Wednesday, 2022-06-29

« Tuesday, 2022-06-28 Index Thursday, 2022-06-30 »
opendevreviewChristian Schwede proposed openstack/swift stable/yoga: Stop partial()ing hashlib.new  https://review.opendev.org/c/openstack/swift/+/84806813:06
opendevreviewChristian Schwede proposed openstack/swift stable/xena: Stop partial()ing hashlib.new  https://review.opendev.org/c/openstack/swift/+/84806913:07
opendevreviewChristian Schwede proposed openstack/swift stable/wallaby: Stop partial()ing hashlib.new  https://review.opendev.org/c/openstack/swift/+/84811013:07
opendevreviewChristian Schwede proposed openstack/swift stable/yoga: Stop partial()ing hashlib.new  https://review.opendev.org/c/openstack/swift/+/84806817:45
opendevreviewChristian Schwede proposed openstack/swift stable/yoga: tests: Fix swiftclient/requests log level adjustment  https://review.opendev.org/c/openstack/swift/+/84816817:46
opendevreviewChristian Schwede proposed openstack/swift stable/xena: Stop partial()ing hashlib.new  https://review.opendev.org/c/openstack/swift/+/84806917:47
opendevreviewChristian Schwede proposed openstack/swift stable/xena: tests: Fix swiftclient/requests log level adjustment  https://review.opendev.org/c/openstack/swift/+/84816917:47
opendevreviewChristian Schwede proposed openstack/swift stable/wallaby: Stop partial()ing hashlib.new  https://review.opendev.org/c/openstack/swift/+/84811017:47
opendevreviewChristian Schwede proposed openstack/swift stable/wallaby: tests: Fix swiftclient/requests log level adjustment  https://review.opendev.org/c/openstack/swift/+/84817017:47
timburke__#startmeeting swift21:01
opendevmeetMeeting started Wed Jun 29 21:01:01 2022 UTC and is due to finish in 60 minutes.  The chair is timburke__. Information about MeetBot at http://wiki.debian.org/MeetBot.21:01
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.21:01
opendevmeetThe meeting name has been set to 'swift'21:01
timburke__who's here for the swift meeting?21:01
*** timburke__ is now known as timburke21:01
mattolivero/21:01
timburkeyou and me, man ;-)21:03
timburkeas usual, the agenda's at https://wiki.openstack.org/wiki/Meetings/Swift21:03
timburke(thanks for updating it mattoliver)21:03
mattoliverNps21:03
timburke#topic tempurl digests21:04
kotahello, sorry for late21:04
mattoliverThe swift client one has landed. There is the backport and your patch to make the deprecation softer.21:05
mattoliverHey kota o/21:05
timburkehow are we feeling about https://review.opendev.org/c/openstack/swift/+/845862 ? the idea there is basically to make the deprecation of sha1 a little more gradual21:05
timburkeno worries, kota -- glad to have you :-)21:05
timburkethe runtime warning is a little funny21:06
timburkei meant to start emitting stats for which digest algorithm was in use for each authorized request, but haven't gotten around to writing the patch -- might be a better way to capture the same idea21:06
mattoliverWell we're already running the deprecation patch, but it was a little frantic making sure we put sha1 back, just in case.. so I guess it makes sense (not that we need it now, but I feel for others rolling it out like I was responsible for) 😜 21:08
mattoliverOh interesting 21:08
mattoliverThat would tell us what's in use which is pretty cool21:08
mattoliverAs a metric I assume or log?21:10
timburkeyeah, metric -- a simple counter21:11
mattoliverI like the idea, not sure it would be a replacement of that patch, but would complement it, ie knowing when to drerecate a digest.21:13
timburkei'm still torn about how to advertise the deprecation, though -- i don't like having the default trigger a warning, nor pushing ops to configure something they previously were content to leave unconfigured (doubly so when we have every expectation that it will need to change again at some point -- surely eventually we'll need to deprecate the sha2 family, even if it's years off)21:14
mattoliverTrue21:16
timburkei probably just need to let go of my desire to have the default config not emit warnings. maybe i just add sha1 back to the default-allowed list (so we warn on start-up) and drop the runtime warnings...21:16
timburkecouple it with a metrics patch and ops should be able to feel confident about either explicitly configuring the algos without sha1, or upgrading to a swift that removes it from the default21:18
mattoliverYeah, if and it'll only warn until it's fully deprecated and removed... then they'll get other run time errors when using sha1 😜 21:19
timburkeon the backport, i'm a little worried that the py2 func test is going to be difficult to get passing... but i'm also not clear on what changed to trip the RETRY_LIMITs21:20
mattoliverStill giving them a sense of, well what digests are being used in my cluster would make them happier rather then flying blind like now.21:20
mattoliverOh that dang py2 stuff21:21
timburkeadding back support for sha1 by default server-side may also obviate the client issue, though -- presumably ironic's grenade jobs would be happy again21:23
mattoliverwell that's true.. maybe we fully derprecate sha1 when py2 is out of stable :P 21:24
kotasounds reasonable21:25
timburkelike, it's still not great -- i'm not sure whether we could land *any* client backports at the moment, which can't be terribly good. but at least we can continue kicking that can down the road a bit :P21:25
timburkeall right, i think i've got what i need to move forward on tempurl21:26
timburke#topic formpost digests21:26
timburkethe next guy in the chain was to deprecate sha1 sigs21:26
timburke#link https://review.opendev.org/c/openstack/swift/+/83371321:27
mattoliverlol, back to this again :P21:27
mattoliverwell first I need to rebase it.21:27
timburkeand i'm thinking we'll want to stack it on top of a rework of the tempurl deprecation21:27
mattoliverwe've also only just added the new digests.. so do we need to wait some time, or go with the tempurl, warn on startup21:28
mattoliveryeah21:28
timburkebut i think it'll come out looking very similar, with sha1 still enabled by default, but emitting warnings on startup21:28
mattoliver+10021:28
mattoliverand possible digest metrics?21:28
timburkeyes! good call21:29
timburkei also still need to review the client patch21:29
timburke#link https://review.opendev.org/c/openstack/python-swiftclient/+/83395421:29
mattolivereither way, follow the tempurl path how ever that turns out :)21:29
mattoliveroh yeah, please so, before the next client release anyway. Nice to get that in 21:30
mattoliverthen at some point we can remove the sig generation from the server side21:30
timburke#topic backend ratelimiting21:30
timburkei don't think we've had much progress here, unfortunately. acoles is back this week, so he might be able to push on it some, though21:31
timburkemattoliver and clayg both seem to like how it looks so far, though! so it's a good sign21:31
timburke#topic ring v221:32
timburkei still want to make some progress on this, see if we can get some improvements ahead of our next expansion21:32
timburke#link https://review.opendev.org/c/openstack/swift/+/83426121:33
mattoliveryeah21:34
mattoliverwasn't sure if he'd be here or not today21:34
mattoliverI started going through it late yesterday arvo. We have a bunch more test coverage which is awesome21:34
mattoliverThere is an warning log that we're not covering but also not sure we can get to it..it's not a major issue, but want to poke at it.21:34
mattoliverSo I hope to have a proper (maybe final?) review done today21:35
timburke\o/ thanks mattoliver, that'll be great21:36
timburkethen we can try restacking the last-part table patch on top :-)21:36
mattolivertimburke: you and I have spent the most time on this.. but we've also given a lot of time for people to read and comment.. so getting close to say, lets land it when it looks good for us.21:36
mattoliveryeah, totally21:37
timburkeall right, that's all i've got21:38
timburke#topic open discussion21:38
timburkeanything else we should bring up this week?21:38
timburkeall right, i'll let you get back to your mornings :-)21:39
timburkethank you for coming, and thank you for working on swift!21:39
timburke#endmeeting21:39
*** timburke is now known as timburke__21:39
timburke__#endmeeting21:39
opendevmeetMeeting ended Wed Jun 29 21:39:59 2022 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)21:39
opendevmeetMinutes:        https://meetings.opendev.org/meetings/swift/2022/swift.2022-06-29-21.01.html21:39
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/swift/2022/swift.2022-06-29-21.01.txt21:39
opendevmeetLog:            https://meetings.opendev.org/meetings/swift/2022/swift.2022-06-29-21.01.log.html21:39
*** timburke__ is now known as timburke21:40
mattoliverthanks timburke__ 21:40
mattoliverthanks kota 21:40
kotathank you all21:40
* kota is going back to find breakfast21:40
opendevreviewMatthew Oliver proposed openstack/swift master: sharding: shard deleted containers that have shards with objects  https://review.opendev.org/c/openstack/swift/+/84455321:42
mattoliveropps really thoght I pushed that up yesterday... not that it's related to what we talked about today in the meeting. But even went looking for gerrit patch to see how it went in zuul.. I must be loosing my mind :P 21:44
opendevreviewTim Burke proposed openstack/swift master: tempurl: Continue allowing sha1 by default  https://review.opendev.org/c/openstack/swift/+/84586222:31
opendevreviewTim Burke proposed openstack/swift master: Emit metrics for tempurl & formpost digest usage  https://review.opendev.org/c/openstack/swift/+/84819522:46
mattoliverOh cool, metrics already, nice I'll take a look!22:58
« Tuesday, 2022-06-28 Index Thursday, 2022-06-30 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!