Tuesday, 2024-10-01

clarkbmeeting time19:00
clarkb#startmeeting infra19:00
opendevmeetMeeting started Tue Oct  1 19:00:31 2024 UTC and is due to finish in 60 minutes.  The chair is clarkb. Information about MeetBot at http://wiki.debian.org/MeetBot.19:00
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.19:00
opendevmeetThe meeting name has been set to 'infra'19:00
clarkb#link https://lists.opendev.org/archives/list/service-discuss@lists.opendev.org/thread/EOYNPX5IPPB3CCX6YA574BPPQEGSYGGH/ Our Agenda19:01
clarkb#topic Announcements19:02
clarkbA reminder that the CFP for the SCaLE open infra day is open until november 119:02
clarkb#link https://www.socallinuxexpo.org/scale/22x/events/open-infra-days CFP for Open Infra Days event at SCaLE is open until November 119:02
clarkband a heads up that I've got some family stuff that I'll need to work through in the near future and will likely be afk for a few days in the near future. Unfortunately, the timing for that isn't known yet but I'll do my best to update when I do know19:02
fungii'm mostly around until oid-na, do what you need to do19:03
clarkbthanks!19:04
clarkb#topic OpenStack Release Wednesday19:04
clarkbI wasn't sure if this deserved its own topic or a listing under announcements so it goes first and it can be both19:04
clarkbTomorrow openstack will be making its 2024.2 release19:04
clarkbthe process for that should start at around 10:00 UTC and end approximately 15:00 UTC19:05
clarkb#link https://review.opendev.org/c/openstack/project-config/+/930709 will be landed prior to the release to remove a semaphore that slows things down19:05
clarkbthis change is one that fungi will land todayish I think to streamline the release process19:05
fungitoday's secret word is "slushy"19:05
clarkbplease be on the lookout for any problems that need addressing and avoid making changes that are risky for the release for the next 24 hours or so19:05
fungii'll be up and around starting at 10:00 utc hopefully, to make sure things go smoothly19:06
clarkbI too will try to have an early start but not that early19:06
clarkb#topic Rocky Package Mirror Creation19:07
clarkbI kept this on the agenda because it helps remind me that its a thing to pay attention to but I don't see a change for it yet19:07
clarkb#topic Rackspace's Flex Cloud19:08
clarkbNo progress from me on figuring out swift here yet19:08
fungiit got a rave review in the tc meeting today at least19:08
clarkbyes people are noticing the nodes are much faster. More confirmation the smaller flavor type isn't inherently an issue19:08
clarkbUnfortunately I haven't found time to dig into the swift stuff for this cloud yet19:08
funginoonedeadpunk thought some jobs had broken at first, because they completed so quickly19:09
clarkbthere have been too many distractions and doing so is relatively low on the priority list as it is all new19:09
clarkbI'd like to say I'll definitely dig into it this week but with other tsuff going on I know I can't commit to that19:10
clarkbothers should feel free to do so if they have time otherwise I'll do my best to look at it when I'm able19:10
clarkbalso corvus tracked down a zuul ci issue that was related to the lower cpu count. TL;DR is that a file leak in zuul's test suite was able to get bad enough to hit ulimits because there are fewer processes running due to fewer CPUs so more files leaked per process19:11
clarkbsomething to be aware of as neutron indicated they may be seeing similar problems19:11
clarkb#topic Updating ansible+ansible-lint versions in our repos19:11
clarkb#link https://review.opendev.org/c/openstack/openstack-zuul-jobs/+/926970 is the last current open change related to this work19:12
clarkbfrickler requested that this change land after the openstack release which is totally reasonable19:12
clarkbreviews should be safe in case there is any feedback before the release happens. Otherwise it would be great to try and land this late this week after the reelase19:12
clarkbTL;DR is bump linter node to noble, run under python3.12, update tools and rules to accomodate the newer runtime19:12
clarkb#topic Zuul-launcher image builds19:14
