| *** yamamoto has joined #openstack-lbaas | 00:08 | |
| *** celebdor has quit IRC | 00:24 | |
| *** aojea has joined #openstack-lbaas | 00:42 | |
| *** aojea has quit IRC | 00:46 | |
| *** abaindur has quit IRC | 00:55 | |
| *** abaindur has joined #openstack-lbaas | 00:55 | |
| *** ianychoi has quit IRC | 01:17 | |
| *** ianychoi has joined #openstack-lbaas | 01:28 | |
| *** ianychoi has quit IRC | 01:42 | |
| *** colin- has quit IRC | 02:02 | |
| *** ianychoi has joined #openstack-lbaas | 02:19 | |
| *** JudeCross has quit IRC | 02:23 | |
| *** JudeCross has joined #openstack-lbaas | 03:32 | |
| *** JudeCross has quit IRC | 03:36 | |
| *** hongbin has joined #openstack-lbaas | 03:41 | |
| *** hongbin has quit IRC | 03:59 | |
| *** ramishra has joined #openstack-lbaas | 04:33 | |
| *** yboaron has joined #openstack-lbaas | 05:05 | |
| *** sabomia` has quit IRC | 05:15 | |
| *** ccamposr has joined #openstack-lbaas | 05:22 | |
| *** dims has quit IRC | 06:24 | |
| *** dims has joined #openstack-lbaas | 06:26 | |
| *** dims has quit IRC | 06:34 | |
| *** dims has joined #openstack-lbaas | 06:35 | |
| openstackgerrit | Luis Tomas Bolivar proposed openstack/octavia master: Ensure pool object contains the listener_id if passed https://review.openstack.org/604417 | 06:38 |
|---|---|---|
| *** ccamposr__ has joined #openstack-lbaas | 06:41 | |
| *** ccamposr has quit IRC | 06:42 | |
| *** yamamoto has quit IRC | 06:51 | |
| *** yamamoto has joined #openstack-lbaas | 06:51 | |
| *** pcaruana has joined #openstack-lbaas | 06:51 | |
| *** celebdor has joined #openstack-lbaas | 07:06 | |
| *** celebdor has quit IRC | 07:06 | |
| *** celebdor has joined #openstack-lbaas | 07:06 | |
| *** logan- has quit IRC | 07:19 | |
| *** dmellado has quit IRC | 07:19 | |
| *** hvhaugwitz has quit IRC | 07:19 | |
| *** amotoki has quit IRC | 07:23 | |
| *** logan- has joined #openstack-lbaas | 07:32 | |
| *** dmellado has joined #openstack-lbaas | 07:32 | |
| *** hvhaugwitz has joined #openstack-lbaas | 07:32 | |
| *** yboaron has quit IRC | 07:32 | |
| openstackgerrit | sapd proposed openstack/python-octaviaclient master: Support REDIRECT_PREFIX for openstack client https://review.openstack.org/605914 | 07:43 |
| *** velizarx has joined #openstack-lbaas | 07:53 | |
| *** rcernin has quit IRC | 07:55 | |
| *** abaindur has quit IRC | 08:01 | |
| *** velizarx_ has joined #openstack-lbaas | 08:05 | |
| *** velizarx_ has quit IRC | 08:06 | |
| *** velizarx has quit IRC | 08:13 | |
| *** logan- has quit IRC | 08:13 | |
| *** dmellado has quit IRC | 08:13 | |
| *** hvhaugwitz has quit IRC | 08:13 | |
| *** velizarx has joined #openstack-lbaas | 08:23 | |
| *** logan- has joined #openstack-lbaas | 08:27 | |
| *** dmellado has joined #openstack-lbaas | 08:27 | |
| *** hvhaugwitz has joined #openstack-lbaas | 08:27 | |
| *** yboaron has joined #openstack-lbaas | 08:27 | |
| *** amotoki_ has joined #openstack-lbaas | 08:27 | |
| *** JudeCross has joined #openstack-lbaas | 08:33 | |
| *** Emine has joined #openstack-lbaas | 08:41 | |
| *** abaindur has joined #openstack-lbaas | 08:44 | |
| *** crazik has joined #openstack-lbaas | 08:45 | |
| crazik | hello | 08:45 |
| crazik | who uses barbican for TERMINATED_SSL - raise your hands ;) | 08:45 |
| crazik | Is there any way to skip step with giving ACL to octavia user on barbican secret? | 08:46 |
| crazik | I can modify policy, but it would grant a global access | 08:46 |
| crazik | but I can't say users to use magic spell with octavia user ID... | 08:47 |
| *** logan- has quit IRC | 08:51 | |
