| opendevreview | Piotr Parczewski proposed openstack/kayobe master: Fix CentOS / Rocky route options https://review.opendev.org/c/openstack/kayobe/+/889680 | 08:30 |
|---|---|---|
| opendevreview | Michal Arbet proposed openstack/kolla-ansible master: [CI] Add skyline scenario https://review.opendev.org/c/openstack/kolla-ansible/+/861687 | 08:36 |
| opendevreview | Merged openstack/kolla master: Fix dockerhub secret name https://review.opendev.org/c/openstack/kolla/+/889482 | 08:40 |
| basileus | @guesswhat Hi, I come back, after figuring out some issues, it seemed like my iptables rules were wrong, ended up doing some postrouting on the neutron interface for the external network, now I can ping my VMs, however they can't seem to access internet, is there additional routing commands that should be done? | 12:13 |
| basileus | Figured it out, ended doing the routing rules on the wrong itnerface, everything seems to work now ! | 12:18 |
| opendevreview | Verification of a change to openstack/kolla-ansible master failed: Set HAProxy server timeout for openstack exporter https://review.opendev.org/c/openstack/kolla-ansible/+/872718 | 12:19 |
| mnasiadka | frickler: I don't think a lot of people are using dockerhub, we changed the defaults long time ago - didn't we? | 12:23 |
| frickler | mnasiadka: I'm fine with dropping the jobs instead and removing old images, but running failing jobs every week seems wrong | 12:39 |
| mnasiadka | frickler: let's discuss that on the meeting today | 12:39 |
| mnasiadka | mgoddard mnasiadka hrw bbezak frickler kevko SvenKieske mmalchuk gkoper - meeting in 9 | 12:51 |
| mnasiadka | #startmeeting kolla | 13:00 |
| opendevmeet | Meeting started Wed Jul 26 13:00:01 2023 UTC and is due to finish in 60 minutes. The chair is mnasiadka. Information about MeetBot at http://wiki.debian.org/MeetBot. | 13:00 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 13:00 |
| opendevmeet | The meeting name has been set to 'kolla' | 13:00 |
| mnasiadka | #topic rollcall | 13:00 |
| mnasiadka | o/ | 13:00 |
| kevko | \o/ | 13:00 |
| mmalchuk | \o | 13:00 |
| mgoddard | \o | 13:00 |
| bbezak | o/ | 13:00 |
| mhiner | o/ | 13:00 |
| ihalomi | \o | 13:01 |
| mattcrees | o/ | 13:01 |
| frickler | \o/ | 13:01 |
| mnasiadka | #topic agenda | 13:02 |
| mnasiadka | * Review action items from the last meeting | 13:02 |
| mnasiadka | * CI status | 13:02 |
| mnasiadka | * Release tasks | 13:02 |
| mnasiadka | * Regular stable releases (first meeting in a month) | 13:02 |
| mnasiadka | * Current cycle planning | 13:02 |
| mnasiadka | * Additional agenda (from whiteboard) | 13:02 |
| mnasiadka | * Open discussion | 13:02 |
| mnasiadka | well, not action items from last meeting | 13:03 |
| mnasiadka | #topic CI status | 13:03 |
| mnasiadka | I've been off for the last three weeks - whiteboard says Kolla xena/wallaby is RED | 13:03 |
| mnasiadka | wallaby is heading for EOL so probably not an issue | 13:04 |
| bbezak | wallaby EOL | 13:04 |
| bbezak | yeap | 13:04 |
| mnasiadka | we also agreed for xena to be EOL, but maybe let's first wait for wallaby to be marked EOL | 13:04 |
| mmalchuk | outdated info for xena? needs check | 13:04 |
| mnasiadka | all the rest of the whiteboard says CI is green otherwise | 13:04 |
| mnasiadka | would be nice if the person marking something as RED would write why ;-) | 13:04 |
| mnasiadka | #topic Release tasks | 13:05 |
| mnasiadka | it's R-10 | 13:05 |
| mnasiadka | nothing to do | 13:06 |
| mnasiadka | #topic Current cycle planning | 13:06 |
| mnasiadka | let's check status of some features | 13:06 |
| mnasiadka | ihalomi: Podman? | 13:06 |
| kevko | i've approved https://review.opendev.org/c/openstack/kolla/+/888335 without second +2 because of gate blocker ... | 13:06 |
| kevko | so maybe xena red to xena green ? | 13:07 |
| ihalomi | mnasiadka: working only one test failing for unknown reasons | 13:07 |
| mnasiadka | I assume the rocky9 one | 13:07 |
| kevko | ihalomi link ? | 13:07 |
| mnasiadka | https://storage.bhs.cloud.ovh.net/v1/AUTH_dcaab5e32b234d56b626f72581e3644c/zuul_opendev_logs_bfc/799229/77/check/kolla-ansible-rocky9-podman/bfc1625/primary/logs/ansible/deploy-prechecks | 13:07 |
| ihalomi | i think the problem is in image since it was working and started failing without change | 13:07 |
| ihalomi | https://zuul.opendev.org/t/openstack/build/bfc1625b4e0f4788be21f3bf5454ba4d | 13:07 |
