Wednesday, 2021-03-03

*** whoami-rajat has quit IRC		00:15
*** johanssone has quit IRC		00:16
*** tosky has quit IRC		00:17
*** johanssone has joined #openstack-nova		00:19
*** macz_ has quit IRC		00:49
*** martinkennelly has quit IRC		00:50
*** spatel has joined #openstack-nova		00:52
openstackgerrit	sean mooney proposed openstack/nova master: add hw:mlock extra spec https://review.opendev.org/c/openstack/nova/+/778347	00:54
*** spatel has quit IRC		00:57
*** songwenping_ has joined #openstack-nova		01:01
*** mlavalle has quit IRC		01:02
*** spatel has joined #openstack-nova		01:07
*** Underknowledge has quit IRC		01:08
*** Underknowledge has joined #openstack-nova		01:08
*** gyee has quit IRC		01:17
*** songwenping__ has joined #openstack-nova		01:47
*** songwenping_ has quit IRC		01:51
*** Underknowledge2 has joined #openstack-nova		01:51
*** Underknowledge has quit IRC		01:54
*** Underknowledge2 is now known as Underknowledge		01:54
*** rcernin has quit IRC		02:00
*** mkrai has joined #openstack-nova		02:14
openstackgerrit	sean mooney proposed openstack/nova master: add vdpa vnic to pci request mapping and filtering. https://review.opendev.org/c/openstack/nova/+/778350	02:24
*** hamalq has quit IRC		02:25
*** dtantsur has quit IRC		02:25
*** dtantsur has joined #openstack-nova		02:29
*** rcernin has joined #openstack-nova		02:29
*** rcernin has quit IRC		02:29
*** rcernin has joined #openstack-nova		02:30
*** Underknowledge has quit IRC		02:38
*** rcernin has quit IRC		02:44
*** macz_ has joined #openstack-nova		02:46
*** hemanth_n has joined #openstack-nova		02:49
*** macz_ has quit IRC		02:50
*** jamesdenton has quit IRC		02:58
*** jamesdenton has joined #openstack-nova		02:58
*** dtantsur has quit IRC		03:14
*** dtantsur has joined #openstack-nova		03:15
*** rcernin has joined #openstack-nova		03:16
*** LinPeiWen has quit IRC		03:21
*** dasp has quit IRC		03:34
*** dasp has joined #openstack-nova		03:45
*** psachin has joined #openstack-nova		03:51
*** k_mouza has joined #openstack-nova		04:00
*** k_mouza has quit IRC		04:05
*** zzzeek has quit IRC		04:17
*** zzzeek has joined #openstack-nova		04:17
*** zzzeek has quit IRC		04:22
*** zzzeek has joined #openstack-nova		04:23
*** mkrai has quit IRC		04:30
*** mkrai_ has joined #openstack-nova		04:30
*** spatel has quit IRC		04:48
*** ratailor has joined #openstack-nova		04:54
*** dviroel has quit IRC		04:55
*** whoami-rajat has joined #openstack-nova		04:58
*** LinPeiWen has joined #openstack-nova		05:02
*** ratailor_ has joined #openstack-nova		05:26
*** vishalmanchanda has joined #openstack-nova		05:27
*** songwenping__ has quit IRC		05:27
*** songwenping__ has joined #openstack-nova		05:28
*** ratailor has quit IRC		05:29
*** ratailor__ has joined #openstack-nova		05:34
*** ratailor_ has quit IRC		05:37
*** brinzhang has joined #openstack-nova		05:41
*** zzzeek has quit IRC		06:06
*** jamesdenton has quit IRC		06:27
*** jamesdenton has joined #openstack-nova		06:28
*** zzzeek has joined #openstack-nova		06:41
*** bnemec has quit IRC		06:41
*** bnemec has joined #openstack-nova		06:49
*** mkrai_ has quit IRC		06:55
*** links has joined #openstack-nova		06:59
songwenping__	melwitt: hi, your process is right, the guest xml is live update but it doesnot work unless we reboot the guest. this is really a problem.	07:06
*** luksky has joined #openstack-nova		07:19
*** ralonsoh has joined #openstack-nova		07:37
*** khomesh24 has joined #openstack-nova		07:39
*** belmoreira has joined #openstack-nova		07:44
*** rcernin has quit IRC		07:44
*** rpittau\|afk is now known as rpittau		07:52
*** dklyle has quit IRC		08:03
brinzhang	gibi, bauzas: replied in https://review.opendev.org/c/openstack/nova/+/761452/9/nova/compute/manager.py#2101	08:08
brinzhang	gibi, bauzas: do I need to register a bug, then submit the fix?	08:09
*** ociuhandu has joined #openstack-nova		08:13
*** andrewbonney has joined #openstack-nova		08:14
*** iurygregory_ has joined #openstack-nova		08:17
*** iurygregory has quit IRC		08:18
*** sapd1 has quit IRC		08:21
*** sapd1 has joined #openstack-nova		08:21
*** ccstone has quit IRC		08:22
*** ccstone has joined #openstack-nova		08:22
bauzas	brinzhang: good afternoon for you	08:26
brinzhang	bauzas: good morning^	08:27
bauzas	brinzhang: yes, please file a bug and work on a patch if you want to fix it	08:27
brinzhang	bauzas: ack, I will file a bug, then fix it with a seperate patch	08:28
bauzas	thanks	08:28
bauzas	brinzhang: then, ping me	08:28
brinzhang	bp, thanks point this bug, this is my ignore	08:28
bauzas	and I'll see whether I can rebase my RPC API change above your change	08:29
brinzhang	bauzas: ack, cool	08:29
bauzas	because if not, you couldn't backport it to stable	08:29
brinzhang	yeah	08:29
*** ociuhandu has quit IRC		08:30
*** tosky has joined #openstack-nova		08:34
*** ociuhandu has joined #openstack-nova		08:35
*** gokhani has joined #openstack-nova		08:38
*** mkrai has joined #openstack-nova		08:41
gokhani	Hi folks, ı have a development environment which is installed by OSA Ussuri. ı have problems on nova-api side. I can observe rabbitmq timeout errors > http://paste.openstack.org/show/803175/ and rarely I am getting connection failed errors to rabbitmq on api side > http://paste.openstack.org/show/803176/. And ıt is strange behaviour now we don't	08:43