| *** dmellado has quit IRC | 08:51 | |
| *** hvhaugwitz has quit IRC | 08:51 | |
| *** abaindur has quit IRC | 09:00 | |
| *** ducnc has joined #openstack-lbaas | 09:01 | |
| *** logan- has joined #openstack-lbaas | 09:05 | |
| *** dmellado has joined #openstack-lbaas | 09:05 | |
| *** hvhaugwitz has joined #openstack-lbaas | 09:05 | |
| *** salmankhan has joined #openstack-lbaas | 09:11 | |
| *** Emine has quit IRC | 09:12 | |
| *** Emine has joined #openstack-lbaas | 09:25 | |
| *** JudeCross has quit IRC | 09:42 | |
| *** yamamoto has quit IRC | 10:05 | |
| *** yamamoto has joined #openstack-lbaas | 10:06 | |
| *** Emine has quit IRC | 10:07 | |
| *** yamamoto has quit IRC | 10:10 | |
| *** yamamoto has joined #openstack-lbaas | 10:14 | |
| *** amotoki_ is now known as amotoki | 11:07 | |
| *** sabomia has joined #openstack-lbaas | 11:08 | |
| *** yamamoto has quit IRC | 11:19 | |
| *** yamamoto has joined #openstack-lbaas | 11:24 | |
| *** yamamoto has quit IRC | 11:38 | |
| *** yamamoto has joined #openstack-lbaas | 11:39 | |
| *** yamamoto has quit IRC | 11:44 | |
| *** velizarx has quit IRC | 12:06 | |
| *** velizarx has joined #openstack-lbaas | 12:11 | |
| *** Emine has joined #openstack-lbaas | 12:14 | |
| *** yamamoto has joined #openstack-lbaas | 12:20 | |
| *** yamamoto has quit IRC | 12:22 | |
| *** yamamoto has joined #openstack-lbaas | 12:22 | |
| jlaffaye_ | hello, from puppet module: client_ca (Optional) Path to the client CA certificate. This option is not needed unless you want to separate the ca_certificate/server_ca and the client_ca. | 12:43 |
| jlaffaye_ | isnt it a bad practice to use the same CA ? | 12:44 |
| jlaffaye_ | otherwise a certificate from an amphorae will be trusted by another amphorae, thinking it is the controller/worker | 12:46 |
| *** aojea_ has joined #openstack-lbaas | 13:09 | |
| *** aojea_ has quit IRC | 13:13 | |
| *** aojea_ has joined #openstack-lbaas | 13:15 | |
| *** aojea_ has quit IRC | 13:28 | |
| *** aojea_ has joined #openstack-lbaas | 13:29 | |
| *** ducnc has quit IRC | 13:31 | |
| *** aojea_ has quit IRC | 13:33 | |
| *** yamamoto has quit IRC | 13:45 | |
| *** yamamoto has joined #openstack-lbaas | 13:45 | |
| *** yamamoto has quit IRC | 13:50 | |
| *** maciejjozefczyk has quit IRC | 14:01 | |
| *** rpittau_ has joined #openstack-lbaas | 14:02 | |
| *** rpittau has quit IRC | 14:03 | |
| *** yamamoto has joined #openstack-lbaas | 14:08 | |
| *** ivve has joined #openstack-lbaas | 14:38 | |
| *** yamamoto has quit IRC | 14:40 | |
| *** yamamoto has joined #openstack-lbaas | 14:41 | |
| *** yamamoto has quit IRC | 14:42 | |
| *** yamamoto has joined #openstack-lbaas | 14:43 | |
| *** yamamoto has quit IRC | 14:48 | |
| xgerman_ | crazik: we had some talks with Barbican folks at the PTG in Denver and it seems they are going to simplify that for us… | 14:49 |
| xgerman_ | jlaffaye_: yes, in OpenStack ansible we use different server client ca's | 14:49 |
| xgerman_ | the risk you describe are real - | 14:50 |
| *** KeithMnemonic has quit IRC | 14:51 | |
| johnsom | crazik The Rocky release removes that requirement. | 14:58 |
| *** Emine has quit IRC | 14:58 | |
| *** ArchiFleKs has quit IRC | 15:06 | |
| *** ccamposr__ has quit IRC | 15:08 | |
| *** colin- has joined #openstack-lbaas | 15:28 | |
| *** yamamoto has joined #openstack-lbaas | 15:28 | |
| *** ramishra has quit IRC | 15:30 | |
| *** pcaruana has quit IRC | 15:33 | |
| yboaron | johnsom, ping | 15:39 |
| johnsom | yboaron Hi | 15:39 |
| yboaron | johnsom, Hi, I need to read Octavia api_versions details, to check if Octavia supports UDP LB. | 15:40 |
