Wednesday, 2023-01-25

« Tuesday, 2023-01-24 Index Thursday, 2023-01-26 »
opendevreviewGregory Thiemonge proposed openstack/octavia stable/yoga: Fix PING health-monitor with recent haproxy releases  https://review.opendev.org/c/openstack/octavia/+/87168207:50
opendevreviewGregory Thiemonge proposed openstack/octavia stable/xena: Fix PING health-monitor with recent haproxy releases  https://review.opendev.org/c/openstack/octavia/+/87168308:06
opendevreviewGregory Thiemonge proposed openstack/octavia stable/wallaby: Fix PING health-monitor with recent haproxy releases  https://review.opendev.org/c/openstack/octavia/+/87168408:07
opendevreviewGregory Thiemonge proposed openstack/octavia stable/zed: Fix PING health-monitor with recent Centos releases  https://review.opendev.org/c/openstack/octavia/+/87168508:09
opendevreviewGregory Thiemonge proposed openstack/octavia stable/yoga: Fix PING health-monitor with recent Centos releases  https://review.opendev.org/c/openstack/octavia/+/87168608:10
opendevreviewGregory Thiemonge proposed openstack/octavia stable/xena: Fix PING health-monitor with recent Centos releases  https://review.opendev.org/c/openstack/octavia/+/87168708:11
opendevreviewGregory Thiemonge proposed openstack/octavia stable/wallaby: Fix PING health-monitor with recent Centos releases  https://review.opendev.org/c/openstack/octavia/+/87168808:11
opendevreviewGregory Thiemonge proposed openstack/octavia stable/zed: Filter ComputeWaitTimeoutException when jobboard is disabled  https://review.opendev.org/c/openstack/octavia/+/87156208:21
opendevreviewGregory Thiemonge proposed openstack/octavia stable/xena: Add a newline when writing the server state file  https://review.opendev.org/c/openstack/octavia/+/87168908:36
opendevreviewGregory Thiemonge proposed openstack/octavia stable/wallaby: Add a newline when writing the server state file  https://review.opendev.org/c/openstack/octavia/+/87169008:36
opendevreviewGregory Thiemonge proposed openstack/octavia stable/zed: Filter out details from taskflow logs with v2+jobboard  https://review.opendev.org/c/openstack/octavia/+/87169108:38
opendevreviewGregory Thiemonge proposed openstack/octavia stable/yoga: Filter out details from taskflow logs with v2+jobboard  https://review.opendev.org/c/openstack/octavia/+/87169208:40
opendevreviewGregory Thiemonge proposed openstack/octavia stable/xena: Filter out details from taskflow logs with v2+jobboard  https://review.opendev.org/c/openstack/octavia/+/87169309:04
opendevreviewGregory Thiemonge proposed openstack/octavia stable/wallaby: Filter out details from taskflow logs with v2+jobboard  https://review.opendev.org/c/openstack/octavia/+/87169409:05
opendevreviewGregory Thiemonge proposed openstack/octavia stable/victoria: Filter out details from taskflow logs with v2+jobboard  https://review.opendev.org/c/openstack/octavia/+/87169509:05
opendevreviewGregory Thiemonge proposed openstack/octavia stable/ussuri: Filter out details from taskflow logs with v2+jobboard  https://review.opendev.org/c/openstack/octavia/+/87169609:05
opendevreviewMerged openstack/octavia stable/yoga: Add a newline when writing the server state file  https://review.opendev.org/c/openstack/octavia/+/86715113:10
opendevreviewGregory Thiemonge proposed openstack/octavia stable/wallaby: DNM/WIP Testing octavia-v2-dsvm-tls-barbican-amphora-v2  https://review.opendev.org/c/openstack/octavia/+/87173314:20
gthiemonge#startmeeting Octavia16:00
opendevmeetMeeting started Wed Jan 25 16:00:21 2023 UTC and is due to finish in 60 minutes.  The chair is gthiemonge. Information about MeetBot at http://wiki.debian.org/MeetBot.16:00
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.16:00
opendevmeetThe meeting name has been set to 'octavia'16:00
johnsomo/16:00
gthiemongeHi everyone16:00
oschwarto/16:00
tweining[m]Hey16:01
yebinamaHello16:02
gthiemonge#topic Announcements16:03
gthiemonge* Antelope Release schedule16:03
gthiemongejust a reminder16:03
gthiemongewe are 2 weeks from the final release for non-client librairies16:03
gthiemongeAFAIK we have no open patch for octavia-lib16:03
johnsomYep, nothing there that is ready to go16:04
gthiemongeand FYI we registered Octavia for the virtual PTG in March16:04
gthiemongeany other announcements that I missed?16:05
johnsomIndividual registration is open for the March PTG as well, so sign up!16:05
johnsomIt is virtual and free16:05
gthiemonge+116:06
gthiemonge#topic Amphorav2+Jobboard security issue16:08
gthiemongewe had a new story last week about a security issue when using amphorav2+jobboard with taskflow logs set to >=INFO16:08
gthiemongewhen creating a TLS listener, the certificates and private_keys are written to the octavia worker logs16:08
gthiemonge#link https://storyboard.openstack.org/#!/story/201052316:08
gthiemongeplease note these important things:16:09
gthiemonge- jobboard is not enabled by default in Octavia16:09
gthiemonge- taskflow logger is only >=WARNING by default, INFO messages are not enabled16:09
gthiemonge- the data is only visible by the admins of the cloud16:09
gthiemongethe fix is already on master, patches have been proposed on stable branches16:10
gthiemonge#link https://review.opendev.org/q/I2df8a49851feb1445b5128ce99b880ddb77782ad16:10
gthiemonge(I had a merge conflict, so please review carefully)16:10
gthiemongethen we will cut new releases when the patches are merged16:11
gthiemongeany questions/comments?16:12
matfechnero/16:13
johnsomThanks for working on this. I think the patch looks good.16:15
gthiemongethanks for the reviews ;-)16:16
gthiemongeBTW I will open a bug against taskflow, the INFO-level messages are maybe printing too many details16:17
gthiemonge#topic CI Status16:18
johnsomYep, let me know when that is ready for review16:18
gthiemongeack16:18
gthiemongefor the CI: we had a new issue with grenade last week, because nova has enabled the sRBAC by default on master16:19
gthiemongejohnsom fixed it by adding new roles for the users in octavia-tempest-plugin16:19
gthiemongejohnsom: thanks!16:19
johnsomNP16:19
gthiemongeand for this week, nothing new to report16:19
johnsomYeah, I guess every cloud will need to make changes to every account on upgrade to Antelope due to the "secure-RBAC" goal.16:20
johnsomThis surprised me16:21
gthiemongeyeah16:22
gthiemonge#topic Brief progress reports / bugs needing review16:24
gthiemongeso this week, I had to work on this security issue16:25
gthiemongeand with tweining[m], we have worked on migration to openstacksdk in the neutron driver16:26
gthiemongeI think it is ready for reviews now:16:26
gthiemonge#link https://review.opendev.org/c/openstack/octavia/+/86632716:26
gthiemongeand if you want to test it and you also have the ovn-octavia-provider in your env, you need to update it too (with https://review.opendev.org/c/openstack/ovn-octavia-provider/+/870514)16:27
gthiemongeI think that for the rest of the week I will review the barbican secrets consumers patch16:28
gthiemonge#topic Open Discussion16:30
oschwartgthiemonge: ack16:30
yebinamaI have a question regarding pool lb_algorithm.16:31
gthiemongeyebinama: hi16:31
yebinamahello :)16:32
yebinamaI'm currently developing a provider driver for my company internal loadbalancing solution (that may become opensource in the future). We use 'MAGLEV' as the loadbalancing algorithm.16:32
yebinamaWhen creating a pool, the Octavia API checks the payload sent by the user and only allow to specify one of ROUND_ROBIN, LEAST_CONNECTIONS, SOURCE_IP or SOURCE_IP_PORT as lb_algorithm so I can't send "MAGLEV". Before doing a merge request, I wanted to know what would be the preferred way: either add 'MAGLEV' to Octavia library or maybe just remove the check from the Octavia API as each driver does its own check to 16:32
yebinamavalidate user payload and may support other algorithms than those 4.16:32
yebinamaBTW creating a driver is very easy and well documented16:33
johnsomyebinama Thank you for the kind words.16:34
johnsomSo, Maglev is a load balancer offering, but I don't think it is a proprietary load balancing algorithm.16:34
yebinamaIt' an algorithm from Google16:34
yebinamaYou can use it in IPVS for example16:35
johnsomIt uses ECMP, which most default implementation use round robin16:35
johnsomSome will use source tuples with consistent hashing16:36
yebinamaECMP is used to reach the servers that are acting as lb, to contact the members it is indeed done wit some kind of hashing 16:37
gthiemon1e(sorry, I was dropped)16:37
johnsomSo, instead of "maglev" it might be best to use some kind of generic (i.e. used by other LB implementations) term for the algorithm.16:37
yebinamaSure, something like "hashing" will be fine16:39
johnsomI haven't read up on Maglev in a while, but I think it has an option (beyond round-robin) for a consistent hash based on protocol, source IP, source port, destination address, destination port.16:39
yebinamaYep that is how we used it16:39
