor announced that they will use that as part of > solution. We made a mistakes, however I do not think that is reason to > remove us. I do no think that quality of the project is measured like this. > Our PTL got ill and did not do properly his job for last 3 weeks, but this > can happen anybody. > > It is up to you. If you think that we are useless for community, then > remove us and we will have to continue outside of this community. However > growing successful use cases will not be under official openstack community, > which makes my feeling bad. Data points so far are: 1. No response during Barcelona planning for rooms 2. Lack of candidates for PTL election 3. No activity in the releases/ repository hence no entries in https://releases.openstack.org/ 4. Meetings are not so regular? http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ (supposed to be weekly) 5. Is the specs repo really active? http://git.openstack.org/cgit/openstack/openstack-salt-specs/ is the work being done elsewhere? 6. Is there an effort to add stuff to the CI jobs running on openstack infrastructure? (can't seem to find much http://codesearch.openstack.org/?q=salt&i=nope&files=zuul%2Flayout.yaml&repos=project-config) I'll stop here and switch to #openstack-salt channel to help work you all through if there is a consensus/willingness from the openstack-salt team that there's significant work to be done. If you think you are better off not on the governance, that would be your call as well. Thanks, Dims > Thanks, > > Jakub > > > On 21.9.2016 21:03, Doug Hellmann wrote: >> >> Excerpts from Filip Pytloun's message of 2016-09-21 20:36:42 +0200: >>> >>> On 2016/09/21 13:23, Doug Hellmann wrote: The idea of splitting the contributor list comes up pretty regularly and we rehash the same suggestions each time. Given that what we have now worked fine for 57 of the 59 offical teams (the Astara team knew in advance it would not have a PTL running, and Piet had some sort of technical issue submitting his candidacy for the UX team), I'm not yet convinced that we need to make large-scale changes to our community communication standard practices in support of the 2 remaining teams. That's not to say that the system we have now is perfect, but we can't realistically support multiple systems at the same time. We need everyone to use the same system, otherwise we have (even more) fragmented communication. So, we either need everyone to agree to some new system and then have people step forward to implement it, or we need to all agree to do our best to use the system we have in place now. >>> >>> I think it may work as is (with proper mail filters), but as someone >>> already >>> mentioned in this thread it would be better to have someone more >>> experienced >>> in Openstack community projects as a core team member or PTL to catch all >>> these things otherwise it may happen that inexperienced PTL/team just >>> miss >>> something like now. >> >> If the team needs help, please ask for it. We should be able to find >> someone to do a little mentoring and provide some guidance. >> >>> Still I don't think it's such a big issue to just fire project from Big >>> Tent - >>> who will benefit from that? Again someone already mentioned what will it >>> mean >>> for such team (loss of poten
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 16-09-21 01:11 PM, Doug Hellmann wrote: Excerpts from Clint Byrum's message of 2016-09-21 08:56:24 -0700: Excerpts from Filip Pytloun's message of 2016-09-21 14:58:52 +0200: Hello, it's definately our bad that we missed elections in OpenStackSalt project. Reason is similar to Rob's - we are active on different channels (mostly IRC as we keep regular meetings) and don't used to reading mailing lists with lots of generic topics (it would be good to have separate mailing list for such calls and critical topics or individual mails to project's core members). Our project is very active [1], trying to do things the Openstack way and I think it would be a pitty to remove it from Big Tent just because we missed mail and therefore our first PTL election. Of course I don't want to excuse our fault. In case it's not too late, we will try to be more active in mailing lists like openstack-dev and not miss such important events next time. [1] http://stackalytics.com/?module=openstacksalt-group Seems like we need a bit added to this process which makes sure big tent projects have their primary IRC channel identified, and a list of core reviewer and meeting chair IRC nicks to ping when something urgent comes up. This isn't just useful for elections, but is probably something the VMT would appreciate as well, and likely anyone else who has an urgent need to make contact with a team. IRC channels are listed on team pages on governance.o.o. For example: http://governance.openstack.org/reference/projects/openstacksalt.html Core reviewers are accessible through gerrit. For example, https://review.openstack.org/#/admin/projects/openstack/openstack-salt,access leads to https://review.openstack.org/#/admin/groups/1268,members Meeting chair nicks are available on eavesdrop.o.o. For example, http://eavesdrop.openstack.org/#OpenStack_Salt_Team_Meeting It might make sense to automate pulling that information together into a single page somewhere, maybe the team page on governance.o.o. The larger point is that the community expects teams to be paying attention to the cycle schedule and taking care of the actions expected without being individually asked to do so. I think it might also be useful if we could make the meeting bot remind teams of any pending actions they need to take such as elections upon #startmeeting. I could see that being useful, yes. Seems like all of that could be automated. __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev I am not convinced this situation arose due to lack of available information. Thank you, Anita. __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
-Original Message- From: Filip Pytloun Reply: OpenStack Development Mailing List (not for usage questions) Date: September 22, 2016 at 10:34:00 To: OpenStack Development Mailing List (not for usage questions) Subject: Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent > Thank you for your feedback - this is first one since we joined Big Tent > and very useful. > > On 2016/09/21 17:08, Davanum Srinivas wrote: > > Data points so far are: > > 1. No response during Barcelona planning for rooms > > 2. Lack of candidates for PTL election > > 3. No activity in the releases/ repository hence no entries in > > https://releases.openstack.org/ > > First releases were done during project move and it seems this was > forgotten. Anyway there's new release planned to be done. > > > 4. Meetings are not so regular? > > http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ (supposed > > to be weekly) > > There was decreased activity last few months mostly because one of > members who was leading these meetings temporarily disconnected from the > project and because there wasn't anything on agenda to discuss. Still > these meetings were taken at least 1~2x a month which seemed to be > sufficient. > > > 5. Is the specs repo really active? > > http://git.openstack.org/cgit/openstack/openstack-salt-specs/ is the > > work being done elsewhere? > > Very excessive documentation and other info is at separate developer > pages: http://docs.openstack.org/developer/openstack-salt/ > There should be surely new record in specs after new release is made. > > > 6. Is there an effort to add stuff to the CI jobs running on openstack > > infrastructure? (can't seem to find much > > http://codesearch.openstack.org/?q=salt&i=nope&files=zuul%2Flayout.yaml&repos=project-config) > > > > There are tests already doing mostly linting (running states in > dry-run). More complex tests are in progress but it takes some time > mostly because used technology is a little bit controversial (there's no > usable standard in saltstack community yet). > > > > > I'll stop here and switch to #openstack-salt channel to help work you > > all through if there is a consensus/willingness from the > > openstack-salt team that there's significant work to be done. If you > > think you are better off not on the governance, that would be your > > call as well. > > I think we are going to fix things, to summarize: > > - make new release for Newton + update specs > - elect new PTL > - be more active in openstack-dev mailing list (maybe also have > separate ML just for our team?) Some teams have had separate mailing lists but that's never worked to help them integrate better with the OpenStack community. You'd better serve yourself in this matter if you commit to just using openstack-dev. > If there's more we can do, we are available at Freenode/#openstack-salt. You might also be available elsewhere as Anita has pointed out. If you want to be part of the Big Tent, you have to make the effort to bridge the gaps. -- Ian Cordasco __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 16-09-22 11:32 AM, Filip Pytloun wrote: If there's more we can do, we are available at Freenode/#openstack-salt. I think this right here is your issue. Believing it is the responsibility of the tc or other leaders to find you. It isn't. Be available on #openstack-dev at the very least. Anita. __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Thank you for your feedback - this is first one since we joined Big Tent and very useful. On 2016/09/21 17:08, Davanum Srinivas wrote: > Data points so far are: > 1. No response during Barcelona planning for rooms > 2. Lack of candidates for PTL election > 3. No activity in the releases/ repository hence no entries in > https://releases.openstack.org/ First releases were done during project move and it seems this was forgotten. Anyway there's new release planned to be done. > 4. Meetings are not so regular? > http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ (supposed > to be weekly) There was decreased activity last few months mostly because one of members who was leading these meetings temporarily disconnected from the project and because there wasn't anything on agenda to discuss. Still these meetings were taken at least 1~2x a month which seemed to be sufficient. > 5. Is the specs repo really active? > http://git.openstack.org/cgit/openstack/openstack-salt-specs/ is the > work being done elsewhere? Very excessive documentation and other info is at separate developer pages: http://docs.openstack.org/developer/openstack-salt/ There should be surely new record in specs after new release is made. > 6. Is there an effort to add stuff to the CI jobs running on openstack > infrastructure? (can't seem to find much > http://codesearch.openstack.org/?q=salt&i=nope&files=zuul%2Flayout.yaml&repos=project-config) There are tests already doing mostly linting (running states in dry-run). More complex tests are in progress but it takes some time mostly because used technology is a little bit controversial (there's no usable standard in saltstack community yet). > > I'll stop here and switch to #openstack-salt channel to help work you > all through if there is a consensus/willingness from the > openstack-salt team that there's significant work to be done. If you > think you are better off not on the governance, that would be your > call as well. I think we are going to fix things, to summarize: - make new release for Newton + update specs - elect new PTL - be more active in openstack-dev mailing list (maybe also have separate ML just for our team?) If there's more we can do, we are available at Freenode/#openstack-salt. -- Filip Pytloun Cloud Architect [tcp ◕ cloud] tcp cloud a.s. Thamova 16, 180 00 Prague 8 Mobile: +420 776 004 323 E-mail: filip.pytl...@tcpcloud.eu GPG:3802 93B1 6CA8 C7A0 695B 8B28 6808 239B 9C72 E61B Web:http://www.opentcpcloud.org/ signature.asc Description: Digital signature __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 16-09-21 05:08 PM, Davanum Srinivas wrote: Jakub, Please see below. On Wed, Sep 21, 2016 at 3:46 PM, Jakub Pavlik wrote: Hello all, it took us 2 years of hard working to get these official. OpenStack-Salt is now used by around 40 production deployments and it is focused very on operation and popularity is growing. You are removing the project week after one of top contributor announced that they will use that as part of solution. We made a mistakes, however I do not think that is reason to remove us. I do no think that quality of the project is measured like this. Our PTL got ill and did not do properly his job for last 3 weeks, but this can happen anybody. It is up to you. If you think that we are useless for community, then remove us and we will have to continue outside of this community. However growing successful use cases will not be under official openstack community, which makes my feeling bad. Data points so far are: 1. No response during Barcelona planning for rooms 2. Lack of candidates for PTL election 3. No activity in the releases/ repository hence no entries in https://releases.openstack.org/ 4. Meetings are not so regular? http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ (supposed to be weekly) 5. Is the specs repo really active? http://git.openstack.org/cgit/openstack/openstack-salt-specs/ is the work being done elsewhere? 6. Is there an effort to add stuff to the CI jobs running on openstack infrastructure? (can't seem to find much http://codesearch.openstack.org/?q=salt&i=nope&files=zuul%2Flayout.yaml&repos=project-config) I'll stop here and switch to #openstack-salt channel to help work you all through if there is a consensus/willingness from the openstack-salt team that there's significant work to be done. If you think you are better off not on the governance, that would be your call as well. Thanks, Dims Thanks, Jakub On 21.9.2016 21:03, Doug Hellmann wrote: Excerpts from Filip Pytloun's message of 2016-09-21 20:36:42 +0200: On 2016/09/21 13:23, Doug Hellmann wrote: The idea of splitting the contributor list comes up pretty regularly and we rehash the same suggestions each time. Given that what we have now worked fine for 57 of the 59 offical teams (the Astara team knew in advance it would not have a PTL running, and Piet had some sort of technical issue submitting his candidacy for the UX team), I'm not yet convinced that we need to make large-scale changes to our community communication standard practices in support of the 2 remaining teams. That's not to say that the system we have now is perfect, but we can't realistically support multiple systems at the same time. We need everyone to use the same system, otherwise we have (even more) fragmented communication. So, we either need everyone to agree to some new system and then have people step forward to implement it, or we need to all agree to do our best to use the system we have in place now. I think it may work as is (with proper mail filters), but as someone already mentioned in this thread it would be better to have someone more experienced in Openstack community projects as a core team member or PTL to catch all these things otherwise it may happen that inexperienced PTL/team just miss something like now. If the team needs help, please ask for it. We should be able to find someone to do a little mentoring and provide some guidance. Still I don't think it's such a big issue to just fire project from Big Tent - who will benefit from that? Again someone already mentioned what will it mean for such team (loss of potencial developers, etc.). Moreover for teams who are actively working on project as it seems that both OpenStackSalt and Security teams do. Signing up to be a part of the big tent is not free. Membership comes with expectations and obligations. Failing to meet those may be an indication that the team isn't ready, or that membership is not a good fit. And I thought that real work on a project is our primary goal.. this situation is like loosing job when I left dirty coffee cup at my workspace. I hope you consider team leadership and community participation to be more important than your analogy implies. Doug Did your release liaison follow the instructions to make that happen? http://git.openstack.org/cgit/openstack/releases/tree/README.rst That seems to be the reason. There was new release planned with support for containerized deployment which would follow that guide (as first releases were done during/shortly after openstack-salt move to Big Tent). As mentioned above - more experienced PTL would be helpful here and we are currently talking with people who could fit that position. I see no emails tagged with [salt] on the mailing list since March of this year, aside from this thread. Are you using a different communication channel for team coordination? You mention IRC, but how are new contributors expected to find you? Yes, we are using openstack-salt channel and op
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