corvusthe image build and upload framework in zuul has merged... (full message at <https://matrix.org/oftc/media/v1/media/download/AbsFEYtLzL6EMVsMURDijbX4sw0oCDiLKWKVOxLTJDvGT5CncMMaFkgpii4wKT0M3Rv9N7YS3kIA83xGROOOBtpCeSSzjL6wAG1hdHJpeC5vcmcvYVdTTU5TSnptcVhHU011bXN0TlF0cE9u>)19:14
corvusoh dear19:14
corvusthe image build and upload framework in zuul has merged19:14
corvusthat means if we were using aws, we could try building and uploading images today19:14
corvusbut we aren't, so, here are the current work streams to get us there:19:14
corvus1) corvus: working on adding openstack driver19:14
corvus2) clarkb: getting object storage upload ready in rax-flex to use as intermediate storage19:14
corvus3) tonyb: adding image build jobs for more distros19:14
corvus4) anyone: actually spin up new launcher19:15
corvus[there we go]19:15
clarkbcorvus: any concern with the limited config checking that we updated to after the weekend rollout of the initial update?19:15
clarkbI think that was related to this19:15
corvusnah, that was only a "nice to have" to help users find issues early19:15
corvus the real check happens at runtime19:15
corvusincidentally, i believe the fix for that should be to just permanently remove that early check.19:16
corvushttps://review.opendev.org/930942 (for reference)19:16
clarkbgot it so from a safety/correctness perspective we're good. It is just error reporting we were trying to make friendly for people19:16
corvusyep19:16
clarkbanything else to add? sounds like we're still making steady progress even if I'm failing to figureo ut swift19:17
corvusi'm hoping to have the openstack driver ready enough for this within a few days19:17
corvusif we don't get rax-flex swift worked out, we could use one of our existing object stores19:18
corvus(then switch at any time when ready)19:18
clarkbmakes sense those images should mostly be ephemeral in that container anyway.19:18
corvusyeah, i'm expecting to give them a ttl of like 72 hours or something for early testing19:19
corvus[that's it from me]19:19
clarkb#topic OpenStack OpenAPI spec publishing19:20
clarkbI wanted to followup on this to note that frickler left a comment and I tried to expand on it. No response since.19:20
clarkbfungi: not sure if we want to try and set up time for a synchronous discussion just to get things moving forward?19:20
clarkbprobably don't need to wait for the PTG to do that, though frickler is out until about then unfortunately19:20
clarkb#link https://review.opendev.org/92193419:22
clarkbis the change in question19:22
fungiyeah, it doesn't seem urgent, the change was opened in... may?19:22
clarkbthats part of my concern. Yes probably not urgent but also we've probably ignored it for long enough19:22
clarkbI'd be happy to try and sit in on some more focused conversation around this to find a conclusion. Though as noted earlier my availability may be limtied. I think I've written down my concerns well enough that you or others could convey them successfully though19:23
clarkbwe don't have to solve that now though. Just wanted to throw that idea out there19:25
clarkb#topic Upgrading old servers19:25
clarkbI don't see new updates on the mediawiki stack since I last reviewed it19:25
clarkbI know it is super early in australia so don't expect tonyb is here right now. I believe that should get better after we both DST switch and it will be an hour later for tonyb 19:26
clarkbanything else related to booting new servers / server upgrades?19:26
clarkbsounds like no, but our next topic does overlap a bit19:28
clarkb#topic Docker compose plugin with podman service for servers19:28
clarkb#link https://review.opendev.org/923084 is a demo (in the Zuul repo) of using docker compose v2 plugin with system podman service19:28
corvus#link https://review.opendev.org/923084 a demo (in the Zuul repo) of using docker compose v2 plugin with system podman service19:28
corvusjinx (sorry!)19:28
clarkbheh no problem19:28
clarkbtake it away19:28
corvusThis would let us host opendev images on quay.io (or any non-dockerhub site) and use speculative images19:28
corvusSome caveats (seen in the change):19:28
corvusunconfined apparmor profile to work around https://bugs.launchpad.net/ubuntu/+source/libpod/+bug/204048319:28
corvusbuildx startup probably not an issue since we don't use docker compose image builds: https://github.com/docker/buildx/issues/34419:29
