Wednesday, 2022-03-16

« Tuesday, 2022-03-15 Index Thursday, 2022-03-17 »
opendevreviewMerged openstack/kayobe master: CI: fix TLS job by freeing up memory  https://review.opendev.org/c/openstack/kayobe/+/83315901:34
opendevreviewMerged openstack/kayobe master: CI: Move to pytest-testinfra  https://review.opendev.org/c/openstack/kayobe/+/83222501:34
opendevreviewMerged openstack/kayobe master: Bump MichaelRigart.interfaces to v1.13.1  https://review.opendev.org/c/openstack/kayobe/+/83300701:34
opendevreviewMerged openstack/kayobe master: Only create patch links on overcloud hosts  https://review.opendev.org/c/openstack/kayobe/+/83312501:49
opendevreviewwangxiyuan proposed openstack/kolla-ansible master: [WIP]Add openEuler Distro support  https://review.opendev.org/c/openstack/kolla-ansible/+/83011502:09
opendevreviewwangxiyuan proposed openstack/kolla-ansible master: [WIP]Add openEuler Distro support  https://review.opendev.org/c/openstack/kolla-ansible/+/83011502:56
opendevreviewjinyuanliu proposed openstack/kolla master: venus: add log management system  https://review.opendev.org/c/openstack/kolla/+/79379503:09
opendevreviewjinyuanliu proposed openstack/kolla master: venus: add log management system  https://review.opendev.org/c/openstack/kolla/+/79379505:53
opendevreviewjinyuanliu proposed openstack/kolla master: venus: add log management system  https://review.opendev.org/c/openstack/kolla/+/79379506:04
opendevreviewMichal Nasiadka proposed openstack/kolla-ansible master: WIP: Run testssl.sh against HAProxy  https://review.opendev.org/c/openstack/kolla-ansible/+/82349907:18
opendevreviewPierre Riteau proposed openstack/kayobe master: selinux: default to permissive  https://review.opendev.org/c/openstack/kayobe/+/81366109:58
opendevreviewMerged openstack/kolla-ansible stable/train: CI: Add more CentOS Stream 8 jobs  https://review.opendev.org/c/openstack/kolla-ansible/+/83289609:59
opendevreviewPierre Riteau proposed openstack/kayobe master: Enable overcloud TLS job again  https://review.opendev.org/c/openstack/kayobe/+/83397710:00
opendevreviewDr. Jens Harbott proposed openstack/kolla-ansible stable/xena: Add support for deploying Prometheus libvirt exporter  https://review.opendev.org/c/openstack/kolla-ansible/+/83185010:28
opendevreviewPierre Riteau proposed openstack/kayobe master: Fix link formatting in release note  https://review.opendev.org/c/openstack/kayobe/+/83398510:43
opendevreviewMichal Nasiadka proposed openstack/kolla-ansible stable/xena: Add Rocky Linux support as Host OS  https://review.opendev.org/c/openstack/kolla-ansible/+/83386111:01
opendevreviewMichal Nasiadka proposed openstack/kolla-ansible stable/xena: Add Rocky Linux support as Host OS  https://review.opendev.org/c/openstack/kolla-ansible/+/83386111:03
opendevreviewPierre Riteau proposed openstack/kayobe master: selinux: default to permissive  https://review.opendev.org/c/openstack/kayobe/+/81366111:12
jingvarkayobe overcloud service upgrade - why it goes into venv/kolla-ansibe and tries update it ?11:25
jingvarthe doc - 11:27
jingvarContainerised control plane services may be upgraded by replacing existing containers with new con-11:27
jingvartainers using updated images11:28
jingvarI don't see where is mentonied venvs11:28
opendevreviewMerged openstack/kayobe master: CI: Don't download Cirros or IPA in seed jobs  https://review.opendev.org/c/openstack/kayobe/+/83375911:41
opendevreviewMaksim Malchuk proposed openstack/kayobe master: Skip IP address allocation and configuration if needed  https://review.opendev.org/c/openstack/kayobe/+/82112911:49
mirek186Hi could someone help with deployment issue. The neutron playbook only including compute nodes but when running same invenotry but with --tags neutron it's correct12:01
opendevreviewMaksim Malchuk proposed openstack/kayobe master: Skip IP address allocation and configuration if needed  https://review.opendev.org/c/openstack/kayobe/+/82112912:01
mirek186TASK [neutron : include_tasks] * included: kolla_venv/share/kolla-ansible/ansible/roles/neutron/tasks/deploy.yml for 172.16.70.7, 172.16.70.8, 172.16.70.912:02
mirek186The above one is failing as it's only have compute nodes, but same inventory with --tags neutron is working as expected12:02
mirek186TASK [neutron : include_tasks] *kolla_venv/share/kolla-ansible/ansible/roles/neutron/tasks/deploy.yml for 172.16.70.4, 172.16.70.5, 172.16.70.6, 172.16.70.7, 172.16.70.8, 172.16.70.912:02
