#opendaylight-meeting: tsc

Meeting started by CaseyODL at 03:30:35 UTC (full logs).

Meeting summary

  1. agenda bashing and roll call (colindixon, 03:32:03)
    1. Daniel Farrell for Jamo (dfarrell07, 03:32:05)
    2. anipbu (anipbu, 03:32:09)
    3. colindixon (colindixon, 03:32:11)
    4. https://wiki.opendaylight.org/index.php?title=TSC:Main&oldid=55975#Agenda (colindixon, 03:32:28)
    5. colindixon got all current TSC members to vote on how to handle CVEs in Boron and whether to release a Boron-SR5 (colindixon, 03:32:48)
    6. Vishal for Abhijit (vthapar, 03:32:49)
    7. jamoluhrsen says that beyond more automation we should already have a better list of expected test failures for Boron SR4 (colindixon, 03:33:00)
    8. https://lists.opendaylight.org/pipermail/tsc/2017-May/007236.html colindixon to sent out a release scheduling mail that looks at Boron-SR4, Nitrogen and Carbon schedules (colindixon, 03:33:27)
    9. Anil Vishnoi (vishnoianil, 03:33:33)
    10. ACTION: colindixon or anipbu to update the Carbon-SR dates beyond SR1 (colindixon, 03:33:49)
    11. ACTION: phrobb to bring the need for a security manager to the board (colindixon, 03:34:05)
    12. ACTION: phrobb to bring the TSC replacement language to the board (colindixon, 03:34:06)
    13. ACTION: colindixon to look to see if any current security response team members would like to voluntarily step down for any reason (colindixon, 03:34:14)
    14. ACTION: colindixon, zxiiro and phrobb to come up with a proposal for tracking project activity in a positive way (colindixon, 03:34:28)
    15. ACTION: phrobb and tykeal to look into an ODL infra micro-datacenter in a box to make things work better at tutorials (colindixon, 03:34:28)
    16. ACTION: colindixon to try to either find people to document how to be compatible with an OpenDaylight release with participating in the OpenDaylight simultaneous release (colindixon, 03:34:29)
    17. Thanh (zxiiro, 03:34:40)
    18. LuisGomez (LuisGomez, 03:35:56)
    19. Hideyuki (hideyuki, 03:36:57)
    20. Huan is on Zoom, but not IRC (at least yet) (colindixon, 03:37:35)

  2. mailing list votes and discussions (colindixon, 03:38:10)
    1. https://lists.opendaylight.org/pipermail/tsc/2017-May/007248.html Vote concluded on releasing Beryllium-SR5 (decision 8-6 is to release note the ways to mitigate the CVEs) (colindixon, 03:38:42)
    2. ACTION: colindixon to send mail to the appropriate lists describing the CVEs and workarounds for those still using Beryllum (colindixon, 03:39:10)
    3. https://lists.opendaylight.org/pipermail/tsc/2017-May/007333.html Maybe move the APAC-time TSC call to Wed night/Thu morning (colindixon, 03:40:51)
    4. ACTION: colindixon to send out a mailing list to vote on whether to have APAC-timed meetings on Wed night/Thu morning instead of Thu night/Fri morning (colindixon, 03:42:15)

  3. events (colindixon, 03:42:45)
    1. https://www.opendaylight.org/global-events (colindixon, 03:42:50)
    2. https://wiki.opendaylight.org/view/Events:Main (colindixon, 03:42:55)
    3. events.linuxfoundation.org/events/opendaylight-developer-design-forum the DDF is next week, attendance is still low, please register now and attend if you plan to (colindixon, 03:43:14)
    4. we currently have 46 attendees (colindixon, 03:43:26)
    5. http://events.linuxfoundation.org/events/opnfv-summit OPNFV summit in beijing 6/12-15 (with an ODL mini summit) (colindixon, 03:44:25)

