Wednesday, 2021-09-15

« Tuesday, 2021-09-14 Index Thursday, 2021-09-16 »
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Rocky Linux  https://review.opendev.org/c/openstack/kolla/+/80900105:34
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Rocky Linux  https://review.opendev.org/c/openstack/kolla/+/80900105:35
yoctozeptomloza: yes, you can even stuff any extra config to configure arbitrary backends06:04
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Rocky Linux  https://review.opendev.org/c/openstack/kolla/+/80900106:04
opendevreviewPierre Riteau proposed openstack/kayobe stable/wallaby: Fix typo in IP allocation filename  https://review.opendev.org/c/openstack/kayobe/+/80913407:49
opendevreviewPierre Riteau proposed openstack/kayobe stable/victoria: Fix typo in IP allocation filename  https://review.opendev.org/c/openstack/kayobe/+/80913507:49
opendevreviewPierre Riteau proposed openstack/kayobe stable/ussuri: Fix typo in IP allocation filename  https://review.opendev.org/c/openstack/kayobe/+/80913607:50
opendevreviewPierre Riteau proposed openstack/kayobe stable/train: Fix typo in IP allocation filename  https://review.opendev.org/c/openstack/kayobe/+/80913707:50
mgoddardmorning07:59
mgoddardlet's finally merge this one: https://review.opendev.org/c/openstack/kolla-ansible/+/782916/07:59
opendevreviewMichal Arbet proposed openstack/kolla-ansible master: Add mariadb arbitrator to mariadb role  https://review.opendev.org/c/openstack/kolla-ansible/+/78081108:01
opendevreviewMichal Arbet proposed openstack/kolla-ansible master: [CI] Test Mariadb-Arbitrator with shards in the nova cells scenario  https://review.opendev.org/c/openstack/kolla-ansible/+/78097008:01
opendevreviewMark Goddard proposed openstack/kayobe stable/ussuri: Use ansible_facts to reference facts  https://review.opendev.org/c/openstack/kayobe/+/80893208:07
mnasiadkamgoddard: done deal08:26
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Rocky Linux  https://review.opendev.org/c/openstack/kolla/+/80900108:40
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Introduce github downloads macro  https://review.opendev.org/c/openstack/kolla/+/79283309:22
opendevreviewMerged openstack/kolla-ansible master: gnocchi: fix external ceph integration when gnocchi-statsd is disabled  https://review.opendev.org/c/openstack/kolla-ansible/+/78291609:33
opendevreviewMerged openstack/kayobe master: Fix typo in inspector.yml  https://review.opendev.org/c/openstack/kayobe/+/80899609:55
opendevreviewMerged openstack/kayobe master: Sync documentation with kolla_openstack_custom_config  https://review.opendev.org/c/openstack/kayobe/+/80891909:55
opendevreviewPierre Riteau proposed openstack/kayobe stable/victoria: CI: build CentOS Stream deployment images  https://review.opendev.org/c/openstack/kayobe/+/80916409:56
jingvarnice to see WIP: Rocky Linux  https://review.opendev.org/c/openstack/kolla/+/80900109:57
mnasiadkajingvar: It shouldn't be even called a WIP, it's far from that ;)10:17
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Introduce github downloads macro  https://review.opendev.org/c/openstack/kolla/+/79283310:22
hrwmnasiadka: you posted so many versions that it is clearly WIP10:46
mnasiadkahrw: yeah well, I wanted to say it needs a lot more work :)10:46
hrwand lot of it on rocky side too10:48
hrwthey do not even have wallaby10:48
mnasiadkahrw: and they won't most probably - I'm only thinking about source builds :)10:49
hrwmnasiadka: you ignored my comments10:55
mnasiadkahrw: no, I'm just keeping them for later - don't worry :)10:55
hrwok. ping me when it will be ready for review10:56
mnasiadkawill do10:57
opendevreviewPierre Riteau proposed openstack/kayobe stable/victoria: CI: build CentOS Stream deployment images  https://review.opendev.org/c/openstack/kayobe/+/80916411:10
mgoddardmnasiadka: it's good that the rocky release is long gone, or this would get confusing11:20
mnasiadkamgoddard: well, I think there are still some people using rocky, but yes - confusing :)11:21
hrwmnasiadka: but can we get rocky on rocky?11:49
mnasiadkahrw: surely!11:59
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Introduce github downloads macro  https://review.opendev.org/c/openstack/kolla/+/79283312:16