mirek186Is there anything in kolla-ansible deploy which will affect HOST groups during the deployment, looking at the playbooks it should just work and it used to work fine few weeks back12:04
fricklermnasiadka: yoctozepto: ansible-lint=6.0 is causing failures on stable branches, too. do we want to backport https://review.opendev.org/c/openstack/kolla-ansible/+/833895 or cap ansible-lint<6 there?12:28
mnasiadkaI would rather cap ansible-lint12:29
mnasiadkaand then we can discuss moving to FQCNs, which probably is a good idea.12:29
fricklermnasiadka: o.k., I'll prepare a patch. also added the topic to the PTG list12:30
mnasiadkafrickler: thanks12:30
opendevreviewDr. Jens Harbott proposed openstack/kolla-ansible stable/xena: [stable-only] Cap ansible-lint for stable branches  https://review.opendev.org/c/openstack/kolla-ansible/+/83399612:34
opendevreviewMaksim Malchuk proposed openstack/kolla-ansible master: CI: fix warnings with new ansible-lint 6.0.0  https://review.opendev.org/c/openstack/kolla-ansible/+/83389512:39
opendevreviewMaksim Malchuk proposed openstack/kolla-ansible master: CI: fix warnings with new ansible-lint 6.0.0  https://review.opendev.org/c/openstack/kolla-ansible/+/83389512:41
opendevreviewMaksim Malchuk proposed openstack/kolla-ansible master: Fix maximum width of the DIB Multiline-YAML  https://review.opendev.org/c/openstack/kolla-ansible/+/83363312:42
opendevreviewJuan Pablo Suazo proposed openstack/kolla-ansible master: Support Prometheus as metrics database for Ceilometer.  https://review.opendev.org/c/openstack/kolla-ansible/+/83265112:48
imranhello hello, me again trying to get more movement on my patchset https://review.opendev.org/c/openstack/kolla-ansible/+/82456612:57
opendevreviewMichal Nasiadka proposed openstack/kolla-ansible master: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83389512:58
opendevreviewRadosław Piliszek proposed openstack/kolla-ansible stable/xena: testing  https://review.opendev.org/c/openstack/kolla-ansible/+/83316713:03
opendevreviewRadosław Piliszek proposed openstack/kolla-ansible stable/xena: testing  https://review.opendev.org/c/openstack/kolla-ansible/+/83316713:03
opendevreviewMaksim Malchuk proposed openstack/kolla-ansible master: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83389513:13
opendevreviewMichal Nasiadka proposed openstack/kolla-ansible master: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83389513:13
jingvarmirek186: some playbooks have unclear dependencies13:17
opendevreviewMaksim Malchuk proposed openstack/kolla-ansible master: Fix maximum width of the DIB Multiline-YAML  https://review.opendev.org/c/openstack/kolla-ansible/+/83363313:17
mirek186jingvar: any tips how to figure it out?13:21
mnasiadkaimran: just make the *-cephadm jobs green :)13:25
imranmnasiadka: thanks! :)13:25
jingvarfor example some playbooks wants to collect a data from controlplane nodes13:28
opendevreviewMaksim Malchuk proposed openstack/kayobe master: Skip IP address allocation and configuration if needed  https://review.opendev.org/c/openstack/kayobe/+/82112913:29
jingvarmirek186: I 'm not figure out exectly what you do. but common sollustion insert debug into venvs/palybooks and understand what goes worong13:29
opendevreviewMaksim Malchuk proposed openstack/kolla-ansible stable/xena: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83386913:31
opendevreviewMaksim Malchuk proposed openstack/kolla-ansible stable/wallaby: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83401013:32
opendevreviewMaksim Malchuk proposed openstack/kolla-ansible stable/victoria: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83401113:32
opendevreviewImran Hussain proposed openstack/kolla-ansible master: [external-ceph] Use template instead of copy  https://review.opendev.org/c/openstack/kolla-ansible/+/82456613:33
jingvarguys, what is rigth sequence for adding  a new service on working cloud? images are pulled13:34
yoctozeptojingvar: enable it and rerun deploy13:38
opendevreviewMaksim Malchuk proposed openstack/kolla-ansible stable/xena: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83386913:38
opendevreviewMaksim Malchuk proposed openstack/kolla-ansible stable/victoria: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83401113:38
mirek186jingvar: thanks mate, that's what I'm trying to do at the moment. Is there a common way to find out why some hosts where not included in the task. Trying to google it but can't find a good answer, thinking of injecting a small task to list all groups just before neutron task to find out whether the task is aware of them or not13:39
