Tuesday, 2024-03-19

clarkbMeeting time18:59
clarkb#startmeeting infra19:00
opendevmeetMeeting started Tue Mar 19 19:00:12 2024 UTC and is due to finish in 60 minutes.  The chair is clarkb. Information about MeetBot at http://wiki.debian.org/MeetBot.19:00
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.19:00
opendevmeetThe meeting name has been set to 'infra'19:00
clarkb#link https://lists.opendev.org/archives/list/service-discuss@lists.opendev.org/thread/2KGXT47R66KRZPHD6I2HXB23SLIKCYOZ/ Our Agenda19:00
clarkb#topic Announcements19:00
clarkbfungi: made a git-review 2.4.0 release yesterday. Now is a good time to update if you haven't already19:00
clarkbhaving us use the latest version helps find any issues that might be present through our day to day use19:01
clarkbAnd the PTG is fast approaching19:01
clarkb#link https://etherpad.opendev.org/p/apr2024-ptg-opendev Get your PTG agenda items on the agenda doc19:01
fungithough also installing the branch tip should always be safe, since we do test it19:01
fungiand helps us find problems prior to tagging a new release19:01
clarkb++19:02
clarkbfor the PTG I've gone ahead and added soem stuff. But as previously mentioend I expect ti to be fairly low key on our side and more of an outreach to our users sort of thing19:02
clarkbhelp them with their items rather than push any specific thigns from our side19:02
clarkbthat said feel free to add content to that etherpad19:02
clarkb#topic Server Upgrades19:03
clarkbI haven't seen any new movement on this and I've been plenty distracted by old distro cleanups and rax auth and zuul reviews19:04
clarkbI suspect that the rest of us may similarly be distracted and not have anything new here. I'll give it a few minuets for others to chime in if I've missed anything before we move on19:04
clarkb#topic MariaDB Upgrades19:07
clarkb#link https://review.opendev.org/c/opendev/system-config/+/910999 Upgrade refstack mariadb to 10.1119:07
clarkb#link https://review.opendev.org/c/opendev/system-config/+/911000 Upgrade etherpad mariadb to 10.1119:07
clarkbif I can get reviews on these changes I'm happy to approve and watch the rollout when it is convenient19:07
clarkbI think thats mostlywhere this is at. Just sanity checks that we're ok with the process applied to these services and then finding time to do it19:08
clarkb#topic AFS Mirror cleanups19:09
clarkbCentOS 7 is gone19:09
fungiand there was much rejoicing19:09
clarkbthank you everyone for the help getting things into shape to make that possible19:09
fungiif that experience has taught me anything, it's that i'm not looking forward to untangling ubuntu-xenial removal19:10
clarkbI did notice that I made some mistakes in cleaning up the opensuse obs centos 7 stuff whcih led to even more cleanups to the opensuse volume19:10
clarkb#link https://review.opendev.org/c/opendev/system-config/+/913608 Final OpenSUSE mirror cleanup19:10
clarkbthis is opensuse cleanup but it is related to centos 7 :) and I think is the last step in finally clearing up both opensuse and centos 719:10
clarkband ya after that is done it is time to start looking at ubuntu xenial removal which is going to be "fun"19:11
clarkbI've already got some changes up under topic:drop-ubuntu-xenial but that is going to be just the tip of the iceberg I expect19:11
fungimore like a continental ice sheet19:11
fungior at least a modest glacier19:12
clarkbThe upside to all of this is our afs volume capacity is looking far moer healthy. Which means we should have plenty of space for things like ubuntu 24.04 and maybe others19:12
clarkbso ya reviews welcome on that last cleanup change then be on the lookout for xenial removal stuff probably more serisouly after the PTG? I think between now and then I may have too much other stuff to work on19:13
clarkb#topic Rebuilding Gerrit Images19:13
clarkbOf which this is one :)19:13
clarkbI'd like to get our gerrit 3.9 image updated to 3.9.2. One big reason for this is it will make it easier to test 3.9's broken change reindexing to better understand if and how that affects us before we upgrade19:13
fungisounds like a great idea19:14
clarkbbut that will also upate our gerrit 3.8 image which means we should couple landing that change with a production restart of gerrit. Might be a good thing for late this week19:14
clarkbsimilar to the db upgrade changes I'm happy if others review the changes then I can approve and babysit as necessary (in this case do a docker-compose pull and down and up -d)19:15
clarkbre the 3.9 reindexing issue I also put it on the April 4th gerrit community meeting agenda to discuss the impact and better understand the issue19:15
clarkbit seems like a fairly serious problem but they aren't rushing to fix it so I may just lack understanding19:15
clarkb#link https://review.opendev.org/c/opendev/system-config/+/912470 Update our 3.9 image to 3.9.219:16
clarkbI forgot to link the change. That chagne is the one that needs reviews :)19:16
clarkb#topic Rackspace MFA19:18
clarkbWe will be required to setup MFA in rax March 26th but last week we decided to opt into it early to find any expected problems in a more controlled manner19:18
clarkbas noted yesterday fungi and I have meetings basically all day today so we said we'd do this tomorrow19:19
clarkbfungi: I'll just catch up with you tomorrow moring on that and we can work through it?19:19
fungiyep, sounds good to me19:19
clarkb#topic Project Renames19:20
clarkbpreparing for this also in the list of things I need to look at before worrying too much about ubuntu xenial removal19:20
clarkb#link https://review.opendev.org/c/opendev/system-config/+/911622 Move gerrit replication queue aside during project renames.19:21
clarkbthis is a prep change for the playbook itself19:21
clarkbOnce we're a bit closer we'll need to records changes too but don't need to do that too early19:23
clarkb#topic Linaro Cloud Cert Renewal19:24
clarkbOur helpful certchecker tool is warning us that this cert will expire on April 1519:24
clarkbI've written down the process for renewing the cert on the node itself which si reachable from bridge19:25