"My answer would be -that- is the most ideal scenario. I care about OpenStack and ensuring quality projects have adequate representation so I checked to see which ones didn't have anyone defined for leadership and picked one to step in and help, assuming no one was able to fill that role for that specific cycle." Ahh gotcha. Thanks Adam. We definitely welcome your advice and help with socializing our activities and becoming more integrated with the community. I think Ian (sigmavirus) is similarly interested. I look forward to working with both of you. -- -Travis __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 2016-09-21 22:53:10 +0100 (+0100), Dave Walker wrote: > On 21 September 2016 at 22:41, Kyle Mestery wrote: > > On Wed, Sep 21, 2016 at 3:35 PM, Thierry Carrez > > wrote: > > > I privately received information that explains why the PTL was > > > not on top of things during election weeks. With ~60 teams > > > around there will always be one or two that miss and that we > > > must check on. It /always/ is symptomatic of /some/ > > > disconnect. But here I'm not sure it passes the bar of > > > "non-alignment with the community" that would make the > > > Security team unfit to be an official OpenStack team... > > > > I agree, and in times like this, it's best to use common sense > > rather than trying to have a rule to fit everything into. In > > this case, Rob and the security team have put forth an > > explanation of what happened, I fail to see how removing them > > after this does anything other than foster bad will. I would > > vote to keep the security team around at this point. > > I feel bad quoting policy here... but we do have prior art for > this... If we look at resolution, "2014-11-28 Process for > Leaderless Programs"[0], we have policy for *exactly* this > situation.. which should probably have been the first action > rather than considering a new resolution. > > For reference: > >1. Programs without a minimum of one eligible candidate are >identified to the Technical Committee by the Election >Officials, as soon as possible after the nomination period has >expired. >2. The Technical Committee can appoint a leader to any programs >in this situation, by mutual agreement of the Technical >Committee and the proposed appointee. [...] I'm not certain what "new resolution" you're referring to in this case, as it seemed to me the TC was attempting to follow the guidelines you've quoted. Of the four teams which lacked PTLs, one was made unofficial, one had a suitable PTL volunteer confirmed by the TC, and two were deferred for further discussion due to insufficient information about their situations. Note it says "CAN appoint a leader" [emphasis mine]. The situation was discussed by the TC in their meeting yesterday[*], and what was asked was whether in these specific cases they SHOULD do this, or resolve it by freeing the teams in question to operate outside TC authority (by making them unofficial from a governance perspective). Both are valid options for the TC as our governing body, and each option is perhaps more applicable to some of the teams in this situation than others. For the teams where the outcome was not already certain, and no representative of the team was present at the meeting for discussion about who should be appointed PTL, the chair agreed to start an ML thread proposing returning those teams to an unofficial state to gauge whether that was an acceptable outcome from the perspective of our community. As far as I know, the TC is allowed to remove official status from any team at any time. Until "2014-11-28 Process for Leaderless Programs" was passed, removal was basically their only accepted option for dealing with teams that lacked a PTL. That resolution gave them the _additional_ option of appointing a PTL volunteer. [*] http://eavesdrop.openstack.org/meetings/tc/2016/tc.2016-09-20-20.01.log.html#l-342 -- Jeremy Stanley __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Excerpts from Dave Walker's message of 2016-09-21 22:53:10 +0100: > On 21 September 2016 at 22:41, Kyle Mestery wrote: > > > On Wed, Sep 21, 2016 at 3:35 PM, Thierry Carrez > > wrote: > > > Chivers, Doug wrote: > > >> My concern is with the original wording “The suggested way forward > > there would be to remove the "Security project team"”. > > >> > > >> This seems like a move to instantly reduce investment in OpenStack > > security, because the majority of members of the Security Project are > > corporately funded, which will be significantly impacted by the removal of > > the security project. I have no knowledge over the difference between a > > working group and a project, like everyone else on the project we are > > simply here to contribute to OpenStack security, drive innovation in > > security, deliver documentation like OSSNs, etc, rather than get involved > > in the politics of OpenStack. > > >> > > >> In response to the various questions of why no-one from our project > > noticed that we didn’t have a nomination for the PTL, we assumed that was > > taken care of. Realistically maybe two or three people on the security > > project have the availability to be PTL, one being our current PTL, for all > > the rest of us its simply not a concern until we need to vote. > > >> > > >> On a personal note, reading –dev is unfortunately a lower priority than > > designing architectures, responding to customers and sales teams, closing > > tickets, writing decks and on the afternoon or so I can spend each week, > > working on my upstream projects (this week it was: > > https://review.openstack.org/#/c/357978/5 - thanks to the Barbican team > > for all their work). Possibly this is wrong, but I didn’t sign up as a > > contributor to spend all my spare time reading mailing lists. > > > > > > So while I still think there is a slight disconnect (like, members of > > > the security team are less often involved in other teams) that results > > > in the Security team being more likely to miss the very few process > > > deadlines that apply to them, I'm not convinced it justifies removing > > > the "official" status of the team and make it a workgroup. > > > > > > I privately received information that explains why the PTL was not on > > > top of things during election weeks. With ~60 teams around there will > > > always be one or two that miss and that we must check on. It /always/ is > > > symptomatic of /some/ disconnect. But here I'm not sure it passes the > > > bar of "non-alignment with the community" that would make the Security > > > team unfit to be an official OpenStack team... > > > > > I agree, and in times like this, it's best to use common sense rather > > than trying to have a rule to fit everything into. In this case, Rob > > and the security team have put forth an explanation of what happened, > > I fail to see how removing them after this does anything other than > > foster bad will. I would vote to keep the security team around at this > > point. > > > > > I feel bad quoting policy here... but we do have prior art for this... If > we look at resolution, "2014-11-28 Process for Leaderless Programs"[0], we > have policy for *exactly* this situation.. which should probably have been > the first action rather than considering a new resolution. > > For reference: > >1. Programs without a minimum of one eligible candidate are identified >to the Technical Committee by the Election Officials, as soon as possible >after the nomination period has expired. >2. The Technical Committee can appoint a leader to any programs in this >situation, by mutual agreement of the Technical Committee and the proposed >appointee. >3. The appointed leader has all the same obligations and >responsibilities as a self-nominated elected Program Technical Lead. > > [0] > http://governance.openstack.org/resolutions/20141128-elections-process-for-leaderless-programs.html > That process is one possible outcome. It is meant for extreme circumstances, but not as a failsafe to allow teams to bypass the normal participation in elections. It was started with the UX team, where there was a clear candidate. For the teams where no one replied to queries before the TC meeting this week, we had no candidates to appoint. This and other threads on the topic have produced candidates and, assuming they signal their intent to serve clearly, we can move ahead. Doug __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 21 September 2016 at 22:41, Kyle Mestery wrote: > On Wed, Sep 21, 2016 at 3:35 PM, Thierry Carrez > wrote: > > Chivers, Doug wrote: > >> My concern is with the original wording “The suggested way forward > there would be to remove the "Security project team"”. > >> > >> This seems like a move to instantly reduce investment in OpenStack > security, because the majority of members of the Security Project are > corporately funded, which will be significantly impacted by the removal of > the security project. I have no knowledge over the difference between a > working group and a project, like everyone else on the project we are > simply here to contribute to OpenStack security, drive innovation in > security, deliver documentation like OSSNs, etc, rather than get involved > in the politics of OpenStack. > >> > >> In response to the various questions of why no-one from our project > noticed that we didn’t have a nomination for the PTL, we assumed that was > taken care of. Realistically maybe two or three people on the security > project have the availability to be PTL, one being our current PTL, for all > the rest of us its simply not a concern until we need to vote. > >> > >> On a personal note, reading –dev is unfortunately a lower priority than > designing architectures, responding to customers and sales teams, closing > tickets, writing decks and on the afternoon or so I can spend each week, > working on my upstream projects (this week it was: > https://review.openstack.org/#/c/357978/5 - thanks to the Barbican team > for all their work). Possibly this is wrong, but I didn’t sign up as a > contributor to spend all my spare time reading mailing lists. > > > > So while I still think there is a slight disconnect (like, members of > > the security team are less often involved in other teams) that results > > in the Security team being more likely to miss the very few process > > deadlines that apply to them, I'm not convinced it justifies removing > > the "official" status of the team and make it a workgroup. > > > > I privately received information that explains why the PTL was not on > > top of things during election weeks. With ~60 teams around there will > > always be one or two that miss and that we must check on. It /always/ is > > symptomatic of /some/ disconnect. But here I'm not sure it passes the > > bar of "non-alignment with the community" that would make the Security > > team unfit to be an official OpenStack team... > > > I agree, and in times like this, it's best to use common sense rather > than trying to have a rule to fit everything into. In this case, Rob > and the security team have put forth an explanation of what happened, > I fail to see how removing them after this does anything other than > foster bad will. I would vote to keep the security team around at this > point. > > I feel bad quoting policy here... but we do have prior art for this... If we look at resolution, "2014-11-28 Process for Leaderless Programs"[0], we have policy for *exactly* this situation.. which should probably have been the first action rather than considering a new resolution. For reference: 1. Programs without a minimum of one eligible candidate are identified to the Technical Committee by the Election Officials, as soon as possible after the nomination period has expired. 2. The Technical Committee can appoint a leader to any programs in this situation, by mutual agreement of the Technical Committee and the proposed appointee. 3. The appointed leader has all the same obligations and responsibilities as a self-nominated elected Program Technical Lead. [0] http://governance.openstack.org/resolutions/20141128-elections-process-for-leaderless-programs.html -- Kind Regards, Dave Walker __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On Wed, Sep 21, 2016 at 3:35 PM, Thierry Carrez wrote: > Chivers, Doug wrote: >> My concern is with the original wording “The suggested way forward there >> would be to remove the "Security project team"”. >> >> This seems like a move to instantly reduce investment in OpenStack security, >> because the majority of members of the Security Project are corporately >> funded, which will be significantly impacted by the removal of the security >> project. I have no knowledge over the difference between a working group and >> a project, like everyone else on the project we are simply here to >> contribute to OpenStack security, drive innovation in security, deliver >> documentation like OSSNs, etc, rather than get involved in the politics of >> OpenStack. >> >> In response to the various questions of why no-one from our project noticed >> that we didn’t have a nomination for the PTL, we assumed that was taken care >> of. Realistically maybe two or three people on the security project have the >> availability to be PTL, one being our current PTL, for all the rest of us >> its simply not a concern until we need to vote. >> >> On a personal note, reading –dev is unfortunately a lower priority than >> designing architectures, responding to customers and sales teams, closing >> tickets, writing decks and on the afternoon or so I can spend each week, >> working on my upstream projects (this week it was: >> https://review.openstack.org/#/c/357978/5 - thanks to the Barbican team for >> all their work). Possibly this is wrong, but I didn’t sign up as a >> contributor to spend all my spare time reading mailing lists. > > So while I still think there is a slight disconnect (like, members of > the security team are less often involved in other teams) that results > in the Security team being more likely to miss the very few process > deadlines that apply to them, I'm not convinced it justifies removing > the "official" status of the team and make it a workgroup. > > I privately received information that explains why the PTL was not on > top of things during election weeks. With ~60 teams around there will > always be one or two that miss and that we must check on. It /always/ is > symptomatic of /some/ disconnect. But here I'm not sure it passes the > bar of "non-alignment with the community" that would make the Security > team unfit to be an official OpenStack team... > I agree, and in times like this, it's best to use common sense rather than trying to have a rule to fit everything into. In this case, Rob and the security team have put forth an explanation of what happened, I fail to see how removing them after this does anything other than foster bad will. I would vote to keep the security team around at this point. > -- > Thierry Carrez (ttx) > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 2016-09-21 10:18:58 -0700 (-0700), Morgan Fainberg wrote: [...] > For what it is worth the VMT had some discussion about this and in the case > the security team was/is dissolved/moved to a WG we will take some action > and make some proposals to handle the situation so we have a nice place to > continue within the community. One idea that was floated would be to become > our own small (release team sized) team. Well, just to be clear, if the current team providing a home to the VMT became unofficial, I doubt the VMT itself would operate any differently than today. It's a (necessarily) small group of people with existing cross-project ties to other official teams in OpenStack. The authority it has comes from involvement of its members throughout the community the function they perform, not from any sort of official mandate. That said, I appreciate and applaud the efforts of the Security Team and believe that the VMT's choice to align itself with them has provided a beneficial relationship. The Security Team provides valuable operations/deployment-specific insight into embargoed issues where the VMT often struggles to appropriately gauge impact severity and scope, they have been very helpfully documenting reported shortcomings in OpenStack which require special care and attention from downstream consumers, and they're working on ways to evaluate OpenStack software to make it easier for the VMT to support through both automated exploration and more conceptual risk documentation. > However, if security is continuing to exist, I am content to stay where we > are (I cannot speak to the views of Fungi, Tristan, and Grant though). Yes, I concur. When I saw that the Security Team lacked a PTL nominee, I did not nominate myself primarily because I don't regularly attend its weekly meetings nor participate in development of any of its outputs beyond what intersects with VMT needs (though also I'm not confident I could wear two PTL hats effectively, unlike some superhumans in our community). -- Jeremy Stanley signature.asc Description: Digital signature __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Jakub, Please see below. On Wed, Sep 21, 2016 at 3:46 PM, Jakub Pavlik wrote: > Hello all, > > it took us 2 years of hard working to get these official. OpenStack-Salt is > now used by around 40 production deployments and it is focused very on > operation and popularity is growing. You are removing the project week after > one of top contributor announced that they will use that as part of > solution. We made a mistakes, however I do not think that is reason to > remove us. I do no think that quality of the project is measured like this. > Our PTL got ill and did not do properly his job for last 3 weeks, but this > can happen anybody. > > It is up to you. If you think that we are useless for community, then > remove us and we will have to continue outside of this community. However > growing successful use cases will not be under official openstack community, > which makes my feeling bad. Data points so far are: 1. No response during Barcelona planning for rooms 2. Lack of candidates for PTL election 3. No activity in the releases/ repository hence no entries in https://releases.openstack.org/ 4. Meetings are not so regular? http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ (supposed to be weekly) 5. Is the specs repo really active? http://git.openstack.org/cgit/openstack/openstack-salt-specs/ is the work being done elsewhere? 6. Is there an effort to add stuff to the CI jobs running on openstack infrastructure? (can't seem to find much http://codesearch.openstack.org/?q=salt&i=nope&files=zuul%2Flayout.yaml&repos=project-config) I'll stop here and switch to #openstack-salt channel to help work you all through if there is a consensus/willingness from the openstack-salt team that there's significant work to be done. If you think you are better off not on the governance, that would be your call as well. Thanks, Dims > Thanks, > > Jakub > > > On 21.9.2016 21:03, Doug Hellmann wrote: >> >> Excerpts from Filip Pytloun's message of 2016-09-21 20:36:42 +0200: >>> >>> On 2016/09/21 13:23, Doug Hellmann wrote: The idea of splitting the contributor list comes up pretty regularly and we rehash the same suggestions each time. Given that what we have now worked fine for 57 of the 59 offical teams (the Astara team knew in advance it would not have a PTL running, and Piet had some sort of technical issue submitting his candidacy for the UX team), I'm not yet convinced that we need to make large-scale changes to our community communication standard practices in support of the 2 remaining teams. That's not to say that the system we have now is perfect, but we can't realistically support multiple systems at the same time. We need everyone to use the same system, otherwise we have (even more) fragmented communication. So, we either need everyone to agree to some new system and then have people step forward to implement it, or we need to all agree to do our best to use the system we have in place now. >>> >>> I think it may work as is (with proper mail filters), but as someone >>> already >>> mentioned in this thread it would be better to have someone more >>> experienced >>> in Openstack community projects as a core team member or PTL to catch all >>> these things otherwise it may happen that inexperienced PTL/team just >>> miss >>> something like now. >> >> If the team needs help, please ask for it. We should be able to find >> someone to do a little mentoring and provide some guidance. >> >>> Still I don't think it's such a big issue to just fire project from Big >>> Tent - >>> who will benefit from that? Again someone already mentioned what will it >>> mean >>> for such team (loss of potencial developers, etc.). >>> Moreover for teams who are actively working on project as it seems that >>> both >>> OpenStackSalt and Security teams do. >> >> Signing up to be a part of the big tent is not free. Membership comes >> with expectations and obligations. Failing to meet those may be an >> indication that the team isn't ready, or that membership is not a good >> fit. >> >>> And I thought that real work on a project is our primary goal.. this >>> situation >>> is like loosing job when I left dirty coffee cup at my workspace. >> >> I hope you consider team leadership and community participation to >> be more important than your analogy implies. >> >> Doug >> Did your release liaison follow the instructions to make that happen? http://git.openstack.org/cgit/openstack/releases/tree/README.rst >>> >>> That seems to be the reason. There was new release planned with support >>> for >>> containerized deployment which would follow that guide (as first releases >>> were >>> done during/shortly after openstack-salt move to Big Tent). >>> As mentioned above - more experienced PTL would be helpful here and we >>> are >>> currently talking with people who could fit that position. >>> >> I see no emails tagged with [salt] on th
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Please see below. On Wed, Sep 21, 2016 at 4:35 PM, Thierry Carrez wrote: > Chivers, Doug wrote: >> My concern is with the original wording “The suggested way forward there >> would be to remove the "Security project team"”. >> >> This seems like a move to instantly reduce investment in OpenStack security, >> because the majority of members of the Security Project are corporately >> funded, which will be significantly impacted by the removal of the security >> project. I have no knowledge over the difference between a working group and >> a project, like everyone else on the project we are simply here to >> contribute to OpenStack security, drive innovation in security, deliver >> documentation like OSSNs, etc, rather than get involved in the politics of >> OpenStack. >> >> In response to the various questions of why no-one from our project noticed >> that we didn’t have a nomination for the PTL, we assumed that was taken care >> of. Realistically maybe two or three people on the security project have the >> availability to be PTL, one being our current PTL, for all the rest of us >> its simply not a concern until we need to vote. >> >> On a personal note, reading –dev is unfortunately a lower priority than >> designing architectures, responding to customers and sales teams, closing >> tickets, writing decks and on the afternoon or so I can spend each week, >> working on my upstream projects (this week it was: >> https://review.openstack.org/#/c/357978/5 - thanks to the Barbican team for >> all their work). Possibly this is wrong, but I didn’t sign up as a >> contributor to spend all my spare time reading mailing lists. > > So while I still think there is a slight disconnect (like, members of > the security team are less often involved in other teams) that results > in the Security team being more likely to miss the very few process > deadlines that apply to them, I'm not convinced it justifies removing > the "official" status of the team and make it a workgroup. > > I privately received information that explains why the PTL was not on > top of things during election weeks. With ~60 teams around there will > always be one or two that miss and that we must check on. It /always/ is > symptomatic of /some/ disconnect. But here I'm not sure it passes the > bar of "non-alignment with the community" that would make the Security > team unfit to be an official OpenStack team... I agree with your assessment Thierry and will support keeping the Security Team as an official OpenStack Team. > -- > Thierry Carrez (ttx) > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Davanum Srinivas :: https://twitter.com/dims __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Hello all, We have our weekly OSSP IRC meeting tomorrow at 1700UTC (1200 Central) in #openstack-meeting-alt. This thread has raised some important issues, and we will devote a significant portion of our meeting to discussing them. My IRC handle is "ccneill" on freenode if you'd like to get in touch with me there. We are very interested in better integrating with the greater OpenStack community, and are open to suggestions as to how we might achieve that going forward. Cheers, Charles Neill On 9/21/16, 15:35, "Thierry Carrez" wrote: >Chivers, Doug wrote: >> My concern is with the original wording “The suggested way forward >>there would be to remove the "Security project team"”. >> >> This seems like a move to instantly reduce investment in OpenStack >>security, because the majority of members of the Security Project are >>corporately funded, which will be significantly impacted by the removal >>of the security project. I have no knowledge over the difference between >>a working group and a project, like everyone else on the project we are >>simply here to contribute to OpenStack security, drive innovation in >>security, deliver documentation like OSSNs, etc, rather than get >>involved in the politics of OpenStack. >> >> In response to the various questions of why no-one from our project >>noticed that we didn’t have a nomination for the PTL, we assumed that >>was taken care of. Realistically maybe two or three people on the >>security project have the availability to be PTL, one being our current >>PTL, for all the rest of us its simply not a concern until we need to >>vote. >> >> On a personal note, reading –dev is unfortunately a lower priority than >>designing architectures, responding to customers and sales teams, >>closing tickets, writing decks and on the afternoon or so I can spend >>each week, working on my upstream projects (this week it was: >>https://review.openstack.org/#/c/357978/5 - thanks to the Barbican team >>for all their work). Possibly this is wrong, but I didn’t sign up as a >>contributor to spend all my spare time reading mailing lists. > >So while I still think there is a slight disconnect (like, members of >the security team are less often involved in other teams) that results >in the Security team being more likely to miss the very few process >deadlines that apply to them, I'm not convinced it justifies removing >the "official" status of the team and make it a workgroup. > >I privately received information that explains why the PTL was not on >top of things during election weeks. With ~60 teams around there will >always be one or two that miss and that we must check on. It /always/ is >symptomatic of /some/ disconnect. But here I'm not sure it passes the >bar of "non-alignment with the community" that would make the Security >team unfit to be an official OpenStack team... > >-- >Thierry Carrez (ttx) > >__ >OpenStack Development Mailing List (not for usage questions) >Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe >http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Chivers, Doug wrote: > My concern is with the original wording “The suggested way forward there > would be to remove the "Security project team"”. > > This seems like a move to instantly reduce investment in OpenStack security, > because the majority of members of the Security Project are corporately > funded, which will be significantly impacted by the removal of the security > project. I have no knowledge over the difference between a working group and > a project, like everyone else on the project we are simply here to contribute > to OpenStack security, drive innovation in security, deliver documentation > like OSSNs, etc, rather than get involved in the politics of OpenStack. > > In response to the various questions of why no-one from our project noticed > that we didn’t have a nomination for the PTL, we assumed that was taken care > of. Realistically maybe two or three people on the security project have the > availability to be PTL, one being our current PTL, for all the rest of us its > simply not a concern until we need to vote. > > On a personal note, reading –dev is unfortunately a lower priority than > designing architectures, responding to customers and sales teams, closing > tickets, writing decks and on the afternoon or so I can spend each week, > working on my upstream projects (this week it was: > https://review.openstack.org/#/c/357978/5 - thanks to the Barbican team for > all their work). Possibly this is wrong, but I didn’t sign up as a > contributor to spend all my spare time reading mailing lists. So while I still think there is a slight disconnect (like, members of the security team are less often involved in other teams) that results in the Security team being more likely to miss the very few process deadlines that apply to them, I'm not convinced it justifies removing the "official" status of the team and make it a workgroup. I privately received information that explains why the PTL was not on top of things during election weeks. With ~60 teams around there will always be one or two that miss and that we must check on. It /always/ is symptomatic of /some/ disconnect. But here I'm not sure it passes the bar of "non-alignment with the community" that would make the Security team unfit to be an official OpenStack team... -- Thierry Carrez (ttx) __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Jakub Pavlik wrote: > it took us 2 years of hard working to get these official. OpenStack-Salt > is now used by around 40 production deployments and it is focused very > on operation and popularity is growing. You are removing the project > week after one of top contributor announced that they will use that as > part of solution. We made a mistakes, however I do not think that is > reason to remove us. I do no think that quality of the project is > measured like this. Our PTL got ill and did not do properly his job for > last 3 weeks, but this can happen anybody. > > It is up to you. If you think that we are useless for community, then > remove us and we will have to continue outside of this community. > However growing successful use cases will not be under official > openstack community, which makes my feeling bad. Note that being in the Big tent as an official project (vs. just being under te openstack/* namespace as an unofficial ecosystem project) is not a judgment of value (or usefulness) on the project. It is a judgment in community alignment. Are you a project produced by the OpenStack Community ? Are you aligned with the OpenStack mission, do you follow our principles and processes ? Missing the Ptl election is a sign of non-alignment with the rest of the OpenStack community. So is missing the numerous emails I sent over the last months to ask about Design Summit space. The question now is, are those signs enough to justify removal the "official" stamp from the team or not. I tend to lean towards leniency, but I'm just one vote. -- Thierry Carrez (ttx) __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Travis, My answer would be -that- is the most ideal scenario. I care about OpenStack and ensuring quality projects have adequate representation so I checked to see which ones didn't have anyone defined for leadership and picked one to step in and help, assuming no one was able to fill that role for that specific cycle. On Sep 21, 2016 12:06 PM, "Travis McPeak" wrote: > "So all this said, there are individuals interested in the PTL role to > ensure project teams have someone handling the logistics and coordination. > My issue however was that I was not yet eligible to be a candidate which > I'll remedy moving forward. > > I'm still interested in serving as a PTL for a project that needs one. I > personally believe that in the case of Security, there needs to be a > dedicated team due to the nature and impact of security breaches that > directly influence the perception of OpenStack as a viable cloud solution > for enterprises looking (or re-looking) at it for the first time." > > @Adam we'd certainly appreciate your help staying on top of > > required activities, email, etc. Surely a PTL should be > > somebody who has at least been involved in the project? > > -- > -Travis > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Hello all, it took us 2 years of hard working to get these official. OpenStack-Salt is now used by around 40 production deployments and it is focused very on operation and popularity is growing. You are removing the project week after one of top contributor announced that they will use that as part of solution. We made a mistakes, however I do not think that is reason to remove us. I do no think that quality of the project is measured like this. Our PTL got ill and did not do properly his job for last 3 weeks, but this can happen anybody. It is up to you. If you think that we are useless for community, then remove us and we will have to continue outside of this community. However growing successful use cases will not be under official openstack community, which makes my feeling bad. Thanks, Jakub On 21.9.2016 21:03, Doug Hellmann wrote: Excerpts from Filip Pytloun's message of 2016-09-21 20:36:42 +0200: On 2016/09/21 13:23, Doug Hellmann wrote: The idea of splitting the contributor list comes up pretty regularly and we rehash the same suggestions each time. Given that what we have now worked fine for 57 of the 59 offical teams (the Astara team knew in advance it would not have a PTL running, and Piet had some sort of technical issue submitting his candidacy for the UX team), I'm not yet convinced that we need to make large-scale changes to our community communication standard practices in support of the 2 remaining teams. That's not to say that the system we have now is perfect, but we can't realistically support multiple systems at the same time. We need everyone to use the same system, otherwise we have (even more) fragmented communication. So, we either need everyone to agree to some new system and then have people step forward to implement it, or we need to all agree to do our best to use the system we have in place now. I think it may work as is (with proper mail filters), but as someone already mentioned in this thread it would be better to have someone more experienced in Openstack community projects as a core team member or PTL to catch all these things otherwise it may happen that inexperienced PTL/team just miss something like now. If the team needs help, please ask for it. We should be able to find someone to do a little mentoring and provide some guidance. Still I don't think it's such a big issue to just fire project from Big Tent - who will benefit from that? Again someone already mentioned what will it mean for such team (loss of potencial developers, etc.). Moreover for teams who are actively working on project as it seems that both OpenStackSalt and Security teams do. Signing up to be a part of the big tent is not free. Membership comes with expectations and obligations. Failing to meet those may be an indication that the team isn't ready, or that membership is not a good fit. And I thought that real work on a project is our primary goal.. this situation is like loosing job when I left dirty coffee cup at my workspace. I hope you consider team leadership and community participation to be more important than your analogy implies. Doug Did your release liaison follow the instructions to make that happen? http://git.openstack.org/cgit/openstack/releases/tree/README.rst That seems to be the reason. There was new release planned with support for containerized deployment which would follow that guide (as first releases were done during/shortly after openstack-salt move to Big Tent). As mentioned above - more experienced PTL would be helpful here and we are currently talking with people who could fit that position. I see no emails tagged with [salt] on the mailing list since March of this year, aside from this thread. Are you using a different communication channel for team coordination? You mention IRC, but how are new contributors expected to find you? Yes, we are using openstack-salt channel and openstack meetings over IRC. This channel is mentioned eg. in readme here [1] and community meetings page [2] which are on weekly basis (logs [3]). We also had a couple of people comming to team IRC talking to us about project so I believe they can find the way to contact us even without our heavy activity at openstack-dev (which should be better as I admitted). That works great for folks in your timezones. It's less useful for anyone who isn't around at the same time as you, which is one reason our community emphasizes using email communications. Email gives you asynchronous discussions for timezone coverage, allows folks who are traveling or off work for a period to catch up on and participate in discussions later, etc. [1] https://github.com/openstack/openstack-salt [2] https://wiki.openstack.org/wiki/Meetings/openstack-salt [3] http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ Of course I don't want to excuse our fault. In case it's not too late, we will try to be more active in mailing lists like openstack-dev and not miss such important