opendevreviewMaksim Malchuk proposed openstack/kolla-ansible stable/wallaby: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83401013:39
yoctozeptomirek186: I would bet that the affected hosts simply failed earlier, in another play, and are now excluded13:39
yoctozeptolook more thoroughly at the logs13:39
jingvarmirek186: I depends on how writen playbook, there can be something constructed from groups_by13:44
jingvaryoctozepto: will it care about sequencial restartig containers?  on a dev env I just run deploy, but now a want to simulate day213:46
opendevreviewImran Hussain proposed openstack/kolla-ansible master: [external-ceph] Use template instead of copy  https://review.opendev.org/c/openstack/kolla-ansible/+/82456613:46
opendevreviewPierre Riteau proposed openstack/kayobe master: selinux: default to permissive  https://review.opendev.org/c/openstack/kayobe/+/81366113:47
opendevreviewMerged openstack/kolla-ansible master: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83389513:48
mirek186yoctozepto: I've attached deploy log, can't find anything, other then checking MariaDB ports which then been ignored, later network nodes are used in the playbook, so really stuck: https://zerobin.net/?cc110c34e3e7781a#x5lUBl6DrsZW7/amUU9/gWgfScHD2OrelJXKowIFiPQ=13:49
mirek186This one is for --tags neutron only and working as expected: https://zerobin.net/?56a99400e6f5b23e#2yMuqN5wp1mlujR1EM2RzCNDQ28GriBkmXOqGJ5S/vU=13:50
yoctozeptomirek186: look at TASK [openvswitch : Ensuring OVS bridge is properly setup] *********************13:52
yoctozeptoit killed off these 3 hosts from further plays13:52
yoctozeptowhich broke the logic13:52
yoctozeptojingvar: what do you mean? "deploy" is the one used day-2 as well13:57
jingvarovercloud service deploy13:58
opendevreviewRadosław Piliszek proposed openstack/kolla-ansible master: [WIP] Ironic: Support both plain PXE and iPXE  https://review.opendev.org/c/openstack/kolla-ansible/+/83215913:59
jingvarAs I see , day2 kayobe overcloud service reconfigure 13:59
yoctozeptojingvar: it's practically an alias; we seem to be lazy and still did not kill off that confusing part :-)14:00
yoctozeptowhichever you use, it does the same thing14:00
mirek186yoctozepto: thanks mate, I tought external ovn bridge on needs to be on compute node, at least we had it this way when using Juju14:01
mirek186I'll dig into it14:01
opendevreviewPierre Riteau proposed openstack/kayobe master: Run disable-selinux on seed-hypervisor  https://review.opendev.org/c/openstack/kayobe/+/82341814:02
jingvaryoctozepto:  I was believed in a magic14:02
opendevreviewPierre Riteau proposed openstack/kayobe master: Run selinux playbook on seed hypervisor  https://review.opendev.org/c/openstack/kayobe/+/82341814:02
jingvarthanks14:02
jingvarjuju - omg14:03
yoctozeptomirek186: it's also required on network nodes14:03
opendevreviewMaksim Malchuk proposed openstack/kayobe master: Skip IP address allocation and configuration if needed  https://review.opendev.org/c/openstack/kayobe/+/82112914:11
opendevreviewDr. Jens Harbott proposed openstack/kolla-ansible stable/xena: Add support for deploying Prometheus libvirt exporter  https://review.opendev.org/c/openstack/kolla-ansible/+/83185014:12
opendevreviewRadosław Piliszek proposed openstack/kolla-ansible master: [CI] Test Ironic upgrade  https://review.opendev.org/c/openstack/kolla-ansible/+/83400414:30
opendevreviewRadosław Piliszek proposed openstack/kolla-ansible master: [WIP] Ironic: Support both plain PXE and iPXE  https://review.opendev.org/c/openstack/kolla-ansible/+/83215914:34
opendevreviewRadosław Piliszek proposed openstack/kolla-ansible master: [WIP] Ironic: rename containers  https://review.opendev.org/c/openstack/kolla-ansible/+/83213414:38
opendevreviewPierre Riteau proposed openstack/kayobe master: CI: Enable overcloud TLS job again  https://review.opendev.org/c/openstack/kayobe/+/83397714:40
opendevreviewMichal Nasiadka proposed openstack/kolla-ansible stable/ussuri: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83401414:41
mirek186yoctozepto: I'm looking into openvswitch code and I think there is a bug in ovs_ensure_configured.sh https://github.com/openstack/kolla/blob/master/docker/openvswitch/openvswitch-db-server/ovs_ensure_configured.sh14:42
opendevreviewRadosław Piliszek proposed openstack/kolla-ansible stable/xena: testing  https://review.opendev.org/c/openstack/kolla-ansible/+/83316714:43