| mnasiadka | well, maybe it's some newer podman version | 13:08 |
| mnasiadka | do we need to pin to older or something similar? | 13:08 |
| ihalomi | idk i couldnt build that image on my own so i dont know the reason of failure but podman-py should be frozen not sure about podman | 13:10 |
| mnasiadka | bbezak: probably we should spawn some test environment to help ihalomi | 13:10 |
| mnasiadka | ok, I'll have a look into that next week | 13:11 |
| bbezak | makes sense mnasiadka | 13:11 |
| mnasiadka | ok then | 13:13 |
| mnasiadka | kevko: you did have a look in Let's Encrypt patches, right? | 13:13 |
| mnasiadka | mattcrees: how is the "changing default to RMQ HA mode" going? | 13:14 |
| kevko | mnasiadka: yep, rewritten a lot ...but for now it is HA and working like a charm ... | 13:15 |
| mnasiadka | kevko: nice, then now we need some reviewers | 13:15 |
| kevko | i can review it :D | 13:15 |
| mnasiadka | anyone signing up for reviewing Let's Encrypt patch? | 13:15 |
| mattcrees | RMQ patch still needs more work to automate out the manual steps. I'm working on it, but slowly as other things have taken priority | 13:15 |
| mnasiadka | kevko: if you rewrote a lot - then probably add yourself as a co-author :) | 13:16 |
| opendevreview | Michal Nasiadka proposed openstack/kayobe master: Fix firewalld configuration for monitoring hosts https://review.opendev.org/c/openstack/kayobe/+/883263 | 13:17 |
| mnasiadka | ok then, no reviewers, will try to chase some people :) | 13:17 |
| mmalchuk | I'm back from vacation and ready to review) | 13:18 |
| mnasiadka | ok, let's move on | 13:19 |
| mnasiadka | #topic Additional agenda (from whiteboard) | 13:19 |
| mnasiadka | failing podman test - this has been raised in previous topic | 13:19 |
| mnasiadka | frickler - octavia jobboard | 13:19 |
| mnasiadka | #link https://review.opendev.org/c/openstack/kolla/+/888587 | 13:19 |
| mnasiadka | #link https://review.opendev.org/c/openstack/kolla-ansible/+/888588 | 13:19 |
| mnasiadka | frickler: I asked a question in the first patch, although it's merged ;-) | 13:20 |
| frickler | kevko already reviewed, need to update the second one | 13:20 |
| frickler | mnasiadka: this is not a new feature, but not sure whether we'd want to backport, either | 13:21 |
| mnasiadka | ok, so let's not backport for now, unless somebody really needs that | 13:22 |
| mnasiadka | reviewed the k-a one | 13:23 |
| mnasiadka | ok then | 13:25 |
| frickler | thx, will check those things with christian | 13:25 |
| mnasiadka | #topic Open discussion | 13:25 |
| mnasiadka | Anybody? | 13:25 |
| frickler | what I missed to add to the agenda is bookworm | 13:25 |
| mnasiadka | I think hrw is not here, and probably he knows latest status | 13:27 |
| frickler | #link https://review.opendev.org/c/openstack/kolla/+/886088 | 13:27 |
| opendevreview | Michal Nasiadka proposed openstack/kolla master: rabbitmq: bump version to 3.12 https://review.opendev.org/c/openstack/kolla/+/887225 | 13:27 |
| frickler | I added some fixes in k-a and now it seems to work in CI at least | 13:27 |
| mnasiadka | nice | 13:27 |
| mnasiadka | should we bump rmq now? | 13:27 |
| frickler | what version of 3.12.x is this now? | 13:28 |
| kevko | why in bookworm erlang is installed from debian and not from ppa ? | 13:29 |
| kevko | doesn't exist for bookworm ? | 13:29 |
| frickler | it didn't exist when the patch was created at least | 13:29 |
| frickler | also the version in debian looked recent enough | 13:29 |
| mnasiadka | frickler: 3.12.2 | 13:29 |
| frickler | 3.12.2 sounds ok-ish | 13:30 |
| mnasiadka | there are still some months before the release | 13:32 |
| mnasiadka | Upgrading to Erlang 26 and RabbitMQ 3.12 at the Same Time | 13:32 |
| mnasiadka | When upgrading from 3.11.x on Erlang 25 to 3.12.x on Erlang 26, | 13:32 |
| mnasiadka | the cluster must be on at least version 3.11.17 for a safe upgrade of quorum queues. | 13:32 |
| mnasiadka | in theory we don't do quorum queues yet, but there might be users with such | 13:33 |
| mnasiadka | should we put in a precheck? | 13:33 |
| frickler | yes | 13:33 |
| mattcrees | A precheck for tht sounds good, yes | 13:33 |
| mnasiadka | Ok, I'll work on it (and updating the feature flags) | 13:34 |
| mnasiadka | And need to have a look in Ansible bump (so we don't start running and screaming just before the release because something stops working) | 13:35 |
