Wednesday, 2022-04-20

« Tuesday, 2022-04-19 Index Thursday, 2022-04-21 »
opendevreviewTim Burke proposed openstack/swift stable/queens: Fix docs-building on old stable branches  https://review.opendev.org/c/openstack/swift/+/83859600:00
opendevreviewTim Burke proposed openstack/swift stable/pike: Fix docs-building on old stable branches  https://review.opendev.org/c/openstack/swift/+/83854200:01
opendevreviewTim Burke proposed openstack/swift stable/xena: s3api: Use constant-time string comparisons in check_signature  https://review.opendev.org/c/openstack/swift/+/83857400:16
opendevreviewTim Burke proposed openstack/swift stable/rocky: Fix docs-building on old stable branches  https://review.opendev.org/c/openstack/swift/+/83861200:25
opendevreviewMerged openstack/swift stable/yoga: s3api: Use constant-time string comparisons in check_signature  https://review.opendev.org/c/openstack/swift/+/83853401:53
opendevreviewMerged openstack/swift stable/xena: s3api: Use constant-time string comparisons in check_signature  https://review.opendev.org/c/openstack/swift/+/83857403:55
opendevreviewMerged openstack/swift master: ceph tests: Register output/ceph-s3-summary.log as a job output  https://review.opendev.org/c/openstack/swift/+/83858204:07
opendevreviewMerged openstack/swift stable/rocky: Fix docs-building on old stable branches  https://review.opendev.org/c/openstack/swift/+/83861204:16
opendevreviewMerged openstack/swift stable/queens: Fix docs-building on old stable branches  https://review.opendev.org/c/openstack/swift/+/83859604:16
opendevreviewTim Burke proposed openstack/swift stable/wallaby: s3api: Use constant-time string comparisons in check_signature  https://review.opendev.org/c/openstack/swift/+/83857504:26
opendevreviewTim Burke proposed openstack/swift stable/victoria: s3api: Use constant-time string comparisons in check_signature  https://review.opendev.org/c/openstack/swift/+/83857804:28
opendevreviewMatthew Oliver proposed openstack/swift master: Add (de)serialisze_v2 via RingSerialization classes  https://review.opendev.org/c/openstack/swift/+/83442305:45
opendevreviewMatthew Oliver proposed openstack/swift master: ring: Add a rebalance history in the ring  https://review.opendev.org/c/openstack/swift/+/83462105:45
opendevreviewMatthew Oliver proposed openstack/swift master: reconstructor: Use last_part_node when building SYNC jobs  https://review.opendev.org/c/openstack/swift/+/83500105:45
opendevreviewTim Burke proposed openstack/swift stable/pike: Fix docs-building on old stable branches  https://review.opendev.org/c/openstack/swift/+/83854205:49
opendevreviewTim Burke proposed openstack/swift stable/stein: Quote paths before sending them to swob.Request.blank  https://review.opendev.org/c/openstack/swift/+/83874615:23
opendevreviewMerged openstack/swift stable/wallaby: s3api: Use constant-time string comparisons in check_signature  https://review.opendev.org/c/openstack/swift/+/83857517:18
opendevreviewMerged openstack/swift stable/victoria: s3api: Use constant-time string comparisons in check_signature  https://review.opendev.org/c/openstack/swift/+/83857817:18
opendevreviewMerged openstack/swift stable/pike: Fix docs-building on old stable branches  https://review.opendev.org/c/openstack/swift/+/83854217:19
opendevreviewAlistair Coles proposed openstack/swift master: DNM: verify logging._lock patching  https://review.opendev.org/c/openstack/swift/+/83877318:37
opendevreviewMerged openstack/swift stable/ussuri: Quote paths before sending them to swob.Request.blank  https://review.opendev.org/c/openstack/swift/+/83858818:56
timburkealmost meeting time!20:50
timburke#startmeeting swift21:01
opendevmeetMeeting started Wed Apr 20 21:01:47 2022 UTC and is due to finish in 60 minutes.  The chair is timburke. Information about MeetBot at http://wiki.debian.org/MeetBot.21:01
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.21:01
opendevmeetThe meeting name has been set to 'swift'21:01
timburkewho's here for the swift meeting?21:01
mattolivero/21:02
kotao/21:02
timburkeas usual, the agenda's at21:03
timburke#link https://wiki.openstack.org/wiki/Meetings/Swift21:03
timburkefirst up21:03
timburke#topic pyeclib release21:04
timburkewe have https://github.com/openstack/pyeclib/releases/tag/1.6.1 now!21:04
mattoliver\o/21:04
kotagreat21:04
timburkeit includes fixes for py310, as well as enabling people to build abi3 wheels (so you can build once for py35, for example, and still be able to install on later minor releases21:05
timburkenext up21:06
timburke#topic s3api security bug21:06
timburkei was reviewing some code and noticed that when s3api validates hmacs, it does it with a simple ==, which can reveal information about how much of the signature is valid21:07
timburkefix was to use the same streq_const_time() function we've been using in tempurl and formpost21:08
timburkethanks for reviewing https://review.opendev.org/c/openstack/swift/+/837773 mattoliver and acoles!21:08
mattolivernps, I learnt something :) 21:09
timburkethe bug has been present as long as we've had s3api in-tree, so i plan on backporting all the way to rocky21:09
mattoliverkk21:09
kotaok21:11
timburkefixes are already merged through victoria; i still need to propose patches for rocky, stein, train, and ussuri21:11
timburkebut it leads to my next topic...21:11
timburke#topic state of the gate21:11
timburkei'm pretty sure *every* stable gate was broken the last couple days21:12
timburkethere were a variety of problems -- the first also affected master21:12
timburkebasically, a fix for a recent git CVE didn't play well with how devstack installs things21:13
timburke#link http://lists.openstack.org/pipermail/openstack-discuss/2022-April/028160.html21:13