| yboaron | something similiar to this code: https://github.com/openstack/octavia-tempest-plugin/blob/master/octavia_tempest_plugin/services/load_balancer/v2/base_client.py#L435 | 15:40 |
| yboaron | johnsom, Is it possible to retrieve this information using the Octavia python client? | 15:40 |
| johnsom | yboaron I'm not sure if the openstacksdk has been updated for the UDP capability or if it exposes the API version number. | 15:41 |
| johnsom | I would have to go take a look | 15:41 |
| yboaron | johnsom, thanks, I couldn't find it | 15:42 |
| johnsom | Yeah, I am a bit rusty on openstacksdk, it's been a while since I needed to work on it. | 15:43 |
| johnsom | It looks like the SDK is not tracking our versions. https://github.com/openstack/openstacksdk/blob/master/openstack/load_balancer/version.py#L22 | 15:44 |
| johnsom | Though it appears it should pass through the UDP protocol for listeners, etc. | 15:44 |
| yboaron | johnsom, OK!, I assume that for the beginning I could rely on ERRORS returned from listener create (unsupported protocol) , 10x! | 15:49 |
| johnsom | Right, you will get back a 400 if you attempt UDP on an older cloud for sure. | 15:50 |
| yboaron | johnsom, Yep, 10x | 15:51 |
| *** yboaron has quit IRC | 15:57 | |
| *** aojea has joined #openstack-lbaas | 16:15 | |
| openstackgerrit | Merged openstack/octavia master: HTTPS HMs need the same validation path as HTTP https://review.openstack.org/604924 | 16:17 |
| *** aojea has quit IRC | 16:19 | |
| *** dims has quit IRC | 16:28 | |
| *** evgenyf has joined #openstack-lbaas | 16:34 | |
| *** dims_ has joined #openstack-lbaas | 16:35 | |
| *** velizarx has quit IRC | 17:16 | |
| *** salmankhan has quit IRC | 17:17 | |
| *** evgenyf has quit IRC | 17:26 | |
| *** sabomia has quit IRC | 17:27 | |
| *** JudeCross has joined #openstack-lbaas | 17:34 | |
| *** ivve has quit IRC | 17:51 | |
| openstackgerrit | Merged openstack/neutron-lbaas-dashboard master: fix tox python3 overrides https://review.openstack.org/606679 | 17:57 |
| *** evgenyf has joined #openstack-lbaas | 18:03 | |
| evgenyf | Hi folks, does anyone know why would gate jobs octavia-v2-dsvm-scenario and octavia-v2-dsvm-scenario-centos-7 fail with timeouts? | 18:06 |
| johnsom | evgenyf This patch? | 18:07 |
| johnsom | https://review.openstack.org/#/c/605376/ | 18:07 |
| evgenyf | johnsom: yes | 18:08 |
| johnsom | Hmm, that is super odd. The tests finished, but ansible just sat there for an hour and a half: http://logs.openstack.org/76/605376/3/check/octavia-v2-dsvm-scenario/36e77d7/job-output.txt.gz#_2018-10-03_14_30_56_223580 | 18:09 |
| johnsom | The timeout means the test hit the maximum runtime limit we set so jobs don't run forever. | 18:09 |
| johnsom | But in this case I am at a loss as it's not a bad test or endless loop in the code.... | 18:10 |
| johnsom | evgenyf I would just recheck, I think it was an issue with ansible | 18:13 |
| evgenyf | I rechecked twice, same timeouts | 18:14 |
| johnsom | I see just one timeout. Looking at the centos 7 now, but I think that might be a need for a rebase | 18:15 |
| johnsom | Yeah, ok, the centos thing was a bug I introduced. Let's rebase it | 18:16 |
| openstackgerrit | Michael Johnson proposed openstack/octavia master: Fix for utils LB DM transformation function https://review.openstack.org/605376 | 18:17 |
| evgenyf | I also saw a octavia_tempest_plugin.tests.scenario.v2.test_pool.PoolScenarioTest.test_pool_with_listener_CRUD failure earlier | 18:17 |
