16:02:18 <schwicke> #startmeeting hierarchical_multitenancy
16:02:19 <openstack> Meeting started Fri Jul 18 16:02:18 2014 UTC and is due to finish in 60 minutes.  The chair is schwicke. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:02:21 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
16:02:23 <openstack> The meeting name has been set to 'hierarchical_multitenancy'
16:02:58 <schwicke> I have 3 items which I think we need to discuss today
16:03:30 <schwicke> Timelines for Juno (are we on track?), authorization model for quota and the meeting slot
16:04:12 <schwicke> #topic time lines
16:04:57 <raildo> I thought the spec about multitenancy hierarchical should have been approved.
16:04:57 <schwicke> are we stil in time for the next OS release ?
16:05:23 <raildo> but otherwise the implementation is well underway.
16:06:59 <raildo> I talked to morganfainberg in meeting the keystone Tuesday. Like me, he thinks reasonable, that hierarchical multitenancy still in Juno.
16:07:11 <schwicke> ok.
16:07:45 <schwicke> nevertheless we need to keep an eye on this. Will check with Nirbhay for the Nova part
16:08:20 <schwicke> #INFO no worries for now.
16:08:22 <raildo> I hope in the next days the spec is approved.
16:08:55 <schwicke> #topic authorization schema: do we need/keep parent info in the ticket ?
16:09:11 <schwicke> so next topic, and this one is rather important I think
16:09:35 <schwicke> We had some disucssions via e-mail with Sajeesh about the mechanisms for authorization.
16:09:51 <schwicke> I had sent around a wrap up of how I think it should be done
16:10:10 <schwicke> Did you have a chance to think about this ?
16:10:51 <raildo> schwicke: I read your email and I agree with your design.
16:11:21 <Nirbhay_> hi
16:11:32 <schwicke> Hi, Nirbhay!
16:11:37 <raildo> Nirbhay_: hi
16:11:38 <Nirbhay_> hi
16:11:50 <schwicke> we just switched to the discussions we had with Sajeesh
16:11:56 <Nirbhay_> hi to all
16:11:58 <Nirbhay_> ok
16:12:09 <schwicke> so in the model I propose there is no need to have any knowledge about the parent in the keystone ticket.
16:12:20 <Nirbhay_> yes
16:12:46 <Nirbhay_> i agree with it..
16:13:04 <schwicke> Sajeesh thinks that this model is less flexible than his model where the keystone token contains knowledge of the parent
16:13:45 <raildo> but is simpler.
16:14:09 <morganfainberg> schwicke, be careful about adding extra data into the keystone token
16:14:10 <morganfainberg> schwicke, the keystone tokens already have *size* issues
16:14:10 <Nirbhay_> yeah it is simple and easy for end user to understand..
16:15:00 <schwicke> morganfainberg: that is why I want to clarify this and make a decision
16:15:08 <morganfainberg> it's not a lot more data (if it's only one parent up), but... all data counts
16:15:14 <morganfainberg> if it's the whole tree, i say no
16:15:51 <schwicke> I'm very much in favor of not having the parent data in the ticket and do it the way I proposed
16:16:10 <morganfainberg> schwicke, ++ ok, *just jumping in on things that worry me* :)
16:16:16 <schwicke> the only use case which is covered by Sajeesh model can be covered on the client side
16:17:08 * morganfainberg has to run, i'll catch up with raildo on any specific topics that result from this that i need to know about / sync up with folks about
16:17:13 <morganfainberg> or anyone can find me in #openstack-keystone later today :)
16:17:19 <raildo> I think we agreed to use the schwicke model  and lessen the impact on the token.
16:17:39 <schwicke> any objections anyone ?
16:17:46 <raildo> morganfainberg: ok :)
16:17:52 <Nirbhay_> no
16:17:53 <schwicke> if not we decide on the model as proposed by me
16:18:28 <schwicke> #agreed we'll implement the simple auth model which does not require knowledge of the parent
16:18:49 <schwicke> Great. I think for the design we are done, aren't we ?
