#opnfv-meeting log

14:59:31 <ChrisPriceAB> #startmeeting OPNFV TSC
14:59:31 <collabot> Meeting started Tue Dec  1 14:59:31 2015 UTC.  The chair is ChrisPriceAB. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:59:31 <collabot> Useful Commands: #action #agreed #help #info #idea #link #topic.
14:59:31 <collabot> The meeting name has been set to 'opnfv_tsc'
14:59:35 <ChrisPriceAB> #topic Roll Call
14:59:41 <ChrisPriceAB> #info Chris Price
15:00:17 <frankbrockners> #info Frank Brockners
15:00:24 <Julien-zte> #info Julien
15:00:28 <edgarstp> #info Edgar StPierre
15:01:09 <ChrisPriceAB> #topic Approval of previous minutes of meeting
15:01:15 <ChrisPriceAB> #link https://wiki.opnfv.org/wiki/tsc#november_24_2015 previous minutes
15:01:24 <ChrisPriceAB> #info previous minutes approved without comment
15:01:34 <ChrisPriceAB> #topic Agenda Bashing
15:01:43 <ChrisPriceAB> #link https://wiki.opnfv.org/wiki/tsc#december_1_2015 Current TSC Agenda
15:02:11 <bryan_att> #info Bryan Sullivan
15:03:14 <ChrisPriceAB> #topic Milestone D update
15:03:20 <ChrisPriceAB> #chair rpaik
15:03:20 <collabot> Current chairs: ChrisPriceAB rpaik
15:03:53 <ChrisPriceAB> #info Debra reports that milestone D reporting is looking good, however projects are reporting issues looking forward to milestone E
15:03:58 <cdub> #info Chris Wright
15:04:20 <ChrisPriceAB> #info more details to be addressed during the weekly project call, Debra will run 1-1 project discussions following milestone D
15:04:41 <rpaik> we now have quorum
15:04:43 <ChrisPriceAB> #topic OPNFV Plugfest, needs and support
15:04:50 <ashyoung> #info Ashlee Young
15:05:18 <VikramDham> #info Vikram Dham
15:05:29 <VikramDham> Wenjing is traveling
15:05:47 <bjskerry> #info Brian Skerry
15:07:14 <rpaik> #info Certification & Compliance committee desires to have plugfest events after each release.  First one targeting March-June timeframe post Brahmaputra
15:08:17 <rpaik> #info ChrisPriceAB notes that a working group from the tehcnical community is needed (e.g. testing/integration) for Plugfests
15:09:04 <dlenrow> #info dlenrow
15:09:10 <rpaik> #action ChrisPriceAB/Wenjing will send a note to the mailing list to start the conversation on Plugfest working group
15:09:24 <ChrisPriceAB> #topic Q1 Hackfest Collab-Summit and ONS discussion
15:09:34 <Parviz> #info Parviz Yegani
15:13:07 <bryan_att> It would be useful in this event to show how the B release can be augmented and tested with additional features, and to help other projects get over the hump on that
15:14:58 <bryan_att> the heckfest could also be a useful venue to demo'ing open source based VNFM capabilities that we have packaged on top oof the B release by that point
15:15:00 <TomNadeau> there is echo on Neary's and Heather's calls
15:15:32 <TomNadeau> Taho is bad. getting there will be a logistic disaster.
15:15:54 <TomNadeau> esp for people that are not familiar with the area
15:16:39 <TomNadeau> i personally think major metro areas are best for hackfests
15:17:11 <ChrisPriceAB> #action rpaik to send out a survey to the community to identify where we would get the best attendance.
15:18:22 <ChrisPriceAB> #topic OPNFV security initiative: Badge program engagement
15:18:26 <aricg> ChrisPriceAB: you are echoing.
15:18:57 <TomNadeau> yes hearing echo from Chris here too
15:19:07 <Julien-zte> #当局者迷
15:19:15 <Julien-zte> #info It is fine now
15:22:39 * ChrisPriceAB jumped on a circuit line so hopefully doesn't echo anymore
15:23:02 <ChrisPriceAB> #link https://www.coreinfrastructure.org/programs/badge-program information on the badge program
15:23:40 <ChrisPriceAB> #info lhinds walks through some of the prerequisites to OPNFV earning badges
15:24:16 <ChrisPriceAB> #info many of the items address security specific considerations in our existing ways of working that can be incrementally implemented.
15:25:29 <ChrisPriceAB> #info ashyoung asks what mechanisms are needed to trigger a security evaluation
15:25:36 <lhinds> #link https://wiki.opnfv.org/security/securecode
15:26:20 <ChrisPriceAB> #info lhinds encourages community support for the security impact assessment group
15:26:49 <ttallgren> #info Tapio Tallgren
15:27:33 * ChrisPriceAB wonders if we should implement the security processes as part of our release projects. (not for B relelease though)
15:27:37 <ashyoung> Thank you!
15:28:09 <ashyoung> #info can you sign me up as a security reviewer?
15:28:57 <ChrisPriceAB> #info lhinds outlines the main areas of needed work is around the code analysis system.
15:31:20 <ChrisPriceAB> #info chrispriceab asks if we should as a community implement a badge program through our security group
15:31:50 <ChrisPriceAB> #info bjskery asks what the impact is of our upstream components if they are not participating.
15:32:13 <ChrisPriceAB> #info lhinds answers that we should focus on what we provide upstream and internally a a starting point
15:32:40 <ChrisPriceAB> #info bjskerry asks if there is a timeframe that needs to be achieved with this initiative for security issues?
15:33:14 <ChrisPriceAB> #info lhinds answers that there is a recommended criteria for a timeframe to address security issues
15:34:48 <ChrisPriceAB> #info cdub chimes in and agrees that security if important, but is trying to undersand how OPNFV as an integration project achieves the badge
15:35:09 <ChrisPriceAB> #info parvis asks what areas of security we are focused on?
15:35:44 <ChrisPriceAB> #info lhinds & cdub answer that it spans across all areas.
15:37:19 <ChrisPriceAB> #info lhinds outlines this provides a reccomended framework for us to help focus on security as a community.  Best practices for our internal activities will need to be done internally within OPNFV.
15:38:26 <lhinds> #link https://github.com/linuxfoundation/cii-best-practices-badge/blob/master/doc/criteria.md
15:39:29 <ashyoung> lhinds we have instrumented auditing, dpi, ids/ips in onosfw
15:39:39 <ChrisPriceAB> #info cdub asks if this is something we should focus on or if there are higher priority items.
15:39:45 <Julien-zte> #info the Security Group is from Linux Foundation or OPNFV?
15:39:56 <ChrisPriceAB> #info lhinds answers this helps us address the issues we are working on.
15:40:25 <rpaik> #link https://www.coreinfrastructure.org/
15:40:37 <ChrisPriceAB> We have an OPNFV security group, lead by lhinds, and we are discussing a security badging program in the linuxfoudnation
15:41:49 <cdub> lhinds: thanks for taking this on
15:41:53 <ChrisPriceAB> #agree The TSC has a concensus for the security group to pursue the badge program
15:42:05 <ChrisPriceAB> #topic Pharos LF & Community lab use for Brahmaputra release processing
15:43:31 <ChrisPriceAB> #link https://etherpad.opnfv.org/p/brahmaputra_release_testing proposal for testing and deployment in Brahmaputra
15:44:05 <ChrisPriceAB> #info fdegir outlines that there will be resource constraints for Brahmaputra testing if we constrain our release testing to be done only on the LF labs.
15:45:00 <ChrisPriceAB> #info fdegir outlines the discussion extends to CI processes, stable artifact usage and testing tools for the Brahmaputra release.
15:45:50 <ChrisPriceAB> #info fdegir describes that the most important action is to allow more labs to be used for the release.
15:46:38 <ChrisPriceAB> #info chrispriceab asks how we know which labs will provide the needed capability
15:46:56 <ashyoung> Do these have to be bare metal pods?
15:46:59 <ChrisPriceAB> #info fdegir answers that Pharos and pharos compliance will be used to evaluate the applciability of the labs
15:47:09 <ashyoung> Thank you
15:47:26 <ChrisPriceAB> #info fdegir states that bare metal labs are required
15:47:56 <ashyoung> I have 5 pods now? Is that enough for you? And can someone help me configure them?
15:48:09 <ChrisPriceAB> #info trevorintel states that we need to identify which labs qualify for release purposes and can they be dedicated for release purposes.
15:48:55 <ChrisPriceAB> #info this would require developmental labs to be re-purposed for release testing during the release candidate phase of Brahmaputra.
15:49:19 <ChrisPriceAB> #info fdegir describes that we should re-purpose these labs now in order to work through issues that may pop up.
15:51:44 <ChrisPriceAB> #info ashlee asks if she is able to get extra pods is there someone available to help configure them for release purposes
15:53:01 <ashyoung> Can we take this to a vote?
15:53:16 <ChrisPriceAB> #info chrispriceab states the question as; does the TSC approve the use of community labs for the release of Brahmaputra?
15:54:04 <ChrisPriceAB> #info hkirksey describes that while the cetral lab may not be mandatory, hardware portability is a goal we should maintain for Brahmaputra.
15:55:35 <ChrisPriceAB> #info frankbrockners describes that portability should be impicit in the CI whereby the lab is not coupled in any way to the deployment of the software.
15:56:33 <trevor_intel> #info Status of community labs https://wiki.opnfv.org/pharos_rls_b_labs
15:56:57 <fdegir> scheduling CI runs from OPNFV Jenkins to different PODs is the aim
15:57:29 <fdegir> these different PODs are located in different community labs
15:58:06 <fdegir> except if we use zuul or something
15:58:13 <fdegir> jenkins is not possible to distribute
15:58:20 <ashyoung> #info +1
15:58:24 <Julien-zte> # agree to use community pharos testlab resources for CI test, it's just like Openstack to use 3rd CI env
15:58:40 <TomNadeau> #agree
15:58:49 <edgarstp> +1
15:58:51 <fdegir> and this will help us to see how portable OPNFV is
15:59:10 <fdegir> our aim should be to try running in OPNFV in different labs
15:59:44 <fdegir> infra and test projects have concensus
15:59:49 <VikramDham> +1 (proxy for Wenjing)
16:00:14 <ChrisPriceAB> #agree the TSC agrees to allow the use of Pharos community equipment for release testing.
16:00:29 <fdegir> thanks a lot
16:00:31 <ashyoung> Thanks!
16:00:46 <ChrisPriceAB> #endmeeting