Tuesday, 2021-06-01

« Monday, 2021-05-31 Index Wednesday, 2021-06-02 »
*** G________ has joined #openstack-ansible00:06
opendevreviewMerged openstack/openstack-ansible-os_nova master: Dynamically compute nova_scheduler_host_subset_size value  https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/79196500:24
opendevreviewMerged openstack/openstack-ansible-os_sahara master: Fix linters  https://review.opendev.org/c/openstack/openstack-ansible-os_sahara/+/79224101:01
*** miloa has joined #openstack-ansible04:31
*** G________ has quit IRC06:31
noonedeadpunkmornings06:35
ebbexmornin'06:59
*** andrewbonney has joined #openstack-ansible07:19
noonedeadpunkok, so I guess I've figured out what makes bullseye lxc to fail - it doesn't like specificly `lxc.mount.auto = proc:rw sys:ro cgroup:ro`07:21
*** ebbex has quit IRC07:30
*** ebbex has joined #openstack-ansible07:31
*** rpittau|afk is now known as rpittau07:44
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-lxc_hosts master: Add debian bullseye support  https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/79389507:44
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-lxc_container_create master: Add Debian Bullseye support  https://review.opendev.org/c/openstack/openstack-ansible-lxc_container_create/+/79389607:44
*** tosky has joined #openstack-ansible07:48
*** tosky has quit IRC07:48
*** jrosser has joined #openstack-ansible07:52
*** tosky has joined #openstack-ansible08:08
*** luksky has joined #openstack-ansible08:28
noonedeadpunkbut then faced https://github.com/lxc/lxc/issues/277808:36
opendevreviewMerged openstack/openstack-ansible master: Bump ansible-lint version  https://review.opendev.org/c/openstack/openstack-ansible/+/79215408:42
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Update contributors guide to reflect IRC network change  https://review.opendev.org/c/openstack/openstack-ansible/+/79320709:24
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Replace deprecated UPPER_CONSTRAINTS_FILE variable  https://review.opendev.org/c/openstack/openstack-ansible/+/79169309:24
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Bump ansible-base to 2.10.10  https://review.opendev.org/c/openstack/openstack-ansible/+/79129309:25
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Add hardening specific variables to tests  https://review.opendev.org/c/openstack/openstack-ansible/+/79263909:25
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Always use checkout for git_requirements library  https://review.opendev.org/c/openstack/openstack-ansible/+/79101109:25
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Fix sahara backend URL  https://review.opendev.org/c/openstack/openstack-ansible/+/79199909:26
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Gather additional required facts to min  https://review.opendev.org/c/openstack/openstack-ansible/+/78977609:29
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Gather minimal facts in CI  https://review.opendev.org/c/openstack/openstack-ansible/+/79004209:29
opendevreviewMerged openstack/openstack-ansible-os_nova master: Add libcapstone4 pinning from backports  https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/79289809:52
*** sshnaidm|off is now known as sshnaidm09:57
*** sshnaidm has joined #openstack-ansible09:58
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-lxc_hosts master: Replace linters test with integarted one  https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/79393710:03
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-lxc_container_create master: Replace linters test with integarted one  https://review.opendev.org/c/openstack/openstack-ansible-lxc_container_create/+/79393810:05
opendevreviewMerged openstack/openstack-ansible master: Update contributors guide to reflect IRC network change  https://review.opendev.org/c/openstack/openstack-ansible/+/79320710:08
opendevreviewMerged openstack/openstack-ansible-os_magnum master: Define region for Magnum trust  https://review.opendev.org/c/openstack/openstack-ansible-os_magnum/+/79358510:15
toskyhello again! The linting fix was merged but the sahara functional job is still failing: https://review.opendev.org/c/openstack/sahara/+/791882/10:16
toskydid you say it need to be changed?10:17
jrosserlooks like this is missing a default for when the compute_hosts group is empty https://opendev.org/openstack/openstack-ansible-os_nova/commit/56fdbfe0d8af179a290663fe693a47da649e3f1410:39
*** odyssey4me has joined #openstack-ansible11:41
noonedeadpunkouch11:43