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Rocky Linux  https://review.opendev.org/c/openstack/kolla/+/80900112:27
*** amoralej is now known as amoralej|lunch12:45
bramkhi guys, does anyone knows how kayobe/kolla inject the stack/ansible/kayobe ssh users into the deployment image? it's not creating users either. thanks alot!12:50
opendevreviewVerification of a change to openstack/kayobe stable/wallaby failed: Fix typo in IP allocation filename  https://review.opendev.org/c/openstack/kayobe/+/80913412:51
mgoddardbramk: kayobe creates them during kayobe overcloud host configure13:06
*** amoralej|lunch is now known as amoralej13:25
bramkthank you13:28
bramkthx mark, but it seems that the ansible user which is required to execute kayobe-ansible-user.yml is missing. only users availble are ubuntu, root & devuser13:34
mgoddardbramk: which release are you using?13:38
bramkwallaby13:40
bramklatest commit: 42396caafe85c6686c5df3b2c99f6643888fa61013:41
bramkmy best guess is that the control01's configdrive contains a wrong public ssh key 13:42
mgoddardbramk: have you set os_distribution to ubuntu?13:43
bramkyes13:43
bramksince centos is EOL hehe13:43
mgoddardit should use the ubuntu user to connect13:43
*** lukas is now known as Guest734813:43
bramkso i should set kayobe_ansible_user to ubuntu?13:44
bramknvm, it keeps using `ansible`13:46
bramkthx mark, fixed.13:51
mlozayoctozepto: I have two ceph.conf in custom config folder, one is ceph.conf and the other ceph2.conf but the ceph2.conf doesn't copied to the host and container https://github.com/openstack/kolla-ansible/blob/master/ansible/roles/cinder/tasks/external_ceph.yml#L2-L20 14:17
mlozadoesn't get copied*14:18
yoctozeptomloza: ah, that might be tricky indeed, yeah; I don't think it is supported now; need to modify the playbooks14:28
opendevreviewMerged openstack/kayobe stable/train: Fix typo in IP allocation filename  https://review.opendev.org/c/openstack/kayobe/+/80913714:32
mnasiadka#startmeeting kolla15:00
opendevmeetMeeting started Wed Sep 15 15:00:25 2021 UTC and is due to finish in 60 minutes.  The chair is mnasiadka. Information about MeetBot at http://wiki.debian.org/MeetBot.15:00
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.15:00
opendevmeetThe meeting name has been set to 'kolla'15:00
mnasiadkaGood afternoon, sorry for the lack of pre-meeting notification, but was busy in a customer workshop.15:00
mnasiadka#topic rollcall15:00
mnasiadkamgoddard mnasiadka hrw egonzalez yoctozepto rafaelweingartne cosmicsound osmanlicilegi bbezak parallax Fl1nt - meeting in progress15:01
mgoddard\o15:01
priteauo/15:02
mnasiadkao/15:02
parallax\o/15:03
mnasiadka#topic rollcall15:05
mnasiadkaups15:05
mnasiadka#topic agenda15:05
mnasiadka* Announcements15:06
mnasiadka* Review action items from the last meeting15:06
mnasiadka* CI status15:06
mnasiadka* Should we actually backport https://review.opendev.org/c/openstack/kolla-ansible/+/805449 ?15:06
mnasiadka* Discuss https://review.opendev.org/c/openstack/kolla-ansible/+/692179/ 15:06
mnasiadka* Release tasks15:06
mnasiadka* Xena cycle planning15:06
mnasiadka* Yoga PTG planning15:06
mnasiadka* Open discussion15:06
mnasiadka#topic Announcements15:07
mnasiadkaI have no announcements, and don't know about any other announcements to make. Let's move on.15:07
mnasiadka#topic Review action items from the last meeting15:07
mnasiadkaACTION: yoctozepto to point all deployments to quay.io15:07
mnasiadkachange in review - so let's say it's done.15:08
yoctozepto++15:08
mnasiadkaI haven't done my actions, so let me add them once again15:08
mnasiadka#action mnasiadka to update docs encouraging to build your own containers and run your own registry15:09
mnasiadka#action mnasiadka to create pull-retag-push blueprint based on kayobe RFE: https://storyboard.openstack.org/#!/story/200773115:09
mnasiadka#topic CI status15:09
mnasiadkaNo new breakages I assume? ;-)15:09
mnasiadkaKayobe has some issues with disk space on stable branches15:10
mnasiadkaIs there anybody handling that?15:10
priteauNot yet. I've just updated the white board15:11
priteauI was first thinking of adding some code looking for where disk space is used in the post-job role15:11
mgoddardI don't think it happens every time, does it?15:11
priteauNot every time, but quite often in upgrade jobs15:12
priteaue.g. https://zuul.opendev.org/t/openstack/builds?job_name=kayobe-overcloud-upgrade-centos8s&project=openstack%2Fkayobe&branch=stable%2Fwallaby15:12
mgoddardI have a patch for the monasca CI job: https://review.opendev.org/c/openstack/kolla-ansible/+/80768915:12
mnasiadkapriteau: if Zuul is reporting DISK_FULL - then it's on the executor and there's a limit, if it's in the job output itself - then it's in a different place.15:12
mgoddardpriteau: one major difference with kayobe vs kolla upgrade jobs is kayobe does baremetal testing15:14
mgoddardmaybe those disks push it over the limit15:14
mgoddard+1 to checking usage15:14
mnasiadkainfra has a way of checking what was the real disk usage in zuul logs (on the executor after a job has failed) - might just ask15:15
mnasiadkaok, I think it has enough traction - we just need to look into that15:16
mnasiadka#topic Should we actually backport https://review.opendev.org/c/openstack/kolla-ansible/+/805449 ?15:16
mnasiadkaShould we? Actually it's not good that we're automatically assuming docker-registry is insecure - but that's sort of a breaking change for users.15:18
yoctozeptoit's kind of prereq to switching to quay.io15:19
yoctozeptodue to the logic that will get triggered otherwise15:19
yoctozeptobut then again, we might only switch to quay.io xena+15:20
mgoddardthat suggests to me we can't backport quay15:20
yoctozeptomhm15:20
priteauI am worried that it could break some people who actually have a secure deployment already, for example because their registry is on an internal network only15:20
mnasiadkawhy prereq? we've been using docker hub as insecure? ;-)15:20
yoctozeptomnasiadka: dockerhub is not set as registry; it's builtin15:21
yoctozepto;-)15:21
mnasiadkaoh boy15:21
mnasiadkaI wouldn't like to be surprised as a user with that15:21
yoctozeptoI guess me neither; perhaps let's do both on xena only?15:22
opendevreviewPierre Riteau proposed openstack/kayobe master: CI: Log disk usage details  https://review.opendev.org/c/openstack/kayobe/+/80920915:22
mnasiadkaI agree, mgoddard seems to agree, yoctozepto seems to agree15:22
* yoctozepto always agrees to have less work15:23
mnasiadkaanybody disagrees?15:23
parallaxno :) 15:24
mnasiadka#agreed Not to backport change 805449 - quay.io will be default only on Xena+15:24
mnasiadka#topic Discuss https://review.opendev.org/c/openstack/kolla-ansible/+/692179/ 15:24
mgoddard1 sec15:24
mgoddardseems we forgot to update this: https://docs.openstack.org/kolla-ansible/latest/user/multinode.html15:24
mnasiadkaright15:25
mnasiadkayoctozepto: keen to follow up?15:25
mgoddardusers now need to set insecure if they run a registry15:25
mnasiadkaor have a secure registry15:25
opendevreviewPierre Riteau proposed openstack/kayobe stable/victoria: CI: build CentOS Stream deployment images  https://review.opendev.org/c/openstack/kayobe/+/80916415:25
mgoddardyes15:26
mnasiadkaMaybe a hacky guide how to do docker-registry with lets encrypt certs?15:26
mgoddardI meant if they follow those instructions15:26
mgoddardwould rather say nothing that provide a hacky guide :)15:26
mnasiadkaSo no guide then15:27
mnasiadkaBut docs update needed15:27
yoctozeptomnasiadka: what followup?15:27
mgoddardincluding insecure health warning15:27
mnasiadkayoctozepto: docs, see ^^15:28
yoctozeptoread, got it15:28
yoctozeptobut it gets changed with quay15:28
yoctozeptoso I'm not doing a noop change inbetween15:28
priteauLet's Encrypt only makes sense if you use a public domain name, right? I assume many places would have a local registry on a private network15:28
yoctozepto;p15:28
yoctozeptosee https://review.opendev.org/c/openstack/kolla-ansible/+/80848615:28
yoctozeptoI will fix it in there15:29
mnasiadkathat's the spirit15:29
mnasiadka#action yoctozepto to fix multinode docs after defaulting to secure registry15:30
mnasiadkaSo, let's get to the actual topic - which is the Keystone scoped auth15:31
mnasiadkawho is the actual owner of that change? I see 4 names in owner/uploader/committer/author15:31
headphoneJames let's say it is me15:31
mgoddardheadphoneJames is currently in scope15:32