gokhani	have any uwsgi processes on nova api side. I doubt about uwsgi + nova. this is expected behaviour or there is a problem on nova, I am not sure. do you have any ideas about this ? nova = 21.1.1 and oslo.messaging version is 12.1.4	08:43
*** jdillaman has quit IRC		08:44
*** jdillaman has joined #openstack-nova		08:45
*** tbachman has quit IRC		08:53
*** tbachman has joined #openstack-nova		08:54
kashyap	stephenfin: gibi: Morning; I was away earlier yesterday. Reading the scroll; I see your question is answered on the +/- thing	08:57
kashyap	gibi: Indeed; thanks for the ACK; the separate options would've made sense if we were doing it from scratch.	08:58
kashyap	Thanks for bearing with me.	08:59
*** mkrai has quit IRC		09:04
*** mkrai has joined #openstack-nova		09:04
*** Underknowledge has joined #openstack-nova		09:11
*** lucasagomes has joined #openstack-nova		09:12
*** spatel has joined #openstack-nova		09:15
*** derekh has joined #openstack-nova		09:25
songwenping__	stephenfin: morning; there are two problems for the noVNC patch. 1. the password works after you reboot the guest 2. if you donnot pass the password when get-vnc-console, you need config `[vnc]auth_schemes = none, vnc` in /etc/nova/nova-cell1.conf for noVNC guest.	09:35
songwenping__	for the first issue, we can clarify in the docs that user need to reboot the server if set/reset password for vnc console. we can improve if the libvirt/qemu support live set/reset password.	09:38
*** khomesh24 has quit IRC		09:39
*** spatel has quit IRC		09:39
*** ociuhandu has quit IRC		09:39
stephenfin	songwenping__: to be honest, it sounds like we shouldn't allow users to change the password if that's not supported so	09:41
stephenfin	I don't think asking users to restart their instance is a reasonable request	09:41
openstackgerrit	Lucas Alvares Gomes proposed openstack/nova master: [OVN] Explicitly set nova-next job to ML2/OVS https://review.opendev.org/c/openstack/nova/+/776944	09:44
songwenping__	for the second issue, we plan to update the release note and the description of nova/conf/vnc.py for `auth_schemes`.	09:44
songwenping__	stephenfin: the libvirt docs[1] said it already support live update password, but i donnot know why it failed in my local ven. [1] https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainUpdateDeviceFlags	09:46
*** links has quit IRC		09:46
*** links has joined #openstack-nova		09:49
brinzhang	stephenfin, songwenping__:IMHO, support reset VNC password is good for the user, it can be protected thire instance opening by unknown user, if it must be reboot to take effect, can we do the first mode to support [vnc]auth_schemes=vnc?	09:55
lyarwood	stephenfin / gibi ; https://review.opendev.org/c/openstack/nova/+/778177 should be good now btw, I missed that the requirements job actually forces you to sync the in-direct LC deps to requirements that bloats the change a little	09:59
stephenfin	brinzhang: The issue is that _set_ VNC password also requires a reboot	09:59
lyarwood	as discussed with sean-k-mooney yesterday I've added a note to the PTG to discuss this mess	09:59
stephenfin	Basically to touch anything to do with VNC passwords, the instance must be restarted	09:59
*** ociuhandu has joined #openstack-nova		10:04
brinzhang	stephenfin: can you check this libvirt docs? https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainUpdateDeviceFlags does it means it cannot be reset password if flags=LIVE(1)?	10:05
brinzhang	E.g. the hypervisor driver will return failure if LIVE is specified but it only supports modifying the persisted device allocation., so the VNC password isnot blongs to the persisted device?	10:06
*** xek has joined #openstack-nova		10:07
songwenping__	stephenfin: we just need reboot first time to set password, if we reset the password again, we donnot need reboot the server any more.	10:09
gibi	brinzhang: I agree to have a bug reported and fixing it in a separate patch	10:10
songwenping__	from none -> vnc need to reboot, from vnc -> vnc donnot need to reboot	10:10
brinzhang	gibi: I have filed the bug, and will be submited the fix later ^, pls see bug 1917592	10:11
openstack	bug 1917592 in OpenStack Compute (nova) "Missed 'accel_uuids' when we the 'shelved_offload_time' time out in shelving instance periodic task" [Medium,New] https://launchpad.net/bugs/1917592 - Assigned to Brin Zhang (zhangbailin)	10:11
gibi	brinzhang: thanks	10:11
brinzhang	gibi: np, thanks for your mind too	10:11
gibi	lyarwood: thanks I]	10:13
gibi	lyarwood: thanks I'm +2	10:13
lyarwood	cheers	10:19
*** lpetrut has joined #openstack-nova		10:22
lyarwood	random question, does anyone know why we don't use the instance UUID as the domain name within libvirt?	10:22
lyarwood	trying to debug a live migration failure on stable/ussuri and hate having to lookup the domain name in the logs	10:22
gibi	lyarwood: good question, we probably need a historian to answer itr	10:26
kashyap	Yeah, I don't remember that answer either; and wondered the same in the past	10:28
kashyap	But the guest XML records both instance-YYYYYYY and the UUID	10:28
stephenfin	brinzhang: Yeah, looking now	10:28
*** ociuhandu has quit IRC		10:28
stephenfin	brinzhang: songwenping__: IMO we need to fix this and figure out how to get VNC password working with TLS. At the moment, enabling this means (a) no TLS, (b) you have to restart the instance to use the feature, and (c) you have to do some funky nova.conf changes for things to work	10:30
stephenfin	Also (d) you're stuck with 8 characters (not our fault, but unfortunate all the same)	10:30
stephenfin	Not a good UX /o\	10:30
stephenfin	brinzhang: I know it's a lot of work that you said you don't want to do it, but I would still seriously suggest switching the order of the VNC password and tenant_id -> project_id series	10:31
lyarwood	kashyap: yeah thats fine in live envs, just a PITA when you only have logs to debug things	10:32
lyarwood	kashyap: I think it might be that libvirt couldn't fit the entire UUID in the name or something?	10:32
kashyap	lyarwood: Yeah, no denying; I just let the steam out by cussing	10:32
*** nightmare_unreal has joined #openstack-nova		10:32
kashyap	lyarwood: Hmm, that I don't remember. But lemme quickly test by creating a domain name with the UUID :)	10:32
stephenfin	The VNC series is at huge risk due to all those concerns. I can't in good faith merge what I consider to be a broken feature :-( Hopefully we can address them before feature freeze but it will prevent the other series landing until we do	10:33
kashyap	lyarwood: Ah, so: libvirt seems to be smart here:	10:34
lyarwood	aaaaaaaaaah it's instance.name	10:34
kashyap	lyarwood: When I tried to live-modify a guest's name from s/cvm1/64ba587c-57a7-44c0-94ec-5444e5268c4e/ --> libvirt tells me: "well, the guest already has a UUID"	10:35
kashyap	I tried removing dashes and plug the dash-less UUID into <name/>, it still detects.	10:35
lyarwood	okay, we can't really change this anyway, it's just annoying	10:36
*** k_mouza has joined #openstack-nova		10:36
kashyap	Yeah, libvirt explicitly rejects a UUID for a domain "name"	10:37
*** ociuhandu has joined #openstack-nova		10:37
kashyap	s/Yeah,/Yeah, and/	10:37
* lyarwood wonders if it would be worth adding some log collection that lists instance uuids and instance names somewhere		10:38
lyarwood	not sure how we'd do that after the test run	10:38
kashyap	lyarwood: You mean, you want a file logged a mapping of UUIDs with instance names?	10:38
lyarwood	yeah but I don't think that's going to be possible after tempest has already deleted everything	10:40
kashyap	Hmm, true	10:40
*** jangutter has joined #openstack-nova		10:41
*** jangutte_ has joined #openstack-nova		10:43
openstackgerrit	Stephen Finucane proposed openstack/nova master: console: Improve logging https://review.opendev.org/c/openstack/nova/+/778407	10:43
*** jangutter_ has quit IRC		10:44
*** jangutter has quit IRC		10:46
*** mkrai has quit IRC		10:47
lyarwood	gibi: https://review.opendev.org/q/topic:spec/libvirt-default-machine-type+status:open should be ready for review this week btw, not sure if you want to move it into a runway slot or not.	10:55
*** dviroel has joined #openstack-nova		11:05
gibi	lyarwood: I added to my queue, I see stephenfin is already +2 so I prioritize this	11:06
*** jangutter has joined #openstack-nova		11:07
*** luksky has quit IRC		11:07
lyarwood	gibi: yup thanks, I'm around all day for respins etc so let me know if you have any questions	11:07
gibi	OK	11:07
*** luksky has joined #openstack-nova		11:08
*** jangutte_ has quit IRC		11:09
*** luksky has quit IRC		11:09
*** zoharm has joined #openstack-nova		11:11
*** iurygregory_ is now known as iurygregory		11:19
slaweq	hi nova team :)	11:23
gibi	slaweq: hi!	11:23
slaweq	I need Your help with some ci issue	11:23
slaweq	we saw, mostly in stable/train errors like in https://a574f9c0fd4ca92b7603-2045be852d43868eb95da6cc3429b40d.ssl.cf2.rackcdn.com/777334/2/check/neutron-tempest-dvr-ha-multinode-full/44d0207/testr_results.html recently	11:23
slaweq	do You have any idea why there is no host for cold-migration or resize in that job?	11:23
slaweq	hi gibi :)	11:25
* gibi clicks		11:25
bauzas	stephenfin: saw my weak -1 on your apidb change for Ocata ? https://review.opendev.org/c/openstack/nova/+/759402/4	11:25
*** luksky has joined #openstack-nova		11:25
bauzas	I don't really to vote -1 on a commit msg miss, but I feel this is important to comment the fact that we don't care about a specific DB migration	11:25
bauzas	really like*	11:26
bauzas	and a commit msg can't be patched by a FUP...	11:26
gibi	slaweq: is it happens all the time or just sometimes?	11:28
slaweq	gibi: on train I think that all the time	11:29
slaweq	or at least very often	11:29
slaweq	gibi: in scheduler log I see something like:	11:30
*** bhagyashris is now known as bhagyashris\|rove		11:30
slaweq	Mar 03 10:32:31.142569 ubuntu-bionic-rax-ord-0023272867 nova-scheduler[24545]: INFO nova.scheduler.host_manager [None req-657ecf60-4fba-4168-9613-3c57d01bdcb7 tempest-MinBwAllocationPlacementTest-1587030703 tempest-MinBwAllocationPlacementTest-1587030703-project-admin] Host filter ignoring hosts: ubuntu-bionic-rax-ord-0023272867	11:30
*** bhagyashris\|rove is now known as bhagyashri\|rover		11:30
gibi	slaweq: ack, give me some time to dive into the logs	11:30
slaweq	and then next message that " There are 0 hosts available but 1 instances requested to build."	11:30
slaweq	gibi: sure, I will open LP for that to track it	11:30
slaweq	thx for help	11:30
gibi	slaweq: thanks for reporting it	11:31
slaweq	it's not very urgent for us as this is non-voting job :)	11:31
slaweq	so take Your time	11:31
