Wednesday, 2021-12-01

« Tuesday, 2021-11-30 Index Thursday, 2021-12-02 »
opendevreviewPierre Riteau proposed openstack/kayobe master: Add overcloud_dib_upper_constraints_file variable  https://review.opendev.org/c/openstack/kayobe/+/81963005:28
opendevreviewPierre Riteau proposed openstack/kayobe master: Support building multiple disk images  https://review.opendev.org/c/openstack/kayobe/+/81251606:20
opendevreviewPierre Riteau proposed openstack/kolla-ansible master: Move project_name to role vars  https://review.opendev.org/c/openstack/kolla-ansible/+/81871406:32
opendevreviewPierre Riteau proposed openstack/kayobe master: Clean up release notes for Xena release  https://review.opendev.org/c/openstack/kayobe/+/81852106:39
DK4hello, any hints on how i can use prometheus to get opesntack metrics? i have grafana+prometheus enabled but i can only fetch system etrics of the host not openststack specific metrics of my deployment. any advice on how to enable that?09:08
priteauHello DK409:11
priteauenable_prometheus_openstack_exporter: yes09:11
jingvaryour metrics is your pain :)  as I remember grafana dashboard should be configured manualy 09:13
DK4jingvar: ye i know, but im just wondering if the openstack metrics can also be exported as i have only system ones. priteau: thanks ill try that09:15
opendevreviewPierre Riteau proposed openstack/kayobe master: Support building multiple disk images  https://review.opendev.org/c/openstack/kayobe/+/81251609:44
*** amoralej|off is now known as amoralej14:06
mnasiadkaoops15:01
mnasiadka#startmeeting kolla15:01
opendevmeetMeeting started Wed Dec  1 15:01:25 2021 UTC and is due to finish in 60 minutes.  The chair is mnasiadka. Information about MeetBot at http://wiki.debian.org/MeetBot.15:01
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.15:01
opendevmeetThe meeting name has been set to 'kolla'15:01
mnasiadkamgoddard mnasiadka hrw egonzalez yoctozepto rafaelweingartne cosmicsound osmanlicilegi bbezak parallax Fl1nt frickler adrian-a meeting now15:01
mnasiadka#topic rollcall15:01
adrian-ao/15:02
mnasiadkao/15:02
yoctozepto-cloneo/15:02
yoctozepto-clone(had to use a different nick because of issues with my webclient)15:03
mnasiadkaclones welcome15:03
mnasiadka#topic agenda15:05
mnasiadka* Review action items from the last meeting15:05
mnasiadka* CI status15:05
mnasiadka* Release tasks15:05
mnasiadka* Yoga cycle planning15:05
mnasiadka* Python3.6 support removal in Yoga15:05
mnasiadka* Open discussion15:05
mnasiadka#topic Review action items from the last meeting15:05
mnasiadkamnasiadka to triage security bugs and update them with resolution plan (if needed)15:06
mnasiadkayoctozepto hide properly init-runonce15:06
mnasiadkanot forget to go through backports for stable branches (L248 on Whiteboard) and do stable releases afterwards.15:06
mnasiadkamnasiadka post a patch for docs - standard topics that should be discussed over PTG and then revisited in mid-cycle15:06
mnasiadkamnasiadka Add ansible-core 2.12 to the list of Yoga priorities15:06
mnasiadkamnasiadka Add rabbitmq 3.9 to the list of Yoga priorities15:06
mnasiadkaI didn't do triage15:06
mnasiadkaI didn't post a patch for docs as recurring PTG topic15:07
mnasiadkaI added ansible and rmq to priorities15:07
mnasiadkaI guess nobody did go through backports for stable branches15:07
mnasiadkaand yoctozepto-clone hasn't hidden init-runonce15:07
mnasiadka#action mnasiadka to triage security bugs and update them with resolution plan (if needed)15:07
yoctozepto-cloneyeah, sadly15:07
mnasiadka#action yoctozepto hide properly init-runonce15:07
yoctozepto-clonetough times15:07
mnasiadka#action anybody not forget to go through backports for stable branches (L248 on Whiteboard) and do stable releases afterwards.15:07
yoctozepto-cloneI think we need to prioritise the deprecations15:08
mnasiadka#action mnasiadka post a patch for docs - standard topics that should be discussed over PTG and then revisited in mid-cycle15:08
mnasiadkayoctozepto-clone: probably15:08
mnasiadka#topic CI status15:08
mnasiadkaAnybody wants to say that something is not green?15:09
mnasiadkaso everything green on the whiteboard15:09
mnasiadkalet's move on15:09
mnasiadka#topic Release tasks15:09
mnasiadkaIt's R-17 now15:09
mnasiadkaR-17: Switch source images to current releaseĀ¶15:10
mnasiadkaI think mgoddard (absent) did post some changes15:10
mnasiadkaWe just need to move them forward15:10
yoctozepto-clonelinks please15:11
mnasiadka(looking for them)15:11
mnasiadkaSeems I'm blind15:12
kevko_hi, sorry, I had a meeting in 15 :/15:13
mnasiadkaOk, I'll find them offline - no logical sense to wait now.15:14
mnasiadka#topic Yoga cycle planning15:14
mnasiadkaI started to populate the whiteboard with Yoga priorities, need to be extended but there's a list15:15
mnasiadkaI agree with yoctozepto we should start deprecating binary15:15
yoctozepto-cloneand multidistros15:15
yoctozepto-clonewell, going forward there15:15
mnasiadkaaround single distro - I updated https://etherpad.opendev.org/p/kolla-only-on-debian - to reflect replies I did get from various MLs and commercial customers15:16
yoctozepto-clonewe know debian images currently work universally15:16
yoctozepto-clonehmm15:16
mnasiadkaBut lacking mgoddard and hrw here - I don't know if we shouldn't discuss those next week.15:16
yoctozepto-clonei guess these are moot points as we only ever wished to have them15:16
admin1is there a way to deploy docker + databases before deploying kolla ansible ? 15:17
yoctozepto-clonenever had15:17
admin1test case .. to check if controller nodes can be re-created with just the database backup in event of a complete filesystem corrupt/crash 15:18
mnasiadkayoctozepto: well, the FIPS one is something we'll need to support soon.15:18
mnasiadkaadmin1: we have a meeting now, please wait until it ends - and then ask questions :)15:18
admin1oh .. sorry 15:19
mnasiadkayoctozepto: as in our company ;)15:19
hrwo\15:19
mnasiadkaand the selinux/apparmor case is also interesting, because that's what customers are asking15:19
mnasiadkaI wouldn't like to maintain a complete downstream fork of Kolla15:19
hrwlet me read what was in meeting15:19
mnasiadkahrw: basically https://etherpad.opendev.org/p/kolla-only-on-debian is a list of roadblocks from ML and some other sources feedback around single distro15:20
hrwok let me look15:20
yoctozepto-cloneis debian not compatible with fips somehow?15:21
mnasiadkaFIPS compliant, but not certified15:21
mnasiadkaIIRC15:22
yoctozepto-cloneah15:22
yoctozepto-clonewell, it would be hard to get our images certified anyhow15:22
yoctozepto-cloneif not simply impossible15:22
mnasiadkaProbably yes, just mentioning what is on our employers radar.15:23
mnasiadkaI mean hard, not impossible.15:23
yoctozepto-cloneok15:23
hrwyoctozepto-clone: RHEL is FIPS certified so people were happy with CentOS15:23
mnasiadkaAnd I think Ubuntu is FIPS certified as well15:24
yoctozepto-cloneyeah, but centos is gone unless we go rocky and then again we need to provide openstack ourselves15:24
yoctozepto-clonechoices, choices...15:24
hrwwhatever RHEL8 based is no go for us15:24
mnasiadkawhat does it mean provide openstack ourselves?15:24
hrwdoes not matter is it CS8, RockyLinux, AlmaLinux15:25
hrwYoga is last py3.6 cycle15:25