headphoneJames I am the one driving this one forward during our current cycle15:32
mnasiadkaok, I see that a split to smaller changes has been agreed15:33
mgoddardbut who is driving this conversation? :)15:33
headphoneJames I understand we need to break this into smaller chunks, mgoddard has proposed a sensible approach15:33
mnasiadkaFantastic, two weeks to feature freeze - what is realistic to merge?15:34
mgoddardfirst chunk15:34
headphoneJamesyup15:35
headphoneJames it's a pretty small chunk15:35
headphoneJames just to use system scope for the keystone admin user15:35
mgoddardI'm away next week15:36
mnasiadkaOk then, so let's start with that15:36
headphoneJamesFor the second chunk, I need to go through the service user roles and  determine if they should have project scopes roles versus system scoped. 15:37
mgoddardso merging more might be difficult, unless others want to weigh in15:37
headphoneJamesI am not sure how to do that15:37
mgoddardYes. All roles are assigned in register.yml files15:37
mgoddardmostly using the service-ks-register role15:38
mgoddardso you can check *_ks_users and *_ks_user_roles15:38
mgoddardmostly this is just 'add <project, e.g. nova> user in service project with admin role'15:39
headphoneJamesI don't know which users require project scoped roles15:39
mgoddardthose ones should be system scoped15:39
mgoddardanything that veers away from that may be worth raising15:39
mnasiadkaMaybe let's start with the obvious ones, and keep discussing in the change about the ,,unsure'' ones?15:40
headphoneJamesalmost every *_ks_users have a service project defined15:40
mgoddardyes15:41
mgoddardshould we have a period where we assign roles with both system and project scope?15:42
mnasiadkaProbably that would be the safest choice.15:42
headphoneJamesThat is simple enough for the second chunk.15:43
mnasiadkaOk, so when the first and second chunk would be ready for initial reviews? Is it possible this week for chunk #1? (so mgoddard can lay out his thoughts before vacation)15:44
headphoneJamesI can get the first one done this week. I will try to have it for you tomorrow15:45
headphoneJames if not, I'll just focus the efforts in the next release15:45
mgoddardthat would be great, as friday is usually busy for me15:45
mgoddardalthough I suppose your tomorrow is my friday15:45
mnasiadkafriday before vacation is always busy :)15:46
headphoneJamesIt can get pushed to the next release if you don't have time on Friday15:46
mnasiadkaSurely some parts will get pushed to next release, but let's try to get something in.15:47
mnasiadkaOk then, let's continue15:49
mnasiadka#topic Release tasks15:49
mnasiadkaNone according to Kolla's release calendar.15:49
mnasiadka#topic Xena cycle planning15:49
mnasiadkaLet's try to look into the whiteboard if anything got merged.15:50
mnasiadkaAnsible - there are still two changes to merge - https://review.opendev.org/c/openstack/kolla-ansible/+/796758 and https://review.opendev.org/c/openstack/kolla/+/807279 - probably waiting for yoctozepto15:50
mnasiadkaSwift role looks like it's ready for reviews - https://review.opendev.org/c/openstack/kolla-ansible/+/79749815:53
mnasiadkamgoddard: do you think you can look into this tomorrow/Friday?15:53
mgoddardwill try15:53
mnasiadkakevko's proxysql topic seems to not get traction, I doubt we'll get it in this cycle...15:54
mnasiadkaI need to look into Kayobe reviews, will try tomorrow.15:55
mnasiadkaLet's move to Yoga15:55
mnasiadka#topic Yoga PTG planning15:56
mnasiadkamgoddard: do we need to do anything? Send a mail to ML about planned sessions and etherpad link?15:56
mgoddardI'm not sure if I sent one before, but it wouldn't hurt to remind if so15:57
mgoddard#link https://etherpad.opendev.org/p/kolla-yoga-ptg15:57
mnasiadka#action mnasiadka to send a mail to ML about Kolla PTG15:57
mgoddardare there any 'standard' topics to add?15:57
mgoddarde.g. core team cleanup15:58
mnasiadkaI'll add organizational topics, was thinking about that today.15:58
mnasiadkaok then15:59
mnasiadka#topic Open discussion15:59
mnasiadkaone minute left :)15:59
mnasiadkaAnybody has anything to discuss?15:59
mnasiadkaok, time to wrap up16:01
mnasiadka#endmeeting kolla16:01
opendevmeetMeeting ended Wed Sep 15 16:01:03 2021 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)16:01