  4. Boron (colindixon, 03:44:54)
    1. https://wiki.opendaylight.org/view/Simultaneous_Release:Boron_Release_Plan#Schedule <--- Boron SR4 Scheduled for 6/15/2017 with a cutoff Sunday 6/11/2017 at 23:59 UTC (anipbu, 03:45:20)
    2. https://jenkins.opendaylight.org/releng/view/autorelease/job/autorelease-release-boron/287/ <--- Boron Autorelease Build Successful (anipbu, 03:45:37)
    3. https://docs.google.com/spreadsheets/d/1zImtd764e-hOgJAxoJKl85fxHCPu2agLfqsBtf13zQY/edit#gid=294913046 <--- No Boron Blocker Bugs (anipbu, 03:45:46)
    4. https://git.opendaylight.org/gerrit/#/q/branch:stable/boron+status:open <--- 58 Open Boron Patches (anipbu, 03:45:52)
    5. https://jenkins.opendaylight.org/releng/view/autorelease/job/integration-distribution-test-boron/ <--- 98 Boron Distribution Test Failures (anipbu, 03:46:06)
    6. https://git.opendaylight.org/gerrit/#/dashboard/?title=Boron+Status&Yang+File+Changes+Since+Boron+SR3=branch:stable/boron+status:merged+file:%22%255E.%252Byang%22+after:2017-03-23 <--- 11 patches modifying yang files without API Freeze Waiver between Boron SR3 and Boron SR4 (anipbu, 03:46:22)

  5. Carbon (colindixon, 03:47:39)
    1. https://wiki.opendaylight.org/view/Simultaneous_Release/Carbon/Status <--- Carbon Release Status (anipbu, 03:47:44)
    2. https://wiki.opendaylight.org/view/Simultaneous_Release:Carbon_Release_Plan#RC_Download <--- Carbon Download Information (anipbu, 03:47:52)
    3. https://lists.opendaylight.org/pipermail/tsc/2017-May/007337.html <--- Carbon Approval by TSC Vote (anipbu, 03:47:56)
    4. https://wiki.opendaylight.org/view/Simultaneous_Release:Carbon_Release_Plan#Schedule <--- Carbon SR1 scheduled for 7/6/2017 or 7/13/2017 (anipbu, 03:48:10)
    5. it looks like SFC is using a tmp library that is GPLed, the good news is that every version after the versoin that we're using is MIT-licensed (colindixon, 03:50:58)
    6. phrobb says the risk is low, but we would need an exception from the board, so respinning things may be better (colindixon, 03:51:33)
    7. there's another GPLv3 component in controller, but it's not in the distribution (colindixon, 03:51:51)
    8. colindixon asks zxiiro if we can really un-release Carbon, zxiiro says it would be possible but tedious, shipping a fast Carbon-SR1 would be easier (colindixon, 03:53:22)
    9. dfarrell07 notes we also need to break the immutability of git tags (colindixon, 03:54:18)
    10. zxiiro asks if we need to delete the violating file, colindixon notes then we need to also need to delete the distribution, which would render the release pretty much useless (colindixon, 03:56:12)
    11. vishnoianil asks if we could just replace the released artifacts, zxiiro says technically yes even though it's a bad practice generally (colindixon, 03:57:02)
    12. the required action would be to upgrade from tmp 0.0.16 to 0.0.31, it seems like it's indirectly pulled in by Node.js for the SFC UI (colindixon, 03:58:18)
    13. ACTION: colindixon, phrobb, and/or zxiiro to reach out to SFC to get a patch to fix this (colindixon, 03:58:28)
    14. ACTION: colindixon to add IPR check to the normal release process (colindixon, 03:58:45)
    15. colindixon asks if we're opposed to violating the immutability of release artifacts and git tags, to avoid violating a license (colindixon, 04:00:24)
    16. AGREED: insofar as it remains possible, we will overwrite the Carbon release artifacts and git tags with new ones after SFC fixes the issue (worst case by removing the UI) (colindixon, 04:01:16)

  6. system integration testing (colindixon, 04:04:40)
    1. nothing really, planning for Karaf 4 migration in the next release (colindixon, 04:04:57)

  7. infrastructure (colindixon, 04:05:07)
    1. nothing today (colindixon, 04:05:11)

