Re: EOL candidates for security-support-ended.deb10

To: Debian LTS <debian-lts@lists.debian.org>
Subject: Re: EOL candidates for security-support-ended.deb10
From: Thomas Goirand <zigo@debian.org>
Date: Thu, 4 Aug 2022 00:17:36 +0200
Message-id: <[🔎] 19884714-1b36-db4e-a5e2-489b0d588595@debian.org>
In-reply-to: <[🔎] ef20000b-8822-942e-c848-a4858edf2cc0@beuc.net>
References: <[🔎] ef20000b-8822-942e-c848-a4858edf2cc0@beuc.net>

On 8/3/22 11:54, Sylvain Beucler wrote:

OpenStack: we tend not to support openstack beyond upstream's support,but I'm having a hard time associating the components version withOpenStack's major version; possibly other openstack packages (horizon,manila, neutron...) are concerned; see alsohttps://access.redhat.com/support/policy/updates/openstack/platform/ ;if somebody is more familiar with openstack, input would be appreciated :)
- keystone https://lists.debian.org/debian-lts/2020/05/msg00011.html


What do you think?

Cheers!
Sylvain

Hi,

I would be very honored if the LTS team was officially taking care ofOpenStack. If I'm not mistaking, there was a few updates made forStretch, so it's a good thing if there's LTS support for Buster. As muchas I know, there's no open security bugs against Buster packages for themoment.

Please also note that if OpenStack is to be supported, we also needsupport for:

- OpenVSwitch
- RabbitMQ
- Qemu
- MariaDB
- libvirt
- ...

If you need a full list of packages, you can for example use the packagelist over here:


http://osbpo.debian.net/debian/dists/stretch-rocky-backports/main/binary-amd64/Packages
http://osbpo.debian.net/debian/dists/stretch-rocky-backports-nochange/main/binary-amd64/Packages

(yes, these 2 lists of packages combined...)

Yes, that's the stretch list, because I always maintain a version of theOpenStack packages backported for stable-1, so it's possible to upgradeOpenStack first, and then the OS. So this list more or less contains thelist of packages that need to be supported by the LTS team for Buster.No, I don't think we should continue to maintain OpenStack packages inStretch at this point (I wouldn't know how to setup a Stretch cluster atthis time, but for Buster, I have all of the needed tooling).

As for versions, well Buster contains OpenStack Rocky. Version summarymay be found over here:


https://releases.openstack.org/rocky/index.html

With these 2 lists combine, we're kind of covered.

All packages contain unit test at build time, so it's kind of safe tobackport patches. If needed, I can do a setup from scratch if needed. Iwould strongly advise, recommend and push for working with the OpenStackTeam's Git on Salsa. It's completely up-to-date.

While I do not plan on doing the security backport work myself (as we'realready moving toward upgrades in production), I can help anyone thatplans doing it, and needs help. Just ping me (I read this list...).Also, note that these days, security problems are a way more rare thanit used to be at the beginning of the OpenStack project, 11 years ago.

So, are we going to continue support OpenStack Rocky in Buster LTS?Please let me know.


I hope that helps,

Cheers,

Thomas Goirand (zigo)

Reply to:

References:
- EOL candidates for security-support-ended.deb10
  - From: Sylvain Beucler <beuc@beuc.net>

Prev by Date: Re: linux-5.10 code signing in buster
Next by Date: buster LTS open, don't conflict with OPU
Previous by thread: Re: EOL candidates for security-support-ended.deb10
Next by thread: Re: EOL candidates for security-support-ended.deb10
Index(es):
- Date
- Thread