*** sshnaidm has quit IRC11:51
*** admin1 has quit IRC11:52
*** sshnaidm has joined #openstack-ansible11:59
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_nova master: Don't rely on compute_hosts existance  https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/79395411:59
*** admin1 has joined #openstack-ansible12:01
noonedeadpunktosky: ^ this should fix it, sorry for the trouble12:01
toskynoonedeadpunk: oh, thanks!12:02
noonedeadpunkbut I suspect that test is somehow weird...12:04
noonedeadpunkwill try to get some time for checking it out (actually replacing) in upcoming weeks12:05
*** admin1 has quit IRC12:07
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Always use checkout for git_requirements library  https://review.opendev.org/c/openstack/openstack-ansible/+/79101112:21
*** tbarron has quit IRC12:52
*** rpittau is now known as rpittau|afk12:57
*** G________ has joined #openstack-ansible13:00
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: [DNM] Add Debian Bullseye support  https://review.opendev.org/c/openstack/openstack-ansible/+/78360613:06
*** tbarron has joined #openstack-ansible13:07
*** frenzy_friday has joined #openstack-ansible13:43
opendevreviewMerged openstack/openstack-ansible-os_octavia master: Add variables for rabbitmq ssl configuration  https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/79173113:52
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_cinder master: Remove obsoleted packages  https://review.opendev.org/c/openstack/openstack-ansible-os_cinder/+/79397413:59
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: [DNM] Add Debian Bullseye support  https://review.opendev.org/c/openstack/openstack-ansible/+/78360614:02
noonedeadpunkok, so bullseye lxc works now at least :)14:18
jrosserwas it systemd related stuff?14:19
*** G________ has quit IRC14:24
*** G________ has joined #openstack-ansible14:24
*** G________ has quit IRC14:25
*** spatel has joined #openstack-ansible14:25
opendevreviewMerged openstack/openstack-ansible master: Bump ansible-base to 2.10.10  https://review.opendev.org/c/openstack/openstack-ansible/+/79129314:31
opendevreviewMerged openstack/openstack-ansible master: Replace deprecated UPPER_CONSTRAINTS_FILE variable  https://review.opendev.org/c/openstack/openstack-ansible/+/79169314:32
opendevreviewMerged openstack/openstack-ansible master: Fix sahara backend URL  https://review.opendev.org/c/openstack/openstack-ansible/+/79199914:32
*** gouthamr_ has joined #openstack-ansible14:35
opendevreviewMerged openstack/openstack-ansible-lxc_container_create master: Replace linters test with integarted one  https://review.opendev.org/c/openstack/openstack-ansible-lxc_container_create/+/79393814:43
*** opendevreview has quit IRC14:44
*** gouthamr has joined #openstack-ansible14:47
*** opendevreview has joined #openstack-ansible14:49
opendevreviewMerged openstack/openstack-ansible master: Add hardening specific variables to tests  https://review.opendev.org/c/openstack/openstack-ansible/+/79263914:49
noonedeadpunk#startmeeting openstack_ansible_meeting15:02
opendevmeetMeeting started Tue Jun  1 15:02:05 2021 UTC and is due to finish in 60 minutes.  The chair is noonedeadpunk. Information about MeetBot at http://wiki.debian.org/MeetBot.15:02
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.15:02
opendevmeetThe meeting name has been set to 'openstack_ansible_meeting'15:02
noonedeadpunk#topic rollcall15:02
noonedeadpunko/15:03
jrossero/ hello15:04
noonedeadpunk#topic office hours15:07
noonedeadpunkOk, so proably worth discussing irc change?15:07
noonedeadpunkPatch to docs have merged, but I'm not sure about the best way to update all our members with that15:08
noonedeadpunkconsidering we can't change topic now15:08
noonedeadpunkAnd I actually didn't got TC recomendation about having volunteers :(15:08
jrosseri forget to stay in the freenode channel, perhaps worth rejoining to herd people over to here15:08
noonedeadpunk*didn't get15:08
noonedeadpunkI'm keeping an eye on the channel15:09
noonedeadpunk*old one15:09
*** opendevreview has quit IRC15:09
*** gshippey has joined #openstack-ansible15:09
noonedeadpunkI wonder if it's worth to write independent ML as well15:10
noonedeadpunkI guess no, as one has been sent with [all] tag...15:10
noonedeadpunkand according to ppl number in channels, at least 50% have moved here15:11
*** gouthamr_ has quit IRC15:12
noonedeadpunkSo probably we can just keeping an eye for some time and redirect using link to the https://docs.openstack.org/openstack-ansible/latest/contributor/contributing.html#irc-channel15:12
*** gouthamr has quit IRC15:13
noonedeadpunkoh, btw I did some cleanup of the projects wiki pages15:13