brinzhang	stephenfin: (songwenping_)from none -> vnc need to reboot, from vnc -> vnc donnot need to reboot I still think from docs or a bug trace this is a good choice	11:31
slaweq	gibi: https://bugs.launchpad.net/nova/+bug/1917610	11:40
openstack	Launchpad bug 1917610 in OpenStack Compute (nova) "Migration and resize tests from tempest.scenario.test_minbw_allocation_placement.MinBwAllocationPlacementTest failing in neutron-tempest-dvr-ha-multinode-full" [Undecided,New]	11:40
slaweq	reported	11:40
*** ociuhandu has quit IRC		11:41
openstackgerrit	Brin Zhang proposed openstack/nova master: Add missed accel_uuids for _poll_shelved_instances https://review.opendev.org/c/openstack/nova/+/778440	11:54
stephenfin	brinzhang: I don't :(	11:57
openstackgerrit	Stephen Finucane proposed openstack/nova master: apidb: Compact Ocata database migrations https://review.opendev.org/c/openstack/nova/+/759402	11:57
stephenfin	bauzas: Is that okay? ^	11:58
stephenfin	I'll rebase the rest of the series on top if so	11:58
brinzhang	bauzas: fixed that bug, pls see https://review.opendev.org/c/openstack/nova/+/778440	11:58
*** legochen has quit IRC		12:00
*** ociuhandu has joined #openstack-nova		12:12
*** ociuhandu has quit IRC		12:17
*** martinkennelly has joined #openstack-nova		12:18
brinzhang	stephenfin: we will re-search, and make sure whether can reset passwrod and without restart the server	12:22
brinzhang	s/and//	12:22
gibi	slaweq: responded in https://bugs.launchpad.net/nova/+bug/1917610 with alternatives to either fix the job definition in neutron or fix the test precoditions in tempest	12:28
openstack	Launchpad bug 1917610 in OpenStack Compute (nova) "Migration and resize tests from tempest.scenario.test_minbw_allocation_placement.MinBwAllocationPlacementTest failing in neutron-tempest-dvr-ha-multinode-full" [Undecided,New]	12:28
*** hemanth_n has quit IRC		12:32
*** hemanth_n has joined #openstack-nova		12:36
slaweq	gibi: thx	12:37
slaweq	gibi: proposed fix https://review.opendev.org/c/openstack/tempest/+/778451 and dnm test patch https://review.opendev.org/c/openstack/neutron/+/778452	12:37
*** ociuhandu has joined #openstack-nova		12:37
slaweq	let's check if that will help	12:37
gibi	tht was fast :)	12:38
gibi	wondering why this is only hit on stable/train. It should fail on any newer than train too	12:38
*** hemanth_n has quit IRC		12:40
*** legochen_ has joined #openstack-nova		12:42
*** legochen_ is now known as legochen		12:43
gibi	lyarwood: I see an issue in https://review.opendev.org/c/openstack/nova/+/769548/12/nova/cmd/manage.py#2631	12:47
lyarwood	ah sorry, I thought I had sorted that out	12:53
gibi	the update command looks good, you only missed the get	12:54
lyarwood	yeah my bad	12:56
*** psachin has quit IRC		13:01
*** ratailor__ has quit IRC		13:19
*** jangutter_ has joined #openstack-nova		13:34
*** jangutter has quit IRC		13:37
*** spatel has joined #openstack-nova		13:40
*** hemanth_n has joined #openstack-nova		13:41
*** hemanth_n has quit IRC		13:45
openstackgerrit	Balazs Gibizer proposed openstack/nova master: Fix ImageBackendFixture not to support direct_snapshot https://review.opendev.org/c/openstack/nova/+/778462	13:47
openstackgerrit	Lee Yarwood proposed openstack/nova master: libvirt: Simplify device_path check in _detach_encryptor https://review.opendev.org/c/openstack/nova/+/778463	13:49
gibi	lyarwood: also could you check my question in https://review.opendev.org/c/openstack/nova/+/774898/7/nova/tests/functional/libvirt/test_machine_type.py#388 and the follow up I pushed?	13:49
lyarwood	gibi: I was about to ask if that was related	13:50
lyarwood	looking now	13:50
lyarwood	just had to push the above fix before switching back to this	13:50
gibi	yepp it is a fixture fix	13:51
gibi	to enable the unshelve test	13:51
lyarwood	wonderful	13:53
lyarwood	gibi: would you mind if I just pulled in that fix ahead of the new func test	13:54
gibi	lyarwood: sure	13:54
lyarwood	thanks	13:54
*** ociuhandu has quit IRC		13:58
gibi	lyarwood: overall I'm +2 on the machine type series I will quickly re-review it once you respin it	13:59
*** ociuhandu has joined #openstack-nova		13:59
lyarwood	gibi: thanks, just waiting on a local func run now and I'll push	14:00
gibi	ack	14:00
*** ociuhandu has quit IRC		14:04
openstackgerrit	Lee Yarwood proposed openstack/nova master: nova-manage: Add libvirt get_machine_type command https://review.opendev.org/c/openstack/nova/+/769548	14:04
openstackgerrit	Lee Yarwood proposed openstack/nova master: nova-manage: Add libvirt update_machine_type command https://review.opendev.org/c/openstack/nova/+/774896	14:04
openstackgerrit	Lee Yarwood proposed openstack/nova master: nova-manage: Add libvirt list_unset_machine_type command https://review.opendev.org/c/openstack/nova/+/774897	14:04
openstackgerrit	Lee Yarwood proposed openstack/nova master: nova-status: Add hw_machine_type check for libvirt instances https://review.opendev.org/c/openstack/nova/+/770643	14:04
openstackgerrit	Lee Yarwood proposed openstack/nova master: Fix ImageBackendFixture not to support direct_snapshot https://review.opendev.org/c/openstack/nova/+/778462	14:04
openstackgerrit	Lee Yarwood proposed openstack/nova master: libvirt: Add a config update workflow test for [libvirt]hw_machine_type https://review.opendev.org/c/openstack/nova/+/774898	14:04