| evgenyf | it was failing on timeout too | 18:19 |
| evgenyf | thanks for rebasing | 18:19 |
| *** pcaruana has joined #openstack-lbaas | 18:24 | |
| *** pcaruana has quit IRC | 18:50 | |
| *** abaindur has joined #openstack-lbaas | 19:01 | |
| *** spartakos has joined #openstack-lbaas | 19:25 | |
| johnsom | Well, after building a debug keepalived I found why our keepalived is segfaulting: https://github.com/acassen/keepalived/issues/457 | 19:33 |
| johnsom | The fix is in 1.3+ so... bummer | 19:39 |
| *** evgenyf has quit IRC | 19:45 | |
| *** yboaron has joined #openstack-lbaas | 19:46 | |
| xgerman_ | yep, I was afraid of keepalived versions after the rants of our Ryan O'Hara | 19:59 |
| johnsom | #startmeeting Octavia | 20:00 |
| openstack | Meeting started Wed Oct 3 20:00:02 2018 UTC and is due to finish in 60 minutes. The chair is johnsom. Information about MeetBot at http://wiki.debian.org/MeetBot. | 20:00 |
| openstack | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 20:00 |
| *** openstack changes topic to " (Meeting topic: Octavia)" | 20:00 | |
| openstack | The meeting name has been set to 'octavia' | 20:00 |
| johnsom | Well, we can work around it. It's just annoying. | 20:00 |
| xgerman_ | o/ | 20:00 |
| johnsom | Hi folks | 20:00 |
| xgerman_ | yep | 20:00 |
| cgoncalves | hi | 20:00 |
| johnsom | #topic Announcements | 20:01 |
| *** openstack changes topic to "Announcements (Meeting topic: Octavia)" | 20:01 | |
| johnsom | We have new TC members | 20:01 |
| johnsom | #link https://governance.openstack.org/election/results/stein/tc.html | 20:01 |
| xgerman_ | yep, evrajdip made it ;-) | 20:01 |
| johnsom | These are year terms, so only half of the TC is new. | 20:01 |
| nmagnezi | o/ | 20:01 |
| johnsom | Also in good news: | 20:02 |
| nmagnezi | (Sorry to be late, connection problems) | 20:02 |
| johnsom | Octavia has completed the Python 3 by default community goal! | 20:02 |
| johnsom | #link https://storyboard.openstack.org/#!/board/104 | 20:02 |
| xgerman_ | yeah!! | 20:02 |
| johnsom | We are the first service project to finish. | 20:02 |
| * xgerman_ victory lap | 20:02 | |
| johnsom | Thank you to everyone that reviewed the patches, did py3 work, etc. | 20:03 |
| johnsom | Any other announcements today? | 20:03 |
| xgerman_ | oh, that would be me | 20:04 |
| xgerman_ | I have to focus more on our k8s business and so have to reduce my OpenStack inbolvement | 20:04 |
| * johnsom is sad | 20:04 | |
| nmagnezi | :'( | 20:04 |
| cgoncalves | noooo! | 20:04 |
| xgerman_ | :-( | 20:05 |
| colin- | thanks for all the work recently seen you submitting a lot i feel like | 20:05 |
| xgerman_ | I managed to avoid a hard break but will be here a bit less in the future | 20:05 |
| johnsom | xgerman_ was part of the founding team for the project. | 20:05 |
| xgerman_ | yeah, techncially only johnsom is left 100% on the project | 20:06 |
| johnsom | So I understand you will still be around and may do some reviews every once in a while. | 20:06 |
| johnsom | Well, I think 100% might be a bit generous, but it is a core part of my job. | 20:07 |
| xgerman_ | yeah, I hope to spend a couple of hours a week here | 20:07 |
| cgoncalves | xgerman_, thank YOU! we all hope to see you still around and contribute with your ideas | 20:07 |
| johnsom | Ok, we appreciate it and of course all that you have contributed over the years. | 20:07 |
| xgerman_ | yeah, for sure :-) | 20:07 |
| johnsom | Any other announcements today? | 20:08 |
| johnsom | #topic Brief progress reports / bugs needing review | 20:08 |