opendevmeetMinutes:        https://meetings.opendev.org/meetings/kolla/2021/kolla.2021-09-15-15.00.html16:01
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/kolla/2021/kolla.2021-09-15-15.00.txt16:01
opendevmeetLog:            https://meetings.opendev.org/meetings/kolla/2021/kolla.2021-09-15-15.00.log.html16:01
mnasiadkaThanks for attending16:01
headphoneJamesthanks mnasiadka!16:01
mgoddardThanks mnasiadka 16:01
parallaxCheers16:02
*** amoralej is now known as amoralej|off16:13
opendevreviewMerged openstack/kayobe stable/ussuri: Fix typo in IP allocation filename  https://review.opendev.org/c/openstack/kayobe/+/80913616:31
opendevreviewJames Kirsch proposed openstack/kolla-ansible master: Support for keystone scoped authorization  https://review.opendev.org/c/openstack/kolla-ansible/+/69217916:53
opendevreviewMichal Arbet proposed openstack/kolla master: Add proxysql image  https://review.opendev.org/c/openstack/kolla/+/76938519:12
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Introduce github downloads macro  https://review.opendev.org/c/openstack/kolla/+/79283319:14
opendevreviewMichal Nasiadka proposed openstack/kolla-ansible master: Bump up Ansible max supported ver to 4.x  https://review.opendev.org/c/openstack/kolla-ansible/+/79675819:21
opendevreviewMichal Nasiadka proposed openstack/kolla-ansible master: Bump up Ansible max supported ver to 4.x  https://review.opendev.org/c/openstack/kolla-ansible/+/79675819:22
opendevreviewMichal Arbet proposed openstack/kolla master: Add proxysql image  https://review.opendev.org/c/openstack/kolla/+/76938519:45
opendevreviewMichal Nasiadka proposed openstack/kolla master: WIP: Rocky Linux  https://review.opendev.org/c/openstack/kolla/+/80900119:49
opendevreviewMichal Arbet proposed openstack/kolla-ansible master: Add proxysql support for database  https://review.opendev.org/c/openstack/kolla-ansible/+/77021519:57
opendevreviewMichal Arbet proposed openstack/kolla-ansible master: Edit services roles to support database sharding  https://review.opendev.org/c/openstack/kolla-ansible/+/77021619:57
opendevreviewMichal Arbet proposed openstack/kolla-ansible master: [CI] Test ProxySQL with shards in the nova cells scenario  https://review.opendev.org/c/openstack/kolla-ansible/+/77062119:57
opendevreviewMichal Arbet proposed openstack/kolla-ansible master: Move config.yml to config-node.yml in mariadb role  https://review.opendev.org/c/openstack/kolla-ansible/+/78356319:57
opendevreviewMichal Arbet proposed openstack/kolla-ansible master: Add mariadb arbitrator to mariadb role  https://review.opendev.org/c/openstack/kolla-ansible/+/78081119:57
opendevreviewMichal Arbet proposed openstack/kolla-ansible master: [CI] Test Mariadb-Arbitrator with shards in the nova cells scenario  https://review.opendev.org/c/openstack/kolla-ansible/+/78097019:57
opendevreviewVerification of a change to openstack/kayobe stable/victoria failed: Fix typo in IP allocation filename  https://review.opendev.org/c/openstack/kayobe/+/80913520:43
opendevreviewPierre Riteau proposed openstack/kayobe master: CI: Log disk usage details  https://review.opendev.org/c/openstack/kayobe/+/80920921:15
opendevreviewPierre Riteau proposed openstack/kayobe stable/wallaby: CI: Log disk usage details  https://review.opendev.org/c/openstack/kayobe/+/80921421:17
opendevreviewPierre Riteau proposed openstack/kayobe stable/victoria: CI: Log disk usage details  https://review.opendev.org/c/openstack/kayobe/+/80921521:18
opendevreviewPierre Riteau proposed openstack/kayobe stable/ussuri: CI: Log disk usage details  https://review.opendev.org/c/openstack/kayobe/+/80921621:18
*** osmanlicilegi is now known as Guest021:20
*** kmasterson is now known as Guest621:21
opendevreviewJames Kirsch proposed openstack/kolla-ansible master: Support for keystone scoped authorization  https://review.opendev.org/c/openstack/kolla-ansible/+/69217921:51
opendevreviewJames Kirsch proposed openstack/kolla-ansible master: Support for keystone scoped authorization  https://review.opendev.org/c/openstack/kolla-ansible/+/69217922:07
« Tuesday, 2021-09-14 Index Thursday, 2021-09-16 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!