corvus need to set DOCKER_HOST env variable (system-wide bashrc?  maybe a docker context? other options?)19:29
corvusthat looks pretty workable for us19:29
corvusi don't think any of those 3 things are huge blockers -- and the apparmor confinement thing should work itself out eventually19:29
clarkbya the other caveat is that we probably can't reliably do this until noble? (maybe jammy?) just because podman installation on debuntu before then is tricky19:29
corvusoh yeah that too :)19:29
clarkbbut ya that list of issues seems workable19:30
fungii think it was noble we needed19:30
corvusso i think my questions for the group would be: 1) any [other] technical blockers?  2) does it sound like a good idea/ something we want to do?19:30
corvusi mean, it's still podman, and we've had surprises there.19:30
clarkbya I think the main unknown is just how podman will continue to work over time19:31
corvusbut podman running as a systemd service should be the least problematic podman.19:31
clarkbbut the goal of hosting our images on quay instead of docker hub is still worthwhile I think19:31
clarkbmaybe a good next step here is picking a relatively self contained service that we can update to noble then convert it over?19:31
clarkbsomething like paste?19:31
corvussounds like a good idea to me19:32
clarkbsimple enough to be doable relatively quickly but close enough to everything else to be illustrative19:32
clarkband if that doesn't expose any new major issues we can proceed to swap everything else over? Probably as part of server upgrades?19:32
corvus++19:33
clarkbside note: you can apparently use ipv6 address literals with docker ce now. But I think podman's insistence that they emulate docker bugs means they haven't quite done the same yet? THough there are some shared libs so maybe it just works there too19:33
clarkbas the sort of potential problems we might run into due to using different tools think ^ as an example19:33
corvusgood point19:34
fungibug-compatible with old docker releases19:34
clarkbthank you for digging into this. The composability of these tools is a really neat feature and I think also reduces potential risk for making changes like this (as we should be able to rollback in theory (with some cost))19:34
corvus(and testing that particular issue is challenging in our environment currently)19:34
clarkbas far as setting the env var maybe we use a wrapper tool19:35
clarkbthen as long as we consistently use the wrapper we don't have to think about it19:35
clarkbwe could even call it `docker-compose` >_>19:36
fungihas a nice ring to it19:36
corvusthere's a thing called contexts... i think we might be able to use that to our advantage and have it just work19:36
corvus(like, that becomes a permanent client configuration for root)19:36
corvusbut i haven't tested it19:37
clarkboh interesting19:37
corvusie, the config would say the current docker "context" is the one at /var/run/podman.socket19:38
corvusso any docker command run by root would use that19:38
corvusat least, that's my understanding based on my own imagination after reading the docs for at least 10-15 seconds19:38
clarkbsomething to look at as paste (or similar) gets an updated config19:38
corvus++19:38
clarkbanything else on this topic? I think we may end early today19:38
corvusthat's it from me19:39
clarkb#topic Open Discussion19:39
clarkbanything else?19:39
clarkbsounds like that may be everything. Thank you everyone!19:41
corvusthanks!19:41
clarkbI won't promise we'll be back here next week as it is possible someone else will have to run the meeting19:41
clarkbbut we'll aim for that and if anything changes I'll let you know19:41
clarkb#endmeeting19:41
opendevmeetMeeting ended Tue Oct  1 19:41:54 2024 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)19:41
opendevmeetMinutes:        https://meetings.opendev.org/meetings/infra/2024/infra.2024-10-01-19.00.html19:41
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/infra/2024/infra.2024-10-01-19.00.txt19:41
opendevmeetLog:            https://meetings.opendev.org/meetings/infra/2024/infra.2024-10-01-19.00.log.html19:41
fungithanks clarkb!19:45

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!