| nmagnezi | Please announce only if you have good news.. | 20:08 |
| *** openstack changes topic to "Brief progress reports / bugs needing review (Meeting topic: Octavia)" | 20:08 | |
| johnsom | ^^ yeah, that too | 20:08 |
| johnsom | I have been beating my head against the zuul/ansible/devstack wall with a few gate jobs. Sorry for the noise while I fight with those. | 20:09 |
| johnsom | I have a patch up for diskimage-builder that fixes building ubuntu-minimal images on bionic nodepool instances. | 20:10 |
| johnsom | A change in APT in bionic causes trouble | 20:10 |
| johnsom | Other than that I have been working on the IPv6 VIP issue. I have a solution to the DAD failure, but ran into a keepalived segfault issue, which I just identified today. (nice to run gdb again...) | 20:12 |
| johnsom | So some progress on that front as well. | 20:12 |
| cgoncalves | do you know if the keepalived patch is backportable? | 20:14 |
| * nmagnezi reconnected again O_O | 20:15 | |
| johnsom | That I do not know. I saw that it is only in 1.3.0 and newer, but I don't know why it's not in older versions. | 20:15 |
| johnsom | We would have to convince the distros to backport it. | 20:15 |
| johnsom | I think my workaround can be (needs to be tried) on our side, but it will require a new image be built. | 20:16 |
| cgoncalves | "Don't segfault if unable to load ip_vs module" | 20:16 |
| cgoncalves | this one? | 20:16 |
| johnsom | #link https://github.com/acassen/keepalived/issues/457 | 20:16 |
| johnsom | #link https://github.com/acassen/keepalived/commit/d52fa0068affc3c6176ba5b5256904d6979fd308 | 20:16 |
| johnsom | "Don't segfault if modules ip_tables or ip6_tables not loaded" | 20:17 |
| *** spartakos has quit IRC | 20:17 | |
| xgerman_ | just load the module? | 20:17 |
| johnsom | Oh, I did get the octavia-lib repo created too. Just haven't started preparing it yet. | 20:17 |
| johnsom | Yeah, I think that will be the workaround. I haven't tested that yet though | 20:17 |
| cgoncalves | centos7 has keepalived 1.3.5 which should include that patch | 20:19 |
| johnsom | Moving forward, I plan to finish up the IPv6 fix, finish the HM backport to queens, and start work on the octavia-lib repo | 20:19 |
| cgoncalves | also this one: https://git.centos.org/raw/rpms/keepalived.git/00db1460fb2e62a5a8cda42012ee6f19a36d7947/SOURCES!bz1508435-no-segfault-ip_vs-load.patch | 20:19 |
| johnsom | cgoncalves Ah, nice. Win for centos 7.... | 20:19 |
| xgerman_ | a first… | 20:20 |
| johnsom | Bionic has 1.3.9 and should also be fixed. | 20:21 |
| johnsom | Any other progress reports? | 20:21 |
| xgerman_ | https://review.openstack.org/#/c/604226/ is ready as well | 20:22 |
| johnsom | nmagnezi BTW, I do plan to grab https://review.openstack.org/#/c/589292/ as the base for the IPv6 fix. If that is still ok with you. | 20:22 |
| openstackgerrit | Merged openstack/python-octaviaclient master: Use templates for cover and lower-constraints https://review.openstack.org/604549 | 20:22 |
| nmagnezi | johnsom, yup, np. | 20:23 |
| cgoncalves | the zombie hunter patch is ready and received approval, although it is failing on functional. it passes locally. thoughts? | 20:23 |
| xgerman_ | also I am trying to refactor the AAP driver: https://review.openstack.org/#/c/604479/ — hope to finish/babysit that as well | 20:23 |
| cgoncalves | https://review.openstack.org/#/c/587505/ | 20:23 |
| xgerman_ | yeah, not sure… keep rebasing until it works? | 20:23 |
| johnsom | I also added the API version to the api-ref here: https://review.openstack.org/604911 | 20:23 |
