►
From YouTube: Ceph Orchestrator Meeting 2022-03-15
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
All
right
price
start.
I
don't
have
much
earlier
to
talk
about
today.
I
have
one
topic
I
put
down,
which
is
just
firewall
management,
and
so
basically
it
was.
It
came
up
again
because
there
was
a
tracker
saying
we
should
maybe
just
remove
the.
I
forgot
the
flag,
there's
a
bootstrap
flag
about
whether
we
should
firewall
configuration
or
not,
and
the
factory
saying
we
just
remove
it,
because
it
doesn't
actually
do
anything
anymore.
A
A
So
I
guess
the
topic
really
here
was
just
what
do
we
want
to
do
with
that?
A
Should
we
go
back
to
trying
to
manage
the
firewall
and
making
sure
we
have
certain
open
ports
during
bootstrap
and
all
that
or
do
we
want
to
sort
of
leave
it
as
it
is,
and
just
not
really
do
much
with
it
and
just
remove
that
flag?
A
I
don't
remember
the
history
behind
it
when
we
remove
the
I
removed
like
right
after
I
got
here.
Basically
I
don't
know,
I
don't
know
if
anyone
has
the
original
our
initial
thoughts
on
that
go
to
try
to
find
this
tracker.
B
A
Yeah
I
was
asking,
I
guess
the
topic
was
just
if
we
actually
want
to
go
back
to
trying
to
do
the
firewall
management
or
not.
A
I
assume
there
was
a
reason
we
got
rid
of
it
and
it
just
happened
so
long
ago.
Yeah.
I
commit
that
that
tracker
links
it's.
What
is
it
request
from.
B
A
Yeah
we
have
a
firewall
class
that
has
some
functions
in
it
for
it,
but
we
don't
really
use
it.
Hey
this
yeah
they've
also
got
added,
then
that
commit
those
reference
in
the
the
tracker.
You
know
it
turns
it
into
an
actual
class
that
was
part
of
the
work
was
just
refactoring.
It
then,
I
think
the
actual
calls
that.
A
A
A
A
C
I
don't
know,
could
you
hide
it
from
the
help
just
kind
of
mark
it
as
deprecated
hide
it
from
the
help?
So
people
don't
see
it
as
an
attractive
nuisance,
but
won't
break
old
code
that
might
have
it
in
it.
B
C
C
But
otherwise
you
know
if
there's
an
expect,
but
the
last
time
I
tried
to
do
any
firewall
management
stuff,
it's
kind
of
a
pain
because
you
have
to
you,
don't
get
to
own
everything.
So
it's
a
little
bit
like!
Oh,
you
know.
I
also
want
you
know
my
http
port
bound
to
apache,
and
I
want
this
other
port
with
blah
blah.
C
So
I
think,
unless,
unless
there's
a
user
demand
that
justifies
the
complexity,
I
would,
I
would
say,
skip
it
for
now.
C
A
B
I
I
don't
know
in
which
use
case
you
mean
lag.
It
seems
like
if
you're
managing
your
own
firewall
from
outside,
then
you
will
not
open
the
ports.
Does
this
make
sense?
I
mean.
If,
if
you
want
to
deploy
services,
then
you
have
to
make
sure
that
you
can
open
the
ports
the
way
the
race
you,
you
will
not
be
able
to
deploy
them.
D
D
Well,
originally,
it
was
added,
I
believe,
because
certain
systems
that
you
like
say
ubuntu
or
maybe
some
debian
system
doesn't
have
firewall
d
or.
D
So
there
may
be
a
legitimate
reason
to
skip
the
firewall,
but
yeah
there
are
edge
cases
for
a
standard,
centos
or
other
type
of
system.
A
A
D
C
C
D
Yeah,
but
it
was
certainly
removed
by
that
pr.
Just
pierre
identified.
C
Go
and
remove
it
yeah
I
mean.
Alternatively,
you
can
literally
just
summarize
this
discussion
in
that
tracker.
Give
him
two
weeks
to
reply,
and
then
you
know,
if
there's
no
reply,
say:
okay,
it's
safe
to
remove
or
hide.
D
A
A
A
A
A
Yeah,
I
guess
actually,
I
guess,
there's
actually
a
point
here
is
that
we
we
need
to
have
it
working
for
adoption
and
boy
that
one
those
ones
will
actually
attempt.
You
update
the
firewall.
A
Yeah,
in
that
case,
do
we
want
to
just
like
mike,
was
saying
just
put
it
back
in
without
it
make
sure
that
adopt
and
deploy
don't
use
it.
A
A
A
So
there's
this
very,
very
minimal,
actual
port
management.
There.
A
Like
say,
like
there's
a
ton
of
different
ports,
you
kind
of
want
to
be
open
for
yourself
cluster,
but
we
don't
actually
try
to
open
any
of
those.
We
just
you
know
open
the
dashboard
port
would
be
fair.
Even
then
they
would
only
do
it
for
the
bootstrap
post,
so
they
used
to
love
to
do
this.
For
all
your
other
hosts
manually
anyway,.