mirek186I'm not OVN expert but with my past experienice with Juju where they using Juju for few years, you only do external ports on your compute nodes, they go directly from VM-OVN-external port14:43
mirek186however, the code in the script does a check whether the interface exists first and if you run it on every openvsiwtch host which is both network and compute nodes it will fail14:44
yoctozeptomirek186: well, then the bug is in kolla-ansible, not kolla anyhow, the script is called only when and where k-a wants it14:44
yoctozeptomnasiadka knows OVN better, might say something more regarding why it's like it is14:45
yoctozeptoit could also be the case we are not flexible enough atm or whatever14:45
mnasiadkaIf I understand correctly, the question is why we are configuring external bridge on the network nodes?14:46
mirek186mnasiadka: Well, yes14:46
mnasiadkaAnd how do you expect SNAT to be working?14:46
mirek186With OVN when you do external it's attached directly to external network at least I had it this way with Juju OpenStack14:47
mnasiadkaWhat do you mean by "when you do external"?14:47
mirek186not a overlay, physnet114:48
opendevreviewRadosław Piliszek proposed openstack/kolla master: venus: add log management system  https://review.opendev.org/c/openstack/kolla/+/79379514:48
mirek186my understading was with OVN it's simplified where you have port directly attached to VM on the compute node, it's not going on overlay at all14:49
mnasiadkamirek186: you mean you are spawning instances directly using a vlan network called external?14:49
mirek186yes14:49
mnasiadkait doesn't matter if it's ML2/OVN or ML2/OVS14:49
mnasiadkait is simple, so what is the problem?14:49
mirek186the problem is the code in ovs_ensure_configured.sh 14:50
mnasiadkawell, that is a script, I guess the problem rather is in kolla-ansible's usage of this script14:50
mirek186basiclliy it's run on every network and compute node and first bit of the code is checking whether the intrface exists on the host, where it dosne't have to exists on network nodes14:50
mnasiadkaNormally, people deploy an SDN to use overlay networks. We assume this is the case, and ensure required interfaces/bridges exist.14:51
mirek186I'm happy with that it was more to find out why, so I know how to address it, but my understading is correct, you don't need porvider ports on network nodes if they are only used by compute, am I right? At least it's a setup we have with Juju14:52
mnasiadkaIf you want to use ONLY provider networks - then yes, bridges need to exist only on computes.14:53
opendevreviewMerged openstack/kolla-ansible stable/xena: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83386914:54
mirek186we do have overlay ports on both network and compute. 14:54
opendevreviewMichal Nasiadka proposed openstack/kolla-ansible master: WIP: Run testssl.sh against HAProxy  https://review.opendev.org/c/openstack/kolla-ansible/+/82349914:55
opendevreviewMerged openstack/kolla-ansible stable/wallaby: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83401014:55
opendevreviewMerged openstack/kolla-ansible stable/victoria: CI: pin ansible-lint to <6  https://review.opendev.org/c/openstack/kolla-ansible/+/83401114:55
mnasiadkamgoddard mnasiadka hrw egonzalez yoctozepto rafaelweingartne cosmicsound osmanlicilegi bbezak parallax Fl1nt frickler adrian-a - meeting in 514:55
opendevreviewRadosław Piliszek proposed openstack/kolla-ansible master: [CI] Add Venus scenario  https://review.opendev.org/c/openstack/kolla-ansible/+/82322214:57
yoctozeptomnasiadka, mirek186: ok, so I understand the issue is that kolla-ansible is not flexible enough (like I thought before) and does not offer a way to avoid non-provider (overlay) networks?14:59
mnasiadkaThat's how I understand that issue - anyway meeting time15:00
mnasiadka#startmeeting kolla15:00
opendevmeetMeeting started Wed Mar 16 15:00:19 2022 UTC and is due to finish in 60 minutes.  The chair is mnasiadka. Information about MeetBot at http://wiki.debian.org/MeetBot.15:00
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.15:00
opendevmeetThe meeting name has been set to 'kolla'15:00
mnasiadka#topic rollcall15:00
mnasiadkao/15:00
frickler\o15:00
jinyuanliu_o\15:00
yoctozeptoo/15:01
mgoddard\o15:03
mnasiadka#topic agenda15:03
mnasiadka* Announcements15:03
mnasiadka* Review action items from the last meeting15:03
mnasiadka* CI status15:03
mnasiadka* Release tasks15:03
mnasiadka* Current cycle planning15:03
mnasiadka* Additional agenda (from whiteboard)15:03
mnasiadka* Open discussion15:03
mnasiadka#topic Announcements15:03