  8. commiter promotions (colindixon, 04:05:40)
    1. https://lists.opendaylight.org/pipermail/tsc/2017-May/007249.html Tim Rozet is now a committer on Int/Pack (colindixon, 04:05:52)
    2. https://lists.opendaylight.org/pipermail/tsc/2017-May/007266.html Jozef Bacigal is now a committer on openflowjava (colindixon, 04:06:02)
    3. https://lists.opendaylight.org/pipermail/tsc/2017-May/007298.html Fasella K is now a committer on infrautils (colindixon, 04:06:14)
    4. https://lists.opendaylight.org/pipermail/tsc/2017-May/007292.html Martin Dindoffer is now a committer on topoprocessing (colindixon, 04:06:22)

  9. CLM reports and trying to avoid this going forward (colindixon, 04:06:58)
    1. colindixon notes that we run CLM weekly, we just don't have it gating (colindixon, 04:07:13)
    2. ACTION: colindixon to maybe add reading your CLM report as part of the milestone readout? maybe at M4 or M5? (colindixon, 04:07:52)
    3. https://meetings.opendaylight.org/opendaylight-meeting/2017/tsc/opendaylight-meeting-tsc.2017-05-26-03.30.log.txt (colindixon, 04:10:01)
    4. zxiiro says the version of tmp in SFC UI seems to be a json file that has 0.0.23 (not what CLM reports, which is 0.0.16) (colindixon, 04:10:53)
    5. zxiiro says something like the two things that are pulling in tmp 0.0.16, but they actually link to the one in the bundle which is 0.0.23 (not 0.0.16) (colindixon, 04:11:51)
    6. phrobb also notes that FaaS is also pulling this in (colindixon, 04:12:10)

  10. Nitrogen planning (colindixon, 04:12:23)
    1. https://meetings.opendaylight.org/opendaylight-meeting/2017/tsc/opendaylight-meeting-tsc.2017-05-11-17.00.html on 5/11/2017 we agreed (colindixon, 04:12:35)
    2. Bullet 7.n: AGREED: we will move to a date-based, six-month release cadence (colindixon, 04:12:41)
    3. Bullet 7.q: AGREED: we will shift to an early march, early september release timing (colindixon, 04:12:47)
    4. we notably did not agree on when we would do that or what it would look like (one long release or a short release and then normal) (colindixon, 04:13:24)
    5. that being said, the general feeling seemed to be in favor of a short release mainly targeting Karaf 4 migration (colindixon, 04:14:00)
    6. https://lists.opendaylight.org/pipermail/tsc/2017-May/007301.html this is one proposal that might look like that (colindixon, 04:14:12)
    7. possible main focus areas: Karaf 4, Upgrade Guava, Finalize moving of MD-SAL APIs out of controller, Leave leaf projects out by default (need instructions on how they can ship over ODL) (colindixon, 04:14:47)
    8. we also probably need some idea how to emphasize the focuses better, e.g., start with no projects in the release and add them only as they hit certain bars (colindixon, 04:15:17)
    9. https://wiki.opendaylight.org/view/Simultaneous_Release:Nitrogen_Release_Plan#Schedule this is reasonable draft at a Nitrogen release plan on the wiki with the above dates (colindixon, 04:15:54)
    10. colindixon notes that annoying we do not have a deterministic way to validate that projects have successfully migrated to Karaf 4, e.g., SFT failures can be heisenbugs (colindixon, 04:18:46)
    11. vishnoianil asks if we can have two autoreleases builds one which builds everything and another which builds only karaf 4 migrated features (colindixon, 04:19:38)
    12. vrpolak points out that without two distribution projects, that will be hard because distribution will be the same in both and will fail the one with fewer projects (colindixon, 04:22:06)
    13. https://wiki.opendaylight.org/view/Simultaneous_Release:Nitrogen_Release_Plan#M5:_Code_Freeze <--- Added CLM violation check to Nitrogen M5 (anipbu, 04:23:13)
    14. the more that goes around, e.g., Guava 21 and K4 aren't compatible, it seems like we might not be able to keep the health status check part of autorelease until everyone's migration (colindixon, 04:25:57)
    15. vishnoianil brings up if we're sure we can get through this in a release, e.g., in 3 months (colindixon, 04:30:21)
    16. rovarga_ asks about resourcing, colindixon says the idea was to force the resource issue by saying if you don't don't staff it, you won't be in the release (colindixon, 04:31:43)
    17. LuisGomez says tightly tracking projects would be another way to do this (colindixon, 04:32:26)
    18. rovarga_ says if it was more than just 2 people, e.g., 1/2-1 person per project for the 3 months, he'd be confident we could do the migration (colindixon, 04:32:54)
    19. rovarga_ notes that it likely makes sense to get a liveness check to projects, because RTTs to projects will be critical (colindixon, 04:34:20)
    20. colindixon notes that his feeling is if we keep in touch with projects regularly that tends to keep them engaged (colindixon, 04:35:13)
    21. anipbu notes that this all assumes we don't have any non-leaf unresponsive projects, the only one we had in the past was SNMP (colindixon, 04:36:35)
    22. maybe also TSDR (colindixon, 04:36:43)