| johnsom | #link https://review.openstack.org/604911 | 20:23 |
| nmagnezi | xgerman_, looks like a related test is failing http://logs.openstack.org/05/587505/22/check/openstack-tox-py27/18ad0e2/testr_results.html.gz | 20:24 |
| xgerman_ | mmh… | 20:24 |
| johnsom | Hmm, yep | 20:24 |
| xgerman_ | yeah, cgoncalves one of us needs to debug then | 20:25 |
| johnsom | heads (doing the coin flip for you) | 20:25 |
| xgerman_ | lol | 20:25 |
| nmagnezi | lol | 20:25 |
| cgoncalves | ok, if no one has ideas I'll keep looking | 20:25 |
| nmagnezi | Or use https://justflipacoin.com/ | 20:26 |
| nmagnezi | :D | 20:26 |
| xgerman_ | k - heads was cgoncalves | 20:26 |
| johnsom | You can't say the PTL is good for nothing.... | 20:26 |
| johnsom | I will take a quick look to. Could be the test is reaching out to the host or being impacted by ordering. | 20:27 |
| johnsom | Any other updates? | 20:28 |
| johnsom | #topic Talk about VIP security groups | 20:28 |
| *** openstack changes topic to "Talk about VIP security groups (Meeting topic: Octavia)" | 20:28 | |
| johnsom | Last week we came down to two options: | 20:28 |
| johnsom | 1. Add ACL to the Octavia API to allow source IP restrictions | 20:28 |
| johnsom | 2. Move the VIP base port security group ownership to the tenant | 20:29 |
| johnsom | Anymore thoughts or comments on this topic? | 20:29 |
| johnsom | One person at a time please..... grin | 20:30 |
| cgoncalves | I'm in favor of option 1, but I understand folks needing option 2 (+ configurable in .conf) | 20:30 |
| colin- | same | 20:30 |
| xgerman_ | we can do both, can’t we? | 20:31 |
| johnsom | Yeah, I lean towards 1 as well giving the pain I have seen from having the VIP even visible in the tenant. | 20:31 |
| cgoncalves | if option 2, I'd argue to have SG owned by Octavia as default and a config opt to allow specific tenants to have SG owned by them | 20:31 |
| johnsom | Or maybe a flavor option.... | 20:31 |
| xgerman_ | well, we could maybe get that with policy | 20:31 |
| colin- | we are integrating tightly with magnum here and the idea of being able to transact with the api for security group needs on VIPs is attractive, fwiw | 20:32 |
| cgoncalves | plus while introduce that config opt, deprecated it at the same time as we don't want to carry it for that long | 20:32 |
| cgoncalves | *deprecate | 20:32 |
| xgerman_ | colin-: magnum is free to run as the same tenant as octavia or have admin rights there | 20:32 |
| xgerman_ | in some of my installs I use the service tenant for ovtavia… | 20:33 |
| johnsom | Ok, so what I am hearing is the following: | 20:34 |
| johnsom | We would like to implement option 1. | 20:34 |
| cgoncalves | ltomasbo, this discussion could be of interest to your team... | 20:35 |
| johnsom | We would like to make available, via config and/or flavor that the VIP base port (vrrp port) be owned by the tenant. | 20:35 |
| johnsom | Is that correct? | 20:35 |
| johnsom | If so I will update the story | 20:35 |
| cgoncalves | config so that it could be potentially backportable (reason: security hardening) | 20:36 |
| *** aojea has joined #openstack-lbaas | 20:36 | |
| cgoncalves | #link https://review.openstack.org/#/c/602564/ | 20:37 |
| johnsom | Yeah, I am fine with a config up front, then moving it to a flavor later. | 20:37 |
| johnsom | #link https://storyboard.openstack.org/#!/story/2003686 | 20:37 |
| cgoncalves | I think ltomasbo would be able to continue ^ and add the config opt | 20:38 |
| *** aojea has quit IRC | 20:38 | |
| cgoncalves | johnsom, why flavor? why not add ACL (option 1)? | 20:38 |