mnasiadkaI've proposed frickler to gain core reviewer privileges in both Kolla and Kolla-Ansible - please vote on the mailing list.15:04
mnasiadka#topic Review action items from the last meeting15:04
mnasiadkamnasiadka to triage security bugs and update them with resolution plan (if needed)15:04
mnasiadkamnasiadka to update kolla review dashboard with kolla collection15:04
mnasiadkahrw Enable osbpo in Debian APT sources, abandon extrepo command use then?15:04
mnasiadkaI updated the review dashboard15:04
mnasiadkasec bugs in progress, I proposed a patch to use testssl.sh to validate haproxy ssl ciphers (one of the bugs mentions ssl ciphers)15:05
mnasiadkaneeds some update, but should ensure this is covered a bit better than in past15:05
mnasiadkahrw is not here, so let's reapply this action item15:05
mnasiadka#action mnasiadka to triage security bugs and update them with resolution plan (if needed)15:06
mnasiadka#action hrw Enable osbpo in Debian APT sources, abandon extrepo command use then?15:06
mnasiadka#topic CI status15:06
mnasiadkaWe've seen breakage from ansible-lint complaining on us not using FQCNs for core modules15:06
mnasiadkait has been capped to <6 - it's fine now15:07
fricklerubuntu-binary seems also broken15:07
fricklersome issue with trove-dashboard afaict15:07
fricklerhttps://storage.gra.cloud.ovh.net/v1/AUTH_dcaab5e32b234d56b626f72581e3644c/zuul_opendev_logs_de8/793897/33/check/kolla-ansible-ubuntu-binary/de8b1e3/primary/logs/kolla/horizon/horizon.txt15:07
yoctozeptothat's why we are dropping support for binary15:07
yoctozeptowell, one of the reasons15:07
fricklerbut as of now we still should try to fix it?15:08
mnasiadkaI think i've seen something similar in the Magnum CI job (where we enable Trove I think)15:08
mnasiadkafrickler: at least we should raise a Launchpad bug in UCA15:08
mnasiadkathat's what we've done in the past15:08
yoctozeptoyeah, raise a bug in UCA15:09
fricklerah, o.k., I can do that and ping some ubuntu-server ppl15:09
mnasiadkabut they're usually not the fastest, so it will drag around15:09
mnasiadkaand IIRC Trove doesn't have a PTL for Z15:09
yoctozeptoyes15:10
mnasiadkaSo I don't know how long will it stay with us ;)15:10
mnasiadkaanyway, let's continue15:10
mnasiadka#topic Release tasks15:10
mgoddardwuchunyang stepped up for trove PTL15:11
yoctozeptooh, good to know, I missed that15:11
yoctozeptoso it's only adjutant going away15:12
mnasiadkaanyway it would be good to understand if we don't hit that in source as well - I've seen trove being enabled in magnum jobs15:12
yoctozeptothankfully, we did not merge its support15:12
mnasiadkaKolla feature freeze: Mar 21 - Mar 2515:12
wuchunyangyes, we will maintain trove in z 15:12
mnasiadkaIt's next week15:12
mnasiadka#topic Current cycle planning15:13
mnasiadkaSo, what is possibly going to get merged?15:13
yoctozeptomnasiadka: we always have all horizon plugins around so it would break source already, no?15:13
yoctozeptomnasiadka: I've reviewed venus15:13
yoctozeptoi've also added it to the other topics for today15:14
wuchunyangvenus +2 from me 15:14
yoctozeptofeel free to skip then15:14
mnasiadkayoctozepto: True, we only enable plugins per project I think, but who knows what fails15:14
mnasiadkaok15:14
mnasiadkaso - what about - Systemd containers: https://review.opendev.org/c/openstack/kolla-ansible/+/81672415:14
mnasiadkamgoddard, yoctozepto: you've been actively reviewing, right?15:14
mgoddardI haven't looked recently15:14
yoctozeptome neither15:15
mnasiadkaOk, would be nice to get this in though, right?15:15
yoctozeptoright15:15
yoctozeptoand my ironic patches15:16
yoctozepto:-)15:16
mnasiadkawe'll get to that (if those are listed on the whiteboard) :)15:16
mnasiadkakolla collection long list of patches - yoctozepto you promised to review two, haven't done that :D15:17
mnasiadkahttps://review.opendev.org/c/openstack/ansible-collection-kolla/+/82101515:17
mnasiadkahttps://review.opendev.org/c/openstack/ansible-collection-kolla/+/82101615:17
mnasiadkaand there are like 5 more on the list15:17
mnasiadkaL433 on the whiteboard15:17
yoctozeptomnasiadka: oh noez, so many things to do15:17
mnasiadkaneed reviewers, if not - it's not going to get in15:18
mnasiadkamaybe there are some other cores happy to assist?15:18
mnasiadkaanyway, let's move on - libvirt on host the same - I'll do reviews and need a second core15:19
opendevreviewWill Szumski proposed openstack/kolla-ansible master: Adds keystone_authtoken.service_type  https://review.opendev.org/c/openstack/kolla-ansible/+/83403515:19