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Excerpts from Filip Pytloun's message of 2016-09-21 20:36:42 +0200: > On 2016/09/21 13:23, Doug Hellmann wrote: > > The idea of splitting the contributor list comes up pretty regularly > > and we rehash the same suggestions each time. Given that what we > > have now worked fine for 57 of the 59 offical teams (the Astara > > team knew in advance it would not have a PTL running, and Piet had > > some sort of technical issue submitting his candidacy for the UX > > team), I'm not yet convinced that we need to make large-scale changes > > to our community communication standard practices in support of the > > 2 remaining teams. > > > > That's not to say that the system we have now is perfect, but we > > can't realistically support multiple systems at the same time. We > > need everyone to use the same system, otherwise we have (even more) > > fragmented communication. So, we either need everyone to agree to > > some new system and then have people step forward to implement it, > > or we need to all agree to do our best to use the system we have > > in place now. > > I think it may work as is (with proper mail filters), but as someone already > mentioned in this thread it would be better to have someone more experienced > in Openstack community projects as a core team member or PTL to catch all > these things otherwise it may happen that inexperienced PTL/team just miss > something like now. If the team needs help, please ask for it. We should be able to find someone to do a little mentoring and provide some guidance. > Still I don't think it's such a big issue to just fire project from Big Tent - > who will benefit from that? Again someone already mentioned what will it mean > for such team (loss of potencial developers, etc.). > Moreover for teams who are actively working on project as it seems that both > OpenStackSalt and Security teams do. Signing up to be a part of the big tent is not free. Membership comes with expectations and obligations. Failing to meet those may be an indication that the team isn't ready, or that membership is not a good fit. > And I thought that real work on a project is our primary goal.. this situation > is like loosing job when I left dirty coffee cup at my workspace. I hope you consider team leadership and community participation to be more important than your analogy implies. Doug > > > Did your release liaison follow the instructions to make that happen? > > http://git.openstack.org/cgit/openstack/releases/tree/README.rst > > That seems to be the reason. There was new release planned with support for > containerized deployment which would follow that guide (as first releases were > done during/shortly after openstack-salt move to Big Tent). > As mentioned above - more experienced PTL would be helpful here and we are > currently talking with people who could fit that position. > > > > > > > > > > I see no emails tagged with [salt] on the mailing list since March of > > > > this year, aside from this thread. Are you using a different > > > > communication channel for team coordination? You mention IRC, but how > > > > are new contributors expected to find you? > > > > > > Yes, we are using openstack-salt channel and openstack meetings over > > > IRC. This channel is mentioned eg. in readme here [1] and community > > > meetings page [2] which are on weekly basis (logs [3]). > > > > > > We also had a couple of people comming to team IRC talking to us about > > > project > > > so I believe they can find the way to contact us even without our heavy > > > activity at openstack-dev (which should be better as I admitted). > > > > That works great for folks in your timezones. It's less useful for > > anyone who isn't around at the same time as you, which is one reason > > our community emphasizes using email communications. Email gives > > you asynchronous discussions for timezone coverage, allows folks > > who are traveling or off work for a period to catch up on and > > participate in discussions later, etc. > > > > > > > > [1] https://github.com/openstack/openstack-salt > > > [2] https://wiki.openstack.org/wiki/Meetings/openstack-salt > > > [3] http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ > > > > > > > > > > > > > Of course I don't want to excuse our fault. In case it's not too late, > > > > > we will try to be more active in mailing lists like openstack-dev and > > > > > not miss such important events next time. > > > > > > > > > > [1] http://stackalytics.com/?module=openstacksalt-group > > > > > > > > > > -Filip > > > > > > > > > > On Wed, Sep 21, 2016 at 12:23 PM, Thierry Carrez > > > > > > > > > > wrote: > > > > > > > > > >> Hi everyone, > > > > >> > > > > >> As announced previously[1][2], there were no PTL candidates within > > > > >> the > > > > >> election deadline for a number of official OpenStack project teams: > > > > >> Astara, UX, OpenStackSalt and Security. > > > > >> > > > > >> In the Astara case, the current team work
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
"So all this said, there are individuals interested in the PTL role to ensure project teams have someone handling the logistics and coordination. My issue however was that I was not yet eligible to be a candidate which I'll remedy moving forward. I'm still interested in serving as a PTL for a project that needs one. I personally believe that in the case of Security, there needs to be a dedicated team due to the nature and impact of security breaches that directly influence the perception of OpenStack as a viable cloud solution for enterprises looking (or re-looking) at it for the first time." @Adam we'd certainly appreciate your help staying on top of required activities, email, etc. Surely a PTL should be somebody who has at least been involved in the project? -- -Travis __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
ing. network.service > > initiates a DHCP DISCOVER on it, when it times out, network.service > > goes to failed state and all other interfaces are DOWN state. If i > > manually bring the interface up (via ipmi console), then all proceeds > > fine without any issue. > > > > To overcome this issue, I have written a small script to find out the > > provisioning network via metadata (metadata has the mac address of the > > provisioning network) and make BOOTPROTO=none on all other interface's > > ifcfg files except the provisioning network. There still an issue of > > IP not ready at the time of querying metadata, temporarily added a > > sleep which solves it. The user-data script [1] has all these fixes > > and tested on an baremetal overcloud node. > > > > If anyone has a better way of doing it, you are more than welcome to > > suggest. > > > > Regards, > > Saravanan KR > > > > [1] https://gist.github.com/krsacme/1234bf024ac917c74913827298840c1c > > > > On Wed, Jul 27, 2016 at 6:52 PM, Saravanan KR > wrote: > > > Hello, > > > > > > We are working on SR-IOV & DPDK tripleo integration. In which, setting > > > the kernel args for huge pages, iommu and cpu isolation is required. > > > Earlier we were working on setting of kernel args via IPA [1], reasons > > > being: > > > 1. IPA is installing the boot loader on the overcloud node > > > 2. Ironic knows the hardware spec, using which, we can target specific > > > args to nodes via introspection rules > > > > > > As the proposal is to change the image owned file '/etc/default/grub', > > > it has been suggested by ironic team to use the instance user data to > > > set the kernel args [2][3], instead of IPA. In the suggested approach, > > > we are planning to update the file /etc/default/grub, update > > > /etc/grub2.cfg and then issue a reboot. Reboot is mandatory because, > > > os-net-config will configure the DPDK bridges and ports by binding the > > > DPDK driver, which requires kernel args should be set for iommu and > > > huge pages. > > > > > > As discussed on the IRC tripleo meeting, we need to ensure that the > > > user data with update of kernel args, does not overlap with any other > > > puppet configurations. Please let us know if you have any comments on > > > this approach. > > > > > > Regards, > > > Saravanan KR > > > > > > [1] https://review.openstack.org/#/c/331564/ > > > [2] > > > http://docs.openstack.org/developer/ironic/deploy/install-guide.html#appending-kernel-parameters-to-boot-instances > > > > > [3] > > > http://docs.openstack.org/developer/tripleo-docs/advanced_deployment/extra_config.html#firstboot-extra-configuration > > > > > > > > > > -- > > > > Message: 7 > > Date: Wed, 21 Sep 2016 12:49:58 +0200 > > From: Giulio Fidente > > To: "OpenStack Development Mailing List (not for usage questions)" > > , Emilien Macchi > > > > Subject: Re: [openstack-dev] [tripleo] [puppet] Preparing TripleO > > agenda for Barcelona - action needed > > Message-ID: > > Content-Type: text/plain; charset=windows-1252; format=flowed > > > > On 09/19/2016 10:49 PM, Emilien Macchi wrote: > > > (adding puppet tag for cross project session). > > > > > > Let's continue to prepare TripleO sessions. > > > > > > https://etherpad.openstack.org/p/ocata-tripleo > > > > > > For reminder, we have 2 fishbowls and 4 working rooms. > > > I looked at the topic proposals and I started to organize some > sessions. > > > > > > Some actions from you are required: > > > - review the session proposal > > > - if you want to drive a session, please put your name in "Chair". > > > - for each session we need to choose if we want it to be a work room > > > or a fishbowl session. > > > - 4 topics are still there, please propose a session (concatenate them > > > if possible) > > > - if you missed this etherpad until now, feel free to
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 21 September 2016 at 19:20, Chivers, Doug wrote: > My concern is with the original wording “The suggested way forward there > would be to remove the "Security project team"”. > > This seems like a move to instantly reduce investment in OpenStack > security, because the majority of members of the Security Project are > corporately funded, which will be significantly impacted by the removal of > the security project. I have no knowledge over the difference between a > working group and a project, like everyone else on the project we are > simply here to contribute to OpenStack security, drive innovation in > security, deliver documentation like OSSNs, etc, rather than get involved > in the politics of OpenStack. > > In response to the various questions of why no-one from our project > noticed that we didn’t have a nomination for the PTL, we assumed that was > taken care of. Realistically maybe two or three people on the security > project have the availability to be PTL, one being our current PTL, for all > the rest of us its simply not a concern until we need to vote. > > On a personal note, reading –dev is unfortunately a lower priority than > designing architectures, responding to customers and sales teams, closing > tickets, writing decks and on the afternoon or so I can spend each week, > working on my upstream projects (this week it was: > https://review.openstack.org/#/c/357978/5 - thanks to the Barbican team > for all their work). Possibly this is wrong, but I didn’t sign up as a > contributor to spend all my spare time reading mailing lists. > > Honestly, I can only echo this. I've been around the OSSP(G) since 2013, but only really been active in the last 18 months or so. It's been pretty clear that when Security moved from a Group to a Project, investment towards security grew dramatically. The meetings are well run with real objectives achieved with members focused on constant outreach to other projects. For reference, the email that started this thread was picked up and discussed by some members of the OSSP within *minutes* of it being sent... and those people were pretty outraged. I'm sure it wasn't intended, but the original email could be read as quite insulting.. "That points to a real disconnect between those teams and the rest of the community". I think this is an unfair statement based on minimal observation of a point of order. The OSSP spends a significant amount of its time on outreach, which is the whole underlying principle of the project. This can be seen with efforts such as bandit gate coverage, Threat Analysis and OSSN's. Further, reducing the summit timetable for Security and "have Security be just a workgroup".. really sends the wrong message about Security being a first class citizen in OpenStack. OSSP ticks all the 4 opens, and stating that "The leadership is chosen by the contributors to the project".. it is convention that a nomination email is sent to -dev, but that shouldn't be assumed that the contributors have not considered their leader. I think people working on the OSSP assumed it would be Rob again, and were happy with this. It isn't because of lack of community engagement or interest IMO. So.. other than someone failing to nominate for PTL in the time-frame, what else justifies the statement of "points[ing] to a real disconnect between those teams and the rest of the community".. or shows that OSSG no longer meets the 4 opens? -- Kind Regards, Dave Walker __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 2016/09/21 13:23, Doug Hellmann wrote: > The idea of splitting the contributor list comes up pretty regularly > and we rehash the same suggestions each time. Given that what we > have now worked fine for 57 of the 59 offical teams (the Astara > team knew in advance it would not have a PTL running, and Piet had > some sort of technical issue submitting his candidacy for the UX > team), I'm not yet convinced that we need to make large-scale changes > to our community communication standard practices in support of the > 2 remaining teams. > > That's not to say that the system we have now is perfect, but we > can't realistically support multiple systems at the same time. We > need everyone to use the same system, otherwise we have (even more) > fragmented communication. So, we either need everyone to agree to > some new system and then have people step forward to implement it, > or we need to all agree to do our best to use the system we have > in place now. I think it may work as is (with proper mail filters), but as someone already mentioned in this thread it would be better to have someone more experienced in Openstack community projects as a core team member or PTL to catch all these things otherwise it may happen that inexperienced PTL/team just miss something like now. Still I don't think it's such a big issue to just fire project from Big Tent - who will benefit from that? Again someone already mentioned what will it mean for such team (loss of potencial developers, etc.). Moreover for teams who are actively working on project as it seems that both OpenStackSalt and Security teams do. And I thought that real work on a project is our primary goal.. this situation is like loosing job when I left dirty coffee cup at my workspace. > Did your release liaison follow the instructions to make that happen? > http://git.openstack.org/cgit/openstack/releases/tree/README.rst That seems to be the reason. There was new release planned with support for containerized deployment which would follow that guide (as first releases were done during/shortly after openstack-salt move to Big Tent). As mentioned above - more experienced PTL would be helpful here and we are currently talking with people who could fit that position. > > > > > > I see no emails tagged with [salt] on the mailing list since March of > > > this year, aside from this thread. Are you using a different > > > communication channel for team coordination? You mention IRC, but how are > > > new contributors expected to find you? > > > > Yes, we are using openstack-salt channel and openstack meetings over > > IRC. This channel is mentioned eg. in readme here [1] and community > > meetings page [2] which are on weekly basis (logs [3]). > > > > We also had a couple of people comming to team IRC talking to us about > > project > > so I believe they can find the way to contact us even without our heavy > > activity at openstack-dev (which should be better as I admitted). > > That works great for folks in your timezones. It's less useful for > anyone who isn't around at the same time as you, which is one reason > our community emphasizes using email communications. Email gives > you asynchronous discussions for timezone coverage, allows folks > who are traveling or off work for a period to catch up on and > participate in discussions later, etc. > > > > > [1] https://github.com/openstack/openstack-salt > > [2] https://wiki.openstack.org/wiki/Meetings/openstack-salt > > [3] http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ > > > > > > > > > > Of course I don't want to excuse our fault. In case it's not too late, > > > > we will try to be more active in mailing lists like openstack-dev and > > > > not miss such important events next time. > > > > > > > > [1] http://stackalytics.com/?module=openstacksalt-group > > > > > > > > -Filip > > > > > > > > On Wed, Sep 21, 2016 at 12:23 PM, Thierry Carrez > > > > wrote: > > > > > > > >> Hi everyone, > > > >> > > > >> As announced previously[1][2], there were no PTL candidates within the > > > >> election deadline for a number of official OpenStack project teams: > > > >> Astara, UX, OpenStackSalt and Security. > > > >> > > > >> In the Astara case, the current team working on it would like to > > > >> abandon > > > >> the project (and let it be available for any new team who wishes to > > > >> take > > > >> it away). A change should be proposed really soon now to go in that > > > >> direction. > > > >> > > > >> In the UX case, the current PTL (Piet Kruithof) very quickly reacted, > > > >> explained his error and asked to be considered for the position for > > > >> Ocata. The TC will officialize his nomination at the next meeting, > > > >> together with the newly elected PTLs. > > > >> > > > >> That leaves us with OpenStackSalt and Security, where nobody reacted to > > > >> the announcement that we are missing PTL candidates. That points to a > > > >> real disconnect between those
