| *** rpittau|afk is now known as rpittau | 07:15 | |
| *** jbadiapa is now known as jbadiapa|afk | 10:48 | |
| oneswig | #startmeeting scientific-sig | 11:00 |
|---|---|---|
| opendevmeet | Meeting started Wed Jun 16 11:00:19 2021 UTC and is due to finish in 60 minutes. The chair is oneswig. Information about MeetBot at http://wiki.debian.org/MeetBot. | 11:00 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 11:00 |
| opendevmeet | The meeting name has been set to 'scientific_sig' | 11:00 |
| oneswig | echo... | 11:00 |
| oneswig | No fixed agenda for today but I did have a couple of items | 11:02 |
| oneswig | Quiet session today - anybody participating? | 11:09 |
| b1airo | evening | 11:11 |
| oneswig | Hi b1airo, sorry was writing terms for a fair usage agreement | 11:12 |
| oneswig | not something I do every day! | 11:12 |
| oneswig | #chair b1airo | 11:12 |
| opendevmeet | Current chairs: b1airo oneswig | 11:12 |
| b1airo | gawd, sounds like a hell of a hobby | 11:13 |
| oneswig | Sometimes you need one, it seems. | 11:13 |
| oneswig | I was also looking through this that one of the team posted: https://changelog.com/posts/monoliths-are-the-future | 11:13 |
| oneswig | The usage agreement is for the SMS Lab - our public-access bare metal cloud project for free software projects. | 11:16 |
| b1airo | oh cool, worth doing then for sure | 11:17 |
| oneswig | Yes! It's not strictly public access, more that anyone can ask | 11:17 |
| oneswig | Shaping up to be a fun effort all round. | 11:17 |
| b1airo | that Kelsey piece rings true to some extent, but at a meta level i do wonder why our industry needs to spend so much time reminding ourselves that software is hard and technology is hyped | 11:19 |
| oneswig | coupling with the (slanted) opinions of the Hashicorp guy, I wonder if all's going well in Kubernetes | 11:20 |
| oneswig | Is there a software equivalent to the Peter Principle, in which a project develops increasing sophistication to the point where it buckles under its own complexity? | 11:21 |
| b1airo | haha | 11:22 |
| oneswig | Met somebody yesterday from your neck of the woods b1airo (well, Greta Point) in a local pub | 11:23 |
| oneswig | He said the view from the canteen is the best | 11:24 |
| b1airo | eh?! A NIWA'n ? | 11:24 |
| oneswig | yup | 11:24 |
| oneswig | Now an RSE at Cambridge University | 11:25 |
| b1airo | that is funny. ex NIWA i take it? did they know the HPC crew? | 11:25 |
| oneswig | I didn't get to go into details unfortunately | 11:26 |
| oneswig | I was wondering about another SIG show-and-tell on control plane security monitoring. One of our team has been working on this and it is looking neat. | 11:28 |
| b1airo | so, ISC is coming up pretty soon... any thoughts on survey? | 11:28 |
| oneswig | good question. | 11:28 |
| oneswig | Who seeded the mentimeter presentation with questions? Some of these are quite thorny | 11:30 |
| b1airo | oh, that's topical - we've just put a 1-pager investment case together around security for our new infra... it's more focused on tenant-space and services that NeSI is running atop OpenStack, but obviously we need strong confidence in the control plane to underpin that | 11:30 |
| oneswig | The question I might like to ask would be along the lines of "What is wrong with HPC in cloud?" | 11:33 |
| oneswig | Asking someone what is wrong with what they are advocating is often interesting. If they say nothing, it's usually discrediting | 11:34 |
| b1airo | ahh i haven't looked yet, I think last time it was some combination of inputs - will take a peak over the weekend i think. guess what we need to do first is decide how we're using the survey - is it purely an adjacent thing that we might refer to, or will we use it as an interactive tool to drive the discussion | 11:35 |
| b1airo | yep agreed | 11:36 |
| oneswig | b1airo: might be good to talk to heikkine from Basel University - he's on Slack. They've been working with Wazuh agents for deployed platforms (this is also what we are using for the control plane). | 11:36 |
| b1airo | sounds like a good lead, suspect we'll be asking you more directly for a steer if it gets supported... | 11:38 |
| oneswig | already looking forward to it. | 11:38 |