timburkethat's been fixed back through ussuri at least, but it's still working its way through some branches21:14
timburkesee https://review.opendev.org/c/openstack/devstack/+/838556 and https://review.opendev.org/c/openstack/devstack/+/838679 for example21:14
timburkeeven before that, though, stein through victoria have been broken since the start of the month due to some fixes for https://bugs.python.org/issue4388221:15
mattoliverwow, thanks for getting on top of this. 21:16
timburkeand for even longer, pike, queens, and rocky have been broken because they're inexplicably trying to build docs under py321:16
mattoliverI really need to pay more attention to the mailing list again.21:16
timburkeidk if i've been "on top of this" given how long they've been broken ;-)21:17
mattoliverlol, true, when compared to me, you are. But fair point. 21:17
timburkethe good news is, i've got patches to fix things, and we should have a functional gate again by the end of the week (i think)21:17
mattolivernice21:18
mattoliverIll make an active effort to better watch things in the mailing like and check the gerrit dashboard from time to time.21:18
mattoliver*mailing list21:18
timburkethanks! if anyone's interested in keeping up with stable gate failures, i recommend subscribing to http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint and filtering for swift21:19
mattoliverkk21:19
timburkethe main reason i've been prioritizing it is that i've been getting emails everyday about it ;-)21:20
timburkeall right, that's what i wanted to cover this week21:20
timburke#topic open discussion21:20
timburkeanything else we should bring up?21:20
timburkei've been getting more nervous about us dropping some of our extra monkey patching in https://review.opendev.org/c/openstack/swift/+/45711021:22
timburkein particular, i rediscovered https://github.com/eventlet/eventlet/issues/546 -- apparently eventlet doesn't/can't green existing locks on py321:23
mattoliverouch21:23
kota:(21:25
mattoliverI guess the question is it just doesn't or can't. Ie if the former, is there something we can do for it, provide a patch (or bug the project) or the latter.21:26
timburkeit's significant to point out that the failure mode is *not* greenthreads blocking more than needed, but rather that existing RLocks (including logging._lock) become basically worthless since the owning pthread is the same between different greenthreads21:26
timburkei think i've got the start of an eventlet fix in https://github.com/eventlet/eventlet/pull/754 -- but it's currently only for py31021:27
mattoliverok, well a fix is a good direction. even if we pin to a minimum version of py321:27
timburkei'm going to look at at least greening logging._lock on older pythons, though21:28
timburkenot sure if there are other rlocks we need to worry about21:28
mattoliveryeah, but logging is a great place to start21:30
mattoliverwow, what an issue to find., thanks for looking into it and starting to come up with a solution21:31
mattoliverneed any help? 21:31
timburkei think i know what i need to do next for it, thanks21:32
mattoliverWell I've been playing with a better way to deal with v2 serialiazation/deserialization. More of a stepping stone for if/when we want to start including builder data in the ring, but only load what we want when we only want the ring. Mostly in  https://review.opendev.org/c/openstack/swift/+/834423 part of the chain21:33
mattoliverstill playing with it, but I think it's better then just having it all in one fuction that might need to be repeating in the builder too (when we put builder data structures in the ring too). 21:34
timburkenice!21:35
mattoliverDoes bring up some interesting thoughts though. the ring deserialization code needs the dev_bytes length from the "metadata" which is in a different RingSerialization concrete class. 21:36
mattoliverSo metadata needs to come first. I wonder if in this version, the dev_bytes length should actually live with the ring datastructure (but would have to be replicated in the history rings).21:37
mattolivernot a major issue, but could make it more self contained.21:39
mattoliverthe following patch in the chain adds the ring history stuff to the serialization, and seems to add in well to this approach. No change from the ringdata side. Just a new ring indexes and adding the concrete classes. No extra code to the serialization side :) 21:41
timburkemaybe we could do something with the 64-bit length we put at the start of each section? use the top 8 bits to indicate whether the contents should be taken 1, 2, or 4 bytes at a time, then the rest as the number of bytes/words/dwords...21:41
timburkenice21:42
mattoliveryeah, something like that. or just add an extra 1 byte at the start. Dunno, wanted to feel people out about it. 21:42
mattoliver64-bit is rather long, though21:43
mattoliveranyway, wanted to play with this, cause interested in taking a look at what it'll look like with some builder components in the ring (so we wouldn't need builders anymore). Ie just give a ring to the ring builder tool. And check that it's v2 ring and act accordingly :) 21:44
timburkeall right, i think i'll call it21:46
timburkethank you all for coming, and thank you for working on swift!21:46
timburke#endmeeting21:46
opendevmeetMeeting ended Wed Apr 20 21:46:40 2022 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)21:46
opendevmeetMinutes:        https://meetings.opendev.org/meetings/swift/2022/swift.2022-04-20-21.01.html21:46
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/swift/2022/swift.2022-04-20-21.01.txt21:46
opendevmeetLog:            https://meetings.opendev.org/meetings/swift/2022/swift.2022-04-20-21.01.log.html21:46
mattoliverbreakfast time! 21:48
kotame too21:50
« Tuesday, 2022-04-19 Index Thursday, 2022-04-21 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!