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
bject:unsubscribe > >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > > __ > > OpenStack Development Mailing List (not for usage questions) > > Unsubscribe: > openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > > > > > -- > > Message: 6 > Date: Wed, 21 Sep 2016 15:43:24 +0530 > From: Saravanan KR > To: "OpenStack Development Mailing List (not for usage questions)" > > Subject: Re: [openstack-dev] [tripleo] Setting kernel args to > overcloud nodes > Message-ID: > > Content-Type: text/plain; charset=UTF-8 > > I have been working on the user-data scripts (first-boot) for updating > the kernel args on the overcloud node [1]. The pre-condition is that > the kernel args has to be applied and node has to be restarted before > os-net-config runs. > > I got in to problem of provisioning network not getting ip after the > reboot in the user-data script. While investigating, figured out that > network.service starts the nodes on the alpha-numeric order, on which > the first nic is not the one used for provisioning. network.service > initiates a DHCP DISCOVER on it, when it times out, network.service > goes to failed state and all other interfaces are DOWN state. If i > manually bring the interface up (via ipmi console), then all proceeds > fine without any issue. > > To overcome this issue, I have written a small script to find out the > provisioning network via metadata (metadata has the mac address of the > provisioning network) and make BOOTPROTO=none on all other interface's > ifcfg files except the provisioning network. There still an issue of > IP not ready at the time of querying metadata, temporarily added a > sleep which solves it. The user-data script [1] has all these fixes > and tested on an baremetal overcloud node. > > If anyone has a better way of doing it, you are more than welcome to > suggest. > > Regards, > Saravanan KR > > [1] https://gist.github.com/krsacme/1234bf024ac917c74913827298840c1c > > On Wed, Jul 27, 2016 at 6:52 PM, Saravanan KR wrote: > > Hello, > > > > We are working on SR-IOV & DPDK tripleo integration. In which, setting > > the kernel args for huge pages, iommu and cpu isolation is required. > > Earlier we were working on setting of kernel args via IPA [1], reasons > > being: > > 1. IPA is installing the boot loader on the overcloud node > > 2. Ironic knows the hardware spec, using which, we can target specific > > args to nodes via introspection rules > > > > As the proposal is to change the image owned file '/etc/default/grub', > > it has been suggested by ironic team to use the instance user data to > > set the kernel args [2][3], instead of IPA. In the suggested approach, > > we are planning to update the file /etc/default/grub, update > > /etc/grub2.cfg and then issue a reboot. Reboot is mandatory because, > > os-net-config will configure the DPDK bridges and ports by binding the > > DPDK driver, which requires kernel args should be set for iommu and > > huge pages. > > > > As discussed on the IRC tripleo meeting, we need to ensure that the > > user data with update of kernel args, does not overlap with any other > > puppet configurations. Please let us know if you have any comments on > > this approach. > > > > Regards, > > Saravanan KR > > > > [1] https://review.openstack.org/#/c/331564/ > > [2] > http://docs.openstack.org/developer/ironic/deploy/install-guide.html#appending-kernel-parameters-to-boot-instances > > > [3] > http://docs.openstack.org/developer/tripleo-docs/advanced_deployment/extra_config.html#firstboot-extra-configuration > > > > > -- > > Message: 7 > Date: Wed, 21 Sep 2016 12:49:58 +0200 > From: Giulio Fidente > To: "OpenStack Development Mailing List (not for usage questions)" > , Emilien Macchi > > Subject: Re: [openstack-dev] [tripleo] [puppet] Preparing Tri
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
the file /etc/default/grub, update > > /etc/grub2.cfg and then issue a reboot. Reboot is mandatory because, > > os-net-config will configure the DPDK bridges and ports by binding the > > DPDK driver, which requires kernel args should be set for iommu and > > huge pages. > > > > As discussed on the IRC tripleo meeting, we need to ensure that the > > user data with update of kernel args, does not overlap with any other > > puppet configurations. Please let us know if you have any comments on > > this approach. > > > > Regards, > > Saravanan KR > > > > [1] https://review.openstack.org/#/c/331564/ > > [2] > http://docs.openstack.org/developer/ironic/deploy/install-guide.html#appending-kernel-parameters-to-boot-instances > > > [3] > http://docs.openstack.org/developer/tripleo-docs/advanced_deployment/extra_config.html#firstboot-extra-configuration > > > > > -- > > Message: 7 > Date: Wed, 21 Sep 2016 12:49:58 +0200 > From: Giulio Fidente > To: "OpenStack Development Mailing List (not for usage questions)" > , Emilien Macchi > > Subject: Re: [openstack-dev] [tripleo] [puppet] Preparing TripleO > agenda for Barcelona - action needed > Message-ID: > Content-Type: text/plain; charset=windows-1252; format=flowed > > On 09/19/2016 10:49 PM, Emilien Macchi wrote: > > (adding puppet tag for cross project session). > > > > Let's continue to prepare TripleO sessions. > > > > https://etherpad.openstack.org/p/ocata-tripleo > > > > For reminder, we have 2 fishbowls and 4 working rooms. > > I looked at the topic proposals and I started to organize some sessions. > > > > Some actions from you are required: > > - review the session proposal > > - if you want to drive a session, please put your name in "Chair". > > - for each session we need to choose if we want it to be a work room > > or a fishbowl session. > > - 4 topics are still there, please propose a session (concatenate them > > if possible) > > - if you missed this etherpad until now, feel free to propose a > > session with your topic (ex: TripleO UI - roadmap, etc). > > > > At least but not least, I would propose a cross project session with > > Puppet OpenStack group (using a slot from their schedule) so we might > > have a 7th session. > > the cross project session with the puppet group is a nice idea indeed, > thanks Emilien > > in that context it would be nice to gather some ideas/feedback on the > status of openstack integration scenarios vs tripleo scenarios and see > if we can optimize resources and/or coverage > -- > Giulio Fidente > GPG KEY: 08D733BA | IRC: gfidente > > > > -- > > Message: 8 > Date: Wed, 21 Sep 2016 13:23:32 +0200 > From: Thierry Carrez > To: OpenStack Development Mailing List > > Subject: [openstack-dev] [security] [salt] Removal of Security and > OpenStackSalt project teams from the Big Tent > Message-ID: > Content-Type: text/plain; charset=utf-8 > > Hi everyone, > > As announced previously[1][2], there were no PTL candidates within the > election deadline for a number of official OpenStack project teams: > Astara, UX, OpenStackSalt and Security. > > In the Astara case, the current team working on it would like to abandon > the project (and let it be available for any new team who wishes to take > it away). A change should be proposed really soon now to go in that > direction. > > In the UX case, the current PTL (Piet Kruithof) very quickly reacted, > explained his error and asked to be considered for the position for > Ocata. The TC will officialize his nomination at the next meeting, > together with the newly elected PTLs. > > That leaves us with OpenStackSalt and Security, where nobody reacted to > the announcement that we are missing PTL candidates. That points to a > real disconnect between those teams and the rest of the community. Even > if you didn't have the election schedule in mind, it was pretty hard to > miss all the PTL nominations in the email last week. > > The majority of TC members present at the meeting yesterday suggested > that those project teams should be removed from the Big Tent, with their > design summit space allocation slightly reduced to match that (and make > room for other not-yet-official teams). > > In the case of OpenStackSalt, it's a relatively new addition, and if > they get their act together they could probably be re-proposed in the > future. In the case
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Excerpts from Filip Pytloun's message of 2016-09-21 17:43:46 +0200: > Hello, > > > With 59 separate teams, even emailing the PTLs directly is becoming > > impractical. I can’t imagine trying to email all of the core members > > directly. > > > > A separate mailing list just for “important announcements” would need > > someone to decide what is “important”. It would also need everyone to be > > subscribed, or we would have to cross-post to the existing list. That’s why > > we use topic tags on the mailing list, so that it is possible to filter > > messages based on what is important to the reader, rather than the sender. > > So maybe call it openstack-organization or openstack-teams or something > to focus on organizational topics. > Using tags and filters is also a way but may not be suitable for > everyone. The idea of splitting the contributor list comes up pretty regularly and we rehash the same suggestions each time. Given that what we have now worked fine for 57 of the 59 offical teams (the Astara team knew in advance it would not have a PTL running, and Piet had some sort of technical issue submitting his candidacy for the UX team), I'm not yet convinced that we need to make large-scale changes to our community communication standard practices in support of the 2 remaining teams. That's not to say that the system we have now is perfect, but we can't realistically support multiple systems at the same time. We need everyone to use the same system, otherwise we have (even more) fragmented communication. So, we either need everyone to agree to some new system and then have people step forward to implement it, or we need to all agree to do our best to use the system we have in place now. > > > I don’t see any releases listed on > > https://releases.openstack.org/independent.html either. Are you tagging > > releases, yet? > > Yes, we've done a few releases, see eg. openstack/salt-formula-nova > releases here: https://github.com/openstack/salt-formula-nova/releases > > I don't know why it's not listed on releases.openstack.org page. Did your release liaison follow the instructions to make that happen? http://git.openstack.org/cgit/openstack/releases/tree/README.rst > > > I see no emails tagged with [salt] on the mailing list since March of this > > year, aside from this thread. Are you using a different communication > > channel for team coordination? You mention IRC, but how are new > > contributors expected to find you? > > Yes, we are using openstack-salt channel and openstack meetings over > IRC. This channel is mentioned eg. in readme here [1] and community > meetings page [2] which are on weekly basis (logs [3]). > > We also had a couple of people comming to team IRC talking to us about project > so I believe they can find the way to contact us even without our heavy > activity at openstack-dev (which should be better as I admitted). That works great for folks in your timezones. It's less useful for anyone who isn't around at the same time as you, which is one reason our community emphasizes using email communications. Email gives you asynchronous discussions for timezone coverage, allows folks who are traveling or off work for a period to catch up on and participate in discussions later, etc. > > [1] https://github.com/openstack/openstack-salt > [2] https://wiki.openstack.org/wiki/Meetings/openstack-salt > [3] http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ > > > > > > > Of course I don't want to excuse our fault. In case it's not too late, > > > we will try to be more active in mailing lists like openstack-dev and > > > not miss such important events next time. > > > > > > [1] http://stackalytics.com/?module=openstacksalt-group > > > > > > -Filip > > > > > > On Wed, Sep 21, 2016 at 12:23 PM, Thierry Carrez > > > wrote: > > > > > >> Hi everyone, > > >> > > >> As announced previously[1][2], there were no PTL candidates within the > > >> election deadline for a number of official OpenStack project teams: > > >> Astara, UX, OpenStackSalt and Security. > > >> > > >> In the Astara case, the current team working on it would like to abandon > > >> the project (and let it be available for any new team who wishes to take > > >> it away). A change should be proposed really soon now to go in that > > >> direction. > > >> > > >> In the UX case, the current PTL (Piet Kruithof) very quickly reacted, > > >> explained his error and asked to be considered for the position for > > >> Ocata. The TC will officialize his nomination at the next meeting, > > >> together with the newly elected PTLs. > > >> > > >> That leaves us with OpenStackSalt and Security, where nobody reacted to > > >> the announcement that we are missing PTL candidates. That points to a > > >> real disconnect between those teams and the rest of the community. Even > > >> if you didn't have the election schedule in mind, it was pretty hard to > > >> miss all the PTL nominations in the email last wee
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On Sep 21, 2016 09:37, "Adam Lawson" wrote: > > But something else struck me, the velocity and sheer NUMBER of emails that must be filtered to find and extract these key announcements is tricky so I don't fault anyone for missing the needle in the haystack. Important needle no doubt but I wonder if there are more efficient ways to ensure important info is highlighted. > > My knee jerk idea is a way for individuals to subscribe to certain topics that come into their inbox. I don't have a good way within Gmail to sub-filter these which has been a historical problem for me in terms of awareness of following hot topics. > > //adam > > > Adam Lawson > > AQORN, Inc. > 427 North Tatnall Street > Ste. 58461 > Wilmington, Delaware 19801-2230 > Toll-free: (844) 4-AQORN-NOW ext. 101 > International: +1 302-387-4660 > Direct: +1 916-246-2072 > > On Wed, Sep 21, 2016 at 9:28 AM, Adam Lawson wrote: >> >> You know something that struck me, I noticed there were several teams last cycle that did not elect a PTL so this round I was watching to see if any teams did not have a PTL elected and presumed it was because of many of the reasons surfaced in previous emails in this thread including being heads down, watching other channels and potentially insufficient numbers of individuals interested in the PTL role. >> >> So I waited and noticed Astara, Security and a handful of other projects did not have a PTL elected so I picked Astara because I am an OpenStack architect who specializes in SDN, security and distributed storage and applied. Of course I missed the deadline by about 2 hours but Security was another project I was interested in. >> >> So all this said, there are individuals interested in the PTL role to ensure project teams have someone handling the logistics and coordination. My issue however was that I was not yet eligible to be a candidate which I'll remedy moving forward. >> >> I'm still interested in serving as a PTL for a project that needs one. I personally believe that in the case of Security, there needs to be a dedicated team due to the nature and impact of security breaches that directly influence the perception of OpenStack as a viable cloud solution for enterprises looking (or re-looking) at it for the first time. >> >> I'm not a full-time developer but an architect so I am planning to open a new discussion about how PTL candidates are currently being qualified. Again, different thread. >> >> For this thread, if there is a concern about PTL interest - it's there and I would be open to helping the team in this regard if it helps keep the team activity in the OpenStack marquee. >> >> //adam >> >> >> Adam Lawson >> >> AQORN, Inc. >> 427 North Tatnall Street >> Ste. 58461 >> Wilmington, Delaware 19801-2230 >> Toll-free: (844) 4-AQORN-NOW ext. 101 >> International: +1 302-387-4660 >> Direct: +1 916-246-2072 >> >> On Wed, Sep 21, 2016 at 8:56 AM, Clint Byrum wrote: >>> >>> Excerpts from Filip Pytloun's message of 2016-09-21 14:58:52 +0200: >>> > Hello, >>> > >>> > it's definately our bad that we missed elections in OpenStackSalt >>> > project. Reason is similar to Rob's - we are active on different >>> > channels (mostly IRC as we keep regular meetings) and don't used to >>> > reading mailing lists with lots of generic topics (it would be good to >>> > have separate mailing list for such calls and critical topics or >>> > individual mails to project's core members). >>> > >>> > Our project is very active [1], trying to do things the Openstack way >>> > and I think it would be a pitty to remove it from Big Tent just because >>> > we missed mail and therefore our first PTL election. >>> > >>> > Of course I don't want to excuse our fault. In case it's not too late, >>> > we will try to be more active in mailing lists like openstack-dev and >>> > not miss such important events next time. >>> > >>> > [1] http://stackalytics.com/?module=openstacksalt-group >>> > >>> >>> Seems like we need a bit added to this process which makes sure big tent >>> projects have their primary IRC channel identified, and a list of core >>> reviewer and meeting chair IRC nicks to ping when something urgent comes >>> up. This isn't just useful for elections, but is probably something the >>> VMT would appreciate as well, and likely anyone else who has an urgent >>> need to make contact with a team. >>> >>> I think it might also be useful if we could make the meeting bot remind >>> teams of any pending actions they need to take such as elections upon >>> #startmeeting. >>> >>> Seems like all of that could be automated. >>> >>> __ >>> OpenStack Development Mailing List (not for usage questions) >>> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe >>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> >> > > > __ > OpenStack Development Mailing List (not