  11. cookies (colindixon, 04:36:57)


Meeting ended at 04:37:02 UTC (full logs).

Action items

  1. colindixon or anipbu to update the Carbon-SR dates beyond SR1
  2. phrobb to bring the need for a security manager to the board
  3. phrobb to bring the TSC replacement language to the board
  4. colindixon to look to see if any current security response team members would like to voluntarily step down for any reason
  5. colindixon, zxiiro and phrobb to come up with a proposal for tracking project activity in a positive way
  6. phrobb and tykeal to look into an ODL infra micro-datacenter in a box to make things work better at tutorials
  7. colindixon to try to either find people to document how to be compatible with an OpenDaylight release with participating in the OpenDaylight simultaneous release
  8. colindixon to send mail to the appropriate lists describing the CVEs and workarounds for those still using Beryllum
  9. colindixon to send out a mailing list to vote on whether to have APAC-timed meetings on Wed night/Thu morning instead of Thu night/Fri morning
  10. colindixon, phrobb, and/or zxiiro to reach out to SFC to get a patch to fix this
  11. colindixon to add IPR check to the normal release process
  12. colindixon to maybe add reading your CLM report as part of the milestone readout? maybe at M4 or M5?


Action items, by person

  1. anipbu
    1. colindixon or anipbu to update the Carbon-SR dates beyond SR1
  2. colindixon
    1. colindixon or anipbu to update the Carbon-SR dates beyond SR1
    2. colindixon to look to see if any current security response team members would like to voluntarily step down for any reason
    3. colindixon, zxiiro and phrobb to come up with a proposal for tracking project activity in a positive way
    4. colindixon to try to either find people to document how to be compatible with an OpenDaylight release with participating in the OpenDaylight simultaneous release
    5. colindixon to send mail to the appropriate lists describing the CVEs and workarounds for those still using Beryllum
    6. colindixon to send out a mailing list to vote on whether to have APAC-timed meetings on Wed night/Thu morning instead of Thu night/Fri morning
    7. colindixon, phrobb, and/or zxiiro to reach out to SFC to get a patch to fix this
    8. colindixon to add IPR check to the normal release process
    9. colindixon to maybe add reading your CLM report as part of the milestone readout? maybe at M4 or M5?
  3. phrobb
    1. phrobb to bring the need for a security manager to the board
    2. phrobb to bring the TSC replacement language to the board
    3. colindixon, zxiiro and phrobb to come up with a proposal for tracking project activity in a positive way
    4. phrobb and tykeal to look into an ODL infra micro-datacenter in a box to make things work better at tutorials
    5. colindixon, phrobb, and/or zxiiro to reach out to SFC to get a patch to fix this
  4. zxiiro
    1. colindixon, zxiiro and phrobb to come up with a proposal for tracking project activity in a positive way
    2. colindixon, phrobb, and/or zxiiro to reach out to SFC to get a patch to fix this


People present (lines said)

  1. colindixon (89)
  2. anipbu (12)
  3. dfarrell07 (7)
  4. odl_meetbot (7)
  5. zxiiro (5)
  6. CaseyODL (5)
  7. vishnoianil (4)
  8. vthapar (1)
  9. LuisGomez (1)
  10. hideyuki (1)
  11. phrobb (0)


Generated by MeetBot 0.1.4.