URT:Agenda-2018-02-05

From EGIWiki
Jump to: navigation, search

Meeting

News

  • UMD4 regular release (4.7.0) planned for April 2018; dedicated updates are always possible
  • "bouncycastle update in EPEL" --> UMD emergency fix in preparation
    • release ready with buoncycastle package 1.46.1
    • @Joao: anything more needed?
  • UMD3 deprecation
    • WMS dismission plan presented at OMB
    • in parallel, UMD team will test upgrading the umd-release package from UMD3/SL6 to UMD4/SL6 to make usre everything works properly
    • plan will be arranged and agreed with PTs in January/February
    • at some point UMD3 will be "freezed" (no more updates of any kind, either security ones)
      • OMB suggested to remove it completely so that it's not used anymore
      • probably we will establish a period of 2-4 weeks during which sites get progressively aware that the old repos won't work anymore and switch to UMD4/SL6
      • if any security issue comes out during that period, we will ask to shut down the repository


  • CMD-OS update still in preparation: found SR for cloudkeeper, no way to include yet user id isolatin patch for Mitaka/Ubuntu
  • CMD-ONE first release to be fixed adding site BDII

UMD4

In Verification

  • nagios-promoo 1.5.0
  • arc 15.03.18
  • gram-client 13.19.1
  • dpm 1.9.2.xml
  • lcgdm 0.19.0.xml

Under Staged Rollout

  • apel-ssm 2.2.0
  • dpm 1.9.2
  • xroot 4.7.1
  • davix 0.6.7
  • gridftp 12.4.1

Ready to be Released

  • jocci-api 0.2.6
  • cvmfs-server 2.4.4
  • cvmfs 2.4.4

CMD-OS

In Verification

  • rocci-cli 4.10.2
  • cloudkeeper 1.6.0
  • ooi 1.2.0
  • gridsite 2.3.4

In Staged Rollout

  • cloud-info-provider 0.8.4
  • cloudkeeper-os 0.9.4
  • cloudkeeper 1.5.1


Ready to be released

NA

CMD-ONE

In verification

  • cloudkeeper 1.6.0


In Staged Rollout

  • gridsite 2.3.4
  • cloud-info-provider 0.8.4
  • rocci-cli 4.10.2
  • rocci-server 2.0.4
  • cloudkeeper 1.5.1
  • cloudkeeper-one 1.2.5
  • keystorm 1.1.0

Ready to be released

NA

Updates from Technical Providers

APEL

Frontier

Indigo-DataCloud

dCache

DPM/LFC

NTR

Data management clients

NTR

FTS

NTR

ARC

NTR

except repitition of ARC and VOMS server from the URT-mail list: Sites can configure an ARC CE in ways that discontinuing the support for the direct VOMS-server queries will not affect ARC-CEs.

QCG

Globus

xrootd

caNl

Preview

released on 2018-01-23

  • Preview 1.16.0 AppDB info (sl6): APEL-SSM 2.2.0, ARC 15.03 update 18, CVMFS 2.4.4, davix 0.6.7, dCache 2.16.58 and dcap 2.47.12, DPM 1.9.2, XRootD 4.8.0
  • Preview 1.16.1 (sl6): it simply fixes a problem in the apel-ssm file released with the previous update
  • Preview 2.16.0 AppDB info (CentOS 7): APEL-SSM 2.2.0, ARC 15.03 update 18, CVMFS 2.4.4, davix 0.6.7, dCache 3.1.27 and dcap 2.47.12, DPM 1.9.2, XRootD 4.8.0

to include for the next update:

  • frontier-squid 3.5.27-3.1

AOB

products that need to download from VOMS the list of users

VOMS allows to every owner of a IGTF certificate to download the list of users. This is not compliant with the European GDPR, since VO membership is considered sensitive data., so that VOMS needs to implement a stricter ACL to the users list.

In order to understand how to proceed, first of all we need to figure out all the use cases: please let us know if any of your products needs to get the users DN for performing the authentication and authorisation mechanism (i.e. grid-mapfile generation containing the users certificate subject).

bouncycastle update in EPEL

There is an update coming to EPEL 6 involving some Java components.

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-71db8f6f28

The original idea to update the bouncycastle package itself got a lot of negative comments due to it introducing to much backward compatibility. See the comments on the update ticket above. Instead an alternative approach was chosen: The existing bouncycastle package will not be updated but be kept at its current version, and a parallel installable bouncycastle1.58 package will be introduced that provides the updated version. The package review for this package has been completed and the package has been built.

The dependent packages (canl-java, voms-api-java, voms-clients-java) will be rebuilt against this package.

noarch packages depend on x86-64

when trying to install the following “noarch” packages on ppc64le system, some of them still required x86-64 dependency:

fts-rest-3.5.4-1.el7.centos.noarch.rpm
fts-rest-cloud-storage-3.5.4-1.el7.centos.noarch.rpm
fts-rest-http-authz-signed-cert-3.5.4-1.el7.centos.noarch.rpm
fts-rest-oauth2-3.5.4-1.el7.centos.noarch.rpm
fts-rest-selinux-3.5.4-1.el7.centos.noarch.rpm

glexec-wrapper-scripts-0.0.7-1.el7.noarch.rpm

mkgltempdir-0.0.5-1.el7.noarch.rpm

nordugrid-arc-aris-5.3.1-1.el7.centos.noarch.rpm
nordugrid-arc-ca-utils-5.3.1-1.el7.centos.noarch.rpm
nordugrid-arc-client-tools-1.0.7-1.el7.centos.noarch.rpm
nordugrid-arc-compute-element-1.0.7-1.el7.centos.noarch.rpm
nordugrid-arc-doc-2.0.15-1.el7.centos.noarch.rpm
nordugrid-arc-gridmap-utils-5.3.1-1.el7.centos.noarch.rpm
nordugrid-arc-information-index-1.0.7-1.el7.centos.noarch.rpm
nordugrid-arc-ldap-infosys-5.3.1-1.el7.centos.noarch.rpm
nordugrid-arc-ldap-monitor-5.3.1-1.el7.centos.noarch.rpm
nordugrid-arc-nagios-plugins-doc-1.9.1-0.rc1.el7.centos.noarch.rpm
nordugrid-arc-nagios-plugins-egi-1.9.1-0.rc1.el7.centos.noarch.rpm
nordugrid-arc-ws-monitor-5.3.1-1.el7.centos.noarch.rpm

qcg-appscripts-4.0.0-18.centos7.noarch.rpm
qcg-broker-4.2.0-6.centos7.noarch.rpm
qcg-broker-client-4.2.0-4.centos7.noarch.rpm
qcg-comp-egi-is-provider-4.0.0-5.centos7.noarch.rpm
qcg-egi-is-conf-4.0.0-1.centos7.noarch.rpm
qcg-ntf-egi-is-provider-4.0.0-1.centos7.noarch.rpm
qcg-ntf-nagios-probe-4.0.0-1.noarch.rpm

other AOB