clarkbits fairly straightforward we run acme.sh to get a new LE cert. Then copy its contents where kolla can find it and run kolla19:25
fricklerwhere is that writeup? I could take a look at this19:26
clarkbfrickler: its in the root homedir on the server itself19:26
fungishould we port that process document into system-config's docs for posterity, or is it too full of sensitive info?19:27
clarkbfungi: we probably could19:27
clarkbI don't think it has any sensitive info in the process.19:27
clarkbthe server is access via bridge (and the server is the last one in our ansible inventory). You ssh in via bridge and then the doc is there. Happy to help port to our proper docs now that we've used thep rocess more than once and didn't need to make big changes ot it19:28
clarkbthe first time I wrote it down I was distilling from a couple of emails.19:28
clarkbbut I think tonyb did the last one without any issue off the local doc so ya proper hosting of that is fine19:28
fungiif discoverability is a concern, replacing it with a one-line file linking to the appropriate section of our docs would likely work19:28
clarkb++19:29
fricklerI'll take a look at it later this week, seems it isn't urgent yet19:29
clarkbfrickler: ya not urgent. Let me know if you have any questions19:29
fricklerexcept for the daily warning mail, which is a good reminder ;)19:29
clarkb#topic Nodepool Image Delete After Upload19:29
clarkbcorvus wanted to point out that this new feature has landed in nodepool and we can make use of it if we like19:30
clarkbbasically you can update the configs to opt into having nodepool builder clean up on disk image files after they have been uploaded to clouds. Additionally you can opt to keep certain image formats and clear out others.19:30
clarkbIn our case I think we could choose to delete all but the qcow2 format of the image since that file is the smallest and we can generate the other two (raw and vhd) from the qcow2 if necessary19:30
corvusmight be worth asking what we want out of local images; recovery in case of cloud issues? user access for reproducibility?19:31
clarkbcorvus: currently we do host files for users to do local reproduction but we only serve the qcow2 files to force people into the lower bandwidth option19:31
clarkbfor this reason I don't think we want to delete all of the image files after upload, but I do think we can get away with keeping only the qcow2 file19:31
corvusso qcow2 for user access would be great then; and i think we're probably not too worried about cloud issues?19:31
fungiwe did make them downloadable for user reproducibility reasons, i point people to those with some regularity19:31
clarkbcorvus: ya I think for cloud issues we have enough clouds that we would fetch from one of them to push into another if absolutely necessary19:32
clarkbor just rebuild and let other clouds deal with that particular image type in the interim19:32
corvuslike, if we lose a cloud we could probably live with either "let the next rebuild fix it" or "convert it ourselves" if we're in a dire situation.19:32
clarkbexactly19:32
fungior remove that cloud from out configuration temporarily19:33
fungis/out/our/19:33
clarkbmaybe go ahead and push up a change to keep only the qcow2s post upload and if there are any further concerns they can be posted in review?19:34
fricklerwith a similar reasoning we might be ok with only keeping the latest local image and not multiple iterations?19:35
clarkbyes, though i'm not sure if nodepool can express that yet19:35
frickleryes, this was more of like another feature idea19:36
clarkb#topic Open Discussion19:37
clarkbThat took us to the end of the listed agenda but I forgot to add a couple things before sending it19:37
clarkb#link https://review.opendev.org/c/opendev/system-config/+/913686 Update Gitea to 1.21.819:37
clarkbThis fixes a number of bugs in gitea supposedly. Would be good to get that in to keep up to date19:38
clarkbAnd then separately etherpad released a 2.0 (and then very quickly a 2.0.1)19:38
clarkbThe changes to etehrpad appear to largely be in how etherpad is installed and managed (they use `pnpm` now I don't know what that means really yet)19:38
clarkbIt appears that this means we'll have to completely redo our docker image builds but I think the upgrade itself is straightforward as the db doesn't change19:39
fungipnpm seems to be a package manager for npm19:39
clarkbif anyone else wants to look into that please feel free. Our current image is basically a fork of their image because they weren't reliably rebuilding their images for nodejs security issues19:39
clarkbSo we need to port our fork over to the new stuff and then test the result19:39
fungihttps://pnpm.io/19:39
clarkbyou'll note that npm is a package manager itsefl19:40
clarkbso now we have package manager managers19:40
fungilooks like a meta package manager that tries to use some sort of caching file tree19:40
fungithrows around terms like "content-addressable storage"19:40
clarkbif I end up looking at this it will almost certainly be a post PTG task for me19:41
clarkband post PTG is probably fine since big update to etherpad pre PTG are scary19:41
fungialso looks like pnpm positions itself as a more efficient replacement for npm19:41
clarkbAnything else?19:42
clarkbI feel like there is a lot but we're moving slowly due to the openstack release. I bring that up to reassure people its ok19:43
clarkbpriorities and all that19:43
fungipnpm seems to also try t replace yarn19:43
clarkbfungi: the js community never found a tool that was too good to replace19:44
fungii secretly replaced the js community with folgers crystals19:44
clarkbsounds like that may be it19:46
clarkbThanks everyone!19:46
clarkb#endmeeting19:46
opendevmeetMeeting ended Tue Mar 19 19:46:15 2024 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)19:46
opendevmeetMinutes:        https://meetings.opendev.org/meetings/infra/2024/infra.2024-03-19-19.00.html19:46
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/infra/2024/infra.2024-03-19-19.00.txt19:46
opendevmeetLog:            https://meetings.opendev.org/meetings/infra/2024/infra.2024-03-19-19.00.log.html19:46
fungithanks clarkb!19:46

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!