[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: EOL candidates for security-support-ended.deb10



On 8/3/22 11:54, Sylvain Beucler wrote:
OpenStack: we tend not to support openstack beyond upstream's support, but I'm having a hard time associating the components version with OpenStack's major version; possibly other openstack packages (horizon, manila, neutron...) are concerned; see also https://access.redhat.com/support/policy/updates/openstack/platform/ ; if somebody is more familiar with openstack, input would be appreciated :)
- keystone https://lists.debian.org/debian-lts/2020/05/msg00011.html


What do you think?

Cheers!
Sylvain

Hi,

I would be very honored if the LTS team was officially taking care of OpenStack. If I'm not mistaking, there was a few updates made for Stretch, so it's a good thing if there's LTS support for Buster. As much as I know, there's no open security bugs against Buster packages for the moment.

Please also note that if OpenStack is to be supported, we also need support for:
- OpenVSwitch
- RabbitMQ
- Qemu
- MariaDB
- libvirt
- ...

If you need a full list of packages, you can for example use the package list over here:

http://osbpo.debian.net/debian/dists/stretch-rocky-backports/main/binary-amd64/Packages
http://osbpo.debian.net/debian/dists/stretch-rocky-backports-nochange/main/binary-amd64/Packages

(yes, these 2 lists of packages combined...)

Yes, that's the stretch list, because I always maintain a version of the OpenStack packages backported for stable-1, so it's possible to upgrade OpenStack first, and then the OS. So this list more or less contains the list of packages that need to be supported by the LTS team for Buster. No, I don't think we should continue to maintain OpenStack packages in Stretch at this point (I wouldn't know how to setup a Stretch cluster at this time, but for Buster, I have all of the needed tooling).

As for versions, well Buster contains OpenStack Rocky. Version summary may be found over here:

https://releases.openstack.org/rocky/index.html

With these 2 lists combine, we're kind of covered.

All packages contain unit test at build time, so it's kind of safe to backport patches. If needed, I can do a setup from scratch if needed. I would strongly advise, recommend and push for working with the OpenStack Team's Git on Salsa. It's completely up-to-date.

While I do not plan on doing the security backport work myself (as we're already moving toward upgrades in production), I can help anyone that plans doing it, and needs help. Just ping me (I read this list...). Also, note that these days, security problems are a way more rare than it used to be at the beginning of the OpenStack project, 11 years ago.

So, are we going to continue support OpenStack Rocky in Buster LTS? Please let me know.

I hope that helps,

Cheers,

Thomas Goirand (zigo)


Reply to: