| pranali | #startmeeting glance | 14:00 |
|---|---|---|
| opendevmeet | Meeting started Thu Jan 11 14:00:16 2024 UTC and is due to finish in 60 minutes. The chair is pranali. Information about MeetBot at http://wiki.debian.org/MeetBot. | 14:00 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 14:00 |
| opendevmeet | The meeting name has been set to 'glance' | 14:00 |
| pranali | #topic roll call | 14:00 |
| pranali | #link https://etherpad.openstack.org/p/glance-team-meeting-agenda | 14:00 |
| pranali | o/ | 14:00 |
| mrjoshi | o/ | 14:00 |
| croelandt | o/ | 14:00 |
| pranali | lets wait few minutes for others to join | 14:01 |
| pranali | abhishekk, dansmith , rosmaita we are starting | 14:03 |
| rosmaita | o/ | 14:03 |
| rosmaita | (thanks for the ping!) | 14:03 |
| * abhishekk in different meeting | 14:03 | |
| pranali | :) | 14:04 |
| pranali | ok, let's start then | 14:04 |
| pranali | #topic Updates | 14:04 |
| pranali | 2024.2 virtual PTG dates are announced, it will take place during April 8-12, 2024 | 14:04 |
| pranali | #link https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/thread/MIK6GXZXUFS5M3UOVILLDNDGURGH7UQV/ | 14:04 |
| pranali | I've registered our team for the same | 14:04 |
| pranali | moving to next | 14:05 |
| pranali | #topic release/periodic jobs update | 14:05 |
| pranali | We are in M2 release week and we are tagging m2 | 14:05 |
| pranali | release patch is submitted | 14:05 |
| pranali | #link https://review.opendev.org/c/openstack/releases/+/905219 | 14:05 |
| pranali | Periodic jobs are all green except TIME_OUT for fips jobs | 14:06 |
| pranali | couldn't find the exact cause , need to dig more on this | 14:06 |
| pranali | moving to next | 14:07 |
| pranali | #topic length of image additional properties values (rosmaita) | 14:07 |
| pranali | bug: #link https://bugs.launchpad.net/glance/+bug/2048103 | 14:07 |
| rosmaita | this came up in a potential security bug, that was discussed and decided could be worked in the open | 14:07 |
| pranali | related ML discussion thread: #link https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/thread/B7UET4JKHQU5SHH44KLSKHFBMFN3ZZYV/#B7UET4JKHQU5SHH44KLSKHFBMFN3ZZYV | 14:07 |
| rosmaita | the issue is that we have no formal restriction on the length of image additional properties | 14:08 |
| rosmaita | the only restriction is the db length of 65535 bytes | 14:08 |
| rosmaita | so, it's possible to stuff a lot of junk into additional image properties and cause performance slowdown when doing image-detail-list | 14:09 |
| rosmaita | we decided it's not a security issue because there's a config setting limiting the max number of properties per image | 14:10 |
| rosmaita | and we have quota on how many images a project can own | 14:10 |
| rosmaita | in that ML thread, we discussed limiting the length to 255 | 14:11 |
| rosmaita | erno was against that in his reply | 14:11 |
| rosmaita | on the other hand, we also asked for use cases for really long image property values, and no one responded | 14:11 |
| rosmaita | so my aim here is to bring up the issue | 14:12 |
| croelandt | It would be interesting to have a vague idea of how these properties are used in real life | 14:12 |
| rosmaita | and see if maybe we want to put some kind of limit, maybe 512 bytes or 1024 bytes or something | 14:12 |
| rosmaita | croelandt: exactly | 14:12 |
| croelandt | and how many of them/what their size is in a real use case | 14:12 |
| croelandt | The rule of thumb here is that if it is possible to do X and you remove X, someone is going to complain | 14:13 |
| croelandt | (insert relevant XKCD) | 14:13 |
| rosmaita | the person who proposed the patch and started that ML thread ran into an issue where some kind of tool wanted to put a really long value | 14:13 |
| rosmaita | so they wanted to add it to their volume's image_metadata before uploading the volume as an image | 14:13 |
| rosmaita | but cinder wouldn't let them add it (had a 255 char limit) | 14:14 |
| rosmaita | cinder decided to open up the limit to 65535 bytes because cinder *was* allowing really long values when you created a volume from an image ... it basically copied over all the image properties as volume image_metadata without complaining | 14:15 |
| rosmaita | so we went for symmetry | 14:15 |
| rosmaita | but my point is, i guess, that the patch author was willing to consider the 255 char limit | 14:15 |
| rosmaita | so i guess it wasn't that big a deal? | 14:15 |