yoctozepto-clonemnasiadka: no packages for rocky15:25
hrwplease s/rocky/rockylinux15:25
mnasiadkaYes, there's the python3.6 drop that TC has... dropped on us.15:25
mnasiadkayoctozepto-clone: yeah well, we're dropping binary anyway, so that's only a couple of packages.15:25
adrian-aI guess wouldn't be hard to support Debian+Ubuntu based images, where Ubuntu would be FIPS certified?15:25
hrwwe need to depracate CentOS in Yoga15:26
kevkoUbuntu is FIPS certified ..and ubuntu is ..you know ..just debian :D 15:26
kevkoadrian-a: +115:26
yoctozepto-clone+1 hrw and adrian-a 15:26
yoctozepto-cloneworks for me15:26
yoctozepto-clonecentos is the biggest pain point15:26
yoctozepto-cloneI mean - currently15:27
mnasiadkaCurrently the biggest pain point is OpenStack forcing us to go cs9 in Yoga, or drop CentOS at all.15:28
mnasiadkaBut let's see how tomorrows TC meeting will play out.15:29
jingvarI 'm working on ISO image builder that will provision  baremetal kayobe control host 15:29
yoctozepto-cloneI think we will revert this one15:29
kevkomnasiadka: why "openstack forcing us" ? 15:29
yoctozepto-cloneas there is no certain win to drop py3.6 in yoga15:29
mnasiadkakevko: do you read the openstack ML sometimes?15:29
hrwkevko: drop of py3.615:29
* frickler waves late and tries to catch up15:30
fricklerand also admits that possibly the suggestion to drop py36 might have initiated from me15:31
* hrw waves finger at frickler. bad, bad boy!15:31
yoctozepto-clonewell, I guess I was overly optimistic there as well15:32
yoctozepto-clonealways forgetting non-default python version on centos in nerfed15:32
mnasiadkaOk then, let's assume it gets reverted or worry if it is not for now.15:32
mnasiadkaWhat about deprecating binary? We have some TODOs related with it.15:33
mnasiadkaL322 on https://etherpad.opendev.org/p/KollaWhiteBoard15:34
yoctozepto-cloneneed to work on them15:35
hrwadded links to my patches there15:35
mnasiadkaGreat, added your name in TODO15:35
mnasiadkaSo - are there any volunteers for the rest of unassigned tasks?15:36
mnasiadkaok then, no volunteers, I'll ask again next week ;-)15:38
fricklerI can start looking into "How to locally patch source images"15:38
yoctozepto-clonegreat15:38
mnasiadkaSure, add it in the whiteboard that you'll be working on it15:39
kevkofrickler: add me to cc if you will have something ..15:39
fricklerkevko: sure15:39
hrwtook over 2 entries15:40
mnasiadkaok, something is moving, nice - thanks )15:40
mnasiadka:)15:40
hrwbtw - until nova gets rid of powervm dependency we are ...ed with source builds15:41
hrwINFO:kolla.common.utils.nova-base:The conflict is caused by:15:41
hrwINFO:kolla.common.utils.nova-base:    pypowervm 1.1.26 depends on futures>=3.0; python_version == "3.6"15:41
hrwINFO:kolla.common.utils.nova-base:    The user requested (constraint) futures===3.0.515:41
yoctozepto-cloneargh15:41
mnasiadkaSo nova enforces everybody to install pypowervm, although less than 1% of users use that functionality?15:41
fricklerwasn't that cleaned up already? maybe not backported15:42
hrwyou are overoptimistic with that 1%15:42
frickleralso this is hidden in upstream CI due to cached wheels sadly.15:43
yoctozepto-cloneindeed15:44
yoctozepto-clonewe have experimental jobs that ignore the wheels15:44
yoctozepto-clonewe can run them less experimentally15:44
mnasiadkaAre we also trying to get rid of RDO/UCA during deprecating binary?15:44
hrwthey both provide missing deps 15:44
hrwand/or updates15:45
mnasiadkawell true15:45
yoctozepto-cloneyeah, we neede some deps I think15:45
yoctozepto-clonelike ceph libs15:45
mnasiadkaI think Ceph libs should follow RabbitMQ/MariaDB (use vendor repos)15:45
mnasiadkaNow that they build Debian as well15:45
hrwmnasiadka: with aarch64 ones?15:45
mnasiadkaat least Debian has arm64 packages on download.ceph.com15:46
hrwo! things changed15:47
hrw RUN ln -s nova-base-source/* nova \15:47
hrw+    && sed -i -e "/^pypowervm/d" nova/requirements.txt \15:47
hrwand nova builds ;D15:47
yoctozepto-clonehrw, mnasiadka: re ceph: wonderful!15:48
yoctozepto-clonehrw: I guess we can do this with a reno and be good15:48
mnasiadkaAdded that to Yoga priorities list15:49
mnasiadkaOk then, I think the binary deprecation is pretty well covered.15:50
yoctozepto-cloneindeed15:50
mnasiadkaLet's discuss the single distro again next week, we should have some more insight from py36 drop and I'll investigate the FIPS/SELinux/AppArmor things, if this is really something we want to do next year (as a company).15:51
mnasiadkaI think we already covered the py36 drop topic that was the next one15:52
mnasiadkaSo unless anybody has any additional topics around Yoga priorities - let's move to Open Discussion.15:52
opendevreviewMarcin Juszkiewicz proposed openstack/kolla master: nova: drop pypowervm dependency  https://review.opendev.org/c/openstack/kolla/+/82004215:52
mnasiadka#topic Open discussion15:53
opendevreviewMarcin Juszkiewicz proposed openstack/kolla master: switch source images to follow master branches  https://review.opendev.org/c/openstack/kolla/+/82004315:54
ohorecny2Hi, my team proposed change for refactoring of kolla_docker, can you please review guys? We would like to move forward. Change is here: https://review.opendev.org/c/openstack/kolla-ansible/+/81795415:54
hrwmnasiadka: please take care of 820043 patch - it may need better commit message15:54
mnasiadkasure, I'll check previous similar changes and adapt if needed.15:55
hrwmnasiadka: thx15:55
* hrw on sick leave this week15:55
yoctozepto-cloneget well hrw!15:56
mnasiadkaok, I see we're done for today15:56
mnasiadka#endmeeting15:57
opendevmeetMeeting ended Wed Dec  1 15:57:00 2021 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)15:57
opendevmeetMinutes:        https://meetings.opendev.org/meetings/kolla/2021/kolla.2021-12-01-15.01.html15:57
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/kolla/2021/kolla.2021-12-01-15.01.txt15:57
opendevmeetLog:            https://meetings.opendev.org/meetings/kolla/2021/kolla.2021-12-01-15.01.log.html15:57
mnasiadkahrw: get well15:57
mnasiadkathanks for attending!15:57
hrwmnasiadka: whiteboard L326 edited15:57
opendevreviewMarcin Juszkiewicz proposed openstack/kolla master: qdrouterd: add release note with deprecation notice  https://review.opendev.org/c/openstack/kolla/+/82004516:01
opendevreviewMarcin Juszkiewicz proposed openstack/kolla master: Debian: enable building Bifrost images on x86-64  https://review.opendev.org/c/openstack/kolla/+/81478316:01
hrwrebased on top of 'let switch to master'16:02
hrwas this should make it buildable16:02
hrwhm. 11 opened patches.16:03
* hrw out16:03
jingvarIs it a good place for questions about Bifrost (manual installation)?16:24
opendevreviewPierre Riteau proposed openstack/kayobe master: Support building multiple disk images  https://review.opendev.org/c/openstack/kayobe/+/81251616:26
opendevreviewPierre Riteau proposed openstack/kolla-ansible master: Update noVNC URL for noVNC >= 1.0.0  https://review.opendev.org/c/openstack/kolla-ansible/+/82004816:41
yoctozepto-clonejingvar: more likely #openstack-ironic17:00
jingvaryoctozepto-clone: thanks17:05
jingvarI think will simple use Kolla for Bifrost, but it uses more resources17:10