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Agreed entirely with Travis's points. I think it was a given to anyone within the OSSP that Rob would be our PTL going forward. I recognize that the community needs feedback to make these decisions, but I am in our IRC channel 5 days a week, at least 8 hours a day, and I have never seen any attempt to reach out to us in that medium. I wouldn't call it babysitting to make some reasonable attempt to meet us where we are instead of moralizing on the mailing list when we don't respond to OTHER postings on the same mailing list. I believe kicking OSSP out of the big tent will have these results: * The 5 individuals we have working full-time on Syntribos (http://stackalytics.com/?module=syntribos / https://github.com/openstack/syntribos) as part of OSIC may not be able to continue our arrangement if this project is not in the big tent. I can't speak for OSIC leadership on this point, but it is certainly a risk * The OSSP has been losing members recently for various reasons not related to OpenStack politics. Removing us from the big tent will only accelerate this * Projects like Bandit, Syntribos, and Anchor will atrophy without dedicated developer attention, representing a HUGE waste of developer resources and potential positive operator impact * It will take longer to wrap up OSSA/OSSN/Threat Analysis for OpenStack projects if only the 4 members of the VMT are involved/invested * I want to be clear: the VMT does very important work, and they are incredibly responsive for such a small team. Nonetheless, the numbers don't lie. We have more people working on one tool (Syntribos) than the entire group responsible for vulnerability management throughout all of OpenStack. Thankfully, we don't ONLY work on Syntribos - we attended the midcycle where we helped on OSSNs and the threat analysis for Barbican. I would understand this reaction if we were a completely barren group that hadn't made any contributions to OpenStack in months, but to the contrary, we have been very active on a number of projects. In fact, my team (Syntribos) is testing OpenStack projects for security vulnerabilities at this very moment, and we have reported several recently. I think this speaks just as much to a disconnect by the OpenStack community from our project, and I would turn your accusation of inactivity back on you. If you're completely unaware of the work we're doing, and unwilling to join our very active IRC channel to get in touch with us, is it not a bit hypocritical to accuse us of negligence for not consuming the entire firehose of the OpenStack Dev list? Sincerely, Charles Neill From: Travis Mcpeak mailto:tmcp...@us.ibm.com>> Reply-To: "OpenStack Development Mailing List (not for usage questions)" mailto:openstack-dev@lists.openstack.org>> Date: Wednesday, September 21, 2016 at 11:23 To: "openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>" mailto:openstack-dev@lists.openstack.org>> Subject: Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent Ouch. I'd be among the first to admit I don't keep up with dev ML as I should. Missing the PTL elections is certainly embarrassing for us and it shouldn't be the community's job to baby-sit us and make sure we're meeting our OpenStack deadlines. That being said, relegating us to a working group seems like a knee-jerk and drastic consequence to levy against a project as vibrant as ours. In a previous response Rob has highlighted many of our recent accomplishments, so I won't revisit that here. What I do want to mention is the work Rob himself has done to coordinate and secure funding for our fifth consecutive mid-cycle (and each prior to that). He has worked consistently to build support for our initiatives, both within and outside of OpenStack. Since assuming the PTL role none of our active members have been inclined to run against him. So yes, he's dropped the ball on reading the ML (I have too). If allowed to keep our project status we'll ensure that these mistakes don't happen in the future. Taking away our project status because "we act like a working group" is an unfair categorization and, in my opinion, a severe reaction to a relatively minor infraction. -Travis McPeak From: openstack-dev-requ...@lists.openstack.org<mailto:openstack-dev-requ...@lists.openstack.org> To: openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org> Date:09/21/2016 05:04 AM Subject:OpenStack-dev Digest, Vol 53, Issue 51 Send OpenStack-dev mailing list submissions to openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org> To subscribe or unsubscribe via the Wor
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Excerpts from Clint Byrum's message of 2016-09-21 08:56:24 -0700: > Excerpts from Filip Pytloun's message of 2016-09-21 14:58:52 +0200: > > Hello, > > > > it's definately our bad that we missed elections in OpenStackSalt > > project. Reason is similar to Rob's - we are active on different > > channels (mostly IRC as we keep regular meetings) and don't used to > > reading mailing lists with lots of generic topics (it would be good to > > have separate mailing list for such calls and critical topics or > > individual mails to project's core members). > > > > Our project is very active [1], trying to do things the Openstack way > > and I think it would be a pitty to remove it from Big Tent just because > > we missed mail and therefore our first PTL election. > > > > Of course I don't want to excuse our fault. In case it's not too late, > > we will try to be more active in mailing lists like openstack-dev and > > not miss such important events next time. > > > > [1] http://stackalytics.com/?module=openstacksalt-group > > > > Seems like we need a bit added to this process which makes sure big tent > projects have their primary IRC channel identified, and a list of core > reviewer and meeting chair IRC nicks to ping when something urgent comes > up. This isn't just useful for elections, but is probably something the > VMT would appreciate as well, and likely anyone else who has an urgent > need to make contact with a team. IRC channels are listed on team pages on governance.o.o. For example: http://governance.openstack.org/reference/projects/openstacksalt.html Core reviewers are accessible through gerrit. For example, https://review.openstack.org/#/admin/projects/openstack/openstack-salt,access leads to https://review.openstack.org/#/admin/groups/1268,members Meeting chair nicks are available on eavesdrop.o.o. For example, http://eavesdrop.openstack.org/#OpenStack_Salt_Team_Meeting It might make sense to automate pulling that information together into a single page somewhere, maybe the team page on governance.o.o. The larger point is that the community expects teams to be paying attention to the cycle schedule and taking care of the actions expected without being individually asked to do so. > I think it might also be useful if we could make the meeting bot remind > teams of any pending actions they need to take such as elections upon > #startmeeting. I could see that being useful, yes. > Seems like all of that could be automated. > __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
You know something that struck me, I noticed there were several teams last cycle that did not elect a PTL so this round I was watching to see if any teams did not have a PTL elected and presumed it was because of many of the reasons surfaced in previous emails in this thread including being heads down, watching other channels and potentially insufficient numbers of individuals interested in the PTL role. So I waited and noticed Astara, Security and a handful of other projects did not have a PTL elected so I picked Astara because I am an OpenStack architect who specializes in SDN, security and distributed storage and applied. Of course I missed the deadline by about 2 hours but Security was another project I was interested in. So all this said, there are individuals interested in the PTL role to ensure project teams have someone handling the logistics and coordination. My issue however was that I was not yet eligible to be a candidate which I'll remedy moving forward. I'm still interested in serving as a PTL for a project that needs one. I personally believe that in the case of Security, there needs to be a dedicated team due to the nature and impact of security breaches that directly influence the perception of OpenStack as a viable cloud solution for enterprises looking (or re-looking) at it for the first time. I'm not a full-time developer but an architect so I am planning to open a new discussion about how PTL candidates are currently being qualified. Again, different thread. For this thread, if there is a concern about PTL interest - it's there and I would be open to helping the team in this regard if it helps keep the team activity in the OpenStack marquee. //adam *Adam Lawson* AQORN, Inc. 427 North Tatnall Street Ste. 58461 Wilmington, Delaware 19801-2230 Toll-free: (844) 4-AQORN-NOW ext. 101 International: +1 302-387-4660 Direct: +1 916-246-2072 On Wed, Sep 21, 2016 at 8:56 AM, Clint Byrum wrote: > Excerpts from Filip Pytloun's message of 2016-09-21 14:58:52 +0200: > > Hello, > > > > it's definately our bad that we missed elections in OpenStackSalt > > project. Reason is similar to Rob's - we are active on different > > channels (mostly IRC as we keep regular meetings) and don't used to > > reading mailing lists with lots of generic topics (it would be good to > > have separate mailing list for such calls and critical topics or > > individual mails to project's core members). > > > > Our project is very active [1], trying to do things the Openstack way > > and I think it would be a pitty to remove it from Big Tent just because > > we missed mail and therefore our first PTL election. > > > > Of course I don't want to excuse our fault. In case it's not too late, > > we will try to be more active in mailing lists like openstack-dev and > > not miss such important events next time. > > > > [1] http://stackalytics.com/?module=openstacksalt-group > > > > Seems like we need a bit added to this process which makes sure big tent > projects have their primary IRC channel identified, and a list of core > reviewer and meeting chair IRC nicks to ping when something urgent comes > up. This isn't just useful for elections, but is probably something the > VMT would appreciate as well, and likely anyone else who has an urgent > need to make contact with a team. > > I think it might also be useful if we could make the meeting bot remind > teams of any pending actions they need to take such as elections upon > #startmeeting. > > Seems like all of that could be automated. > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
But something else struck me, the velocity and sheer NUMBER of emails that must be filtered to find and extract these key announcements is tricky so I don't fault anyone for missing the needle in the haystack. Important needle no doubt but I wonder if there are more efficient ways to ensure important info is highlighted. My knee jerk idea is a way for individuals to subscribe to certain topics that come into their inbox. I don't have a good way within Gmail to sub-filter these which has been a historical problem for me in terms of awareness of following hot topics. //adam *Adam Lawson* AQORN, Inc. 427 North Tatnall Street Ste. 58461 Wilmington, Delaware 19801-2230 Toll-free: (844) 4-AQORN-NOW ext. 101 International: +1 302-387-4660 Direct: +1 916-246-2072 On Wed, Sep 21, 2016 at 9:28 AM, Adam Lawson wrote: > You know something that struck me, I noticed there were several teams last > cycle that did not elect a PTL so this round I was watching to see if any > teams did not have a PTL elected and presumed it was because of many of the > reasons surfaced in previous emails in this thread including being heads > down, watching other channels and potentially insufficient numbers of > individuals interested in the PTL role. > > So I waited and noticed Astara, Security and a handful of other projects > did not have a PTL elected so I picked Astara because I am an OpenStack > architect who specializes in SDN, security and distributed storage and > applied. Of course I missed the deadline by about 2 hours but Security was > another project I was interested in. > > So all this said, there are individuals interested in the PTL role to > ensure project teams have someone handling the logistics and coordination. > My issue however was that I was not yet eligible to be a candidate which > I'll remedy moving forward. > > I'm still interested in serving as a PTL for a project that needs one. I > personally believe that in the case of Security, there needs to be a > dedicated team due to the nature and impact of security breaches that > directly influence the perception of OpenStack as a viable cloud solution > for enterprises looking (or re-looking) at it for the first time. > > I'm not a full-time developer but an architect so I am planning to open a > new discussion about how PTL candidates are currently being qualified. > Again, different thread. > > For this thread, if there is a concern about PTL interest - it's there and > I would be open to helping the team in this regard if it helps keep the > team activity in the OpenStack marquee. > > //adam > > > *Adam Lawson* > > AQORN, Inc. > 427 North Tatnall Street > Ste. 58461 > Wilmington, Delaware 19801-2230 > Toll-free: (844) 4-AQORN-NOW ext. 101 > International: +1 302-387-4660 > Direct: +1 916-246-2072 > > On Wed, Sep 21, 2016 at 8:56 AM, Clint Byrum wrote: > >> Excerpts from Filip Pytloun's message of 2016-09-21 14:58:52 +0200: >> > Hello, >> > >> > it's definately our bad that we missed elections in OpenStackSalt >> > project. Reason is similar to Rob's - we are active on different >> > channels (mostly IRC as we keep regular meetings) and don't used to >> > reading mailing lists with lots of generic topics (it would be good to >> > have separate mailing list for such calls and critical topics or >> > individual mails to project's core members). >> > >> > Our project is very active [1], trying to do things the Openstack way >> > and I think it would be a pitty to remove it from Big Tent just because >> > we missed mail and therefore our first PTL election. >> > >> > Of course I don't want to excuse our fault. In case it's not too late, >> > we will try to be more active in mailing lists like openstack-dev and >> > not miss such important events next time. >> > >> > [1] http://stackalytics.com/?module=openstacksalt-group >> > >> >> Seems like we need a bit added to this process which makes sure big tent >> projects have their primary IRC channel identified, and a list of core >> reviewer and meeting chair IRC nicks to ping when something urgent comes >> up. This isn't just useful for elections, but is probably something the >> VMT would appreciate as well, and likely anyone else who has an urgent >> need to make contact with a team. >> >> I think it might also be useful if we could make the meeting bot remind >> teams of any pending actions they need to take such as elections upon >> #startmeeting. >> >> Seems like all of that could be automated. >> >> >> __ >> OpenStack Development Mailing List (not for usage questions) >> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscrib >> e >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> > > __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe htt
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