| rosmaita | in any case, we know of 1 person using image metadata of len > 255 chars, i will reach out to him and find out what the use case is exactly | 14:16 |
| rosmaita | so to summarize: | 14:17 |
| rosmaita | the glance team feels like given the limits on number of properties per image, and number of images per project, we don't need to do an emergency change | 14:17 |
| rosmaita | instead, we should gather info about the use cases and see if some kind of limit < 65535 bytes makes sense | 14:18 |
| rosmaita | (end of summary) | 14:18 |
| rosmaita | (and i will shut up now) | 14:18 |
| croelandt | could we have a summary of the summary? | 14:19 |
| croelandt | Seriously, it makes sense not to rush anything | 14:19 |
| croelandt | It's not a security issue, and if some malicious user uses this "feature" to cause performance issues or whatever, I guess the admin can permaban them and that's it :) | 14:19 |
| pranali | yeah agreed | 14:20 |
| croelandt | Shall we move on? | 14:21 |
| rosmaita | nothing more from me about this | 14:22 |
| pranali | ohh yeah | 14:22 |
| pranali | moving ahead | 14:22 |
| pranali | #topic Spec Reviews | 14:22 |
| pranali | so again , reminder for the spec reviews incase if you have not yet given your vote :) | 14:23 |
| pranali | #link https://review.opendev.org/c/openstack/glance-specs/+/899804 - [Spec Lite] Deprecate location strategy | 14:23 |
| pranali | #link https://review.opendev.org/c/openstack/glance-specs/+/899805 - [Spec Lite] Deprecate cachemanage middleware | 14:23 |
| pranali | #link https://review.opendev.org/c/openstack/glance-specs/+/899367 - Use Centralized database for cache operations | 14:23 |
| pranali | #link https://review.opendev.org/c/openstack/glance-specs/+/899856 - Image Encryption | 14:23 |
| pranali | #link https://review.opendev.org/c/openstack/glance-specs/+/899857 - Caracal project priorities | 14:23 |
| pranali | today is the last day for approving specs, so if I don't see any objection on the specs today, I will go ahead and approve it tmrw | 14:24 |
| * croelandt still has the centralized DB to review | 14:24 | |
| pranali | we need reviews on Image Encryption as well | 14:25 |
| rosmaita | i will take an action to review image encryption spec | 14:25 |
| pranali | Thanks | 14:25 |
| pranali | The implementation patch is also up for the same | 14:25 |
| pranali | #link https://review.opendev.org/c/openstack/glance/+/902648 | 14:26 |
| rosmaita | i didn;t have any objections to the spec-lites, but i didn't feel like i had enough context to give a positive vote | 14:26 |
| pranali | ohh | 14:27 |
| pranali | do you want it to be more elaborative ? | 14:30 |
| rosmaita | no, the problem is that i missed the ptg discussion and didn't want to dig in further | 14:31 |
| pranali | ohh ok ok | 14:31 |
| pranali | let's move to open discussion | 14:32 |
| pranali | #topic Open Discussion | 14:32 |
| pranali | I have updated the new location api patch with the suggested changes, | 14:33 |
| pranali | #link https://review.opendev.org/c/openstack/glance/+/886749/33/glance/async_/flows/location_import.py | 14:33 |
| dansmith | the nova patch was merge-failing yesterday and thus has no test results after the latest changes | 14:34 |
| pranali | and nova-ceph-multistore job is also passing on the nova POC patch | 14:34 |
| dansmith | have you got that worked out? | 14:34 |
| pranali | #link https://review.opendev.org/c/openstack/nova/+/891207 | 14:34 |
| dansmith | it was complaining about one of the deps, which I assume was maybe the client patch | 14:34 |
| dansmith | ah, I see, good | 14:34 |
| pranali | yeah | 14:34 |
| pranali | it was because of glance patches, few jobs were failed with some other issues | 14:35 |
| pranali | that's it from me for today ! | 14:36 |
| croelandt | Thanks! | 14:36 |
| pranali | anyone has anything else ? | 14:37 |
| mrjoshi | nothing from me | 14:38 |
| pranali | ok, so let's conclude for the day then | 14:38 |
| pranali | Thanks everyone for joining !! | 14:38 |
| pranali | #endmeeting | 14:38 |
| opendevmeet | Meeting ended Thu Jan 11 14:38:59 2024 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 14:38 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/glance/2024/glance.2024-01-11-14.00.html | 14:38 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/glance/2024/glance.2024-01-11-14.00.txt | 14:38 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/glance/2024/glance.2024-01-11-14.00.log.html | 14:38 |
| rosmaita | bye! | 14:39 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!