16:18:54 <Nirbhay_> i think we should confirm it with sajeesh that there is issue in implementing schwicke model
16:18:59 <raildo> schwicke: yes
16:19:10 <schwicke> yes, we'll need to check with him
16:19:25 <schwicke> I think we'll have to apply a few code changes
16:19:40 <schwicke> #action review code from Sajeesh in view of the decided model
16:19:56 <Nirbhay_> ok
16:20:29 <schwicke> Nirbhay: that is something you can do as well
16:20:34 <Nirbhay_> ok
16:20:37 <Nirbhay_> i will
16:20:58 <schwicke> Great. So last topic for today is the meeting slot - unless you have anything else on this topic
16:21:10 <schwicke> #topic meeting slot
16:21:22 <schwicke> raildo: thanks for the proposal
16:21:29 <raildo> schwicke:  you have seen the sajeesh's blueprint  is freeze?
16:21:46 <schwicke> nope, is it ?
16:21:55 <raildo> schwicke: yes
16:22:15 <schwicke> ok, we need to check with him
16:23:00 <schwicke> AFAIK he has implemented his model. With a bit of luck both are supported ...
16:23:08 <raildo> I went to the meeting yesterday of the Nova, and it was decided that it should send an email to the mailing list, asking for an "exception" to be released in Juno.
16:23:43 <schwicke> to openstack-dev ?
16:23:49 <schwicke> or the nova list ?
16:24:12 <raildo> I think in the openstack-dev
16:24:33 <raildo> but you can confirm with him.
16:24:39 <schwicke> will do
16:24:45 <raildo> #link https://etherpad.openstack.org/p/nova-juno-spec-priorities
16:25:57 <raildo> Sorry to bother the previous topic, I thought it important to inform that.
16:27:12 <schwicke> yes, definitely
16:27:13 <schwicke> thansk
16:28:35 <raildo> talking about meeting slot, the time 1300 UTC(on another day) would be good for you?
16:29:06 <schwicke> that's 15pm here. Fine by me.
16:29:10 <schwicke> Not sure about BARC ?
16:29:34 <Nirbhay_> Not for BARC
16:29:53 <raildo> Nirbhay_: any suggestions?
16:30:10 <Nirbhay_> yes
16:31:44 <schwicke> tell us :)
16:31:49 <Nirbhay_> not in between 1100UTC to 1400 UTC
16:32:23 <schwicke> 14:00 UTC would be ok ?
16:32:55 <Nirbhay_> 14:30 would be ok
16:33:00 <raildo> sound good to me
16:33:12 <schwicke> ok for me as well
16:33:16 <schwicke> Which day?
16:33:17 <rodrigods> +1 14:30
16:33:33 <schwicke> Thursday is bad for me
16:34:03 <Nirbhay_> Tue or Wed
16:35:08 <raildo> wednesday, 14:30UTC?
16:35:32 <raildo> is good for everyone?
16:35:46 <Nirbhay_> yes
16:36:15 <schwicke> ok. Need to check still if there is a clash with another meeting
16:36:27 <Nirbhay_> ok
16:36:47 <raildo> I checked, no have meeting in this time.
16:36:57 <raildo> https://wiki.openstack.org/wiki/Meetings
16:37:15 <schwicke> xen api is at 15:00 UTC
16:37:28 <schwicke> are 30 min enough for us ?
16:37:55 <Nirbhay_> may be
16:38:03 <raildo> I believe that we can test.
16:38:13 <Nirbhay_> mostly discussion are on email
16:38:48 <schwicke> ok, then let's go for that
16:39:14 <raildo> ok
16:39:18 <Nirbhay_> ok
16:39:19 <schwicke> #agreed new meeting slot Wednesday 14:30 UTC i
16:39:31 <Nirbhay_> agreed
16:39:37 <raildo> +1
16:40:10 <schwicke> I'll update the meeting page
16:40:17 <Nirbhay_> ok
16:41:23 <raildo> I have to leave now, bye guys
16:41:33 <schwicke> done
16:41:40 <schwicke> I think we are done
16:41:46 <schwicke> AOB ?
16:41:48 <Nirbhay_> done
16:41:52 <schwicke> #endmeeting