mnasiadkaand magically Ironic appeared on the whiteboard!15:19
mgoddardI think kevko approved libvirt on the host15:19
mnasiadkabut not the kolla collection patch 15:19
yoctozeptomnasiadka: yup, it's magix15:19
mgoddardtrue15:20
mnasiadkaok, let's review Radek's Ironic patches, and he'll be happy to review all the rest! ;-)15:21
mnasiadkaKayobe seems we have a lot of patches that need updates15:22
mnasiadkaprobably the multiple environments part 2 won't be merged in Yoga15:22
priteau:(15:22
mnasiadkaHaven't seen updates on those patches, and there's a lot to improve judging by mgoddard's comments15:23
priteauWill was planning to update but he's been busy15:23
mnasiadkaAs we all are unfortunately15:24
mnasiadkaLet's go through additional agenda15:24
mnasiadka#topic Additional agenda (from whiteboard)15:24
mnasiadka(yoctozepto) Venus15:24
mnasiadkaSo what's up with Venus?15:25
yoctozeptomnasiadka: already discussed, move on15:26
mnasiadkaok15:27
mnasiadkaIf we're at Venus - what's up with skyline?15:27
yoctozeptoI did not have time / it was less active/ready?15:27
yoctozeptolet's check15:27
wuchunyangi can try to add a ci for skyline.15:27
wuchunyangfollow by venus.15:27
yoctozeptowuchunyang: that would be appreciated15:28
wuchunyanghttps://review.opendev.org/c/openstack/kolla-ansible/+/82846415:28
yoctozepto(fwiw, I'm reviewing various changes atm)15:29
mnasiadkawuchunyang: the Kolla part has some comments, like why it's not using upper-constraints, I see Skyline would need more work than Venus to get in15:29
opendevreviewPierre Riteau proposed openstack/kayobe master: Use naming convention to infer VLAN tagging  https://review.opendev.org/c/openstack/kayobe/+/83305215:30
mnasiadkaOk, let's keep reviewing - hope the authors will update15:30
wuchunyangyes, skyline need more work. 15:31
mnasiadkaNext additional topic is (mgoddard): Libvirt SASL issues15:31
mgoddardI had some issues today when rolling out the libvirt SASL change15:31
mgoddardI'm still not really sure exactly what happened, but wanted to bring it up15:32
mgoddardPossibly there is a window when enabling SASL where it breaks the connection from nova-compute to libvirt 15:32
mgoddardand some instances get broken15:33
mnasiadkaoops15:33
yoctozeptooh my15:33
yoctozeptohow broken are we talking about?15:33
yoctozeptodata loss?15:33
mnasiadkaor just powered off / wrong state in Nova?15:33
mgoddardlibvirt VM stopped15:34
mgoddardI managed to get it running again with an openstack server stop, openstack server start15:35
yoctozeptohmm15:35
mgoddardbut it took me a while to figure it out15:35
yoctozeptoI don't see how it would stop the instance by itself15:35
yoctozeptomaybe it was on user req?15:35
yoctozeptobut the sync back did not happen15:35
yoctozeptoI'm not entirely sure when nova compute updates its state15:35
mnasiadkawhen backporting the libvirt sasl patch - did we enable sasl by default?15:36
mgoddardyes15:36
mnasiadkaso basically this can now happen to anyone?15:36
yoctozeptoyes15:37
mgoddardpotentially, but haven't reproduced it15:37
mnasiadkainteresting15:37
mgoddardif my theory is correct, we could stop nova-compute first, then restart nova-libvirt, then start nova-compute15:38
mgoddardthat would be a simple fix to backport15:38
mgoddardbut really I'd like to reproduce it to be confident15:38
yoctozepto++15:39
mnasiadkaSure, we'll be waiting for updates mgoddard 15:39
mgoddardok15:40
mnasiadka#topic Open discussion15:42
chooozeHello guys. Wanna ask your advice about separating LB for several groups. My colleague tried to do some [https://review.opendev.org/c/openstack/kolla-ansible/+/833535]. But for now we can't decide which way to choose, simple one (just a small patch to separate ELK's LB (what we want to achieve for now)) or hard one (provide some way to have an option for several LB groups with service groups mapping to them). Thanks in advance for 15:42
mnasiadkamgoddard: seems you've been giving your thoughts on this one ^^15:43
mgoddardyes15:44
mgoddardthe generic solution would be to have some flag per service15:44
chooozeyup sounds reasonable 15:45
mgoddardelasticsearch_enable_loadbalancer15:45
mgoddardthen incorporate that into elasticsearch_services.elasticsearch.haproxy15:45
yoctozeptobut loadbalancer might not be on the same nodes as these services15:45
yoctozeptoand it's fine15:45
yoctozeptoit's even on network nodes, not control nodes15:46
mgoddardyes, that was my comment15:46
jingvarwhat about hostgroup_vip15:46
chooozebut in that case VIP will be attached to host_group?15:46
mgoddardthe VIP is associated with haproxy hosts15:46
jingvaryep15:47
yoctozeptoi.e., we have one loadbalancer solution15:47
yoctozeptothat is HA15:47
yoctozeptoand shuffles VIP to ensure that HA15:47
jingvarto separete newtwork flow15:47
mgoddardif you have your own LB for elastic, you'd need to set elasticsearch_enable_loadbalancer=false and elasticsearch_internal_endpoint to point to your LB15:47
yoctozeptothe proxied services might exists anywhere15:47
jingvarI have monitoring_vip and a several services on this group15:48
mgoddardor perhaps you could just set elasticsearch_address15:48
jingvarI did15:48
chooozeso the way where there might be more than 1 LB in HA placed on control nodes isn't the way you want to see? :]15:49
jingvarwhy we cant have itsown loadbalancer on group15:49
mgoddardoh, so you want kolla to deploy multiple LBs?15:50
jingvarI had Virtual contrail Plane at least 9 nodes with 15:50
jingvaryes15:50
jingvarI have it already15:50
chooozeto have that possibility15:50
yoctozeptowhat do you use multiple LBs for? only es?15:51
wuchunyangwe have the same scenario. i use kolla to deploy two lbs, but es exists in both them.15:51
jingvaras first run15:51
chooozeby default okay. everything is going thorugh control-nodes. by for some cases it might be unnecessary and should be avoidable. like ELK-case15:51
yoctozeptochoooze: it goes through network nodes15:52
yoctozeptoyou can have a separate network node from control nodes15:52
yoctozepto(or multiple for that matter)15:52
chooozeanyway I hope you've got the point :]15:52
yoctozeptoso-so I'd say15:54
yoctozeptoto me it makes sense to have a separate loadbalancer for elk15:54
yoctozeptowell, more like efk15:54
jingvarthere are core components of Openstack and additional services - And I want' mix traffic15:54
mnasiadkaBut that means, you'd want to have a second instance of keepalived and haproxy - and possibly on a different set of physical hosts?15:55
chooozeyup15:56
jingvar2 strings into haproxyconfig.j2 :015:56
mnasiadkaWell, sounds like a nice feature, that we could discuss over PTG for the Z cycle.15:56
yoctozepto++15:57
chooozeNice guys!15:58
mgoddardsounds similar to the multiple mariadb feature, which was quite fiddly to get right15:58
chooozeWe could help somehow if you'll show the right way :]15:58
mnasiadkaSure, please add a topic on the bottom of Zed etherpad - https://etherpad.opendev.org/p/kolla-zed-ptg15:59
mnasiadkaand of course show up for the discussion :)15:59
mgoddardUpdate on the libvirt SASL issue discussed earlier: I think this was actually caused by some previous failed evacuations. nova-compute restart caused them to get cleaned up, which destroyed the instances15:59
opendevreviewImran Hussain proposed openstack/kolla-ansible master: [external-ceph] Use template instead of copy  https://review.opendev.org/c/openstack/kolla-ansible/+/82456616:00
chooozemnasiadka next Wed you mean? or some other time?16:00
mnasiadkamgoddard: should we make an update in the reno - that this might cause unplanned instance downtime?16:00
mgoddardmnasiadka: no, it was unrelated to libvirt SASL AFAICT16:01
mgoddardI will keep investigating16:01
mnasiadkachoooze: PTG (Project Teams Gathering) is 4-6 April (Kolla-Ansible topics 4-5 April)16:01
yoctozeptothanks16:01
chooozeokaaaay sounds nice16:01
chooozethank you guys!16:02
mnasiadkachoooze: I added an Eventbrite link for the event, make sure you order a virtual ticket ;-)16:03
mnasiadkaok, we're over time.16:03
mnasiadkaThanks for coming!16:03
mnasiadka#endmeeting16:03
opendevmeetMeeting ended Wed Mar 16 16:03:30 2022 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)16:03
opendevmeetMinutes:        https://meetings.opendev.org/meetings/kolla/2022/kolla.2022-03-16-15.00.html16:03
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/kolla/2022/kolla.2022-03-16-15.00.txt16:03
opendevmeetLog:            https://meetings.opendev.org/meetings/kolla/2022/kolla.2022-03-16-15.00.log.html16:03
opendevreviewRadosław Piliszek proposed openstack/ansible-collection-kolla master: baremetal: Add support for git http/https proxy setup  https://review.opendev.org/c/openstack/ansible-collection-kolla/+/83277016:03
yoctozeptothanks mnasiadka for chairing16:04
fricklerI don't understand why people want to give their data to eventbrite, with the virtual ptg I see no reason to do so16:10
frickleralso, if people like the ptg being virtual, you should tell the foundation. they seem to be planning for the AA ptg to be in person again or hybrid16:10