A
A
Any
reason
not
bootstrap
as
well.
I
guess
well,
I
guess
we
could
there
it
just.
It
doesn't
even
use
the
same
function.
It
doesn't
call
that
update
firewall
whatever
it
it
just
sort
of
manually
does
the
activation
of
that.
If
anything,
it
should
probably
just
change
what
calls
it
it
like
manually
defines
which
port
it's
going
to
change
and
things,
whereas
the
other
ones
just
do
it
by
demon
type
but
yeah.
I
guess
it
should
be
done
there
too.
A
A
I
wonder
if
he
was
trying
to
adopt
or
something
and
that's
where
you
hit
it.
I
can
I'm
trying
to
think
of
what
case,
because
bootstrap
wouldn't
really
matter
too
much.
Maybe
it
would
fail
at
the
very
end,
putting
the
dashboard
port,
but
most
of
the
things
would
still
work
at
that
point.
That's
like
the
last
thing
we
do
and
I
don't
think
you'll
be
manually
calling
deploy.
So
I
would
have
to
be
adoption.
A
A
Yeah,
that's
what
I
thought.
I
think
I
thought
that
we
removed
some
of
it
because
I
wasn't
I'd
know
it.
This
is
this
got
removed
a
very
long
time
ago,
so
or
this
vr
that
this
refactor
one
at
least
this
happened
like
two
years
ago.
Almost
I
don't
remember
it
all
super
well,
but
it
does
seem
like
we
still
are
doing
a
little
bit
of
port
management,
basically
only
for
the
adoption
and
void
commands,
then
there's
one
port
for
the
bootstrap.
A
So
it
would
be
easy
enough
to
just
not
do
that
if
this
flag
is
set
for
whatever
reason
people
you
wanted.
C
A
A
Yeah,
I
guess
I'll
update
the
other
pad,
that's
done,
and
that
was
also
the
only
topic
I
had
part
of
this.
There
was
kind
of
a
slow
week.
I
guess
upstream.
B
Maybe
just
to
highlight
that
we
are
starting
to
work
in
this
feature
request
from
paul
peter.
B
B
B
Yeah,
so
this
vr
basically
is
feature
request
to
add
end
points
in
and
cf
adm
to
reports
the
different
configuration
for
services.
By
already,
we
already
deployed,
such
as
machine
color
manager,
node
exporter,
h
a
proxy.
B
So
this
pr
asks
for
us
to
add
support
to
report
this
configuration
through
different
endpoints
and
use
a
new
feature
in
prometheus
in
order
to
consume
these
endpoints
and
get
this
configuration
dynamically.
This
way
you
could,
you
can
have
the
same
configuration
used
by
staff
adm
being
used
by
some
external
permissions
server.
B
I
guess
that
adam,
so,
once
we
added
this
support,
then
we
have
to
move
to
modify
the
monitoring
class
in
order
to
generate
a
new
configuration
file
for
prometheus
instead
of
using
static
information.
It
just
used
this
new
endpoint
to
get
the
configuration.
A
Yeah,
I
think
there's
this
specifically
this
grape
configuration
we
need,
because
stephanie
is
the
one
who
knows
that
which
places
the
previous
screen,
so
you
guys
have
to
give
them
that,
so
they
knows
where
to
where
to
look.
They
can't
tell
on
their
own.
B
A
All
right
yeah,
I
guess
this
might
be
something
that
comes
up
again
like
next
week
or
two
weeks
from
now.
We
end
up
running
some
implementation
difficulties,
but
I
think
now
I
guess
maybe
it's
a
bit
too
early
on
to
have
any
specific
questions.
A
Okay,
that's
all
good.
Does
anyone
have
any
other
topics.
C
Very
good
for
today
I
don't
know
if
there's
a
topic,
it
kind
of
came
up
and
downstream
earlier
today,
so
I've
been
looking
at
some
general
manager
stuff
and
I
noticed
as
a
the
manager
module
py
in
the
root
of
I
buying
manager
is
kind
of
big,
it's
kind
of
huge
actually
and
my
first
well.
I
had
a
thought
like:
oh
you
know,
turn
this
into
a
directory
and
then
I'm
like
wait.
This
is
getting
close
to
the
part
where
the
python
info
and
the
c
plus
plus
interact.
C
Who
is
if
I
don't
have
to
change
anything
right
now,
but
I'm
more
curious
like
if
we
had
to
change
something
around
that
area
where
the
layers
of
the
python
and
c
plus
plus
parts
come
together.
Do
we
have
good
resources
to
ask
questions
of
and
like
the
c
plus
plus
land.
B
A
I've
seen
some
stuff
from
him
even
recently
he
is
active
upstream
sometimes,
but
he
did.
He
doesn't
officially
work
on
it
anymore.
A
C
A
I
mean
it's
just
been
a
general
gap.
We've
had
right
now
is
just
people
supposed
to
go
to
the
manager's
side
in
general
yeah,
including
the
pie
buying
stuff,
because
we
don't
have
anybody
officially
maintaining.
C
A
Oh
there's
nothing
else,
and
here
see
you
all
next
week.