Tuesday, 2022-08-30

clarkbOur weekly meeting will begin momentarily18:59
clarkb#startmeeting infra19:01
opendevmeetMeeting started Tue Aug 30 19:01:36 2022 UTC and is due to finish in 60 minutes.  The chair is clarkb. Information about MeetBot at http://wiki.debian.org/MeetBot.19:01
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.19:01
opendevmeetThe meeting name has been set to 'infra'19:01
clarkb#link https://lists.opendev.org/pipermail/service-discuss/2022-August/000356.html Our Agenda19:01
clarkb#topic Announcements19:01
ianwo/19:02
clarkbOpenStack's feature freeze begins this week.19:02
clarkbGood time to be on the lookout for any code review and CI issues that the stress of feature freeze often brings (though more recently the added load hasn't been too bad)19:02
clarkbAlso sounds like starglinx is trying to prepare and ship a release19:03
clarkbWe should avoid landing risky changes to the infrastructure as well19:03
clarkbuse your judgement etc (I don't think we need to stop the weekly zuul upgrades for example as those have been fairly stable)19:03
clarkb#topic Bastion Host Updates19:04
clarkbI don't have anything new to add to this. Did anyone else? I think we ended up taking a step back on the zuul console log stuff to reevaluate things19:05
fungii didn't19:05
ianwi didn't, still working on the zuul console stuff too in light of last week; we can do the manual cleanup19:07
clarkbok I can pull up the find comamnd I ran previously and rerun it19:08
clarkbmaybe with a shorter timeframe to keep. I think I used a month last time.19:08
clarkb#topic Upgrading Bionic Servers19:08
clarkbI've been distracted by gitea (something that needs upgrades acutally) and the mailman3 stuff.19:08
clarkbAnyone else look at upgrades yet?19:09
clarkbSounds like no. Thats fine we'll pick this up in the future.19:10
clarkb#topic Mailman 319:10
clarkb#link https://review.opendev.org/c/opendev/system-config/+/851248 Add a mailman 3 server19:10
clarkbThis change continues to converge closer and closer towards something that is deployable. And really at this point we might want to think about deploying a server?19:11
clarkbIn particular fungi tested the migration of opendev lists and that seemed to go well19:11
clarkbconfiguration expectations made it across the migration19:11
fungiyep, seemed to keep the settings we want19:11
clarkb#link https://etherpad.opendev.org/p/mm3migration Server and list migration notes19:11
clarkbI did add some notes to the bottom of taht etherpad for additional things to check. One of them I've updated the chagne for already.19:12
fungithose are the exact commands i'm running, so we can turn it into a migration script as things get closer19:12
clarkbI think testing dmarc if possible is a good next step. Unfornately I'm not super sure about how we should test that19:12
ianwthat sounds hard without making dns entries?19:13
clarkbI guess we'd want to know if our existing dmarc valid signature preserving behavior in mm2 is preserved and if not if the mm3 dmarc options are good?19:13
fungiit may be easier to test that once we've migrated lists.opendev.org lists to a new prod server19:13
clarkbya I think we can test the "pass through" behavior of service-discuss@lists.opendev.org using the test server if we can send signed email to the test server. But doing that without dns is likely apinful19:13
fungilike, consider dmarc related adjustments part of the adjustment period for the opendev site migration19:13
clarkbthat makes sense as we'd have dns all sorted for that19:14
fungibefore we do the other sites19:14
fungialternative option would be to add an unused fqdn to a mm3 site on the held node and set up dns and certs, et cetera19:15
clarkbthat seems like overkill19:15
fungiyes, i'm reluctant to create even more work19:15
clarkbI think worst case we'll just end up using new different config for dmarc handling19:15
clarkband if we sort that out on the opendev lists before we migrate the others that is likely fine19:15
fungiand at least mm3 has a greater variety of options for dmarc mitigation19:15
clarkbThe other thing I had in mind was testing migration of openstack-discuss as there are mm3 issues/posts about people hitting timeouts and similar errors with large list migrations19:17
clarkbMaybe we should do that as a last sanity check of mm3 as deployed by this change then if that is happy clean the change up to make it mergeable?19:17
fungishould be pretty easy to run through, happy to give that a shot this evening19:17
clarkbgreat. Mostly I think if we are going to have any problems with migrating it will be with that list so that gives good confidence in the process19:17
fungirsync will take a while19:18
clarkbfungi: one thing to take note of is disk consumption needs for the hyperkitty xapian indexes and the old pipermail archives and the new sotrage for mm3 emails19:18
clarkbso that when we boot a new server we can estimate likely disk usage needs and size it properly19:18
* clarkb adds a note to the etherpad19:18
fungialso we should spend some time thinking about the actual migration logistics steps (beyond just the commands), like when do we shut things down, when do we adjust dns records, how to make sure incoming messages are deferred19:18
fungii have a basic idea of the sequence in my head, i'll put a section for it in that pad19:19
clarkb++ thanks19:20
clarkbThis is the sort of thing we should be able to safely do for say opendev and zuul in the near future then do openstack and starlingx once their releases are out the door19:20
fungithere will necessarily be some unavoidable downtime, but we can at least avoid bouncing or misdelivering during the maintenance19:20
fungialso there are still some todo comments in that change19:21
clarkbI just deleted a few of them with my last update19:21
fungifor one, still need to work out the apache rewrite syntax for preserving the old pipermail archive copies19:21
fungioh! i haven't looked at that last revision yet19:22
clarkbI didn't address that particular one19:22
clarkbI can try to take a look later today at that though19:22
fungii can probably also work it out now that we have an idea of what it would look like19:22