| oneswig | b1airo: any other thoughts on new discussion content for the SIG? | 11:39 |
| b1airo | one other thing I'm thinking of is the automation / control point / glue for taking action based on vulnerability scans, e.g., if we see something bad open to the Internet (where "bad" might mean exposing a critical vulnerability or against policy etc | 11:41 |
| verdurin | That security monitoring is of interest to us too. | 11:43 |
| oneswig | Good point. There's hardening to prevent it, patching to fix it when we've discovered it, and incident response to fix it after someone else has abused it. Each of those is a worthy subject for discussion | 11:43 |
| oneswig | Hi verdurin | 11:45 |
| verdurin | Hello. I managed to join even though I haven't updated my calendar entries for the time change yet... | 11:46 |
| oneswig | I'll report back on options for a show-and-tell | 11:46 |
| oneswig | verdurin: you managed to migrate from freenode as well | 11:46 |
| verdurin | Must admit I tried libera first... | 11:47 |
| oneswig | This ansible-hardening patch from May might be worth trying: https://github.com/openstack/ansible-hardening/commit/0114e44f3e9497a999ee923b807405f179f01d76 | 11:49 |
| b1airo | on other topics for the SIG - i'm interested in a discussion about multi-tenant managed service hosting, i.e., what do I need to offer and manage as part of a platform-service that let's RSEs deploy production science (web)services (specifically not HPC - though they might integrate with HPC) | 11:50 |
| oneswig | That would certainly be interesting for a discussion, if we could gather a few options together. Good idea | 11:51 |
| oneswig | I'll try noting these | 11:52 |
| oneswig | #action follow-up discussion on security monitoring, hardening, incident response | 11:52 |
| oneswig | not sure if that worked. | 11:52 |
| b1airo | i'm selfishly putting the service provider lens on it as that's where we can add value and scale, people can always do their own thing if they have fundamental issues with technology choices | 11:53 |
| oneswig | #action b1airo platforms-as-a-service roundup | 11:53 |
| oneswig | We'll see if they turn up in the minutes... | 11:54 |
| b1airo | it's just a question of what we can support and provide SLAs etc for | 11:54 |
| b1airo | 🤞 | 11:54 |
| oneswig | b1airo: I think everyone's a service provider, nothing selfish about it I'd say | 11:54 |
| oneswig | verdurin: any further thoughts from you on future discussion topics? | 11:55 |
| b1airo | i mean i guess there are people just running OpenStack for fun, but those kind of people also have dungeons... | 11:55 |
| oneswig | I like the people who do it for fun at least as much as the people who do it for profit :-) | 11:57 |
| oneswig | nearly at time - and I'd like to put the kettle on. Any more to add? | 11:57 |
| b1airo | who's holding the leather paddle? | 11:58 |
| b1airo | 🥺 | 11:58 |
| oneswig | ha! If I had a dungeon it would be used for wine storage! | 11:58 |
| b1airo | i concur | 11:59 |
| oneswig | Time to close. Thanks b1airo verdurin | 12:00 |
| oneswig | #endmeeting | 12:00 |
| opendevmeet | Meeting ended Wed Jun 16 12:00:16 2021 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 12:00 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/scientific_sig/2021/scientific_sig.2021-06-16-11.00.html | 12:00 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/scientific_sig/2021/scientific_sig.2021-06-16-11.00.txt | 12:00 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/scientific_sig/2021/scientific_sig.2021-06-16-11.00.log.html | 12:00 |
| b1airo | catch you in the hallways oneswig ... | 12:00 |
| oneswig | hmmm... can't resolve meetings.opendev.org, but the actions came through in https://meetings.opendev.org/meetings/scientific_sig/2021/scientific_sig.2021-06-16-11.00.html | 12:01 |
| oneswig | Great, it's noted in https://wiki.openstack.org/wiki/Scientific_SIG#IRC_Meetings | 12:02 |
| oneswig | see y'all | 12:02 |
| b1airo | eavesdrop.openstack.org redirects to meetings.opendev.org... i guess the eavesdrop name got dropped at some point? | 12:03 |
| *** jbadiapa|afk is now known as jbadiapa | 12:35 | |
| *** rpittau is now known as rpittau|afk | 16:11 | |
| *** ricolin_ is now known as ricolin | 17:49 | |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!