yebinamaTo reach the same member, whatever the lb you hit16:40
johnsomSo, yeah, maybe "5-tuple" or something similar that we can explain in the docs somewhere.16:40
*** gthiemon1e is now known as gthiemonge16:40
johnsomThat way other provider drivers can also use that algorithm if they support it and not be labeled "maglev".16:40
yebinamaYes, it's a good solution16:41
johnsomYeah, so first step on that is to propose a patch to octavia-lib, adding the new algorithm.16:42
johnsomAlso, be careful to understand the different between the load balancing algorithm and session persistence. They are two different things.16:42
johnsomLB algorithm is about how the first member server is selected, session persistence is about how subsequent packets for the client are handled.16:43
yebinamaYes I'm talking about the lb algorithm16:43
yebinamaI may need to also update the python-octaviaclient as it doesn't use the octavia lib to check on user input16:44
johnsomYeah, if I remember, maglev does not support session persistence concepts, but generally behaves that way.16:44
johnsomCorrect, after it is added to octavia-lib, the main octavia, client, and dashboard will need to be updated to support this new algorithm.16:45
johnsomIt's really pretty easy to add these.16:45
yebinamaSure I'll update these also16:46
johnsomOh, and probably the OpenStack SDK16:46
yebinamaI'll take a look on it to be sure16:47
johnsomYeah, so welcome. If you have questions this is a good place to ask them or the discuss mailing list.16:47
johnsomWe are happy to help you16:47
yebinamaSo to open the request I go with "5-tuple"?16:47
yebinamaThanks :)16:47
johnsomYeah, that is my personal thought on the algorithm name. Maybe others here or reviewers will have other ideas.16:48
johnsomPropose it, can't hurt16:48
gthiemongeit's ok for me16:48
johnsomEasy to change if you get better feedback16:48
yebinamaFine then. Thank you, I'll try to open it next week.16:49
gthiemongegreat!16:50
gthiemongeanything else folks?16:51
oschwartNothing from me, welcome yebinama16:52
yebinamathanks oschwart16:53
tweining[m]No16:53
gthiemongeok, thank you guys!16:53
gthiemonge#endmeeting16:53
opendevmeetMeeting ended Wed Jan 25 16:53:53 2023 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)16:53
opendevmeetMinutes:        https://meetings.opendev.org/meetings/octavia/2023/octavia.2023-01-25-16.00.html16:53
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/octavia/2023/octavia.2023-01-25-16.00.txt16:53
opendevmeetLog:            https://meetings.opendev.org/meetings/octavia/2023/octavia.2023-01-25-16.00.log.html16:53
skraynevHi guys. 17:37
skraynevI need help with understanding error in yoga release:17:38
skraynevoslo_messaging.rpc.server taskflow.exceptions.MissingDependencies: 'linear_flow.Flow: octavia-create-loadbalancer-flow(len=21)' requires ['amphorae_network_config'] but no other entity produces said requirements17:38
skraynevoslo_messaging.rpc.server   MissingDependencies: 'execute' method on 'octavia.controller.worker.v1.tasks.amphora_driver_tasks.AmphoraePostNetworkPlug==1.0' requires ['amphorae_network_config'] but no other entity produces said requirements17:38
skraynevit looks like backport https://review.opendev.org/c/openstack/octavia/+/856992 broke something with amphora v1.17:39
skraynevI could see extra argument for AmphoraePostNetworkPlug, but I could not find where this value was added to taskflow store. 17:39
johnsomskraynev I think this has been reported: https://storyboard.openstack.org/#!/story/201048817:41
johnsomskraynev This may be the fix you need: https://review.opendev.org/c/openstack/octavia/+/86990217:41
skraynevyeah! it's indeed what I am looking for. 17:42
skraynevjohnsom: huge thank you for the help !! 17:42
johnsomNP, sorry for the trouble in the first place. I think there is some work going on to improve the single-call-create test coverage to help stop this in the future.17:43
skraynevjohnsom: yeah. it will be really awesome when this part of logic will take more unittests. I hope, that it will be added soon :)17:49
gthiemongesorry about that :/ there's an open octavia-tempest-plgin that covers it17:55
skraynevgthiemonge: Hm... I used it, but it did not catch this particular case. Maybe it should be specifically configured or some new tests are available in master version of this tempest plugin?18:15
*** dkehn__ is now known as dkehn22:10
« Tuesday, 2023-01-24 Index Thursday, 2023-01-26 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!