| mnasiadka | Unless anyone has anything else - I'll end the meeting for today | 13:35 |
| kevko | i would like to just again ask anyone to review letsencrypt as for now i have a time to rework | 13:36 |
| mnasiadka | I'll try to find somebody from SHPC, we need that feature as well. | 13:37 |
| kevko | thanks | 13:37 |
| mmalchuk | kevko please repeat links | 13:37 |
| kevko | and i have one question regarding CADF | 13:37 |
| mnasiadka | (and will have a look in the code, but we also need some testing on a real env) | 13:37 |
| kevko | i have master deployed with lets encrypt if anyone wants to connect i can put ssh key there | 13:38 |
| mnasiadka | I'll remember that ;-) | 13:38 |
| mnasiadka | kevko: what about CADF? Keystone CADF? | 13:39 |
| mmalchuk | kevko I can help next week if it is not too late | 13:39 |
| kevko | we are using this in our downstream repositories | 13:39 |
| kevko | https://docs.openstack.org/keystonemiddleware/pike/audit.html | 13:39 |
| kevko | what is needed is add https://github.com/sapcc/openstack-audit-middleware to openstack images | 13:40 |
| kevko | and amend kolla-ansible to support custom api-paste files | 13:40 |
| frickler | we use that middleware, too, so +1 to adding it | 13:41 |
| mnasiadka | sure, makes sense to make lifes easier | 13:42 |
| mnasiadka | (we don't use that, but who knows what future brings) ;) | 13:42 |
| kevko | so i will prepare patches and i will ask you for review then ... | 13:42 |
| kevko | well, we are not using it for all customers ...but for some yes ... | 13:42 |
| mnasiadka | great, nice addition | 13:46 |
| mnasiadka | ok, I guess it's enough for today | 13:46 |
| mnasiadka | thanks for coming! | 13:47 |
| mnasiadka | #endmeeting | 13:47 |
| opendevmeet | Meeting ended Wed Jul 26 13:47:02 2023 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 13:47 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/kolla/2023/kolla.2023-07-26-13.00.html | 13:47 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/kolla/2023/kolla.2023-07-26-13.00.txt | 13:47 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/kolla/2023/kolla.2023-07-26-13.00.log.html | 13:47 |
| mmalchuk | thanks mnasiadka | 13:47 |
| kevko | mmalchuk: https://review.opendev.org/c/openstack/kolla-ansible/+/741340 | 13:47 |
| mmalchuk | oh thanks | 13:48 |
| mmalchuk | merge conflict | 13:48 |
| kevko | yeah, see | 13:48 |
| mmalchuk | fix and I'll look it later | 13:48 |
| mmalchuk | I'm in reviewers | 13:49 |
| kevko | let me rebase | 13:49 |
| opendevreview | Michal Arbet proposed openstack/kolla-ansible master: Add support for LetsEncrypt-managed certs https://review.opendev.org/c/openstack/kolla-ansible/+/741340 | 14:00 |
| frickler | kevko: fwiw see https://review.opendev.org/c/openstack/kolla/+/349006 and https://review.opendev.org/c/openstack/kolla-ansible/+/711086 regarding cadf. seems that it didn't get much traction earlier | 14:09 |
| kevko | frickler: well, we can propose universal patches ... 1. kolla - include sappc openstack audit middleware into openstack-base image , 2 . Allow override of api-paste files | 14:13 |
| kevko | other stuff can be still done via config overries | 14:13 |
| mnasiadka | would be nice to include some minimal docs | 14:49 |
| hrw | mnasiadka: I sent patches for bookworm and did nothing with them since then | 14:49 |
| hrw | mnasiadka: so check how CI goes and decide | 14:50 |
| mnasiadka | hrw: if it's moving forward that's good | 14:52 |
| opendevreview | Michal Nasiadka proposed openstack/kolla master: mariadb: Add log for mariadb-upgrade https://review.opendev.org/c/openstack/kolla/+/889725 | 15:20 |
| -opendevstatus- NOTICE: The Gerrit service on review.opendev.org will be offline briefly for a minor upgrade at 21:00 utc, approximately an hour from now | 20:03 | |
| opendevreview | Michal Arbet proposed openstack/kolla-ansible master: Add support for LetsEncrypt-managed certs https://review.opendev.org/c/openstack/kolla-ansible/+/741340 | 20:37 |
| -opendevstatus- NOTICE: The Gerrit service on review.opendev.org will be offline briefly for a minor upgrade, but should return shortly | 21:01 | |
| opendevreview | German Espinoza Tuesta proposed openstack/kolla-ansible master: Horizon: restrict access to Apache's server-status endpoint. https://review.opendev.org/c/openstack/kolla-ansible/+/889784 | 23:53 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!