mnasiadkaI don't mind having a physical PTG, but that's rather a collective decision for the project members, not the foundation decision :)16:11
mnasiadkaAnyway, need to run.16:11
hrwmnasiadka: enabling osbpo was voted against. we stay with extrepo.16:12
fricklerwell the foundation sets up the whole event, we as a team could of course decide to do something different, like have sessions outside the allocated times in order to reduce overlap for multi-project people like me16:12
hrwfrickler: Since I joined Kolla (iirc 4y ago) I was on one physical PTG.16:17
hrwnot everyone has company behind paying €€€ for flights and hotel16:18
hrwDublin one was ~1500 EUR. And flights were just inside of EU...16:20
hrw100$ for registration, 200€ for flights, 930€ for conference hotel + other travel/food/etc. costs16:21
fricklerhrw: I'm 100% for doing virtual-only PTGs and summits, I just feel quite alone in voicing that opinion16:24
hrwfrickler: I would like to meet other kollas. Just do not sure is everyone capable of covering the costs.16:25
hrwI had luck of meeting several in Dublin and then mnasiadka and yoctozepto here in Poland at some events.16:26
fricklercost is one thing, CO2 emissions the next, C19 another16:26
fricklerand people may have yet other issues limiting their ability to travel16:27
opendevreviewRadosław Piliszek proposed openstack/kolla-ansible master: [CI] Test Ironic upgrade  https://review.opendev.org/c/openstack/kolla-ansible/+/83400416:29
fricklerI found this bug for trove-dashboard, but not sure if it is the same as ours, as it should affect source builds, too https://bugs.launchpad.net/trove-dashboard/+bug/196502816:29
fricklerhmm, seems we install it only in binary?16:33
yoctozeptofrickler: possibly because of UCA dependency chain16:42
yoctozeptobut we do have horizon-plugin-trove-dashboard in source16:43
yoctozeptopossibly we disable the init properly in source case16:43
yoctozeptoand not binary case16:43
* yoctozepto just throwing random ideas16:43
* yoctozepto off16:46
opendevreviewMark Goddard proposed openstack/kayobe stable/xena: CI: Don't download Cirros or IPA in seed jobs  https://review.opendev.org/c/openstack/kayobe/+/83401817:01
opendevreviewMark Goddard proposed openstack/kayobe stable/wallaby: CI: Don't download Cirros or IPA in seed jobs  https://review.opendev.org/c/openstack/kayobe/+/83401917:01
opendevreviewMark Goddard proposed openstack/kayobe stable/victoria: CI: Don't download Cirros or IPA in seed jobs  https://review.opendev.org/c/openstack/kayobe/+/83402017:01
opendevreviewMark Goddard proposed openstack/kayobe stable/victoria: CI: Don't download Cirros or IPA in seed jobs  https://review.opendev.org/c/openstack/kayobe/+/83402017:02
opendevreviewMark Goddard proposed openstack/kolla master: Add enabled flag for sources  https://review.opendev.org/c/openstack/kolla/+/83364417:07
opendevreviewMerged openstack/kolla-ansible master: Adds etcd endpoints as a Prometheus scrape target  https://review.opendev.org/c/openstack/kolla-ansible/+/83184817:55
opendevreviewWill Szumski proposed openstack/kolla-ansible master: Adds keystone_authtoken.service_type  https://review.opendev.org/c/openstack/kolla-ansible/+/83403518:06
opendevreviewMerged openstack/kayobe master: CI: Enable overcloud TLS job again  https://review.opendev.org/c/openstack/kayobe/+/83397718:46
opendevreviewMerged openstack/kayobe master: Fix link formatting in release note  https://review.opendev.org/c/openstack/kayobe/+/83398518:46
opendevreviewRadosław Piliszek proposed openstack/kolla-ansible master: [CI] Test Ironic upgrade  https://review.opendev.org/c/openstack/kolla-ansible/+/83400420:09
opendevreviewRadosław Piliszek proposed openstack/kolla-ansible master: [CI] Test Ironic upgrade  https://review.opendev.org/c/openstack/kolla-ansible/+/83400420:11
opendevreviewRadosław Piliszek proposed openstack/ansible-collection-kolla master: [CI] pin ansible-lint to <6  https://review.opendev.org/c/openstack/ansible-collection-kolla/+/83406920:16
opendevreviewRadosław Piliszek proposed openstack/ansible-collection-kolla master: baremetal: Add support for git http/https proxy setup  https://review.opendev.org/c/openstack/ansible-collection-kolla/+/83277020:16
opendevreviewPierre Riteau proposed openstack/kayobe stable/victoria: Build CentOS stream images  https://review.opendev.org/c/openstack/kayobe/+/83407822:08
« Tuesday, 2022-03-15 Index Thursday, 2022-03-17 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!