Hi, Forgive my ignorance guys, but why are you still discussing updating the firefly release in Jessie when ceph has released two major stable releases after it, one of them being an LTS (hammer)? Why not just propose to upgrade Jessie's package to Hammer at least.
Hpcre On 5 Jan 2016 23:33, "Gaudenz Steinlin" <gaud...@debian.org> wrote: > > [ CCing the upstream package maintainers list ] > > Hi > > Julien Cristau <jcris...@debian.org> writes: > > > On Fri, Sep 18, 2015 at 22:57:27 +0200, Gaudenz Steinlin wrote: > > > >> > >> Hi debian-release > >> > >> Gaudenz Steinlin <gaud...@debian.org> writes: > >> > >> > Gaudenz Steinlin <gaud...@debian.org> writes: > >> >> I'd like to update ceph in jessie to the latest upstream bugfix > release. > >> >> The version of ceph in jessie is a long term support (LTS) release > which > >> >> will receive updates at least until January 2016. Updates will be > bugfix > >> >> only. New features go into new release which are developed in > parallel. > >> >> See at the end of this report for the upstream changelog. > >> >> > >> >> See http://ceph.com/docs/master/releases/ for the ceph release > timeline > >> >> and support statement. > >> >> > >> > > >> > Just as an additional data point, Ubuntu has a "Minor Release > Exception" > >> > for stable updates for their ceph package [1]. > >> > >> In the meantime another stable point release of ceph 0.80 (0.80.10) was > >> released and on top of that there is a (minor) security issue which > >> won't be fixed through a security update but which would be nice to fix > >> by a stable update (see bug #798567 / CVE-2015-5245)). > >> > >> As another stable update has passed, it would be nice if someone of the > >> stable release team could comment on this and eventually decide if they > >> are OK with the proposal to follow the ceph stable branch or if they > >> don't like it and would prefer an update just fixing the security bug. > >> It would be nice to have a decision soon, so that there is enough time > >> to prepare and test the update for the next stable point release. > >> > > What does the QA process on upstream's bugfix releases, and on the > > Debian side for the proposed stable updates, look like? > > The QA processes on the upstream side are quite extensive. They run > integration and upgrade tests on a regular basis. They use their test > framework theutology[1] for these tests. Their QA configuration is > available in the ceph-qa-suite repository [2]. > > Unfortunately it's not easy to see how this testing is actually done and > if the tests all pass at release time. Maybe someone from upstream Ceph > can shed some more light on this and explain things in more detail. Some > test results can be seen on Pulpito [3] but it's not clear to me how > these results relate to actual releases. > > The QA on the Debian side is not as extensive. My resources are limited, > but I do run my builds on my own test infrastructure. But I expect the > changes to the Debian packaging side to be fairly minimal. > > > > > So far I'm leaning towards rejecting this request, as I don't want to > > spend that much time reviewing these changes, and as you see we're > > already way behind on stable update requests. > > I don't think it's reasonable to expect the release team to review the > upstream changes. If you don't trust them enough to not break things, > then we should not upgrade the package. On the other hand other major > Linux distribution do trust them enough as I wrote in my initial > request. > > If you agree to do these stable updates they have to be done in a > similar way to the postgres and linux kernel updates. I don't think the > release team or any Debian developer reviews all upstream changes there. > So it's really a matter of trust. > > Upstream also provides their own Debian packages which are always > updated to the latest bugfix point releases. I guess many users use > these packages instead of the packages from Debian because they are > up to date wrt bugfix releases. IMO this is sad as I think Debian should > aim at providing the most useful experience out of the box without 3rd > party repositories. > > Gaudenz > > [1] https://github.com/ceph/teuthology > [2] https://github.com/ceph/ceph-qa-suite/tree/firefly > [3] http://pulpito.ceph.com/?branch=firefly > > _______________________________________________ > Ceph-maintainers mailing list > ceph-maintain...@lists.ceph.com > http://lists.ceph.com/listinfo.cgi/ceph-maintainers-ceph.com > >