openstack-dev > > -- Message: 6 Date: Wed, 21 Sep 2016 15:43:24 +0530 From: Saravanan KR To: "OpenStack Development Mailing List (not for usage questions)" Subject: Re: [openstack-dev] [tripleo] Setting kernel args to overcloud nodes Message-ID: Content-Type: text/plain; charset=UTF-8 I have been working on the user-data scripts (first-boot) for updating the kernel args on the overcloud node [1]. The pre-condition is that the kernel args has to be applied and node has to be restarted before os-net-config runs. I got in to problem of provisioning network not getting ip after the reboot in the user-data script. While investigating, figured out that network.service starts the nodes on the alpha-numeric order, on which the first nic is not the one used for provisioning. network.service initiates a DHCP DISCOVER on it, when it times out, network.service goes to failed state and all other interfaces are DOWN state. If i manually bring the interface up (via ipmi console), then all proceeds fine without any issue. To overcome this issue, I have written a small script to find out the provisioning network via metadata (metadata has the mac address of the provisioning network) and make BOOTPROTO=none on all other interface's ifcfg files except the provisioning network. There still an issue of IP not ready at the time of querying metadata, temporarily added a sleep which solves it. The user-data script [1] has all these fixes and tested on an baremetal overcloud node. If anyone has a better way of doing it, you are more than welcome to suggest. Regards, Saravanan KR [1] https://gist.github.com/krsacme/1234bf024ac917c74913827298840c1c On Wed, Jul 27, 2016 at 6:52 PM, Saravanan KR wrote: > Hello, > > We are working on SR-IOV & DPDK tripleo integration. In which, setting > the kernel args for huge pages, iommu and cpu isolation is required. > Earlier we were working on setting of kernel args via IPA [1], reasons > being: > 1. IPA is installing the boot loader on the overcloud node > 2. Ironic knows the hardware spec, using which, we can target specific > args to nodes via introspection rules > > As the proposal is to change the image owned file '/etc/default/grub', > it has been suggested by ironic team to use the instance user data to > set the kernel args [2][3], instead of IPA. In the suggested approach, > we are planning to update the file /etc/default/grub, update > /etc/grub2.cfg and then issue a reboot. Reboot is mandatory because, > os-net-config will configure the DPDK bridges and ports by binding the > DPDK driver, which requires kernel args should be set for iommu and > huge pages. > > As discussed on the IRC tripleo meeting, we need to ensure that the > user data with update of kernel args, does not overlap with any other > puppet configurations. Please let us know if you have any comments on > this approach. > > Regards, > Saravanan KR > > [1] https://review.openstack.org/#/c/331564/ > [2] http://docs.openstack.org/developer/ironic/deploy/install-guide.html#appending-kernel-parameters-to-boot-instances > [3] http://docs.openstack.org/developer/tripleo-docs/advanced_deployment/extra_config.html#firstboot-extra-configuration -- Message: 7 Date: Wed, 21 Sep 2016 12:49:58 +0200 From: Giulio Fidente To: "OpenStack Development Mailing List (not for usage questions)" , Emilien Macchi Subject: Re: [openstack-dev] [tripleo] [puppet] Preparing TripleO agenda for Barcelona - action needed Message-ID: Content-Type: text/plain; charset=windows-1252; format=flowed On 09/19/2016 10:49 PM, Emilien Macchi wrote: > (adding puppet tag for cross project session). > > Let's continue to prepare TripleO sessions. > > https://etherpad.openstack.org/p/ocata-tripleo > > For reminder, we have 2 fishbowls and 4 working rooms. > I looked at the topic proposals and I started to organize some sessions. > > Some actions from you are required: > - review the session proposal > - if you want to drive a session, please put your name in "Chair". > - for each session we need to choose if we want it to be a work room > or a fishbowl session. > - 4 topics are still there, please propose a session (concatenate them > if possible) > - if you missed this etherpad until now, feel free to propose a > session with your topic (ex: TripleO UI - roadmap, etc). > > At least but not least, I would propose a cross project session with > Puppet OpenStack group (using a slot from their schedule) so we might > have a 7th session. the cross project session with the puppet group is a nice idea indeed, thanks Emilien in that context it would be nice to gather some ideas/feedback on the st
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Hello, > With 59 separate teams, even emailing the PTLs directly is becoming > impractical. I can’t imagine trying to email all of the core members directly. > > A separate mailing list just for “important announcements” would need someone > to decide what is “important”. It would also need everyone to be subscribed, > or we would have to cross-post to the existing list. That’s why we use topic > tags on the mailing list, so that it is possible to filter messages based on > what is important to the reader, rather than the sender. So maybe call it openstack-organization or openstack-teams or something to focus on organizational topics. Using tags and filters is also a way but may not be suitable for everyone. > I don’t see any releases listed on > https://releases.openstack.org/independent.html either. Are you tagging > releases, yet? Yes, we've done a few releases, see eg. openstack/salt-formula-nova releases here: https://github.com/openstack/salt-formula-nova/releases I don't know why it's not listed on releases.openstack.org page. > I see no emails tagged with [salt] on the mailing list since March of this > year, aside from this thread. Are you using a different communication channel > for team coordination? You mention IRC, but how are new contributors expected > to find you? Yes, we are using openstack-salt channel and openstack meetings over IRC. This channel is mentioned eg. in readme here [1] and community meetings page [2] which are on weekly basis (logs [3]). We also had a couple of people comming to team IRC talking to us about project so I believe they can find the way to contact us even without our heavy activity at openstack-dev (which should be better as I admitted). [1] https://github.com/openstack/openstack-salt [2] https://wiki.openstack.org/wiki/Meetings/openstack-salt [3] http://eavesdrop.openstack.org/meetings/openstack_salt/2016/ > > > > Of course I don't want to excuse our fault. In case it's not too late, > > we will try to be more active in mailing lists like openstack-dev and > > not miss such important events next time. > > > > [1] http://stackalytics.com/?module=openstacksalt-group > > > > -Filip > > > > On Wed, Sep 21, 2016 at 12:23 PM, Thierry Carrez > > wrote: > > > >> Hi everyone, > >> > >> As announced previously[1][2], there were no PTL candidates within the > >> election deadline for a number of official OpenStack project teams: > >> Astara, UX, OpenStackSalt and Security. > >> > >> In the Astara case, the current team working on it would like to abandon > >> the project (and let it be available for any new team who wishes to take > >> it away). A change should be proposed really soon now to go in that > >> direction. > >> > >> In the UX case, the current PTL (Piet Kruithof) very quickly reacted, > >> explained his error and asked to be considered for the position for > >> Ocata. The TC will officialize his nomination at the next meeting, > >> together with the newly elected PTLs. > >> > >> That leaves us with OpenStackSalt and Security, where nobody reacted to > >> the announcement that we are missing PTL candidates. That points to a > >> real disconnect between those teams and the rest of the community. Even > >> if you didn't have the election schedule in mind, it was pretty hard to > >> miss all the PTL nominations in the email last week. > >> > >> The majority of TC members present at the meeting yesterday suggested > >> that those project teams should be removed from the Big Tent, with their > >> design summit space allocation slightly reduced to match that (and make > >> room for other not-yet-official teams). > >> > >> In the case of OpenStackSalt, it's a relatively new addition, and if > >> they get their act together they could probably be re-proposed in the > >> future. In the case of Security, it points to a more significant > >> disconnect (since it's not the first time the PTL misses the nomination > >> call). We definitely still need to care about Security (and we also need > >> a home for the Vulnerability Management team), but I think the "Security > >> team" acts more like a workgroup than as an official project team, as > >> evidenced by the fact that nobody in that team reacted to the lack of > >> PTL nomination, or the announcement that the team missed the bus. > >> > >> The suggested way forward there would be to remove the "Security project > >> team", have the Vulnerability Management Team file to be its own > >> official project team (in the same vein as the stable maintenance team), > >> and have Security be just a workgroup rather than a project team. > >> > >> Thoughts, comments ? > >> > >> [1] > >> http://lists.openstack.org/pipermail/openstack-dev/2016- > >> September/103904.html > >> [2] > >> http://lists.openstack.org/pipermail/openstack-dev/2016- > >> September/103939.html > >> > >> -- > >> Thierry Carrez (ttx) > >> > >> __ > >> O
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Excerpts from Filip Pytloun's message of 2016-09-21 14:58:52 +0200: > Hello, > > it's definately our bad that we missed elections in OpenStackSalt > project. Reason is similar to Rob's - we are active on different > channels (mostly IRC as we keep regular meetings) and don't used to > reading mailing lists with lots of generic topics (it would be good to > have separate mailing list for such calls and critical topics or > individual mails to project's core members). > > Our project is very active [1], trying to do things the Openstack way > and I think it would be a pitty to remove it from Big Tent just because > we missed mail and therefore our first PTL election. > > Of course I don't want to excuse our fault. In case it's not too late, > we will try to be more active in mailing lists like openstack-dev and > not miss such important events next time. > > [1] http://stackalytics.com/?module=openstacksalt-group > Seems like we need a bit added to this process which makes sure big tent projects have their primary IRC channel identified, and a list of core reviewer and meeting chair IRC nicks to ping when something urgent comes up. This isn't just useful for elections, but is probably something the VMT would appreciate as well, and likely anyone else who has an urgent need to make contact with a team. I think it might also be useful if we could make the meeting bot remind teams of any pending actions they need to take such as elections upon #startmeeting. Seems like all of that could be automated. __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
On 09/21/2016 05:17 AM, Rob C wrote: > Apart from missing elections, I think we do a huge amount for the community > and removing us from OpenStack would in no way be beneficial to either the > Security Project or OpenStack as a whole. I definitely agree with Rob here and I support keeping the Security team in the big tent. Although I'm not an active contributor there (but I want to be), I've joined some of their meetings and they've provided guidance on some of the work I've done with OpenStack-Ansible's (OSA) security hardening role. The OSSN's they produce are helpful and the information contained within them is used when we improve OSA. The Security Guide is also extremely useful for deployers who need advice on configuring OpenStack in a secure way. -- Major Hayden signature.asc Description: OpenPGP digital signature __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
> On Sep 21, 2016, at 8:58 AM, Filip Pytloun wrote: > > Hello, > > it's definately our bad that we missed elections in OpenStackSalt > project. Reason is similar to Rob's - we are active on different > channels (mostly IRC as we keep regular meetings) and don't used to > reading mailing lists with lots of generic topics (it would be good to > have separate mailing list for such calls and critical topics or > individual mails to project's core members). With 59 separate teams, even emailing the PTLs directly is becoming impractical. I can’t imagine trying to email all of the core members directly. A separate mailing list just for “important announcements” would need someone to decide what is “important”. It would also need everyone to be subscribed, or we would have to cross-post to the existing list. That’s why we use topic tags on the mailing list, so that it is possible to filter messages based on what is important to the reader, rather than the sender. > Our project is very active [1], trying to do things the Openstack way > and I think it would be a pitty to remove it from Big Tent just because > we missed mail and therefore our first PTL election. I don’t see any releases listed on https://releases.openstack.org/independent.html either. Are you tagging releases, yet? I see no emails tagged with [salt] on the mailing list since March of this year, aside from this thread. Are you using a different communication channel for team coordination? You mention IRC, but how are new contributors expected to find you? > > Of course I don't want to excuse our fault. In case it's not too late, > we will try to be more active in mailing lists like openstack-dev and > not miss such important events next time. > > [1] http://stackalytics.com/?module=openstacksalt-group > > -Filip > > On Wed, Sep 21, 2016 at 12:23 PM, Thierry Carrez > wrote: > >> Hi everyone, >> >> As announced previously[1][2], there were no PTL candidates within the >> election deadline for a number of official OpenStack project teams: >> Astara, UX, OpenStackSalt and Security. >> >> In the Astara case, the current team working on it would like to abandon >> the project (and let it be available for any new team who wishes to take >> it away). A change should be proposed really soon now to go in that >> direction. >> >> In the UX case, the current PTL (Piet Kruithof) very quickly reacted, >> explained his error and asked to be considered for the position for >> Ocata. The TC will officialize his nomination at the next meeting, >> together with the newly elected PTLs. >> >> That leaves us with OpenStackSalt and Security, where nobody reacted to >> the announcement that we are missing PTL candidates. That points to a >> real disconnect between those teams and the rest of the community. Even >> if you didn't have the election schedule in mind, it was pretty hard to >> miss all the PTL nominations in the email last week. >> >> The majority of TC members present at the meeting yesterday suggested >> that those project teams should be removed from the Big Tent, with their >> design summit space allocation slightly reduced to match that (and make >> room for other not-yet-official teams). >> >> In the case of OpenStackSalt, it's a relatively new addition, and if >> they get their act together they could probably be re-proposed in the >> future. In the case of Security, it points to a more significant >> disconnect (since it's not the first time the PTL misses the nomination >> call). We definitely still need to care about Security (and we also need >> a home for the Vulnerability Management team), but I think the "Security >> team" acts more like a workgroup than as an official project team, as >> evidenced by the fact that nobody in that team reacted to the lack of >> PTL nomination, or the announcement that the team missed the bus. >> >> The suggested way forward there would be to remove the "Security project >> team", have the Vulnerability Management Team file to be its own >> official project team (in the same vein as the stable maintenance team), >> and have Security be just a workgroup rather than a project team. >> >> Thoughts, comments ? >> >> [1] >> http://lists.openstack.org/pipermail/openstack-dev/2016- >> September/103904.html >> [2] >> http://lists.openstack.org/pipermail/openstack-dev/2016- >> September/103939.html >> >> -- >> Thierry Carrez (ttx) >> >> __ >> OpenStack Development Mailing List (not for usage questions) >> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/ope
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Excerpts from Rob C's message of 2016-09-21 13:17:07 +0100: > For my part, I missed the elections, that's my bad. I normally put a > calendar item in for that issue. I don't think that my missing the election > date should result in the group being treated in this way. Members of the > TC have contacted me about unrelated things recently, I have always been > available however my schedule has made it hard for me to sift through -dev > recently and I missed the volley of nomination emails. This is certainly a > failing on my part. > > It's certainly true that the security team, and our cores tend not to pay > as much attention to the -dev mailing list as we should. The list is pretty > noisy and traditionally we always had a separate list that we used for > security and since moving away from that we tend to focus on IRC or direct > emails. Though as can be seen with our core announcements etc, we do try to > do things the "openstack way" > > However, to say we're not active I think is a bit unfair. Theirry and > others regularly mail me directly about things like rooms for the summit > and I typically respond in good time, I think what's happened here is more > an identification of the fact that we need to focus more on doing things > "the openstack way" rather than being kicked out of the big tent. > > We regularly work with the VMT on security issues, we issue large amounts > of guidance on our own, we have been working hard on an asset based threat > analysis process for OpenStack teams who are looking to be security > managed, we've reviewed external TA documentation and recently in our > midcycle (yes, we're dedicated enough to fly to Texas and meet up to work > on such issues) we created the first real set of security documents for an > OpenStack project, we worked with Barbican to apply the asset based threat > analysis that we'd like to engage other teams in [1], [2] > > Here's a couple of the things that we've been doing in this cycle: > * Issuing Security Notes for Glance, Nova, Horizon, Bandit, Neutron and > Barbican[3] > * Updating the security guide (the book we wrote on securing OpenStack)[4] > * Hosting a midcycle and inducting new members > * Supporting the VMT with several embargoed and complex vulnerabilities > * Building up a security blog[5] > * Making OpenStack the biggest open source project to ever receive the Core > Infrastructure Initative Best Practices Badge[6][7] > * Working on the OpenStack Security Whitepaper [8] > * Developing CI security tooling such as Bandit [9] > > We are a very active team, working extremely hard on trying to make one > OpenStack secure. This is often a thankless task, we provide a lot of what > customers are asking for from OpenStack but as we don't drive individual > flagship features our contributions are often overlooked. However, above is > just a selection of what we've been doing throughout the last cycle. > > If it's too late for these comments to have an influence then sobeit but > this is failure of appropriate levels of email filtering and perhaps a > highlight of how we need to alter our culture somewhat to partipate more in > -dev in general than it is any indication of a lack of dedication, time, > effort or contribution on the part of the Security Project. We have > dedicate huge amounts of efforts to OpenStack and to relegate us to a > working group would be massively detrimental for one reason above all > others. We get corporate participation, time and effort in terms of > employee hours and contributions because we're an official part of > OpenStack, we've had to build this up over time. If you remove the Security > Project from the big tent I believe that participation in Security for > OpenStack will drop off significantly. > > We are active, we are helping to make OpenStack secure and we (I) suck at > keeping ontop of email. Don't kick us out for that. If needs be we can find > another PTL or otherwise take special steps to ensure that missing > elections doesn't happen. While it's admirable of you to take responsibility, there's no reason to think this is an individual team member's fault. The team is responsible as a group for ensuring that it is meeting its responsibilities to the rest of the community. In this case, the election officials and TC had no reason to assume that you would or would not run again. Any contributor could have entered the race. When no one at all did, that lack of engagement reflected on the entire team, not only you. > Apart from missing elections, I think we do a huge amount for the community > and removing us from OpenStack would in no way be beneficial to either the > Security Project or OpenStack as a whole. Based on the list above, the team is doing far more than I was aware of. I'm glad to hear that, as it looks like there is a considerable amount of work going into those contributions. I hope we can find a way to increase the team's participation in community operations outside of c
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
-Original Message- From: Rob C Reply: OpenStack Development Mailing List (not for usage questions) Date: September 21, 2016 at 07:19:40 To: OpenStack Development Mailing List (not for usage questions) Subject: Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent > For my part, I missed the elections, that's my bad. I normally put a > calendar item in for that issue. I don't think that my missing the election > date should result in the group being treated in this way. Members of the > TC have contacted me about unrelated things recently, I have always been > available however my schedule has made it hard for me to sift through -dev > recently and I missed the volley of nomination emails. This is certainly a > failing on my part. > > It's certainly true that the security team, and our cores tend not to pay > as much attention to the -dev mailing list as we should. The list is pretty > noisy and traditionally we always had a separate list that we used for > security and since moving away from that we tend to focus on IRC or direct > emails. Though as can be seen with our core announcements etc, we do try to > do things the "openstack way" > > However, to say we're not active I think is a bit unfair. Theirry and > others regularly mail me directly about things like rooms for the summit > and I typically respond in good time, I think what's happened here is more > an identification of the fact that we need to focus more on doing things > "the openstack way" rather than being kicked out of the big tent. > > We regularly work with the VMT on security issues, we issue large amounts > of guidance on our own, we have been working hard on an asset based threat > analysis process for OpenStack teams who are looking to be security > managed, we've reviewed external TA documentation and recently in our > midcycle (yes, we're dedicated enough to fly to Texas and meet up to work > on such issues) we created the first real set of security documents for an > OpenStack project, we worked with Barbican to apply the asset based threat > analysis that we'd like to engage other teams in [1], [2] > > Here's a couple of the things that we've been doing in this cycle: > * Issuing Security Notes for Glance, Nova, Horizon, Bandit, Neutron and > Barbican[3] > * Updating the security guide (the book we wrote on securing OpenStack)[4] > * Hosting a midcycle and inducting new members > * Supporting the VMT with several embargoed and complex vulnerabilities > * Building up a security blog[5] > * Making OpenStack the biggest open source project to ever receive the Core > Infrastructure Initative Best Practices Badge[6][7] > * Working on the OpenStack Security Whitepaper [8] > * Developing CI security tooling such as Bandit [9] > > We are a very active team, working extremely hard on trying to make one > OpenStack secure. This is often a thankless task, we provide a lot of what > customers are asking for from OpenStack but as we don't drive individual > flagship features our contributions are often overlooked. However, above is > just a selection of what we've been doing throughout the last cycle. > > If it's too late for these comments to have an influence then sobeit but > this is failure of appropriate levels of email filtering and perhaps a > highlight of how we need to alter our culture somewhat to partipate more in > -dev in general than it is any indication of a lack of dedication, time, > effort or contribution on the part of the Security Project. We have > dedicate huge amounts of efforts to OpenStack and to relegate us to a > working group would be massively detrimental for one reason above all > others. We get corporate participation, time and effort in terms of > employee hours and contributions because we're an official part of > OpenStack, we've had to build this up over time. If you remove the Security > Project from the big tent I believe that participation in Security for > OpenStack will drop off significantly. > > We are active, we are helping to make OpenStack secure and we (I) suck at > keeping ontop of email. Don't kick us out for that. If needs be we can find > another PTL or otherwise take special steps to ensure that missing > elections doesn't happen. > > Apart from missing elections, I think we do a huge amount for the community > and removing us from OpenStack would in no way be beneficial to either the > Security Project or OpenStack as a whole. > > -Rob > > [1] https://review.openstack.org/#/c/357978/5 > [2] https://etherpad.openstack.org/p/barbican-threat-analysis > [3] https://wiki.openstack
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Hello, it's definately our bad that we missed elections in OpenStackSalt project. Reason is similar to Rob's - we are active on different channels (mostly IRC as we keep regular meetings) and don't used to reading mailing lists with lots of generic topics (it would be good to have separate mailing list for such calls and critical topics or individual mails to project's core members). Our project is very active [1], trying to do things the Openstack way and I think it would be a pitty to remove it from Big Tent just because we missed mail and therefore our first PTL election. Of course I don't want to excuse our fault. In case it's not too late, we will try to be more active in mailing lists like openstack-dev and not miss such important events next time. [1] http://stackalytics.com/?module=openstacksalt-group -Filip On Wed, Sep 21, 2016 at 12:23 PM, Thierry Carrez wrote: > Hi everyone, > > As announced previously[1][2], there were no PTL candidates within the > election deadline for a number of official OpenStack project teams: > Astara, UX, OpenStackSalt and Security. > > In the Astara case, the current team working on it would like to abandon > the project (and let it be available for any new team who wishes to take > it away). A change should be proposed really soon now to go in that > direction. > > In the UX case, the current PTL (Piet Kruithof) very quickly reacted, > explained his error and asked to be considered for the position for > Ocata. The TC will officialize his nomination at the next meeting, > together with the newly elected PTLs. > > That leaves us with OpenStackSalt and Security, where nobody reacted to > the announcement that we are missing PTL candidates. That points to a > real disconnect between those teams and the rest of the community. Even > if you didn't have the election schedule in mind, it was pretty hard to > miss all the PTL nominations in the email last week. > > The majority of TC members present at the meeting yesterday suggested > that those project teams should be removed from the Big Tent, with their > design summit space allocation slightly reduced to match that (and make > room for other not-yet-official teams). > > In the case of OpenStackSalt, it's a relatively new addition, and if > they get their act together they could probably be re-proposed in the > future. In the case of Security, it points to a more significant > disconnect (since it's not the first time the PTL misses the nomination > call). We definitely still need to care about Security (and we also need > a home for the Vulnerability Management team), but I think the "Security > team" acts more like a workgroup than as an official project team, as > evidenced by the fact that nobody in that team reacted to the lack of > PTL nomination, or the announcement that the team missed the bus. > > The suggested way forward there would be to remove the "Security project > team", have the Vulnerability Management Team file to be its own > official project team (in the same vein as the stable maintenance team), > and have Security be just a workgroup rather than a project team. > > Thoughts, comments ? > > [1] > http://lists.openstack.org/pipermail/openstack-dev/2016- > September/103904.html > [2] > http://lists.openstack.org/pipermail/openstack-dev/2016- > September/103939.html > > -- > Thierry Carrez (ttx) > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > signature.asc Description: Digital signature __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
For my part, I missed the elections, that's my bad. I normally put a calendar item in for that issue. I don't think that my missing the election date should result in the group being treated in this way. Members of the TC have contacted me about unrelated things recently, I have always been available however my schedule has made it hard for me to sift through -dev recently and I missed the volley of nomination emails. This is certainly a failing on my part. It's certainly true that the security team, and our cores tend not to pay as much attention to the -dev mailing list as we should. The list is pretty noisy and traditionally we always had a separate list that we used for security and since moving away from that we tend to focus on IRC or direct emails. Though as can be seen with our core announcements etc, we do try to do things the "openstack way" However, to say we're not active I think is a bit unfair. Theirry and others regularly mail me directly about things like rooms for the summit and I typically respond in good time, I think what's happened here is more an identification of the fact that we need to focus more on doing things "the openstack way" rather than being kicked out of the big tent. We regularly work with the VMT on security issues, we issue large amounts of guidance on our own, we have been working hard on an asset based threat analysis process for OpenStack teams who are looking to be security managed, we've reviewed external TA documentation and recently in our midcycle (yes, we're dedicated enough to fly to Texas and meet up to work on such issues) we created the first real set of security documents for an OpenStack project, we worked with Barbican to apply the asset based threat analysis that we'd like to engage other teams in [1], [2] Here's a couple of the things that we've been doing in this cycle: * Issuing Security Notes for Glance, Nova, Horizon, Bandit, Neutron and Barbican[3] * Updating the security guide (the book we wrote on securing OpenStack)[4] * Hosting a midcycle and inducting new members * Supporting the VMT with several embargoed and complex vulnerabilities * Building up a security blog[5] * Making OpenStack the biggest open source project to ever receive the Core Infrastructure Initative Best Practices Badge[6][7] * Working on the OpenStack Security Whitepaper [8] * Developing CI security tooling such as Bandit [9] We are a very active team, working extremely hard on trying to make one OpenStack secure. This is often a thankless task, we provide a lot of what customers are asking for from OpenStack but as we don't drive individual flagship features our contributions are often overlooked. However, above is just a selection of what we've been doing throughout the last cycle. If it's too late for these comments to have an influence then sobeit but this is failure of appropriate levels of email filtering and perhaps a highlight of how we need to alter our culture somewhat to partipate more in -dev in general than it is any indication of a lack of dedication, time, effort or contribution on the part of the Security Project. We have dedicate huge amounts of efforts to OpenStack and to relegate us to a working group would be massively detrimental for one reason above all others. We get corporate participation, time and effort in terms of employee hours and contributions because we're an official part of OpenStack, we've had to build this up over time. If you remove the Security Project from the big tent I believe that participation in Security for OpenStack will drop off significantly. We are active, we are helping to make OpenStack secure and we (I) suck at keeping ontop of email. Don't kick us out for that. If needs be we can find another PTL or otherwise take special steps to ensure that missing elections doesn't happen. Apart from missing elections, I think we do a huge amount for the community and removing us from OpenStack would in no way be beneficial to either the Security Project or OpenStack as a whole. -Rob [1] https://review.openstack.org/#/c/357978/5 [2] https://etherpad.openstack.org/p/barbican-threat-analysis [3] https://wiki.openstack.org/wiki/Security_Notes [4] http://docs.openstack.org/sec/ [5] https://openstack-security.github.io/ [6] https://bestpractices.coreinfrastructure.org/ [7] http://www.businesswire.com/news/home/20160725005133/en/OpenStack-Earns-Core-Infrastructure-Initiative-Practices-Badge [8] https://www.openstack.org/software/security/ [9] https://wiki.openstack.org/wiki/Security/Projects/Bandit On Wed, Sep 21, 2016 at 12:23 PM, Thierry Carrez wrote: > Hi everyone, > > As announced previously[1][2], there were no PTL candidates within the > election deadline for a number of official OpenStack project teams: > Astara, UX, OpenStackSalt and Security. > > In the Astara case, the current team working on it would like to abandon > the project (and let it be available for any new team who wishes to take > it away). A change sho
[openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Hi everyone, As announced previously[1][2], there were no PTL candidates within the election deadline for a number of official OpenStack project teams: Astara, UX, OpenStackSalt and Security. In the Astara case, the current team working on it would like to abandon the project (and let it be available for any new team who wishes to take it away). A change should be proposed really soon now to go in that direction. In the UX case, the current PTL (Piet Kruithof) very quickly reacted, explained his error and asked to be considered for the position for Ocata. The TC will officialize his nomination at the next meeting, together with the newly elected PTLs. That leaves us with OpenStackSalt and Security, where nobody reacted to the announcement that we are missing PTL candidates. That points to a real disconnect between those teams and the rest of the community. Even if you didn't have the election schedule in mind, it was pretty hard to miss all the PTL nominations in the email last week. The majority of TC members present at the meeting yesterday suggested that those project teams should be removed from the Big Tent, with their design summit space allocation slightly reduced to match that (and make room for other not-yet-official teams). In the case of OpenStackSalt, it's a relatively new addition, and if they get their act together they could probably be re-proposed in the future. In the case of Security, it points to a more significant disconnect (since it's not the first time the PTL misses the nomination call). We definitely still need to care about Security (and we also need a home for the Vulnerability Management team), but I think the "Security team" acts more like a workgroup than as an official project team, as evidenced by the fact that nobody in that team reacted to the lack of PTL nomination, or the announcement that the team missed the bus. The suggested way forward there would be to remove the "Security project team", have the Vulnerability Management Team file to be its own official project team (in the same vein as the stable maintenance team), and have Security be just a workgroup rather than a project team. Thoughts, comments ? [1] http://lists.openstack.org/pipermail/openstack-dev/2016-September/103904.html [2] http://lists.openstack.org/pipermail/openstack-dev/2016-September/103939.html -- Thierry Carrez (ttx) __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev