Jump to: navigation, search

Difference between revisions of "Meetings/Swift"

(Add swiftclient SSL certificate validation topic)
 
(962 intermediate revisions by 45 users not shown)
Line 1: Line 1:
Meeting Time: Every other Wednesday at 19:00 UTC
+
{| class="wikitable"
 +
|-
 +
! '''2100 UTC Meeting'''
 +
|-
 +
| '''Next meeting:''' May 1, 2024
 +
|-
 +
| '''Location:''' #openstack-swift on OFTC
 +
|-
 +
| '''Chair:''' timburke
 +
|-
 +
|
 +
<!-- List 2100UTC meeting items below here -->
 +
* Utils refactor - expect merge conflicts!
 +
** https://review.opendev.org/c/openstack/swift/+/914029
 +
* Probe test time outs
 +
** https://zuul.opendev.org/t/openstack/builds?job_name=swift-probetests-centos-9-stream&job_name=swift-probetests-centos-8-stream&project=openstack%2Fswift&result=TIMED_OUT&skip=0&limit=100
 +
** Some of these make sense -- some patchesets break every probe test and our retry-failed-tests logic causes the test time to essentially double
 +
** Others just seem to hang for an hour or more
 +
* liberasurecode release
 +
** https://review.opendev.org/c/openstack/liberasurecode/+/917784
 +
** Nothing major, but it's been a couple years
 +
* pyeclib manylinux wheels
 +
** https://review.opendev.org/c/openstack/pyeclib/+/817498 - Add Dockerfile to build manylinux wheels
 +
** https://review.opendev.org/c/openstack/pyeclib/+/917857 - Add job to build wheels
 +
* expirer work
 +
** https://review.opendev.org/c/openstack/swift/+/914713 - expirer: new options to control task iteration
 +
** https://review.opendev.org/c/openstack/swift/+/916026 - distributed parallel task container iteration
 +
** https://review.opendev.org/c/openstack/swift/+/912496 - add bytes of expiring objects to queue entry
 +
* broker row insertion order py2/py3 behavior difference
 +
* unreleased swiftclient regression
 +
** https://review.opendev.org/c/openstack/python-swiftclient/+/916135
 +
<!-- End 2100UTC meeting items -->
 +
|}
  
Next Meeting: Jan 8, 2014 (no meeting Dec 25)
+
{| class="wikitable"
 +
|-
 +
| '''Meeting Logs''' || http://eavesdrop.openstack.org/meetings/swift/2024/
 +
|-
 +
|'''Useful Commands'''|| #link #info #agreed #topic and #startmeeting
 +
|}
  
Agenda:  
+
* PTG action items
 +
** (timburke) interop feedback on https://review.opendev.org/c/openinfra/interop/+/811049/
 +
** better defaults (or at least, use better defaults in install/deployment guides)
 +
*** (mattoliverau) recommend servers-per-port
 +
*** (mattoliverau) make etherpad to collect more defaults that need updating
 +
*** Etherpad: https://etherpad.opendev.org/p/swift-better-defaults
 +
** (acoles) dark data audit watcher patch: https://review.opendev.org/c/openstack/swift/+/787656
 +
** (timburke) abandon old patches
 +
** (mattoliverau) bug triage/squash
 +
*** Etherpad: https://etherpad.opendev.org/p/swift-bug-triage-a-thon
 +
*** Ethercalc: https://ethercalc.openstack.org/mf3yro7018m0
 +
** (acoles) drop logging translations - https://bugs.launchpad.net/swift/+bug/1674543
 +
** (timburke) look into how to translate docs so seongsoocho can propose Korean translations
 +
** check continued usefulness of the ops runbook
 +
** consolidate various admin guides
 +
** write a "why swift?" doc(/README?) section
  
* python-swiftclient status
+
----
  
* python-swiftclient SSL certificate validation, facts:
+
When adding an item, please include your IRC nickname with it.
** Actual https client implementation does not validate server certificate with CA (and will blindly accept self-signed certificate which allow MITM attack).
 
** python-swiftclient have been removed from Debian testing because of this vulnerability.
 
** Fix is in progress (since Jun 2013): https://review.openstack.org/#/c/33473/.
 
  
* python-swiftclient SSL certificate validation, solutions:
+
----
** Finish the fix in progress:
 
*** pro: it tackles both vulnerability (MITM and CRIME).
 
*** con: it implements a custom SSL validation just for swiftclient, and this is not a good idea as there's lots of sharp edges, and getting it wrong doesn't fail with obvious failures.
 
** Switch to request module
 
*** pro: common implementation which would remove complexity from swiftclient
 
*** con: does not implement the SSL compression disabling yet. (This open another vulnerability because of the CRIME attack, though it could be overcome by disabling compression at the server side)
 
  
* log #openstack-swift
+
[[Category:ObjectStorage]]
** pro: lets people who don't use bouncers see what was said
 
** con: people are less free with opinions since it will live forever
 
 
 
* sysmeta status
 
 
 
* Swift 1.12.0 release
 

Latest revision as of 20:23, 1 May 2024

2100 UTC Meeting
Next meeting: May 1, 2024
Location: #openstack-swift on OFTC
Chair: timburke
Meeting Logs http://eavesdrop.openstack.org/meetings/swift/2024/
Useful Commands #link #info #agreed #topic and #startmeeting

When adding an item, please include your IRC nickname with it.

Retrieved from "https://wiki.openstack.org/w/index.php?title=Meetings/Swift&oldid=184774"