openstackgerrit	Lee Yarwood proposed openstack/nova master: docs: Add admin docs for configuring and updating machine types https://review.opendev.org/c/openstack/nova/+/774899	14:04
gibi	on it ^^	14:05
*** ociuhandu has joined #openstack-nova		14:07
gibi	stephenfin: you blessing is needed on some of the patches in the machine_type series as lyarwood respined it	14:13
stephenfin	ack, will take a look shortly	14:13
stephenfin	(in a meeting atm :()	14:13
*** links has quit IRC		14:15
openstackgerrit	Lee Yarwood proposed openstack/nova master: libvirt: Simplify device_path check in _detach_encryptor https://review.opendev.org/c/openstack/nova/+/778463	14:16
*** jangutter_ has quit IRC		14:16
*** jangutter has joined #openstack-nova		14:16
*** takamatsu has joined #openstack-nova		14:17
*** jdillaman has quit IRC		14:18
*** jdillaman has joined #openstack-nova		14:18
stephenfin	gibi: Need your +2 again on https://review.opendev.org/c/openstack/nova/+/759402/ too. I just changed the commit message per bauzas' request	14:20
stephenfin	Please and thanks :)	14:20
gibi	on it	14:20
*** songwenping__ has quit IRC		14:20
bauzas	gibi: stephenfin: fast approved as this is only a commit msg update	14:20
stephenfin	sweet	14:20
stephenfin	I'll rebase the rest of that series on top of that shortly so	14:21
gibi	stading down...	14:21
gibi	anyhow it failed in zuul with a valid reason. unused import /o\	14:25
stephenfin	oh, weird	14:27
*** iurygregory has quit IRC		14:27
*** ociuhandu has quit IRC		14:27
*** ociuhandu has joined #openstack-nova		14:28
*** iurygregory has joined #openstack-nova		14:29
stephenfin	I think I broke Gerrit	14:30
stephenfin	Stuck on publishing edit for at least 2 minutes /o\	14:31
openstackgerrit	Stephen Finucane proposed openstack/nova master: apidb: Compact Ocata database migrations https://review.opendev.org/c/openstack/nova/+/759402	14:31
stephenfin	phew	14:31
stephenfin	gibi: bauzas: Removed that import. Conflict was due to I532c7918a8e2c887f29d2f0e1e33b80f2b3a7507	14:31
bauzas	+Wd	14:32
gibi	yepp	14:33
*** ociuhandu has quit IRC		14:33
gibi	stephenfin: this needs a +A (there is 2 +2) https://review.opendev.org/c/openstack/nova/+/757615/8	14:35
gibi	also if somebody could +2 the https://review.opendev.org/c/openstack/nova/+/778177/2 that would be nice to unblock the hyperv rbd series	14:39
*** ociuhandu has joined #openstack-nova		14:40
gmann	gibi: done on 778177	14:42
gibi	thanks!	14:42
gmann	removing indirect deps will help in these kind of constraints issue	14:42
gibi	gmann: we have a PTG topic around that https://etherpad.opendev.org/p/nova-xena-ptg L39	14:44
gmann	gibi: +1 and I think by this or next week I will be able to get consensus in TC also and have some reference document too.	14:45
gibi	cool	14:45
gmann	stephenfin: do you need help on this? you might have forget this policy change - https://review.opendev.org/c/openstack/nova/+/765798	14:46
gmann	last one for that BP as client one is also +A now	14:46
stephenfin	gmann: Yes, please. I've gotten dragged into UEFI secure boot reviews and haven't been able to round back on that	14:46
gmann	stephenfin: sure.	14:47
*** zoharm has quit IRC		14:47
stephenfin	gibi: +W on https://review.opendev.org/c/openstack/nova/+/757615/ In general I have no issues with you +W your own patches after a rebase and I do it myself all the time. I doubt anyone would disagree :)	14:57
*** zoharm has joined #openstack-nova		14:57
gibi	ack, thanks	14:57
*** jdillaman has quit IRC		15:00
*** mkrai has joined #openstack-nova		15:02
*** LinPeiWen has quit IRC		15:06
*** lpetrut has quit IRC		15:09
openstackgerrit	Stephen Finucane proposed openstack/nova master: apidb: Compact Pike database migrations https://review.opendev.org/c/openstack/nova/+/759403	15:11
*** happyhemant has joined #openstack-nova		15:13
ralonsoh	hi stephenfin, I have one quick question. When you migrated to privsep, did you have any long lived process to be executed as root?	15:16
ralonsoh	in other words, do you spawn any daemon/server/etc that requires root permissions?	15:16
openstackgerrit	Stephen Finucane proposed openstack/nova master: apidb: Compact Queens database migrations https://review.opendev.org/c/openstack/nova/+/759404	15:17
stephenfin	ralonsoh: I don't think so. We just escalate when we need to	15:17
ralonsoh	stephenfin, without rootwrap, of course	15:18
stephenfin	iirc privsep is run under a rootwrap daemon	15:18
stephenfin	so rootwrap is still there	15:18
ralonsoh	yes, but only privsep	15:19
*** luksky has quit IRC		15:19
*** luksky has joined #openstack-nova		15:19
*** luksky has quit IRC		15:19
ralonsoh	I mean, the privsep daemon. In anycase, you still use rootwrap	15:19
stephenfin	Mostly. I recall there being some rootwrap filters left for some os-brick stuff	15:20
atmark	hello, is there to another option in the config to move the cold migration target to different interface? I know for live you can set live_migration_inbound_addr but how about for cold migration?	15:21
ralonsoh	stephenfin, thanks!!	15:21
stephenfin	atmark: I'm not aware of such a mechanism, no	15:21
atmark	The cold migration still uses the management interface even if I have live_migration_inbound_addr	15:23
atmark	in a different interface	15:24
sean-k-mooney	atmark: yes it will	15:33
sean-k-mooney	live_migration_inbound_addr is only for live migration	15:33
sean-k-mooney	you can adres this via kernel routes	15:34
*** luksky has joined #openstack-nova		15:36
*** hemna has quit IRC		15:39
*** hemna has joined #openstack-nova		15:40
*** dklyle has joined #openstack-nova		15:40
*** jangutter_ has joined #openstack-nova		15:51
*** jangutter has quit IRC		15:54
*** zoharm has quit IRC		15:55
openstackgerrit	Stephen Finucane proposed openstack/nova master: apidb: Compact Rocky database migrations https://review.opendev.org/c/openstack/nova/+/759405	16:02
openstackgerrit	Stephen Finucane proposed openstack/nova master: apidb: Compact Stein database migrations https://review.opendev.org/c/openstack/nova/+/759406	16:03
openstackgerrit	Stephen Finucane proposed openstack/nova master: apidb: Compact Train database migrations https://review.opendev.org/c/openstack/nova/+/771420	16:05
*** mkrai has quit IRC		16:05
*** mkrai has joined #openstack-nova		16:05
*** takamatsu has quit IRC		16:11
*** ociuhandu has quit IRC		16:15
openstackgerrit	Sylvain Bauza proposed openstack/nova master: Bump the Compute RPC API to version 6.0 https://review.opendev.org/c/openstack/nova/+/761452	16:18
bauzas	dansmith: gibi: stephenfin: artom: updated based on your feedbacks ^	16:19
*** gokhani has quit IRC		16:19
gibi	bauzas: looking	16:19
bauzas	tl;dr: removed the unused args from the RPC methods stephenfin told + changed the numa tests to pin to 5.max instead	16:20
*** mkrai has quit IRC		16:23
openstackgerrit	Merged openstack/python-novaclient master: Add support for microversion v2.88 https://review.opendev.org/c/openstack/python-novaclient/+/770573	16:23
belmoreira	recently found this behaviour in Nova: https://bugs.launchpad.net/nova/+bug/1917645 and I'm not sleeping well since :) not sure if this should be Nova or Oslo. I would appreciate some guidance.	16:25
openstack	Launchpad bug 1917645 in OpenStack Compute (nova) "Nova can't create instances if RabbitMQ notification cluster is down" [Undecided,New]	16:25
*** smcginnis has quit IRC		16:25
*** macz_ has joined #openstack-nova		16:25
bauzas	belmoreira: if the rabbit is down, how the conductor and scheduler could help the nova-api service to tell which host ?	16:29
bauzas	that actually reminds me preemptible instances	16:29
belmoreira	we have an independent rabbit for everything	16:29
bauzas	some kind of instance that would be pre-created	16:29
belmoreira	bauzas each cell has it's own rabbit, including one for the support conductor/scheduler. Then we have a rabbit for the notifications	16:30
belmoreira	support/super	16:31
bauzas	oh sorry, I missed the fact you were mentioning the notifications rabbit	16:31
*** ociuhandu has joined #openstack-nova		16:31
bauzas	and not the API MQ or the cell MQs	16:31
bauzas	I guess we hold on emitting notifications	16:32
belmoreira	I was expecting that behaviour (maybe with an error msg), but in reality instances can't be created	16:33
belmoreira	was looking into the config options that I think this is not handled at all	16:33
gibi	belmoreira: I think we need to warp the notification sending with some exception handler and log a WARNING if the notification sending failed but not block the actual work	16:33
*** smcginnis has joined #openstack-nova		16:34
belmoreira	gibi +1	16:35
gibi	belmoreira: I think we simply did not have those error handled properly in the current code	16:35
gibi	one can argue that not delivering a notification could mean some external system become desynced	16:36
belmoreira	gibi I agree, but in that case should be configurable	16:36
gibi	belmoreira: hm, that could work. Something like notification_failure_is_fatal config option	16:37
gibi	so if somebody use the notification interface for charging customers based on usage then that deployer would likely make this config True	16:38
belmoreira	makes sense to me	16:38
gibi	me to	16:41
gibi	o	16:41
belmoreira	I'm not familiar with the notifications code. Is this something that someone can have a look?	16:44
gibi	I can take a look but my backlog is pretty long so it will take time to reach that bug	16:44
*** macz_ has quit IRC		16:46
belmoreira	thanks gibi, meanwhile I can have a look but definitely I will need some guidance	16:46
gibi	belmoreira: sure, let me know if you have questions	16:47
*** macz_ has joined #openstack-nova		16:47
belmoreira	thanks a lot	16:48
*** Madkiss has quit IRC		16:48
bauzas	gibi: belmoreira: sorry wrapped into a meeting, but the approach looks good to me	16:49
*** mlavalle has joined #openstack-nova		16:51
openstackgerrit	Balazs Gibizer proposed openstack/nova master: Remove non-libguestfs file injection for libvirt https://review.opendev.org/c/openstack/nova/+/324720	16:57
openstackgerrit	Balazs Gibizer proposed openstack/nova master: Remove VFSLocalFS https://review.opendev.org/c/openstack/nova/+/778506	16:58
*** luksky has quit IRC		16:59
kashyap	gibi: Interesting that you revived it (I agree). Anything in particular that made you revive?	16:59
gibi	kashyap: the security bug behind it become public a week ago	17:00
gibi	kashyap: and also we removed Xen support so one less complication	17:00
kashyap	Argh, rotting security bugs :-(	17:00
gibi	yepp	17:00
*** luksky has joined #openstack-nova		17:00
*** hemna has quit IRC		17:01
*** ralonsoh has quit IRC		17:01
*** pmannidi has quit IRC		17:01
*** hoonetorg has quit IRC		17:01
*** stand has quit IRC		17:01
*** etp has quit IRC		17:01
*** lifeless_ has quit IRC		17:01
*** mgoddard has quit IRC		17:01
*** hack-char has quit IRC		17:01
kashyap	gibi: Right; fair enough. That problem is real ...	17:01
*** lucasagomes has quit IRC		17:02
*** openstackgerrit has quit IRC		17:02
*** spatel has quit IRC		17:03
bauzas	gibi: urgent review needs on them, I guess ?	17:03
gibi	bauzas: no, it is a really old security bug	17:04
gibi	so no need to rush	17:04
gibi	it just become stuck in private state until the secu team did a spring cleaning recently	17:04
bauzas	gibi: okay, focusing on blueprints reviews, but I can take a look at them later	17:04
gibi	and made the bug public	17:04
gibi	bauzas: sure, thanks	17:05
*** ralonsoh has joined #openstack-nova		17:05
*** stand has joined #openstack-nova		17:05
*** hemna has joined #openstack-nova		17:07
*** pmannidi has joined #openstack-nova		17:07
*** hoonetorg has joined #openstack-nova		17:07
*** etp has joined #openstack-nova		17:07
*** lifeless_ has joined #openstack-nova		17:07
*** mgoddard has joined #openstack-nova		17:07
*** hack-char has joined #openstack-nova		17:07
*** spatel has joined #openstack-nova		17:07
sean-k-mooney	thats the one we talked about 2 weeks ago in teh meeting right	17:10
sean-k-mooney	i assume you revied the old patches	17:10
gibi	sean-k-mooney: yes, I revived, rebased, and realized the we deleted Xen since so I put a cleanup top of it	17:11
gibi	sean-k-mooney: but the basic idea is the same	17:11
gibi	sean-k-mooney: fail to boot if file injection is requested but libguestfs is not available on the compute	17:11
sean-k-mooney	cool ill try and review this this week	17:11
gibi	sean-k-mooney: thanks	17:11
sean-k-mooney	by the way i saw your question on the port numa patches. ill hopefully get time to rebase that tomorrow to address it i just need to fix that env i was using it for something else but ill do that in the morning	17:12
sean-k-mooney	thanks for taking a look	17:12
gibi	ack	17:13
bauzas	sean-k-mooney: just a quick q, why do we need to pass the list of ARQs when shelving an instance ? I guess this is for the cyborg-agent to free up the resources ?	17:19
bauzas	context : https://review.opendev.org/c/openstack/nova/+/778440/1/nova/compute/manager.py	17:19
*** ociuhandu_ has joined #openstack-nova		17:21
*** nightmare_unreal has quit IRC		17:23
*** ociuhandu has quit IRC		17:25
sean-k-mooney	bauzas: we need to free them yes	17:25
sean-k-mooney	so its for unbinding them	17:25
sean-k-mooney	technially its only needed for the shelve_offload part	17:25
*** ociuhandu_ has quit IRC		17:26
bauzas	yup, that's what I guessed	17:26
*** macz_ has quit IRC		17:27
*** ociuhandu has joined #openstack-nova		17:32
sean-k-mooney	i commented in line but i dont think this is a ddos vector really	17:36
sean-k-mooney	the new api query only happens if the instance has cyborg resoucs. and it will happen only once per shleved instance	17:36
*** ociuhandu has quit IRC		17:37
sean-k-mooney	bauzas: we also prefilter the list by the timeout and only do this for instance that have exceed the time out so we wont check this on every iteration of the perodic	17:38
sean-k-mooney	pulling the client out of the loop is not a bad idea	17:39
bauzas	sure, but I wonder whether some malicious user could create 10000 small instances by one and wait for 3600secs	17:39
sean-k-mooney	i mean they would hit there instance quota right	17:40
sean-k-mooney	shelved instances still count to that	17:40
bauzas	the problem is that we call N times the cyborg api	17:40
bauzas	at the same time	17:40
bauzas	and you multiply by the periodic value	17:40
sean-k-mooney	ya but you cant avoid that wihout caching the info in nova which we do not do intentionally	17:41
bauzas	maybe not an attack vector but some performance impact for sure	17:41
sean-k-mooney	i dont think it will be	17:41
bauzas	on a large cloud with 10000 instances being shelved at the same time from the same tenant, cyborg will face 10000 times a connection roundtrip	17:42
sean-k-mooney	if the nova api is beefy enought to handel the 10000 shleve api calls then the cyborg one should be able to handel 10000 arq lookups	17:42
bauzas	from different tenants*	17:42
bauzas	that's a periodic	17:42
bauzas	not an API straight call	17:42
sean-k-mooney	sure i know	17:42
bauzas	during those 3600 secs, you can create and shelve as much instances as you want	17:42
sean-k-mooney	right but we defualt to 0	17:43
bauzas	but once the periodic runs, it will pick all the shelved instances during this window	17:43
sean-k-mooney	e.g. offloading without a delay	17:43
sean-k-mooney	so for it to be an issue the operator has to opt in to offloading after a period of time and increase it enouch for the shelved instance to build up enough to ddos the cyborg api	17:44
sean-k-mooney	pragmatically i dont think we will enough user of cyborg+shelve +that non default config for this to realisticlly happen	17:44
sean-k-mooney	it could but the instance.save() before this would propably ddos the db before the cyborg issue was hit	17:45
sean-k-mooney	im not saying it not a valid concern i just dont think it makes it substantailly worse then it would be already	17:46
bauzas	sean-k-mooney: I'm just saying "doc it"	17:46
sean-k-mooney	well we should doc the instance.save then too right	17:46
bauzas	because shelving has a very specific implication now if you use cyborg	17:46
sean-k-mooney	well shelve offload already calls out to cinder	17:47