| xgerman_ | we can do both | 20:38 |
| *** aojea has joined #openstack-lbaas | 20:38 | |
| cgoncalves | ok | 20:39 |
| johnsom | Right, I was expecting both. flavor gives the operator more flexibility over an all-or-none config setting | 20:39 |
| johnsom | Ok, I will write it up on the story. | 20:40 |
| johnsom | #topic Open Discussion | 20:41 |
| *** openstack changes topic to "Open Discussion (Meeting topic: Octavia)" | 20:41 | |
| johnsom | Any other topics for today? | 20:41 |
| cgoncalves | do you think it could make to be backported to stable releases? | 20:41 |
| cgoncalves | *made | 20:42 |
| johnsom | Not likely given it would be a new config setting or API change | 20:42 |
| xgerman_ | +1 | 20:42 |
| xgerman_ | we can’t just play fast and loose with API/Config changes | 20:42 |
| cgoncalves | I was asking specifically of option 2 with new config. potential reason for backport would be security hardening. we've recently backported a patch to stable releases that added a new config with a good default | 20:43 |
| * johnsom thinks the stable maintenance role is going to cgoncalves head... backport it all! grin | 20:44 | |
| cgoncalves | I understand if it cannot. I just wanted to clarify so that everyone is aware and understands | 20:44 |
| johnsom | Yeah, and they kind of didn't like it | 20:44 |
| cgoncalves | I remember that ;-) | 20:44 |
| johnsom | I think if someone can make a strong case for it being needed for security reasons, we could try it. But I would want that really called out in the story as the driver for the change. | 20:45 |
| johnsom | Any other topics today? | 20:47 |
| xgerman_ | where is rm_Work? | 20:47 |
| rm_work | somewhere | 20:48 |
| xgerman_ | lol | 20:48 |
| colin- | awesome job on the python3 stuff | 20:48 |
| johnsom | Yeah, happy to have that done and that we are on top of being able to run on python3 | 20:49 |
| johnsom | Ok, well, if there aren't other topics today, have a great week folks! I'm back to playing with keepalived | 20:50 |
| johnsom | #endmeeting | 20:50 |
| *** openstack changes topic to "OpenStack PTG etherpad: https://etherpad.openstack.org/p/octavia-stein-ptg" | 20:50 | |
| openstack | Meeting ended Wed Oct 3 20:50:12 2018 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 20:50 |
| openstack | Minutes: http://eavesdrop.openstack.org/meetings/octavia/2018/octavia.2018-10-03-20.00.html | 20:50 |
| openstack | Minutes (text): http://eavesdrop.openstack.org/meetings/octavia/2018/octavia.2018-10-03-20.00.txt | 20:50 |
| openstack | Log: http://eavesdrop.openstack.org/meetings/octavia/2018/octavia.2018-10-03-20.00.log.html | 20:50 |
| *** spartakos has joined #openstack-lbaas | 20:55 | |
| *** spartakos has quit IRC | 21:08 | |
| *** JudeCross has quit IRC | 21:18 | |
| *** yboaron has quit IRC | 21:25 | |
| *** spartakos has joined #openstack-lbaas | 21:26 | |
| *** bcafarel has quit IRC | 22:08 | |
| *** bcafarel has joined #openstack-lbaas | 22:08 | |
| *** JudeCross has joined #openstack-lbaas | 22:11 | |
| *** spartakos has quit IRC | 22:17 | |
| *** rcernin has joined #openstack-lbaas | 22:25 | |
| *** aojea has quit IRC | 22:43 | |
| *** spartakos has joined #openstack-lbaas | 23:02 | |
| *** JudeCross has quit IRC | 23:07 | |
| *** JudeCross has joined #openstack-lbaas | 23:08 | |
| rm_work | what is still broken with ipv6 BTW? | 23:27 |
| rm_work | I thought we merged some stuff semi-recently for that, is there more work to be done? | 23:27 |
| *** abaindur has quit IRC | 23:38 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!