clarkband clean up any other todos https://review.opendev.org/c/opendev/system-config/+/851248/65/playbooks/service-lists3.yaml had high level ones we can clean up now too19:22
corvusi think moving zuul over right after opendev would be great19:23
clarkbfungi: if you poke at the migration for service-discuss I can focus on cleaning up the chagne to make it as mergeable as possible at this point19:23
clarkbcorvus: good to hear. I suspected you would be interested :)19:23
clarkbSo ya long story short I think we need to double check a few things and clean the change up to make it landable but we are fast appraoching the point where we actually awnt to deploy a new mailman3 server19:24
clarkbexciting19:24
clarkbI can also clean the change up to not deploy zuul openstack starglinx etc lists for now. Justh ave it deploy opendev to start since that will mimic our migration path19:25
clarkbAnything else mm3 related?19:25
clarkb#topic Gerrit load issues19:26
clarkbThis is mostly still on here as a sanity check. I don't think we haev seen this issue persist?19:27
clarkbAdditionally the http thread limit increase doesn't seem to have caused any negative effects19:27
fungii haven't seen any new issues19:28
clarkbThere were other changes I had in mind (like bumping ssh threads and http threads together to keep http above the ssh+http git limit), but considering we seem stable here I think we leave it be unless we observe issues agan19:28
clarkb#topic Jaeger Tracing Server19:30
clarkbcorvus: I haven't seen any chagnes for this yet. No rush but wanted to make sure I wasn't missing anything19:31
clarkbMostly just a check in to make sure you didn't need reviews or other input19:32
corvusclarkb: nope not yet -- i'm actually working on the zuul tutorial/example version of that today, so expect the opendev change to follow.19:33
clarkbsounds good19:34
clarkb#topic Fedora 3619:34
clarkbianw: can you fill us in on the plans here? In particular one of the potentially dangerous things for the openstack release is updating the fedora version under them as they try to release19:35
ianwjust trying to move ahead with this so we don't get too far behind19:36
ianwi'm not sure it's in the release path for too much -- we certainly say that "fedora-latest" may change to be the latest as we get to it19:36
ianwone sticking point is the openshift related jobs, used by nodepool19:37
ianwunfortunately it seems due to go changes, the openshift client is broken on fedora 3619:38
ianwtangentially, this is also using centos-7 and a SIG repo to deploy openshift-3 for the other side of the testing.  i spent about a day trying to figure out a way to migrate off that19:38
clarkbianw: the fedora 36 image is up and running now though as we can discover these problems at least? The next steps are flipping the default nodeset labels?19:39
ianw#link https://review.opendev.org/c/zuul/zuul-jobs/+/85404719:39
ianwhas details about why that doesn't work19:39
ianwclarkb: yep, nodes are working.  i've made the changes to nodesets dependent on the zuul-jobs updates (so we know it at least works there), so have to merge them first19:41
ianwi think they are now fully reviewed, thanks19:41
ianw(the zuul-jobs changes)19:41
clarkbok so mostly a matter of updating base testing and fixing issues that come up19:42
clarkbAnything that needs specific attention?19:43
ianwi don't think so19:44
ianwthanks, unless somebody finds trying to get openshift things running exciting19:45
clarkbI've run away from that one before :)19:46
clarkbIt might not be a terrible idea to start a thread on the zuul discuss list about whether or not the openshift CI is viable19:46
fungior at least "practical"19:46
clarkband instead start treating it like one of the other nodepool providers that doesn't get an actual deployment19:46
clarkbnot ideal but would reduce some of the headache for maintaining it19:47
fungirelated, there was a suggestion about using larger instances to test it19:48
fungithere's this change which has been pending for a while:19:48
fungi#link https://review.opendev.org/844116 Add 16 vcpu flavors19:49
fungithey also come with more ram, as a side effect19:49
fungiwe could do something similar but combine that with the nested-virt labels we use in some providers to get a larger node with nested virt acceleration19:49
ianwwe could ...19:50
ianwbut it just feels weird that you can't even start the thing with less than 9.6gb of ram19:50
fungii concur19:51
corvusit would be interesting to know if there are any users of the openshift drivers (vs the k8s driver, given the overlap in functionality).19:51
ianw++ ... that was my other thought that this may not even be worth testing like this19:51
corvus(i am aware of people who use the k8s nodepool driver with openshift)19:52
ianwright, but something like minikube might be a better way to do this testing?19:52
clarkbI think tristanC may use them. But agreed starting a thread on the zuul mailing list to figure this out is probably a good idea19:52
ianwyeah, perhaps that is the best place to start, i can send something out19:53
clarkb#topic Open Discussion19:53
clarkbWe are nearing the end of our hour. ANything else before time is up?19:54
fungii got nothin'19:54
clarkbThe gitea upgrade appears to have gone smoothly19:54
clarkbI wonder if anyone even noticed :)19:55
clarkbMonday is technically a holiday here. I'll probably be around but less so (I think I've got a BBQ to go to)19:55
fungioh, good point. i should try to not be around as much on monday19:56
ianwtime to put your white shoes away19:56
* fungi puts on his red shoes and dances the blues19:57
clarkbSounds like that is everything. Thank you everyone19:58
clarkbWe'll see you back here next week19:58
clarkb#endmeeting19:58
opendevmeetMeeting ended Tue Aug 30 19:58:24 2022 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)19:58
opendevmeetMinutes:        https://meetings.opendev.org/meetings/infra/2022/infra.2022-08-30-19.01.html19:58
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/infra/2022/infra.2022-08-30-19.01.txt19:58
opendevmeetLog:            https://meetings.opendev.org/meetings/infra/2022/infra.2022-08-30-19.01.log.html19:58
corvusthanks clarkb !19:58

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!