bauzas	well, I'm pretty sure ops size the DB write performance on the nova database	17:47
sean-k-mooney	to remove the volumn attaments right?	17:47
sean-k-mooney	and it should be calling neutron to unbind the neutron ports	17:47
sean-k-mooney	so im wonderign wny cyborg is special in this case	17:48
bauzas	actually, you're making a point	17:48
bauzas	but that doesn't infirm my theory	17:48
bauzas	which is that this periodic task can harm our dependent projects	17:49
sean-k-mooney	well im not disagreeing that it could cause issue if you misconfigred things	17:49
sean-k-mooney	yep	17:49
sean-k-mooney	i think we just have differnet levels of concners as to the effect	17:49
bauzas	anyway, I don't wanna hold this	17:50
bauzas	but I was just taking my operator hat, being afraid of my internal APIs	17:50
sean-k-mooney	moving the client out of the loop will at least stop the load on keystone	17:50
sean-k-mooney	so that proably shoudl be done in anycase	17:50
bauzas	and while I trust cinder and neutron in terms of sizing, I'd certainly take much attention to cyborg API if I know this	17:51
sean-k-mooney	ya there is less op experince with cyborg for sure	17:51
bauzas	anyway, this is nearly 7pm for me and I really worked late yesterday night, so I'll bail out	17:51
sean-k-mooney	that said at least with osp donwstream we tend to use one db server for all the dbs	17:52
sean-k-mooney	enjoy your evnening o/	17:52
* bauzas remembers when he was designing different DBs for different read/write needs :)		17:52
bauzas	like, hello keystone	17:52
bauzas	bear with me	17:53
bauzas	and give me a token that you'll store for a long period of time	17:53
bauzas	glance ? be quiet and just give me the images	17:53
bauzas	but meh, I'm diverging	17:54
bauzas	\o	17:54
sean-k-mooney	im sure cern use different dbs and rabbitmq instance for different services but many smaller clouds wont	17:55
*** derekh has quit IRC		18:05
*** rpittau is now known as rpittau\|afk		18:11
*** andrewbonney has quit IRC		18:23
*** ralonsoh has quit IRC		18:23
*** lpetrut has joined #openstack-nova		18:38
*** xek has quit IRC		18:47
*** lpetrut has quit IRC		18:49
*** tbachman_ has joined #openstack-nova		19:27
*** tbachman has quit IRC		19:31
*** tbachman_ is now known as tbachman		19:31
*** whoami-rajat has quit IRC		19:50
*** lifeless_ is now known as lifeless		19:56
*** spatel has quit IRC		19:58
*** spatel has joined #openstack-nova		20:00
*** slaweq has quit IRC		20:04
*** happyhemant has quit IRC		20:13
*** spatel has quit IRC		20:35
*** spatel has joined #openstack-nova		20:38
*** rcernin has joined #openstack-nova		20:46
*** k_mouza has quit IRC		20:49
*** openstackgerrit has joined #openstack-nova		20:56
openstackgerrit	Merged openstack/nova master: requirements.txt: Bump os-brick to 4.2.0 https://review.opendev.org/c/openstack/nova/+/778177	20:56
*** slaweq has joined #openstack-nova		20:57
*** gyee has joined #openstack-nova		21:01
openstackgerrit	Merged openstack/nova master: Remove unused Instance method https://review.opendev.org/c/openstack/nova/+/757615	21:01
*** slaweq has quit IRC		21:07
*** rcernin has quit IRC		21:17
*** gary_perkins has joined #openstack-nova		21:27
*** irclogbot_3 has quit IRC		21:33
*** bauzas has quit IRC		21:33
*** sean-k-mooney has quit IRC		21:33
*** ianw has quit IRC		21:33
*** tristanC has quit IRC		21:33
*** DinaBelova has quit IRC		21:33
*** amotoki has quit IRC		21:33
*** zer0c00l has quit IRC		21:33
*** atmark has quit IRC		21:33
*** johnthetubaguy has quit IRC		21:33
*** irclogbot_3 has joined #openstack-nova		21:34
*** bauzas has joined #openstack-nova		21:34
*** sean-k-mooney has joined #openstack-nova		21:34
*** ianw has joined #openstack-nova		21:34
*** atmark has joined #openstack-nova		21:34
*** tristanC has joined #openstack-nova		21:34
*** DinaBelova has joined #openstack-nova		21:34
*** amotoki has joined #openstack-nova		21:34
*** zer0c00l has joined #openstack-nova		21:34
*** johnthetubaguy has joined #openstack-nova		21:34
openstackgerrit	Merged openstack/nova master: hyper-v rbd volume support https://review.opendev.org/c/openstack/nova/+/763550	21:38
*** zzzeek has quit IRC		21:44
*** zzzeek has joined #openstack-nova		21:45
*** rcernin has joined #openstack-nova		22:05
*** rcernin has quit IRC		22:11
*** rcernin has joined #openstack-nova		22:11
*** jamesdenton has quit IRC		22:15
*** jamesdenton has joined #openstack-nova		22:15
*** spatel has quit IRC		22:28
*** belmoreira has quit IRC		22:35
*** spatel has joined #openstack-nova		22:39
*** spatel has quit IRC		22:39
*** k_mouza has joined #openstack-nova		22:49
*** efried has quit IRC		22:53
*** k_mouza has quit IRC		22:54
*** efried has joined #openstack-nova		22:54
*** rcernin has quit IRC		22:56
*** rcernin has joined #openstack-nova		23:01
*** k_mouza has joined #openstack-nova		23:17
*** k_mouza has quit IRC		23:22
*** rcernin has quit IRC		23:26
*** k_mouza has joined #openstack-nova		23:27
*** k_mouza has quit IRC		23:31
*** k_mouza has joined #openstack-nova		23:36
*** luksky has quit IRC		23:39
*** zzzeek has quit IRC		23:40
*** k_mouza has quit IRC		23:41
*** mgariepy has quit IRC		23:42
*** zzzeek has joined #openstack-nova		23:42
*** vishalmanchanda has quit IRC		23:44
*** mgariepy has joined #openstack-nova		23:55

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!