noonedeadpunkand dropped all stuf from 2015 from there...15:14
*** gouthamr has joined #openstack-ansible15:14
noonedeadpunk#idea we can continue keeping track of our etherpads on https://wiki.openstack.org/wiki/OpenStack-Ansible15:15
jrosseroh yes that would be helpful15:15
noonedeadpunkI put there only the last ones I could recall15:15
noonedeadpunk#agreed to use project wiki page for keeping track on etherpads15:17
*** gouthamr is now known as identify15:18
noonedeadpunkok, so another thing is bulsseye15:18
jrossershould we go over what is outstanding in order to branch for W15:18
jrosseroh yes15:18
noonedeadpunkI got lxc working now15:19
jrosserahha, was it systemd?15:19
noonedeadpunkyes and it also required extra cgroups permissins15:19
jrosserthere was related chatter in #lxc irc channel last night15:19
noonedeadpunk*permissions15:19
*** gouthamr has joined #openstack-ansible15:19
noonedeadpunkso I switched from ro to mixed15:19
jrosserhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=82539415:20
opendevmeetDebian bug 825394 in systemd "systemd kill background processes after user logs out" [Normal,Fixed]15:20
noonedeadpunkWell, systemd is "broken" since 2019 in this regard15:20
noonedeadpunk*apparmor15:20
jrosserhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=98931715:20
opendevmeetDebian bug 989317 in systemd "systemd kill background processes after user logs out (#825394 regression)" [Normal,Open]15:20
noonedeadpunkbut we use unconfined profile anyway15:20
*** identify has quit IRC15:20
noonedeadpunkno, that wasn't it15:21
jrosserunconfined had to come in for buster15:21
noonedeadpunkthat was more apparmour and systemd-networkd in terms of trying to do weird mounts15:21
noonedeadpunkyeah, but we set it explicitly for 10 only:)15:21
jrosseraaaahhhh15:22
noonedeadpunkand 11 was missing templates and this thing https://review.opendev.org/c/openstack/openstack-ansible-lxc_container_create/+/793896/1/tasks/lxc_container_config.yml15:22
noonedeadpunkeventually that was the reason why containers were not starting at all15:23
noonedeadpunkthe only thing that stopps us is still linters. as eventually I missed some roles with automated patching15:24
noonedeadpunkbecause they were using template with linters included15:24
jrosseri need to revisit the pki role patch to the openstack-ansible repo15:25
jrossermove things to group_vars and make some better docs15:25
*** opendevreview has joined #openstack-ansible15:25
opendevreviewMerged openstack/openstack-ansible-lxc_hosts master: Replace linters test with integarted one  https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/79393715:25
noonedeadpunkyeah, that's I guess close to last blocker for us15:25
noonedeadpunkbut docs we can do even after branching with follow-up15:26
noonedeadpunkeventually, we can do even RC1 without branching15:26
noonedeadpunkbut it still better to be usable15:26
noonedeadpunkoh, well! we also must merge our facts gathering issue15:27
noonedeadpunkhttps://review.opendev.org/c/openstack/openstack-ansible/+/79004215:28
noonedeadpunkah, you just voted :)15:28
noonedeadpunkand we need to also fix linters on V, as things are bad there as well15:31
noonedeadpunkBut I think we should just workaround there somehow15:31
noonedeadpunkWill try to look into this as well15:31
jrosseroh hmm i wonder if we have circular dependancies on the PKI stuff too15:31
jrosserin order to merge the rabbitmq and haproxy changes15:31
noonedeadpunkhttps://review.opendev.org/c/openstack/openstack-ansible/+/788031 looks like mergable?15:32
noonedeadpunkWe just need to drop WIP from topic15:33
jrosserthats the one where user_variables_pki needs to go to group vars, but yes that can merge15:33
noonedeadpunkahhh15:33
opendevreviewMerged openstack/openstack-ansible-os_nova master: Don't rely on compute_hosts existance  https://review.opendev.org/c/openstack/openstack-ansible-os_nova/+/79395415:36
noonedeadpunkhaproxy should probably depend on https://review.opendev.org/c/openstack/openstack-ansible/+/78803115:36
noonedeadpunkand then they all should be able to merge hopefully?15:36
noonedeadpunkbtw, we have a fresh bug https://bugs.launchpad.net/openstack-ansible/+bug/193027615:37
opendevmeetLaunchpad bug 1930276 in openstack-ansible "Nova API not restarted when nova policy is updated" [Undecided,New] - Assigned to Dmitriy Rabotyagov (noonedeadpunk)15:37
opendevreviewJonathan Rosser proposed openstack/openstack-ansible-haproxy_server master: Use external PKI role to manage haproxy self-signed certificates  https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/79007815:37
noonedeadpunkI haven't triaged it yet, was jsut about to start reproducing it15:37
noonedeadpunkI believe I saw how policies are applied on fly without service restart...15:38
jrosseroh interesting15:38
noonedeadpunkand I pushed all policy-to-yaml keeping that in mind...15:38
noonedeadpunkso it might be potentially another blocker15:39
noonedeadpunknot for RC1 but for branching maybe15:39
noonedeadpunkMy plan would be to do RC1 as soon as we land PKI15:40
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Don't collect virtual facts  https://review.opendev.org/c/openstack/openstack-ansible/+/78992615:41
jrosserhmm looks complicated https://github.com/openstack/oslo.policy/blob/92eae81048b392f140e35e060e4c66195a08613e/oslo_policy/policy.py#L59815:42
noonedeadpunkoh, so like if policy file was not present, it won't be loaded without restart?15:43
jrosserwell the whole force_reload thing makes me wonder too - theres a layer of caching15:47
noonedeadpunkIt can leverage inotify for example15:47
noonedeadpunkbut then indeed not existent file won't be checked15:48
noonedeadpunkI wonder if jsut creating empty policy file is a good solution if that's how it works15:48
jrosserhttps://github.com/openstack/oslo.policy/blob/master/oslo_policy/_cache_handler.py#L2515:48
jrossernot totally sure i understand why a restart fixes it15:51
jrosserwell or rather why it's not picked up15:52
noonedeadpunkok, so looking at it it seems like the same behaviour for non existent file and caching?15:52
noonedeadpunkI wonder actually what version it's about15:53
noonedeadpunkbut worth testing in aio anyway imo15:54
noonedeadpunkAs I can't fully understand code right now...15:54
noonedeadpunkI mean read_cached_file returns True in both cases...15:55
jrossermaybe also worth asking the oslo people what the expected behaviour is15:56
jrosserseems like it maybe up to other projects to call Enforcer.load_rules when they see fit15:57
noonedeadpunkyeah, might be...15:58
jrosserwell it's in the docs actually `Whenever an API call to an OpenStack service is made, the service’s policy engine uses the appropriate policy definitions to determine if the call can be accepted. Any changes to policy.yaml are effective immediately, which allows new policies to be implemented while the service is running.`16:01
jrosserhttps://docs.openstack.org/oslo.policy/latest/admin/policy-yaml-file.html16:02
noonedeadpunkBut I still can imagine different thing happen in reality in case policy.yaml doesn't exist... But yes, I totally saw things happening like this...16:03
noonedeadpunk*like written in the doc16:04
noonedeadpunk#endmeeting16:04
opendevmeetMeeting ended Tue Jun  1 16:04:12 2021 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)16:04
opendevmeetMinutes:        http://eavesdrop.openstack.org/meetings/openstack_ansible_meeting/2021/openstack_ansible_meeting.2021-06-01-15.02.html16:04
opendevmeetMinutes (text): http://eavesdrop.openstack.org/meetings/openstack_ansible_meeting/2021/openstack_ansible_meeting.2021-06-01-15.02.txt16:04
opendevmeetLog:            http://eavesdrop.openstack.org/meetings/openstack_ansible_meeting/2021/openstack_ansible_meeting.2021-06-01-15.02.log.html16:04
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-os_neutron master: Replace py2 httplib2 package with py3 alternative  https://review.opendev.org/c/openstack/openstack-ansible-os_neutron/+/79400216:06
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: [DNM] Add Debian Bullseye support  https://review.opendev.org/c/openstack/openstack-ansible/+/78360616:06
*** miloa has quit IRC16:44
*** CeeMac has joined #openstack-ansible17:34
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible-lxc_hosts master: Add debian bullseye support  https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/79389517:59
*** andrewbonney has quit IRC18:10
*** Gue______ has quit IRC19:02
*** Gue______ has joined #openstack-ansible19:11
*** ioni has quit IRC19:28
*** spatel has quit IRC19:59
*** ioni has joined #openstack-ansible20:06
*** cmart has joined #openstack-ansible21:51
cmarttesting21:51
*** luksky has quit IRC21:59
*** cmart has quit IRC22:01
*** odyssey4me has quit IRC22:06
*** spatel has joined #openstack-ansible22:10
*** spotz has joined #openstack-ansible23:01
spotzhelps to spell the channel name corrrectly23:01
*** tosky has quit IRC23:11
*** masterpe[m] has joined #openstack-ansible23:39
*** kleini_ has joined #openstack-ansible23:40
*** frenzy_friday has quit IRC23:42
*** kleini has quit IRC23:43
*** frenzy_friday has joined #openstack-ansible23:43
« Monday, 2021-05-31 Index Wednesday, 2021-06-02 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!