opendevreviewMarcin Juszkiewicz proposed openstack/kolla master: build: 5s delay + note when binary images are used  https://review.opendev.org/c/openstack/kolla/+/81837817:27
hrwmnasiadka: let us deprecate and drop vmtp. it is not maintained17:35
hrwINFO:kolla.common.utils.vmtp:The conflict is caused by:17:36
hrwINFO:kolla.common.utils.vmtp:    vmtp 2.5.1.dev18 depends on PrettyTable<0.817:36
hrwINFO:kolla.common.utils.vmtp:    The user requested (constraint) prettytable===2.4.017:36
hrwsimilar with watcher17:45
hrwmnasiadka: we need to deprecate vmtp and watcher. both are not buildable in Yoga due to prettytable version conflicts17:55
opendevreviewMarcin Juszkiewicz proposed openstack/kolla master: switch source images to follow master branches  https://review.opendev.org/c/openstack/kolla/+/82004318:15
hrwmarked both as unbuildable18:15
*** amoralej is now known as amoralej|off18:37
opendevreviewMargaritaShakhova proposed openstack/kolla-ansible master: Add ironic-inspector policy configuration  https://review.opendev.org/c/openstack/kolla-ansible/+/82006319:22
opendevreviewMargaritaShakhova proposed openstack/kolla-ansible master: Add ironic-inspector policy configuration  https://review.opendev.org/c/openstack/kolla-ansible/+/82006319:24
opendevreviewMargaritaShakhova proposed openstack/kolla-ansible master: Add ironic-inspector policy configuration  https://review.opendev.org/c/openstack/kolla-ansible/+/82006319:25
opendevreviewMargaritaShakhova proposed openstack/kolla-ansible master: Add ironic-inspector policy configuration  https://review.opendev.org/c/openstack/kolla-ansible/+/82006319:28
guesswhatGuys? Anyone is running certbot{lego with DNS0! method ? Authenticate via TXT in DNS zone.. Seems that kolla use only HTTP01 method.20:05
guesswhat*TLS for horizon20:12
fricklerexperimental job confirms the failure for centos. maybe make that a periodic (weekly) job, too? https://904f7d6c49a5f1a28a62-cd221b105c4d18d37b6dac96e24d6617.ssl.cf2.rackcdn.com/820043/2/experimental/kolla-build-no-infra-wheels-centos8s-source/d5aa3ce/kolla/build/000_FAILED_nova-base.log21:02
fricklerguesswhat: I've tested lego with designate, but not within kolla yet21:03
guesswhatfrickler: and are you running some systemd timer service, or how are you automatically renewing expired certificates ? or did you use it only with designate to generate certificate for internal service in openstack ?21:12
guesswhatguys? i can not enable freezer, i am getting {"msg": "'dict object' has no attribute 'domain_name'"}  do i need to preset some domain in keystone ? thanks21:15
guesswhatprobably iam missing kolla_internal_fqdn and kolla_external_fqdn21:17
guesswhathmm ,seems that domain_name is renamed to user_domain_name  ( https://github.com/openstack/kolla-ansible/blob/stable/xena/doc/source/user/multi-regions.rst#deployment-of-other-regions ), but freezer requires domain_name ...21:43
guesswhator https://github.com/openstack/kolla-ansible/blob/stable/xena/ansible/roles/freezer/templates/freezer.conf.j2#L1921:45
opendevreviewDr. Jens Harbott proposed openstack/kolla-ansible master: WIP: Update previous_release to Xena  https://review.opendev.org/c/openstack/kolla-ansible/+/82007421:49
guesswhathttps://stackoverflow.com/questions/65900315/how-to-configure-multi-region-deployment-in-openstack-kolla 21:52
guesswhatthis line https://github.com/openstack/kolla-ansible/blob/stable/xena/ansible/roles/freezer/templates/freezer.conf.j2#L19 should be probably os_project_domain_name = {{ openstack_auth.project_domain_name }}, its not possible to install freezer ,,,,,22:03
« Tuesday, 2021-11-30 Index Thursday, 2021-12-02 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!